@aifabrix/miso-client 1.8.1 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +63 -0
- package/dist/index.d.ts +78 -16
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +103 -30
- package/dist/index.js.map +1 -1
- package/dist/services/auth.service.d.ts +13 -5
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +16 -8
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/permission.service.d.ts +22 -6
- package/dist/services/permission.service.d.ts.map +1 -1
- package/dist/services/permission.service.js +29 -14
- package/dist/services/permission.service.js.map +1 -1
- package/dist/services/role.service.d.ts +19 -5
- package/dist/services/role.service.d.ts.map +1 -1
- package/dist/services/role.service.js +25 -12
- package/dist/services/role.service.js.map +1 -1
- package/dist/types/config.types.d.ts +26 -0
- package/dist/types/config.types.d.ts.map +1 -1
- package/dist/types/config.types.js.map +1 -1
- package/dist/utils/auth-strategy.d.ts +38 -0
- package/dist/utils/auth-strategy.d.ts.map +1 -0
- package/dist/utils/auth-strategy.js +106 -0
- package/dist/utils/auth-strategy.js.map +1 -0
- package/dist/utils/config-loader.d.ts.map +1 -1
- package/dist/utils/config-loader.js +19 -0
- package/dist/utils/config-loader.js.map +1 -1
- package/dist/utils/http-client.d.ts +13 -2
- package/dist/utils/http-client.d.ts.map +1 -1
- package/dist/utils/http-client.js +16 -2
- package/dist/utils/http-client.js.map +1 -1
- package/dist/utils/internal-http-client.d.ts +13 -2
- package/dist/utils/internal-http-client.d.ts.map +1 -1
- package/dist/utils/internal-http-client.js +66 -8
- package/dist/utils/internal-http-client.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMH,MAAa,WAAW;IAKtB,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,KAAa;QACjC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC1E,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC;YACH,gEAAgE;YAChE,MAAM,KAAK,GAAG,CAAC,wDAAa,OAAO,GAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC7B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;gBAClC,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACnC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;iBAC5C;aACF,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CACnC,iBAAiB,CAClB,CAAC;YAEF,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACjD,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC;YAC7B,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,mCAAmC;gBACjC,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAC7D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAmB;QACvB,qEAAqE;QACrE,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,4BAA4B,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;IACnG,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../src/services/auth.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAMH,MAAa,WAAW;IAKtB,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,KAAa;QACjC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC1E,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC;YACH,gEAAgE;YAChE,MAAM,KAAK,GAAG,CAAC,wDAAa,OAAO,GAAC,CAAC,CAAC,OAAO,CAAC;YAC9C,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC7B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;gBAClC,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;oBACnC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY;iBAC5C;aACF,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,IAAI,CACnC,iBAAiB,CAClB,CAAC;YAEF,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACjD,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC;YAC7B,CAAC;YAED,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,mCAAmC;gBACjC,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAC7D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAmB;QACvB,qEAAqE;QACrE,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,4BAA4B,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;IACnG,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa,EAAE,YAA2B;QAC5D,mCAAmC;QACnC,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACvD,MAAM,EACN,oBAAoB,EAAE,0CAA0C;YAChE,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,OAAO,MAAM,CAAC,aAAa,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,wCAAwC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa,EAAE,YAA2B;QACtD,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACvD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,IAAI,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBACxC,OAAO,MAAM,CAAC,IAAI,CAAC;YACrB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,YAA2B;QAC1D,2DAA2D;QAC3D,IAAI,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACrD,KAAK,EACL,gBAAgB,EAChB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,uCAAuC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM;QACV,IAAI,CAAC;YACH,6CAA6C;YAC7C,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,0DAA0D;YAC1D,MAAM,IAAI,KAAK,CACb,iBAAiB,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAC/E,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,KAAa,EAAE,YAA2B;QAC9D,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IACjD,CAAC;CACF;AAjLD,kCAiLC"}
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import { HttpClient } from '../utils/http-client';
|
|
5
5
|
import { CacheService } from './cache.service';
|
|
6
|
+
import { AuthStrategy } from '../types/config.types';
|
|
6
7
|
export declare class PermissionService {
|
|
7
8
|
private httpClient;
|
|
8
9
|
private cache;
|
|
@@ -16,27 +17,42 @@ export declare class PermissionService {
|
|
|
16
17
|
/**
