@aifabrix/miso-client 3.1.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/express/client-token-endpoint.d.ts +76 -0
- package/dist/express/client-token-endpoint.d.ts.map +1 -0
- package/dist/express/client-token-endpoint.js +108 -0
- package/dist/express/client-token-endpoint.js.map +1 -0
- package/dist/express/index.d.ts +2 -1
- package/dist/express/index.d.ts.map +1 -1
- package/dist/express/index.js +8 -3
- package/dist/express/index.js.map +1 -1
- package/dist/express/response-middleware.d.ts.map +1 -1
- package/dist/express/response-middleware.js.map +1 -1
- package/dist/index.d.ts +8 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +14 -1
- package/dist/index.js.map +1 -1
- package/dist/services/auth.service.js +5 -5
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/browser-permission.service.d.ts +60 -0
- package/dist/services/browser-permission.service.d.ts.map +1 -0
- package/dist/services/browser-permission.service.js +159 -0
- package/dist/services/browser-permission.service.js.map +1 -0
- package/dist/services/browser-role.service.d.ts +60 -0
- package/dist/services/browser-role.service.d.ts.map +1 -0
- package/dist/services/browser-role.service.js +159 -0
- package/dist/services/browser-role.service.js.map +1 -0
- package/dist/services/cache.service.d.ts.map +1 -1
- package/dist/services/cache.service.js +4 -0
- package/dist/services/cache.service.js.map +1 -1
- package/dist/services/logger.service.d.ts +4 -0
- package/dist/services/logger.service.d.ts.map +1 -1
- package/dist/services/logger.service.js +21 -0
- package/dist/services/logger.service.js.map +1 -1
- package/dist/types/data-client.types.d.ts +1 -0
- package/dist/types/data-client.types.d.ts.map +1 -1
- package/dist/types/data-client.types.js.map +1 -1
- package/dist/utils/audit-log-queue.d.ts +4 -0
- package/dist/utils/audit-log-queue.d.ts.map +1 -1
- package/dist/utils/audit-log-queue.js +22 -2
- package/dist/utils/audit-log-queue.js.map +1 -1
- package/dist/utils/auth-strategy.js +2 -2
- package/dist/utils/browser-jwt-decoder.d.ts +20 -0
- package/dist/utils/browser-jwt-decoder.d.ts.map +1 -0
- package/dist/utils/browser-jwt-decoder.js +75 -0
- package/dist/utils/browser-jwt-decoder.js.map +1 -0
- package/dist/utils/controller-url-resolver.d.ts +16 -0
- package/dist/utils/controller-url-resolver.d.ts.map +1 -1
- package/dist/utils/controller-url-resolver.js +12 -0
- package/dist/utils/controller-url-resolver.js.map +1 -1
- package/dist/utils/data-client-audit.d.ts +24 -0
- package/dist/utils/data-client-audit.d.ts.map +1 -0
- package/dist/utils/data-client-audit.js +138 -0
- package/dist/utils/data-client-audit.js.map +1 -0
- package/dist/utils/data-client-auth.d.ts +59 -0
- package/dist/utils/data-client-auth.d.ts.map +1 -0
- package/dist/utils/data-client-auth.js +427 -0
- package/dist/utils/data-client-auth.js.map +1 -0
- package/dist/utils/data-client-auto-init.d.ts +66 -0
- package/dist/utils/data-client-auto-init.d.ts.map +1 -0
- package/dist/utils/data-client-auto-init.js +215 -0
- package/dist/utils/data-client-auto-init.js.map +1 -0
- package/dist/utils/data-client-cache.d.ts +36 -0
- package/dist/utils/data-client-cache.d.ts.map +1 -0
- package/dist/utils/data-client-cache.js +55 -0
- package/dist/utils/data-client-cache.js.map +1 -0
- package/dist/utils/data-client-redirect.d.ts +22 -0
- package/dist/utils/data-client-redirect.d.ts.map +1 -0
- package/dist/utils/data-client-redirect.js +345 -0
- package/dist/utils/data-client-redirect.js.map +1 -0
- package/dist/utils/data-client-request.d.ts +32 -0
- package/dist/utils/data-client-request.d.ts.map +1 -0
- package/dist/utils/data-client-request.js +309 -0
- package/dist/utils/data-client-request.js.map +1 -0
- package/dist/utils/data-client-utils.d.ts +49 -0
- package/dist/utils/data-client-utils.d.ts.map +1 -0
- package/dist/utils/data-client-utils.js +139 -0
- package/dist/utils/data-client-utils.js.map +1 -0
- package/dist/utils/data-client.d.ts +103 -29
- package/dist/utils/data-client.d.ts.map +1 -1
- package/dist/utils/data-client.js +321 -774
- package/dist/utils/data-client.js.map +1 -1
- package/dist/utils/internal-http-client.d.ts.map +1 -1
- package/dist/utils/internal-http-client.js +7 -3
- package/dist/utils/internal-http-client.js.map +1 -1
- package/package.json +9 -2
|
@@ -10,6 +10,9 @@ class AuditLogQueue {
|
|
|
10
10
|
this.queue = [];
|
|
11
11
|
this.flushTimer = null;
|
|
12
12
|
this.isFlushing = false;
|
|
13
|
+
