proper version

* obscure sensitive bucket credentials

* npm audit fix

* fix condition

* add test suite encrypt-decrypt.test

* revert docker-compose

* update pipeline

---------

Co-authored-by: mfrindt <m.frindt@cognigy.com>

.github/workflows/ci.yml

@@ -23,5 +23,6 @@ jobs:
           sudo chmod +x /usr/local/bin/docker-compose
           docker-compose --version
       - run: npm test
+      - run: npm run test:encrypt-decrypt
 
  

app.js

@@ -222,7 +222,7 @@ server.on('upgrade', (request, socket, head) => {
 
   /* complete the upgrade */
   wsServer.handleUpgrade(request, socket, head, (ws) => {
-    logger.info(`upgraded to websocket, url: ${request.url}`);
+    logger.debug(`upgraded to websocket, url: ${request.url}`);
     wsServer.emit('connection', ws, request.url);
   });
 });

db/jambones-sql.sql

@@ -162,7 +162,7 @@ regex VARCHAR(32) NOT NULL COMMENT 'regex-based pattern match against dialed num
 description VARCHAR(1024),
 priority INTEGER NOT NULL COMMENT 'lower priority routes are attempted first',
 PRIMARY KEY (lcr_route_sid)
-) COMMENT='An ordered list of  digit patterns in an LCR table.  The patterns are tested in sequence until one matches';
+) COMMENT='An ordered list of  digit patterns in an LCR table.  The pat';
 
 CREATE TABLE lcr
 (
@@ -173,7 +173,7 @@ default_carrier_set_entry_sid CHAR(36) COMMENT 'default carrier/route to use whe
 service_provider_sid CHAR(36),
 account_sid CHAR(36),
 PRIMARY KEY (lcr_sid)
-) COMMENT='An LCR (least cost routing) table that is used by a service provider or account to make decisions about routing outbound calls when multiple carriers are available.';
+) COMMENT='An LCR (least cost routing) table that is used by a service ';
 
 CREATE TABLE password_settings
 (
@@ -351,6 +351,8 @@ speech_credential_sid CHAR(36) NOT NULL,
 model VARCHAR(512) NOT NULL,
 reported_usage ENUM('REPORTED_USAGE_UNSPECIFIED','REALTIME','OFFLINE') DEFAULT 'REALTIME',
 name VARCHAR(64) NOT NULL,
+voice_cloning_key MEDIUMTEXT,
+use_voice_cloning_key BOOLEAN DEFAULT false,
 PRIMARY KEY (google_custom_voice_sid)
 );
 
@@ -414,6 +416,7 @@ register_from_user VARCHAR(128),
 register_from_domain VARCHAR(255),
 register_public_ip_in_contact BOOLEAN NOT NULL DEFAULT false,
 register_status VARCHAR(4096),
+dtmf_type ENUM('rfc2833','tones','info') NOT NULL DEFAULT 'rfc2833',
 PRIMARY KEY (voip_carrier_sid)
 ) COMMENT='A Carrier or customer PBX that can send or receive calls';
 

db/jambones.sqs

@@ -551,7 +551,7 @@
         </location>
         <size>
             <width>293.00</width>
-            <height>540.00</height>
+            <height>560.00</height>
         </size>
         <zorder>6</zorder>
         <SQLField>
@@ -737,6 +737,13 @@
             <type><![CDATA[VARCHAR(4096)]]></type>
             <uid><![CDATA[7C7DFE92-D7AC-4447-A1C2-E0F10C1EA26A]]></uid>
         </SQLField>
+        <SQLField>
+            <name><![CDATA[dtmf_type]]></name>
+            <type><![CDATA[ENUM('rfc2833','tones','info')]]></type>
+            <defaultValue><![CDATA[rfc2833]]></defaultValue>
+            <notNull><![CDATA[1]]></notNull>
+            <uid><![CDATA[87355F68-CC01-4B7C-855A-976CE634634D]]></uid>
+        </SQLField>
         <labelWindowIndex><![CDATA[28]]></labelWindowIndex>
         <objectComment><![CDATA[A Carrier or customer PBX that can send or receive calls]]></objectComment>
         <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
@@ -1280,8 +1287,8 @@
         <schema><![CDATA[]]></schema>
         <comment><![CDATA[a regex-based pattern match for call routing]]></comment>
         <location>
-            <x>31.00</x>
-            <y>983.00</y>
+            <x>25.00</x>
+            <y>997.00</y>
         </location>
         <size>
             <width>254.00</width>
@@ -2082,7 +2089,7 @@
         </location>
         <size>
             <width>521.00</width>
-            <height>120.00</height>
+            <height>160.00</height>
         </size>
         <zorder>37</zorder>
         <SQLField>
@@ -2131,6 +2138,19 @@
             <notNull><![CDATA[1]]></notNull>
             <uid><![CDATA[D22EED9A-3502-489E-BE0A-5609B76697A8]]></uid>
         </SQLField>
+        <SQLField>
+            <name><![CDATA[voice_cloning_key]]></name>
+            <type><![CDATA[MEDIUMTEXT]]></type>
+            <notNull><![CDATA[0]]></notNull>
+            <uid><![CDATA[8A59864C-AA4F-4D2C-A88C-CA600D2BE425]]></uid>
+        </SQLField>
+        <SQLField>
+            <name><![CDATA[use_voice_cloning_key]]></name>
+            <type><![CDATA[BOOLEAN]]></type>
+            <defaultValue><![CDATA[false]]></defaultValue>
+            <forcedUnique><![CDATA[0]]></forcedUnique>
+            <uid><![CDATA[880D737F-D28E-4EC5-9A1F-6535326C376D]]></uid>
+        </SQLField>
         <labelWindowIndex><![CDATA[1]]></labelWindowIndex>
         <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
         <uid><![CDATA[B83321B9-0B89-4E5F-95D4-864ADE2EC405]]></uid>
@@ -3131,17 +3151,17 @@
         <overviewPanelHidden><![CDATA[0]]></overviewPanelHidden>
         <pageBoundariesVisible><![CDATA[0]]></pageBoundariesVisible>
         <PageGridVisible><![CDATA[0]]></PageGridVisible>
-        <RightSidebarWidth><![CDATA[1485.000000]]></RightSidebarWidth>
+        <RightSidebarWidth><![CDATA[1235.000000]]></RightSidebarWidth>
         <sidebarIndex><![CDATA[2]]></sidebarIndex>
         <snapToGrid><![CDATA[0]]></snapToGrid>
-        <SourceSidebarWidth><![CDATA[312.000000]]></SourceSidebarWidth>
+        <SourceSidebarWidth><![CDATA[0.000000]]></SourceSidebarWidth>
         <SQLEditorFileFormatVersion><![CDATA[4]]></SQLEditorFileFormatVersion>
         <uid><![CDATA[58C99A00-06C9-478C-A667-C63842E088F3]]></uid>
-        <windowHeight><![CDATA[1055.000000]]></windowHeight>
-        <windowLocationX><![CDATA[1728.000000]]></windowLocationX>
-        <windowLocationY><![CDATA[37.000000]]></windowLocationY>
-        <windowScrollOrigin><![CDATA[{499, 0}]]></windowScrollOrigin>
-        <windowWidth><![CDATA[1920.000000]]></windowWidth>
+        <windowHeight><![CDATA[871.000000]]></windowHeight>
+        <windowLocationX><![CDATA[-1516.000000]]></windowLocationX>
+        <windowLocationY><![CDATA[1121.000000]]></windowLocationY>
+        <windowScrollOrigin><![CDATA[{10, 338}]]></windowScrollOrigin>
+        <windowWidth><![CDATA[1512.000000]]></windowWidth>
     </SQLDocumentInfo>
     <AllowsIndexRenamingOnInsert><![CDATA[1]]></AllowsIndexRenamingOnInsert>
     <defaultLabelExpanded><![CDATA[1]]></defaultLabelExpanded>

db/upgrade-jambonz-db.js

@@ -202,6 +202,13 @@ const sql = {
     'ALTER TABLE system_information ADD COLUMN private_network_cidr VARCHAR(8192)',
     'ALTER TABLE system_information ADD COLUMN log_level ENUM(\'info\', \'debug\') NOT NULL DEFAULT \'info\'',
     'ALTER TABLE accounts ADD COLUMN enable_debug_log BOOLEAN NOT NULL DEFAULT false',
+    'ALTER TABLE google_custom_voices ADD COLUMN use_voice_cloning_key BOOLEAN DEFAULT false',
+    'ALTER TABLE google_custom_voices ADD COLUMN voice_cloning_key MEDIUMTEXT',
+  ],
+  9003: [
+    'ALTER TABLE google_custom_voices ADD COLUMN voice_cloning_key MEDIUMTEXT',
+    'ALTER TABLE google_custom_voices ADD COLUMN use_voice_cloning_key BOOLEAN DEFAULT false',
+    'ALTER TABLE voip_carriers ADD COLUMN dtmf_type ENUM(\'rfc2833\',\'tones\',\'info\') NOT NULL DEFAULT \'rfc2833\'',
   ]
 };
 
@@ -236,6 +243,7 @@ const doIt = async() => {
         if (val < 8005) upgrades.push(...sql['8005']);
         if (val < 9000) upgrades.push(...sql['9000']);
         if (val < 9002) upgrades.push(...sql['9002']);
+        if (val < 9003) upgrades.push(...sql['9003']);
 
         // perform all upgrades
         logger.info({upgrades}, 'applying schema upgrades..');

lib/models/account.js

@@ -56,9 +56,13 @@ AND effective_end_date IS NULL
 AND pending = 0`;
 
 const extractBucketCredential = (obj) => {
-  const {bucket_credential} = obj;
-  if (bucket_credential) {
-    obj.bucket_credential = JSON.parse(decrypt(bucket_credential));
+  try {
+    const {bucket_credential} = obj;
+    if (bucket_credential) {
+      obj.bucket_credential = JSON.parse(decrypt(bucket_credential));
+    }
+  } catch (error) {
+    console.error('Error while decrypting data', error);
   }
 };
 

lib/models/application.js

@@ -37,19 +37,24 @@ class Application extends Model {
   }
 
   /**
-   * list all applications - for all service providers, for one service provider, or for one account
+   * list all applications - for all service providers, for one service provider, or for one account,
+   * or by an optional name
    */
-  static retrieveAll(service_provider_sid, account_sid) {
-    let sql = retrieveSql;
+  static retrieveAll(service_provider_sid, account_sid, name) {
+    let sql = retrieveSql + ' WHERE 1 = 1';
     const args = [];
     if (account_sid) {
-      sql = `${sql} WHERE app.account_sid = ?`;
+      sql = `${sql} AND app.account_sid = ?`;
       args.push(account_sid);
     }
     else if (service_provider_sid) {
-      sql = `${sql} WHERE account_sid in (SELECT account_sid from accounts WHERE service_provider_sid = ?)`;
+      sql = `${sql} AND account_sid in (SELECT account_sid from accounts WHERE service_provider_sid = ?)`;
       args.push(service_provider_sid);
     }
+    if (name) {
+      sql = `${sql} AND app.name = ?`;
+      args.push(name);
+    }
     return new Promise((resolve, reject) => {
       getMysqlConnection((err, conn) => {
         if (err) return reject(err);

lib/models/client.js

@@ -13,9 +13,9 @@ class Client extends Model {
   }
 
   static async retrieveAllByServiceProviderSid(service_provider_sid) {
-    const sql = `SELECT c.client_sid, c.account_sid, c.is_active, c.username, c.hashed_password
+    const sql = `SELECT c.client_sid, c.account_sid, c.is_active, c.username, c.password
       FROM ${this.table} AS c LEFT JOIN accounts AS acc ON c.account_sid = acc.account_sid
-      LEFT JOIN service_providers AS sp ON sp.service_provider_sid = accs.service_provider_sid
+      LEFT JOIN service_providers AS sp ON sp.service_provider_sid = acc.service_provider_sid
       WHERE sp.service_provider_sid = ?`;
     const [rows] = await promisePool.query(sql, service_provider_sid);
     return rows;

