bump version

Snyk has created this PR to upgrade stripe from 8.195.0 to 8.196.0.

See this package in npm:
https://www.npmjs.com/package/stripe

See this project in Snyk:
https://app.snyk.io/org/davehorton/project/b7e09765-19b2-4aa5-90ba-10432e250041?utm_source=github&utm_medium=referral&page=upgrade-pr

.github/workflows/docker-publish-dbcreate.yml

@@ -0,0 +1,51 @@
+name: Docker
+
+on:
+  push:
+    # Publish `main` as Docker `latest` image.
+    branches:
+      - main
+
+    # Publish `v1.2.3` tags as releases.
+    tags:
+      - v*
+
+env:
+  IMAGE_NAME: db-create
+
+jobs:
+  push:
+
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build image
+        run: docker build . --file Dockerfile.db-create --tag $IMAGE_NAME
+
+      - name: Log into registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Push image
+        run: |
+          IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+
+          # Strip git ref prefix from version
+          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
+
+          # Strip "v" prefix from tag name
+          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
+
+          # Use Docker `latest` tag convention
+          [ "$VERSION" == "main" ] && VERSION=latest
+
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+
+          docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
+          docker push $IMAGE_ID:$VERSION

.github/workflows/docker-publish.yml

@@ -0,0 +1,51 @@
+name: Docker
+
+on:
+  push:
+    # Publish `main` as Docker `latest` image.
+    branches:
+      - main
+
+    # Publish `v1.2.3` tags as releases.
+    tags:
+      - v*
+
+env:
+  IMAGE_NAME: api-server
+
+jobs:
+  push:
+
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build image
+        run: docker build . --file Dockerfile --tag $IMAGE_NAME
+
+      - name: Log into registry
+        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+
+      - name: Push image
+        run: |
+          IMAGE_ID=ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME
+
+          # Change all uppercase to lowercase
+          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
+
+          # Strip git ref prefix from version
+          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
+
+          # Strip "v" prefix from tag name
+          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
+
+          # Use Docker `latest` tag convention
+          [ "$VERSION" == "main" ] && VERSION=latest
+
+          echo IMAGE_ID=$IMAGE_ID
+          echo VERSION=$VERSION
+
+          docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
+          docker push $IMAGE_ID:$VERSION

.gitignore

@@ -1,7 +1,6 @@
 # Logs
 logs
 *.log
-package-lock.json
 
 # Runtime data
 pids

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:17
 WORKDIR /opt/app/
 COPY package.json ./
 RUN npm install

Dockerfile.db-create

@@ -1,4 +1,4 @@
-FROM node:16
+FROM node:17
 WORKDIR /opt/app/
 COPY package.json ./
 RUN npm install

app.js

@@ -9,7 +9,7 @@ const opts = Object.assign({
 const logger = require('pino')(opts);
 const express = require('express');
 const app = express();
-app.disable('x-powered-by');
+const helmet = require('helmet');
 const cors = require('cors');
 const passport = require('passport');
 const routes = require('./lib/routes');
@@ -89,6 +89,8 @@ const unless = (paths, middleware) => {
     return middleware(req, res, next);
   };
 };
+app.use(helmet());
+app.use(helmet.hidePoweredBy());
 app.use(passport.initialize());
 app.use(cors());
 app.use(express.urlencoded({extended: true}));

db/jambones-sql.sql

@@ -418,6 +418,10 @@ disable_cdrs BOOLEAN NOT NULL DEFAULT 0,
 trial_end_date DATETIME,
 deactivated_reason VARCHAR(255),
 device_to_call_ratio INTEGER NOT NULL DEFAULT 5,
+subspace_client_id VARCHAR(255),
+subspace_client_secret VARCHAR(255),
+subspace_sip_teleport_id VARCHAR(255),
+subspace_sip_teleport_destinations VARCHAR(255),
 PRIMARY KEY (account_sid)
 ) COMMENT='An enterprise that uses the platform for comm services';
 

