@aifabrix/miso-client 3.1.1 → 3.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/services/auth.service.js +2 -2
- package/dist/types/data-client.types.d.ts +1 -0
- package/dist/types/data-client.types.d.ts.map +1 -1
- package/dist/types/data-client.types.js.map +1 -1
- package/dist/utils/auth-strategy.js +2 -2
- package/dist/utils/data-client-audit.d.ts +24 -0
- package/dist/utils/data-client-audit.d.ts.map +1 -0
- package/dist/utils/data-client-audit.js +127 -0
- package/dist/utils/data-client-audit.js.map +1 -0
- package/dist/utils/data-client-auth.d.ts +60 -0
- package/dist/utils/data-client-auth.d.ts.map +1 -0
- package/dist/utils/data-client-auth.js +386 -0
- package/dist/utils/data-client-auth.js.map +1 -0
- package/dist/utils/data-client-cache.d.ts +36 -0
- package/dist/utils/data-client-cache.d.ts.map +1 -0
- package/dist/utils/data-client-cache.js +55 -0
- package/dist/utils/data-client-cache.js.map +1 -0
- package/dist/utils/data-client-request.d.ts +32 -0
- package/dist/utils/data-client-request.d.ts.map +1 -0
- package/dist/utils/data-client-request.js +306 -0
- package/dist/utils/data-client-request.js.map +1 -0
- package/dist/utils/data-client-utils.d.ts +49 -0
- package/dist/utils/data-client-utils.d.ts.map +1 -0
- package/dist/utils/data-client-utils.js +139 -0
- package/dist/utils/data-client-utils.js.map +1 -0
- package/dist/utils/data-client.d.ts +0 -29
- package/dist/utils/data-client.d.ts.map +1 -1
- package/dist/utils/data-client.js +51 -773
- package/dist/utils/data-client.js.map +1 -1
- package/dist/utils/internal-http-client.d.ts.map +1 -1
- package/dist/utils/internal-http-client.js +7 -3
- package/dist/utils/internal-http-client.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -784,7 +784,7 @@ const defaultStrategy = client.getDefaultAuthStrategy(token);
|
|
|
784
784
|
|
|
785
785
|
- `bearer` - Bearer token authentication (Authorization: Bearer <token>)
|
|
786
786
|
- `client-token` - Client token authentication (x-client-token header)
|
|
787
|
-
- `client-credentials` - Client credentials authentication (
|
|
787
|
+
- `client-credentials` - Client credentials authentication (x-client-id and x-client-secret headers)
|
|
788
788
|
- `api-key` - API key authentication (Authorization: Bearer <api-key>)
|
|
789
789
|
|
|
790
790
|
**Priority-Based Fallback:** Methods are tried in the order specified in the strategy array until one succeeds.
|
|
@@ -76,8 +76,8 @@ class AuthService {
|
|
|
76
76
|
timeout: 30000,
|
|
77
77
|
headers: {
|
|
78
78
|
"Content-Type": "application/json",
|
|
79
|
-
"
|
|
80
|
-
"
|
|
79
|
+
"x-client-id": this.config.clientId,
|
|
80
|
+
"x-client-secret": this.config.clientSecret,
|
|
81
81
|
},
|
|
82
82
|
});
|
|
83
83
|
const tokenUri = this.config.clientTokenUri || "/api/v1/auth/token";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-client.types.d.ts","sourceRoot":"","sources":["../../src/types/data-client.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"data-client.types.d.ts","sourceRoot":"","sources":["../../src/types/data-client.