The Utils directory contains a number of classes which provide help functionality or features when developing aspects of the SDK.
AuthenticateHeaderParser
As part of our authentication flow the WWW-Authenticate header is returned from the API Gateway. This is provided to us as a single string which makes it difficult to parse.
Bearer realm="api.xedi",
error="invalid_token",
error_description="The access token expired"
Example WWW-Authenticate header
To simplify the logic of interogating this string, the `AuthenticateHeaderParser` was devised.
Identifing Entities without explicit type attributes across an eco-system like XEDI is problematic at best, impossible in the main. At XEDI, we found the answer by introducing an identifier that could be typed. Version 1 UUIDs are considered inherently insecure due to the use of the issuing computers MAC address as the "node" component. We seized this vulnerability and turned it on its head by replacing the node of a UUIDv1 with our own series of hashes. Each hash is tied to an identifier which a service can use to determine what a generic entity is.
As above, at XEDI we utilitize a series of known hashes to identify anonymized json objects as certain entities. In TypeScript, we represent these as an Enum known as SupportedXuid. Because this has little to no practical runtime use, we don't include the associated hashes with the inclusion of a supported type.