|
|
17
18
|
* Get user permissions with caching
|
|
18
19
|
* Optimized to extract userId from token first to check cache before API call
|
|
20
|
+
* @param token - User authentication token
|
|
21
|
+
* @param authStrategy - Optional authentication strategy override
|
|
19
22
|
*/
|
|
20
|
-
getPermissions(token: string): Promise<string[]>;
|
|
23
|
+
getPermissions(token: string, authStrategy?: AuthStrategy): Promise<string[]>;
|
|
21
24
|
/**
|
|
22
25
|
* Check if user has specific permission
|
|
26
|
+
* @param token - User authentication token
|
|
27
|
+
* @param permission - Permission to check
|
|
28
|
+
* @param authStrategy - Optional authentication strategy override
|
|
23
29
|
*/
|
|
24
|
-
hasPermission(token: string, permission: string): Promise<boolean>;
|
|
30
|
+
hasPermission(token: string, permission: string, authStrategy?: AuthStrategy): Promise<boolean>;
|
|
25
31
|
/**
|
|
26
32
|
* Check if user has any of the specified permissions
|
|
33
|
+
* @param token - User authentication token
|
|
34
|
+
* @param permissions - Permissions to check
|
|
35
|
+
* @param authStrategy - Optional authentication strategy override
|
|
27
36
|
*/
|
|
28
|
-
hasAnyPermission(token: string, permissions: string[]): Promise<boolean>;
|
|
37
|
+
hasAnyPermission(token: string, permissions: string[], authStrategy?: AuthStrategy): Promise<boolean>;
|
|
29
38
|
/**
|
|
30
39
|
* Check if user has all of the specified permissions
|
|
40
|
+
* @param token - User authentication token
|
|
41
|
+
* @param permissions - Permissions to check
|
|
42
|
+
* @param authStrategy - Optional authentication strategy override
|
|
31
43
|
*/
|
|
32
|
-
hasAllPermissions(token: string, permissions: string[]): Promise<boolean>;
|
|
44
|
+
hasAllPermissions(token: string, permissions: string[], authStrategy?: AuthStrategy): Promise<boolean>;
|
|
33
45
|
/**
|
|
34
46
|
* Force refresh permissions from controller (bypass cache)
|
|
47
|
+
* @param token - User authentication token
|
|
48
|
+
* @param authStrategy - Optional authentication strategy override
|
|
35
49
|
*/
|
|
36
|
-
refreshPermissions(token: string): Promise<string[]>;
|
|
50
|
+
refreshPermissions(token: string, authStrategy?: AuthStrategy): Promise<string[]>;
|
|
37
51
|
/**
|
|
38
52
|
* Clear cached permissions for a user
|
|
53
|
+
* @param token - User authentication token
|
|
54
|
+
* @param authStrategy - Optional authentication strategy override
|
|
39
55
|
*/
|
|
40
|
-
clearPermissionsCache(token: string): Promise<void>;
|
|
56
|
+
clearPermissionsCache(token: string, authStrategy?: AuthStrategy): Promise<void>;
|
|
41
57
|
}
|
|
42
58
|
//# sourceMappingURL=permission.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission.service.d.ts","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"permission.service.d.ts","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAsC,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAQzF,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,aAAa,CAAS;gBAElB,UAAU,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY;IAOvD;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAY9B;;;;;OAKG;IACG,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA2DnF;;;;;OAKG;IACG,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAKrG;;;;;OAKG;IACG,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAK3G;;;;;OAKG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5G;;;;OAIG;IACG,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA8CvF;;;;OAIG;IACG,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;CA0BvF"}
|
|
@@ -33,8 +33,10 @@ class PermissionService {
|
|
|
33
33
|
/**
|
|
34
34
|
* Get user permissions with caching
|
|
35
35
|
* Optimized to extract userId from token first to check cache before API call
|
|
36
|
+
* @param token - User authentication token
|
|
37
|
+
* @param authStrategy - Optional authentication strategy override
|
|
36
38
|
*/
|
|
37
|
-
async getPermissions(token) {
|
|
39
|
+
async getPermissions(token, authStrategy) {
|
|
38
40
|
try {
|
|
39
41
|
// Extract userId from token to check cache first (avoids API call on cache hit)
|
|
40
42
|
let userId = this.extractUserIdFromToken(token);
|
|
@@ -49,7 +51,7 @@ class PermissionService {
|
|
|
49
51
|
// Cache miss or no userId in token - fetch from controller
|
|
50
52
|
// If we don't have userId, get it from validate endpoint
|
|
51
53
|
if (!userId) {
|
|
52
|
-
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token);
|
|
54
|
+
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token, undefined, undefined, authStrategy);
|
|
53
55
|
userId = userInfo.user?.id || null;
|
|
54
56
|
if (!userId) {
|
|
55
57
|
return [];
|
|
@@ -57,7 +59,7 @@ class PermissionService {
|
|
|
57
59
|
}
|
|
58
60
|
// Cache miss - fetch from controller
|
|
59
61
|
const permissionResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/permissions', // Backend knows app/env from client token
|
|
60
|
-
token);
|
|
62
|
+
token, undefined, undefined, authStrategy);
|
|
61
63
|
const permissions = permissionResult.permissions || [];
|
|
62
64
|
// Cache the result (use userId-based key)
|
|
63
65
|
const finalCacheKey = `permissions:${userId}`;
|
|
@@ -72,39 +74,50 @@ class PermissionService {
|
|
|
72
74
|
}
|
|
73
75
|
/**
|
|
74
76
|
* Check if user has specific permission
|
|
77
|
+
* @param token - User authentication token
|
|
78
|
+
* @param permission - Permission to check
|
|
79
|
+
* @param authStrategy - Optional authentication strategy override
|
|
