add ability to create service_provider level apikeys

Bumps [node-forge](https://github.com/digitalbazaar/forge) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/digitalbazaar/forge/releases)
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](https://github.com/digitalbazaar/forge/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: node-forge
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.eslintrc.json

@@ -8,7 +8,7 @@
       "jsx": false,
       "modules": false
     },
-    "ecmaVersion": 2018
+    "ecmaVersion": 2020
   },
   "plugins": ["promise"],
   "rules": {

.gitignore

@@ -1,7 +1,6 @@
 # Logs
 logs
 *.log
-package-lock.json
 
 # Runtime data
 pids

.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/bin/sh
+. "$(dirname "$0")/_/husky.sh"
+
+npm run jslint

app.js

@@ -9,7 +9,8 @@ const opts = Object.assign({
 const logger = require('pino')(opts);
 const express = require('express');
 const app = express();
-app.disable('x-powered-by');
+const helmet = require('helmet');
+const rateLimit = require('express-rate-limit');
 const cors = require('cors');
 const passport = require('passport');
 const routes = require('./lib/routes');
@@ -89,6 +90,17 @@ const unless = (paths, middleware) => {
     return middleware(req, res, next);
   };
 };
+
+const limiter = rateLimit({
+  windowMs: (process.env.RATE_LIMIT_WINDOWS_MINS || 5) * 60 * 1000, // 5 minutes
+  max: process.env.RATE_LIMIT_MAX_PER_WINDOW || 600, // Limit each IP to 600 requests per `window`
+  standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
+  legacyHeaders: false, // Disable the `X-RateLimit-*` headers
+});
+
+app.use(limiter);
+app.use(helmet());
+app.use(helmet.hidePoweredBy());
 app.use(passport.initialize());
 app.use(cors());
 app.use(express.urlencoded({extended: true}));

db/jambones-sql.sql

@@ -365,7 +365,7 @@ CREATE TABLE webhooks
 (
 webhook_sid CHAR(36) NOT NULL UNIQUE ,
 url VARCHAR(1024) NOT NULL,
-method ENUM("GET","POST") NOT NULL DEFAULT 'POST',
+method ENUM("GET","POST","WS") NOT NULL DEFAULT 'POST',
 username VARCHAR(255),
 password VARCHAR(255),
 PRIMARY KEY (webhook_sid)

db/reset_admin_password.js

@@ -1,6 +1,6 @@
 #!/usr/bin/env node
 const {promisePool} = require('../lib/db');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const {generateHashedPassword} = require('../lib/utils/password-utils');
 const sqlInsert = `INSERT into users 
 (user_sid, name, email, hashed_password, force_change, provider, email_validated) 

lib/models/account.js

@@ -2,7 +2,8 @@ const debug = require('debug')('jambonz:api-server');
 const Model = require('./model');
 const {getMysqlConnection} = require('../db');
 const {promisePool} = require('../db');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
+
 const {encrypt} = require('../utils/encrypt-decrypt');
 
 const retrieveSql = `SELECT * from accounts acc

lib/models/api-key.js

@@ -27,6 +27,25 @@ class ApiKey extends Model {
     });
   }
 
+  /**
+  * list all api keys for a service provider
+  */
+  static retrieveAllForSP(service_provider_sid) {
+    const sql = 'SELECT * from api_keys WHERE service_provider_sid = ?';
+    const args = [service_provider_sid];
+
+    return new Promise((resolve, reject) => {
+      getMysqlConnection((err, conn) => {
+        if (err) return reject(err);
+        conn.query(sql, args, (err, results) => {
+          conn.release();
+          if (err) return reject(err);
+          resolve(results);
+        });
+      });
+    });
+  }
+
   /**
   * update last_used api key for an account
   */

lib/models/model.js

@@ -1,5 +1,5 @@
 const Emitter = require('events');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const assert = require('assert');
 const {getMysqlConnection} = require('../db');
 const {DbErrorBadRequest} = require('../utils/errors');

lib/routes/api/accounts.js

@@ -8,7 +8,7 @@ const ApiKey = require('../../models/api-key');
 const ServiceProvider = require('../../models/service-provider');
 const {deleteDnsRecords} = require('../../utils/dns-utils');
 const {deleteCustomer} = require('../../utils/stripe-utils');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const snakeCase = require('../../utils/snake-case');
 const sysError = require('../error');
 const {promisePool} = require('../../db');
@@ -19,6 +19,23 @@ const translator = short();
 
 let idx = 0;
 