// Circuit breaker for HTTP logging - skip attempts after repeated failures
|
|
14
|
+
this.httpLoggingFailures = 0;
|
|
15
|
+
this.httpLoggingDisabledUntil = null;
|
|
13
16
|
this.httpClient = httpClient;
|
|
14
17
|
this.redis = redis;
|
|
15
18
|
this.config = config;
|
|
@@ -87,6 +90,12 @@ class AuditLogQueue {
|
|
|
87
90
|
return; // Successfully queued in Redis
|
|
88
91
|
}
|
|
89
92
|
}
|
|
93
|
+
// Check circuit breaker - skip HTTP logging if we've had too many failures
|
|
94
|
+
const now = Date.now();
|
|
95
|
+
if (this.httpLoggingDisabledUntil && now < this.httpLoggingDisabledUntil) {
|
|
96
|
+
// Circuit breaker is open - skip HTTP logging attempt
|
|
97
|
+
return;
|
|
98
|
+
}
|
|
90
99
|
// Fallback to HTTP batch endpoint
|
|
91
100
|
try {
|
|
92
101
|
await this.httpClient.request("POST", "/api/v1/logs/batch", {
|
|
@@ -97,10 +106,19 @@ class AuditLogQueue {
|
|
|
97
106
|
application: undefined,
|
|
98
107
|
})),
|
|
99
108
|
});
|
|
109
|
+
// Success - reset failure counter
|
|
110
|
+
this.httpLoggingFailures = 0;
|
|
111
|
+
this.httpLoggingDisabledUntil = null;
|
|
100
112
|
}
|
|
101
113
|
catch (error) {
|
|
102
|
-
// Failed to send logs -
|
|
103
|
-
|
|
114
|
+
// Failed to send logs - increment failure counter and open circuit breaker
|
|
115
|
+
this.httpLoggingFailures++;
|
|
116
|
+
if (this.httpLoggingFailures >= AuditLogQueue.MAX_FAILURES) {
|
|
117
|
+
// Open circuit breaker - disable HTTP logging for a period
|
|
118
|
+
this.httpLoggingDisabledUntil = now + AuditLogQueue.DISABLE_DURATION_MS;
|
|
119
|
+
this.httpLoggingFailures = 0; // Reset counter for next attempt after cooldown
|
|
120
|
+
}
|
|
121
|
+
// Silently fail to avoid infinite loops
|
|
104
122
|
}
|
|
105
123
|
}
|
|
106
124
|
catch (error) {
|
|
@@ -128,4 +146,6 @@ class AuditLogQueue {
|
|
|
128
146
|
}
|
|
129
147
|
}
|
|
130
148
|
exports.AuditLogQueue = AuditLogQueue;
|
|
149
|
+
AuditLogQueue.MAX_FAILURES = 3;
|
|
150
|
+
AuditLogQueue.DISABLE_DURATION_MS = 60000; // 1 minute
|
|
131
151
|
//# sourceMappingURL=audit-log-queue.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-log-queue.js","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAYH,MAAa,aAAa;
|
|
1
|
+
{"version":3,"file":"audit-log-queue.js","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAYH,MAAa,aAAa;IAgBxB,YACE,UAAsB,EACtB,KAAmB,EACnB,MAAwB,EACxB,YAA2B;QAnBrB,UAAK,GAAqB,EAAE,CAAC;QAC7B,eAAU,GAAyC,IAAI,CAAC;QAMxD,eAAU,GAAG,KAAK,CAAC;QAE3B,2EAA2E;QACnE,wBAAmB,GAAG,CAAC,CAAC;QACxB,6BAAwB,GAAkB,IAAI,CAAC;QAUrD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QACvC,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,SAAS,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,aAAa,IAAI,GAAG,CAAC;QAEtD,iDAAiD;QACjD,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;YACnC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7C,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC9C,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CAAC,KAAe;QACvB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YACd,KAAK;YACL,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,8BAA8B;QAC9B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACxB,OAAO;QACT,CAAC;QAED,uCAAuC;QACvC,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,GAAG,EAAE;gBAChC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;oBAC3B,gCAAgC;gBAClC,CAAC,CAAC,CAAC;YACL,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CAAC,QAAiB,KAAK;QAChC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QAED,oBAAoB;QACpB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QAEvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YAEpD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAE/C,iEAAiE;YACjE,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChD,wDAAwD;gBACxD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;gBAChD,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,iCAAiC;YACjC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,cAAc,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CACpC,SAAS,EACT,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAC3B,CAAC;gBAEF,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;oBACxB,OAAO,CAAC,+BAA+B;gBACzC,CAAC;YACH,CAAC;YAED,2EAA2E;YAC3E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,IAAI,CAAC,wBAAwB,IAAI,GAAG,GAAG,IAAI,CAAC,wBAAwB,EAAE,CAAC;gBACzE,sDAAsD;gBACtD,OAAO;YACT,CAAC;YAED,kCAAkC;YAClC,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,oBAAoB,EAAE;oBAC1D,IAAI,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBAC3B,GAAG,CAAC;wBACJ,uDAAuD;wBACvD,WAAW,EAAE,SAAS;wBACtB,WAAW,EAAE,SAAS;qBACvB,CAAC,CAAC;iBACJ,CAAC,CAAC;gBACH,kCAAkC;gBAClC,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC;gBAC7B,IAAI,CAAC,wBAAwB,GAAG,IAAI,CAAC;YACvC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,2EAA2E;gBAC3E,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC3B,IAAI,IAAI,CAAC,mBAAmB,IAAI,aAAa,CAAC,YAAY,EAAE,CAAC;oBAC3D,2DAA2D;oBAC3D,IAAI,CAAC,wBAAwB,GAAG,GAAG,GAAG,aAAa,CAAC,mBAAmB,CAAC;oBACxE,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC,CAAC,gDAAgD;gBAChF,CAAC;gBACD,wCAAwC;YAC1C,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gDAAgD;QAClD,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;IAClB,CAAC;;AA1KH,sCA2KC;AA9JyB,0BAAY,GAAG,CAAC,AAAJ,CAAK;AACjB,iCAAmB,GAAG,KAAK,AAAR,CAAS,CAAC,WAAW"}
|
|
@@ -34,8 +34,8 @@ class AuthStrategyHandler {
|
|
|
34
34
|
break;
|
|
35
35
|
case "client-credentials":
|
|
36
36
|
if (clientId && clientSecret) {
|
|
37
|
-
headers["
|
|
38
|
-
headers["
|
|
37
|
+
headers["x-client-id"] = clientId;
|
|
38
|
+
headers["x-client-secret"] = clientSecret;
|
|
39
39
|
return headers;
|
|
40
40
|
}
|
|
41
41
|
break;
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Browser-compatible JWT decoder utility
|
|
3
|
+
* Pure JavaScript implementation using base64url decoding
|
|
4
|
+
* Only decodes (doesn't verify signatures) - used for extracting userId from tokens
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Decode JWT token and extract payload
|
|
8
|
+
* Only decodes (doesn't verify signatures) - used for extracting userId
|
|
9
|
+
* @param token - JWT token string
|
|
10
|
+
* @returns Decoded payload as object or null if decoding fails
|
|
11
|
+
*/
|
|
12
|
+
export declare function decodeJWT(token: string): Record<string, unknown> | null;
|
|
13
|
+
/**
|
|
14
|
+
* Extract userId from JWT token
|
|
15
|
+
* Tries common JWT claim fields: sub, userId, user_id, id
|
|
16
|
+
* @param token - JWT token string
|
|
17
|
+
* @returns User ID string or null if not found
|
|
18
|
+
*/
|
|
19
|
+
export declare function extractUserIdFromToken(token: string): string | null;
|
|
20
|
+
//# sourceMappingURL=browser-jwt-decoder.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"browser-jwt-decoder.d.ts","sourceRoot":"","sources":["../../src/utils/browser-jwt-decoder.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAmBH;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAyBvE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAiBnE"}
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Browser-compatible JWT decoder utility
|
|
4
|
+
* Pure JavaScript implementation using base64url decoding
|
|
5
|
+
* Only decodes (doesn't verify signatures) - used for extracting userId from tokens
|
|
6
|
+
*/
|
|
7
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
8
|
+
exports.decodeJWT = decodeJWT;
|
|
9
|
+
exports.extractUserIdFromToken = extractUserIdFromToken;
|
|
10
|
+
/**
|
|
11
|
+
* Decode base64url string to regular base64
|
|
12
|
+
* @param str - Base64url encoded string
|
|
13
|
+
* @returns Base64 encoded string
|
|
14
|
+
*/
|
|
15
|
+
function base64UrlDecode(str) {
|
|
16
|
+
// Replace URL-safe characters with standard base64 characters
|
|
17
|
+
let base64 = str.replace(/-/g, "+").replace(/_/g, "/");
|
|
18
|
+
// Add padding if needed
|
|
19
|
+
while (base64.length % 4) {
|
|
20
|
+
base64 += "=";
|
|
21
|
+
}
|
|
22
|
+
return base64;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Decode JWT token and extract payload
|
|
26
|
+
* Only decodes (doesn't verify signatures) - used for extracting userId
|
|
27
|
+
* @param token - JWT token string
|
|
28
|
+
* @returns Decoded payload as object or null if decoding fails
|
|
29
|
+
*/
|
|
30
|
+
function decodeJWT(token) {
|
|
31
|
+
try {
|
|
32
|
+
// JWT format: header.payload.signature
|
|
33
|
+
const parts = token.split(".");
|
|
34
|
+
if (parts.length !== 3) {
|
|
35
|
+
return null;
|
|
36
|
+
}
|
|
37
|
+
// Extract payload (second part)
|
|
38
|
+
const payload = parts[1];
|
|
39
|
+
// Decode base64url to base64
|
|
40
|
+
const base64Payload = base64UrlDecode(payload);
|
|
41
|
+
// Decode base64 to string
|
|
42
|
+
const decodedString = atob(base64Payload);
|
|
43
|
+
// Parse JSON payload
|
|
44
|
+
const parsed = JSON.parse(decodedString);
|
|
45
|
+
return parsed;
|
|
46
|
+
}
|
|
47
|
+
catch (error) {
|
|
48
|
+
// Silently handle errors (invalid token format, invalid JSON, etc.)