lib/models/speech-credential.js

@@ -22,14 +22,17 @@ class SpeechCredential extends Model {
 
   static async getSpeechCredentialsByVendorAndLabel(service_provider_sid, account_sid, vendor, label) {
     let sql;
+    let rows = [];
     if (account_sid) {
       sql = `SELECT * FROM speech_credentials WHERE account_sid = ? AND vendor = ?
         AND label ${label ? '= ?' : 'is NULL'}`;
-    } else {
+      [rows] = await promisePool.query(sql, [account_sid, vendor, label]);
+    }
+    if (rows.length === 0) {
       sql = `SELECT * FROM speech_credentials WHERE service_provider_sid = ? AND vendor = ?
         AND label ${label ? '= ?' : 'is NULL'}`;
+      [rows] = await promisePool.query(sql, [service_provider_sid, vendor, label]);
     }
-    const [rows] = await promisePool.query(sql, [account_sid ? account_sid : service_provider_sid, vendor, label]);
     return rows;
   }
 

lib/models/voip-carrier.js

@@ -136,6 +136,10 @@ VoipCarrier.fields = [
   {
     name: 'register_status',
     type: 'string'
+  },
+  {
+    name: 'dtmf_type',
+    type: 'string'
   }
 ];
 

lib/routes/api/accounts.js

@@ -19,11 +19,12 @@ const {
   parseCallSid,
   enableSubspace,
   disableSubspace,
-  parseVoipCarrierSid
+  parseVoipCarrierSid,
+  hasValue,
 } = require('./utils');
 const short = require('short-uuid');
 const VoipCarrier = require('../../models/voip-carrier');
-const { encrypt } = require('../../utils/encrypt-decrypt');
+const { encrypt, obscureBucketCredentialsSensitiveData, isObscureKey } = require('../../utils/encrypt-decrypt');
 const { testS3Storage, testGoogleStorage, testAzureStorage } = require('../../utils/storage-utils');
 const translator = short();
 
@@ -42,7 +43,7 @@ const getFsUrl = async(logger, retrieveSet, setName) => {
       return ;
     }
     const f = fs[idx++ % fs.length];
-    logger.info({fs}, `feature servers available for createCall API request, selecting ${f}`);
+    logger.debug({fs}, `feature servers available for createCall API request, selecting ${f}`);
     return `${f}/v1/createCall`;
   } catch (err) {
     logger.error({err}, 'getFsUrl: error retreving feature servers from redis');
@@ -266,7 +267,8 @@ function validateUpdateCall(opts) {
     'record',
     'tag',
     'dtmf',
-    'conferenceParticipantAction'
+    'conferenceParticipantAction',
+    'dub'
   ]
     .reduce((acc, prop) => (opts[prop] ? ++acc : acc), 0);
 
@@ -554,9 +556,12 @@ router.get('/:sid', async(req, res) => {
     const account_sid = parseAccountSid(req);
     await validateRequest(req, account_sid);
     const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
-    const results = await Account.retrieve(account_sid, service_provider_sid);
-    if (results.length === 0) return res.status(404).end();
-    return res.status(200).json(results[0]);
+    const [result] = await Account.retrieve(account_sid, service_provider_sid) || [];
+    if (!result) return res.status(404).end();
+
+    result.bucket_credential = obscureBucketCredentialsSensitiveData(result.bucket_credential);
+
+    return res.status(200).json(result);
   }
   catch (err) {
     sysError(logger, res, err);
@@ -638,19 +643,21 @@ router.delete('/:sid/SubspaceTeleport', async(req, res) => {
   }
 });
 
-function encryptBucketCredential(obj) {
-  if (!obj.bucket_credential) return;
+function encryptBucketCredential(obj, storedCredentials = {}) {
+  if (!hasValue(obj?.bucket_credential)) return;
   const {
     vendor,
     region,
     name,
     access_key_id,
-    secret_access_key,
     tags,
-    service_key,
-    connection_string,
     endpoint
   } = obj.bucket_credential;
+  let {
+    secret_access_key,
+    service_key,
+    connection_string
+  } = obj.bucket_credential;
 
   switch (vendor) {
     case 'aws_s3':
@@ -658,6 +665,9 @@ function encryptBucketCredential(obj) {
       assert(secret_access_key, 'invalid aws S3 bucket credential: secret_access_key is required');
       assert(name, 'invalid aws bucket name: name is required');
       assert(region, 'invalid aws bucket region: region is required');
+      if (isObscureKey(obj.bucket_credential) && hasValue(storedCredentials)) {
+        secret_access_key = storedCredentials.secret_access_key;
+      }
       const awsData = JSON.stringify({vendor, region, name, access_key_id,
         secret_access_key, tags});
       obj.bucket_credential = encrypt(awsData);
@@ -667,18 +677,27 @@ function encryptBucketCredential(obj) {
       assert(secret_access_key, 'invalid aws S3 bucket credential: secret_access_key is required');
       assert(name, 'invalid aws bucket name: name is required');
       assert(endpoint, 'invalid endpoint uri: endpoint is required');
+      if (isObscureKey(obj.bucket_credential) && hasValue(storedCredentials)) {
+        secret_access_key = storedCredentials.secret_access_key;
+      }
       const s3Data = JSON.stringify({vendor, endpoint, name, access_key_id,
         secret_access_key, tags});
       obj.bucket_credential = encrypt(s3Data);
       break;
     case 'google':
       assert(service_key, 'invalid google cloud storage credential: service_key is required');
+      if (isObscureKey(obj.bucket_credential) && hasValue(storedCredentials)) {
+        service_key = storedCredentials.service_key;
+      }
       const googleData = JSON.stringify({vendor, name, service_key, tags});
       obj.bucket_credential = encrypt(googleData);
       break;
     case 'azure':
       assert(name, 'invalid azure container name: name is required');
       assert(connection_string, 'invalid azure cloud storage credential: connection_string is required');
+      if (isObscureKey(obj.bucket_credential) && hasValue(storedCredentials)) {
+        connection_string = storedCredentials.connection_string;
+      }
       const azureData = JSON.stringify({vendor, name, connection_string, tags});
       obj.bucket_credential = encrypt(azureData);
       break;
@@ -736,7 +755,17 @@ router.put('/:sid', async(req, res) => {
       delete obj.registration_hook;
       delete obj.queue_event_hook;
 
-      encryptBucketCredential(obj);
+      let storedBucketCredentials = {};
+      if (isObscureKey(obj?.bucket_credential)) {
+        const [account] = await Account.retrieve(sid) || [];
+        /* to avoid overwriting valid credentials with the obscured secret,
+         * that the frontend might send, we pass the stored account bucket credentials
+         * in the case it is a obscured key, we replace it with the stored one
+         */
+        storedBucketCredentials = account.bucket_credential;
+      }
+
+      encryptBucketCredential(obj, storedBucketCredentials);
 
       const rowsAffected = await Account.update(sid, obj);
       if (rowsAffected === 0) {
@@ -836,6 +865,13 @@ router.post('/:sid/BucketCredentialTest', async(req, res) => {
   try {
     const account_sid = parseAccountSid(req);
     await validateRequest(req, account_sid);
+    /* if the req.body bucket credentials contain an obscured key, replace with stored account.bucket_credential */
+    if (isObscureKey(req.body)) {
+      const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
+      const [account] = await Account.retrieve(account_sid, service_provider_sid) || [];
+      if (!account) return res.status(404).end();
+      req.body = account.bucket_credential;
+    }
     const {vendor, name, region, access_key_id, secret_access_key, service_key, connection_string, endpoint} = req.body;
     const ret = {
       status: 'not tested'

lib/routes/api/applications.js

@@ -156,7 +156,8 @@ router.get('/', async(req, res) => {
   try {
     const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
     const account_sid = req.user.hasAccountAuth ? req.user.account_sid : null;
-    const results = await Application.retrieveAll(service_provider_sid, account_sid);
+    const name = req.query.name;
+    const results = await Application.retrieveAll(service_provider_sid, account_sid, name);
     res.status(200).json(results);
   } catch (err) {
     sysError(logger, res, err);

lib/routes/api/google-custom-voices.js

@@ -4,6 +4,9 @@ const SpeechCredential = require('../../models/speech-credential');
 const decorate = require('./decorate');
 const {DbErrorBadRequest, DbErrorForbidden} = require('../../utils/errors');
 const sysError = require('../error');
+const multer = require('multer');
+const upload = multer({ dest: '/tmp/csv/' });
+const fs = require('fs');
 
 const validateCredentialPermission = async(req) => {
   const credential = await SpeechCredential.retrieve(req.body.speech_credential_sid);
@@ -41,6 +44,33 @@ const preconditions = {
 
 decorate(router, GoogleCustomVoice, ['add', 'retrieve', 'update', 'delete'], preconditions);
 
+const voiceCloningKeySubString = (voice_cloning_key) => {
+  return voice_cloning_key ? voice_cloning_key.substring(0, 100) + '...' : undefined;
+};
+
+router.get('/: sid', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    const {sid} = req.params;
+    const account_sid = req.user.account_sid;
+    const service_provider_sid = req.user.service_provider_sid;
+
+    const google_voice = await GoogleCustomVoice.retrieve(sid);
+    google_voice.voice_cloning_key = voiceCloningKeySubString(google_voice.voice_cloning_key);
+    if (!google_voice) {
+      return res.sendStatus(404);
+    }
+    if (req.user.hasScope('service_provider') && google_voice.service_provider_sid !== service_provider_sid ||
+      req.user.hasScope('account') && google_voice.account_sid !== account_sid) {
+      throw new DbErrorForbidden('Insufficient privileges');
+    }
+
+    return res.status(200).json(google_voice);
+  } catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 router.get('/', async(req, res) => {
   const logger = req.app.locals.logger;
   const account_sid = req.user.account_sid || req.query.account_sid;
@@ -67,7 +97,37 @@ router.get('/', async(req, res) => {
       }
       results = await GoogleCustomVoice.retrieveAllByLabel(service_provider_sid, account_sid, label);
     }
-    res.status(200).json(results);
+    res.status(200).json(results.map((r) => {
+      r.voice_cloning_key = voiceCloningKeySubString(r.voice_cloning_key);
+      return r;
+    }));
+  } catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
+router.post('/:sid/VoiceCloningKey', upload.single('file'), async(req, res) => {
+  const {logger} = req.app.locals;
+  const {sid} = req.params;
+  const account_sid = req.user.account_sid;
+  const service_provider_sid = req.user.service_provider_sid;
+  try {
+    const google_voice = await GoogleCustomVoice.retrieve(sid);
+    if (!google_voice) {
+      return res.sendStatus(404);
+    }
+    if (req.user.hasScope('service_provider') && google_voice.service_provider_sid !== service_provider_sid ||
+      req.user.hasScope('account') && google_voice.account_sid !== account_sid) {
+      throw new DbErrorForbidden('Insufficient privileges');
+    }
+
+    const voice_cloning_key = Buffer.from(fs.readFileSync(req.file.path)).toString();
+    await GoogleCustomVoice.update(sid, {
+      voice_cloning_key
+    });
+    fs.unlinkSync(req.file.path);
+    return res.sendStatus(204);
+
   } catch (err) {
     sysError(logger, res, err);
   }

lib/routes/api/speech-credentials.js

@@ -11,7 +11,8 @@ const {decryptCredential, testWhisper, testDeepgramTTS,
   testRimelabs,
   testVerbioTts,
   testVerbioStt,
-  testSpeechmaticsStt} = require('../../utils/speech-utils');
+  testSpeechmaticsStt,
+  testCartesia} = require('../../utils/speech-utils');
 const {DbErrorUnprocessableRequest, DbErrorForbidden, DbErrorBadRequest} = require('../../utils/errors');
 const {
   testGoogleTts,
@@ -141,6 +142,7 @@ const encryptCredential = (obj) => {
     instance_id,
     custom_stt_url,
     custom_tts_url,
+    custom_tts_streaming_url,
     auth_token = '',
     cobalt_server_uri,
     model_id,
@@ -251,6 +253,12 @@ const encryptCredential = (obj) => {
       const playhtData = JSON.stringify({api_key, user_id, voice_engine, options});
       return encrypt(playhtData);
 
