feat: support Cryption API

.eslintrc

@@ -1,3 +1,6 @@
 {
-  "extends": "eslint-config-egg/typescript"
+  "extends": [
+    "eslint-config-egg/typescript",
+    "eslint-config-egg/lib/rules/enforce-node-prefix"
+  ]
 }

.github/workflows/nodejs.yml

@@ -40,7 +40,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        node-version: [16, 18, 20]
+        node-version: [14, 16, 18, 20]
         os: [ubuntu-latest]
 
     steps:

demo/configuration/subscribe.ts

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { strict as assert } from 'assert';
+import { strict as assert } from 'node:assert';
 import { Client, utils } from 'layotto';
 
 const client = new Client();

demo/helloworld.ts

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { strict as assert } from 'assert';
+import { strict as assert } from 'node:assert';
 import { Client } from 'layotto';
 
 const client = new Client();

demo/pubsub/client.ts

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { strict as assert } from 'assert';
+import { strict as assert } from 'node:assert';
 import { Client } from 'layotto';
 
 const client = new Client();

demo/rpc/http/server.js

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-const http = require('http');
+const http = require('node:http');
 
 const hostname = '127.0.0.1';
 const port = 8889;

demo/state.ts

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import { strict as assert } from 'assert';
+import { strict as assert } from 'node:assert';
 import { Client } from 'layotto';
 
 const client = new Client();

src/client/API.ts

@@ -13,15 +13,9 @@
  * limitations under the License.
  */
 import { Metadata } from '@grpc/grpc-js';
-import { RuntimeClient } from '../../proto/runtime/v1/runtime_grpc_pb';
 import { KV, RequestWithMeta, Map } from '../types/common';
 
 export class API {
-  readonly runtime: RuntimeClient;
-  constructor(runtime: RuntimeClient) {
-    this.runtime = runtime;
-  }
-
   createMetadata(request: RequestWithMeta<{}>): Metadata {
     const metadata = new Metadata();
     if (!request.requestMeta) return metadata;

src/client/Binding.ts

@@ -16,14 +16,14 @@ import {
   InvokeBindingRequest as InvokeBindingRequestPB,
   InvokeBindingResponse as InvokeBindingResponsePB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import {
   InvokeBindingRequest,
   InvokeBindingResponse,
 } from '../types/Binding';
 import { convertMapToKVString } from '../utils';
 
-export default class Binding extends API {
+export default class Binding extends RuntimeAPI {
   async invoke(request: InvokeBindingRequest): Promise<InvokeBindingResponse> {
     const req = new InvokeBindingRequestPB();
     req.setName(request.name);

src/client/Client.ts

@@ -15,6 +15,8 @@
 import { debuglog } from 'node:util';
 import { ChannelCredentials } from '@grpc/grpc-js';
 import { RuntimeClient } from '../../proto/runtime/v1/runtime_grpc_pb';
+import { ObjectStorageServiceClient } from '../../proto/extension/v1/s3/oss_grpc_pb';
+import { CryptionServiceClient } from '../../proto/extension/v1/cryption/cryption_grpc_pb';
 import State from './State';
 import Hello from './Hello';
 import Invoker from './Invoker';
@@ -24,20 +26,22 @@ import Configuration from './Configuration';
 import PubSub from './PubSub';
 import File from './File';
 import Binding from './Binding';
-import { ObjectStorageServiceClient } from '../../proto/extension/v1/s3/oss_grpc_pb';
 import Oss from './Oss';
+import Cryption from './Cryption';
 
 const debug = debuglog('layotto:client:main');
 
 export interface ClientOptions {
   ossEnable?: boolean;
+  cryptionEnable?: boolean;
 }
 
 export default class Client {
-  readonly host: string;
-  readonly port: string;
-  private _runtime: RuntimeClient;
-  private _ossClient: ObjectStorageServiceClient;
+  protected readonly host: string;
+  protected readonly port: string;
+  private readonly _runtime: RuntimeClient;
+  private readonly _ossClient: ObjectStorageServiceClient;
+  private readonly _cryptionClient: CryptionServiceClient;
   private _hello: Hello;
   private _state: State;
   private _invoker: Invoker;
@@ -48,16 +52,21 @@ export default class Client {
   private _file: File;
   private _binding: Binding;
   private _oss: Oss;
+  private _cryption: Cryption;
 