|
|
49
|
+
return null;
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Extract userId from JWT token
|
|
54
|
+
* Tries common JWT claim fields: sub, userId, user_id, id
|
|
55
|
+
* @param token - JWT token string
|
|
56
|
+
* @returns User ID string or null if not found
|
|
57
|
+
*/
|
|
58
|
+
function extractUserIdFromToken(token) {
|
|
59
|
+
try {
|
|
60
|
+
const decoded = decodeJWT(token);
|
|
61
|
+
if (!decoded) {
|
|
62
|
+
return null;
|
|
63
|
+
}
|
|
64
|
+
// Try common JWT claim fields for user ID
|
|
65
|
+
const userId = decoded.sub ||
|
|
66
|
+
decoded.userId ||
|
|
67
|
+
decoded.user_id ||
|
|
68
|
+
decoded.id;
|
|
69
|
+
return userId ? userId : null;
|
|
70
|
+
}
|
|
71
|
+
catch (error) {
|
|
72
|
+
return null;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
//# sourceMappingURL=browser-jwt-decoder.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"browser-jwt-decoder.js","sourceRoot":"","sources":["../../src/utils/browser-jwt-decoder.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAyBH,8BAyBC;AAQD,wDAiBC;AAzED;;;;GAIG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,8DAA8D;IAC9D,IAAI,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAEvD,wBAAwB;IACxB,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,CAAC;IAChB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,SAAS,CAAC,KAAa;IACrC,IAAI,CAAC;QACH,uCAAuC;QACvC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,gCAAgC;QAChC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEzB,6BAA6B;QAC7B,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QAE/C,0BAA0B;QAC1B,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QAE1C,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAA4B,CAAC;QAEpE,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,oEAAoE;QACpE,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,KAAa;IAClD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QACjC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,0CAA0C;QAC1C,MAAM,MAAM,GACV,OAAO,CAAC,GAAG;YACX,OAAO,CAAC,MAAM;YACd,OAAO,CAAC,OAAO;YACf,OAAO,CAAC,EAAE,CAAC;QACb,OAAO,MAAM,CAAC,CAAC,CAAE,MAAiB,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -9,6 +9,22 @@ import { MisoClientConfig } from "../types/config.types";
|
|
|
9
9
|
* Detects browser by checking for window, localStorage, and fetch globals
|
|
10
10
|
*/
|
|
11
11
|
export declare function isBrowser(): boolean;
|
|
12
|
+
/**
|
|
13
|
+
* Validate URL format
|
|
14
|
+
* Ensures URL is a valid HTTP or HTTPS URL
|
|
15
|
+
*
|
|
16
|
+
* @param url - URL string to validate
|
|
17
|
+
* @returns true if URL is valid HTTP or HTTPS, false otherwise
|
|
18
|
+
*
|
|
19
|
+
* @example
|
|
20
|
+
* ```typescript
|
|
21
|
+
* validateUrl('https://example.com'); // true
|
|
22
|
+
* validateUrl('http://localhost:3000'); // true
|
|
23
|
+
* validateUrl('ftp://example.com'); // false
|
|
24
|
+
* validateUrl('invalid'); // false
|
|
25
|
+
* ```
|
|
26
|
+
*/
|
|
27
|
+
export declare function validateUrl(url: string): boolean;
|
|
12
28
|
/**
|
|
13
29
|
* Resolve controller URL based on environment and configuration
|
|
14
30
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"controller-url-resolver.d.ts","sourceRoot":"","sources":["../../src/utils/controller-url-resolver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;;GAGG;AACH,wBAAgB,SAAS,IAAI,OAAO,CAOnC;
|
|
1
|
+
{"version":3,"file":"controller-url-resolver.d.ts","sourceRoot":"","sources":["../../src/utils/controller-url-resolver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;;GAGG;AACH,wBAAgB,SAAS,IAAI,OAAO,CAOnC;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAOhD;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CAmCrE"}
|
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
*/
|
|
7
7
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
8
8
|
exports.isBrowser = isBrowser;
|
|
9
|
+
exports.validateUrl = validateUrl;
|
|
9
10
|
exports.resolveControllerUrl = resolveControllerUrl;
|
|
10
11
|
/**
|
|
11
12
|
* Check if running in browser environment
|
|
@@ -20,6 +21,17 @@ function isBrowser() {
|
|
|
20
21
|
/**
|
|
21
22
|
* Validate URL format
|
|
22
23
|
* Ensures URL is a valid HTTP or HTTPS URL
|
|
24
|
+
*
|
|
25
|
+
* @param url - URL string to validate
|
|
26
|
+
* @returns true if URL is valid HTTP or HTTPS, false otherwise
|
|
27
|
+
*
|
|
28
|
+
* @example
|
|
29
|
+
* ```typescript
|
|
30
|
+
* validateUrl('https://example.com'); // true
|
|
31
|
+
* validateUrl('http://localhost:3000'); // true
|
|
32
|
+
* validateUrl('ftp://example.com'); // false
|
|
33
|
+
* validateUrl('invalid'); // false
|
|
34
|
+
* ```
|
|
23
35
|
*/
|
|
24
36
|
function validateUrl(url) {
|
|
25
37
|
try {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"controller-url-resolver.js","sourceRoot":"","sources":["../../src/utils/controller-url-resolver.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAQH,8BAOC;