+const getFsUrl = async(logger, retrieveSet, setName) => {
+  if (process.env.K8S) return `http://${process.env.K8S_FEATURE_SERVER_SERVICE_NAME}:3000/v1/createCall`;
+
+  try {
+    const fs = await retrieveSet(setName);
+    if (0 === fs.length) {
+      logger.info('No available feature servers to handle createCall API request');
+      return ;
+    }
+    const ip = stripPort(fs[idx++ % fs.length]);
+    logger.info({fs}, `feature servers available for createCall API request, selecting ${ip}`);
+    return `http://${ip}:3000/v1/createCall`;
+  } catch (err) {
+    logger.error({err}, 'getFsUrl: error retreving feature servers from redis');
+  }
+};
+
 const stripPort = (hostport) => {
   const arr = /^(.*):(.*)$/.exec(hostport);
   if (arr) return arr[1];
@@ -99,7 +116,9 @@ function validateUpdateCall(opts) {
     'listen_status',
     'conf_hold_status',
     'conf_mute_status',
-    'mute_status']
+    'mute_status',
+    'sip_request'
+  ]
     .reduce((acc, prop) => (opts[prop] ? ++acc : acc), 0);
 
   switch (count) {
@@ -133,6 +152,10 @@ function validateUpdateCall(opts) {
   if (opts.conf_mute_status && !['mute', 'unmute'].includes(opts.conf_mute_status)) {
     throw new DbErrorBadRequest('invalid conf_mute_status');
   }
+  if (opts.sip_request &&
+    (!opts.sip_request.method && !opts.sip_request.content_type ||  !opts.sip_request.content_type)) {
+    throw new DbErrorBadRequest('sip_request requires content_type and content properties');
+  }
 }
 
 function validateTo(to) {
@@ -217,10 +240,10 @@ async function validateCreateCall(logger, sid, req) {
   if (typeof obj.call_status_hook === 'object' && typeof obj.call_status_hook.url != 'string') {
     throw new DbErrorBadRequest('call_status_hook must be string or an object containing a url property');
   }
-  if (obj.call_hook && !/^https?:/.test(obj.call_hook.url)) {
+  if (obj.call_hook && !/^https?:/.test(obj.call_hook.url) && !/^wss?:/.test(obj.call_hook.url)) {
     throw new DbErrorBadRequest('call_hook url be an absolute url');
   }
-  if (obj.call_status_hook && !/^https?:/.test(obj.call_status_hook.url)) {
+  if (obj.call_status_hook && !/^https?:/.test(obj.call_status_hook.url) && !/^wss?:/.test(obj.call_status_hook.url)) {
     throw new DbErrorBadRequest('call_status_hook url be an absolute url');
   }
 }
@@ -496,7 +519,7 @@ router.delete('/:sid', async(req, res) => {
     await validateDelete(req, sid);
 
     const [account] = await promisePool.query('SELECT * FROM accounts WHERE account_sid = ?', sid);
-    const {sip_realm, stripe_customer_id} = account[0];
+    const {sip_realm, stripe_customer_id, registration_hook_sid} = account[0];
     /* remove dns records */
     if (process.env.NODE_ENV !== 'test' || process.env.DME_API_KEY) {
 
@@ -537,6 +560,15 @@ account_subscriptions WHERE account_sid = ?)
     await promisePool.execute('DELETE from applications where account_sid = ?', [sid]);
     await promisePool.execute('DELETE from accounts where account_sid = ?', [sid]);
 
+    if (registration_hook_sid) {
+      /* remove registration hook if only used by this account */
+      const sql = 'SELECT COUNT(*) as count FROM accounts WHERE registration_hook_sid = ?';
+      const [r] = await promisePool.query(sql, registration_hook_sid);
+      if (r[0]?.count === 0) {
+        await promisePool.execute('DELETE from webhooks where webhook_sid = ?', [registration_hook_sid]);
+      }
+    }
+
     if (stripe_customer_id) {
       const response = await deleteCustomer(logger, stripe_customer_id);
       logger.info({response}, `deleted stripe customer_id ${stripe_customer_id} for account_si ${sid}`);
@@ -567,18 +599,11 @@ router.post('/:sid/Calls', async(req, res) => {
   const setName = `${(process.env.JAMBONES_CLUSTER_ID || 'default')}:active-fs`;
   const {retrieveSet, logger} = req.app.locals;
 
+  const serviceUrl = await getFsUrl(logger, retrieveSet, setName);
+  if (!serviceUrl) res.json({msg: 'no available feature servers at this time'}).status(480);
   try {
-    const fs = await retrieveSet(setName);
-    if (0 === fs.length) {
-      logger.info('No available feature servers to handle createCall API request');
-      return res.json({msg: 'no available feature servers at this time'}).status(500);
-    }
-    const ip = stripPort(fs[idx++ % fs.length]);
-    logger.info({fs}, `feature servers available for createCall API request, selecting ${ip}`);
-    const serviceUrl = `http://${ip}:3000/v1/createCall`;
     await validateCreateCall(logger, sid, req);
 