+    case 'cartesia':
+      assert(api_key, 'invalid cartesia speech credential: api_key is required');
+      assert(model_id, 'invalid cartesia speech credential: model_id is required');
+      const cartesiaData = JSON.stringify({api_key, model_id, options});
+      return encrypt(cartesiaData);
+
     case 'rimelabs':
       assert(api_key, 'invalid rimelabs speech credential: api_key is required');
       assert(model_id, 'invalid rimelabs speech credential: model_id is required');
@@ -277,7 +285,7 @@ const encryptCredential = (obj) => {
 
     default:
       if (vendor.startsWith('custom:')) {
-        const customData = JSON.stringify({auth_token, custom_stt_url, custom_tts_url});
+        const customData = JSON.stringify({auth_token, custom_stt_url, custom_tts_url, custom_tts_streaming_url});
         return encrypt(customData);
       }
       else assert(false, `invalid or missing vendor: ${vendor}`);
@@ -461,6 +469,7 @@ router.put('/:sid', async(req, res) => {
           custom_stt_endpoint_url,
           custom_stt_url,
           custom_tts_url,
+          custom_tts_streaming_url,
           cobalt_server_uri,
           model_id,
           voice_engine,
@@ -489,6 +498,7 @@ router.put('/:sid', async(req, res) => {
           nuance_tts_uri,
           custom_stt_url,
           custom_tts_url,
+          custom_tts_streaming_url,
           cobalt_server_uri,
           model_id,
           voice_engine,
@@ -804,6 +814,22 @@ router.get('/:sid/test', async(req, res) => {
           SpeechCredential.ttsTestResult(sid, false);
         }
       }
+    } else if (cred.vendor === 'cartesia') {
+      if (cred.use_for_tts) {
+        try {
+          await testCartesia(logger, synthAudio, credential);
+          results.tts.status = 'ok';
+          SpeechCredential.ttsTestResult(sid, true);
+        } catch (err) {
+          let reason = err.message;
+          // if error is from bent, let get the body
+          try {
+            reason = await err.text();
+          } catch {}
+          results.tts = {status: 'fail', reason};
+          SpeechCredential.ttsTestResult(sid, false);
+        }
+      }
     } else if (cred.vendor === 'rimelabs') {
       if (cred.use_for_tts) {
         try {

lib/routes/api/utils.js

@@ -440,6 +440,22 @@ const validatePasswordSettings = async(password) => {
   return;
 };
 
+function hasValue(data) {
+  if (typeof data === 'string') {
+    return data && data.length > 0;
+  } else if (Array.isArray(data)) {
+    return data && data.length > 0;
+  } else if (typeof data === 'object') {
+    return data && Object.keys(data).length > 0;
+  } else if (typeof data === 'number') {
+    return data !== null;
+  } else if (typeof data === 'boolean') {
+    return data !== null;
+  } else {
+    return false;
+  }
+}
+
 module.exports = {
   setupFreeTrial,
   createTestCdrs,
@@ -460,5 +476,6 @@ module.exports = {
   checkLimits,
   enableSubspace,
   disableSubspace,
-  validatePasswordSettings
+  validatePasswordSettings,
+  hasValue,
 };

lib/utils/encrypt-decrypt.js

@@ -17,10 +17,15 @@ const encrypt = (text) => {
 };
 
 const decrypt = (data) => {
-  const hash = JSON.parse(data);
-  const decipher = crypto.createDecipheriv(algorithm, secretKey, Buffer.from(hash.iv, 'hex'));
-  const decrpyted = Buffer.concat([decipher.update(Buffer.from(hash.content, 'hex')), decipher.final()]);
-  return decrpyted.toString();
+  try {
+    const hash = JSON.parse(data);
+    const decipher = crypto.createDecipheriv(algorithm, secretKey, Buffer.from(hash.iv, 'hex'));
+    const decrpyted = Buffer.concat([decipher.update(Buffer.from(hash.content, 'hex')), decipher.final()]);
+    return decrpyted.toString();
+  } catch (error) {
+    console.error('Error while decrypting data', error);
+    return '{}';
+  }
 };
 
 const obscureKey = (key, key_spoiler_length = 6) => {
@@ -33,8 +38,85 @@ const obscureKey = (key, key_spoiler_length = 6) => {
   return `${key.slice(0, key_spoiler_length)}${key_spoiler_char.repeat(key.length - key_spoiler_length)}`;
 };
 
+function isObscureKey(bucketCredentials) {
+  if (!bucketCredentials) {
+    return false;
+  }
+
+  try {
+    const {
+      vendor,
+      secret_access_key = '',
+      service_key = '',
+      connection_string = ''
+    } = bucketCredentials || {};
+    let pattern;
+    switch (vendor) {
+      case 'aws_s3':
+      case 's3_compatible':
+        pattern = /^([A-Za-z0-9]{4,6}X+$)/;
+        return pattern.test(secret_access_key);
+      case 'azure':
+        pattern = /^https:[A-Za-z0-9\/.:?=&_-]+$/;
+        return pattern.test(connection_string);
+
+      case 'google': {
+        pattern = /^([A-Za-z0-9]{4,6}X+$)/;
+        let {private_key} = JSON.parse(service_key);
+        const key_header = '-----BEGIN PRIVATE KEY-----\n';
+        private_key = private_key.slice(key_header.length, private_key.length);
+        return pattern.test(private_key || '');
+      }
+    }
+    return false;
+  } catch (error) {
+    console.log('Error in isObscureKey', error);
+    return false;
+  }
+}
+
+/**
+ * obscure sensitive data in bucket credentials
+ * an obscured key contains of 6 'spoiled' characters of the key followed by 'X' characters
+ * '123456XXXXXXXXXXXXXXXXXXXXXXXX'
+ * @param {*} obj
+ * @returns
+ */
+function obscureBucketCredentialsSensitiveData(obj) {
+  if (!obj) return obj;
+  const {vendor, service_key, connection_string, secret_access_key} = obj;
+  switch (vendor) {
+    case 'aws_s3':
+    case 's3_compatible':
+      obj.secret_access_key = obscureKey(secret_access_key);
+      break;
+    case 'google':
+      const o = JSON.parse(service_key);
+      let private_key = o.private_key;
+      if (!isObscureKey(obj)) {
+        const key_header = '-----BEGIN PRIVATE KEY-----\n';
+        private_key = o.private_key.slice(key_header.length, o.private_key.length);
+        private_key = `${key_header}${obscureKey(private_key)}`;
+      }
+      const obscured = {
+        ...o,
+        private_key
+      };
+      obj.service_key = JSON.stringify(obscured);
+      break;
+    case 'azure':
+      obj.connection_string = obscureKey(connection_string);
+      break;
+  }
+
+  return obj;
+}
+
+
 module.exports = {
   encrypt,
   decrypt,
-  obscureKey
+  obscureKey,
+  isObscureKey,
+  obscureBucketCredentialsSensitiveData,
 };