|
|
1
|
+
{"version":3,"file":"controller-url-resolver.js","sourceRoot":"","sources":["../../src/utils/controller-url-resolver.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAQH,8BAOC;AAiBD,kCAOC;AAcD,oDAmCC;AApFD;;;GAGG;AACH,SAAgB,SAAS;IACvB,OAAO,CACL,OAAQ,UAAmC,CAAC,MAAM,KAAK,WAAW;QAClE,OAAQ,UAAyC,CAAC,YAAY;YAC5D,WAAW;QACb,OAAQ,UAAkC,CAAC,KAAK,KAAK,WAAW,CACjE,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,SAAgB,WAAW,CAAC,GAAW;IACrC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;IACrE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,oBAAoB,CAAC,MAAwB;IAC3D,MAAM,YAAY,GAAG,SAAS,EAAE,CAAC;IACjC,IAAI,WAA+B,CAAC;IAEpC,uCAAuC;IACvC,IAAI,YAAY,EAAE,CAAC;QACjB,sCAAsC;QACtC,WAAW,GAAG,MAAM,CAAC,mBAAmB,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,sCAAsC;QACtC,WAAW,GAAG,MAAM,CAAC,oBAAoB,CAAC;IAC5C,CAAC;IAED,6EAA6E;IAC7E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,WAAW,GAAG,MAAM,CAAC,aAAa,CAAC;IACrC,CAAC;IAED,+CAA+C;IAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,gDACE,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,sBACzC,0CAA0C,CAC3C,CAAC;IACJ,CAAC;IAED,sBAAsB;IACtB,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,mCAAmC,WAAW,2CAA2C,CAC1F,CAAC;IACJ,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DataClient audit logging utilities
|
|
3
|
+
* Handles ISO 27001 compliant audit logging for HTTP requests
|
|
4
|
+
*/
|
|
5
|
+
import { MisoClient } from "../index";
|
|
6
|
+
import { AuditConfig } from "../types/data-client.types";
|
|
7
|
+
/**
|
|
8
|
+
* Check if endpoint should skip audit logging
|
|
9
|
+
*/
|
|
10
|
+
export declare function shouldSkipAudit(endpoint: string, auditConfig: AuditConfig | undefined): boolean;
|
|
11
|
+
/**
|
|
12
|
+
* Check if any authentication token is available
|
|
13
|
+
*/
|
|
14
|
+
export type HasAnyTokenFn = () => boolean;
|
|
15
|
+
/**
|
|
16
|
+
* Get user token
|
|
17
|
+
*/
|
|
18
|
+
export type GetTokenFn = () => string | null;
|
|
19
|
+
/**
|
|
20
|
+
* Log audit event (ISO 27001 compliance)
|
|
21
|
+
* Skips audit logging if no authentication token is available (user token OR client token)
|
|
22
|
+
*/
|
|
23
|
+
export declare function logDataClientAudit(method: string, url: string, statusCode: number, duration: number, misoClient: MisoClient | null, auditConfig: AuditConfig | undefined, hasAnyToken: HasAnyTokenFn, getToken: GetTokenFn, requestSize?: number, responseSize?: number, error?: Error, requestHeaders?: Record<string, string>, responseHeaders?: Record<string, string>, requestBody?: unknown, responseBody?: unknown): Promise<void>;
|
|
24
|
+
//# sourceMappingURL=data-client-audit.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-audit.d.ts","sourceRoot":"","sources":["../../src/utils/data-client-audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAIzD;;GAEG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,WAAW,GAAG,SAAS,GACnC,OAAO,CAIT;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC;AAE1C;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,MAAM,GAAG,IAAI,CAAC;AAE7C;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,GAAG,IAAI,EAC7B,WAAW,EAAE,WAAW,GAAG,SAAS,EACpC,WAAW,EAAE,aAAa,EAC1B,QAAQ,EAAE,UAAU,EACpB,WAAW,CAAC,EAAE,MAAM,EACpB,YAAY,CAAC,EAAE,MAAM,EACrB,KAAK,CAAC,EAAE,KAAK,EACb,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACvC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACxC,WAAW,CAAC,EAAE,OAAO,EACrB,YAAY,CAAC,EAAE,OAAO,GACrB,OAAO,CAAC,IAAI,CAAC,CA6If"}
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* DataClient audit logging utilities
|
|
4
|
+
* Handles ISO 27001 compliant audit logging for HTTP requests
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.shouldSkipAudit = shouldSkipAudit;
|
|
8
|
+
exports.logDataClientAudit = logDataClientAudit;
|
|
9
|
+
const data_masker_1 = require("./data-masker");
|
|
10
|
+
const data_client_utils_1 = require("./data-client-utils");
|
|
11
|
+
/**
|
|
12
|
+
* Check if endpoint should skip audit logging
|
|
13
|
+
*/
|
|
14
|
+
function shouldSkipAudit(endpoint, auditConfig) {
|
|
15
|
+
if (!auditConfig?.enabled)
|
|
16
|
+
return true;
|
|
17
|
+
const skipEndpoints = auditConfig.skipEndpoints || [];
|
|
18
|
+
return skipEndpoints.some((skip) => endpoint.includes(skip));
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Log audit event (ISO 27001 compliance)
|
|
22
|
+
* Skips audit logging if no authentication token is available (user token OR client token)
|
|
23
|
+
*/
|
|
24
|
+
async function logDataClientAudit(method, url, statusCode, duration, misoClient, auditConfig, hasAnyToken, getToken, requestSize, responseSize, error, requestHeaders, responseHeaders, requestBody, responseBody) {
|
|
25
|
+
if (shouldSkipAudit(url, auditConfig) || !misoClient)
|
|
26
|
+
return;
|
|
27
|
+
// Skip audit logging if no authentication token is available