db/reset_admin_password.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 const {promisePool} = require('../lib/db');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const {generateHashedPassword} = require('../lib/utils/password-utils');
 const sqlInsert = `INSERT into users 
 (user_sid, name, email, hashed_password, force_change, provider, email_validated) 

lib/models/account.js

@@ -2,7 +2,8 @@ const debug = require('debug')('jambonz:api-server');
 const Model = require('./model');
 const {getMysqlConnection} = require('../db');
 const {promisePool} = require('../db');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
+
 const {encrypt} = require('../utils/encrypt-decrypt');
 
 const retrieveSql = `SELECT * from accounts acc
@@ -296,7 +297,23 @@ Account.fields = [
   {
     name: 'disable_cdrs',
     type: 'number',
-  }
+  },
+  {
+    name: 'subspace_client_id',
+    type: 'string',
+  },
+  {
+    name: 'subspace_client_secret',
+    type: 'string',
+  },
+  {
+    name: 'subspace_sip_teleport_id',
+    type: 'string',
+  },
+  {
+    name: 'subspace_sip_teleport_destinations',
+    type: 'string',
+  },
 ];
 
 module.exports = Account;

lib/models/model.js

@@ -1,5 +1,5 @@
 const Emitter = require('events');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const assert = require('assert');
 const {getMysqlConnection} = require('../db');
 const {DbErrorBadRequest} = require('../utils/errors');

lib/routes/api/accounts.js

@@ -8,11 +8,11 @@ const ApiKey = require('../../models/api-key');
 const ServiceProvider = require('../../models/service-provider');
 const {deleteDnsRecords} = require('../../utils/dns-utils');
 const {deleteCustomer} = require('../../utils/stripe-utils');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const snakeCase = require('../../utils/snake-case');
 const sysError = require('../error');
 const {promisePool} = require('../../db');
-const {hasAccountPermissions, parseAccountSid} = require('./utils');
+const {hasAccountPermissions, parseAccountSid, enableSubspace, disableSubspace} = require('./utils');
 const short = require('short-uuid');
 const VoipCarrier = require('../../models/voip-carrier');
 const translator = short();
@@ -371,6 +371,58 @@ router.get('/:sid/WebhookSecret', async(req, res) => {
   }
 });
 
+router.post('/:sid/SubspaceTeleport', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
+    const results = await Account.retrieve(req.params.sid, service_provider_sid);
+    if (results.length === 0) return res.status(404).end();
+    const {subspace_client_id, subspace_client_secret} = results[0];
+    const {destination} = req.body;
+    const arr = /^(.*):\d+$/.exec(destination);
+    const dest = arr ? `sip:${arr[1]}` : `sip:${destination}`;
+
+    const teleport = await enableSubspace({
+      subspace_client_id,
+      subspace_client_secret,
+      destination: dest
+    });
+    logger.info({destination, teleport}, 'SubspaceTeleport - create teleport');
+    await Account.update(req.params.sid, {
+      subspace_sip_teleport_id: teleport.id,
+      subspace_sip_teleport_destinations: JSON.stringify(teleport.teleport_entry_points)//hacky
+    });
+
+    return res.status(200).json({
+      subspace_sip_teleport_id: teleport.id,
+      subspace_sip_teleport_destinations: teleport.teleport_entry_points
+    });
+  }
+  catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
+router.delete('/:sid/SubspaceTeleport', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
+    const results = await Account.retrieve(req.params.sid, service_provider_sid);
+    if (results.length === 0) return res.status(404).end();
+    const {subspace_client_id, subspace_client_secret, subspace_sip_teleport_id} = results[0];
+
+    await disableSubspace({subspace_client_id, subspace_client_secret, subspace_sip_teleport_id});
+    await Account.update(req.params.sid, {
+      subspace_sip_teleport_id: null,
+      subspace_sip_teleport_destinations: null
+    });
+    return res.sendStatus(204);
+  }
+  catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 /* update */
 router.put('/:sid', async(req, res) => {
   const sid = req.params.sid;

