chore: remove dependency on crypto module in common (#191)

* Revert "Add react-native-get-random-values"

This reverts commit 12f2983.

* Add [Eppo SDK] to logged message

* Allow salt as argument to getPrecomputedConfiguration

* Remove webpack exclusion of crypto module in the browser bundle, no longer necessary

* Add to exports

* Keep salt as optional, but require it if being used directly from the common sdk

* Better to not throw an error

Author: sameerank

package.json

@@ -73,7 +73,6 @@
     "buffer": "npm:@eppo/[email protected]",
     "js-base64": "^3.7.7",
     "pino": "^9.5.0",
-    "react-native-get-random-values": "^1.11.0",
     "semver": "^7.5.4",
     "spark-md5": "^3.0.2",
     "uuid": "^8.3.2"

src/client/eppo-client-with-bandits.spec.ts

@@ -1,3 +1,5 @@
+import * as base64 from 'js-base64';
+
 import {
   readMockUFCResponse,
   MOCK_BANDIT_MODELS_RESPONSE_FILE,
@@ -24,7 +26,7 @@ import {
 } from '../flag-evaluation-details-builder';
 import FetchHttpClient from '../http-client';
 import { BanditVariation, BanditParameters, Flag } from '../interfaces';
-import { attributeEncodeBase64, setSaltOverrideForTests } from '../obfuscation';
+import { attributeEncodeBase64 } from '../obfuscation';
 import { Attributes, BanditActions, ContextAttributes } from '../types';
 
 import EppoClient, { IAssignmentDetails } from './eppo-client';
@@ -658,10 +660,12 @@ describe('EppoClient Bandits E2E test', () => {
       subjectAttributes: ContextAttributes,
       banditActions: Record<string, BanditActions>,
     ): IPrecomputedConfiguration {
+      const salt = base64.fromUint8Array(new Uint8Array([101, 112, 112, 111]));
       const precomputedResults = client.getPrecomputedConfiguration(
         subjectKey,
         subjectAttributes,
         banditActions,
+        salt,
       );
 
       const { precomputed } = JSON.parse(precomputedResults) as IConfigurationWire;
@@ -672,14 +676,6 @@ describe('EppoClient Bandits E2E test', () => {
     }
 
     describe('obfuscated results', () => {
-      beforeEach(() => {
-        setSaltOverrideForTests(new Uint8Array([101, 112, 112, 111])); // e p p o => "ZXBwbw=="
-      });
-
-      afterAll(() => {
-        setSaltOverrideForTests(null);
-      });
-
       it('obfuscates precomputed bandits', () => {
         const bannerBanditFlagMd5 = '3ac89e06235484aa6f2aec8c33109a02';
         const brandAffinityB64 = 'YnJhbmRfYWZmaW5pdHk=';

src/client/eppo-client.spec.ts

@@ -1,3 +1,4 @@
+import * as base64 from 'js-base64';
 import { times } from 'lodash';
 import * as td from 'testdouble';
 
@@ -23,12 +24,15 @@ import { MemoryOnlyConfigurationStore } from '../configuration-store/memory.stor
 import { MAX_EVENT_QUEUE_SIZE, DEFAULT_POLL_INTERVAL_MS, POLL_JITTER_PCT } from '../constants';
 import { decodePrecomputedFlag } from '../decoding';
 import { Flag, ObfuscatedFlag, VariationType } from '../interfaces';
-import { getMD5Hash, setSaltOverrideForTests } from '../obfuscation';
+import { getMD5Hash } from '../obfuscation';
 import { AttributeType } from '../types';
 
 import EppoClient, { FlagConfigurationRequestParameters, checkTypeMatch } from './eppo-client';
 import { initConfiguration } from './test-utils';
 
+// Use a known salt to produce deterministic hashes
+const salt = base64.fromUint8Array(new Uint8Array([7, 53, 17, 78]));
+
 describe('EppoClient E2E test', () => {
   global.fetch = jest.fn(() => {
     const ufc = readMockUFCResponse(MOCK_UFC_RESPONSE_FILE);
@@ -215,12 +219,8 @@ describe('EppoClient E2E test', () => {
       client = new EppoClient({ flagConfigurationStore: storage });
     });
 