|
|
28
|
+
// This prevents 401 errors when attempting to audit log unauthenticated requests
|
|
29
|
+
if (!hasAnyToken()) {
|
|
30
|
+
// Silently skip audit logging for unauthenticated requests
|
|
31
|
+
// This is expected behavior and prevents 401 errors
|
|
32
|
+
return;
|
|
33
|
+
}
|
|
34
|
+
try {
|
|
35
|
+
const token = getToken();
|
|
36
|
+
const userId = token ? (0, data_client_utils_1.extractUserIdFromToken)(token) : undefined;
|
|
37
|
+
const auditLevel = auditConfig?.level || "standard";
|
|
38
|
+
// Build audit context based on level
|
|
39
|
+
const auditContext = {
|
|
40
|
+
method,
|
|
41
|
+
url,
|
|
42
|
+
statusCode,
|
|
43
|
+
duration,
|
|
44
|
+
};
|
|
45
|
+
if (userId) {
|
|
46
|
+
auditContext.userId = userId;
|
|
47
|
+
}
|
|
48
|
+
// Minimal level: only basic info
|
|
49
|
+
if (auditLevel === "minimal") {
|
|
50
|
+
await misoClient.log.audit(`http.request.${method.toLowerCase()}`, url, auditContext, { token: token || undefined });
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
// Standard/Detailed/Full levels: include headers and bodies (masked)
|
|
54
|
+
const maxResponseSize = auditConfig?.maxResponseSize || 10000;
|
|
55
|
+
const maxMaskingSize = auditConfig?.maxMaskingSize || 50000;
|
|
56
|
+
// Truncate and mask request body
|
|
57
|
+
let maskedRequestBody = undefined;
|
|
58
|
+
if (requestBody !== undefined) {
|
|
59
|
+
const truncated = (0, data_client_utils_1.truncatePayload)(requestBody, maxMaskingSize);
|
|
60
|
+
if (!truncated.truncated) {
|
|
61
|
+
maskedRequestBody = data_masker_1.DataMasker.maskSensitiveData(truncated.data);
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
maskedRequestBody = truncated.data;
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
// Truncate and mask response body (for standard, detailed, full levels)
|
|
68
|
+
let maskedResponseBody = undefined;
|
|
69
|
+
if (responseBody !== undefined) {
|
|
70
|
+
const truncated = (0, data_client_utils_1.truncatePayload)(responseBody, maxResponseSize);
|
|
71
|
+
if (!truncated.truncated) {
|
|
72
|
+
maskedResponseBody = data_masker_1.DataMasker.maskSensitiveData(truncated.data);
|
|
73
|
+
}
|
|
74
|
+
else {
|
|
75
|
+
maskedResponseBody = truncated.data;
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
// Mask headers
|
|
79
|
+
const maskedRequestHeaders = requestHeaders
|
|
80
|
+
? data_masker_1.DataMasker.maskSensitiveData(requestHeaders)
|
|
81
|
+
: undefined;
|
|
82
|
+
const maskedResponseHeaders = responseHeaders
|
|
83
|
+
? data_masker_1.DataMasker.maskSensitiveData(responseHeaders)
|
|
84
|
+
: undefined;
|
|
85
|
+
// Add to context based on level (standard, detailed, full all include headers/bodies)
|
|
86
|
+
if (maskedRequestHeaders)
|
|
87
|
+
auditContext.requestHeaders = maskedRequestHeaders;
|
|
88
|
+
if (maskedResponseHeaders)
|
|
89
|
+
auditContext.responseHeaders = maskedResponseHeaders;
|
|
90
|
+
if (maskedRequestBody !== undefined)
|
|
91
|
+
auditContext.requestBody = maskedRequestBody;
|
|
92
|
+
if (maskedResponseBody !== undefined)
|
|
93
|
+
auditContext.responseBody = maskedResponseBody;
|
|
94
|
+
// Add sizes for detailed/full levels
|
|
95
|
+
if (auditLevel === "detailed" || auditLevel === "full") {
|
|
96
|
+
if (requestSize !== undefined)
|
|
97
|
+
auditContext.requestSize = requestSize;
|
|
98
|
+
if (responseSize !== undefined)
|
|
99
|
+
auditContext.responseSize = responseSize;
|
|
100
|
+
}
|
|
101
|
+
if (error) {
|
|
102
|
+
const maskedError = data_masker_1.DataMasker.maskSensitiveData({
|
|
103
|
+
message: error.message,
|
|
104
|
+
name: error.name,
|
|
105
|
+
stack: error.stack,
|
|
106
|
+
});
|
|
107
|
+
auditContext.error = maskedError;
|
|
108
|
+
}
|
|
109
|
+
await misoClient.log.audit(`http.request.${method.toLowerCase()}`, url, auditContext, { token: token || undefined });
|
|
110
|
+
}
|
|
111
|
+
catch (auditError) {
|
|
112
|
+
// Handle audit logging errors gracefully
|
|
113
|
+
// Don't fail main request if audit logging fails
|
|
114
|
+
const error = auditError;
|
|
115
|
+
const statusCode = error.statusCode || error.response?.status;
|
|
116
|
+
const errorMessage = error.message || String(auditError);
|
|
117
|
+
const errorCode = error.code;
|
|
118
|
+
// Silently skip for expected error conditions:
|
|
119
|
+
// - 401: User not authenticated (expected for unauthenticated requests)
|
|
120
|
+
// - Network errors: Connection refused, ECONNREFUSED, ERR_CONNECTION_REFUSED
|
|
121
|
+
// - These are expected when server is unavailable or misconfigured
|
|
122
|
+
const isNetworkError = errorCode === 'ECONNREFUSED' ||
|
|
123
|
+
errorCode === 'ENOTFOUND' ||
|
|
124
|
+
errorMessage.includes('ERR_CONNECTION_REFUSED') ||
|
|
125
|
+
errorMessage.includes('Failed to fetch') ||
|
|
126
|
+
errorMessage.includes('NetworkError') ||
|
|
127
|
+
