@aifabrix/miso-client 3.2.5 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +624 -0
- package/dist/api/auth-cache.api.d.ts +52 -0
- package/dist/api/auth-cache.api.d.ts.map +1 -0
- package/dist/api/auth-cache.api.js +125 -0
- package/dist/api/auth-cache.api.js.map +1 -0
- package/dist/api/auth-login.api.d.ts +52 -0
- package/dist/api/auth-login.api.d.ts.map +1 -0
- package/dist/api/auth-login.api.js +102 -0
- package/dist/api/auth-login.api.js.map +1 -0
- package/dist/api/auth-token.api.d.ts +46 -0
- package/dist/api/auth-token.api.d.ts.map +1 -0
- package/dist/api/auth-token.api.js +90 -0
- package/dist/api/auth-token.api.js.map +1 -0
- package/dist/api/auth-user.api.d.ts +43 -0
- package/dist/api/auth-user.api.d.ts.map +1 -0
- package/dist/api/auth-user.api.js +87 -0
- package/dist/api/auth-user.api.js.map +1 -0
- package/dist/api/auth.api.d.ts +48 -0
- package/dist/api/auth.api.d.ts.map +1 -0
- package/dist/api/auth.api.js +152 -0
- package/dist/api/auth.api.js.map +1 -0
- package/dist/api/index.d.ts +39 -0
- package/dist/api/index.d.ts.map +1 -0
- package/dist/api/index.js +31 -0
- package/dist/api/index.js.map +1 -0
- package/dist/api/logs-create.api.d.ts +32 -0
- package/dist/api/logs-create.api.d.ts.map +1 -0
- package/dist/api/logs-create.api.js +63 -0
- package/dist/api/logs-create.api.js.map +1 -0
- package/dist/api/logs-export.api.d.ts +24 -0
- package/dist/api/logs-export.api.d.ts.map +1 -0
- package/dist/api/logs-export.api.js +43 -0
- package/dist/api/logs-export.api.js.map +1 -0
- package/dist/api/logs-list.api.d.ts +63 -0
- package/dist/api/logs-list.api.d.ts.map +1 -0
- package/dist/api/logs-list.api.js +155 -0
- package/dist/api/logs-list.api.js.map +1 -0
- package/dist/api/logs-stats.api.d.ts +48 -0
- package/dist/api/logs-stats.api.d.ts.map +1 -0
- package/dist/api/logs-stats.api.js +107 -0
- package/dist/api/logs-stats.api.js.map +1 -0
- package/dist/api/logs.api.d.ts +35 -0
- package/dist/api/logs.api.d.ts.map +1 -0
- package/dist/api/logs.api.js +71 -0
- package/dist/api/logs.api.js.map +1 -0
- package/dist/api/permissions.api.d.ts +31 -0
- package/dist/api/permissions.api.d.ts.map +1 -0
- package/dist/api/permissions.api.js +62 -0
- package/dist/api/permissions.api.js.map +1 -0
- package/dist/api/roles.api.d.ts +31 -0
- package/dist/api/roles.api.d.ts.map +1 -0
- package/dist/api/roles.api.js +62 -0
- package/dist/api/roles.api.js.map +1 -0
- package/dist/api/types/auth.types.d.ts +293 -0
- package/dist/api/types/auth.types.d.ts.map +1 -0
- package/dist/api/types/auth.types.js +7 -0
- package/dist/api/types/auth.types.js.map +1 -0
- package/dist/api/types/logs.types.d.ts +266 -0
- package/dist/api/types/logs.types.d.ts.map +1 -0
- package/dist/api/types/logs.types.js +7 -0
- package/dist/api/types/logs.types.js.map +1 -0
- package/dist/api/types/permissions.types.d.ts +32 -0
- package/dist/api/types/permissions.types.d.ts.map +1 -0
- package/dist/api/types/permissions.types.js +7 -0
- package/dist/api/types/permissions.types.js.map +1 -0
- package/dist/api/types/roles.types.d.ts +32 -0
- package/dist/api/types/roles.types.d.ts.map +1 -0
- package/dist/api/types/roles.types.js +7 -0
- package/dist/api/types/roles.types.js.map +1 -0
- package/dist/index.d.ts +31 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +52 -5
- package/dist/index.js.map +1 -1
- package/dist/services/auth.service.d.ts +3 -1
- package/dist/services/auth.service.d.ts.map +1 -1
- package/dist/services/auth.service.js +62 -23
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/browser-permission.service.d.ts +3 -1
- package/dist/services/browser-permission.service.d.ts.map +1 -1
- package/dist/services/browser-permission.service.js +32 -16
- package/dist/services/browser-permission.service.js.map +1 -1
- package/dist/services/browser-role.service.d.ts +3 -1
- package/dist/services/browser-role.service.d.ts.map +1 -1
- package/dist/services/browser-role.service.js +32 -16
- package/dist/services/browser-role.service.js.map +1 -1
- package/dist/services/logger.service.d.ts +7 -0
- package/dist/services/logger.service.d.ts.map +1 -1
- package/dist/services/logger.service.js +72 -7
- package/dist/services/logger.service.js.map +1 -1
- package/dist/services/permission.service.d.ts +3 -1
- package/dist/services/permission.service.d.ts.map +1 -1
- package/dist/services/permission.service.js +32 -16
- package/dist/services/permission.service.js.map +1 -1