75
80
|
*/
|
|
76
|
-
async hasPermission(token, permission) {
|
|
77
|
-
const permissions = await this.getPermissions(token);
|
|
81
|
+
async hasPermission(token, permission, authStrategy) {
|
|
82
|
+
const permissions = await this.getPermissions(token, authStrategy);
|
|
78
83
|
return permissions.includes(permission);
|
|
79
84
|
}
|
|
80
85
|
/**
|
|
81
86
|
* Check if user has any of the specified permissions
|
|
87
|
+
* @param token - User authentication token
|
|
88
|
+
* @param permissions - Permissions to check
|
|
89
|
+
* @param authStrategy - Optional authentication strategy override
|
|
82
90
|
*/
|
|
83
|
-
async hasAnyPermission(token, permissions) {
|
|
84
|
-
const userPermissions = await this.getPermissions(token);
|
|
91
|
+
async hasAnyPermission(token, permissions, authStrategy) {
|
|
92
|
+
const userPermissions = await this.getPermissions(token, authStrategy);
|
|
85
93
|
return permissions.some((permission) => userPermissions.includes(permission));
|
|
86
94
|
}
|
|
87
95
|
/**
|
|
88
96
|
* Check if user has all of the specified permissions
|
|
97
|
+
* @param token - User authentication token
|
|
98
|
+
* @param permissions - Permissions to check
|
|
99
|
+
* @param authStrategy - Optional authentication strategy override
|
|
89
100
|
*/
|
|
90
|
-
async hasAllPermissions(token, permissions) {
|
|
91
|
-
const userPermissions = await this.getPermissions(token);
|
|
101
|
+
async hasAllPermissions(token, permissions, authStrategy) {
|
|
102
|
+
const userPermissions = await this.getPermissions(token, authStrategy);
|
|
92
103
|
return permissions.every((permission) => userPermissions.includes(permission));
|
|
93
104
|
}
|
|
94
105
|
/**
|
|
95
106
|
* Force refresh permissions from controller (bypass cache)
|
|
107
|
+
* @param token - User authentication token
|
|
108
|
+
* @param authStrategy - Optional authentication strategy override
|
|
96
109
|
*/
|
|
97
|
-
async refreshPermissions(token) {
|
|
110
|
+
async refreshPermissions(token, authStrategy) {
|
|
98
111
|
try {
|
|
99
112
|
// Get user info to extract userId
|
|
100
|
-
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token);
|
|
113
|
+
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token, undefined, undefined, authStrategy);
|
|
101
114
|
if (!userInfo.user?.id) {
|
|
102
115
|
return [];
|
|
103
116
|
}
|
|
104
117
|
const userId = userInfo.user.id;
|
|
105
118
|
const cacheKey = `permissions:${userId}`;
|
|
106
119
|
// Fetch fresh permissions from controller using refresh endpoint
|
|
107
|
-
const permissionResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/permissions/refresh', token);
|
|
120
|
+
const permissionResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/permissions/refresh', token, undefined, undefined, authStrategy);
|
|
108
121
|
const permissions = permissionResult.permissions || [];
|
|
109
122
|
// Update cache with fresh data
|
|
110
123
|
await this.cache.set(cacheKey, { permissions, timestamp: Date.now() }, this.permissionTTL);
|
|
@@ -118,11 +131,13 @@ class PermissionService {
|
|
|
118
131
|
}
|
|
119
132
|
/**
|
|
120
133
|
* Clear cached permissions for a user
|
|
134
|
+
* @param token - User authentication token
|
|
135
|
+
* @param authStrategy - Optional authentication strategy override
|
|
121
136
|
*/
|
|
122
|
-
async clearPermissionsCache(token) {
|
|
137
|
+
async clearPermissionsCache(token, authStrategy) {
|
|
123
138
|
try {
|
|
124
139
|
// Get user info to extract userId
|
|
125
|
-
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token);
|
|
140
|
+
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token, undefined, undefined, authStrategy);
|
|
126
141
|
if (!userInfo.user?.id) {
|
|
127
142
|
return;
|
|
128
143
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission.service.js","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;AAKH,gEAA+B;AAO/B,MAAa,iBAAiB;IAM5B,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,aAAa,IAAI,GAAG,CAAC,CAAC,qBAAqB;IACrF,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,EAAE,CAAkB,CAAC;QAC3F,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"permission.service.js","sourceRoot":"","sources":["../../src/services/permission.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;AAKH,gEAA+B;AAO/B,MAAa,iBAAiB;IAM5B,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,aAAa,IAAI,GAAG,CAAC,CAAC,qBAAqB;IACrF,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,EAAE,CAAkB,CAAC;QAC3F,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,cAAc,CAAC,KAAa,EAAE,YAA2B;QAC7D,IAAI,CAAC;YACH,gFAAgF;YAChF,IAAI,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,eAAe,MAAM,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YAEzD,sCAAsC;YACtC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAsB,QAAQ,CAAC,CAAC;gBACnE,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;gBAClC,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,yDAAyD;YACzD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACzD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;gBACF,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,IAAI,IAAI,CAAC;gBACnC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACjE,KAAK,EACL,uBAAuB,EAAE,0CAA0C;YACnE,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,MAAM,WAAW,GAAG,gBAAgB,CAAC,WAAW,IAAI,EAAE,CAAC;YAEvD,0CAA0C;YAC1C,MAAM,aAAa,GAAG,eAAe,MAAM,EAAE,CAAC;YAC9C,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,aAAa,EACb,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EACtC,IAAI,CAAC,aAAa,CACnB,CAAC;YAEF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YACnD,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,KAAa,EAAE,UAAkB,EAAE,YAA2B;QAChF,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACnE,OAAO,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,gBAAgB,CAAC,KAAa,EAAE,WAAqB,EAAE,YAA2B;QACtF,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACvE,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;IAChF,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,WAAqB,EAAE,YAA2B;QACvF,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACvE,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;IACjF,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,KAAa,EAAE,YAA2B;QACjE,IAAI,CAAC;YACH,kCAAkC;YAClC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACzD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;gBACvB,OAAO,EAAE,CAAC;YACZ,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,eAAe,MAAM,EAAE,CAAC;YAEzC,iEAAiE;YACjE,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACjE,KAAK,EACL,+BAA+B,EAC/B,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,MAAM,WAAW,GAAG,gBAAgB,CAAC,WAAW,IAAI,EAAE,CAAC;YAEvD,+BAA+B;YAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,QAAQ,EACR,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EACtC,IAAI,CAAC,aAAa,CACnB,CAAC;YAEF,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;YACvD,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa,EAAE,YAA2B;QACpE,IAAI,CAAC;YACH,kCAAkC;YAClC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACzD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;gBACvB,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,eAAe,MAAM,EAAE,CAAC;YAEzC,mBAAmB;YACnB,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;CACF;AAhND,8CAgNC"}
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
*/
|
|
4
4
|
import { HttpClient } from '../utils/http-client';
|
|
5
5
|
import { CacheService } from './cache.service';
|
|
6
|
+
import { AuthStrategy } from '../types/config.types';
|
|
6
7
|
export declare class RoleService {
|
|
7
8
|
private httpClient;
|
|
8
9
|
private cache;
|
|
@@ -16,23 +17,36 @@ export declare class RoleService {
|
|
|
16
17
|
/**
|
|
17
18
|
* Get user roles with Redis caching
|
|
18
19
|
* Optimized to extract userId from token first to check cache before API call
|
|
20
|
+
* @param token - User authentication token
|
|
21
|
+
* @param authStrategy - Optional authentication strategy override
|
|
19
22
|
*/
|
|
20
|
-
getRoles(token: string): Promise<string[]>;
|
|
23
|
+
getRoles(token: string, authStrategy?: AuthStrategy): Promise<string[]>;
|
|
21
24
|
/**
|
|
22
25
|
* Check if user has specific role
|
|
26
|
+
* @param token - User authentication token
|
|
27
|
+
* @param role - Role to check
|
|
28
|
+
* @param authStrategy - Optional authentication strategy override
|
|
23
29
|
*/
|
|
24
|
-
hasRole(token: string, role: string): Promise<boolean>;
|
|
30
|
+
hasRole(token: string, role: string, authStrategy?: AuthStrategy): Promise<boolean>;
|
|
25
31
|
/**
|
|
26
32
|
* Check if user has any of the specified roles
|
|
33
|
+
* @param token - User authentication token
|
|
34
|
+
* @param roles - Roles to check
|
|
35
|
+
* @param authStrategy - Optional authentication strategy override
|
|
27
36
|
*/
|
|
28
|
-
hasAnyRole(token: string, roles: string[]): Promise<boolean>;
|
|
37
|
+
hasAnyRole(token: string, roles: string[], authStrategy?: AuthStrategy): Promise<boolean>;
|
|
29
38
|
/**
|
|
30
39
|
* Check if user has all of the specified roles
|
|
40
|
+
* @param token - User authentication token
|
|
41
|
+
* @param roles - Roles to check
|
|
42
|
+
* @param authStrategy - Optional authentication strategy override
|
|
31
43
|
*/
|
|
32
|
-
hasAllRoles(token: string, roles: string[]): Promise<boolean>;
|
|
44
|
+
hasAllRoles(token: string, roles: string[], authStrategy?: AuthStrategy): Promise<boolean>;
|
|
33
45
|
/**
|
|
34
46
|
* Force refresh roles from controller (bypass cache)
|
|
47
|
+
* @param token - User authentication token
|
|
48
|
+
* @param authStrategy - Optional authentication strategy override
|
|
35
49
|
*/
|
|
36
|
-
refreshRoles(token: string): Promise<string[]>;
|
|
50
|
+
refreshRoles(token: string, authStrategy?: AuthStrategy): Promise<string[]>;
|
|
37
51
|
}
|
|
38
52
|
//# sourceMappingURL=role.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.service.d.ts","sourceRoot":"","sources":["../../src/services/role.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"role.service.d.ts","sourceRoot":"","sources":["../../src/services/role.service.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAgC,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAQnF,qBAAa,WAAW;IACtB,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,OAAO,CAAS;gBAEZ,UAAU,EAAE,UAAU,EAAE,KAAK,EAAE,YAAY;IAOvD;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAY9B;;;;;OAKG;IACG,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IA2D7E;;;;;OAKG;IACG,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAKzF;;;;;OAKG;IACG,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAK/F;;;;;OAKG;IACG,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC;IAKhG;;;;OAIG;IACG,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;CA6ClF"}
|
|
@@ -33,8 +33,10 @@ class RoleService {
|
|
|
33
33
|
/**
|
|
34
34
|
* Get user roles with Redis caching
|
|
35
35
|
* Optimized to extract userId from token first to check cache before API call
|
|
36
|
+
* @param token - User authentication token
|
|
37
|
+