errorMessage.includes('network error');
|
|
128
|
+
if (statusCode === 401 || isNetworkError) {
|
|
129
|
+
// Silently skip to avoid noise - these are expected conditions
|
|
130
|
+
// 401: User not authenticated (we already check hasAnyToken() before attempting)
|
|
131
|
+
// Network errors: Server unavailable or misconfigured (expected in demo/dev environments)
|
|
132
|
+
return;
|
|
133
|
+
}
|
|
134
|
+
// Other unexpected errors - log warning but don't fail request
|
|
135
|
+
console.warn("Failed to log audit event:", auditError);
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
//# sourceMappingURL=data-client-audit.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-audit.js","sourceRoot":"","sources":["../../src/utils/data-client-audit.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAUH,0CAOC;AAgBD,gDA6JC;AA1LD,+CAA2C;AAC3C,2DAA8E;AAE9E;;GAEG;AACH,SAAgB,eAAe,CAC7B,QAAgB,EAChB,WAAoC;IAEpC,IAAI,CAAC,WAAW,EAAE,OAAO;QAAE,OAAO,IAAI,CAAC;IACvC,MAAM,aAAa,GAAG,WAAW,CAAC,aAAa,IAAI,EAAE,CAAC;IACtD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/D,CAAC;AAYD;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,GAAW,EACX,UAAkB,EAClB,QAAgB,EAChB,UAA6B,EAC7B,WAAoC,EACpC,WAA0B,EAC1B,QAAoB,EACpB,WAAoB,EACpB,YAAqB,EACrB,KAAa,EACb,cAAuC,EACvC,eAAwC,EACxC,WAAqB,EACrB,YAAsB;IAEtB,IAAI,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,CAAC,UAAU;QAAE,OAAO;IAE7D,6DAA6D;IAC7D,iFAAiF;IACjF,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACnB,2DAA2D;QAC3D,oDAAoD;QACpD,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,IAAA,0CAAsB,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACjE,MAAM,UAAU,GAAG,WAAW,EAAE,KAAK,IAAI,UAAU,CAAC;QAEpD,qCAAqC;QACrC,MAAM,YAAY,GAA4B;YAC5C,MAAM;YACN,GAAG;YACH,UAAU;YACV,QAAQ;SACT,CAAC;QAEF,IAAI,MAAM,EAAE,CAAC;YACX,YAAY,CAAC,MAAM,GAAG,MAAM,CAAC;QAC/B,CAAC;QAED,iCAAiC;QACjC,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,CACxB,gBAAgB,MAAM,CAAC,WAAW,EAAE,EAAE,EACtC,GAAG,EACH,YAAY,EACZ,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,CAC9B,CAAC;YACF,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,MAAM,eAAe,GAAG,WAAW,EAAE,eAAe,IAAI,KAAK,CAAC;QAC9D,MAAM,cAAc,GAAG,WAAW,EAAE,cAAc,IAAI,KAAK,CAAC;QAE5D,iCAAiC;QACjC,IAAI,iBAAiB,GAAY,SAAS,CAAC;QAC3C,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,SAAS,GAAG,IAAA,mCAAe,EAAC,WAAW,EAAE,cAAc,CAAC,CAAC;YAC/D,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;gBACzB,iBAAiB,GAAG,wBAAU,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,iBAAiB,GAAG,SAAS,CAAC,IAAI,CAAC;YACrC,CAAC;QACH,CAAC;QAED,wEAAwE;QACxE,IAAI,kBAAkB,GAAY,SAAS,CAAC;QAC5C,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,SAAS,GAAG,IAAA,mCAAe,EAAC,YAAY,EAAE,eAAe,CAAC,CAAC;YACjE,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;gBACzB,kBAAkB,GAAG,wBAAU,CAAC,iBAAiB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACpE,CAAC;iBAAM,CAAC;gBACN,kBAAkB,GAAG,SAAS,CAAC,IAAI,CAAC;YACtC,CAAC;QACH,CAAC;QAED,eAAe;QACf,MAAM,oBAAoB,GAAG,cAAc;YACzC,CAAC,CAAE,wBAAU,CAAC,iBAAiB,CAAC,cAAc,CAG1C;YACJ,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,qBAAqB,GAAG,eAAe;YAC3C,CAAC,CAAE,wBAAU,CAAC,iBAAiB,CAAC,eAAe,CAG3C;YACJ,CAAC,CAAC,SAAS,CAAC;QAEd,sFAAsF;QACtF,IAAI,oBAAoB;YAAE,YAAY,CAAC,cAAc,GAAG,oBAAoB,CAAC;QAC7E,IAAI,qBAAqB;YAAE,YAAY,CAAC,eAAe,GAAG,qBAAqB,CAAC;QAChF,IAAI,iBAAiB,KAAK,SAAS;YAAE,YAAY,CAAC,WAAW,GAAG,iBAAiB,CAAC;QAClF,IAAI,kBAAkB,KAAK,SAAS;YAAE,YAAY,CAAC,YAAY,GAAG,kBAAkB,CAAC;QAErF,qCAAqC;QACrC,IAAI,UAAU,KAAK,UAAU,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YACvD,IAAI,WAAW,KAAK,SAAS;gBAAE,YAAY,CAAC,WAAW,GAAG,WAAW,CAAC;YACtE,IAAI,YAAY,KAAK,SAAS;gBAAE,YAAY,CAAC,YAAY,GAAG,YAAY,CAAC;QAC3E,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,WAAW,GAAG,wBAAU,CAAC,iBAAiB,CAAC;gBAC/C,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;aACnB,CAAC,CAAC;YACH,YAAY,CAAC,KAAK,GAAG,WAAW,CAAC;QACnC,CAAC;QAED,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,CACxB,gBAAgB,MAAM,CAAC,WAAW,EAAE,EAAE,EACtC,GAAG,EACH,YAAY,EACZ,EAAE,KAAK,EAAE,KAAK,IAAI,SAAS,EAAE,CAC9B,CAAC;IACJ,CAAC;IAAC,OAAO,UAAU,EAAE,CAAC;QACpB,yCAAyC;QACzC,iDAAiD;QACjD,MAAM,KAAK,GAAG,UAKb,CAAC;QACF,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC9D,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,IAAI,MAAM,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC;QAE7B,+CAA+C;QAC/C,wEAAwE;QACxE,6EAA6E;QAC7E,mEAAmE;QACnE,MAAM,cAAc,GAClB,SAAS,KAAK,cAAc;YAC5B,SAAS,KAAK,WAAW;YACzB,YAAY,CAAC,QAAQ,CAAC,wBAAwB,CAAC;YAC/C,YAAY,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACxC,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC;YACrC,YAAY,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAEzC,IAAI,UAAU,KAAK,GAAG,IAAI,cAAc,EAAE,CAAC;YACzC,+DAA+D;YAC/D,iFAAiF;YACjF,0FAA0F;YAC1F,OAAO;QACT,CAAC;QAED,+DAA+D;QAC/D,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,UAAU,CAAC,CAAC;IACzD,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* DataClient authentication utilities