lib/routes/api/api-keys.js

@@ -3,7 +3,7 @@ const {DbErrorBadRequest} = require('../../utils/errors');
 const ApiKey = require('../../models/api-key');
 const Account = require('../../models/account');
 const decorate = require('./decorate');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const sysError = require('../error');
 const preconditions = {
   'add': validateAddToken,

lib/routes/api/register.js

@@ -4,7 +4,7 @@ const {DbErrorBadRequest, DbErrorUnprocessableRequest} = require('../../utils/er
 const {promisePool} = require('../../db');
 const {doGithubAuth, doGoogleAuth, doLocalAuth} = require('../../utils/oauth-utils');
 const {validateEmail} = require('../../utils/email-utils');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 const short = require('short-uuid');
 const translator = short();
 const jwt = require('jsonwebtoken');

lib/routes/api/sip-realm.js

@@ -2,7 +2,7 @@ const router = require('express').Router();
 const {promisePool} = require('../../db');
 const {DbErrorBadRequest} = require('../../utils/errors');
 const {createDnsRecords, deleteDnsRecords} = require('../../utils/dns-utils');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 const sysError = require('../error');
 const insertDnsRecords = `INSERT INTO dns_records 
 (dns_record_sid, account_sid, record_type, record_id) 

lib/routes/api/sms-inbound.js

@@ -1,7 +1,7 @@
 const router = require('express').Router();
 const request = require('request');
 const getProvider = require('../../utils/sms-provider');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const sysError = require('../error');
 let idx = 0;
 

lib/routes/api/speech-credentials.js

@@ -10,7 +10,8 @@ const {
   testAwsTts,
   testAwsStt,
   testMicrosoftStt,
-  testMicrosoftTts
+  testMicrosoftTts,
+  testWellSaidTts
 } = require('../../utils/speech-utils');
 
 router.post('/', async(req, res) => {
@@ -66,6 +67,12 @@ router.post('/', async(req, res) => {
       });
       encrypted_credential = encrypt(data);
     }
+    else if (vendor === 'wellsaid') {
+      const data = JSON.stringify({
+        api_key
+      });
+      encrypted_credential = encrypt(data);
+    }
     else throw new DbErrorBadRequest(`invalid speech vendor ${vendor}`);
     const uuid = await SpeechCredential.make({
       account_sid,
@@ -109,6 +116,10 @@ router.get('/', async(req, res) => {
         obj.api_key = o.api_key;
         obj.region = o.region;
       }
+      else if ('wellsaid' === obj.vendor) {
+        const o = decrypt(credential);
+        obj.api_key = o.api_key;
+      }
       return obj;
     }));
   } catch (err) {
@@ -291,6 +302,19 @@ router.get('/:sid/test', async(req, res) => {
         }
       }
     }
+    else if (cred.vendor === 'wellsaid') {
+      const {api_key} = credential;
+      if (cred.use_for_tts) {
+        try {
+          await testWellSaidTts(logger, {api_key});
+          results.tts.status = 'ok';
+          SpeechCredential.ttsTestResult(sid, true);
+        } catch (err) {
+          results.tts = {status: 'fail', reason: err.message};
+          SpeechCredential.ttsTestResult(sid, false);
+        }
+      }
+    }
     res.status(200).json(results);
   } catch (err) {
     sysError(logger, res, err);

lib/routes/api/utils.js

@@ -1,4 +1,5 @@
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
+const bent = require('bent');
 const Account = require('../../models/account');
 const {promisePool} = require('../../db');
 const {cancelSubscription, detachPaymentMethod} = require('../../utils/stripe-utils');
@@ -9,6 +10,8 @@ values (?, ?)`;
 const replaceOldSubscriptionSql = `UPDATE account_subscriptions 
 SET effective_end_date = CURRENT_TIMESTAMP, change_reason = ?  
 WHERE account_subscription_sid = ?`;
+//const request = require('request');
+//require('request-debug')(request);
 
 const setupFreeTrial = async(logger, account_sid, isReturningUser) => {
   const sid = uuid();
@@ -224,6 +227,52 @@ const checkLimits = async(req, res, next) => {
   next();
 };
 
