#37 Add ability to create users with needs rotation and rotate th… (#39)

* #37 Add ability to create users with needs rotation and rotate their key

* Remove unused error code

README.md

@@ -7,11 +7,11 @@ SDK for using IronCore Labs from your NodeJS server side applications. Read [our
 
 ## Supported Platforms
 
-|                     | Node 8 | Node 10 | Node 12 |
-| ------------------- | ------ | ------- | ------- |
-| Linux x64 glibc     | ✓      | ✓       | ✓       |
-| Linux x64 musl-libc | ✓      | ✓       | ✓       |
-| OSX x64             | ✓      | ✓       | ✓       |
+|                     | Node 10 | Node 12 |
+| ------------------- | ------- | ------- |
+| Linux x64 glibc     | ✓       | ✓       |
+| Linux x64 musl-libc | ✓       | ✓       |
+| OSX x64             | ✓       | ✓       |
 
 ## Installation
 

integration/Users.ts

@@ -49,6 +49,22 @@ export function publicKeyLookup(IronNode: SDK) {
         .then(log);
 }
 
+/**
+ * Ask for the users escrow password and use it to rotate the users master private key.
+ */
+export function rotateMasterKey(IronNode: SDK) {
+    return inquirer
+        .prompt<{escrowPassword: string}>([
+            {
+                name: "escrowPassword",
+                type: "password",
+                message: "Enter accounts escrow password:",
+            },
+        ])
+        .then(({escrowPassword}) => IronNode.user.rotateMasterKey(escrowPassword))
+        .then(log);
+}
+
 /**
  * Get a users devices and display the results
  */

integration/sdkOperation.ts

@@ -1,11 +1,11 @@
 /* tslint:disable no-console cyclomatic-complexity*/
-import * as path from "path";
 import * as inquirer from "inquirer";
+import * as path from "path";
+import {SDK} from "../ironnode";
 import {initialize} from "../src/index";
 import * as Documents from "./Documents";
 import * as Groups from "./Groups";
 import * as Users from "./Users";
-import {SDK} from "../ironnode";
 
 const topLevelPrompt: inquirer.ListQuestion<{operation: string}> = {
     type: "list",
@@ -36,6 +36,7 @@ const topLevelPrompt: inquirer.ListQuestion<{operation: string}> = {
         {name: "User Public Key Lookup", value: "userKeyLookup"},
         {name: "User Device List", value: "userDeviceList"},
         {name: "User Device Delete", value: "userDeviceDelete"},
+        {name: "User Rotate Master Private Key", value: "rotateUserKey"},
         new inquirer.Separator(),
         {name: "Quit", value: "quit"},
         new inquirer.Separator(),
@@ -89,6 +90,8 @@ function routeAnswerToOperation(IronNode: SDK, answer: string) {
             return Users.deviceList(IronNode);
         case "userDeviceDelete":
             return Users.deviceDelete(IronNode);
+        case "rotateUserKey":
+            return Users.rotateMasterKey(IronNode);
         case "quit":
             return process.exit();
         default:
@@ -107,7 +110,7 @@ function askForOperation(IronNode: SDK): Promise<void> {
         .then(({operation}) => {
             return routeAnswerToOperation(IronNode, operation).catch((error) => {
                 console.log("\x1Bc");
-                console.error(`${error.message}\n\n`);
+                console.error(`${error}\n\n`);
                 //Even if an error occurs, recover and go back to the operation list
                 return Promise.resolve();
             });

integration/userOperation.ts

@@ -1,10 +1,10 @@
 /* tslint:disable no-console*/
 import * as fs from "fs";
-import * as path from "path";
 import * as inquirer from "inquirer";
 import * as jwt from "jsonwebtoken";
+import * as path from "path";
 import {User} from "../src/index";
-import {logWithMessage, log} from "./Logger";
+import {log, logWithMessage} from "./Logger";
 // tslint:disable-next-line
 const Config = require("./project.json");
 const keyFile = path.join(__dirname, "./private.key");
@@ -49,7 +49,7 @@ function verifyUser() {
  */
 function createUser() {
     return inquirer
-        .prompt<{userID: string; password: string}>([
+        .prompt<{userID: string; password: string; needsRotation: boolean}>([
             {
                 type: "input",
                 name: "userID",
@@ -60,10 +60,14 @@ function createUser() {
                 name: "password",
                 message: "Input password to escrow users private key: ",
             },
+            {
+                type: "confirm",
+                default: false,
+                name: "needsRotation",
+                message: "Create user with needs rotation?",
+            },
         ])
-        .then(({userID, password}) => {
-            return User.create(generateJWT(userID), password);
-        })
+        .then(({userID, password, needsRotation}) => User.create(generateJWT(userID), password, {needsRotation}))
         .then((userInfo) => {
             logWithMessage("User Created!", userInfo);
             return Promise.resolve(false);

ironnode.d.ts

@@ -10,7 +10,9 @@ export interface DocumentAccessList {
     users?: Array<{id: string}>;
     groups?: Array<{id: string}>;
 }
-
+export interface UserCreateOptions {
+    needsRotation: boolean;
+}
 export interface DeviceCreateOptions {
     deviceName: string;
 }
@@ -146,6 +148,7 @@ export interface User {
     getPublicKey(users: string | string[]): Promise<UserPublicKeyGetResponse>;
     listDevices(): Promise<UserDeviceListResponse>;
     deleteDevice(id?: number): Promise<{id: number}>;
+    rotateMasterKey(password: string): Promise<{needsRotation: boolean}>;
 }
 
 export interface SDK {
@@ -179,6 +182,6 @@ export interface DeviceDetails {
 
 export namespace User {
     export function verify(jwt: string): Promise<ApiUserResponse | undefined>;
-    export function create(jwt: string, password: string): Promise<ApiUserResponse>;
+    export function create(jwt: string, password: string, options?: UserCreateOptions): Promise<ApiUserResponse>;
     export function generateDeviceKeys(jwt: string, password: string, options?: DeviceCreateOptions): Promise<DeviceDetails>;
 }

package.json

@@ -9,7 +9,7 @@
     "license": "AGPL-3.0-only",
     "types": "ironnode.d.ts",
     "engines": {
-        "node": ">=8.0.0"
+        "node": ">=10.0.0"
     },
     "os": [
         "darwin",
@@ -26,7 +26,7 @@
         "lint": "tslint -p \"tsconfig.json\" -e \"**/tests/**\" \"src/**/*.ts\""
     },
     "dependencies": {
-        "@ironcorelabs/recrypt-node-binding": "0.6.1",
+        "@ironcorelabs/recrypt-node-binding": "0.7.0",
         "futurejs": "2.1.1",
         "node-fetch": "2.6.0"
     },

src/Constants.ts

@@ -39,6 +39,8 @@ export const ErrorCodes = {
     USER_DEVICE_KEY_GENERATION_FAILURE: 207,
     USER_DEVICE_LIST_REQUEST_FAILURE: 208,
     USER_DEVICE_DELETE_REQUEST_FAILURE: 209,
+    USER_UPDATE_KEY_REQUEST_FAILURE: 210,
+    USER_PRIVATE_KEY_ROTATION_FAILURE: 211,
     DOCUMENT_LIST_REQUEST_FAILURE: 300,
     DOCUMENT_GET_REQUEST_FAILURE: 301,
     DOCUMENT_CREATE_REQUEST_FAILURE: 302,