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAGlD,YAAY,EAAE,gBAAgB,EAAE,CAAC;AAEjC;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;;;;;OAMG;IACH,KAAK,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,GAAG,MAAM,CAAC;IAErD;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAEzB;;OAEG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,UAAU,EAAE,gBAAgB,CAAC;IAE7B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,KAAK,CAAC,EAAE,WAAW,CAAC;IAEpB;;OAEG;IACH,KAAK,CAAC,EAAE,WAAW,CAAC;IAEpB;;OAEG;IACH,KAAK,CAAC,EAAE,WAAW,CAAC;IAEpB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACzC;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,WAAW;IACpD;;OAEG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,MAAM,CAAC,EAAE,WAAW,CAAC;IAErB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,KAAK,CAAC,EAAE;QACN;;WAEG;QACH,OAAO,CAAC,EAAE,OAAO,CAAC;QAElB;;WAEG;QACH,GAAG,CAAC,EAAE,MAAM,CAAC;QAEb;;WAEG;QACH,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAC;IAEF;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAAG,CAC/B,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,iBAAiB,KACvB,OAAO,CAAC,iBAAiB,CAAC,GAAG,iBAAiB,CAAC;AAEpD;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,EAClC,QAAQ,EAAE,QAAQ,EAClB,IAAI,EAAE,CAAC,KACJ,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAEpB;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,CAC7B,KAAK,EAAE,KAAK,EACZ,QAAQ,CAAC,EAAE,QAAQ,KAChB,OAAO,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;AAE5B;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,SAAS,CAAC,EAAE,kBAAkB,CAAC;IAE/B;;OAEG;IACH,UAAU,CAAC,EAAE,mBAAmB,CAAC;IAEjC;;OAEG;IACH,OAAO,CAAC,EAAE,gBAAgB,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,mBAAmB,EAAE,MAAM,CAAC;IAE5B;;OAEG;IACH,wBAAwB,EAAE;QACxB,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IAEF;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,IAAI,EAAE,OAAO,CAAC;IAEd;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,qBAAa,QAAS,SAAQ,KAAK;IACjC,SAAgB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpC,SAAgB,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpC,SAAgB,aAAa,CAAC,EAAE,KAAK,CAAC;gBAGpC,OAAO,EAAE,MAAM,EACf,UAAU,CAAC,EAAE,MAAM,EACnB,QAAQ,CAAC,EAAE,QAAQ,EACnB,aAAa,CAAC,EAAE,KAAK;CAYxB;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;gBAC5B,OAAO,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,KAAK;CAInD;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,QAAQ;gBAC5B,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;CAI9C;AAED;;GAEG;AACH,qBAAa,mBAAoB,SAAQ,QAAQ;gBACnC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,QAAQ;CAIjD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-client.types.js","sourceRoot":"","sources":["../../src/types/data-client.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;;
|
|
1
|
+
{"version":3,"file":"data-client.types.js","sourceRoot":"","sources":["../../src/types/data-client.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AA6SH;;GAEG;AACH,MAAa,QAAS,SAAQ,KAAK;IAKjC,YACE,OAAe,EACf,UAAmB,EACnB,QAAmB,EACnB,aAAqB;QAErB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,UAAU,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QAEnC,IAAI,KAAK,CAAC,iBAAiB,EAAE,CAAC;YAC5B,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;CACF;AArBD,4BAqBC;AAED;;GAEG;AACH,MAAa,YAAa,SAAQ,QAAQ;IACxC,YAAY,OAAe,EAAE,aAAqB;QAChD,KAAK,CAAC,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QAC5C,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC7B,CAAC;CACF;AALD,oCAKC;AAED;;GAEG;AACH,MAAa,YAAa,SAAQ,QAAQ;IACxC,YAAY,OAAe,EAAE,QAAgB;QAC3C,KAAK,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC7B,CAAC;CACF;AALD,oCAKC;AAED;;GAEG;AACH,MAAa,mBAAoB,SAAQ,QAAQ;IAC/C,YAAY,OAAe,EAAE,QAAmB;QAC9C,KAAK,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AALD,kDAKC"}
|
|
@@ -34,8 +34,8 @@ class AuthStrategyHandler {
|
|
|
34
34
|
break;
|
|
35
35
|
case "client-credentials":
|
|
36
36
|
if (clientId && clientSecret) {
|
|
37