lib/utils/speech-data/tts-cartesia.js

@@ -0,0 +1,301 @@
+/* eslint-disable max-len */
+module.exports = [
+  {
+    value: 'en',
+    name: 'English',
+    voices: [
+      {
+        value: '79f8b5fb-2cc8-479a-80df-29f7a7cf1a3e',
+        name: 'Nonfiction Man - This voice is smooth, confident, and resonant, perfect for narrating educational content',
+      },
+      {
+        value: 'e00d0e4c-a5c8-443f-a8a3-473eb9a62355',
+        name: 'Friendly Sidekick - This voice is friendly and supportive, designed for voicing characters in games and videos',
+      },
+      {
+        value: '3b554273-4299-48b9-9aaf-eefd438e3941',
+        name: 'Indian Lady - This voice is young, rich, and curious, perfect for a narrator or fictional character',
+      },
+      {
+        value: '71a7ad14-091c-4e8e-a314-022ece01c121',
+        name: 'British Reading Lady - This is a calm and elegant voice with a British accent, perfect for storytelling and narration',
+      },
+      {
+        value: '4d2fd738-3b3d-4368-957a-bb4805275bd9',
+        name: 'British Narration Lady - This is a neutral voice with a British accent, perfect for narrations ',
+      },
+      {
+        value: '15a9cd88-84b0-4a8b-95f2-5d583b54c72e',
+        name: 'Reading Lady - This voice is monotone and deliberate, perfect for a slower-paced and more serious reading voice',
+      },
+      {
+        value: 'd46abd1d-2d02-43e8-819f-51fb652c1c61',
+        name: 'Newsman - This voice is neutral and educational, perfect for a news anchor',
+      },
+      {
+        value: '2ee87190-8f84-4925-97da-e52547f9462c',
+        name: 'Child - This voice is young and full, perfect for a child',
+      },
+      {
+        value: 'cd17ff2d-5ea4-4695-be8f-42193949b946',
+        name: 'Meditation Lady - This voice is calm, soothing, and relaxing, perfect for meditation',
+      },
+      {
+        value: '5345cf08-6f37-424d-a5d9-8ae1101b9377',
+        name: 'Maria - This voice is laid back, natural, and conversational, like you\'re catching up with a good friend',
+      },
+      {
+        value: '41534e16-2966-4c6b-9670-111411def906',
+        name: '1920\'s Radioman - This voice is energetic and confident, great for an entertainer or radio host',
+      },
+      {
+        value: 'bf991597-6c13-47e4-8411-91ec2de5c466',
+        name: 'Newslady - This voice is authoritative and educational, perfect for a news anchor',
+      },
+      {
+        value: '00a77add-48d5-4ef6-8157-71e5437b282d',
+        name: 'Calm Lady - This voice is calm and nurturing, perfect for a narrator',
+      },
+      {
+        value: '156fb8d2-335b-4950-9cb3-a2d33befec77',
+        name: 'Helpful Woman - This voice is friendly and conversational, designed for customer support agents and casual conversations',
+      },
+      {
+        value: '36b42fcb-60c5-4bec-b077-cb1a00a92ec6',
+        name: 'Pilot over Intercom - This voice sounds like a British Pilot character speaking over an Intercom',
+      },
+      {
+        value: 'f146dcec-e481-45be-8ad2-96e1e40e7f32',
+        name: 'Reading Man - Male with calm narrational voice.',
+      },
+      {
+        value: '34575e71-908f-4ab6-ab54-b08c95d6597d',
+        name: 'New York Man - This voice is compelling and husky, with a New York accent, perfect for sales pitches and motivational content',
+      },
+      {
+        value: 'a0e99841-438c-4a64-b679-ae501e7d6091',
+        name: 'Barbershop Man - This voice is smooth and relaxing, perfect for a casual conversation',
+      },
+      {
+        value: '638efaaa-4d0c-442e-b701-3fae16aad012',
+        name: 'Indian Man - This voice is smooth with an Indian accent, perfect for a narrator',
+      },
+      {
+        value: '41f3c367-e0a8-4a85-89e0-c27bae9c9b6d',
+        name: 'Australian Customer Support Man - This voice is warm with an Australian accent, perfect for customer support agents',
+      },
+      {
+        value: '421b3369-f63f-4b03-8980-37a44df1d4e8',
+        name: 'Friendly Australian Man - This voice is rich and deep, with an Australian accent, perfect for casual conversations with a friend',
+      },
+      {
+        value: 'b043dea0-a007-4bbe-a708-769dc0d0c569',
+        name: 'Wise Man - This is a deep and deliberate voice, suited for educational content and conversations',
+      },
+      {
+        value: '69267136-1bdc-412f-ad78-0caad210fb40',
+        name: 'Friendly Reading Man - This voice is energetic and friendly, like having your friend read his favorite book to you',
+      },
+      {
+        value: 'a167e0f3-df7e-4d52-a9c3-f949145efdab',
+        name: 'Customer Support Man - This voice is clear and calm, perfect for a call center',
+      },
+      {
+        value: '4f8651b0-bbbd-46ac-8b37-5168c5923303',
+        name: 'Kentucky Woman - This voice is energetic and upbeat, with a slight Kentucky accent, perfect for speeches and rallies',
+      },
+      {
+        value: 'daf747c6-6bc2-4083-bd59-aa94dce23f5d',
+        name: 'Middle Eastern Woman - This voice is clear with a Middle Eastern Accent, perfect for a narrator',
+      },
+      {
+        value: '694f9389-aac1-45b6-b726-9d9369183238',
+        name: 'Sarah - This voice is natural and expressive with an American accent, perfect for a wide range of conversational use cases including customer support, sales, reception, and more.',
+      },
+      {
+        value: '794f9389-aac1-45b6-b726-9d9369183238',
+        name: 'Sarah Curious - This voice is similar to Sarah, but has improved emphasis for questions.',
+      },
+      {
+        value: '21b81c14-f85b-436d-aff5-43f2e788ecf8',
+        name: 'Laidback Woman - This voice is laid back and husky, with a slight Californian accent',
+      },
+      {
+        value: 'a3520a8f-226a-428d-9fcd-b0a4711a6829',
+        name: 'Reflective Woman - This voice is even, full, and reflective, perfect for a young narrator for an audiobook or movie',
+      },
+      {
+        value: '829ccd10-f8b3-43cd-b8a0-4aeaa81f3b30',
+        name: 'Customer Support Lady - This voice is polite and helpful, perfect for customer support agents',
+      },
+      {
+        value: '79a125e8-cd45-4c13-8a67-188112f4dd22',
+        name: 'British Lady - This voice is elegant with a slight British accent, perfect for storytelling and narrating',
+      },
+      {
+        value: 'c8605446-247c-4d39-acd4-8f4c28aa363c',
+        name: 'Wise Lady - This voice is wise and authoritative, perfect for a confident narrator',
+      },
+      {
+        value: '8985388c-1332-4ce7-8d55-789628aa3df4',
+        name: 'Australian Narrator Lady - This voice is even and neutral, with an Australian accent, designed for narrating content and stories',
+      },
+      {
+        value: 'ff1bb1a9-c582-4570-9670-5f46169d0fc8',
+        name: 'Indian Customer Support Lady - This voice is clear and polite, with an Indian accent, suitable for customer support agents',
+      },
+      {
+        value: '820a3788-2b37-4d21-847a-b65d8a68c99a',
+        name: 'Salesman - This voice is smooth and persuasive, perfect for sales pitches and phone conversations',
+      },
+      {
+        value: 'f114a467-c40a-4db8-964d-aaba89cd08fa',
+        name: 'Yogaman - This voice is calm, soothing, and stable, perfect for a yoga instructor',
+      },
+      {
+        value: 'c45bc5ec-dc68-4feb-8829-6e6b2748095d',
+        name: 'Movieman - This voice is deep, resonant, and assertive, perfect for a movie narrator',
+      },
+      {
+        value: '87748186-23bb-4158-a1eb-332911b0b708',
+        name: 'Wizardman - This voice is wise and mysterious, perfect for a Wizard character',
+      },
+      {
+        value: '043cfc81-d69f-4bee-ae1e-7862cb358650',
+        name: 'Australian Woman - This voice is deliberate and confident, with a slight Australian accent, perfect for inspiring characters in videos and stories',
+      },
+      {
+        value: '5619d38c-cf51-4d8e-9575-48f61a280413',
+        name: 'Announcer Man - This voice is deep and inviting, perfect for entertainment and broadcasting content',
+      },
+      {
+        value: '42b39f37-515f-4eee-8546-73e841679c1d',
+        name: 'Wise Guide Man - This voice is deep and deliberate, perfect for inspiring and guiding characters in games and videos',
+      },
+      {
+        value: '565510e8-6b45-45de-8758-13588fbaec73',
+        name: 'Midwestern Man - This voice is neutral and smooth, with a slight midwestern accent, perfect for narrations',
+      },
+      {
+        value: '726d5ae5-055f-4c3d-8355-d9677de68937',
+        name: 'Kentucky Man - This voice is laidback and smooth, with a Kentucky accent, perfect for a casual conversation',
+      },
+      {
+        value: '63ff761f-c1e8-414b-b969-d1833d1c870c',
+        name: 'Confident British Man - This voice is disciplined with a British accent, perfect for a commanding character or narrator',
+      },
+      {
+        value: '98a34ef2-2140-4c28-9c71-663dc4dd7022',
+        name: 'Southern Man - This voice is warm with a Southern accent, perfect for a narrator',
+      },
+      {
+        value: '95856005-0332-41b0-935f-352e296aa0df',
+        name: 'Classy British Man - This voice is light and smooth with a British accent, perfect for casual conversation',
+      },
+      {
+        value: 'ee7ea9f8-c0c1-498c-9279-764d6b56d189',
+        name: 'Polite Man - This voice is polite and conversational, with a slight accent, designed for customer support and casual conversations',
+      },
+      {
+        value: '40104aff-a015-4da1-9912-af950fbec99e',
+        name: 'Alabama Male - This voice has a strong Southern Accent, perfect for conversations and instructional videos',
+      },
+      {
+        value: '13524ffb-a918-499a-ae97-c98c7c4408c4',
+        name: 'Australian Male - This voice is smooth and disciplined, with an Australian Accent, suited for narrating educational content',
+      },
+      {
+        value: '1001d611-b1a8-46bd-a5ca-551b23505334',
+        name: 'Anime Girl - This voice is expressive and has a high pitch, suitable for anime or gaming characters',
+      },
+      {
+        value: 'e3827ec5-697a-4b7c-9704-1a23041bbc51',
+        name: 'Sweet Lady - This voice is sweet and passionate, perfect for a character in a game or book',
+      },
+      {
+        value: 'c2ac25f9-ecc4-4f56-9095-651354df60c0',
+        name: 'Commercial Lady - This voice is inviting, enthusiastic, and relatable, perfect for a commercial or advertisement',
+      },
+      {
+        value: '573e3144-a684-4e72-ac2b-9b2063a50b53',
+        name: 'Teacher Lady - This voice is neutral and clear, perfect for narrating educational content',
+      },
+      {
+        value: '8f091740-3df1-4795-8bd9-dc62d88e5131',
+        name: 'Princess - This voice is light, freindly and has a flourish, perfect for character work in videos and games',
+      },
+      {
+        value: '7360f116-6306-4e9a-b487-1235f35a0f21',
+        name: 'Commercial Man - This voice is upbeat and enthusiastic, perfect for commercials and advertisements',
+      },
+      {
+        value: '03496517-369a-4db1-8236-3d3ae459ddf7',
+        name: 'ASMR Lady - This voice is calming and soft, perfect for guided meditations and soothing content',
+      },
+      {
+        value: '248be419-c632-4f23-adf1-5324ed7dbf1d',
+        name: 'Professional Woman - This voice is neutral and calm, perfect for a call center',
+      },
+      {
+        value: 'bd9120b6-7761-47a6-a446-77ca49132781',
+        name: 'Tutorial Man - This voice is inviting and calming, perfect for tutorials',
+      },
+      {
+        value: '34bde396-9fde-4ebf-ad03-e3a1d1155205',
+        name: 'New York Woman - This voice commands authority, with a New York accent, perfect for a commanding narrator or character',
+      },
+      {
+        value: '11af83e2-23eb-452f-956e-7fee218ccb5c',
+        name: 'Midwestern Woman - This voice is neutral and deliberate, with a midwestern accent, suitable for news broadcasts and narration',
+      },
+      {
+        value: 'ed81fd13-2016-4a49-8fe3-c0d2761695fc',
+        name: 'Sportsman - This voice is energetic and enthusiastic, perfect for a sports broadcaster',
+      },
+      {
+        value: '996a8b96-4804-46f0-8e05-3fd4ef1a87cd',
+        name: 'Storyteller Lady - This voice is neutral and smooth, with a slight Canadian accent, perfect for narrations',
+      },
+      {
+        value: 'fb26447f-308b-471e-8b00-8e9f04284eb5',
+        name: 'Doctor Mischief - This is an expressive character voice, suited to whimsical characters for games and educational content',
+      },
+      {
+        value: '50d6beb4-80ea-4802-8387-6c948fe84208',
+        name: 'The Merchant - This voice is playful and quirky, designed for character work in games and videos',
+      },
+      {
+        value: 'e13cae5c-ec59-4f71-b0a6-266df3c9bb8e',
+        name: 'Madame Mischief - This voice is mischeivious and playful, suitable for voicing characters for kids content and games',
+      },
+      {
+        value: '5c42302c-194b-4d0c-ba1a-8cb485c84ab9',
+        name: 'Female Nurse - This voice is clear and firm, perfect for nurse characters and instructional videos',
+      },
+      {
+        value: 'f9836c6e-a0bd-460e-9d3c-f7299fa60f94',
+        name: 'Southern Woman - This voice is friendly and inviting, with a slight Southern Accent, perfect for conversations and phone calls',
+      },
+      {
+        value: 'a01c369f-6d2d-4185-bc20-b32c225eab70',
+        name: 'British Customer Support Lady - This voice is friendly and polite, with a British accent, perfect for phone conversations',
+      },
+      {
+        value: 'b7d50908-b17c-442d-ad8d-810c63997ed9',
+        name: 'California Girl - This voice is enthusiastic and friendly, perfect for a casual conversation between friends',
+      },
+      {
+        value: 'f785af04-229c-4a7c-b71b-f3194c7f08bb',
+        name: 'John - This voice is natural and empathetic with an American accent, perfect for use cases like demos and customer support calls.',
+      },
+      {
+        value: '729651dc-c6c3-4ee5-97fa-350da1f88600',
+        name: 'Pleasant Man - A pleasant male voice that\'s good for use cases like demos and customer support calls',
+      },
+      {
+        value: '91b4cf29-5166-44eb-8054-30d40ecc8081',
+        name: 'Anna - This voice is natural and expressive with an American accent, perfect for use cases like interviews and customer support calls.',
+      },
+    ],
+  },
+];

lib/utils/speech-data/tts-deepgram.js

@@ -0,0 +1,28 @@
+const TtsDeepgramLanguagesVoiceRaw = require('./tts-model-deepgram');
+
+const languagesVoices = [];
+
+TtsDeepgramLanguagesVoiceRaw.forEach((data) => {
+  const lang = languagesVoices.find((l) => {
+    return l.value === data.locale;
+  });
+
+  if (!lang) {
+    languagesVoices.push({
+      value: data.locale,
+      name: data.localeName,
+      voices: TtsDeepgramLanguagesVoiceRaw
+        .filter((d) => {
+          return d.locale === data.locale;
+        })
+        .map((d) => {
+          return {
+            value: d.value,
+            name: `${d.name}`,
+          };
+        }),
+    });
+  }
+});
+
+module.exports = languagesVoices;

