Storefront GraphQL API Gateway. Modular architecture. ElasticSearch included. Works great with Magento1, Magento2, Spree, OpenCart, Pimcore and custom backends
There is an error when a submitted token is de-/encrypted in user endpoint: Missing IV for cipher aes-256-ctr.
This is caused by the changes on decryptToken & encryptToken of packages/lib/util.ts where the deprecated method createDecipher() method was replaced with createDecipheriv(). Currently there is a null value as default value submitted but as I found out the aes-256-ctr algorithm needs an initialization-vector to work.
I added a config option cipherIVByBuildTime to either add a custom cipher based on build-time or just use a default 16 character string or randomBytes.
I also added a small script build:time to create a buildtime.json on build where the buildtime is stored for multi-node support.
Contribution and currently important rules acceptance
Related issues
There is an error when a submitted token is de-/encrypted in user endpoint:
Missing IV for cipher aes-256-ctr
.This is caused by the changes on
decryptToken
&encryptToken
ofpackages/lib/util.ts
where the deprecated methodcreateDecipher()
method was replaced withcreateDecipheriv()
. Currently there is anull
value as default value submitted but as I found out theaes-256-ctr
algorithm needs an initialization-vector to work.I added a config option
cipherIVByBuildTime
to either add a custom cipher based on build-time or just use a default 16 character string orrandomBytes
.I also added a small script
build:time
to create abuildtime.json
on build where the buildtime is stored for multi-node support.Contribution and currently important rules acceptance