npm - @absolutejs/auth - Versions diffs - 0.26.0-beta.2 → 0.26.0-beta.3 - Mend

@absolutejs/auth 0.26.0-beta.2 → 0.26.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/dist/audit/config.d.ts +2 -1
package/dist/audit/types.d.ts +1 -1
package/dist/authorization/config.d.ts +19 -0
package/dist/authorization/protectPermission.d.ts +52 -0
package/dist/compliance/cipher.d.ts +5 -0
package/dist/compliance/config.d.ts +18 -0
package/dist/compliance/redaction.d.ts +8 -0
package/dist/compliance/routes.d.ts +89 -0
package/dist/htmx/index.js +494 -98
package/dist/htmx/index.js.map +3 -3
package/dist/index.d.ts +2537 -344
package/dist/index.js +3516 -1504
package/dist/index.js.map +32 -13
package/dist/providers/clients.d.ts +3 -3
package/dist/routes/authorize.d.ts +2 -2
package/dist/routes/protectRoute.d.ts +2 -2
package/dist/scim/config.d.ts +55 -0
package/dist/scim/inMemoryScimTokenStore.d.ts +2 -0
package/dist/scim/postgresScimTokenStore.d.ts +102 -0
package/dist/scim/routes.d.ts +296 -0
package/dist/scim/serialize.d.ts +45 -0
package/dist/scim/types.d.ts +52 -0
package/dist/session/promote.d.ts +9 -2
package/dist/sso/config.d.ts +104 -0
package/dist/sso/discoveryRoute.d.ts +63 -0
package/dist/sso/inMemorySsoConnectionStore.d.ts +2 -0
package/dist/sso/oidcRoutes.d.ts +97 -0
package/dist/sso/postgresSsoConnectionStore.d.ts +139 -0
package/dist/sso/samlRoutes.d.ts +176 -0
package/dist/sso/types.d.ts +39 -0
package/dist/typebox.d.ts +1 -1
package/dist/types.d.ts +36 -0
package/dist/webauthn/adapter.d.ts +59 -0
package/dist/webauthn/config.d.ts +35 -0
package/dist/webauthn/inMemoryWebAuthnCredentialStore.d.ts +2 -0
package/dist/webauthn/postgresWebAuthnCredentialStore.d.ts +172 -0
package/dist/webauthn/routes.d.ts +155 -0
package/dist/webauthn/types.d.ts +17 -0
package/package.json +2 -2

package/dist/audit/config.d.ts CHANGED Viewed

@@ -3,6 +3,7 @@ export type AuditConfig<UserType> = {
     auditStore?: AuditSink;
     getUserId?: (user: UserType) => string;
     onAuditEvent?: (event: AuditEvent) => void | Promise<void>;
+    redact?: (event: AuditEvent) => AuditEvent | Promise<AuditEvent>;
 };
 export type AuditEmitter = (event: AuditEvent) => Promise<void>;
-export declare const createAuditEmitter: <UserType>({ auditStore, onAuditEvent }: AuditConfig<UserType>) => (event: AuditEvent) => Promise<void>;
+export declare const createAuditEmitter: <UserType>({ auditStore, onAuditEvent, redact }: AuditConfig<UserType>) => (event: AuditEvent) => Promise<void>;

package/dist/audit/types.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import type { OrganizationId } from '../tenancy';
-export type AuditEventType = 'credentials_login' | 'credentials_login_failed' | 'email_verified' | 'identity_conflict' | 'logout' | 'mfa_challenge' | 'mfa_challenge_failed' | 'mfa_enrolled' | 'oauth_login' | 'password_reset' | 'register' | 'scim_provision' | 'session_revoked' | 'sso_login' | 'token_refreshed' | 'token_revoked';
+export type AuditEventType = 'account_deleted' | 'authorization_denied' | 'credentials_login' | 'credentials_login_failed' | 'data_exported' | 'email_verified' | 'identity_conflict' | 'logout' | 'mfa_challenge' | 'mfa_challenge_failed' | 'mfa_enrolled' | 'oauth_login' | 'password_reset' | 'register' | 'scim_provision' | 'session_revoked' | 'sso_login' | 'token_refreshed' | 'token_revoked' | 'webauthn_authenticated' | 'webauthn_registered';
 export type AuditEvent = {
     at: number;
     ip?: string;

package/dist/authorization/config.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { AuditEmitter } from '../audit/config';
+import type { AuthSessionStore } from '../session/types';
+import type { OrganizationId } from '../tenancy';
+export type PermissionContext<UserType> = {
+    organizationId?: OrganizationId;
+    permission: string;
+    user: UserType;
+};
+export type AuthorizationConfig<UserType> = {
+    hasPermission: (context: PermissionContext<UserType>) => boolean | Promise<boolean>;
+};
+export type PermissionCheck = {
+    organizationId?: OrganizationId;
+    permission: string;
+};
+export type AuthorizationPluginProps<UserType> = AuthorizationConfig<UserType> & {
+    authSessionStore?: AuthSessionStore<UserType>;
+    emit?: AuditEmitter;
+};