* @param authStrategy - Optional authentication strategy override
|
|
36
38
|
*/
|
|
37
|
-
async getRoles(token) {
|
|
39
|
+
async getRoles(token, authStrategy) {
|
|
38
40
|
try {
|
|
39
41
|
// Extract userId from token to check cache first (avoids API call on cache hit)
|
|
40
42
|
let userId = this.extractUserIdFromToken(token);
|
|
@@ -49,7 +51,7 @@ class RoleService {
|
|
|
49
51
|
// Cache miss or no userId in token - fetch from controller
|
|
50
52
|
// If we don't have userId, get it from validate endpoint
|
|
51
53
|
if (!userId) {
|
|
52
|
-
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token);
|
|
54
|
+
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token, undefined, undefined, authStrategy);
|
|
53
55
|
userId = userInfo.user?.id || null;
|
|
54
56
|
if (!userId) {
|
|
55
57
|
return [];
|
|
@@ -57,7 +59,7 @@ class RoleService {
|
|
|
57
59
|
}
|
|
58
60
|
// Cache miss - fetch from controller
|
|
59
61
|
const roleResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/roles', // Backend knows app/env from client token
|
|
60
|
-
token);
|
|
62
|
+
token, undefined, undefined, authStrategy);
|
|
61
63
|
const roles = roleResult.roles || [];
|
|
62
64
|
// Cache the result (use userId-based key)
|
|
63
65
|
const finalCacheKey = `roles:${userId}`;
|
|
@@ -72,39 +74,50 @@ class RoleService {
|
|
|
72
74
|
}
|
|
73
75
|
/**
|
|
74
76
|
* Check if user has specific role
|
|
77
|
+
* @param token - User authentication token
|
|
78
|
+
* @param role - Role to check
|
|
79
|
+
* @param authStrategy - Optional authentication strategy override
|
|
75
80
|
*/
|
|
76
|
-
async hasRole(token, role) {
|
|
77
|
-
const roles = await this.getRoles(token);
|
|
81
|
+
async hasRole(token, role, authStrategy) {
|
|
82
|
+
const roles = await this.getRoles(token, authStrategy);
|
|
78
83
|
return roles.includes(role);
|
|
79
84
|
}
|
|
80
85
|
/**
|
|
81
86
|
* Check if user has any of the specified roles
|
|
87
|
+
* @param token - User authentication token
|
|
88
|
+
* @param roles - Roles to check
|
|
89
|
+
* @param authStrategy - Optional authentication strategy override
|
|
82
90
|
*/
|
|
83
|
-
async hasAnyRole(token, roles) {
|
|
84
|
-
const userRoles = await this.getRoles(token);
|
|
91
|
+
async hasAnyRole(token, roles, authStrategy) {
|
|
92
|
+
const userRoles = await this.getRoles(token, authStrategy);
|
|
85
93
|
return roles.some((role) => userRoles.includes(role));
|
|
86
94
|
}
|
|
87
95
|
/**
|
|
88
96
|
* Check if user has all of the specified roles
|
|
97
|
+
* @param token - User authentication token
|
|
98
|
+
* @param roles - Roles to check
|
|
99
|
+
* @param authStrategy - Optional authentication strategy override
|
|
89
100
|
*/
|
|
90
|
-
async hasAllRoles(token, roles) {
|
|
91
|
-
const userRoles = await this.getRoles(token);
|
|
101
|
+
async hasAllRoles(token, roles, authStrategy) {
|
|
102
|
+
const userRoles = await this.getRoles(token, authStrategy);
|
|
92
103
|
return roles.every((role) => userRoles.includes(role));
|
|
93
104
|
}
|
|
94
105
|
/**
|
|
95
106
|
* Force refresh roles from controller (bypass cache)
|
|
107
|
+
* @param token - User authentication token
|
|
108
|
+
* @param authStrategy - Optional authentication strategy override
|
|
96
109
|
*/
|
|
97
|
-
async refreshRoles(token) {
|
|
110
|
+
async refreshRoles(token, authStrategy) {
|
|
98
111
|
try {
|
|
99
112
|
// Get user info to extract userId
|
|
100
|
-
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token);
|
|
113
|
+
const userInfo = await this.httpClient.authenticatedRequest('POST', '/api/auth/validate', token, undefined, undefined, authStrategy);
|
|
101
114
|
if (!userInfo.user?.id) {
|
|
102
115
|
return [];
|
|
103
116
|
}
|
|
104
117
|
const userId = userInfo.user.id;
|
|
105
118
|
const cacheKey = `roles:${userId}`;
|
|
106
119
|
// Fetch fresh roles from controller using refresh endpoint
|
|
107
|
-
const roleResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/roles/refresh', token);
|
|
120
|
+
const roleResult = await this.httpClient.authenticatedRequest('GET', '/api/auth/roles/refresh', token, undefined, undefined, authStrategy);
|
|
108
121
|
const roles = roleResult.roles || [];
|
|
109
122
|
// Update cache with fresh data
|
|
110
123
|
await this.cache.set(cacheKey, { roles, timestamp: Date.now() }, this.roleTTL);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.service.js","sourceRoot":"","sources":["../../src/services/role.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;AAKH,gEAA+B;AAO/B,MAAa,WAAW;IAMtB,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,GAAG,CAAC,CAAC,qBAAqB;IACzE,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,EAAE,CAAkB,CAAC;QAC3F,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"role.service.js","sourceRoot":"","sources":["../../src/services/role.service.