feat: final changes and urls

.eslint-dictionary.json

@@ -28,6 +28,7 @@
   "columnify",
   "cognito",
   "cors",
+  "createCipheriv",
   "creds",
   "datasource",
   "decrypt",
@@ -84,13 +85,15 @@
   "nspawn",
   "nullability",
   "nullable",
+  "oaepHash",
   "oauth",
   "oidc",
   "openid",
   "opensearch",
   "orgs",
   "parens",
   "pathname",
+  "pbkdf2Sync",
   "pipelined",
   "positionally",
   "posix",

packages/amplify-cli/src/commands/diagnose.ts

@@ -18,8 +18,7 @@ import { UsageDataPayload } from '../domain/amplify-usageData/UsageDataPayload';
 import { DebugConfig } from '../app-config/debug-config';
 import { isHeadlessCommand } from '../utils/headless-input-utils';
 import { Context } from '../domain/context';
-
-const report = 'https://yc65ayd1ge.execute-api.us-east-1.amazonaws.com/beta/report';
+import { reporterEndpoint } from './helpers/reporter-apis';
 
 /**
  * Prompts if there is a failure in the CLI
@@ -88,8 +87,10 @@ const zipSend = async (context: Context, skipPrompts: boolean, error: Error | un
   if (canSendReport) {
     spinner.start('Sending zip');
     try {
-      await sendReport(context, fileDestination);
+      const projectId = await sendReport(context, fileDestination);
       spinner.succeed('Done');
+      printer.info(`Project Identifier: ${projectId}`);
+      printer.blankLine();
     } catch (ex) {
       context.usageData.emitError(ex);
       spinner.fail();
@@ -162,7 +163,7 @@ const createZip = async (context: Context, error: Error | undefined): Promise<st
   });
 };
 
-const sendReport = async (context: Context, fileDestination): Promise<void> => {
+const sendReport = async (context: Context, fileDestination): Promise<string> => {
   const ids = hashedProjectIdentifiers();
   const usageDataPayload: UsageDataPayload = context.usageData.getUsageDataPayload(null, '');
 
@@ -173,6 +174,7 @@ const sendReport = async (context: Context, fileDestination): Promise<void> => {
     amplifyCliVersion: usageDataPayload.amplifyCliVersion,
     nodeVersion: usageDataPayload.nodeVersion,
   });
+  return ids.projectEnvIdentifier;
 };
 
 // eslint-disable-next-line spellcheck/spell-checker
@@ -188,6 +190,7 @@ const sendFile = async (
     nodeVersion: string;
   },
 ): Promise<void> => {
+  const report = reporterEndpoint();
   const stream = fs.readFileSync(zipPath);
   const passKey = v4();
   const cipherTextBlob = await encryptBuffer(stream, passKey);

packages/amplify-cli/src/commands/helpers/encryption-helpers.ts

@@ -1,39 +1,45 @@
-import { getPublicKey } from './get-public-key'
 import crypto from 'crypto';
-
+import { getPublicKey } from './reporter-apis';
+
+/**
+ * encrypt a buffer using AES 256
+ * @param text plainText as bugger to be encrypted
+ * @param passKey sting pass phrase to be used for encryption
+ * @returns base64 string to be encrypted
+ */
 export const encryptBuffer = async (text: Buffer, passKey: string): Promise<string> => {
-    const masterKey =  Buffer.from(passKey, 'utf-8');
-    // random initialization vector
-    const iv = crypto.randomBytes(16);
-
-    // random salt
-    const salt = crypto.randomBytes(64);
-
-    // derive encryption key: 32 byte key length
-    // in assumption the masterkey is a cryptographic and NOT a password there is no need for
-    // a large number of iterations. It may can replaced by HKDF
-    // the value of 2145 is randomly chosen!
-    const key = crypto.pbkdf2Sync(masterKey, salt, 2145, 32, 'sha512');
-    // AES 256 GCM Mode
-    const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
-
-    // encrypt the given text
-    const encrypted = Buffer.concat([cipher.update(text), cipher.final()]);
-
-    // extract the auth tag
-    const tag = cipher.getAuthTag();
-
-    // generate output
-    return Buffer.concat([salt, iv, tag, encrypted]).toString('base64');
-}
-
-
-
-export const encryptKey =  async(key: string): Promise<string> => {
-    const publicKey = await getPublicKey();
-    return crypto.publicEncrypt({
-        key: publicKey,
-        padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
-        oaepHash: 'sha256'
-    }, Buffer.from(key)).toString('base64');
-}
+  const masterKey = Buffer.from(passKey, 'utf-8');
+  // random initialization vector
+  const iv = crypto.randomBytes(16);
+
+  // random salt
+  const salt = crypto.randomBytes(64);
+
+  const key = crypto.pbkdf2Sync(masterKey, salt, 2145, 32, 'sha512');
+
+  // AES 256 GCM Mode
+  const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
+
+  // encrypt the given text
+  const encrypted = Buffer.concat([cipher.update(text), cipher.final()]);
+
+  // extract the auth tag
+  const tag = cipher.getAuthTag();
+
+  // generate output
+  return Buffer.concat([salt, iv, tag, encrypted]).toString('base64');
+};
+
+/**
+ * encrypts key with Asymmetric SHA 256
+ * @param key to be encrypted
+ * @returns encrypted string
+ */
+export const encryptKey = async (key: string): Promise<string> => {
+  const publicKey = await getPublicKey();
+  return crypto.publicEncrypt({
+    key: publicKey,
+    padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
+    oaepHash: 'sha256',
+  }, Buffer.from(key)).toString('base64');
+};