- package/dist/services/role.service.d.ts +3 -1
- package/dist/services/role.service.d.ts.map +1 -1
- package/dist/services/role.service.js +25 -13
- package/dist/services/role.service.js.map +1 -1
- package/dist/services/token-validation.service.d.ts +49 -0
- package/dist/services/token-validation.service.d.ts.map +1 -0
- package/dist/services/token-validation.service.js +258 -0
- package/dist/services/token-validation.service.js.map +1 -0
- package/dist/types/config.types.d.ts +7 -0
- package/dist/types/config.types.d.ts.map +1 -1
- package/dist/types/config.types.js.map +1 -1
- package/dist/types/token-validation.types.d.ts +88 -0
- package/dist/types/token-validation.types.d.ts.map +1 -0
- package/dist/types/token-validation.types.js +7 -0
- package/dist/types/token-validation.types.js.map +1 -0
- package/dist/utils/audit-log-queue.d.ts +7 -0
- package/dist/utils/audit-log-queue.d.ts.map +1 -1
- package/dist/utils/audit-log-queue.js +29 -8
- package/dist/utils/audit-log-queue.js.map +1 -1
- package/dist/utils/data-client.d.ts.map +1 -1
- package/dist/utils/data-client.js +8 -3
- package/dist/utils/data-client.js.map +1 -1
- package/package.json +4 -2
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Token validation service for local JWKS-based JWT verification
|
|
3
|
+
* Supports Keycloak and delegated OAuth providers with dual-layer caching
|
|
4
|
+
*/
|
|
5
|
+
import { TokenValidationOptions, TokenValidationResult, KeycloakConfig } from "../types/token-validation.types";
|
|
6
|
+
export declare class TokenValidationService {
|
|
7
|
+
private jwksCache;
|
|
8
|
+
private readonly JWKS_CACHE_TTL_MS;
|
|
9
|
+
private resultCache;
|
|
10
|
+
private readonly RESULT_CACHE_TTL_MS;
|
|
11
|
+
private keycloakConfig?;
|
|
12
|
+
constructor(keycloakConfig?: KeycloakConfig);
|
|
13
|
+
/**
|
|
14
|
+
* Set or update Keycloak configuration
|
|
15
|
+
* @param config - Keycloak configuration
|
|
16
|
+
*/
|
|
17
|
+
setKeycloakConfig(config: KeycloakConfig): void;
|
|
18
|
+
/**
|
|
19
|
+
* Validate token locally using JWKS
|
|
20
|
+
* @param token - JWT token to validate
|
|
21
|
+
* @param options - Validation options
|
|
22
|
+
* @returns Validation result with payload or error
|
|
23
|
+
*/
|
|
24
|
+
validateTokenLocal(token: string, options?: TokenValidationOptions): Promise<TokenValidationResult>;
|
|
25
|
+
/**
|
|
26
|
+
* Clear JWKS cache
|
|
27
|
+
* @param jwksUri - Specific URI to clear, or all if not provided
|
|
28
|
+
*/
|
|
29
|
+
clearCache(jwksUri?: string): void;
|
|
30
|
+
/**
|
|
31
|
+
* Clear validation result cache
|
|
32
|
+
*/
|
|
33
|
+
clearResultCache(): void;
|
|
34
|
+
/**
|
|
35
|
+
* Clear all caches (JWKS + results)
|
|
36
|
+
*/
|
|
37
|
+
clearAllCaches(): void;
|
|
38
|
+
private performValidation;
|
|
39
|
+
private determineTokenType;
|
|
40
|
+
private validateKeycloakToken;
|
|
41
|
+
private validateDelegatedToken;
|
|
42
|
+
private mapPayload;
|
|
43
|
+
private getJWKS;
|
|
44
|
+
private getTokenHash;
|
|
45
|
+
private getCachedResult;
|
|
46
|
+
private cacheResult;
|
|
47
|
+
private shouldCacheResult;
|
|
48
|
+
}
|
|
49
|
+
//# sourceMappingURL=token-validation.service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-validation.service.d.ts","sourceRoot":"","sources":["../../src/services/token-validation.service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH,OAAO,EAEL,sBAAsB,EACtB,qBAAqB,EAErB,cAAc,EAGf,MAAM,iCAAiC,CAAC;AAEzC,qBAAa,sBAAsB;IAEjC,OAAO,CAAC,SAAS,CAGb;IACJ,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAkB;IAGpD,OAAO,CAAC,WAAW,CAA2C;IAC9D,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAa;IAEjD,OAAO,CAAC,cAAc,CAAC,CAAiB;gBAE5B,cAAc,CAAC,EAAE,cAAc;IAI3C;;;OAGG;IACH,iBAAiB,CAAC,MAAM,EAAE,cAAc,GAAG,IAAI;IAI/C;;;;;OAKG;IACG,kBAAkB,CACtB,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,qBAAqB,CAAC;IA8BjC;;;OAGG;IACH,UAAU,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI;IAQlC;;OAEG;IACH,gBAAgB,IAAI,IAAI;IAIxB;;OAEG;IACH,cAAc,IAAI,IAAI;YAOR,iBAAiB;IAyB/B,OAAO,CAAC,kBAAkB;YAWZ,qBAAqB;YAgDrB,sBAAsB;IAoDpC,OAAO,CAAC,UAAU;YAeJ,OAAO;IAerB,OAAO,CAAC,YAAY;IAMpB,OAAO,CAAC,eAAe;IAgBvB,OAAO,CAAC,WAAW;IAQnB,OAAO,CAAC,iBAAiB;CAU1B"}
|
|
@@ -0,0 +1,258 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Token validation service for local JWKS-based JWT verification
|
|
4
|
+
* Supports Keycloak and delegated OAuth providers with dual-layer caching
|
|
5
|
+
*/
|
|
6