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;AAKH,gEAA+B;AAO/B,MAAa,WAAW;IAMtB,YAAY,UAAsB,EAAE,KAAmB;QACrD,IAAI,CAAC,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QAChC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,GAAG,CAAC,CAAC,qBAAqB;IACzE,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,KAAa;QAC1C,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;YACpE,IAAI,CAAC,OAAO;gBAAE,OAAO,IAAI,CAAC;YAE1B,0CAA0C;YAC1C,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,EAAE,CAAkB,CAAC;QAC3F,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,CAAC,KAAa,EAAE,YAA2B;QACvD,IAAI,CAAC;YACH,gFAAgF;YAChF,IAAI,MAAM,GAAG,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAC;YAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YAEnD,sCAAsC;YACtC,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,QAAQ,CAAC,CAAC;gBAC7D,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC5B,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,yDAAyD;YACzD,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACzD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;gBACF,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,IAAI,IAAI,CAAC;gBACnC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,CAAC;gBACZ,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAC3D,KAAK,EACL,iBAAiB,EAAE,0CAA0C;YAC7D,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC;YAErC,0CAA0C;YAC1C,MAAM,aAAa,GAAG,SAAS,MAAM,EAAE,CAAC;YACxC,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,aAAa,EACb,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAChC,IAAI,CAAC,OAAO,CACb,CAAC;YAEF,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,KAAK,CAAC,CAAC;YAC7C,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,OAAO,CAAC,KAAa,EAAE,IAAY,EAAE,YAA2B;QACpE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC9B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,UAAU,CAAC,KAAa,EAAE,KAAe,EAAE,YAA2B;QAC1E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAC3D,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACxD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,KAAe,EAAE,YAA2B;QAC3E,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAC3D,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,YAAY,CAAC,KAAa,EAAE,YAA2B;QAC3D,IAAI,CAAC;YACH,kCAAkC;YAClC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CACzD,MAAM,EACN,oBAAoB,EACpB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;gBACvB,OAAO,EAAE,CAAC;YACZ,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,SAAS,MAAM,EAAE,CAAC;YAEnC,2DAA2D;YAC3D,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAC3D,KAAK,EACL,yBAAyB,EACzB,KAAK,EACL,SAAS,EACT,SAAS,EACT,YAAY,CACb,CAAC;YAEF,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC;YAErC,+BAA+B;YAC/B,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAClB,QAAQ,EACR,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAChC,IAAI,CAAC,OAAO,CACb,CAAC;YAEF,OAAO,KAAK,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;YACjD,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAhLD,kCAgLC"}
|
|
@@ -8,6 +8,31 @@ export interface RedisConfig {
|
|
|
8
8
|
db?: number;
|
|
9
9
|
keyPrefix?: string;
|
|
10
10
|
}
|
|
11
|
+
/**
|
|
12
|
+
* Authentication method types
|
|
13
|
+
*/
|
|
14
|
+
export type AuthMethod = 'bearer' | 'client-token' | 'client-credentials' | 'api-key';
|
|
15
|
+
/**
|
|
16
|
+
* Authentication strategy configuration
|
|
17
|
+
* Defines which authentication methods to try and in what order
|
|
18
|
+
*/
|
|
19
|
+
export interface AuthStrategy {
|
|
20
|
+
/**
|
|
21
|
+
* Array of authentication methods in priority order
|
|
22
|
+
* Methods are tried in sequence until one succeeds
|
|
23
|
+
*/
|
|
24
|
+
methods: AuthMethod[];
|
|
25
|
+
/**
|
|
26
|
+
* Optional bearer token for bearer authentication
|
|
27
|
+
* Required if 'bearer' is in methods array
|
|
28
|
+
*/
|
|
29
|
+
bearerToken?: string;
|
|
30
|
+
/**
|
|
31
|
+
* Optional API key for api-key authentication
|
|
32
|
+
* Required if 'api-key' is in methods array
|
|
33
|
+
*/
|
|
34
|
+
apiKey?: string;
|
|
35
|
+
}
|
|
11
36
|
export interface MisoClientConfig {
|
|
12
37
|
controllerUrl: string;
|
|
13
38
|
clientId: string;
|
|
@@ -23,6 +48,7 @@ export interface MisoClientConfig {
|
|
|
23
48
|
sensitiveFieldsConfig?: string;
|
|
24
49
|
audit?: AuditConfig;
|
|
25
50
|
emitEvents?: boolean;
|
|
51
|
+
authStrategy?: AuthStrategy;
|
|
26
52
|
}
|
|
27
53
|
export interface AuditConfig {
|
|
28
54
|
enabled?: boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAE/B,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IAGrB,KAAK,CAAC,EAAE,WAAW,CAAC;IAGpB,QAAQ,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAG/C,aAAa,CAAC,EAAE,MAAM,CAAC;IAGvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAGhB,KAAK,CAAC,EAAE;QACN,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;IAGF,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAG/B,KAAK,CAAC,EAAE,WAAW,CAAC;IAKpB,UAAU,CAAC,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,QAAQ,GAAG,cAAc,GAAG,oBAAoB,GAAG,SAAS,CAAC;AAEtF;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,OAAO,EAAE,UAAU,EAAE,CAAC;IAEtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAE/B,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IAGrB,KAAK,CAAC,EAAE,WAAW,CAAC;IAGpB,QAAQ,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAG/C,aAAa,CAAC,EAAE,MAAM,CAAC;IAGvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAGhB,KAAK,CAAC,EAAE;QACN,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;IAGF,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAG/B,KAAK,CAAC,EAAE,WAAW,CAAC;IAKpB,UAAU,CAAC,EAAE,OAAO,CAAC;IAIrB,YAAY,CAAC,EAAE,YAAY,CAAC;CAC7B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,GAAG,MAAM,CAAC;IACrD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,aAAa,EAAE,OAAO,CAAC;IACvB,IAAI,CAAC,EAAE,QAAQ,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAGlC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,aAAa,CA2BpE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;
|
|
1
|
+