   constructor(port: string = process.env.runtime_GRPC_PORT ?? '34904',
               host: string = process.env.runtime_GRPC_HOST ?? '127.0.0.1', options?: ClientOptions) {
     this.host = host;
     this.port = port;
     const clientCredentials = ChannelCredentials.createInsecure();
-    this._runtime = new RuntimeClient(`${this.host}:${this.port}`, clientCredentials);
-    debug('Start connection to %s:%s', this.host, this.port);
+    const address = `${this.host}:${this.port}`;
+    this._runtime = new RuntimeClient(address, clientCredentials);
+    debug('Start connection to %o', address);
     if (options?.ossEnable) {
-      this._ossClient = new ObjectStorageServiceClient(`${this.host}:${this.port}`, clientCredentials);
+      this._ossClient = new ObjectStorageServiceClient(address, clientCredentials);
+    }
+    if (options?.cryptionEnable) {
+      this._cryptionClient = new CryptionServiceClient(address, clientCredentials);
     }
   }
 
@@ -115,4 +124,14 @@ export default class Client {
     }
     return this._oss;
   }
+
+  get cryption() {
+    if (!this._cryption) {
+      if (!this._cryptionClient) {
+        throw new Error('client not enable cryption');
+      }
+      this._cryption = new Cryption(this._cryptionClient);
+    }
+    return this._cryption;
+  }
 }

src/client/Configuration.ts

@@ -22,7 +22,7 @@ import {
   SubscribeConfigurationRequest as SubscribeConfigurationRequestPB,
   SubscribeConfigurationResponse as SubscribeConfigurationResponsePB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import {
   GetConfigurationRequest,
   GetConfigurationItem,
@@ -34,7 +34,7 @@ import { convertArrayToKVString } from '../types/common';
 
 const debug = debuglog('layotto:client:configuration');
 
-export default class Configuration extends API {
+export default class Configuration extends RuntimeAPI {
   // GetConfiguration gets configuration from configuration store.
   async get(request: GetConfigurationRequest): Promise<GetConfigurationItem[]> {
     const req = new GetConfigurationRequestPB();

src/client/Cryption.ts

@@ -0,0 +1,70 @@
+import {
+  EncryptRequest as EncryptRequestPB,
+  EncryptResponse,
+  DecryptRequest as DecryptRequestPB,
+  DecryptResponse as DecryptResponsePB,
+} from '../../proto/extension/v1/cryption/cryption_pb';
+import { CryptionServiceClient } from '../../proto/extension/v1/cryption/cryption_grpc_pb';
+import { API } from './API';
+import { RequestWithMeta } from '../types/common';
+
+export type EncryptRequest = RequestWithMeta<{
+  componentName: string;
+  plainText: Uint8Array | string;
+  keyId?: string;
+}>;
+
+export type DecryptRequest = RequestWithMeta<DecryptRequestPB.AsObject>;
+
+export type DecryptResponse = {
+  plainText: Uint8Array;
+  keyId: string,
+  keyVersionId: string,
+  requestId: string,
+};
+
+export default class Cryption extends API {
+  private readonly cryptionClient: CryptionServiceClient;
+
+  constructor(cryptionClient: CryptionServiceClient) {
+    super();
+    this.cryptionClient = cryptionClient;
+  }
+
+  async encrypt(request: EncryptRequest): Promise<EncryptResponse.AsObject> {
+    const req = new EncryptRequestPB();
+    req.setComponentName(request.componentName);
+    let plainText = request.plainText;
+    if (typeof plainText === 'string') {
+      plainText = Buffer.from(plainText);
+    }
+    req.setPlainText(plainText);
+    if (request.keyId) {
+      req.setKeyId(request.keyId);
+    }
+
+    return new Promise((resolve, reject) => {
+      this.cryptionClient.encrypt(req, this.createMetadata(request), (err, res: EncryptResponse) => {
+        if (err) return reject(err);
+        resolve(res.toObject());
+      });
+    });
+  }
+
+  async decrypt(request: DecryptRequest): Promise<DecryptResponse> {
+    const req = new DecryptRequestPB();
+    req.setComponentName(request.componentName);
+    req.setCipherText(request.cipherText);
+
+    return new Promise((resolve, reject) => {
+      this.cryptionClient.decrypt(req, this.createMetadata(request), (err, res: DecryptResponsePB) => {
+        if (err) return reject(err);
+        const plainText = Buffer.from(res.getPlainText_asB64(), 'base64');
+        resolve({
+          ...res.toObject(),
+          plainText,
+        });
+      });
+    });
+  }
+}

src/client/File.ts

@@ -13,21 +13,21 @@
  * limitations under the License.
  */
 import { debuglog } from 'node:util';
-import { Transform, Readable } from 'stream';
-import { pipeline as pipelinePromise } from 'stream/promises';
+import { Transform, Readable } from 'node:stream';
+import { pipeline as pipelinePromise } from 'node:stream/promises';
 import {
   GetFileRequest as GetFileRequestPB,
   GetFileResponse as GetFileResponsePB,
   PutFileRequest as PutFileRequestPB,
   ListFileRequest as ListFileRequestPB,
   DelFileRequest as DelFileRequestPB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import { GetFileRequest, ListFileResponse, PutFileRequest } from '../types/File';
 
 const debug = debuglog('layotto:client:file');
 
