Skip to content

Utilities

The Utils directory contains a number of classes which provide help functionality or features when developing aspects of the SDK.

AuthenticateHeaderParser

As part of our authentication flow the WWW-Authenticate header is returned from the API Gateway. This is provided to us as a single string which makes it difficult to parse.

Bearer realm="api.xedi",
error="invalid_token",
error_description="The access token expired"

Example WWW-Authenticate header

To simplify the logic of interogating this string, the `AuthenticateHeaderParser` was devised.

const authenticateHeader = AuthenticateHeaderParser.parse(
headers['www-authenticate']
);
authenticateHeader.realm; // "api.xedi"
authenticateHeader.error; // "invalid_token"
authenticateHeader.error_description; // "The access token expired"
View source

XUID

Identifing Entities without explicit type attributes across an eco-system like XEDI is problematic at best, impossible in the main. At XEDI, we found the answer by introducing an identifier that could be typed. Version 1 UUIDs are considered inherently insecure due to the use of the issuing computers MAC address as the "node" component. We seized this vulnerability and turned it on its head by replacing the node of a UUIDv1 with our own series of hashes. Each hash is tied to an identifier which a service can use to determine what a generic entity is.

View source

Supported XUIDs

As above, at XEDI we utilitize a series of known hashes to identify anonymized json objects as certain entities. In TypeScript, we represent these as an Enum known as SupportedXuid. Because this has little to no practical runtime use, we don't include the associated hashes with the inclusion of a supported type.

View source
Edit this page on GitHub
2 contributorssamb20Smudge3806
Last edited by samb20 on September 4, 2020