lib/utils/speech-data/tts-model-cartesia.js

@@ -0,0 +1,25 @@
+module.exports = [
+  {
+    name: 'Sonic',
+    value: 'sonic',
+    languages: ['en', 'fr', 'de', 'es', 'pt', 'zh', 'ja', 'hi', 'it', 'ko', 'nl', 'pl', 'ru', 'sv', 'tr']
+  },
+  { name: 'Sonic Preview', value: 'sonic-preview', languages: ['en'] },
+  {
+    name: 'Sonic 2024-12-12',
+    value: 'sonic-2024-12-12',
+    languages: ['en', 'fr', 'de', 'es', 'pt', 'zh', 'ja', 'hi', 'it', 'ko', 'nl', 'pl', 'ru', 'sv', 'tr']
+  },
+  {
+    name: 'Sonic 2024-10-19',
+    value: 'sonic-2024-10-19',
+    languages: ['en', 'fr', 'de', 'es', 'pt', 'zh', 'ja', 'hi', 'it', 'ko', 'nl', 'pl', 'ru', 'sv', 'tr']
+  },
+  { name: 'Sonic English', value: 'sonic-english', languages: ['en'] },
+  {
+    name: 'Sonic Multilingual',
+    value: 'sonic-multilingual',
+    languages: ['en', 'fr', 'de', 'es', 'pt', 'zh', 'ja', 'hi', 'it', 'ko', 'nl', 'pl', 'ru', 'sv', 'tr']
+  },
+];
+

lib/utils/speech-data/tts-model-deepgram.js

@@ -1,14 +1,68 @@
 module.exports = [
-  { name: 'Asteria English (US) Female', value: 'aura-asteria-en' },
-  { name: 'Luna English (US) Female', value: 'aura-luna-en' },
-  { name: 'Stella English (US) Female', value: 'aura-stella-en' },
-  { name: 'Stella English (UK) Female', value: 'aura-athena-en' },
-  { name: 'Hera English (US) Female', value: 'aura-hera-en' },
-  { name: 'Orion English (US) Male', value: 'aura-orion-en' },
-  { name: 'Arcas English (US) Male', value: 'aura-arcas-en' },
-  { name: 'Perseus English (US) Male', value: 'aura-perseus-en' },
-  { name: 'Angus English (Ireland) Male', value: 'aura-angus-en' },
-  { name: 'Orpheus English (US) Male', value: 'aura-orpheus-en' },
-  { name: 'Helios English (UK) Male', value: 'aura-helios-en' },
-  { name: 'Zeus English (US) Male', value: 'aura-zeus-en' },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Asteria English (US) Female',
+    value: 'aura-asteria-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Luna English (US) Female',
+    value: 'aura-luna-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Stella English (US) Female',
+    value: 'aura-stella-en'
+  },
+  {
+    locale: 'en-GB',
+    localeName: 'English (UK)',
+    name: 'Stella English (UK) Female',
+    value: 'aura-athena-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Hera English (US) Female',
+    value: 'aura-hera-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Orion English (US) Male',
+    value: 'aura-orion-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Arcas English (US) Male',
+    value: 'aura-arcas-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Perseus English (US) Male',
+    value: 'aura-perseus-en'
+  },
+  {
+    locale: 'en-IE',
+    localeName: 'English (Ireland)',
+    name: 'Angus English (Ireland) Male',
+    value: 'aura-angus-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Orpheus English (US) Male',
+    value: 'aura-orpheus-en'
+  },
+  {
+    locale: 'en-US',
+    localeName: 'English (US)',
+    name: 'Zeus English (US) Male',
+    value: 'aura-zeus-en'
+  },
 ];

lib/utils/speech-data/tts-verbio.js

@@ -1,14 +1,4 @@
 module.exports = [
-  {
-    value: 'en-US',
-    name: 'US English',
-    voices: [
-      {
-        value: 'tommy_en_us',
-        name: 'Tommy-Male',
-      },
-    ],
-  },
   {
     value: 'es-ES',
     name: 'Castilian Spanish',
@@ -27,12 +17,6 @@ module.exports = [
         value: 'miguel_es_pe',
         name: 'Miguel-Male',
       },
-    ],
-  },
-  {
-    value: 'es-PE',
-    name: 'Peruvian Spanish',
-    voices: [
       {
         value: 'luz_es_pe',
         name: 'Luz-Female',

lib/utils/speech-utils.js

@@ -22,11 +22,13 @@ const TtsPlayHtLanguagesVoices = require('./speech-data/tts-playht');
 const TtsVerbioLanguagesVoices = require('./speech-data/tts-verbio');
 
 const TtsModelDeepgram = require('./speech-data/tts-model-deepgram');
+const TtsLanguagesDeepgram = require('./speech-data/tts-deepgram');
 const TtsModelElevenLabs = require('./speech-data/tts-model-elevenlabs');
 const TtsModelWhisper = require('./speech-data/tts-model-whisper');
 const TtsModelPlayHT = require('./speech-data/tts-model-playht');
 const ttsLanguagesPlayHt = require('./speech-data/tts-languages-playht');
 const TtsModelRimelabs = require('./speech-data/tts-model-rimelabs');
+const TtsModelCartesia = require('./speech-data/tts-model-cartesia');
 
 const SttGoogleLanguagesVoices = require('./speech-data/stt-google');
 const SttAwsLanguagesVoices = require('./speech-data/stt-aws');
@@ -40,6 +42,8 @@ const SttSonioxLanguagesVoices = require('./speech-data/stt-soniox');
 const SttSpeechmaticsLanguagesVoices = require('./speech-data/stt-speechmatics');
 const SttAssemblyaiLanguagesVoices = require('./speech-data/stt-assemblyai');
 const SttVerbioLanguagesVoices = require('./speech-data/stt-verbio');
+const ttsCartesia = require('./speech-data/tts-cartesia');
+const ttsModelCartesia = require('./speech-data/tts-model-cartesia');
 
 
 const testSonioxStt = async(logger, credentials) => {
@@ -606,6 +610,11 @@ function decryptCredential(obj, credential, logger, isObscureKey = true) {
     obj.user_id = o.user_id;
     obj.voice_engine = o.voice_engine;
     obj.options = o.options;
+  } else if ('cartesia' === obj.vendor) {
+    const o = JSON.parse(decrypt(credential));
+    obj.api_key = isObscureKey ? obscureKey(o.api_key) : o.api_key;
+    obj.model_id = o.model_id;
+    obj.options = o.options;
   } else if ('rimelabs' === obj.vendor) {
     const o = JSON.parse(decrypt(credential));
     obj.api_key = isObscureKey ? obscureKey(o.api_key) : o.api_key;
@@ -616,6 +625,7 @@ function decryptCredential(obj, credential, logger, isObscureKey = true) {
     obj.auth_token = isObscureKey ? obscureKey(o.auth_token) : o.auth_token;
     obj.custom_stt_url = o.custom_stt_url;
     obj.custom_tts_url = o.custom_tts_url;
+    obj.custom_tts_streaming_url = o.custom_tts_streaming_url;
   } else if ('assemblyai' === obj.vendor) {
     const o = JSON.parse(decrypt(credential));
     obj.api_key = isObscureKey ? obscureKey(o.api_key) : o.api_key;
@@ -688,6 +698,8 @@ async function getLanguagesAndVoicesForVendor(logger, vendor, credential, getTts
       return await getLanguagesVoicesForVerbio(credential, getTtsVoices, logger);
     case 'speechmatics':
       return await getLanguagesVoicesForSpeechmatics(credential, getTtsVoices, logger);
+    case 'cartesia':
+      return await getLanguagesVoicesForCartesia(credential, getTtsVoices, logger);
     default:
       logger.info(`invalid vendor ${vendor}, return empty result`);
       throw new Error(`Invalid vendor ${vendor}`);
@@ -769,7 +781,7 @@ async function getLanguagesVoicesForNuane(credential, getTtsVoices, logger) {
 }
 
 async function getLanguagesVoicesForDeepgram(credential) {
-  return tranform(undefined, SttDeepgramLanguagesVoices, TtsModelDeepgram);
+  return tranform(TtsLanguagesDeepgram, SttDeepgramLanguagesVoices, TtsModelDeepgram);
 }
 
 async function getLanguagesVoicesForIbm(credential, getTtsVoices, logger) {
@@ -821,27 +833,35 @@ async function getLanguagesVoicesForElevenlabs(credential) {
     }).sort((a, b) => a.name.localeCompare(b.name)) : [];
 
     if (languages && languages.length > 0) {
+      // using if condition to avoid \n character in name
       const voices = voiceResp ? voiceResp.voices.map((v) => {
-        let name = `${v.name}${v.category !== 'premade' ? ` (${v.category})` : ''} -
-  ${v.labels.accent ? ` ${v.labels.accent},` : ''}
-  ${v.labels.description ? ` ${v.labels.description},` : ''}
-  ${v.labels.age ? ` ${v.labels.age},` : ''}
-  ${v.labels.gender ? ` ${v.labels.gender},` : ''}
-  ${v.labels['use case'] ? ` ${v.labels['use case']},` : ''}
-  `;
+        let name = `${v.name}${v.category !== 'premade' ? ` (${v.category.trim()})` : ''} - (`;
+        if (v.labels.accent) name += `${v.labels.accent}, `;
+        if (v.labels.description) name += `${v.labels.description}, `;
+        if (v.labels.age) name += `${v.labels.age}, `;
+        if (v.labels.gender) name += `${v.labels.gender}, `;
+        if (v.labels['use case']) name += `${v.labels['use case']}, `;
+
         const lastIndex = name.lastIndexOf(',');
         if (lastIndex !== -1) {
           name = name.substring(0, lastIndex);
         }
+        name += ')';
         return {
           value: v.voice_id,
           name
         };
       }).sort((a, b) => a.name.localeCompare(b.name)) : [];
-      languages[0].voices = voices;
+      for (const language of languages) {
+        language.voices = voices;
+      }
     }
     return tranform(languages, undefined, TtsModelElevenLabs);
   } else {
+    const voices = TtsElevenlabsLanguagesVoices[0].voices;
+    for (const language of TtsElevenlabsLanguagesVoices) {
+      language.voices = voices;
+    }
     return tranform(TtsElevenlabsLanguagesVoices, undefined, TtsModelElevenLabs);
   }
 }
@@ -876,10 +896,12 @@ async function getLanguagesVoicesForPlayHT(credential) {
     const list_voices = [...cloned_voice, ...voices];
 
     const buildVoice = (d) => {
-      let name = `${d.name} -${concat(d.accent)}${concat(d.age)}${concat(d.gender)}${concat(d.loudness)}` +
+      let name = `${d.name} - (${concat(d.accent)}${concat(d.age)}${concat(d.gender)}${concat(d.loudness)}` +
       `${concat(d.style)}${concat(d.tempo)}${concat(d.texture)}` ;
       name = name.endsWith(',') ? name.trim().slice(0, -1) : name;
       name += !d.language_code ? ' - Custom Voice' : '';
+      name += ')';
+      name = name.replaceAll('( ', '(');
 
       return {
         value: `${d.id}`,
@@ -965,15 +987,18 @@ async function getLanguagesVoicesForWhisper(credential) {
 
 async function getLanguagesVoicesForVerbio(credentials, getTtsVoices, logger) {
   const stt = SttVerbioLanguagesVoices.reduce((acc, v) => {
-    if (!v.version || credentials.engine_version === v.version) {
+    if (!v.version || (credentials && credentials.engine_version === v.version)) {
       acc.push(v);
     }
     return acc;
   }, []);
   try {
-    const data = await getTtsVoices({vendor: 'verbio', credentials});
-    const voices = parseVerbioLanguagesVoices(data);
-    return tranform(voices, stt, undefined);
+    if (credentials) {
+      const data = await getTtsVoices({vendor: 'verbio', credentials});
+      const voices = parseVerbioLanguagesVoices(data);
+      return tranform(voices, stt, undefined);
+    }
+    return tranform(TtsVerbioLanguagesVoices, stt, undefined);
   } catch (err) {
     logger.info({err}, 'there is error while fetching verbio speech voices');
     return tranform(TtsVerbioLanguagesVoices, stt, undefined);
@@ -1043,7 +1068,7 @@ function parseAwsLanguagesVoices(data) {
     if (existingLanguage) {
       existingLanguage.voices.push({
         value: voice.Id,
-        name: `(${voice.Gender}) ${voice.Name}`
+        name: `${voice.Name} (${voice.Gender})`
       });
     } else {
       acc.push({
@@ -1051,7 +1076,7 @@ function parseAwsLanguagesVoices(data) {
         name: voice.LanguageName,
         voices: [{
           value: voice.Id,
-          name: `(${voice.Gender}) ${voice.Name}`
+          name: `${voice.Name} (${voice.Gender})`
         }]
       });
     }
@@ -1108,7 +1133,7 @@ function parseMicrosoftLanguagesVoices(data) {
 }
 
 function parseVerbioLanguagesVoices(data) {
-  return data.reduce((acc, voice) => {
+  return data.voices.reduce((acc, voice) => {
     const languageCode = voice.language;
     const existingLanguage = acc.find((lang) => lang.value === languageCode);
     if (existingLanguage) {
@@ -1130,6 +1155,95 @@ function parseVerbioLanguagesVoices(data) {
   }, []);
 }
 