-    afterEach(() => {
-      setSaltOverrideForTests(null);
-    });
-
     it('skips disabled flags', () => {
-      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {});
+      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {}, {}, salt);
       const { precomputed } = JSON.parse(encodedPrecomputedWire) as IConfigurationWire;
       if (!precomputed) {
         fail('Precomputed data not in Configuration response');
@@ -231,7 +231,6 @@ describe('EppoClient E2E test', () => {
 
       expect(precomputedResponse).toBeTruthy();
       const precomputedFlags = precomputedResponse?.flags ?? {};
-      const salt = precomputedResponse.salt;
 
       expect(Object.keys(precomputedFlags)).toHaveLength(2);
       expect(Object.keys(precomputedFlags)).toContain(getMD5Hash('anotherFlag', salt));
@@ -240,15 +239,14 @@ describe('EppoClient E2E test', () => {
     });
 
     it('evaluates and returns assignments', () => {
-      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {});
+      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {}, {}, salt);
       const { precomputed } = JSON.parse(encodedPrecomputedWire) as IConfigurationWire;
       if (!precomputed) {
         fail('Precomputed data not in Configuration response');
       }
       const precomputedResponse = JSON.parse(
         precomputed.response,
       ) as IObfuscatedPrecomputedConfigurationResponse;
-      const salt = precomputedResponse.salt;
 
       expect(precomputedResponse).toBeTruthy();
       const precomputedFlags = precomputedResponse?.flags ?? {};
@@ -259,10 +257,7 @@ describe('EppoClient E2E test', () => {
     });
 
     it('obfuscates assignments', () => {
-      // Use a known salt to produce deterministic hashes
-      setSaltOverrideForTests(new Uint8Array([7, 53, 17, 78]));
-
-      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {}, {});
+      const encodedPrecomputedWire = client.getPrecomputedConfiguration('subject', {}, {}, salt);
       const { precomputed } = JSON.parse(encodedPrecomputedWire) as IConfigurationWire;
       if (!precomputed) {
         fail('Precomputed data not in Configuration response');

src/client/eppo-client.ts

@@ -866,12 +866,14 @@ export default class EppoClient {
    *
    * @param subjectKey an identifier of the experiment subject, for example a user ID.
    * @param subjectAttributes optional attributes associated with the subject, for example name and email.
-   * @param banditActions
+   * @param banditActions optional attributes associated with the bandit actions
+   * @param salt a salt to use for obfuscation
    */
   getPrecomputedConfiguration(
     subjectKey: string,
     subjectAttributes: Attributes | ContextAttributes = {},
     banditActions: Record<FlagKey, BanditActions> = {},
+    salt?: string,
   ): string {
     const configDetails = this.getConfigDetails();
 
@@ -890,6 +892,7 @@ export default class EppoClient {
       subjectKey,
       flags,
       bandits,
+      salt ?? '', // no salt if not provided
       subjectContextualAttributes,
       configDetails.configEnvironment,
     );

src/configuration.ts

@@ -5,11 +5,7 @@ import {
   IPrecomputedBandit,
   PrecomputedFlag,
 } from './interfaces';
-import {
-  generateSalt,
-  obfuscatePrecomputedBanditMap,
-  obfuscatePrecomputedFlags,
-} from './obfuscation';
+import { obfuscatePrecomputedBanditMap, obfuscatePrecomputedFlags } from './obfuscation';
 import { ContextAttributes, FlagKey, HashedFlagKey } from './types';
 
 // Base interface for all configuration responses
@@ -69,13 +65,15 @@ export class PrecomputedConfiguration implements IPrecomputedConfiguration {
     subjectKey: string,
     flags: Record<FlagKey, PrecomputedFlag>,
     bandits: Record<FlagKey, IPrecomputedBandit>,
+    salt: string,
     subjectAttributes?: ContextAttributes,
     environment?: Environment,
   ): IPrecomputedConfiguration {
     const response = new ObfuscatedPrecomputedConfigurationResponse(
       subjectKey,
       flags,
       bandits,
+      salt,
       subjectAttributes,
       environment,
     );
@@ -132,12 +130,13 @@ export class ObfuscatedPrecomputedConfigurationResponse
     subjectKey: string,
     flags: Record<FlagKey, PrecomputedFlag>,
     bandits: Record<FlagKey, IPrecomputedBandit>,
+    salt: string,
     subjectAttributes?: ContextAttributes,
     environment?: Environment,
   ) {
     super(subjectKey, subjectAttributes, environment);
 
