From a129c3c9278150af77d306f22ed06d2139d22214 Mon Sep 17 00:00:00 2001 From: Dave Horton Date: Thu, 21 Apr 2022 13:31:22 -0400 Subject: [PATCH] bugfix: add ability to edit a speech credential by changing the region (aws or azure) --- lib/routes/api/speech-credentials.js | 95 +++++++++++++++------------- 1 file changed, 52 insertions(+), 43 deletions(-) diff --git a/lib/routes/api/speech-credentials.js b/lib/routes/api/speech-credentials.js index da364b2..69555d8 100644 --- a/lib/routes/api/speech-credentials.js +++ b/lib/routes/api/speech-credentials.js @@ -1,4 +1,5 @@ const router = require('express').Router(); +const assert = require('assert'); const SpeechCredential = require('../../models/speech-credential'); const sysError = require('../error'); const {decrypt, encrypt} = require('../../utils/encrypt-decrypt'); @@ -14,11 +15,9 @@ const { testWellSaidTts } = require('../../utils/speech-utils'); -router.post('/', async(req, res) => { - const logger = req.app.locals.logger; + +const encryptCredential = (obj) => { const { - use_for_stt, - use_for_tts, vendor, service_key, access_key_id, @@ -26,6 +25,49 @@ router.post('/', async(req, res) => { aws_region, api_key, region + } = obj; + + switch (vendor) { + case 'google': + assert(service_key, 'invalid json key: service_key is required'); + try { + const o = JSON.parse(service_key); + assert(o.client_email && o.private_key, 'invalid google service account key'); + } + catch (err) { + assert(false, 'invalid google service account key - not JSON'); + } + return encrypt(service_key); + + case 'aws': + assert(access_key_id, 'invalid aws speech credential: access_key_id is required'); + assert(secret_access_key, 'invalid aws speech credential: secret_access_key is required'); + assert(aws_region, 'invalid aws speech credential: aws_region is required'); + const awsData = JSON.stringify({aws_region, access_key_id, secret_access_key}); + return encrypt(awsData); + + case 'microsoft': + assert(region, 'invalid azure speech credential: region is required'); + assert(api_key, 'invalid azure speech credential: api_key is required'); + const azureData = JSON.stringify({region, api_key}); + return encrypt(azureData); + + case 'wellsaid': + assert(api_key, 'invalid wellsaid speech credential: api_key is required'); + const wsData = JSON.stringify({api_key}); + return encrypt(wsData); + + default: + assert(false, `invalid or missing vendor: ${vendor}`); + } +}; + +router.post('/', async(req, res) => { + const logger = req.app.locals.logger; + const { + use_for_stt, + use_for_tts, + vendor, } = req.body; const account_sid = req.user.account_sid || req.body.account_sid; let service_provider_sid; @@ -37,45 +79,7 @@ router.post('/', async(req, res) => { service_provider_sid = parseServiceProviderSid(req); } try { - let encrypted_credential; - if (vendor === 'google') { - let obj; - if (!service_key) throw new DbErrorBadRequest('invalid json key: service_key is required'); - try { - obj = JSON.parse(service_key); - if (!obj.client_email || !obj.private_key) { - throw new DbErrorBadRequest('invalid google service account key'); - } - } - catch (err) { - throw new DbErrorBadRequest('invalid google service account key - not JSON'); - } - encrypted_credential = encrypt(service_key); - } - else if (vendor === 'aws') { - const data = JSON.stringify({ - aws_region: aws_region || 'us-east-1', - access_key_id, - secret_access_key - }); - logger.info({data}, 'creating aws speech credential'); - encrypted_credential = encrypt(data); - } - else if (vendor === 'microsoft') { - const data = JSON.stringify({ - region, - api_key - }); - logger.info({data}, 'creating azure speech credential'); - encrypted_credential = encrypt(data); - } - else if (vendor === 'wellsaid') { - const data = JSON.stringify({ - api_key - }); - encrypted_credential = encrypt(data); - } - else throw new DbErrorBadRequest(`invalid speech vendor ${vendor}`); + const encrypted_credential = encryptCredential(req.body); const uuid = await SpeechCredential.make({ account_sid, service_provider_sid, @@ -197,6 +201,11 @@ router.put('/:sid', async(req, res) => { obj.use_for_stt = use_for_stt; } + /* update the credential if provided */ + try { + obj.credential = encryptCredential(req.body); + } catch (err) {} + const rowsAffected = await SpeechCredential.update(sid, obj); if (rowsAffected === 0) { return res.sendStatus(404);