|
-
headers["
|
|
38
|
-
headers["
|
|
37
|
+
headers["x-client-id"] = clientId;
|
|
38
|
+
headers["x-client-secret"] = clientSecret;
|
|
39
39
|
return headers;
|
|
40
40
|
}
|
|
41
41
|
break;
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DataClient audit logging utilities
|
|
3
|
+
* Handles ISO 27001 compliant audit logging for HTTP requests
|
|
4
|
+
*/
|
|
5
|
+
import { MisoClient } from "../index";
|
|
6
|
+
import { AuditConfig } from "../types/data-client.types";
|
|
7
|
+
/**
|
|
8
|
+
* Check if endpoint should skip audit logging
|
|
9
|
+
*/
|
|
10
|
+
export declare function shouldSkipAudit(endpoint: string, auditConfig: AuditConfig | undefined): boolean;
|
|
11
|
+
/**
|
|
12
|
+
* Check if any authentication token is available
|
|
13
|
+
*/
|
|
14
|
+
export type HasAnyTokenFn = () => boolean;
|
|
15
|
+
/**
|
|
16
|
+
* Get user token
|
|
17
|
+
*/
|
|
18
|
+
export type GetTokenFn = () => string | null;
|
|
19
|
+
/**
|
|
20
|
+
* Log audit event (ISO 27001 compliance)
|
|
21
|
+
* Skips audit logging if no authentication token is available (user token OR client token)
|
|
22
|
+
*/
|
|
23
|
+
export declare function logDataClientAudit(method: string, url: string, statusCode: number, duration: number, misoClient: MisoClient | null, auditConfig: AuditConfig | undefined, hasAnyToken: HasAnyTokenFn, getToken: GetTokenFn, requestSize?: number, responseSize?: number, error?: Error, requestHeaders?: Record<string, string>, responseHeaders?: Record<string, string>, requestBody?: unknown, responseBody?: unknown): Promise<void>;
|
|
24
|
+
//# sourceMappingURL=data-client-audit.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-audit.d.ts","sourceRoot":"","sources":["../../src/utils/data-client-audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAIzD;;GAEG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,WAAW,GAAG,SAAS,GACnC,OAAO,CAIT;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC;AAE1C;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,MAAM,GAAG,IAAI,CAAC;AAE7C;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,GAAG,IAAI,EAC7B,WAAW,EAAE,WAAW,GAAG,SAAS,EACpC,WAAW,EAAE,aAAa,EAC1B,QAAQ,EAAE,UAAU,EACpB,WAAW,CAAC,EAAE,MAAM,EACpB,YAAY,CAAC,EAAE,MAAM,EACrB,KAAK,CAAC,EAAE,KAAK,EACb,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACvC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACxC,WAAW,CAAC,EAAE,OAAO,EACrB,YAAY,CAAC,EAAE,OAAO,GACrB,OAAO,CAAC,IAAI,CAAC,CAyHf"}
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* DataClient audit logging utilities
|
|
4
|
+
* Handles ISO 27001 compliant audit logging for HTTP requests
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.shouldSkipAudit = shouldSkipAudit;
|
|
8
|
+
exports.logDataClientAudit = logDataClientAudit;
|
|
9
|
+
const data_masker_1 = require("./data-masker");
|
|
10
|
+
const data_client_utils_1 = require("./data-client-utils");
|
|
11
|
+
/**
|
|
12
|
+
* Check if endpoint should skip audit logging
|
|
13
|
+
*/
|
|
14
|
+
function shouldSkipAudit(endpoint, auditConfig) {
|
|
15
|
+
if (!auditConfig?.enabled)
|
|
16
|
+
return true;
|
|
17
|
+
const skipEndpoints = auditConfig.skipEndpoints || [];
|
|
18
|
+
return skipEndpoints.some((skip) => endpoint.includes(skip));
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Log audit event (ISO 27001 compliance)
|
|
22
|
+
* Skips audit logging if no authentication token is available (user token OR client token)
|
|
23
|
+
*/
|
|
24
|
+
