Initialize organization bot upon creating organization

2025-03-27 09:40:45 +00:00 · 2023-07-23 12:03:39 +07:00
parent 565f234921
commit 70d04be978
4 changed files with 99 additions and 7 deletions
--- a/backend/src/helpers/botOrg.ts
+++ b/backend/src/helpers/botOrg.ts
@ -3,12 +3,100 @@ import { client, getEncryptionKey, getRootEncryptionKey } from "../config";
 import { BotOrg } from "../models";
 import { decryptSymmetric128BitHexKeyUTF8 } from "../utils/crypto";
 import {
+    ALGORITHM_AES_256_GCM,
    ENCODING_SCHEME_BASE64,
    ENCODING_SCHEME_UTF8
 } from "../variables";
 import { InternalServerError } from "../utils/errors";
+import { encryptSymmetric128BitHexKeyUTF8, generateKeyPair } from "../utils/crypto";

-// TODO: DOCstrings
+/**
+ * Create a bot with name [name] for organization with id [organizationId]
+ * @param {Object} obj
+ * @param {String} obj.name - name of bot
+ * @param {String} obj.organizationId - id of organization that bot belongs to
+ */
+export const createBotOrg = async ({
+  name,
+  organizationId,
+}: {
+  name: string;
+  organizationId: Types.ObjectId;
+}) => {
+    const encryptionKey = await getEncryptionKey();
+    const rootEncryptionKey = await getRootEncryptionKey();
+
+    const { publicKey, privateKey } = generateKeyPair();
+    const key = client.createSymmetricKey();
+
+    if (rootEncryptionKey) {
+        const { 
+            ciphertext: encryptedPrivateKey,
+            iv: privateKeyIV,
+            tag: privateKeyTag
+        } = client.encryptSymmetric(privateKey, rootEncryptionKey);
+
+        const {
+            ciphertext: encryptedSymmetricKey,
+            iv: symmetricKeyIV,
+            tag: symmetricKeyTag
+        } = client.encryptSymmetric(key, rootEncryptionKey);
+
+        return await new BotOrg({
+            name,
+            organization: organizationId,
+            publicKey,
+            encryptedSymmetricKey,
+            symmetricKeyIV,
+            symmetricKeyTag,
+            symmetricKeyAlgorithm: ALGORITHM_AES_256_GCM,
+            symmetricKeyKeyEncoding: ENCODING_SCHEME_BASE64,
+            encryptedPrivateKey,
+            privateKeyIV,
+            privateKeyTag,
+            privateKeyAlgorithm: ALGORITHM_AES_256_GCM,
+            privateKeyKeyEncoding: ENCODING_SCHEME_BASE64
+        }).save();
+    } else if (encryptionKey) {
+        const {
+            ciphertext: encryptedPrivateKey,
+            iv: privateKeyIV,
+            tag: privateKeyTag
+        } = encryptSymmetric128BitHexKeyUTF8({
+            plaintext: privateKey,
+            key: encryptionKey
+        });
+            
+        const {
+            ciphertext: encryptedSymmetricKey,
+            iv: symmetricKeyIV,
+            tag: symmetricKeyTag
+        } = encryptSymmetric128BitHexKeyUTF8({
+            plaintext: key,
+            key: encryptionKey
+        });
+
+        return await new BotOrg({
+            name,
+            organization: organizationId,
+            publicKey,
+            encryptedSymmetricKey,
+            symmetricKeyIV,
+            symmetricKeyTag,
+            symmetricKeyAlgorithm: ALGORITHM_AES_256_GCM,
+            symmetricKeyKeyEncoding: ENCODING_SCHEME_UTF8,
+            encryptedPrivateKey,
+            privateKeyIV,
+            privateKeyTag,
+            privateKeyAlgorithm: ALGORITHM_AES_256_GCM,
+            privateKeyKeyEncoding: ENCODING_SCHEME_UTF8
+        }).save();
+    }
+
+  throw InternalServerError({
+    message: "Failed to create new organization bot due to missing encryption key",
+  });
+};

 export const getSymmetricKeyHelper = async (organizationId: Types.ObjectId) => {
    const rootEncryptionKey = await getRootEncryptionKey();
--- a/backend/src/helpers/organization.ts
+++ b/backend/src/helpers/organization.ts
@ -14,6 +14,9 @@ import {
  licenseKeyRequest,
  licenseServerKeyRequest,
 } from "../config/request";
+import {
+  createBotOrg
+} from "./botOrg";

 /**
 * Create an organization with name [name]
@ -29,6 +32,7 @@ export const createOrganization = async ({
  name: string;
  email: string;
 }) => {
+  
  const licenseServerKey = await getLicenseServerKey();
  let organization;
  
@ -52,6 +56,12 @@ export const createOrganization = async ({
    }).save();
  }

+  // initialize bot for organization
+  await createBotOrg({
+    name,
+    organizationId: organization._id
+  });
+
  return organization;
 };

--- a/backend/src/utils/setup/backfillData.ts
+++ b/backend/src/utils/setup/backfillData.ts
@ -177,7 +177,6 @@ export const backfillBotOrgs = async () => {
        return new BotOrg({
          name: "Infisical Bot",
          organization: organizationToAddBot,
-          isActive: false,
          publicKey,
          encryptedSymmetricKey,
          symmetricKeyIV,
@ -212,7 +211,6 @@ export const backfillBotOrgs = async () => {
        return new BotOrg({
          name: "Infisical Bot",
          organization: organizationToAddBot,
-          isActive: false,
          publicKey,
          encryptedSymmetricKey,
          symmetricKeyIV,
--- a/frontend/src/views/Signup/components/UserInfoSSOStep/UserInfoSSOStep.tsx
+++ b/frontend/src/views/Signup/components/UserInfoSSOStep/UserInfoSSOStep.tsx
@ -112,10 +112,6 @@ export const UserInfoSSOStep = ({
      const privateKey = encodeBase64(secretKeyUint8Array);
      const publicKey = encodeBase64(publicKeyUint8Array);
      localStorage.setItem("PRIVATE_KEY", privateKey);
-      
-      console.log("make");
-      console.log("email: ", email);
-      console.log("password: ", password);

      client.init(
        {