+const fetchCartesiaVoices = async(credential) => {
+  if (credential) {
+    const get = bent('https://api.cartesia.ai', 'GET', 'json', {
+      'X-API-Key' : credential.api_key,
+      'Cartesia-Version': '2024-06-10',
+      'Accept': 'application/json'
+    });
+
+    const voices = await get('/voices');
+    return voices;
+  }
+};
+
+const testCartesia = async(logger, synthAudio, credentials) => {
+  try {
+    await synthAudio(
+      {
+        increment: () => {},
+        histogram: () => {}
+      },
+      {
+        vendor: 'cartesia',
+        credentials,
+        language: 'en',
+        voice: '694f9389-aac1-45b6-b726-9d9369183238',
+        text: 'Hi there and welcome to jambones!',
+        renderForCaching: true
+      }
+    );
+    // Test if Cartesia can fetch voices
+    await fetchCartesiaVoices(credentials);
+  } catch (err) {
+    logger.info({err}, 'synth cartesia returned error');
+    throw err;
+  }
+};
+
+async function getLanguagesVoicesForCartesia(credential) {
+  if (credential) {
+    const {model_id} = credential;
+    const {languages} = ttsModelCartesia.find((m) => m.value === model_id);
+    const voices = await fetchCartesiaVoices(credential);
+
+    const buildVoice = (d) => (
+      {
+        value: `${d.id}`,
+        name: `${d.name} - ${d.description}`
+      });
+    const languageMap = {
+      en: 'English',
+      fr: 'French',
+      de: 'German',
+      es: 'Spanish',
+      pt: 'Portuguese',
+      zh: 'Chinese',
+      ja: 'Japanese',
+      hi: 'Hindi',
+      it: 'Italian',
+      ko: 'Korean',
+      nl: 'Dutch',
+      pl: 'Polish',
+      ru: 'Russian',
+      sv: 'Swedish',
+      tr: 'Turkish',
+    };
+    const ttsVoices = voices.reduce((acc, voice) => {
+      if (!languages.includes(voice.language)) {
+        return acc;
+      }
+
+      const languageCode = voice.language;
+      const existingLanguage = acc.find((lang) => lang.value === languageCode);
+      if (existingLanguage) {
+        existingLanguage.voices.push(buildVoice(voice));
+      } else {
+        acc.push({
+          value: languageCode,
+          name: languageMap[languageCode],
+          voices: [buildVoice(voice)]
+        });
+      }
+      return acc;
+    }, []);
+
+    return tranform(ttsVoices, undefined, TtsModelCartesia);
+  }
+  return tranform(ttsCartesia, undefined, TtsModelCartesia);
+}
+
 module.exports = {
   testGoogleTts,
   testGoogleStt,
@@ -1156,5 +1270,6 @@ module.exports = {
   testVerbioTts,
   testVerbioStt,
   getLanguagesAndVoicesForVendor,
-  testSpeechmaticsStt
+  testSpeechmaticsStt,
+  testCartesia
 };