-    logger.debug({payload: req.body}, `sending createCall API request to to ${ip}`);
     updateLastUsed(logger, sid, req).catch((err) => {});
     request({
       url: serviceUrl,
@@ -587,11 +612,11 @@ router.post('/:sid/Calls', async(req, res) => {
       body: Object.assign(req.body, {account_sid: sid})
     }, (err, response, body) => {
       if (err) {
-        logger.error(err, `Error sending createCall POST to ${ip}`);
+        logger.error(err, `Error sending createCall POST to ${serviceUrl}`);
         return res.sendStatus(500);
       }
       if (response.statusCode !== 201) {
-        logger.error({statusCode: response.statusCode}, `Non-success response returned by createCall ${ip}`);
+        logger.error({statusCode: response.statusCode}, `Non-success response returned by createCall ${serviceUrl}`);
         return res.sendStatus(500);
       }
       res.status(201).json(body);
@@ -714,14 +739,8 @@ router.post('/:sid/Messages', async(req, res) => {
   const {retrieveSet, logger} = req.app.locals;
 
   try {
-    const fs = await retrieveSet(setName);
-    if (0 === fs.length) {
-      logger.info('No available feature servers to handle createMessage API request');
-      return res.json({msg: 'no available feature servers at this time'}).status(500);
-    }
-    const ip = stripPort(fs[idx++ % fs.length]);
-    logger.info({fs}, `feature servers available for createMessage API request, selecting ${ip}`);
-    const serviceUrl = `http://${ip}:3000/v1/createMessage/${account_sid}`;
+    const serviceUrl = await getFsUrl(logger, retrieveSet, setName);
+    if (!serviceUrl) res.json({msg: 'no available feature servers at this time'}).status(480);
     await validateCreateMessage(logger, account_sid, req);
 
     const payload = {
@@ -729,7 +748,7 @@ router.post('/:sid/Messages', async(req, res) => {
       account_sid,
       ...req.body
     };
-    logger.debug({payload}, `sending createMessage API request to to ${ip}`);
+    logger.debug({payload}, `sending createMessage API request to to ${serviceUrl}`);
     updateLastUsed(logger, account_sid, req).catch(() => {});
     request({
       url: serviceUrl,
@@ -738,7 +757,7 @@ router.post('/:sid/Messages', async(req, res) => {
       body: payload
     }, (err, response, body) => {
       if (err) {
-        logger.error(err, `Error sending createMessage POST to ${ip}`);
+        logger.error(err, `Error sending createMessage POST to ${serviceUrl}`);
         return res.sendStatus(500);
       }
       if (response.statusCode !== 200) {

lib/routes/api/add-from-predefined-carrier.js

@@ -1,10 +1,10 @@
 const router = require('express').Router();
-const {DbErrorBadRequest} = require('../../utils/errors');
 const PredefinedCarrier = require('../../models/predefined-carrier');
 const VoipCarrier = require('../../models/voip-carrier');
 const SipGateway = require('../../models/sip-gateway');
 const SmppGateway = require('../../models/smpp-gateway');
 const {parseServiceProviderSid} = require('./utils');
+const short = require('short-uuid');
 const {promisePool} = require('../../db');
 const sysError = require('../error');
 
@@ -43,8 +43,7 @@ router.post('/:sid', async(req, res) => {
       await promisePool.query(sqlSelectCarrierByNameForSP, [service_provider_sid, template.name]);
 
     if (r2.length > 0) {
-      logger.info({account_sid}, `Failed to add carrier with name ${template.name}, carrier of that name exists`);
-      throw new DbErrorBadRequest(`A carrier with name ${template.name} already exists`);
+      template.name =  `${template.name}-${short.generate()}`;
     }
 
     /* retrieve all the sip gateways */

lib/routes/api/api-keys.js

@@ -3,7 +3,7 @@ const {DbErrorBadRequest} = require('../../utils/errors');
 const ApiKey = require('../../models/api-key');
 const Account = require('../../models/account');
 const decorate = require('./decorate');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const sysError = require('../error');
 const preconditions = {
   'add': validateAddToken,

lib/routes/api/applications.js

@@ -3,12 +3,12 @@ const {DbErrorBadRequest, DbErrorUnprocessableRequest} = require('../../utils/er
 const Application = require('../../models/application');
 const Account = require('../../models/account');
 const Webhook = require('../../models/webhook');
+const {promisePool} = require('../../db');
 const decorate = require('./decorate');
 const sysError = require('../error');
 const preconditions = {
   'add': validateAdd,
-  'update': validateUpdate,
-  'delete': validateDelete
+  'update': validateUpdate
 };
 
 /* only user-level tokens can add applications */
@@ -59,7 +59,7 @@ async function validateDelete(req, sid) {
   if (assignedPhoneNumbers > 0) throw new DbErrorUnprocessableRequest('cannot delete application with phone numbers');
 }
 
-decorate(router, Application, ['delete'], preconditions);
+decorate(router, Application, [], preconditions);
 