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
+
exports.TokenValidationService = void 0;
|
|
8
|
+
const jose_1 = require("jose");
|
|
9
|
+
class TokenValidationService {
|
|
10
|
+
constructor(keycloakConfig) {
|
|
11
|
+
// JWKS cache: jwksUri -> { keySet, expiresAt }
|
|
12
|
+
this.jwksCache = new Map();
|
|
13
|
+
this.JWKS_CACHE_TTL_MS = 60 * 60 * 1000; // 1 hour
|
|
14
|
+
// Validation result cache: tokenHash -> { result, expiresAt }
|
|
15
|
+
this.resultCache = new Map();
|
|
16
|
+
this.RESULT_CACHE_TTL_MS = 60 * 1000; // 1 minute
|
|
17
|
+
this.keycloakConfig = keycloakConfig;
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* Set or update Keycloak configuration
|
|
21
|
+
* @param config - Keycloak configuration
|
|
22
|
+
*/
|
|
23
|
+
setKeycloakConfig(config) {
|
|
24
|
+
this.keycloakConfig = config;
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* Validate token locally using JWKS
|
|
28
|
+
* @param token - JWT token to validate
|
|
29
|
+
* @param options - Validation options
|
|
30
|
+
* @returns Validation result with payload or error
|
|
31
|
+
*/
|
|
32
|
+
async validateTokenLocal(token, options) {
|
|
33
|
+
try {
|
|
34
|
+
// 1. Check validation result cache (unless skipResultCache)
|
|
35
|
+
if (!options?.skipResultCache) {
|
|
36
|
+
const cached = this.getCachedResult(token);
|
|
37
|
+
if (cached) {
|
|
38
|
+
return { ...cached, cached: true };
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
// 2. Perform actual validation
|
|
42
|
+
const result = await this.performValidation(token, options);
|
|
43
|
+
// 3. Cache result (unless skipResultCache or shouldn't cache)
|
|
44
|
+
if (!options?.skipResultCache && this.shouldCacheResult(result)) {
|
|
45
|
+
this.cacheResult(token, result);
|
|
46
|
+
}
|
|
47
|
+
return result;
|
|
48
|
+
}
|
|
49
|
+
catch (error) {
|
|
50
|
+
const errorMessage = error instanceof Error ? error.message : "Token validation failed";
|
|
51
|
+
return {
|
|
52
|
+
valid: false,
|
|
53
|
+
tokenType: options?.tokenType || "auto",
|
|
54
|
+
error: errorMessage,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Clear JWKS cache
|
|
60
|
+
* @param jwksUri - Specific URI to clear, or all if not provided
|
|
61
|
+
*/
|
|
62
|
+
clearCache(jwksUri) {
|
|
63
|
+
if (jwksUri) {
|
|
64
|
+
this.jwksCache.delete(jwksUri);
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
this.jwksCache.clear();
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
/**
|
|
71
|
+
* Clear validation result cache
|
|
72
|
+
*/
|
|
73
|
+
clearResultCache() {
|
|
74
|
+
this.resultCache.clear();
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Clear all caches (JWKS + results)
|
|
78
|
+
*/
|
|
79
|
+
clearAllCaches() {
|
|
80
|
+
this.jwksCache.clear();
|
|
81
|
+
this.resultCache.clear();
|
|
82
|
+
}
|
|
83
|
+
// ==================== PRIVATE METHODS ====================
|
|
84
|
+
async performValidation(token, options) {
|
|
85
|
+
// Decode to get issuer (without verification)
|
|
86
|
+
const decoded = (0, jose_1.decodeJwt)(token);
|
|
87
|
+
const issuer = decoded.iss;
|
|
88
|
+
if (!issuer) {
|
|
89
|
+
return {
|
|
90
|
+
valid: false,
|
|
91
|
+
tokenType: "auto",
|
|
92
|
+
error: "Token missing issuer (iss) claim",
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
const tokenType = this.determineTokenType(issuer, options?.tokenType);
|
|
96
|
+
if (tokenType === "keycloak") {
|
|
97
|
+
return this.validateKeycloakToken(token, options);
|
|
98
|
+
}
|
|
99
|
+
else {
|
|
100
|
+
return this.validateDelegatedToken(token, issuer, options);
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
determineTokenType(issuer, hint) {
|
|
104
|
+
if (hint && hint !== "auto")
|
|
105
|
+
return hint;
|
|
106
|
+
if (this.keycloakConfig) {
|
|
107
|
+
const keycloakIssuer = `${this.keycloakConfig.authServerUrl}/realms/${this.keycloakConfig.realm}`;
|
|
108
|
+
if (issuer === keycloakIssuer)
|
|
109
|
+
return "keycloak";
|
|
110
|
+
}
|
|
111
|
+
return "delegated";
|
|
112
|
+
}
|
|
113
|
+
async validateKeycloakToken(token, options) {
|
|
114
|
+
if (!this.keycloakConfig) {
|
|
115
|
+
return {
|
|
116
|
+
valid: false,
|
|
117
|
+
tokenType: "keycloak",
|
|
118
|
+
error: "Keycloak not configured",
|
|
119
|
+
};
|
|
120
|
+
}
|
|
121
|
+
const jwksUri = `${this.keycloakConfig.authServerUrl}/realms/${this.keycloakConfig.realm}/protocol/openid-connect/certs`;
|
|
122
|
+