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "jambonz-api-server",
-  "version": "0.9.2",
+  "version": "0.9.3",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "jambonz-api-server",
-      "version": "0.9.2",
+      "version": "0.9.3",
       "license": "MIT",
       "dependencies": {
         "@aws-sdk/client-s3": "^3.550.0",
@@ -19,7 +19,7 @@
         "@jambonz/lamejs": "^1.2.2",
         "@jambonz/mw-registrar": "^0.2.7",
         "@jambonz/realtimedb-helpers": "^0.8.10",
-        "@jambonz/speech-utils": "^0.1.20",
+        "@jambonz/speech-utils": "^0.2.1",
         "@jambonz/time-series": "^0.2.8",
         "@jambonz/verb-specifications": "^0.0.72",
         "@soniox/soniox-node": "^1.2.2",
@@ -36,6 +36,7 @@
         "jsonwebtoken": "^9.0.2",
         "mailgun.js": "^10.2.1",
         "microsoft-cognitiveservices-speech-sdk": "1.36.0",
+        "multer": "^1.4.5-lts.1",
         "mysql2": "^3.11.0",
         "nocache": "4.0.0",
         "passport": "^0.7.0",
@@ -1778,6 +1779,72 @@
         "node": ">=6.9.0"
       }
     },
+    "node_modules/@cartesia/cartesia-js": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/@cartesia/cartesia-js/-/cartesia-js-2.1.1.tgz",
+      "integrity": "sha512-Kwcrxtay6G3hwFGyq7cwB00d+diABhi2/5Mb4vytmN+QqBgTAVYgwFweGnLDL9Ci9zFttgLE1rW8u+EA8U5P9A==",
+      "dependencies": {
+        "emittery": "^0.13.1",
+        "form-data": "^4.0.0",
+        "form-data-encoder": "^4.0.2",
+        "formdata-node": "^6.0.3",
+        "human-id": "^4.1.1",
+        "node-fetch": "2.7.0",
+        "qs": "6.11.2",
+        "readable-stream": "^4.5.2",
+        "url-join": "4.0.1",
+        "ws": "^8.15.13"
+      }
+    },
+    "node_modules/@cartesia/cartesia-js/node_modules/form-data-encoder": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/form-data-encoder/-/form-data-encoder-4.0.2.tgz",
+      "integrity": "sha512-KQVhvhK8ZkWzxKxOr56CPulAhH3dobtuQ4+hNQ+HekH/Wp5gSOafqRAeTphQUJAIk0GBvHZgJ2ZGRWd5kphMuw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 18"
+      }
+    },
+    "node_modules/@cartesia/cartesia-js/node_modules/formdata-node": {
+      "version": "6.0.3",
+      "resolved": "https://registry.npmjs.org/formdata-node/-/formdata-node-6.0.3.tgz",
+      "integrity": "sha512-8e1++BCiTzUno9v5IZ2J6bv4RU+3UKDmqWUQD0MIMVCd9AdhWkO1gw57oo1mNEX1dMq2EGI+FbWz4B92pscSQg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 18"
+      }
+    },
+    "node_modules/@cartesia/cartesia-js/node_modules/qs": {
+      "version": "6.11.2",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.2.tgz",
+      "integrity": "sha512-tDNIz22aBzCDxLtVH++VnTfzxlfeK5CbqohpSqpJgj1Wg/cQbStNAz3NuqCs5vV+pjBsK4x4pN9HlVh7rcYRiA==",
+      "license": "BSD-3-Clause",
+      "dependencies": {
+        "side-channel": "^1.0.4"
+      },
+      "engines": {
+        "node": ">=0.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/@cartesia/cartesia-js/node_modules/readable-stream": {
+      "version": "4.5.2",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
+      "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
+      "license": "MIT",
+      "dependencies": {
+        "abort-controller": "^3.0.0",
+        "buffer": "^6.0.3",
+        "events": "^3.3.0",
+        "process": "^0.11.10",
+        "string_decoder": "^1.3.0"
+      },
+      "engines": {
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
+      }
+    },
     "node_modules/@deepgram/sdk": {
       "version": "1.21.0",
       "resolved": "https://registry.npmjs.org/@deepgram/sdk/-/sdk-1.21.0.tgz",
@@ -1984,9 +2051,10 @@
       }
     },
     "node_modules/@google-cloud/text-to-speech": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/@google-cloud/text-to-speech/-/text-to-speech-5.2.0.tgz",
-      "integrity": "sha512-N05ecDkKOgiBcSZmJlWpqR6nb8HOPGjOlTp+sdY1tNlZYV8UwsseRcuEM32ReU8n95+cCp+q8D4YCucFJ/DSsA==",
+      "version": "5.5.0",
+      "resolved": "https://registry.npmjs.org/@google-cloud/text-to-speech/-/text-to-speech-5.5.0.tgz",
+      "integrity": "sha512-Cw/UK2Y3l31Vsuozu8cxsmVS/09fShimes0tRLgDbOY2ZMG1Dckb6Zf/Q3Nxg4X0feFep44pvwNmyHKrOnl9SQ==",
+      "license": "Apache-2.0",
       "dependencies": {
         "google-gax": "^4.0.3"
       },
@@ -2224,13 +2292,15 @@
       }
     },
     "node_modules/@jambonz/speech-utils": {
-      "version": "0.1.20",
-      "resolved": "https://registry.npmjs.org/@jambonz/speech-utils/-/speech-utils-0.1.20.tgz",
-      "integrity": "sha512-3Ff9zLcFoVZhrI4jBKyjgWpv/fEMx1BpJP85daRwZNC2S0BFshULJ54fQxc8S63IsdgFf6g1cLD5VxqPaqCfbQ==",
+      "version": "0.2.1",
+      "resolved": "https://registry.npmjs.org/@jambonz/speech-utils/-/speech-utils-0.2.1.tgz",
+      "integrity": "sha512-LIZ3HCW+vra626L18NiudY4v7zXVW4EvqUeeVLFM9S8fi1nGP2lHbDur/DFiN/VsJXYdNIdO4PAsILxeZXoOLg==",
+      "license": "MIT",
       "dependencies": {
         "@aws-sdk/client-polly": "^3.496.0",
         "@aws-sdk/client-sts": "^3.496.0",
-        "@google-cloud/text-to-speech": "^5.0.2",
+        "@cartesia/cartesia-js": "^2.1.0",
+        "@google-cloud/text-to-speech": "^5.5.0",
         "@grpc/grpc-js": "^1.9.14",
         "@jambonz/realtimedb-helpers": "^0.8.7",
         "bent": "^7.3.12",
@@ -3742,6 +3812,12 @@
       "resolved": "https://registry.npmjs.org/any-base/-/any-base-1.1.0.tgz",
       "integrity": "sha512-uMgjozySS8adZZYePpaWs8cxB9/kdzmpX6SgJZ+wbz1K5eYk5QMYDVJaZKhxyIHUdnnJkfR7SVgStgH7LkGUyg=="
     },
+    "node_modules/append-field": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz",
+      "integrity": "sha512-klpgFSWLW1ZEs8svjfb7g4qWY0YS5imI82dTg+QahUvJ8YqAY0P10Uk8tTyh9ZGuYEZEMaeJYCF5BFuX552hsw==",
+      "license": "MIT"
+    },
     "node_modules/append-transform": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/append-transform/-/append-transform-2.0.0.tgz",
@@ -4166,6 +4242,17 @@
         "node": ">=6.14.2"
       }
     },
+    "node_modules/busboy": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz",
+      "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==",
+      "dependencies": {
+        "streamsearch": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=10.16.0"
+      }
+    },
     "node_modules/bytes": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
@@ -4359,6 +4446,57 @@
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
       "integrity": "sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg=="
     },
+    "node_modules/concat-stream": {
+      "version": "1.6.2",
+      "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz",
+      "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==",
+      "engines": [
+        "node >= 0.8"
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "buffer-from": "^1.0.0",
+        "inherits": "^2.0.3",
+        "readable-stream": "^2.2.2",
+        "typedarray": "^0.0.6"
+      }
+    },
+    "node_modules/concat-stream/node_modules/isarray": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+      "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+      "license": "MIT"
+    },
+    "node_modules/concat-stream/node_modules/readable-stream": {
+      "version": "2.3.8",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+      "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+      "license": "MIT",
+      "dependencies": {
+        "core-util-is": "~1.0.0",
+        "inherits": "~2.0.3",
+        "isarray": "~1.0.0",
+        "process-nextick-args": "~2.0.0",
+        "safe-buffer": "~5.1.1",
+        "string_decoder": "~1.1.1",
+        "util-deprecate": "~1.0.1"
+      }
+    },
+    "node_modules/concat-stream/node_modules/safe-buffer": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+      "license": "MIT"
+    },
+    "node_modules/concat-stream/node_modules/string_decoder": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
+      "license": "MIT",
+      "dependencies": {
+        "safe-buffer": "~5.1.0"
+      }
+    },
     "node_modules/content-disposition": {
       "version": "0.5.4",
       "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
@@ -4385,9 +4523,10 @@
       "dev": true
     },
     "node_modules/cookie": {
-      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-      "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
+      "version": "0.7.1",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.1.tgz",
+      "integrity": "sha512-6DnInpx7SJ2AK3+CTUE/ZM0vWTUboZCegxhC2xiIydHR9jNuTAASBrfEpHhiGOZw/nX51bHt6YQl8jsGo4y/0w==",
+      "license": "MIT",
       "engines": {
         "node": ">= 0.6"
       }
@@ -4415,10 +4554,11 @@
       }
     },
     "node_modules/cross-spawn": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
-      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+      "version": "7.0.6",
+      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+      "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
         "path-key": "^3.1.0",
         "shebang-command": "^2.0.0",
@@ -4739,6 +4879,18 @@
       "integrity": "sha512-bx7+5Saea/qu14kmPTDHQxkp2UnziG3iajUQu3BxFvCOnpAJdDbMV4rSl+EqFDkkpNNVUFlR1kDfpL59xfy1HA==",
       "dev": true
     },
+    "node_modules/emittery": {
+      "version": "0.13.1",
+      "resolved": "https://registry.npmjs.org/emittery/-/emittery-0.13.1.tgz",
+      "integrity": "sha512-DeWwawk6r5yR9jFgnDKYt4sLS0LmHJJi3ZOnb5/JdbYwj3nW+FxQnHIjhBKz8YLC7oRNPVM9NQ47I3CVx34eqQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sindresorhus/emittery?sponsor=1"
+      }
+    },
     "node_modules/emoji-regex": {
       "version": "8.0.0",
       "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
@@ -5204,16 +5356,17 @@
       }
     },
     "node_modules/express": {
-      "version": "4.21.0",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.21.0.tgz",
-      "integrity": "sha512-VqcNGcj/Id5ZT1LZ/cfihi3ttTn+NJmkli2eZADigjq29qTlWi/hAQ43t/VLPq8+UX06FCEx3ByOYet6ZFblng==",
+      "version": "4.21.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.21.2.tgz",
+      "integrity": "sha512-28HqgMZAmih1Czt9ny7qr6ek2qddF4FclbMzwhCREB6OFfH+rXAnuNCwo1/wFvrtbgsQDb4kSbX9de9lFbrXnA==",
+      "license": "MIT",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
         "body-parser": "1.20.3",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
-        "cookie": "0.6.0",
+        "cookie": "0.7.1",
         "cookie-signature": "1.0.6",
         "debug": "2.6.9",
         "depd": "2.0.0",
@@ -5227,7 +5380,7 @@
         "methods": "~1.1.2",
         "on-finished": "2.4.1",
         "parseurl": "~1.3.3",
-        "path-to-regexp": "0.1.10",
+        "path-to-regexp": "0.1.12",
         "proxy-addr": "~2.0.7",
         "qs": "6.13.0",
         "range-parser": "~1.2.1",
@@ -5242,6 +5395,10 @@
       },
       "engines": {
         "node": ">= 0.10.0"
+      },
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/express"
       }
     },
     "node_modules/express-rate-limit": {
@@ -6117,6 +6274,15 @@
         "node": ">= 14"
       }
     },
+    "node_modules/human-id": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/human-id/-/human-id-4.1.1.tgz",
+      "integrity": "sha512-3gKm/gCSUipeLsRYZbbdA1BD83lBoWUkZ7G9VFrhWPAU76KwYo5KR8V28bpoPm/ygy0x5/GCbpRQdY7VLYCoIg==",
+      "license": "MIT",
+      "bin": {
+        "human-id": "dist/cli.js"
+      }
+    },
     "node_modules/humanize-ms": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/humanize-ms/-/humanize-ms-1.2.1.tgz",
@@ -7348,11 +7514,22 @@
       "version": "1.2.8",
       "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
       "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
-      "dev": true,
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/mkdirp": {
+      "version": "0.5.6",
+      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.6.tgz",
+      "integrity": "sha512-FP+p8RB8OWpF3YZBCrP5gtADmtXApB5AMLn+vdyA+PyxCjrCs00mjyUozssO33cwDeT3wNGdLxJ5M//YqtHAJw==",
+      "license": "MIT",
+      "dependencies": {
+        "minimist": "^1.2.6"
+      },
+      "bin": {
+        "mkdirp": "bin/cmd.js"
+      }
+    },
     "node_modules/mock-property": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/mock-property/-/mock-property-1.0.3.tgz",
@@ -7378,6 +7555,24 @@
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
       "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
     },
+    "node_modules/multer": {
+      "version": "1.4.5-lts.1",
+      "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.5-lts.1.tgz",
+      "integrity": "sha512-ywPWvcDMeH+z9gQq5qYHCCy+ethsk4goepZ45GLD63fOu0YcNecQxi64nDs3qluZB+murG3/D4dJ7+dGctcCQQ==",
+      "license": "MIT",
+      "dependencies": {
+        "append-field": "^1.0.0",
+        "busboy": "^1.0.0",
+        "concat-stream": "^1.5.2",
+        "mkdirp": "^0.5.4",
+        "object-assign": "^4.1.1",
+        "type-is": "^1.6.4",
+        "xtend": "^4.0.0"
+      },
+      "engines": {
+        "node": ">= 6.0.0"
+      }
+    },
     "node_modules/mysql2": {
       "version": "3.11.0",
       "resolved": "https://registry.npmjs.org/mysql2/-/mysql2-3.11.0.tgz",
@@ -8021,9 +8216,10 @@
       "dev": true
     },
     "node_modules/path-to-regexp": {
-      "version": "0.1.10",
-      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.10.tgz",
-      "integrity": "sha512-7lf7qcQidTku0Gu3YDPc8DJ1q7OOucfa/BSsIwjuh56VU7katFvuM8hULfkwB3Fns/rsVF7PwPKVw1sl5KQS9w=="
+      "version": "0.1.12",
+      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.12.tgz",
+      "integrity": "sha512-RA1GjUVMnvYFxuqovrEqZoxxW5NUZqbwKtYz/Tt7nXerk0LbLblQmrsgdeOxV5SFHf0UDggjS/bSeOZwt1pmEQ==",
+      "license": "MIT"
     },
     "node_modules/pause": {
       "version": "0.0.1",
@@ -8228,6 +8424,12 @@
         "node": ">= 0.6.0"
       }
     },
+    "node_modules/process-nextick-args": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
+      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==",
+      "license": "MIT"
+    },
     "node_modules/process-on-spawn": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/process-on-spawn/-/process-on-spawn-1.0.0.tgz",
@@ -9216,6 +9418,14 @@
       "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.3.tgz",
       "integrity": "sha512-76ORR0DO1o1hlKwTbi/DM3EXWGf3ZJYO8cXX5RJwnul2DEg2oyoZyjLNoQM8WsvZiFKCRfC1O0J7iCvie3RZmQ=="
     },
+    "node_modules/streamsearch": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz",
+      "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==",
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
     "node_modules/string_decoder": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
@@ -9697,6 +9907,12 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/typedarray": {
+      "version": "0.0.6",
+      "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz",
+      "integrity": "sha512-/aCDEGatGvZ2BIk+HmLf4ifCJFwvKFNb9/JeZPMulfgFracn9QFcAf5GO8B/mweUjSoblS5In0cWhqpfs/5PQA==",
+      "license": "MIT"
+    },
     "node_modules/typedarray-to-buffer": {
       "version": "3.1.5",
       "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz",
@@ -10109,6 +10325,15 @@
         "node": ">=4.0"
       }
     },
+    "node_modules/xtend": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
+      "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.4"
+      }
+    },
     "node_modules/y18n": {
       "version": "5.0.8",
       "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",

package.json

@@ -1,11 +1,12 @@
 {
   "name": "jambonz-api-server",
-  "version": "0.9.2",
+  "version": "0.9.3",
   "description": "",
   "main": "app.js",
   "scripts": {
     "start": "node app.js",
     "test": "NODE_ENV=test APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=error JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall K8S=true K8S_FEATURE_SERVER_SERVICE_NAME=127.0.0.1 K8S_FEATURE_SERVER_SERVICE_PORT=3100 node test/ ",
+    "test:encrypt-decrypt": "ENCRYPTION_SECRET=12345 node --test ./test/encrypt-decrypt.test.js",
     "integration-test": "NODE_ENV=test JAMBONES_AUTH_USE_JWT=1 JAMBONES_TIME_SERIES_HOST=127.0.0.1 AWS_REGION='us-east-1' JAMBONES_CURRENCY=USD JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_LOGLEVEL=debug JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/serve-integration.js",
     "upgrade-db": "node ./db/upgrade-jambonz-db.js",
     "coverage": "./node_modules/.bin/nyc --reporter html --report-dir ./coverage npm run test",
@@ -29,7 +30,7 @@
     "@jambonz/lamejs": "^1.2.2",
     "@jambonz/mw-registrar": "^0.2.7",
     "@jambonz/realtimedb-helpers": "^0.8.10",
-    "@jambonz/speech-utils": "^0.1.20",
+    "@jambonz/speech-utils": "^0.2.1",
     "@jambonz/time-series": "^0.2.8",
     "@jambonz/verb-specifications": "^0.0.72",
     "@soniox/soniox-node": "^1.2.2",
@@ -46,6 +47,7 @@
     "jsonwebtoken": "^9.0.2",
     "mailgun.js": "^10.2.1",
     "microsoft-cognitiveservices-speech-sdk": "1.36.0",
+    "multer": "^1.4.5-lts.1",
     "mysql2": "^3.11.0",
     "nocache": "4.0.0",
     "passport": "^0.7.0",

test/applications.js

@@ -121,6 +121,25 @@ test('application tests', async(t) => {
     let app_json = JSON.parse(result.app_json);
     t.ok(app_json[0].verb === 'play', 'successfully retrieved app_json from application')
 