 /* add */
 router.post('/', async(req, res) => {
@@ -111,6 +111,47 @@ router.get('/:sid', async(req, res) => {
   }
 });
 
+/* delete */
+router.delete('/:sid', async(req, res) => {
+  const sid = req.params.sid;
+  const logger = req.app.locals.logger;
+  try {
+    await validateDelete(req, sid);
+
+    const [application] = await promisePool.query('SELECT * FROM applications WHERE application_sid = ?', sid);
+    const {call_hook_sid, call_status_hook_sid, messaging_hook_sid} = application[0];
+    logger.info({call_hook_sid, call_status_hook_sid, messaging_hook_sid, sid}, 'deleting application');
+    await promisePool.execute('DELETE from applications where application_sid = ?', [sid]);
+
+    if (call_hook_sid) {
+      /* remove call hook if only used by this app */
+      const sql = 'SELECT COUNT(*) as count FROM applications WHERE call_hook_sid = ?';
+      const [r] = await promisePool.query(sql, call_hook_sid);
+      if (r[0]?.count === 0) {
+        await promisePool.execute('DELETE from webhooks where webhook_sid = ?', [call_hook_sid]);
+      }
+    }
+    if (call_status_hook_sid) {
+      const sql = 'SELECT COUNT(*) as count FROM applications WHERE call_status_hook_sid = ?';
+      const [r] = await promisePool.query(sql, call_status_hook_sid);
+      if (r[0]?.count === 0) {
+        await promisePool.execute('DELETE from webhooks where webhook_sid = ?', [call_status_hook_sid]);
+      }
+    }
+    if (messaging_hook_sid) {
+      const sql = 'SELECT COUNT(*) as count FROM applications WHERE messaging_hook_sid = ?';
+      const [r] = await promisePool.query(sql, messaging_hook_sid);
+      if (r[0]?.count === 0) {
+        await promisePool.execute('DELETE from webhooks where webhook_sid = ?', [messaging_hook_sid]);
+      }
+    }
+
+    res.status(204).end();
+  } catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 /* update */
 router.put('/:sid', async(req, res) => {
   const sid = req.params.sid;

lib/routes/api/index.js

@@ -7,9 +7,16 @@ const isAdminScope = (req, res, next) => {
     message: 'insufficient privileges'
   });
 };
+const isAdminOrSPScope = (req, res, next) => {
+  if (req.user.hasScope('admin') || req.user.hasScope('service_provider')) return next();
+  res.status(403).json({
+    status: 'fail',
+    message: 'insufficient privileges'
+  });
+};
 
 api.use('/BetaInviteCodes', isAdminScope, require('./beta-invite-codes'));
-api.use('/ServiceProviders', isAdminScope, require('./service-providers'));
+api.use('/ServiceProviders', isAdminOrSPScope, require('./service-providers'));
 api.use('/VoipCarriers', require('./voip-carriers'));
 api.use('/Webhooks', require('./webhooks'));
 api.use('/SipGateways', require('./sip-gateways'));

lib/routes/api/register.js

@@ -4,7 +4,7 @@ const {DbErrorBadRequest, DbErrorUnprocessableRequest} = require('../../utils/er
 const {promisePool} = require('../../db');
 const {doGithubAuth, doGoogleAuth, doLocalAuth} = require('../../utils/oauth-utils');
 const {validateEmail} = require('../../utils/email-utils');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 const short = require('short-uuid');
 const translator = short();
 const jwt = require('jsonwebtoken');

lib/routes/api/service-providers.js

@@ -7,6 +7,7 @@ const Account = require('../../models/account');
 const VoipCarrier = require('../../models/voip-carrier');
 const Application = require('../../models/application');
 const PhoneNumber = require('../../models/phone-number');
+const ApiKey = require('../../models/api-key');
 const {hasServiceProviderPermissions, parseServiceProviderSid} = require('./utils');
 const sysError = require('../error');
 const decorate = require('./decorate');
@@ -114,6 +115,18 @@ router.get(':sid/Acccounts', async(req, res) => {
     sysError(logger, res, err);
   }
 });
+router.get('/:sid/ApiKeys', async(req, res) => {
+  const logger = req.app.locals.logger;
+  const {sid} = req.params;
+  try {
+    const results = await ApiKey.retrieveAllForSP(sid);
+    res.status(200).json(results);
+    await ApiKey.updateLastUsed(sid);
+  } catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 
 /* add */
 router.post('/', async(req, res) => {

lib/routes/api/sip-realm.js

@@ -2,7 +2,7 @@ const router = require('express').Router();
 const {promisePool} = require('../../db');
 const {DbErrorBadRequest} = require('../../utils/errors');
 const {createDnsRecords, deleteDnsRecords} = require('../../utils/dns-utils');
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 const sysError = require('../error');
 const insertDnsRecords = `INSERT INTO dns_records 
 (dns_record_sid, account_sid, record_type, record_id) 

lib/routes/api/sms-inbound.js

@@ -1,19 +1,41 @@
 const router = require('express').Router();
 const request = require('request');
 const getProvider = require('../../utils/sms-provider');
-const uuidv4 = require('uuid/v4');
+const { v4: uuidv4 } = require('uuid');
 const sysError = require('../error');
 let idx = 0;
 