const expectedIssuer = `${this.keycloakConfig.authServerUrl}/realms/${this.keycloakConfig.realm}`;
|
|
123
|
+
try {
|
|
124
|
+
const jwks = await this.getJWKS(jwksUri);
|
|
125
|
+
const verifyOptions = {
|
|
126
|
+
issuer: expectedIssuer,
|
|
127
|
+
};
|
|
128
|
+
if (this.keycloakConfig.verifyAudience &&
|
|
129
|
+
this.keycloakConfig.clientId &&
|
|
130
|
+
!options?.skipAudienceValidation) {
|
|
131
|
+
verifyOptions.audience = this.keycloakConfig.clientId;
|
|
132
|
+
}
|
|
133
|
+
const { payload } = await (0, jose_1.jwtVerify)(token, jwks, verifyOptions);
|
|
134
|
+
return {
|
|
135
|
+
valid: true,
|
|
136
|
+
tokenType: "keycloak",
|
|
137
|
+
payload: this.mapPayload(payload),
|
|
138
|
+
};
|
|
139
|
+
}
|
|
140
|
+
catch (error) {
|
|
141
|
+
return {
|
|
142
|
+
valid: false,
|
|
143
|
+
tokenType: "keycloak",
|
|
144
|
+
error: error instanceof Error
|
|
145
|
+
? error.message
|
|
146
|
+
: "Keycloak token validation failed",
|
|
147
|
+
};
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
async validateDelegatedToken(token, issuer, options) {
|
|
151
|
+
let provider = null;
|
|
152
|
+
if (typeof options?.delegatedProvider === "function") {
|
|
153
|
+
provider = await options.delegatedProvider(issuer);
|
|
154
|
+
}
|
|
155
|
+
else if (options?.delegatedProvider) {
|
|
156
|
+
provider = options.delegatedProvider;
|
|
157
|
+
}
|
|
158
|
+
if (!provider) {
|
|
159
|
+
return {
|
|
160
|
+
valid: false,
|
|
161
|
+
tokenType: "delegated",
|
|
162
|
+
error: `No delegated provider configured for issuer: ${issuer}`,
|
|
163
|
+
};
|
|
164
|
+
}
|
|
165
|
+
try {
|
|
166
|
+
const jwks = await this.getJWKS(provider.jwksUri);
|
|
167
|
+
const verifyOptions = {
|
|
168
|
+
issuer: provider.issuer,
|
|
169
|
+
};
|
|
170
|
+
if (!options?.skipAudienceValidation && provider.audience) {
|
|
171
|
+
verifyOptions.audience = provider.audience;
|
|
172
|
+
}
|
|
173
|
+
const { payload } = await (0, jose_1.jwtVerify)(token, jwks, verifyOptions);
|
|
174
|
+
return {
|
|
175
|
+
valid: true,
|
|
176
|
+
tokenType: "delegated",
|
|
177
|
+
providerKey: provider.key,
|
|
178
|
+
payload: this.mapPayload(payload),
|
|
179
|
+
};
|
|
180
|
+
}
|
|
181
|
+
catch (error) {
|
|
182
|
+
return {
|
|
183
|
+
valid: false,
|
|
184
|
+
tokenType: "delegated",
|
|
185
|
+
providerKey: provider.key,
|
|
186
|
+
error: error instanceof Error
|
|
187
|
+
? error.message
|
|
188
|
+
: "Delegated token validation failed",
|
|
189
|
+
};
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
mapPayload(payload) {
|
|
193
|
+
return {
|
|
194
|
+
...payload,
|
|
195
|
+
sub: payload.sub,
|
|
196
|
+
iss: payload.iss,
|
|
197
|
+
email: payload.email,
|
|
198
|
+
preferredUsername: payload.preferred_username,
|
|
199
|
+
name: payload.name,
|
|
200
|
+
realmAccess: payload.realm_access,
|
|
201
|
+
resourceAccess: payload.resource_access,
|
|
202
|
+
};
|
|
203
|
+
}
|
|
204
|
+
async getJWKS(jwksUri) {
|
|
205
|
+
const cached = this.jwksCache.get(jwksUri);
|
|
206
|
+
if (cached && cached.expiresAt > Date.now()) {
|
|
207
|
+
return cached.keySet;
|
|
208
|
+
}
|
|
209
|
+
const keySet = (0, jose_1.createRemoteJWKSet)(new URL(jwksUri));
|
|
210
|
+
this.jwksCache.set(jwksUri, {
|
|
211
|
+
keySet,
|
|
212
|
+
expiresAt: Date.now() + this.JWKS_CACHE_TTL_MS,
|
|
213
|
+
});
|
|
214
|
+
return keySet;
|
|
215
|
+
}
|
|
216
|
+
getTokenHash(token) {
|
|
217
|
+
// Use first 16 + last 16 chars as pseudo-hash for cache key
|
|
218
|
+
if (token.length <= 32)
|
|
219
|
+
return token;
|
|
220
|
+
return `${token.slice(0, 16)}...${token.slice(-16)}`;
|
|
221
|
+
}
|
|
222
|
+
getCachedResult(token) {
|
|
223
|
+
const hash = this.getTokenHash(token);
|
|
224
|
+
const entry = this.resultCache.get(hash);
|
|
225
|
+
if (entry && entry.expiresAt > Date.now()) {
|
|
226
|
+
return entry.result;
|
|
227
|
+
}
|
|
228
|
+
// Clean up expired entry
|
|
229
|
+
if (entry) {
|
|
230
|
+
this.resultCache.delete(hash);
|
|
231
|
+
}
|
|
232
|
+
return null;
|
|
233
|
+
}
|
|
234
|
+
cacheResult(token, result) {
|
|
235
|
+
const hash = this.getTokenHash(token);
|
|
236
|
+
this.resultCache.set(hash, {
|
|
237
|
+
result,
|
|
238
|
+
expiresAt: Date.now() + this.RESULT_CACHE_TTL_MS,
|
|
239
|
+
});
|
|
240
|
+
}
|
|
241
|
+
shouldCacheResult(result) {
|
|
242
|
+
// Cache valid results and definitive invalid results
|
|
243
|
+
// Don't cache config errors (provider not found, etc.)
