MCPcopy
hub / github.com/scality/cloudserver / getClientForKey

Function getClientForKey

lib/kms/wrapper.js:122–160  ·  view source on GitHub ↗

* Extract backend provider from key, validate arn for errors. * @param {string} key KeyId or KeyArn * @param {object} log logger * @returns {object} error or client with extracted KeyId

(key, log)

Source from the content-addressed store, hash-verified

120 * @returns {object} error or client with extracted KeyId
121 */
122function getClientForKey(key, log) {
123 // if extraction only return the id, it is not a scality arnPrefix
124 const detail = extractDetailFromArn(key);
125 let clientIdentifier;
126 if (detail.type) {
127 // if type was extracted, it is a scality arnPrefix, it needs validation
128 // might throw if arn malformed or backend not available
129 // for any request (PUT or GET)
130 const error = validateKeyDetail(detail, availableBackends);
131 if (error) {
132 log.error('KMS key arn is invalid', { key, detail, availableBackends });
133 return { error };
134 }
135 clientIdentifier = `${detail.type}:${detail.protocol}:${detail.provider}`;
136 } else if (config.sseMigration) {
137 // if not a scality arnPrefix but migration from previous KMS
138 clientIdentifier = previousIdentifier;
139 } else {
140 // if not a scality arnPrefix and no migration
141 clientIdentifier = currentIdentifier;
142 }
143
144 const instance = clientInstances[clientIdentifier];
145
146 if (instance) {
147 // was already instantiated
148 // return the extracted key id to avoid further processing of potential arn
149 // return clientIdentifier to allow usage restriction
150 return { ...instance, clientIdentifier, key: detail.id };
151 }
152
153 // Only pre instantiated previous KMS from sseMigration is supported now
154 // Here we could instantiate other provider on the fly to manage multi providers
155 log.error('KMS key doesn\'t match any KMS instance', { key, detail, availableBackends });
156 return { error: new errors.InvalidArgument
157 // eslint-disable-next-line new-cap
158 .customizeDescription(`KMS unknown provider for key ${key}`),
159 };
160}
161
162class KMS {
163 /** Access to client for tests (to create a key without vault check and bucket) */

Callers 3

destroyBucketKeyMethod · 0.85
createCipherBundleMethod · 0.85
createDecipherBundleMethod · 0.85

Calls 1

errorMethod · 0.80

Tested by

no test coverage detected