+const getFsUrl = async(logger, retrieveSet, setName, provider) => {
+  if (process.env.K8S) return `http://${process.env.K8S_FEATURE_SERVER_SERVICE_NAME}:3000/v1/messaging/${provider}`;
 
-async function doSendResponse(res, respondFn, body) {
+  try {
+    const fs = await retrieveSet(setName);
+    if (0 === fs.length) {
+      logger.info('No available feature servers to handle createCall API request');
+      return ;
+    }
+    const ip = stripPort(fs[idx++ % fs.length]);
+    logger.info({fs}, `feature servers available for createCall API request, selecting ${ip}`);
+    return `http://${ip}:3000/v1/messaging/${provider}`;
+  } catch (err) {
+    logger.error({err}, 'getFsUrl: error retreving feature servers from redis');
+  }
+};
+
+const stripPort = (hostport) => {
+  const arr = /^(.*):(.*)$/.exec(hostport);
+  if (arr) return arr[1];
+  return hostport;
+};
+
+const doSendResponse = async(res, respondFn, body) => {
   if (typeof respondFn === 'number') res.sendStatus(respondFn);
   else if (typeof respondFn !== 'function') res.sendStatus(200);
   else {
     const payload = await respondFn(body);
     res.status(200).json(payload);
   }
-}
+};
 
 router.post('/:provider', async(req, res) => {
   const provider = req.params.provider;
@@ -67,17 +89,8 @@ router.post('/:provider', async(req, res) => {
   }
 
   try {
-    const fs = await retrieveSet(setName);
-    if (0 === fs.length) {
-      logger.info('No available feature servers to handle createCall API request');
-      return res
-        .json({
-          msg: 'no available feature servers at this time'
-        })
-        .status(480);
-    }
-    const ip = fs[idx++ % fs.length];
-    const serviceUrl = `http://${ip}:3000/v1/messaging/${provider}`;
+    const serviceUrl = await getFsUrl(logger, retrieveSet, setName, provider);
+    if (!serviceUrl) res.json({msg: 'no available feature servers at this time'}).status(480);
     const messageSid = uuidv4();
     const payload = await Promise.resolve(filterFn({messageSid}, req.body));
 
@@ -113,7 +126,7 @@ router.post('/:provider', async(req, res) => {
 
     logger.debug({body: req.body, payload}, 'filtered incoming SMS');
 
-    logger.info({payload, url: serviceUrl}, `sending incomingSms API request to FS at ${ip}`);
+    logger.info({payload, url: serviceUrl}, `sending incomingSms API request to FS at ${serviceUrl}`);
 
     request({
       url: serviceUrl,
@@ -123,7 +136,7 @@ router.post('/:provider', async(req, res) => {
     },
     async(err, response, body) => {
       if (err) {
-        logger.error(err, `Error sending incomingSms POST to ${ip}`);
+        logger.error(err, `Error sending incomingSms POST to ${serviceUrl}`);
         return res.sendStatus(500);
       }
       if (200 === response.statusCode) {
@@ -131,7 +144,7 @@ router.post('/:provider', async(req, res) => {
         logger.info({body}, 'sending response to provider for incomingSMS');
         return doSendResponse(res, respondFn, body);
       }
-      logger.error({statusCode: response.statusCode}, `Non-success response returned by incomingSms ${ip}`);
+      logger.error({statusCode: response.statusCode}, `Non-success response returned by incomingSms ${serviceUrl}`);
       return res.sendStatus(500);
     });
   } catch (err) {

lib/routes/api/speech-credentials.js

@@ -1,23 +1,23 @@
 const router = require('express').Router();
+const assert = require('assert');
 const SpeechCredential = require('../../models/speech-credential');
 const sysError = require('../error');
 const {decrypt, encrypt} = require('../../utils/encrypt-decrypt');
 const {parseAccountSid, parseServiceProviderSid} = require('./utils');
-const {DbErrorUnprocessableRequest, DbErrorBadRequest} = require('../../utils/errors');
+const {DbErrorUnprocessableRequest} = require('../../utils/errors');
 const {
   testGoogleTts,
   testGoogleStt,
   testAwsTts,
   testAwsStt,
   testMicrosoftStt,
-  testMicrosoftTts
+  testMicrosoftTts,
+  testWellSaidTts
 } = require('../../utils/speech-utils');
 