|
|
244
|
+
if (result.valid)
|
|
245
|
+
return true;
|
|
246
|
+
if (result.error?.includes("expired"))
|
|
247
|
+
return true;
|
|
248
|
+
if (result.error?.includes('"exp"'))
|
|
249
|
+
return true; // jose library format
|
|
250
|
+
if (result.error?.includes("signature"))
|
|
251
|
+
return true;
|
|
252
|
+
if (result.error?.includes("invalid"))
|
|
253
|
+
return true;
|
|
254
|
+
return false;
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
exports.TokenValidationService = TokenValidationService;
|
|
258
|
+
//# sourceMappingURL=token-validation.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-validation.service.js","sourceRoot":"","sources":["../../src/services/token-validation.service.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,+BAKc;AAWd,MAAa,sBAAsB;IAcjC,YAAY,cAA+B;QAb3C,+CAA+C;QACvC,cAAS,GAAG,IAAI,GAAG,EAGxB,CAAC;QACa,sBAAiB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,SAAS;QAE9D,8DAA8D;QACtD,gBAAW,GAAG,IAAI,GAAG,EAAgC,CAAC;QAC7C,wBAAmB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;QAK3D,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;IACvC,CAAC;IAED;;;OAGG;IACH,iBAAiB,CAAC,MAAsB;QACtC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,kBAAkB,CACtB,KAAa,EACb,OAAgC;QAEhC,IAAI,CAAC;YACH,4DAA4D;YAC5D,IAAI,CAAC,OAAO,EAAE,eAAe,EAAE,CAAC;gBAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;gBAC3C,IAAI,MAAM,EAAE,CAAC;oBACX,OAAO,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,+BAA+B;YAC/B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YAE5D,8DAA8D;YAC9D,IAAI,CAAC,OAAO,EAAE,eAAe,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChE,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAClC,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB,CAAC;YACrE,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,OAAO,EAAE,SAAS,IAAI,MAAM;gBACvC,KAAK,EAAE,YAAY;aACpB,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,OAAgB;QACzB,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,CAAC;QACvB,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED,4DAA4D;IAEpD,KAAK,CAAC,iBAAiB,CAC7B,KAAa,EACb,OAAgC;QAEhC,8CAA8C;QAC9C,MAAM,OAAO,GAAG,IAAA,gBAAS,EAAC,KAAK,CAAC,CAAC;QACjC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;QAE3B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,MAAM;gBACjB,KAAK,EAAE,kCAAkC;aAC1C,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;QAEtE,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,qBAAqB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,MAAc,EAAE,IAAgB;QACzD,IAAI,IAAI,IAAI,IAAI,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC;QAEzC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,MAAM,cAAc,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,WAAW,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;YAClG,IAAI,MAAM,KAAK,cAAc;gBAAE,OAAO,UAAU,CAAC;QACnD,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,qBAAqB,CACjC,KAAa,EACb,OAAgC;QAEhC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,UAAU;gBACrB,KAAK,EAAE,yBAAyB;aACjC,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,WAAW,IAAI,CAAC,cAAc,CAAC,KAAK,gCAAgC,CAAC;QACzH,MAAM,cAAc,GAAG,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,WAAW,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;QAElG,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACzC,MAAM,aAAa,GAA0C;gBAC3D,MAAM,EAAE,cAAc;aACvB,CAAC;YAEF,IACE,IAAI,CAAC,cAAc,CAAC,cAAc;gBAClC,IAAI,CAAC,cAAc,CAAC,QAAQ;gBAC5B,CAAC,OAAO,EAAE,sBAAsB,EAChC,CAAC;gBACD,aAAa,CAAC,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC;YACxD,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;YAEhE,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,SAAS,EAAE,UAAU;gBACrB,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;aAClC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,UAAU;gBACrB,KAAK,EACH,KAAK,YAAY,KAAK;oBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;oBACf,CAAC,CAAC,kCAAkC;aACzC,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAClC,KAAa,EACb,MAAc,EACd,OAAgC;QAEhC,IAAI,QAAQ,GAAmC,IAAI,CAAC;QAEpD,IAAI,OAAO,OAAO,EAAE,iBAAiB,KAAK,UAAU,EAAE,CAAC;YACrD,QAAQ,GAAG,MAAM,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC;aAAM,IAAI,OAAO,EAAE,iBAAiB,EAAE,CAAC;YACtC,QAAQ,GAAG,OAAO,CAAC,iBAAiB,CAAC;QACvC,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,WAAW;gBACtB,KAAK,EAAE,gDAAgD,MAAM,EAAE;aAChE,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAClD,MAAM,aAAa,GAA0C;gBAC3D,MAAM,EAAE,QAAQ,CAAC,MAAM;aACxB,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,sBAAsB,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;gBAC1D,aAAa,CAAC,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;YAC7C,CAAC;YAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,IAAI,EAAE,aAAa,CAAC,CAAC;YAEhE,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,QAAQ,CAAC,GAAG;gBACzB,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;aAClC,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