-    this.salt = generateSalt();
+    this.salt = salt;
     this.bandits = obfuscatePrecomputedBanditMap(this.salt, bandits);
     this.flags = obfuscatePrecomputedFlags(this.salt, flags);
   }

src/index.ts

@@ -47,8 +47,15 @@ import EventDispatcher from './events/event-dispatcher';
 import NamedEventQueue from './events/named-event-queue';
 import NetworkStatusListener from './events/network-status-listener';
 import HttpClient from './http-client';
-import { PrecomputedFlag, Flag, ObfuscatedFlag, VariationType, FormatEnum } from './interfaces';
-import { setSaltOverrideForTests } from './obfuscation';
+import {
+  PrecomputedFlag,
+  Flag,
+  ObfuscatedFlag,
+  VariationType,
+  FormatEnum,
+  BanditParameters,
+  BanditVariation,
+} from './interfaces';
 import {
   AttributeType,
   Attributes,
@@ -108,6 +115,8 @@ export {
   ContextAttributes,
   BanditSubjectAttributes,
   BanditActions,
+  BanditVariation,
+  BanditParameters,
   Subject,
   FormatEnum,
 
@@ -129,6 +138,5 @@ export {
   PrecomputedFlag,
 
   // Test helpers
-  setSaltOverrideForTests,
   decodePrecomputedFlag,
 };

src/obfuscation.spec.ts

@@ -1,4 +1,4 @@
-import { decodeBase64, encodeBase64, generateSalt, setSaltOverrideForTests } from './obfuscation';
+import { decodeBase64, encodeBase64 } from './obfuscation';
 
 describe('obfuscation', () => {
   it('encodes strings to base64', () => {
@@ -27,14 +27,4 @@ describe('obfuscation', () => {
 
     expect(decodeBase64('a8O8bW1lcnQ=')).toEqual('kümmert');
   });
-
-  describe('salt', () => {
-    it('converts from bytes to base64 string', () => {
-      const chars = new Uint8Array([101, 112, 112, 111]); // eppo
-      setSaltOverrideForTests(chars);
-
-      const salt64 = generateSalt();
-      expect(salt64).toEqual('ZXBwbw==');
-    });
-  });
 });

src/obfuscation.ts

@@ -1,34 +1,9 @@
 import base64 = require('js-base64');
 import * as SparkMD5 from 'spark-md5';
 
-import { logger } from './application-logger';
 import { IObfuscatedPrecomputedBandit, IPrecomputedBandit, PrecomputedFlag } from './interfaces';
 import { Attributes, AttributeType, Base64String, MD5String } from './types';
 
-// Import randomBytes according to the environment
-let getRandomValues: (length: number) => Uint8Array;
-if (typeof window !== 'undefined' && window.crypto) {
-  // Browser environment
-  getRandomValues = (length: number) => window.crypto.getRandomValues(new Uint8Array(length));
-} else if (typeof navigator !== 'undefined' && navigator.product === 'ReactNative') {
-  // React Native environment
-  require('react-native-get-random-values');
-  getRandomValues = (length: number) => {
-    const array = new Uint8Array(length);
-    return window.crypto.getRandomValues(array);
-  };
-} else {
-  // Node.js environment
-  import('crypto')
-    .then((crypto) => {
-      getRandomValues = (length: number) => new Uint8Array(crypto.randomBytes(length));
-      return;
-    })
-    .catch((error) => {
-      logger.error('[Eppo SDK] Failed to load crypto module:', error);
-    });
-}
-
 export function getMD5Hash(input: string, salt = ''): string {
   return new SparkMD5().append(salt).append(input).end();
 }
@@ -110,12 +85,3 @@ export function obfuscatePrecomputedFlags(
   });
   return response;
 }
-
-let saltOverrideBytes: Uint8Array | null;
-export function setSaltOverrideForTests(salt: Uint8Array | null) {
-  saltOverrideBytes = salt ? salt : null;
-}
-
-export function generateSalt(length = 16): string {
-  return base64.fromUint8Array(saltOverrideBytes ? saltOverrideBytes : getRandomValues(length));
-}

src/react-native-get-random-values.d.ts

@@ -9,11 +9,9 @@
     "outDir": "dist",
     "noImplicitAny": true,
     "strict": true,
-    "strictPropertyInitialization": true,
+    "strictPropertyInitialization": true
   },
-  "include": [
-    "src/**/*.ts"
-  ],
+  "include": ["src/**/*.ts"],
   "exclude": [
     "node_modules",
     "dist",