+const getSubspaceJWT = async(id, secret) => {
+  const postJwt = bent('https://id.subspace.com', 'POST', 'json', 200);
+  const jwt = await postJwt('/oauth/token',
+    {
+      client_id: id,
+      client_secret: secret,
+      audience: 'https://api.subspace.com/',
+      grant_type: 'client_credentials',
+    }
+  );
+  return jwt.access_token;
+};
+
+const enableSubspace = async(opts) => {
+  const {subspace_client_id, subspace_client_secret, destination} = opts;
+  const accessToken = await getSubspaceJWT(subspace_client_id, subspace_client_secret);
+  const postTeleport = bent('https://api.subspace.com', 'POST', 'json', 200);
+
+  const teleport = await postTeleport('/v1/sipteleport',
+    {
+      name: 'Jambonz',
+      destination,
+      status: 'ENABLED'
+    },
+    {
+      'Content-Type': 'application/json',
+      Authorization: `Bearer ${accessToken}`
+    }
+  );
+
+  return teleport;
+};
+
+const disableSubspace = async(opts) => {
+  const {subspace_client_id, subspace_client_secret, subspace_sip_teleport_id} = opts;
+  const accessToken = await getSubspaceJWT(subspace_client_id, subspace_client_secret);
+  const relativeUrl = `/v1/sipteleport/${subspace_sip_teleport_id}`;
+  const deleteTeleport = bent('https://api.subspace.com', 'DELETE', 'json', 200);
+  await deleteTeleport(relativeUrl, {},
+    {
+      Authorization: `Bearer ${accessToken}`
+    }
+  );
+  return;
+};
+
 module.exports = {
   setupFreeTrial,
   createTestCdrs,
@@ -232,5 +281,7 @@ module.exports = {
   parseServiceProviderSid,
   hasAccountPermissions,
   hasServiceProviderPermissions,
-  checkLimits
+  checkLimits,
+  enableSubspace,
+  disableSubspace
 };

lib/utils/speech-utils.js

@@ -75,11 +75,37 @@ const testMicrosoftStt = async(logger, credentials) => {
   return true;
 };
 
+const testWellSaidTts = async(logger, credentials) => {
+  const {api_key} = credentials;
+  try {
+    const post = bent('https://api.wellsaidlabs.com', 'POST', 'buffer', {
+      'X-Api-Key': api_key,
+      'Accept': 'audio/mpeg',
+      'Content-Type': 'application/json'
+    });
+    const mp3 = await post('/v1/tts/stream', {
+      text: 'Hello, world',
+      speaker_id: '3'
+    });
+    return mp3;
+  } catch (err) {
+    logger.info({err}, 'testWellSaidTts returned error');
+    throw err;
+  }
+};
+
+const testWellSaidStt = async(logger, credentials) => {
+  //TODO
+  return true;
+};
+
 module.exports = {
   testGoogleTts,
   testGoogleStt,
   testAwsTts,
+  testWellSaidTts,
   testAwsStt,
   testMicrosoftTts,
-  testMicrosoftStt
+  testMicrosoftStt,
+  testWellSaidStt,
 };

