npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

fcl-googlekms-authorizer

v0.1.4

Published

Google KMS authorizer (signer) for Flow blockchain.

Downloads

2

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

akashroundakashround

Keywords

Readme

fcl-googlekms-authorizer

Google KMS authorizer (signer) for Flow blockchain.

Installation

npm i fcl-googlekms-authorizer

Usage


import * as fcl from '@onflow/fcl';
import { GoogleKmsAuthorizer } from 'fcl-googlekms-authorizer';

// Key configuration. Store it in env variables or secret manager
const projectId = '<google cloud project Id>';
const locationId = '<location of the project>';
const keyRingId = '<key Ring Id>';
const keyId = '<keyId>';
const versionId = '<versionId>';

// Test transaction
const transaction = `
transaction {
  prepare(signer: AuthAccount) {
    log("Test transaction signed by fcl-googlekms-authorizer")
  }
}
`;

async function main() {

  // Create an instance of the authorizer
  const authorizer = new GoogleKmsAuthorizer(
      projectId,
      locationId,
      keyRingId,
      keyId,
      versionId
  );

  // address created using public key downloaded from google kms
  const address = '01cf0e2f2f715450';
  const keyIndex = 0;

  // Sign and send transactions with Google KMS
  const authorization = authorizer.authorize(address, keyIndex);

  const response = await fcl.send([
    fcl.transaction`${transaction}`,
    fcl.args([]),
    fcl.proposer(authorization),
    fcl.authorizations([authorization]),
    fcl.payer(authorization),
    fcl.limit(9999),
  ]);
  await fcl.tx(response).onceSealed();

  console.log('Transaction Succeeded');
}

main().catch(e => console.error(e));

see sign-tx.ts in examples folder for complete example.

Google KMS setup

Note: In order to use fcl-googlekms-authorizer for remote key management, you'll need a Google Cloud Platform account.

Pre-requisites:

  1. Create a new Project if you don't have one already. You'll need the Project ID later.
  2. Enable Cloud Key Management Service (KMS) API for the project, Security -> Cryptographic Keys.
  3. Create a new Key Ring for your wallet (or use an existing Key Ring), Security -> Cryptographic Keys -> Create Key Ring, you'll need the Location ID (or Location) and Key Ring ID (or Name) later.

Using a Service Account to access the KMS API (see official docs for more);

  1. Create a new Service Account, IAM & Admin -> Service Accounts -> Create Service Account
  2. Use the roles Cloud KMS Admin & Cloud KMS Signer/Verifier or grant the required permissions through a custom role (NOTE: deletion not supported yet):
    • cloudkms.cryptoKeyVersions.useToSign
    • cloudkms.cryptoKeyVersions.viewPublicKey
    • cloudkms.cryptoKeys.create
  3. After creating the Service Account, select Manage Keys from the Actions menu in the Service Account listing.
  4. Create a new key, Add Key -> Create New key, and select JSON as the key type.
  5. Save the JSON file.

Configure the Google KMS client library by setting the environment variable GOOGLE_APPLICATION_CREDENTIALS:

export GOOGLE_APPLICATION_CREDENTIALS="/home/example/path/to/service-account-file.json"

Creating an account on testnet via the faucet:

  1. When generating the key on Google KMS, choose "Asymmetric sign" as the purpose and "Elliptic Curve P-256 - SHA256 Digest" as the key type and algorithm (other combinations may work but these have been confirmed to work)
  2. Download the public key from Google KMS in PEM format (should have a .pub ending)
  3. Run it through flow keys decode pem --from-file <filename>
  4. Copy the "Public Key" part
  5. Go to https://testnet-faucet-v2.onflow.org
  6. Paste the copied public key in the form
  7. IMPORTANT: Choose SHA2_256 as the hash algorithm (SHA3_256 won't work with the key setup above)

Store the generated address and use it while creating the authorization -

const authorization = authorizer.authorize(accountAddress, keyIndex);

Credits

This fcl compatible Google KMS authorizer is built taking inspiration from fcl-kms-authorizer