+    /* query one application by name*/
+    result = await request.get(`/Applications`, {
+      qs : {
+        name: 'daveh'
+      },
+      auth: authAdmin,
+      json: true,
+    });
+    t.ok(result.length === 1 && result[0].name === 'daveh', 'successfully queried application by name');
+
+    /* query application with invalid name*/
+    result = await request.get(`/Applications`, {
+      qs : {
+        name: 'daveh-invalid'
+      },
+      auth: authAdmin,
+      json: true,
+    });
+    t.ok(result.length === 0, 'successfully queried application by invalid name, no results found');
 
     /* update applications */
     result = await request.put(`/Applications/${sid}`, {

test/encrypt-decrypt.test.js

@@ -0,0 +1,132 @@
+const assert = require('node:assert');
+const { describe, it, beforeEach, before } = require('node:test');
+const { obscureBucketCredentialsSensitiveData, isObscureKey, obscureKey } = require('../lib/utils/encrypt-decrypt');
+const { randomUUID } = require('node:crypto');
+
+let bucket_credential = {};
+let service_key = {};
+
+describe('encrypt-decrypt test suite', { skip: false }, () => {
+    before(() => {
+        process.env.ENCRYPTION_SECRET = "12345";
+    });
+    beforeEach(() => {
+        service_key = {
+            "type": "service_account",
+            "project_id": "voice-gateway",
+            "private_key_id": randomUUID(),
+            "private_key": "-----BEGIN PRIVATE KEY-----\nJ6T2sQmBAD8TBm0frkGeyw0FA0aVAASVBJcwggSjBgEAAoabAQDUbiVwgufJm9R3\nv7YpECxRnQgHduX8jnbjtubi6FVqqVx78W3NM/gFNJFBC7NXtpsslqefKM6SmlkK\nNP6XqXy/ppXO8u00se7+cOFhsS6crncnsCeIYPxLFPV8P4BjExi7v88RBdektLeV\nX6sRWhxiYeWe+ORxkyC0KR4IKZjHt7ZHrg0kNQyuNx1KOhJnN3rRUkKSP2zozd1c\n3V+4EfpZjGmlQegXNHzkwUjvTOe6nuyxynWe3smjsSw/3RQda5m674Kh9tnVWEiX\n5KWnfRbWDdEBp5azzOAdeSR5W+qQfS0Jo6blREDQxWfMNmut87m81gmn+DKMhq6k\nV0JVRQStAgMBAAECggEAAf7AsAdI24zUdXkZv98gEuC4S10e2Luoz6Yvm41V3sP6\nWx0mdgY7RB9RW8U4WPnu3GhPGGJj03SyHUuI8Ix15MNM9WGDAaV3S+kRb1LqChLO\nCoNSO/qYPPg4t1iQ9+s7sWTnM93MAXjujmSveHJd7+MrUQOxOdPjB7I/ozMkBXBb\nWYsBIfeOG/7DsC4N4V/hKVXAq9NekGQv85yCUPR/DpuG9vqpztXwaSC1Wihntlu3\nNJYmMave4PbO3OxAekBl70WmukERZo7ksR+34WWse4HXlphaUVbpvnbQdGT1EzXW\nZukanqpfkIwrHme2Ko5NdP0C54pRhg6kpmWszVUMQQKBgQD6yWMuuwdPuFLg0wc2\nnDUeyHZSq/SEMSrb1wNXhL3qhaL2tCjBZwG9CHDuFMhqDLU5F36mEdAsM5MHCzyC\nTJ7VbqvCFz69SRt1CVp76Hu4HO/1Nhxm1GhF+NKSDIbnUg3o4DaC7EUtLpqYXcWj\nsXHEqVEhkrNVQ/JOIfJr42LDfQKBgQDM0U3ghGg9ufe9mb0dOonwtJA/ay/pd08Q\nyq3ue9C3yoQiNf28bP3AGKIjhA6wtd0KTSkQs6ktabGHIM8o/eTrMAMQllKh/3xe\nON7iND8Xz2GFMuIraQ7Mq9RvYWiqqIkVg1GQfJmiQ9wcmGj2PHy25LfjBXfHAYqK\nQ++P/i+s8QKBgD0pRi4MYNEZY+T+skCoQfA69VheJWjj0M8ClgcPEX4Tj1XZRCM+\nqtbeKyR1Hxd19/BvgWyg5YMSJOZP4Dbq1sW4ktzn7F4faTnWySF05k9Vh1PnGXAe\nlzuRXlFOCsx5X3kOzVyKoKhPOFa2b8/nI5bRsD6e12uRAZP6hXO4ZcrFAoGABVJ/\nCpGGP+xgMq4XCvZldTrL8MnxQcjW5iHOKT9QaiY6DsWGZWoTofVB6VhaJV9kcgsV\nQRjaEZMIiPFiULdgRnhF7B1r4kfITI5/xDMFXLIH37U1yVj+iHUCnS5T0PN2NHfo\nG7ARMfU/eALB33ws5XfGC4Et3p78oaEoTX6WcJECgYEAhysSt4qieGRSXn24V0+u\ny/ubU4dysn4SFe8BB4bjgYa8v+6VwucU+nnU4wOwykEgJmzN/ukzpvFN0CkN8eAN\n8xwtjBX9Zc1S90Wf7/7IrQGlUnsSFpDh5TW+oCqVo8JK7UGxJHR1mCvJmYVmSk3c\nD4AMvJ2x/Z5d9NKIAzdET4o=\n-----END PRIVATE KEY-----\n",
+            "client_email": "voicegatewayteam@voice-gateway.iam.gserviceaccount.com",
+            "client_id": "333827616171177028875",
+            "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+            "token_uri": "https://oauth2.googleapis.com/token",
+            "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+            "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/cognigyvoicegatewayteam%40cognigy-voice-gateway.iam.gserviceaccount.com",
+            "universe_domain": "googleapis.com"
+        };
+        bucket_credential = {
+            "vendor": "google",
+            "service_key": "",
+            "connection_string": "",
+            "secret_access_key": ""
+        }
+    });
+
+    describe('obscureBucketCredentialsSensitiveData', { skip: false }, () => {
+        it('should obscure "private_key" - vendor: google', { skip: false }, () => {
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "google",
+                "service_key": JSON.stringify(service_key),
+            };
+            const result = obscureBucketCredentialsSensitiveData(bucket_credential);
+            const googleCredentials = JSON.parse(result.service_key);
+            assert.strictEqual(googleCredentials.private_key, '-----BEGIN PRIVATE KEY-----\nJ6T2sQXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX');
+            assert.strictEqual(googleCredentials.private_key_id, googleCredentials.private_key_id);
+            assert.strictEqual(googleCredentials.project_id, googleCredentials.project_id);
+            assert.strictEqual(googleCredentials.client_email, googleCredentials.client_email);
+            assert.strictEqual(googleCredentials.client_id, googleCredentials.client_id);
+            assert.strictEqual(googleCredentials.auth_uri, googleCredentials.auth_uri);
+            assert.strictEqual(googleCredentials.token_uri, googleCredentials.token_uri);
+        });
+
+        it('should skip obscure since it is already obscured. vendor: google - "private key"', { skip: false }, () => {
+            service_key.private_key = '-----BEGIN PRIVATE KEY-----\nJ6T2sQXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "google",
+                "service_key": JSON.stringify(service_key),
+            };
+            const result = obscureBucketCredentialsSensitiveData(bucket_credential);
+            const googleCredentials = JSON.parse(result.service_key);
+            assert.strictEqual(googleCredentials.private_key, '-----BEGIN PRIVATE KEY-----\nJ6T2sQXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX');
+            assert.strictEqual(googleCredentials.private_key_id, googleCredentials.private_key_id);
+            assert.strictEqual(googleCredentials.project_id, googleCredentials.project_id);
+            assert.strictEqual(googleCredentials.client_email, googleCredentials.client_email);
+            assert.strictEqual(googleCredentials.client_id, googleCredentials.client_id);
+            assert.strictEqual(googleCredentials.auth_uri, googleCredentials.auth_uri);
+            assert.strictEqual(googleCredentials.token_uri, googleCredentials.token_uri);
+        });
+    });
+
+    describe('isObscureKey', { skip: false }, () => {
+        it('vendor: google - should return true', { skip: false }, () => {
+            service_key.private_key = '-----BEGIN PRIVATE KEY-----\nJ6T2sQXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "google",
+                "service_key": JSON.stringify(service_key),
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, true);
+        });
+        it('vendor: google - should return false', { skip: false }, () => {
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "google",
+                "service_key": JSON.stringify(service_key),
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, false);
+        });
+        it('vendor: aws_s3 - should return true', { skip: false }, () => {
+            const obscuredKey = "J6T2sQXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "aws_s3",
+                "secret_access_key": obscuredKey,
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, true);
+        });
+        it('vendor: aws_s3 - should return false', { skip: false }, () => {
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "aws_s3",
+                "service_key": "EFEU2fhcbqiw3211ffw3f1kezhcbqiw3211ffw3f",
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, false);
+        });
+        it('vendor: azure - should return true', { skip: false }, () => {
+            const obscuredKey = 'https:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "azure",
+                "connection_string": obscuredKey,
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, true);
+        });
+        it('vendor: azure - should return false', { skip: false }, () => {
+            bucket_credential = {
+                ...bucket_credential,
+                "vendor": "azure",
+                connection_string: 'https://cognigydevstorage.blob.core.windows.net/voicegateway-test?sp=rw&st=2023-09-10T13:35:44Z&se=2023-09-11T21:35:44Z&spr=https&sv=2022-11-02&sr=c&sig=9WN8Bg5UMOvnV1h1cJpCnTUG%2FnonTbRZ1Q1rbKnDUl4%3D',
+            };
+            const result = isObscureKey(bucket_credential);
+            assert.strictEqual(result, false);
+        });
+    });
+});
+

test/tts-cache.js

@@ -24,16 +24,24 @@ function makeSynthKey({account_sid = '', vendor, language, voice, engine = '', t
 test('tts-cache', async(t) => {
   const app = require('../app');
   try {
+    // clear cache to start
+    let result = await request.delete('/TtsCache', {
+      auth: authAdmin,
+      resolveWithFullResponse: true,
+    });
+    t.ok(result.statusCode === 204, 'successfully purged cache for start of test');
+
     // create caches
     const minRecords = 8;
     for (const i in Array(minRecords).fill(0)) {
       await client.set(makeSynthKey({vendor: i, language: i, voice: i, engine: i, text: i}), i);
     }
 
-    let result = await request.get('/TtsCache', {
+    result = await request.get('/TtsCache', {
       auth: authAdmin,
       json: true,
     });
+    //console.log(result);
 
     t.ok(result.size === minRecords, 'get cache correctly');
 
@@ -41,7 +49,7 @@ test('tts-cache', async(t) => {
       auth: authAdmin,
       resolveWithFullResponse: true,
     });
-    t.ok(result.statusCode === 204, 'successfully deleted application after removing phone number');
+    t.ok(result.statusCode === 204, 'successfully purged cache');
 
     result = await request.get('/TtsCache', {
       auth: authAdmin,

test/voip-carriers.js

@@ -207,7 +207,8 @@ test('voip carrier tests', async(t) => {
       json: true,
       body: {
         name: 'twilio',
-        e164_leading_plus: true
+        e164_leading_plus: true,
+        dtmf_type: 'tones'
       }
     });
     t.ok(result.statusCode === 201, 'successfully created voip carrier for a service provider');
@@ -221,6 +222,7 @@ test('voip carrier tests', async(t) => {
     });
     //console.log(result.body);
     t.ok(result.statusCode === 200, 'successfully retrieved voip carrier for a service provider');
+    //console.log(result.body);
     sid = result.body[0].voip_carrier_sid;
   
     await deleteObjectBySid(request, '/VoipCarriers', sid);