-router.post('/', async(req, res) => {
-  const logger = req.app.locals.logger;
+
+const encryptCredential = (obj) => {
   const {
-    use_for_stt,
-    use_for_tts,
     vendor,
     service_key,
     access_key_id,
@@ -25,6 +25,49 @@ router.post('/', async(req, res) => {
     aws_region,
     api_key,
     region
+  } = obj;
+
+  switch (vendor) {
+    case 'google':
+      assert(service_key, 'invalid json key: service_key is required');
+      try {
+        const o = JSON.parse(service_key);
+        assert(o.client_email && o.private_key, 'invalid google service account key');
+      }
+      catch (err) {
+        assert(false, 'invalid google service account key - not JSON');
+      }
+      return encrypt(service_key);
+
+    case 'aws':
+      assert(access_key_id, 'invalid aws speech credential: access_key_id is required');
+      assert(secret_access_key, 'invalid aws speech credential: secret_access_key is required');
+      assert(aws_region, 'invalid aws speech credential: aws_region is required');
+      const awsData = JSON.stringify({aws_region, access_key_id, secret_access_key});
+      return encrypt(awsData);
+
+    case 'microsoft':
+      assert(region, 'invalid azure speech credential: region is required');
+      assert(api_key, 'invalid azure speech credential: api_key is required');
+      const azureData = JSON.stringify({region, api_key});
+      return encrypt(azureData);
+
+    case 'wellsaid':
+      assert(api_key, 'invalid wellsaid speech credential: api_key is required');
+      const wsData = JSON.stringify({api_key});
+      return encrypt(wsData);
+
+    default:
+      assert(false, `invalid or missing vendor: ${vendor}`);
+  }
+};
+
+router.post('/', async(req, res) => {
+  const logger = req.app.locals.logger;
+  const {
+    use_for_stt,
+    use_for_tts,
+    vendor,
   } = req.body;
   const account_sid = req.user.account_sid || req.body.account_sid;
   let service_provider_sid;
@@ -36,37 +79,7 @@ router.post('/', async(req, res) => {
     service_provider_sid = parseServiceProviderSid(req);
   }
   try {
-    let encrypted_credential;
-    if (vendor === 'google') {
-      let obj;
-      if (!service_key) throw new DbErrorBadRequest('invalid json key: service_key is required');
-      try {
-        obj = JSON.parse(service_key);
-        if (!obj.client_email || !obj.private_key) {
-          throw new DbErrorBadRequest('invalid google service account key');
-        }
-      }
-      catch (err) {
-        throw new DbErrorBadRequest('invalid google service account key - not JSON');
-      }
-      encrypted_credential = encrypt(service_key);
-    }
-    else if (vendor === 'aws') {
-      const data = JSON.stringify({
-        aws_region: aws_region || 'us-east-1',
-        access_key_id,
-        secret_access_key
-      });
-      encrypted_credential = encrypt(data);
-    }
-    else if (vendor === 'microsoft') {
-      const data = JSON.stringify({
-        region,
-        api_key
-      });
-      encrypted_credential = encrypt(data);
-    }
-    else throw new DbErrorBadRequest(`invalid speech vendor ${vendor}`);
+    const encrypted_credential = encryptCredential(req.body);
     const uuid = await SpeechCredential.make({
       account_sid,
       service_provider_sid,
@@ -97,17 +110,24 @@ router.get('/', async(req, res) => {
     res.status(200).json(creds.map((c) => {
       const {credential, ...obj} = c;
       if ('google' === obj.vendor) {
-        obj.service_key = decrypt(credential);
+        obj.service_key = JSON.parse(decrypt(credential));
       }
       else if ('aws' === obj.vendor) {
-        const o = decrypt(credential);
+        const o = JSON.parse(decrypt(credential));
         obj.access_key_id = o.access_key_id;
         obj.secret_access_key = o.secret_access_key;
+        obj.aws_region = o.aws_region;
+        logger.info({obj, o}, 'retrieving aws speech credential');
       }
       else if ('microsoft' === obj.vendor) {
-        const o = decrypt(credential);
+        const o = JSON.parse(decrypt(credential));
         obj.api_key = o.api_key;
         obj.region = o.region;
+        logger.info({obj, o}, 'retrieving azure speech credential');
+      }
+      else if ('wellsaid' === obj.vendor) {
+        const o = JSON.parse(decrypt(credential));
+        obj.api_key = o.api_key;
       }
       return obj;
     }));
@@ -133,6 +153,7 @@ router.get('/:sid', async(req, res) => {
       const o = JSON.parse(decrypt(credential));
       obj.access_key_id = o.access_key_id;
       obj.secret_access_key = o.secret_access_key;
+      obj.aws_region = o.aws_region;
     }
     else if ('microsoft' === obj.vendor) {
       const o = JSON.parse(decrypt(credential));
@@ -180,6 +201,11 @@ router.put('/:sid', async(req, res) => {
       obj.use_for_stt = use_for_stt;
     }
 