async function logDataClientAudit(method, url, statusCode, duration, misoClient, auditConfig, hasAnyToken, getToken, requestSize, responseSize, error, requestHeaders, responseHeaders, requestBody, responseBody) {
|
|
25
|
+
if (shouldSkipAudit(url, auditConfig) || !misoClient)
|
|
26
|
+
return;
|
|
27
|
+
// Skip audit logging if no authentication token is available
|
|
28
|
+
// This prevents 401 errors when attempting to audit log unauthenticated requests
|
|
29
|
+
if (!hasAnyToken()) {
|
|
30
|
+
// Silently skip audit logging for unauthenticated requests
|
|
31
|
+
// This is expected behavior and prevents 401 errors
|
|
32
|
+
return;
|
|
33
|
+
}
|
|
34
|
+
try {
|
|
35
|
+
const token = getToken();
|
|
36
|
+
const userId = token ? (0, data_client_utils_1.extractUserIdFromToken)(token) : undefined;
|
|
37
|
+
const auditLevel = auditConfig?.level || "standard";
|
|
38
|
+
// Build audit context based on level
|
|
39
|
+
const auditContext = {
|
|
40
|
+
method,
|
|
41
|
+
url,
|
|
42
|
+
statusCode,
|
|
43
|
+
duration,
|
|
44
|
+
};
|
|
45
|
+
if (userId) {
|
|
46
|
+
auditContext.userId = userId;
|
|
47
|
+
}
|
|
48
|
+
// Minimal level: only basic info
|
|
49
|
+
if (auditLevel === "minimal") {
|
|
50
|
+
await misoClient.log.audit(`http.request.${method.toLowerCase()}`, url, auditContext, { token: token || undefined });
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
// Standard/Detailed/Full levels: include headers and bodies (masked)
|
|
54
|
+
const maxResponseSize = auditConfig?.maxResponseSize || 10000;
|
|
55
|
+
const maxMaskingSize = auditConfig?.maxMaskingSize || 50000;
|
|
56
|
+
// Truncate and mask request body
|
|
57
|
+
let maskedRequestBody = undefined;
|
|
58
|
+
if (requestBody !== undefined) {
|
|
59
|
+
const truncated = (0, data_client_utils_1.truncatePayload)(requestBody, maxMaskingSize);
|
|
60
|
+
if (!truncated.truncated) {
|
|
61
|
+
maskedRequestBody = data_masker_1.DataMasker.maskSensitiveData(truncated.data);
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
maskedRequestBody = truncated.data;
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
// Truncate and mask response body (for standard, detailed, full levels)
|
|
68
|
+
let maskedResponseBody = undefined;
|
|
69
|
+
if (responseBody !== undefined) {
|
|
70
|
+
const truncated = (0, data_client_utils_1.truncatePayload)(responseBody, maxResponseSize);
|
|
71
|
+
if (!truncated.truncated) {
|
|
72
|
+
maskedResponseBody = data_masker_1.DataMasker.maskSensitiveData(truncated.data);
|
|
73
|
+
}
|
|
74
|
+
else {
|
|
75
|
+
maskedResponseBody = truncated.data;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
// Mask headers
|
|
79
|
+
const maskedRequestHeaders = requestHeaders
|
|
80
|
+
? data_masker_1.DataMasker.maskSensitiveData(requestHeaders)
|
|
81
|
+
: undefined;
|
|
82
|
+
const maskedResponseHeaders = responseHeaders
|
|
83
|
+
? data_masker_1.DataMasker.maskSensitiveData(responseHeaders)
|
|
84
|
+
: undefined;
|
|
85
|
+
// Add to context based on level (standard, detailed, full all include headers/bodies)
|
|
86
|
+
if (maskedRequestHeaders)
|
|
87
|
+
auditContext.requestHeaders = maskedRequestHeaders;
|
|
88
|
+
if (maskedResponseHeaders)
|
|
89
|
+
auditContext.responseHeaders = maskedResponseHeaders;
|
|
90
|
+
if (maskedRequestBody !== undefined)
|
|
91
|
+
auditContext.requestBody = maskedRequestBody;
|
|
92
|
+
if (maskedResponseBody !== undefined)
|
|
93
|
+
auditContext.responseBody = maskedResponseBody;
|
|
94
|
+
// Add sizes for detailed/full levels
|
|
95
|
+