,QAAQ,CAAC,GAAG;gBACzB,KAAK,EACH,KAAK,YAAY,KAAK;oBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;oBACf,CAAC,CAAC,mCAAmC;aAC1C,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,UAAU,CAAC,OAAgC;QACjD,OAAO;YACL,GAAG,OAAO;YACV,GAAG,EAAE,OAAO,CAAC,GAAa;YAC1B,GAAG,EAAE,OAAO,CAAC,GAAa;YAC1B,KAAK,EAAE,OAAO,CAAC,KAA2B;YAC1C,iBAAiB,EAAE,OAAO,CAAC,kBAAwC;YACnE,IAAI,EAAE,OAAO,CAAC,IAA0B;YACxC,WAAW,EAAE,OAAO,CAAC,YAA+C;YACpE,cAAc,EAAE,OAAO,CAAC,eAEX;SACd,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,OAAO,CAAC,OAAe;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC3C,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC5C,OAAO,MAAM,CAAC,MAAM,CAAC;QACvB,CAAC;QAED,MAAM,MAAM,GAAG,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QACpD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,EAAE;YAC1B,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,iBAAiB;SAC/C,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,YAAY,CAAC,KAAa;QAChC,4DAA4D;QAC5D,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE;YAAE,OAAO,KAAK,CAAC;QACrC,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;IACvD,CAAC;IAEO,eAAe,CAAC,KAAa;QACnC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACtC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAEzC,IAAI,KAAK,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,CAAC;QAED,yBAAyB;QACzB,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,WAAW,CAAC,KAAa,EAAE,MAA6B;QAC9D,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QACtC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE;YACzB,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,mBAAmB;SACjD,CAAC,CAAC;IACL,CAAC;IAEO,iBAAiB,CAAC,MAA6B;QACrD,qDAAqD;QACrD,uDAAuD;QACvD,IAAI,MAAM,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAC9B,IAAI,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,IAAI,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,sBAAsB;QACxE,IAAI,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,WAAW,CAAC;YAAE,OAAO,IAAI,CAAC;QACrD,IAAI,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,IAAI,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AA5SD,wDA4SC"}
|
|
@@ -60,6 +60,13 @@ export interface MisoClientConfig {
|
|
|
60
60
|
authStrategy?: AuthStrategy;
|
|
61
61
|
clientTokenUri?: string;
|
|
62
62
|
allowedOrigins?: string[];
|
|
63
|
+
keycloak?: {
|
|
64
|
+
authServerUrl: string;
|
|
65
|
+
realm: string;
|
|
66
|
+
clientId?: string;
|
|
67
|
+
clientSecret?: string;
|
|
68
|
+
verifyAudience?: boolean;
|
|
69
|
+
};
|
|
63
70
|
}
|
|
64
71
|
export interface AuditConfig {
|
|
65
72
|
enabled?: boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,QAAQ,GACR,cAAc,GACd,oBAAoB,GACpB,SAAS,CAAC;AAEd;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,OAAO,EAAE,UAAU,EAAE,CAAC;IAEtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAE/B,QAAQ,EAAE,MAAM,CAAC;IAKjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IAItB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAI7B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,WAAW,CAAC,EAAE,MAAM,CAAC;IAGrB,oBAAoB,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC;IAGrC,oBAAoB,CAAC,EAAE,MAAM,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAG3E,KAAK,CAAC,EAAE,WAAW,CAAC;IAGpB,QAAQ,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAG/C,aAAa,CAAC,EAAE,MAAM,CAAC;IAGvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAGhB,KAAK,CAAC,EAAE;QACN,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC;IAGF,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAG/B,KAAK,CAAC,EAAE,WAAW,CAAC;IAKpB,UAAU,CAAC,EAAE,OAAO,CAAC;IAIrB,YAAY,CAAC,EAAE,YAAY,CAAC;IAG5B,cAAc,CAAC,EAAE,MAAM,CAAC;IAGxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"config.types.d.ts","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,QAAQ,GACR,cAAc,GACd,oBAAoB,GACpB,SAAS,CAAC;AAEd;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,OAAO,EAAE,UAAU,EAAE,CAAC;IAEtB;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAE/B,QAAQ,EAAE,MAAM,CAAC;IAKjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IAItB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAI7B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAG9B,WAAW,CAAC,EAAE,MAAM,CAAC;IAGrB,oBAAoB,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC;IAGrC,oBAAoB,CAAC,EAAE,MAAM,OAAO,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAG3E,KAAK,CAAC,EAAE,WAAW,CAAC;IAGpB,QAAQ,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAG/C,aAAa,CAAC,EAAE,MAAM,CAAC;IAGvB,MAAM,CAAC,EAAE,MAAM,CAAC;IAGhB,KAAK,CAAC,EAAE;QACN,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC;IAGF,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAG/B,KAAK,CAAC,EAAE,WAAW,CAAC;IAKpB,UAAU,CAAC,EAAE,OAAO,CAAC;IAIrB,YAAY,CAAC,EAAE,YAAY,CAAC;IAG5B,cAAc,CAAC,EAAE,MAAM,CAAC;IAGxB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAG1B,QAAQ,CAAC,EAAE;QACT,aAAa,EAAE,MAAM,CAAC;QACtB,