+    /* update the credential if provided */
+    try {
+      obj.credential = encryptCredential(req.body);
+    } catch (err) {}
+
     const rowsAffected = await SpeechCredential.update(sid, obj);
     if (rowsAffected === 0) {
       return res.sendStatus(404);
@@ -291,6 +317,19 @@ router.get('/:sid/test', async(req, res) => {
         }
       }
     }
+    else if (cred.vendor === 'wellsaid') {
+      const {api_key} = credential;
+      if (cred.use_for_tts) {
+        try {
+          await testWellSaidTts(logger, {api_key});
+          results.tts.status = 'ok';
+          SpeechCredential.ttsTestResult(sid, true);
+        } catch (err) {
+          results.tts = {status: 'fail', reason: err.message};
+          SpeechCredential.ttsTestResult(sid, false);
+        }
+      }
+    }
     res.status(200).json(results);
   } catch (err) {
     sysError(logger, res, err);

lib/routes/api/utils.js

@@ -1,4 +1,4 @@
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 const bent = require('bent');
 const Account = require('../../models/account');
 const {promisePool} = require('../../db');

lib/swagger/swagger.yaml

@@ -3102,9 +3102,12 @@ paths:
                   enum:
                     - completed
                     - no-answer
-                conf_mute:
-                  type: boolean
-                conf_status:
+                conf_mute_status:
+                  type: string
+                  enum:
+                    - mute
+                    - unmute
+                conf_hold_status:
                   type: string
                   enum:
                     - hold
@@ -3120,8 +3123,21 @@ paths:
                     - mute
                     - unmute
                 whisper:
-                  $ref: '#/components/schemas/Webhook'         
+                  $ref: '#/components/schemas/Webhook'
+                sip_request:
+                  type: object
+                  properties:
+                    method:
+                      type: string
+                    content_type:
+                      type: string
+                    content:
+                      type: string
+                    headers:
+                      type: object
       responses:
+        200:
+          description: Accepted
         202:
           description: Accepted
         400:

lib/utils/speech-utils.js

@@ -75,11 +75,37 @@ const testMicrosoftStt = async(logger, credentials) => {
   return true;
 };
 
+const testWellSaidTts = async(logger, credentials) => {
+  const {api_key} = credentials;
+  try {
+    const post = bent('https://api.wellsaidlabs.com', 'POST', 'buffer', {
+      'X-Api-Key': api_key,
+      'Accept': 'audio/mpeg',
+      'Content-Type': 'application/json'
+    });
+    const mp3 = await post('/v1/tts/stream', {
+      text: 'Hello, world',
+      speaker_id: '3'
+    });
+    return mp3;
+  } catch (err) {
+    logger.info({err}, 'testWellSaidTts returned error');
+    throw err;
+  }
+};
+
+const testWellSaidStt = async(logger, credentials) => {
+  //TODO
+  return true;
+};
+
 module.exports = {
   testGoogleTts,
   testGoogleStt,
   testAwsTts,
+  testWellSaidTts,
   testAwsStt,
   testMicrosoftTts,
-  testMicrosoftStt
+  testMicrosoftStt,
+  testWellSaidStt,
 };

package.json

@@ -1,6 +1,6 @@
 {
   "name": "jambonz-api-server",
-  "version": "v0.7.1",
+  "version": "v0.7.5",
   "description": "",
   "main": "app.js",
   "scripts": {
@@ -9,7 +9,8 @@
     "integration-test": "NODE_ENV=test JAMBONES_TIME_SERIES_HOST=127.0.0.1 AWS_REGION='us-east-1' JAMBONES_CURRENCY=USD JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_LOGLEVEL=debug JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/serve-integration.js",
     "upgrade-db": "node ./db/upgrade-jambonz-db.js",
     "coverage": "./node_modules/.bin/nyc --reporter html --report-dir ./coverage npm run test",
-    "jslint": "eslint app.js lib"
+    "jslint": "eslint app.js lib",
+    "prepare": "husky install"
   },
   "author": "Dave Horton",
   "license": "MIT",
@@ -17,36 +18,39 @@
     "url": "https://github.com/jambonz/jambonz-api-server.git"
   },
   "dependencies": {
-    "@google-cloud/speech": "^4.2.0",
-    "@google-cloud/text-to-speech": "^3.1.3",
-    "@jambonz/db-helpers": "^0.6.12",
-    "@jambonz/realtimedb-helpers": "^0.4.3",
-    "@jambonz/time-series": "^0.1.5",
+    "@google-cloud/speech": "^4.10.0",
+    "@google-cloud/text-to-speech": "^3.4.0",
+    "@jambonz/db-helpers": "^0.6.16",
+    "@jambonz/realtimedb-helpers": "^0.4.24",
+    "@jambonz/time-series": "^0.1.6",
     "argon2-ffi": "^2.0.0",
-    "aws-sdk": "^2.839.0",
+    "aws-sdk": "^2.1073.0",
     "bent": "^7.3.12",
     "cors": "^2.8.5",
-    "debug": "^4.3.1",
-    "express": "^4.17.1",
-    "form-data": "^2.3.3",
-    "form-urlencoded": "^6.0.4",
+    "debug": "^4.3.3",
+    "express": "^4.17.2",
+    "express-rate-limit": "^6.3.0",
+    "form-data": "^2.5.1",
+    "form-urlencoded": "^6.0.5",
+    "helmet": "^5.0.2",
     "jsonwebtoken": "^8.5.1",
-    "mailgun.js": "^3.3.0",
+    "mailgun.js": "^3.7.3",
     "microsoft-cognitiveservices-speech-sdk": "^1.19.0",
-    "mysql2": "^2.2.5",
-    "passport": "^0.5.0",
+    "mysql2": "^2.3.3",
+    "passport": "^0.5.2",
     "passport-http-bearer": "^1.0.1",
     "pino": "^5.17.0",
     "request-debug": "^0.2.0",
     "short-uuid": "^4.1.0",
-    "stripe": "^8.138.0",
-    "swagger-ui-express": "^4.1.6",
-    "uuid": "^3.4.0",
+    "stripe": "^8.196.0",
+    "swagger-ui-express": "^4.3.0",
+    "uuid": "^8.3.2",
     "yamljs": "^0.3.0"
   },
   "devDependencies": {
     "eslint": "^7.17.0",
     "eslint-plugin-promise": "^4.2.1",
+    "husky": "7.0.4",
     "nyc": "^15.1.0",
     "request": "^2.88.2",
     "request-promise-native": "^1.0.9",