{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;AA+JH,0CA2BC;AA9BD;;GAEG;AACH,SAAgB,eAAe,CAAC,IAAa;IAC3C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,IAA+B,CAAC;IAE5C,wBAAwB;IACxB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;QAChF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oCAAoC;IACpC,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,uBAAuB;IACvB,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authentication strategy handler
|
|
3
|
+
* Manages authentication methods and builds appropriate headers
|
|
4
|
+
*/
|
|
5
|
+
import { AuthStrategy, AuthMethod } from '../types/config.types';
|
|
6
|
+
export declare class AuthStrategyHandler {
|
|
7
|
+
/**
|
|
8
|
+
* Build authentication headers based on strategy
|
|
9
|
+
* Returns headers for the first method in the strategy that has required data
|
|
10
|
+
* @param strategy - Authentication strategy configuration
|
|
11
|
+
* @param clientToken - Current client token (for client-token method)
|
|
12
|
+
* @param clientId - Client ID (for client-credentials method)
|
|
13
|
+
* @param clientSecret - Client secret (for client-credentials method)
|
|
14
|
+
* @returns Headers object with appropriate authentication headers
|
|
15
|
+
*/
|
|
16
|
+
static buildAuthHeaders(strategy: AuthStrategy, clientToken: string | null, clientId?: string, clientSecret?: string): Record<string, string>;
|
|
17
|
+
/**
|
|
18
|
+
* Check if a specific method should be tried based on strategy
|
|
19
|
+
* @param method - Authentication method to check
|
|
20
|
+
* @param strategy - Authentication strategy configuration
|
|
21
|
+
* @returns True if method is in strategy and has required data
|
|
22
|
+
*/
|
|
23
|
+
static shouldTryMethod(method: AuthMethod, strategy: AuthStrategy): boolean;
|
|
24
|
+
/**
|
|
25
|
+
* Get default authentication strategy
|
|
26
|
+
* @param bearerToken - Optional bearer token
|
|
27
|
+
* @returns Default strategy with bearer and client-token
|
|
28
|
+
*/
|
|
29
|
+
static getDefaultStrategy(bearerToken?: string): AuthStrategy;
|
|
30
|
+
/**
|
|
31
|
+
* Merge strategy with default, prioritizing provided strategy
|
|
32
|
+
* @param strategy - Strategy to merge
|
|
33
|
+
* @param defaultStrategy - Default strategy to fall back to
|
|
34
|
+
* @returns Merged strategy
|
|
35
|
+
*/
|
|
36
|
+
static mergeStrategy(strategy: AuthStrategy | undefined, defaultStrategy: AuthStrategy): AuthStrategy;
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=auth-strategy.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-strategy.d.ts","sourceRoot":"","sources":["../../src/utils/auth-strategy.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAEjE,qBAAa,mBAAmB;IAC9B;;;;;;;;OAQG;IACH,MAAM,CAAC,gBAAgB,CACrB,QAAQ,EAAE,YAAY,EACtB,WAAW,EAAE,MAAM,GAAG,IAAI,EAC1B,QAAQ,CAAC,EAAE,MAAM,EACjB,YAAY,CAAC,EAAE,MAAM,GACpB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAyCzB;;;;;OAKG;IACH,MAAM,CAAC,eAAe,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY,GAAG,OAAO;IAmB3E;;;;OAIG;IACH,MAAM,CAAC,kBAAkB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,YAAY;IAO7D;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAClB,QAAQ,EAAE,YAAY,GAAG,SAAS,EAClC,eAAe,EAAE,YAAY,GAC5B,YAAY;CAYhB"}
|
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Authentication strategy handler
|
|
4
|
+
* Manages authentication methods and builds appropriate headers
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.AuthStrategyHandler = void 0;
|
|
8
|
+
class AuthStrategyHandler {
|
|
9
|
+
/**
|
|
10
|
+
* Build authentication headers based on strategy
|
|
11
|
+
* Returns headers for the first method in the strategy that has required data
|
|
12
|
+
* @param strategy - Authentication strategy configuration
|
|
13
|
+
* @param clientToken - Current client token (for client-token method)
|
|
14
|
+
* @param clientId - Client ID (for client-credentials method)
|
|
15
|
+
* @param clientSecret - Client secret (for client-credentials method)
|
|
16
|
+
* @returns Headers object with appropriate authentication headers
|
|
17
|
+
*/
|
|
18
|
+
static buildAuthHeaders(strategy, clientToken, clientId, clientSecret) {
|
|
19
|
+
const headers = {};
|
|
20
|
+
// Try methods in priority order
|
|
21
|
+
for (const method of strategy.methods) {
|
|
22
|
+
switch (method) {
|
|
23
|
+
case 'bearer':
|
|
24
|
+
if (strategy.bearerToken) {
|
|
25
|
+
headers['Authorization'] = `Bearer ${strategy.bearerToken}`;
|
|
26
|
+
return headers;
|
|
27
|
+
}
|
|
28
|
+
break;
|
|
29
|
+
case 'client-token':
|
|
30
|
+
if (clientToken) {
|
|
31
|
+
headers['x-client-token'] = clientToken;
|
|
32
|
+
return headers;
|
|
33
|
+
}
|
|
34
|
+
break;
|
|
35
|
+
case 'client-credentials':
|
|
36
|
+
if (clientId && clientSecret) {
|
|
37
|
+
headers['X-Client-Id'] = clientId;
|
|
38
|
+
headers['X-Client-Secret'] = clientSecret;
|
|
39
|
+
return headers;
|
|
40
|
+
}
|
|
41
|
+
break;
|
|
42
|
+
case 'api-key':
|
|
43
|
+
if (strategy.apiKey) {
|
|
44
|
+
headers['Authorization'] = `Bearer ${strategy.apiKey}`;
|
|
45
|
+
return headers;
|
|
46
|
+
}
|
|
47
|
+
break;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
// If no method succeeded, return empty headers (will likely fail auth)
|
|
51
|
+
return headers;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Check if a specific method should be tried based on strategy
|
|
55
|
+
* @param method - Authentication method to check
|
|
56
|
+
* @param strategy - Authentication strategy configuration
|
|
57
|
+
* @returns True if method is in strategy and has required data
|
|
58
|
+
*/
|
|
59
|
+
static shouldTryMethod(method, strategy) {
|
|
60
|
+
if (!strategy.methods.includes(method)) {
|
|
61
|