package/dist/authorization/protectPermission.d.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import { Elysia } from 'elysia';
+import type { AuthorizationPluginProps, PermissionCheck } from './config';
+type PermissionFailError = {
+    readonly code: 'Bad Request';
+    readonly message: 'Cookies are missing';
+} | {
+    readonly code: 'Forbidden';
+    readonly message: 'Insufficient permissions';
+} | {
+    readonly code: 'Unauthorized';
+    readonly message: 'User is not authenticated';
+};
+export declare const protectPermissionPlugin: <UserType>({ authSessionStore, emit, hasPermission }: AuthorizationPluginProps<UserType>) => Elysia<"", {
+    decorator: {};
+    store: {
+        session: import("..").SessionRecord<UserType>;
+        unregisteredSession: import("..").UnregisteredSessionRecord;
+    };
+    derive: {
+        readonly protectPermission: <AuthReturn, AuthFailReturn>(check: PermissionCheck, handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: PermissionFailError) => AuthFailReturn) => Promise<AuthReturn | import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | NonNullable<AuthFailReturn> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | import("elysia").ElysiaCustomStatusResponse<"Forbidden", "Insufficient permissions", 403>>;
+    };
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: import("elysia").UnwrapRoute<{
+        cookie: import("@sinclair/typebox").TObject<{
+            user_session_id: import("@sinclair/typebox").TOptional<import("@sinclair/typebox").TTemplateLiteralSyntax<"${string}-${string}-${string}-${string}-${string}">>;
+        }>;
+    }, {}, "">;
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: import("elysia").ExtractErrorFromHandle<{
+        readonly protectPermission: <AuthReturn, AuthFailReturn>(check: PermissionCheck, handleAuth: (user: UserType) => AuthReturn | Promise<AuthReturn>, handleAuthFail?: (error: PermissionFailError) => AuthFailReturn) => Promise<AuthReturn | import("elysia").ElysiaCustomStatusResponse<"Bad Request", "Cookies are missing", 400> | NonNullable<AuthFailReturn> | import("elysia").ElysiaCustomStatusResponse<"Unauthorized", "User is not authenticated", 401> | import("elysia").ElysiaCustomStatusResponse<"Forbidden", "Insufficient permissions", 403>>;
+    }>;
+}, {}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>;
+export {};

package/dist/compliance/cipher.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export type SecretCipher = {
+    decrypt: (ciphertext: string) => Promise<string>;
+    encrypt: (plaintext: string) => Promise<string>;
+};
+export declare const createSecretCipher: (keyMaterial: string) => SecretCipher;

package/dist/compliance/config.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import type { AuditEmitter } from '../audit/config';
+import type { AuthSessionStore } from '../session/types';
+import type { RouteString } from '../types';
+export type ComplianceConfig<UserType> = {
+    complianceRoute?: RouteString;
+    deleteUserData: (context: {
+        user: UserType;
+        userId?: string;
+    }) => void | Promise<void>;
+    exportUserData: (context: {
+        user: UserType;
+    }) => Record<string, unknown> | Promise<Record<string, unknown>>;
+    getUserId?: (user: UserType) => string;
+};
+export type CompliancePluginProps<UserType> = ComplianceConfig<UserType> & {
+    authSessionStore?: AuthSessionStore<UserType>;
+    emit?: AuditEmitter;
+};

package/dist/compliance/redaction.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { AuditEvent } from '../audit/types';
+type AuditRedactorOptions = {
+    dropFields?: string[];
+    hashFields?: string[];
+    redactIp?: boolean;
+};
+export declare const createAuditRedactor: ({ dropFields, hashFields, redactIp }: AuditRedactorOptions) => (event: AuditEvent) => Promise<AuditEvent>;
+export {};

package/dist/compliance/routes.d.ts ADDED Viewed

@@ -0,0 +1,89 @@
+import { Elysia } from 'elysia';
+import type { CompliancePluginProps } from './config';
+export declare const complianceRoutes: <UserType>({ authSessionStore, complianceRoute, deleteUserData, emit, exportUserData, getUserId }: CompliancePluginProps<UserType>) => Elysia<"", {
+    decorator: {};
+    store: {
+        session: import("..").SessionRecord<UserType>;
+        unregisteredSession: import("..").UnregisteredSessionRecord;
+    };
+    derive: {};
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: {};
+}, {
+    [x: string]: {
+        export: {
+            get: {
+                body: unknown;
+                params: {};
+                query: unknown;
+                headers: unknown;
+                response: {
+                    200: {
+                        [x: string]: unknown;
+                    };
+                    401: "Authentication required";
+                    422: {
+                        type: "validation";
+                        on: string;
+                        summary?: string;
+                        message?: string;
+                        found?: unknown;
+                        property?: string;
+                        expected?: string;
+                    };
+                };
+            };
+        };
+    };
+} & {
+    [x: string]: {
+        delete: {
+            body: unknown;
+            params: {};
+            query: unknown;
+            headers: unknown;
+            response: {
+                200: {
+                    readonly deleted: true;
+                };
+                401: "Authentication required";
+                422: {
+                    type: "validation";
+                    on: string;
+                    summary?: string;
+                    message?: string;
+                    found?: unknown;
+                    property?: string;
+                    expected?: string;
+                };
+            };
+        };
+    };
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+} & {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>;