Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
app.use(async (ctx, next) => {
lastReqTime = Date.now();
if (ctx.path === '/api/oss-config') {
ctx.body = {
accessKeyId,
accessKeySecret,
bucket,
region,
endpoint,
};
}
if (ctx.path === '/api/sts') {
const sts = new STS({
accessKeyId,
accessKeySecret,
});
// 60 mins
const expires = 60 * 60;
const sessionName = 'foo';
const stsToken = await sts.assumeRole(arn, undefined, expires, sessionName);
ctx.body = {
bucket,
region,
endpoint,
stsToken,
};
}
next();
});
app.get('/sts', (req, res) => {
console.log(conf);
let policy;
if (conf.PolicyFile) {
policy = fs.readFileSync(path.resolve(__dirname, conf.PolicyFile)).toString('utf-8');
}
const client = new STS({
accessKeyId: conf.AccessKeyId,
accessKeySecret: conf.AccessKeySecret
});
client.assumeRole(conf.RoleArn, policy, conf.TokenExpireTime).then((result) => {
console.log(result);
res.set('Access-Control-Allow-Origin', '*');
res.set('Access-Control-Allow-METHOD', 'GET');
res.json({
AccessKeyId: result.credentials.AccessKeyId,
AccessKeySecret: result.credentials.AccessKeySecret,
SecurityToken: result.credentials.SecurityToken,
Expiration: result.credentials.Expiration
});
}).catch((err) => {
console.log(err);