packages/amplify-cli/src/commands/helpers/reporter-apis.ts

@@ -0,0 +1,31 @@
+import { DiagnoseReportUploadError } from "amplify-cli-core";
+import fetch from "node-fetch";
+
+/**
+ * Return the public key from github API
+ * @returns the public key
+ */
+export const getPublicKey = async (): Promise<string> => {
+  let url = "https://aws-amplify.github.io/amplify-cli/report-public-key.pub";
+  if (process.env.AMPLIFY_CLI_BETA_PUBLIC_KEY_URL && typeof process.env.AMPLIFY_CLI_BETA_PUBLIC_KEY_URL === "string") {
+    url = process.env.AMPLIFY_CLI_BETA_USAGE_TRACKING_URL || url;
+  }
+  const res = await fetch(url);
+  if (!res.ok) {
+    throw new DiagnoseReportUploadError("Failed to retrieve public key");
+  }
+  return res.text();
+};
+
+/**
+ * The function checks for the environment variable AMPLIFY_CLI_BETA_REPORT_URL if it's not present or is not a string
+ * return the prod url
+ * @returns url for the reporter end point
+ */
+export const reporterEndpoint = (): string => {
+  const prodUrl = "https://api.cli.amplify.aws/diagnose/report";
+  if (process.env.AMPLIFY_CLI_BETA_REPORT_URL && typeof process.env.AMPLIFY_CLI_BETA_REPORT_URL === "string") {
+    return process.env.AMPLIFY_CLI_BETA_USAGE_TRACKING_URL || prodUrl;
+  }
+  return prodUrl;
+};

yarn.lock

@@ -9206,45 +9206,6 @@ amdefine@>=0.0.4:
   resolved "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz#4a5282ac164729e93619bcfd3ad151f817ce91f5"
   integrity sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=
 
