Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-163-generic #173-Ubuntu SMP Tue Oct 14 17:51:00 UTC uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /home/picotech/domains/note.picotech.app/public_html/src/services/ drwxr-xr-x | |
| Viewing file: Select action/file-type: // Centralized Secrets Management Service
// Supports AWS Secrets Manager and environment variables as fallback
const { SecretsManagerClient, GetSecretValueCommand } = require('@aws-sdk/client-secrets-manager');
const secretsManager = (() => {
let client = null;
const cache = new Map();
const cacheExpiry = 5 * 60 * 1000; // 5 minutes
// Initialize AWS client if credentials are available
if (process.env.AWS_ACCESS_KEY_ID && process.env.AWS_SECRET_ACCESS_KEY) {
client = new SecretsManagerClient({
region: process.env.AWS_REGION || 'us-east-1'
});
}
const getSecret = async (secretName, key = null) => {
const cacheKey = `${secretName}:${key || 'default'}`;
// Check cache first
const cached = cache.get(cacheKey);
if (cached && Date.now() - cached.timestamp < cacheExpiry) {
return cached.value;
}
try {
let secretValue;
if (client) {
// Try AWS Secrets Manager first
const command = new GetSecretValueCommand({
SecretId: secretName
});
const response = await client.send(command);
if (response.SecretString) {
const secretData = JSON.parse(response.SecretString);
secretValue = key ? secretData[key] : secretData;
}
}
// Fallback to environment variables if AWS fails or is not configured
if (!secretValue) {
const envKey = secretName.toUpperCase().replace(/[^A-Z0-9]/g, '_');
secretValue = process.env[envKey];
if (!secretValue) {
throw new Error(`Secret ${secretName} not found in AWS Secrets Manager or environment variables`);
}
}
// Cache the result
cache.set(cacheKey, {
value: secretValue,
timestamp: Date.now()
});
return secretValue;
} catch (error) {
console.error(`Failed to retrieve secret ${secretName}:`, error.message);
throw new Error(`Secret retrieval failed: ${secretName}`);
}
};
const getDatabaseConfig = async () => {
return {
host: await getSecret('piconote/database/host'),
port: parseInt(await getSecret('piconote/database/port')) || 3306,
database: await getSecret('piconote/database/name'),
username: await getSecret('piconote/database/username'),
password: await getSecret('piconote/database/password'),
};
};
const getJWTConfig = async () => {
return {
secret: await getSecret('piconote/jwt/secret'),
refreshSecret: await getSecret('piconote/jwt/refresh_secret'),
expiresIn: process.env.JWT_EXPIRES_IN || '7d',
refreshExpiresIn: process.env.JWT_REFRESH_EXPIRES_IN || '30d',
};
};
const getEncryptionKey = async () => {
return await getSecret('piconote/encryption/key');
};
const getAPIKeys = async () => {
return {
openai: await getSecret('piconote/api_keys/openai'),
anthropic: await getSecret('piconote/api_keys/anthropic'),
googleClientId: await getSecret('piconote/oauth/google/client_id'),
microsoftClientId: await getSecret('piconote/oauth/microsoft/client_id'),
};
};
const clearCache = () => {
cache.clear();
};
const getCacheStats = () => {
return {
size: cache.size,
entries: Array.from(cache.entries()).map(([key, value]) => ({
key,
age: Date.now() - value.timestamp
}))
};
};
return {
getSecret,
getDatabaseConfig,
getJWTConfig,
getEncryptionKey,
getAPIKeys,
clearCache,
getCacheStats
};
})();
module.exports = secretsManager; |
:: Command execute :: | |
--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0032 ]-- |