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,CAAC;CACH;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,KAAK,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,UAAU,GAAG,MAAM,CAAC;IACrD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,aAAa,EAAE,OAAO,CAAC;IACvB,IAAI,CAAC,EAAE,QAAQ,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,CAAC;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAGlC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IAGpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAG3B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IAGxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IAGpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IAEjB,IAAI,CAAC,EAAE;QACL,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE;QACJ,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,aAAa,CA8BpE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;
|
|
1
|
+
{"version":3,"file":"config.types.js","sourceRoot":"","sources":["../../src/types/config.types.ts"],"names":[],"mappings":";AAAA;;GAEG;;AA4PH,0CA8BC;AAjCD;;GAEG;AACH,SAAgB,eAAe,CAAC,IAAa;IAC3C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,GAAG,GAAG,IAA+B,CAAC;IAE5C,wBAAwB;IACxB,IACE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC;QAC1B,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAC/C,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,oCAAoC;IACpC,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,uBAAuB;IACvB,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACnE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Token validation types for local JWKS-based JWT verification
|
|
3
|
+
* @module token-validation.types
|
|
4
|
+
*/
|
|
5
|
+
import { JWTPayload } from "jose";
|
|
6
|
+
/** Token type for validation routing */
|
|
7
|
+
export type TokenType = "keycloak" | "delegated" | "auto";
|
|
8
|
+
/** Keycloak server configuration for local token validation */
|
|
9
|
+
export interface KeycloakConfig {
|
|
10
|
+
/** Keycloak server URL (e.g., "https://keycloak.example.com") */
|
|
11
|
+
authServerUrl: string;
|
|
12
|
+
/** Keycloak realm name */
|
|
13
|
+
realm: string;
|
|
14
|
+
/** Client ID for audience validation (optional) */
|
|
15
|
+
clientId?: string;
|
|
16
|
+
/** Client secret for confidential clients (optional) */
|
|
17
|
+
clientSecret?: string;
|
|
18
|
+
/** Enable audience validation (default: false) */
|
|
19
|
+
verifyAudience?: boolean;
|
|
20
|
+
}
|
|
21
|
+
/** Configuration for delegated OAuth providers */
|
|
22
|
+
export interface DelegatedProviderConfig {
|
|
23
|
+
/** Provider identifier (e.g., "google", "github") */
|
|
24
|
+
key: string;
|
|
25
|
+
/** Expected issuer claim value */
|
|
26
|
+
issuer: string;
|
|
27
|
+
/** JWKS endpoint URL */
|
|
28
|
+
jwksUri: string;
|
|
29
|
+
/** Expected audience (optional) */
|
|
30
|
+
audience?: string;
|
|
31
|
+
}
|
|
32
|
+
/** Function to look up delegated provider by issuer */
|
|
33
|
+
export type DelegatedProviderLookup = (issuer: string) => Promise<DelegatedProviderConfig | null>;
|
|
34
|
+
/** Options for token validation */
|
|
35
|
+
export interface TokenValidationOptions {
|
|
36
|
+
/** Force token type detection */
|
|
37
|
+
tokenType?: TokenType;
|
|
38
|
+
/** Delegated provider config or lookup function */
|
|
39
|
+
delegatedProvider?: DelegatedProviderConfig | DelegatedProviderLookup;
|
|
40
|
+
/** Skip audience validation */
|
|
41
|
+
skipAudienceValidation?: boolean;
|
|
42
|
+
/** Skip validation result cache (for high-security scenarios) */
|
|
43
|
+
skipResultCache?: boolean;
|
|
44
|
+
}
|
|
45
|
+
/** Result of token validation */
|
|
46
|
+
export interface TokenValidationResult {
|
|
47
|
+
/** Whether token is valid */
|
|
48
|
+
valid: boolean;
|
|
49
|
+
/** Detected or specified token type */
|
|
50
|
+
tokenType: TokenType;
|
|
51
|
+
/** Decoded token payload (if valid) */
|
|
52
|
+
payload?: TokenPayload;
|
|
53
|
+
/** Error message (if invalid) */
|
|
54
|
+
error?: string;
|
|
55
|
+
/** Provider key for delegated tokens */
|
|
56
|
+
providerKey?: string;
|
|
57
|
+
/** True if result came from cache */
|
|
58
|
+
cached?: boolean;
|
|
59
|
+
}
|
|
60
|
+
/** JWT payload with common claims */
|
|
61
|
+
export interface TokenPayload extends JWTPayload {
|
|
62
|
+
/** Subject (user ID) */
|
|
63
|
+
sub: string;
|
|
64
|
+
/** Issuer */
|
|
65
|
+
iss: string;
|
|
66
|
+
/** User email (optional) */
|
|
67
|
+
email?: string;
|
|
68
|
+
/** Preferred username (optional) */
|
|
69
|
+
preferredUsername?: string;
|
|
70
|
+
/** Display name (optional) */
|
|
71
|
+
name?: string;
|
|
72
|
+
/** Keycloak realm roles (optional) */
|
|
73
|
+
realmAccess?: {
|
|
74
|
+
roles: string[];
|
|
75
|
+
};
|
|
76
|
+
/** Keycloak resource/client roles (optional) */
|
|
77
|
+
resourceAccess?: Record<string, {
|
|
78
|
+
roles: string[];
|
|
79
|
+
}>;
|
|