+
return false;
|
|
62
|
+
}
|
|
63
|
+
switch (method) {
|
|
64
|
+
case 'bearer':
|
|
65
|
+
return !!strategy.bearerToken;
|
|
66
|
+
case 'client-token':
|
|
67
|
+
return true; // Client token is managed internally
|
|
68
|
+
case 'client-credentials':
|
|
69
|
+
return true; // Client credentials are from config
|
|
70
|
+
case 'api-key':
|
|
71
|
+
return !!strategy.apiKey;
|
|
72
|
+
default:
|
|
73
|
+
return false;
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Get default authentication strategy
|
|
78
|
+
* @param bearerToken - Optional bearer token
|
|
79
|
+
* @returns Default strategy with bearer and client-token
|
|
80
|
+
*/
|
|
81
|
+
static getDefaultStrategy(bearerToken) {
|
|
82
|
+
return {
|
|
83
|
+
methods: ['bearer', 'client-token'],
|
|
84
|
+
bearerToken
|
|
85
|
+
};
|
|
86
|
+
}
|
|
87
|
+
/**
|
|
88
|
+
* Merge strategy with default, prioritizing provided strategy
|
|
89
|
+
* @param strategy - Strategy to merge
|
|
90
|
+
* @param defaultStrategy - Default strategy to fall back to
|
|
91
|
+
* @returns Merged strategy
|
|
92
|
+
*/
|
|
93
|
+
static mergeStrategy(strategy, defaultStrategy) {
|
|
94
|
+
if (!strategy) {
|
|
95
|
+
return defaultStrategy;
|
|
96
|
+
}
|
|
97
|
+
// Use provided strategy, but fill in missing required fields from default
|
|
98
|
+
return {
|
|
99
|
+
methods: strategy.methods.length > 0 ? strategy.methods : defaultStrategy.methods,
|
|
100
|
+
bearerToken: strategy.bearerToken || defaultStrategy.bearerToken,
|
|
101
|
+
apiKey: strategy.apiKey || defaultStrategy.apiKey
|
|
102
|
+
};
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
exports.AuthStrategyHandler = AuthStrategyHandler;
|
|
106
|
+
//# sourceMappingURL=auth-strategy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-strategy.js","sourceRoot":"","sources":["../../src/utils/auth-strategy.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAIH,MAAa,mBAAmB;IAC9B;;;;;;;;OAQG;IACH,MAAM,CAAC,gBAAgB,CACrB,QAAsB,EACtB,WAA0B,EAC1B,QAAiB,EACjB,YAAqB;QAErB,MAAM,OAAO,GAA2B,EAAE,CAAC;QAE3C,gCAAgC;QAChC,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,QAAQ,MAAM,EAAE,CAAC;gBACf,KAAK,QAAQ;oBACX,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;wBACzB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,QAAQ,CAAC,WAAW,EAAE,CAAC;wBAC5D,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,MAAM;gBAER,KAAK,cAAc;oBACjB,IAAI,WAAW,EAAE,CAAC;wBAChB,OAAO,CAAC,gBAAgB,CAAC,GAAG,WAAW,CAAC;wBACxC,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,MAAM;gBAER,KAAK,oBAAoB;oBACvB,IAAI,QAAQ,IAAI,YAAY,EAAE,CAAC;wBAC7B,OAAO,CAAC,aAAa,CAAC,GAAG,QAAQ,CAAC;wBAClC,OAAO,CAAC,iBAAiB,CAAC,GAAG,YAAY,CAAC;wBAC1C,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,MAAM;gBAER,KAAK,SAAS;oBACZ,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;wBACpB,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,QAAQ,CAAC,MAAM,EAAE,CAAC;wBACvD,OAAO,OAAO,CAAC;oBACjB,CAAC;oBACD,MAAM;YACV,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,eAAe,CAAC,MAAkB,EAAE,QAAsB;QAC/D,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,QAAQ;gBACX,OAAO,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YAChC,KAAK,cAAc;gBACjB,OAAO,IAAI,CAAC,CAAC,qCAAqC;YACpD,KAAK,oBAAoB;gBACvB,OAAO,IAAI,CAAC,CAAC,qCAAqC;YACpD,KAAK,SAAS;gBACZ,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC3B;gBACE,OAAO,KAAK,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,MAAM,CAAC,kBAAkB,CAAC,WAAoB;QAC5C,OAAO;YACL,OAAO,EAAE,CAAC,QAAQ,EAAE,cAAc,CAAC;YACnC,WAAW;SACZ,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAClB,QAAkC,EAClC,eAA6B;QAE7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,eAAe,CAAC;QACzB,CAAC;QAED,0EAA0E;QAC1E,OAAO;YACL,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,OAAO;YACjF,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,eAAe,CAAC,WAAW;YAChE,MAAM,EAAE,QAAQ,CAAC,MAAM,IAAI,eAAe,CAAC,MAAM;SAClD,CAAC;IACJ,CAAC;CACF;AAlHD,kDAkHC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/utils/config-loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,eAAe,CAAC;AACvB,OAAO,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/utils/config-loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,eAAe,CAAC;AACvB,OAAO,EAAE,gBAAgB,EAAyC,MAAM,uBAAuB,CAAC;AAEhG;;GAEG;AACH,wBAAgB,UAAU,IAAI,gBAAgB,CAgF7C"}
|
|
@@ -55,6 +55,25 @@ function loadConfig() {
|
|
|
55
55
|
if (process.env.MISO_EMIT_EVENTS) {
|
|
56
56
|
config.emitEvents = process.env.MISO_EMIT_EVENTS.toLowerCase() === 'true';
|
|
57
57
|
}
|
|
58
|
+
// Optional auth strategy configuration
|
|
59
|
+
// Format: MISO_AUTH_STRATEGY=bearer,client-token,api-key
|
|
60
|
+
if (process.env.MISO_AUTH_STRATEGY) {
|
|
61
|
+
const methods = process.env.MISO_AUTH_STRATEGY.split(',').map(m => m.trim());
|
|
62
|
+
const authStrategy = {
|
|
63
|
+
methods: methods.filter(m => ['bearer', 'client-token', 'client-credentials', 'api-key'].includes(m))
|
|
64
|
+
};
|
|
65
|
+
// Add bearer token if provided
|
|
66
|
+
if (process.env.MISO_BEARER_TOKEN) {
|
|
67
|
+
authStrategy.bearerToken = process.env.MISO_BEARER_TOKEN;
|
|
68
|
+
}
|
|
69
|
+
// Add API key if provided (can also use existing API_KEY env var)
|
|
70
|
+
if (process.env.MISO_API_KEY || process.env.API_KEY) {
|
|
71
|
+
authStrategy.apiKey = process.env.MISO_API_KEY || process.env.API_KEY;
|
|
72
|
+
}
|
|
73
|
+
if (authStrategy.methods.length > 0) {
|
|
74
|
+
config.authStrategy = authStrategy;
|
|
75
|
+
}
|
|
76
|
+
}
|
|
58
77
|
return config;
|
|
59
78
|
}
|
|
60
79
|
//# sourceMappingURL=config-loader.js.map
|