-export default class File extends API {
+export default class File extends RuntimeAPI {
   // Get a file stream
   async get(request: GetFileRequest): Promise<Readable> {
     const req = new GetFileRequestPB();

src/client/Hello.ts

@@ -16,10 +16,10 @@ import {
   SayHelloRequest as SayHelloRequestPB,
   SayHelloResponse as SayHelloResponsePB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import { SayHelloRequest } from '../types/Hello';
 
-export default class Hello extends API {
+export default class Hello extends RuntimeAPI {
   async sayHello(request?: SayHelloRequest): Promise<string> {
     const req = new SayHelloRequestPB();
     if (!request) request = {};

src/client/Invoker.ts

@@ -19,10 +19,10 @@ import {
   HTTPExtension,
   InvokeResponse as InvokeResponsePB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import { InvokeServiceRequest, InvokeResponse } from '../types/Invoker';
 
-export default class Invoker extends API {
+export default class Invoker extends RuntimeAPI {
   async invoke(request: InvokeServiceRequest): Promise<InvokeResponse> {
     const message = new CommonInvokeRequestPB();
     message.setMethod(request.method);

src/client/Lock.ts

@@ -12,17 +12,17 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-import * as crypto from 'crypto';
+import { randomUUID } from 'node:crypto';
 import {
   TryLockRequest as TryLockRequestPB,
   TryLockResponse as TryLockResponsePB,
   UnlockRequest as UnlockRequestPB,
   UnlockResponse as UnlockResponsePB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import { TryLockRequest, UnlockRequest } from '../types/Lock';
 
-export default class Lock extends API {
+export default class Lock extends RuntimeAPI {
   // A non-blocking method trying to get a lock with ttl
   // expire is the time before expire. The time unit is second.
   async tryLock(request: TryLockRequest): Promise<boolean> {
@@ -55,6 +55,6 @@ export default class Lock extends API {
   }
 
   uuid() {
-    return crypto.randomUUID();
+    return randomUUID();
   }
 }

src/client/Oss.ts

@@ -1,3 +1,5 @@
+import { Readable, PassThrough, Writable } from 'node:stream';
+import { pipeline as pipelinePromise } from 'node:stream/promises';
 import {
   CopyObjectRequest,
   DeleteObjectRequest,
@@ -27,27 +29,16 @@ import {
   SignURLOutput,
 } from '../../proto/extension/v1/s3/oss_pb';
 import { ObjectStorageServiceClient } from '../../proto/extension/v1/s3/oss_grpc_pb';
-import { RequestWithMeta } from '../types/common';
-import { Metadata } from '@grpc/grpc-js';
-import { Readable, PassThrough, Writable } from 'stream';
-import { pipeline as pipelinePromise } from 'stream/promises';
+import { API } from './API';
 
-export default class Oss {
+export default class Oss extends API {
   private readonly ossClient: ObjectStorageServiceClient;
 
   constructor(ossClient: ObjectStorageServiceClient) {
+    super();
     this.ossClient = ossClient;
   }
 
-  createMetadata(request: RequestWithMeta<{}>): Metadata {
-    const metadata = new Metadata();
-    if (!request.requestMeta) return metadata;
-    for (const key of Object.keys(request.requestMeta)) {
-      metadata.add(key, request.requestMeta[key]);
-    }
-    return metadata;
-  }
-
   private async* putObjectIterator(request: PutObjectRequest): AsyncGenerator<PutObjectInput> {
     for await (const chunk of request.body) {
       const req = new PutObjectInput();

src/client/PubSub.ts

@@ -15,10 +15,10 @@
 import {
   PublishEventRequest as PublishEventRequestPB,
 } from '../../proto/runtime/v1/runtime_pb';
-import { API } from './API';
+import { RuntimeAPI } from './RuntimeAPI';
 import { PublishEventRequest } from '../types/PubSub';
 
-export default class PubSub extends API {
+export default class PubSub extends RuntimeAPI {
   async publish(request: PublishEventRequest): Promise<void> {
     const req = new PublishEventRequestPB();
     req.setPubsubName(request.pubsubName);