if (auditLevel === "detailed" || auditLevel === "full") {
|
|
96
|
+
if (requestSize !== undefined)
|
|
97
|
+
auditContext.requestSize = requestSize;
|
|
98
|
+
if (responseSize !== undefined)
|
|
99
|
+
auditContext.responseSize = responseSize;
|
|
100
|
+
}
|
|
101
|
+
if (error) {
|
|
102
|
+
const maskedError = data_masker_1.DataMasker.maskSensitiveData({
|
|
103
|
+
message: error.message,
|
|
104
|
+
name: error.name,
|
|
105
|
+
stack: error.stack,
|
|
106
|
+
});
|
|
107
|
+
auditContext.error = maskedError;
|
|
108
|
+
}
|
|
109
|
+
await misoClient.log.audit(`http.request.${method.toLowerCase()}`, url, auditContext, { token: token || undefined });
|
|
110
|
+
}
|
|
111
|
+
catch (auditError) {
|
|
112
|
+
// Handle audit logging errors gracefully
|
|
113
|
+
// Don't fail main request if audit logging fails
|
|
114
|
+
const error = auditError;
|
|
115
|
+
const statusCode = error.statusCode || error.response?.status;
|
|
116
|
+
if (statusCode === 401) {
|
|
117
|
+
// User not authenticated - this is expected for unauthenticated requests
|
|
118
|
+
// Silently skip to avoid noise (we already check hasAnyToken() before attempting)
|
|
119
|
+
// This catch block handles edge cases where token becomes unavailable between check and audit call
|
|
120
|
+
}
|
|
121
|
+
else {
|
|
122
|
+
// Other errors - log warning but don't fail request
|
|
123
|
+
console.warn("Failed to log audit event:", auditError);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
//# sourceMappingURL=data-client-audit.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-audit.js","sourceRoot":"","sources":["../../src/utils/data-client-audit.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAUH,0CAOC;AAgBD,gDAyIC;AAtKD,+CAA2C;AAC3C,2DAA8E;AAE9E;;GAEG;AACH,SAAgB,eAAe,CAC7B,QAAgB,EAChB,WAAoC;IAEpC,IAAI,CAAC,WAAW,EAAE,OAAO;QAAE,OAAO,IAAI,CAAC;IACvC,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,IAAI,EAAE,CAAC;IACtD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/D,CAAC;AAYD;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,GAAW,EACX,UAAkB,EAClB,QAAgB,EAChB,UAA6B,EAC7B,WAAoC,EACpC,WAA0B,EAC1B,QAAoB,EACpB,WAAoB,EACpB,YAAqB,EACrB,KAAa,EACb,cAAuC,EACvC,eAAwC,EACxC,WAAqB,EACrB,YAAsB;IAEtB,IAAI,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,CAAC,UAAU;QAAE,OAAO;IAE7D,6DAA6D;IAC7D,iFAAiF;IACjF,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACnB,2DAA2D;QAC3D,oDAAoD;QACpD,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,IAAA,0CAAsB,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACjE,MAAM,UAAU,GAAG,WAAW,EAAE,KAAK,IAAI,UAAU,CAAC;QAEpD,qCAAqC;QACrC,MAAM,YAAY,GAA4B;YAC5C,MAAM;YACN,GAAG;YACH,UAAU;YACV,QAAQ;SACT,CAAC;QAEF,IAAI,MAAM,EAAE,CAAC;YACX,YAAY,CAAC,MAAM,GAAG,MAAM,CAAC;QAC/B,CAAC;QAED,iCAAiC;QACjC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,CACxB,gBAAgB,MAAM,CAAC,WAAW,EAAE,EAAE,EACtC,GAAG,EACH,YAAY,EACZ,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,CAC9B,CAAC;YACF,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,MAAM,eAAe,GAAG,WAAW,EAAE,eAAe,IAAI,KAAK,CAAC;QAC9D,MAAM,cAAc,GAAG,WAAW,EAAE,cAAc,IAAI,KAAK,CAAC;QAE5D,iCAAiC;QACjC,IAAI,iBAAiB,GAAY,SAAS,CAAC;QAC3C,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,SAAS,GAAG,IAAA,mCAAe,EAAC,WAAW,EAAE,cAAc,CAAC,CAAC;YAC/D,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;gBACzB,iBAAiB,GAAG,wBAAU,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,iBAAiB,GAAG,SAAS,CAAC,IAAI,CAAC;YACrC,CAAC;QACH,CAAC;QAED,wEAAwE;QACxE,IAAI,kBAAkB,GAAY,SAAS,CAAC;QAC5C,