-amplify-cli-core@2.6.0:
-  version "2.6.0"
-  resolved "https://registry.npmjs.org/amplify-cli-core/-/amplify-cli-core-2.6.0.tgz#b1b0d90146b7411200b35710bd28cf076bfeacb5"
-  integrity sha512-8tfPP6tkwq97znTCWQf14a/t3p9EHSFDU5COHi8T59iuZfU6BEp9Td+o9DSml8RWwXyvVqaVO2lw8jNnlV2dWw==
-  dependencies:
-    ajv "^6.12.6"
-    amplify-cli-logger "1.1.0"
-    amplify-prompts "2.0.1"
-    chalk "^4.1.1"
-    ci-info "^2.0.0"
-    cloudform-types "^4.2.0"
-    dotenv "^8.2.0"
-    execa "^5.1.1"
-    fs-extra "^8.1.0"
-    globby "^11.0.3"
-    hjson "^3.2.1"
-    js-yaml "^4.0.0"
-    lodash "^4.17.21"
-    node-fetch "^2.6.7"
-    open "^8.4.0"
-    ora "^4.0.3"
-    proxy-agent "^5.0.0"
-    semver "^7.3.5"
-    typescript-json-schema "~0.52.0"
-    which "^2.0.2"
-
-amplify-cli-logger@1.1.0:
-  version "1.1.0"
-  resolved "https://registry.npmjs.org/amplify-cli-logger/-/amplify-cli-logger-1.1.0.tgz#cbe42f243bc88085aa93be034a9ded73980c287d"
-  integrity sha512-OESR1EMu85C8l67a2ugMR8RNnYvMOWImmseKz61yG7+3tQCNssO+WSS5AIk8no3tAfUkMMYjD+FudTR0jyV7pA==
-  dependencies:
-    winston "^3.3.3"
-    winston-daily-rotate-file "^4.5.0"
-
-amplify-cli-shared-interfaces@1.1.0:
-  version "1.1.0"
-  resolved "https://registry.npmjs.org/amplify-cli-shared-interfaces/-/amplify-cli-shared-interfaces-1.1.0.tgz#105c8645c50bb469272badf2501505793c3974de"
-  integrity sha512-lN5Y4PfyY5SSCZLxRSfv3qhYYSEwEsFG9T+SbQIf05o6Yfim93Xy9f+1pAAlGc3f/HWjEqdegAH3HG496/BGeg==
-
 amplify-codegen@^3.0.0:
   version "3.0.0"
   resolved "https://registry.npmjs.org/amplify-codegen/-/amplify-codegen-3.0.0.tgz#b07248c732b01d403114d6d60cd2a28d4b7996c9"
@@ -9266,23 +9227,6 @@ amplify-codegen@^3.0.0:
     semver "^7.3.5"
     slash "^3.0.0"
 
-amplify-prompts@2.0.1:
-  version "2.0.1"
-  resolved "https://registry.npmjs.org/amplify-prompts/-/amplify-prompts-2.0.1.tgz#6b25ded5aefb4f9d408e3fa6d13d91ae2ce434ca"
-  integrity sha512-X8sNkC9eBA0LWrCBiH+j9hp3yQcK1TBbbte9f6O/S8C1lpf1sgzCztctIC72iSXvbON4EPKYBxLVbkVc6ki9Rw==
-  dependencies:
-    chalk "^4.1.1"
-    enquirer "^2.3.6"
-
-amplify-prompts@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.npmjs.org/amplify-prompts/-/amplify-prompts-2.1.0.tgz#2d54c700493fc8b40a79edd61040dcc73b80326e"
-  integrity sha512-52m7sPmQbh3wdNwzYZldK5eRg2432dx8G5Obak2rSeLmThgYagsKhF622mRIgxq5yc87hyEjAzjifMfLwkKzbQ==
-  dependencies:
-    amplify-cli-shared-interfaces "1.1.0"
-    chalk "^4.1.1"
-    enquirer "^2.3.6"
-
 ansi-align@^3.0.0:
   version "3.0.1"
   resolved "https://registry.npmjs.org/ansi-align/-/ansi-align-3.0.1.tgz#0cdf12e111ace773a86e9a1fad1225c43cb19a59"
@@ -14521,6 +14465,17 @@ glob@^7.0.0, glob@^7.0.5, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, gl
     once "^1.3.0"
     path-is-absolute "^1.0.0"
 
+glob@^8.0.3:
+  version "8.0.3"
+  resolved "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz#415c6eb2deed9e502c68fa44a272e6da6eeca42e"
+  integrity sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==
+  dependencies:
+    fs.realpath "^1.0.0"
+    inflight "^1.0.4"
+    inherits "2"
+    minimatch "^5.0.1"
+    once "^1.3.0"
+
 global-dirs@^0.1.0, global-dirs@^0.1.1:
   version "0.1.1"
   resolved "https://registry.npmjs.org/global-dirs/-/global-dirs-0.1.1.tgz#b319c0dd4607f353f3be9cca4c72fc148c49f445"
@@ -17904,6 +17859,13 @@ minimatch@^3.1.2:
   dependencies:
     brace-expansion "^1.1.7"
 
+minimatch@^5.0.1:
+  version "5.1.0"
+  resolved "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz#1717b464f4971b144f6aabe8f2d0b8e4511e09c7"
+  integrity sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==
+  dependencies:
+    brace-expansion "^2.0.1"
+
 minimatch@~5.0.0:
   version "5.0.0"
   resolved "https://registry.npmjs.org/minimatch/-/minimatch-5.0.0.tgz#281d8402aaaeed18a9e8406ad99c46a19206c6ef"