test/docker-compose-testbed.yaml

@@ -37,7 +37,7 @@ services:
     
   influxdb:
     platform: linux/x86_64
-    image: influxdb:1.8-alpine
+    image: influxdb:1.8
     ports:
       - "8086:8086"
     networks:

test/service-providers.js

@@ -106,6 +106,33 @@ test('service provider tests', async(t) => {
     });
     t.ok(result.statusCode === 204, 'successfully updated service provider');
 
+    /* add an api key for a service provider */
+    result = await request.post(`/ApiKeys`, {
+      auth: authAdmin,
+      json: true,
+      resolveWithFullResponse: true,
+      body: {
+        service_provider_sid: sid
+      }
+    });
+    t.ok(result.statusCode === 201, 'successfully added an api_key for a service provider');
+    const apiKeySid = result.body.sid;
+
+    /* query all api keys for a service provider */
+    result = await request.get(`/ServiceProviders/${sid}/ApiKeys`, {
+      auth: authAdmin,
+      json: true,
+    });
+    t.ok(result.length === 1 , 'successfully queried all service provider keys');
+    
+    /* delete an api key */
+    result = await request.delete(`/ApiKeys/${apiKeySid}`, {
+      auth: authAdmin,
+      json: true,
+      resolveWithFullResponse: true,
+    });
+    t.ok(result.statusCode === 204, 'successfully deleted an api_key for a service provider');
+    
     /* add a predefined carrier for a service provider */
     result = await request.post(`/ServiceProviders/${sid}/PredefinedCarriers/7d509a18-bbff-4c5d-b21e-b99bf8f8c49a`, {
       auth: authAdmin,

test/speech-credentials.js

@@ -133,6 +133,30 @@ test('speech credentials tests', async(t) => {
         json: true,   
       });
       console.log(JSON.stringify(result));
+    }
+
+    /* add a credential for wellsaid */
+    if (process.env.WELLSAID_API_KEY) {
+      result = await request.post(`/Accounts/${account_sid}/SpeechCredentials`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,
+        body: {
+          vendor: 'wellsaid',
+          use_for_tts: true,
+          api_key: process.env.WELLSAID_API_KEY
+        }
+      });
+      t.ok(result.statusCode === 201, 'successfully added speech credential');
+      const ms_sid = result.body.sid;
+
+      /* test the speech credential */
+      result = await request.get(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}/test`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,   
+      });
+      console.log(JSON.stringify(result));
 
       /* delete the credential */
       result = await request.delete(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}`, {
@@ -144,7 +168,6 @@ test('speech credentials tests', async(t) => {
 
     await deleteObjectBySid(request, '/Accounts', account_sid);
     await deleteObjectBySid(request, '/ServiceProviders', service_provider_sid);
-
     //t.end();
   }
   catch (err) {

test/utils.js

@@ -1,5 +1,4 @@
-const bytesToUuid = require("uuid/lib/bytesToUuid");
-const uuid = require('uuid').v4;
+const { v4: uuid } = require('uuid');
 
 const ADMIN_TOKEN = '38700987-c7a4-4685-a5bb-af378f9734de';
 const authAdmin = {bearer: ADMIN_TOKEN};