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,SAAS,GAAG,IAAA,mCAAe,EAAC,YAAY,EAAE,eAAe,CAAC,CAAC;YACjE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;gBACzB,kBAAkB,GAAG,wBAAU,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,SAAS,CAAC,IAAI,CAAC;YACtC,CAAC;QACH,CAAC;QAED,eAAe;QACf,MAAM,oBAAoB,GAAG,cAAc;YACzC,CAAC,CAAE,wBAAU,CAAC,iBAAiB,CAAC,cAAc,CAG1C;YACJ,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,qBAAqB,GAAG,eAAe;YAC3C,CAAC,CAAE,wBAAU,CAAC,iBAAiB,CAAC,eAAe,CAG3C;YACJ,CAAC,CAAC,SAAS,CAAC;QAEd,sFAAsF;QACtF,IAAI,oBAAoB;YAAE,YAAY,CAAC,cAAc,GAAG,oBAAoB,CAAC;QAC7E,IAAI,qBAAqB;YAAE,YAAY,CAAC,eAAe,GAAG,qBAAqB,CAAC;QAChF,IAAI,iBAAiB,KAAK,SAAS;YAAE,YAAY,CAAC,WAAW,GAAG,iBAAiB,CAAC;QAClF,IAAI,kBAAkB,KAAK,SAAS;YAAE,YAAY,CAAC,YAAY,GAAG,kBAAkB,CAAC;QAErF,qCAAqC;QACrC,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YACvD,IAAI,WAAW,KAAK,SAAS;gBAAE,YAAY,CAAC,WAAW,GAAG,WAAW,CAAC;YACtE,IAAI,YAAY,KAAK,SAAS;gBAAE,YAAY,CAAC,YAAY,GAAG,YAAY,CAAC;QAC3E,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,WAAW,GAAG,wBAAU,CAAC,iBAAiB,CAAC;gBAC/C,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;aACnB,CAAC,CAAC;YACH,YAAY,CAAC,KAAK,GAAG,WAAW,CAAC;QACnC,CAAC;QAED,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,CACxB,gBAAgB,MAAM,CAAC,WAAW,EAAE,EAAE,EACtC,GAAG,EACH,YAAY,EACZ,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,CAC9B,CAAC;IACJ,CAAC;IAAC,OAAO,UAAU,EAAE,CAAC;QACpB,yCAAyC;QACzC,iDAAiD;QACjD,MAAM,KAAK,GAAG,UAA6E,CAAC;QAC5F,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;QAE9D,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;YACvB,yEAAyE;YACzE,kFAAkF;YAClF,mGAAmG;QACrG,CAAC;aAAM,CAAC;YACN,oDAAoD;YACpD,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,UAAU,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DataClient authentication utilities
|
|
3
|
+
* Handles authentication, token management, and login/logout flows
|
|
4
|
+
*/
|
|
5
|
+
import { MisoClient } from "../index";
|
|
6
|
+
import { DataClientConfig, MisoClientConfig } from "../types/data-client.types";
|
|
7
|
+
import { ClientTokenInfo } from "./token-utils";
|
|
8
|
+
/**
|
|
9
|
+
* Get authentication token from localStorage
|
|
10
|
+
*/
|
|
11
|
+
export declare function getToken(tokenKeys?: string[]): string | null;
|
|
12
|
+
/**
|
|
13
|
+
* Check if client token is available (from localStorage cache or config)
|
|
14
|
+
*/
|
|
15
|
+
export declare function hasClientToken(misoClient: MisoClient | null, misoConfig: MisoClientConfig | undefined): boolean;
|
|
16
|
+
/**
|
|
17
|
+
* Check if any authentication token is available (user token OR client token)
|
|
18
|
+
*/
|
|
19
|
+
export declare function hasAnyToken(tokenKeys?: string[], misoClient?: MisoClient | null, misoConfig?: MisoClientConfig): boolean;
|
|
20
|
+
/**
|
|
21
|
+
* Get client token for requests
|
|
22
|
+
* Checks localStorage cache first, then config, then calls getEnvironmentToken() if needed
|
|
23
|
+
* @returns Client token string or null if unavailable
|
|
24
|
+
*/
|
|
25
|
+
export declare function getClientToken(misoConfig: MisoClientConfig | undefined, _baseUrl: string, _getEnvironmentToken: () => Promise<string>): Promise<string | null>;
|
|
26
|
+
/**
|
|
27
|
+
* Build controller URL from configuration
|
|
28
|
+
* Uses controllerPublicUrl (browser) or controllerUrl (fallback)
|
|
29
|
+
* @returns Controller base URL or null if not configured
|
|
30
|
+
*/
|
|
31
|
+
export declare function getControllerUrl(misoConfig: MisoClientConfig | undefined): string | null;