package.json

@@ -1,11 +1,11 @@
 {
   "name": "jambonz-api-server",
-  "version": "v0.6.7-rc8",
+  "version": "v0.7.3",
   "description": "",
   "main": "app.js",
   "scripts": {
     "start": "node app.js",
-    "test": "NODE_ENV=test APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=error JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/ ",
+    "test": "NODE_ENV=test APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=info JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/ ",
     "integration-test": "NODE_ENV=test JAMBONES_TIME_SERIES_HOST=127.0.0.1 AWS_REGION='us-east-1' JAMBONES_CURRENCY=USD JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_LOGLEVEL=debug JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/serve-integration.js",
     "upgrade-db": "node ./db/upgrade-jambonz-db.js",
     "coverage": "./node_modules/.bin/nyc --reporter html --report-dir ./coverage npm run test",
@@ -17,30 +17,32 @@
     "url": "https://github.com/jambonz/jambonz-api-server.git"
   },
   "dependencies": {
-    "@google-cloud/speech": "^4.2.0",
-    "@google-cloud/text-to-speech": "^3.1.3",
-    "microsoft-cognitiveservices-speech-sdk": "^1.19.0",
-    "@jambonz/db-helpers": "^0.6.12",
-    "@jambonz/realtimedb-helpers": "^0.4.3",
-    "@jambonz/time-series": "^0.1.5",
+    "@google-cloud/speech": "^4.10.0",
+    "@google-cloud/text-to-speech": "^3.4.0",
+    "@jambonz/db-helpers": "^0.6.16",
+    "@jambonz/realtimedb-helpers": "^0.4.24",
+    "@jambonz/time-series": "^0.1.6",
     "argon2-ffi": "^2.0.0",
-    "aws-sdk": "^2.839.0",
+    "aws-sdk": "^2.1066.0",
     "bent": "^7.3.12",
     "cors": "^2.8.5",
-    "debug": "^4.3.1",
-    "express": "^4.17.1",
-    "form-data": "^2.3.3",
-    "form-urlencoded": "^6.0.4",
+    "debug": "^4.3.3",
+    "express": "^4.17.2",
+    "form-data": "^2.5.1",
+    "form-urlencoded": "^6.0.5",
+    "helmet": "^5.0.2",
     "jsonwebtoken": "^8.5.1",
-    "mailgun.js": "^3.3.0",
-    "mysql2": "^2.2.5",
-    "passport": "^0.5.0",
+    "mailgun.js": "^3.7.3",
+    "microsoft-cognitiveservices-speech-sdk": "^1.19.0",
+    "mysql2": "^2.3.3",
+    "passport": "^0.5.2",
     "passport-http-bearer": "^1.0.1",
     "pino": "^5.17.0",
+    "request-debug": "^0.2.0",
     "short-uuid": "^4.1.0",
-    "stripe": "^8.138.0",
-    "swagger-ui-express": "^4.1.6",
-    "uuid": "^3.4.0",
+    "stripe": "^8.196.0",
+    "swagger-ui-express": "^4.3.0",
+    "uuid": "^8.3.2",
     "yamljs": "^0.3.0"
   },
   "devDependencies": {

test/docker-compose-testbed.yaml

@@ -10,6 +10,7 @@ networks:
 
 services:  
   mysql:
+    platform: linux/x86_64
     image: mysql:5.7
     ports:
       - "3360:3306"
@@ -35,7 +36,8 @@ services:
         ipv4_address: 172.58.0.3
     
   influxdb:
-    image: influxdb:1.8-alpine
+    platform: linux/x86_64
+    image: influxdb:1.8
     ports:
       - "8086:8086"
     networks:

test/speech-credentials.js

@@ -133,6 +133,30 @@ test('speech credentials tests', async(t) => {
         json: true,   
       });
       console.log(JSON.stringify(result));
+    }
+
+    /* add a credential for wellsaid */
+    if (process.env.WELLSAID_API_KEY) {
+      result = await request.post(`/Accounts/${account_sid}/SpeechCredentials`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,
+        body: {
+          vendor: 'wellsaid',
+          use_for_tts: true,
+          api_key: process.env.WELLSAID_API_KEY
+        }
+      });
+      t.ok(result.statusCode === 201, 'successfully added speech credential');
+      const ms_sid = result.body.sid;
+
+      /* test the speech credential */
+      result = await request.get(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}/test`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,   
+      });
+      console.log(JSON.stringify(result));
 
       /* delete the credential */
       result = await request.delete(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}`, {
@@ -144,7 +168,6 @@ test('speech credentials tests', async(t) => {
 
     await deleteObjectBySid(request, '/Accounts', account_sid);
     await deleteObjectBySid(request, '/ServiceProviders', service_provider_sid);
-
     //t.end();
   }
   catch (err) {

test/utils.js

@@ -1,5 +1,4 @@
-const bytesToUuid = require("uuid/lib/bytesToUuid");
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 
 const ADMIN_TOKEN = '38700987-c7a4-4685-a5bb-af378f9734de';
 const authAdmin = {bearer: ADMIN_TOKEN};