2633de4d33
- Implement credential revocation endpoint with proper database integration - Fix database row mapping (snake_case to camelCase) for eResidency applications - Add missing imports (getRiskAssessmentEngine, VeriffKYCProvider, ComplyAdvantageSanctionsProvider) - Fix environment variable type checking for Veriff and ComplyAdvantage providers - Add required 'message' field to notification service calls - Fix risk assessment type mismatches - Update audit logging to use 'verified' action type (supported by schema) - Resolve all TypeScript errors and unused variable warnings - Add TypeScript ignore comments for placeholder implementations - Temporarily disable security/detect-non-literal-regexp rule due to ESLint 9 compatibility - Service now builds successfully with no linter errors All core functionality implemented: - Application submission and management - KYC integration (Veriff placeholder) - Sanctions screening (ComplyAdvantage placeholder) - Risk assessment engine - Credential issuance and revocation - Reviewer console - Status endpoints - Auto-issuance service
80 lines
2.6 KiB
JavaScript
80 lines
2.6 KiB
JavaScript
/**
|
|
* Environment variable validation
|
|
*/
|
|
import { z } from 'zod';
|
|
/**
|
|
* Environment variable schema
|
|
*/
|
|
const envSchema = z.object({
|
|
// Node environment
|
|
NODE_ENV: z.enum(['development', 'staging', 'production']).default('development'),
|
|
// Server configuration
|
|
PORT: z.string().transform(Number).pipe(z.number().int().positive()).default('3000'),
|
|
// Database
|
|
DATABASE_URL: z.string().url(),
|
|
// Storage (S3/GCS)
|
|
STORAGE_TYPE: z.enum(['s3', 'gcs']).default('s3'),
|
|
STORAGE_BUCKET: z.string(),
|
|
STORAGE_REGION: z.string().default('us-east-1'),
|
|
AWS_ACCESS_KEY_ID: z.string().optional(),
|
|
AWS_SECRET_ACCESS_KEY: z.string().optional(),
|
|
GCP_PROJECT_ID: z.string().optional(),
|
|
GCP_KEY_FILE: z.string().optional(),
|
|
// KMS
|
|
KMS_TYPE: z.enum(['aws', 'gcp']).default('aws'),
|
|
KMS_KEY_ID: z.string(),
|
|
KMS_REGION: z.string().default('us-east-1'),
|
|
// Authentication
|
|
JWT_SECRET: z.string().min(32),
|
|
OIDC_ISSUER: z.string().url().optional(),
|
|
OIDC_CLIENT_ID: z.string().optional(),
|
|
OIDC_CLIENT_SECRET: z.string().optional(),
|
|
VC_ISSUER_DID: z.string().optional(),
|
|
VC_ISSUER_DOMAIN: z.string().optional(),
|
|
SWAGGER_SERVER_URL: z.string().url().optional(),
|
|
// CORS
|
|
CORS_ORIGIN: z.string().optional(),
|
|
// Logging
|
|
LOG_LEVEL: z.enum(['fatal', 'error', 'warn', 'info', 'debug', 'trace']).default('info'),
|
|
// Monitoring
|
|
OTEL_EXPORTER_OTLP_ENDPOINT: z.string().url().optional(),
|
|
OTEL_SERVICE_NAME: z.string().optional(),
|
|
// Payment Gateway
|
|
PAYMENT_GATEWAY_API_KEY: z.string().optional(),
|
|
PAYMENT_GATEWAY_WEBHOOK_SECRET: z.string().optional(),
|
|
// OCR Service
|
|
OCR_SERVICE_URL: z.string().url().optional(),
|
|
OCR_SERVICE_API_KEY: z.string().optional(),
|
|
// ML Classification
|
|
ML_CLASSIFICATION_SERVICE_URL: z.string().url().optional(),
|
|
ML_CLASSIFICATION_API_KEY: z.string().optional(),
|
|
// Redis/Cache
|
|
REDIS_URL: z.string().url().optional(),
|
|
// Message Queue
|
|
MESSAGE_QUEUE_URL: z.string().url().optional(),
|
|
});
|
|
let env = null;
|
|
/**
|
|
* Get validated environment variables
|
|
*/
|
|
export function getEnv() {
|
|
if (env) {
|
|
return env;
|
|
}
|
|
try {
|
|
env = envSchema.parse(process.env);
|
|
return env;
|
|
}
|
|
catch (error) {
|
|
if (error instanceof z.ZodError) {
|
|
const missing = error.errors.map((e) => `${e.path.join('.')}: ${e.message}`).join(', ');
|
|
throw new Error(`Invalid environment variables: ${missing}`);
|
|
}
|
|
throw error;
|
|
}
|
|
}
|
|
/**
|
|
* Validate environment variables on module load
|
|
*/
|
|
getEnv();
|
|
//# sourceMappingURL=env.js.map
|