|
|
32
|
+
/**
|
|
33
|
+
* Redirect to login page via controller
|
|
34
|
+
* Calls the controller login endpoint with redirect parameter and x-client-token header
|
|
35
|
+
* @param redirectUrl - Optional redirect URL to return to after login (defaults to current page URL)
|
|
36
|
+
*/
|
|
37
|
+
export declare function redirectToLogin(config: DataClientConfig, getClientTokenFn: () => Promise<string | null>, redirectUrl?: string): Promise<void>;
|
|
38
|
+
/**
|
|
39
|
+
* Logout user and redirect
|
|
40
|
+
* Calls logout API with x-client-token header, clears tokens from localStorage, clears cache, and redirects
|
|
41
|
+
* @param redirectUrl - Optional redirect URL after logout (defaults to logoutUrl or loginUrl)
|
|
42
|
+
*/
|
|
43
|
+
export declare function logout(config: DataClientConfig, getTokenFn: () => string | null, getClientTokenFn: () => Promise<string | null>, clearCacheFn: () => void, redirectUrl?: string): Promise<void>;
|
|
44
|
+
/**
|
|
45
|
+
* Get environment token (browser-side)
|
|
46
|
+
* Checks localStorage cache first, then calls backend endpoint if needed
|
|
47
|
+
* Uses clientTokenUri from config or defaults to /api/v1/auth/client-token
|
|
48
|
+
*
|
|
49
|
+
* @returns Client token string
|
|
50
|
+
* @throws Error if token fetch fails
|
|
51
|
+
*/
|
|
52
|
+
export declare function getEnvironmentToken(config: DataClientConfig, misoClient: MisoClient | null): Promise<string>;
|
|
53
|
+
/**
|
|
54
|
+
* Get client token information (browser-side)
|
|
55
|
+
* Extracts application and environment info from client token
|
|
56
|
+
*
|
|
57
|
+
* @returns Client token info or null if token not available
|
|
58
|
+
*/
|
|
59
|
+
export declare function getClientTokenInfo(misoConfig: MisoClientConfig | undefined): ClientTokenInfo | null;
|
|
60
|
+
//# sourceMappingURL=data-client-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-auth.d.ts","sourceRoot":"","sources":["../../src/utils/data-client-auth.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAOhF,OAAO,EAA0B,eAAe,EAAE,MAAM,eAAe,CAAC;AAGxE;;GAEG;AACH,wBAAgB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,IAAI,CAQ5D;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,UAAU,EAAE,UAAU,GAAG,IAAI,EAC7B,UAAU,EAAE,gBAAgB,GAAG,SAAS,GACvC,OAAO,CAqCT;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,SAAS,CAAC,EAAE,MAAM,EAAE,EACpB,UAAU,CAAC,EAAE,UAAU,GAAG,IAAI,EAC9B,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAET;AAED;;;;GAIG;AACH,wBAAsB,cAAc,CAClC,UAAU,EAAE,gBAAgB,GAAG,SAAS,EACxC,QAAQ,EAAE,MAAM,EAChB,oBAAoB,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,GAC1C,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA0BxB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,gBAAgB,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAgBxF;AAED;;;;GAIG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,gBAAgB,EACxB,gBAAgB,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,EAC9C,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,IAAI,CAAC,CA8Ef;AAED;;;;GAIG;AACH,wBAAsB,MAAM,CAC1B,MAAM,EAAE,gBAAgB,EACxB,UAAU,EAAE,MAAM,MAAM,GAAG,IAAI,EAC/B,gBAAgB,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,EAC9C,YAAY,EAAE,MAAM,IAAI,EACxB,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,IAAI,CAAC,CA2Ef;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,gBAAgB,EACxB,UAAU,EAAE,UAAU,GAAG,IAAI,GAC5B,OAAO,CAAC,MAAM,CAAC,CA+HjB;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,gBAAgB,GAAG,SAAS,GACvC,eAAe,GAAG,IAAI,CAmBxB"}
|