|
|
3
|
+
* Handles authentication, token management, and login/logout flows
|
|
4
|
+
*/
|
|
5
|
+
import { MisoClient } from "../index";
|
|
6
|
+
import { DataClientConfig, MisoClientConfig } from "../types/data-client.types";
|
|
7
|
+
import { ClientTokenInfo } from "./token-utils";
|
|
8
|
+
/**
|
|
9
|
+
* Get authentication token from localStorage
|
|
10
|
+
*/
|
|
11
|
+
export declare function getToken(tokenKeys?: string[]): string | null;
|
|
12
|
+
/**
|
|
13
|
+
* Check if client token is available (from localStorage cache or config)
|
|
14
|
+
*/
|
|
15
|
+
export declare function hasClientToken(misoClient: MisoClient | null, misoConfig: MisoClientConfig | undefined): boolean;
|
|
16
|
+
/**
|
|
17
|
+
* Check if any authentication token is available (user token OR client token)
|
|
18
|
+
*/
|
|
19
|
+
export declare function hasAnyToken(tokenKeys?: string[], misoClient?: MisoClient | null, misoConfig?: MisoClientConfig): boolean;
|
|
20
|
+
/**
|
|
21
|
+
* Get client token for requests
|
|
22
|
+
* Checks localStorage cache first, then config, then calls getEnvironmentToken() if needed
|
|
23
|
+
* @returns Client token string or null if unavailable
|
|
24
|
+
*/
|
|
25
|
+
export declare function getClientToken(misoConfig: MisoClientConfig | undefined, _baseUrl: string, _getEnvironmentToken: () => Promise<string>): Promise<string | null>;
|
|
26
|
+
/**
|
|
27
|
+
* Build controller URL from configuration
|
|
28
|
+
* Uses controllerPublicUrl (browser) or controllerUrl (fallback)
|
|
29
|
+
* @returns Controller base URL or null if not configured
|
|
30
|
+
*/
|
|
31
|
+
export declare function getControllerUrl(misoConfig: MisoClientConfig | undefined): string | null;
|
|
32
|
+
/**
|
|
33
|
+
* Redirect to login page via controller
|
|
34
|
+
* Re-exported from data-client-redirect for backward compatibility
|
|
35
|
+
*/
|
|
36
|
+
export { redirectToLogin } from "./data-client-redirect";
|
|
37
|
+
/**
|
|
38
|
+
* Logout user and redirect
|
|
39
|
+
* Calls logout API with x-client-token header, clears tokens from localStorage, clears cache, and redirects
|
|
40
|
+
* @param redirectUrl - Optional redirect URL after logout (defaults to logoutUrl or loginUrl)
|
|
41
|
+
*/
|
|
42
|
+
export declare function logout(config: DataClientConfig, getTokenFn: () => string | null, getClientTokenFn: () => Promise<string | null>, clearCacheFn: () => void, redirectUrl?: string): Promise<void>;
|
|
43
|
+
/**
|
|
44
|
+
* Get environment token (browser-side)
|
|
45
|
+
* Checks localStorage cache first, then calls backend endpoint if needed
|
|
46
|
+
* Uses clientTokenUri from config or defaults to /api/v1/auth/client-token
|
|
47
|
+
*
|
|
48
|
+
* @returns Client token string
|
|
49
|
+
* @throws Error if token fetch fails
|
|
50
|
+
*/
|
|
51
|
+
export declare function getEnvironmentToken(config: DataClientConfig, misoClient: MisoClient | null): Promise<string>;
|
|
52
|
+
/**
|
|
53
|
+
* Get client token information (browser-side)
|
|
54
|
+
* Extracts application and environment info from client token
|
|
55
|
+
*
|
|
56
|
+
* @returns Client token info or null if token not available
|
|
57
|
+
*/
|
|
58
|
+
export declare function getClientTokenInfo(misoConfig: MisoClientConfig | undefined): ClientTokenInfo | null;
|
|
59
|
+
//# sourceMappingURL=data-client-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"data-client-auth.d.ts","sourceRoot":"","sources":["../../src/utils/data-client-auth.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAOhF,OAAO,EAA0B,eAAe,EAAE,MAAM,eAAe,CAAC;AAKxE;;GAEG;AACH,wBAAgB,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,IAAI,CAQ5D;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,UAAU,EAAE,UAAU,GAAG,IAAI,EAC7B,UAAU,EAAE,gBAAgB,GAAG,SAAS,GACvC,OAAO,CAqCT;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,SAAS,CAAC,EAAE,MAAM,EAAE,EACpB,UAAU,CAAC,EAAE,UAAU,GAAG,IAAI,EAC9B,UAAU,CAAC,EAAE,gBAAgB,GAC5B,OAAO,CAET;AAED;;;;GAIG;AACH,wBAAsB,cAAc,CAClC,UAAU,EAAE,gBAAgB,GAAG,SAAS,EACxC,QAAQ,EAAE,MAAM,EAChB,oBAAoB,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,GAC1C,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAoGxB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,gBAAgB,GAAG,SAAS,GAAG,MAAM,GAAG,IAAI,CAgBxF;AAED;;;GAGG;AACH,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD;;;;GAIG;AACH,wBAAsB,MAAM,CAC1B,MAAM,EAAE,gBAAgB,EACxB,UAAU,EAAE,MAAM,MAAM,GAAG,IAAI,EAC/B,gBAAgB,EAAE,MAAM,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,EAC9C,YAAY,EAAE,MAAM,IAAI,EACxB,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,IAAI,CAAC,CAoGf;AAED;;;;;;;GAOG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,gBAAgB,EACxB,UAAU,EAAE,UAAU,GAAG,IAAI,GAC5B,OAAO,CAAC,MAAM,CAAC,CA+HjB;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,gBAAgB,GAAG,SAAS,GACvC,eAAe,GAAG,IAAI,CAmBxB"}
|