Storefront GraphQL API Gateway. Modular architecture. ElasticSearch included. Works great with Magento1, Magento2, Spree, OpenCart, Pimcore and custom backends
There is an error when a submitted token is de-/encrypted in user endpoint: Missing IV for cipher aes-256-ctr.
This is caused by the changes on decryptToken & encryptToken of packages/lib/util.ts where the deprecated method createDecipher() method was replaced with createDecipheriv(). Currently there is a null value as default value submitted but as I found out the aes-256-ctr algorithm needs an initialization-vector to work.
I added a config option cipherIVByBuildTime to either add a custom cipher based on build-time or just use a default 16 character string or randomBytes.
I also added a small script build:time to create a buildtime.json on build where the buildtime is stored for multi-node support.
Contribution and currently important rules acceptance
Related issues
There is an error when a submitted token is de-/encrypted in user endpoint:
Missing IV for cipher aes-256-ctr.This is caused by the changes on
decryptToken&encryptTokenofpackages/lib/util.tswhere the deprecated methodcreateDecipher()method was replaced withcreateDecipheriv(). Currently there is anullvalue as default value submitted but as I found out theaes-256-ctralgorithm needs an initialization-vector to work.I added a config option
cipherIVByBuildTimeto either add a custom cipher based on build-time or just use a default 16 character string orrandomBytes.I also added a small script
build:timeto create abuildtime.jsonon build where the buildtime is stored for multi-node support.Contribution and currently important rules acceptance