52 lines
1.5 KiB
TypeScript
52 lines
1.5 KiB
TypeScript
import { env } from '../../lib/env.js';
|
|
import { ProviderSecrets, ProviderType } from '../../core/types.js';
|
|
import { storage } from '../../lib/storage.js';
|
|
|
|
const SECRETS_FILE = 'provider-secrets.json';
|
|
|
|
interface SecretsRecord {
|
|
tenantId: string;
|
|
provider: ProviderType;
|
|
secrets: ProviderSecrets;
|
|
}
|
|
|
|
export class SecretsService {
|
|
async getProviderSecrets(provider: ProviderType, tenantId: string): Promise<ProviderSecrets> {
|
|
const records = await storage.readCollection<SecretsRecord>(SECRETS_FILE);
|
|
const record = records.find((item) => item.tenantId === tenantId && item.provider === provider);
|
|
|
|
if (record) {
|
|
return record.secrets;
|
|
}
|
|
|
|
const defaults: Record<ProviderType, ProviderSecrets> = {
|
|
appwrite: {
|
|
endpoint: env.appwriteEndpoint,
|
|
apiKey: env.appwriteApiKey,
|
|
},
|
|
supabase: {
|
|
endpoint: env.supabaseEndpoint,
|
|
apiKey: env.supabaseServiceKey,
|
|
},
|
|
};
|
|
|
|
return defaults[provider];
|
|
}
|
|
|
|
async rotateProviderSecrets(
|
|
provider: ProviderType,
|
|
tenantId: string,
|
|
secrets: ProviderSecrets,
|
|
): Promise<void> {
|
|
const records = await storage.readCollection<SecretsRecord>(SECRETS_FILE);
|
|
const existing = records.find((item) => item.tenantId === tenantId && item.provider === provider);
|
|
|
|
if (existing) {
|
|
existing.secrets = secrets;
|
|
} else {
|
|
records.push({ tenantId, provider, secrets });
|
|
}
|
|
|
|
await storage.writeCollection(SECRETS_FILE, records);
|
|
}
|
|
}
|