80
|
+
}
|
|
81
|
+
/** Internal cache entry for validation results */
|
|
82
|
+
export interface ValidationCacheEntry {
|
|
83
|
+
/** Cached result */
|
|
84
|
+
result: TokenValidationResult;
|
|
85
|
+
/** Expiration timestamp */
|
|
86
|
+
expiresAt: number;
|
|
87
|
+
}
|
|
88
|
+
//# sourceMappingURL=token-validation.types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-validation.types.d.ts","sourceRoot":"","sources":["../../src/types/token-validation.types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAElC,wCAAwC;AACxC,MAAM,MAAM,SAAS,GAAG,UAAU,GAAG,WAAW,GAAG,MAAM,CAAC;AAE1D,+DAA+D;AAC/D,MAAM,WAAW,cAAc;IAC7B,iEAAiE;IACjE,aAAa,EAAE,MAAM,CAAC;IACtB,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,mDAAmD;IACnD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,wDAAwD;IACxD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kDAAkD;IAClD,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,kDAAkD;AAClD,MAAM,WAAW,uBAAuB;IACtC,qDAAqD;IACrD,GAAG,EAAE,MAAM,CAAC;IACZ,kCAAkC;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,uDAAuD;AACvD,MAAM,MAAM,uBAAuB,GAAG,CACpC,MAAM,EAAE,MAAM,KACX,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAAC;AAE7C,mCAAmC;AACnC,MAAM,WAAW,sBAAsB;IACrC,iCAAiC;IACjC,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,mDAAmD;IACnD,iBAAiB,CAAC,EAAE,uBAAuB,GAAG,uBAAuB,CAAC;IACtE,+BAA+B;IAC/B,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,iEAAiE;IACjE,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,iCAAiC;AACjC,MAAM,WAAW,qBAAqB;IACpC,6BAA6B;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,uCAAuC;IACvC,SAAS,EAAE,SAAS,CAAC;IACrB,uCAAuC;IACvC,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,iCAAiC;IACjC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wCAAwC;IACxC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,qCAAqC;IACrC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,qCAAqC;AACrC,MAAM,WAAW,YAAa,SAAQ,UAAU;IAC9C,wBAAwB;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,4BAA4B;IAC5B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,oCAAoC;IACpC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,8BAA8B;IAC9B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,sCAAsC;IACtC,WAAW,CAAC,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAClC,gDAAgD;IAChD,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;CACtD;AAED,kDAAkD;AAClD,MAAM,WAAW,oBAAoB;IACnC,oBAAoB;IACpB,MAAM,EAAE,qBAAqB,CAAC;IAC9B,2BAA2B;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-validation.types.js","sourceRoot":"","sources":["../../src/types/token-validation.types.ts"],"names":[],"mappings":";AAAA;;;GAGG"}
|
|
@@ -5,11 +5,13 @@
|
|
|
5
5
|
import { EventEmitter } from "events";
|
|
6
6
|
import { LogEntry, MisoClientConfig } from "../types/config.types";
|
|
7
7
|
import { HttpClient } from "./http-client";
|
|
8
|
+
import { ApiClient } from "../api";
|
|
8
9
|
import { RedisService } from "../services/redis.service";
|
|
9
10
|
export declare class AuditLogQueue {
|
|
10
11
|
private queue;
|
|
11
12
|
private flushTimer;
|
|
12
13
|
private httpClient;
|
|
14
|
+
private apiClient?;
|
|
13
15
|
private redis;
|
|
14
16
|
private config;
|
|
15
17
|
private batchSize;
|
|
@@ -21,6 +23,11 @@ export declare class AuditLogQueue {
|
|
|
21
23
|
private static readonly MAX_FAILURES;
|
|
22
24
|
private static readonly DISABLE_DURATION_MS;
|
|
23
25
|
constructor(httpClient: HttpClient, redis: RedisService, config: MisoClientConfig, eventEmitter?: EventEmitter);
|
|
26
|
+
/**
|
|
27
|
+
* Set ApiClient instance (used to resolve circular dependency)
|
|
28
|
+
* @param apiClient - ApiClient instance
|
|
29
|
+
*/
|
|
30
|
+
setApiClient(apiClient: ApiClient): void;
|
|
24
31
|
/**
|
|
25
32
|
* Add log entry to queue
|
|
26
33
|
* Automatically flushes if batch size is reached
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-log-queue.d.ts","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAOzD,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAwB;IACrC,OAAO,CAAC,UAAU,CAA8C;IAChE,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,YAAY,CAAC,CAAe;IAEpC,OAAO,CAAC,mBAAmB,CAAK;IAChC,OAAO,CAAC,wBAAwB,CAAuB;IACvD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAK;IACzC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAS;gBAGlD,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,gBAAgB,EACxB,YAAY,CAAC,EAAE,YAAY;IAkB7B;;;OAGG;IACG,GAAG,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAsBzC;;;OAGG;IACG,KAAK,CAAC,KAAK,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"audit-log-queue.d.ts","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AAOzD,qBAAa,aAAa;IACxB,OAAO,CAAC,KAAK,CAAwB;IACrC,OAAO,CAAC,UAAU,CAA8C;IAChE,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,SAAS,CAAC,CAAY;IAC9B,OAAO,CAAC,KAAK,CAAe;IAC5B,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,YAAY,CAAC,CAAe;IAEpC,OAAO,CAAC,mBAAmB,CAAK;IAChC,OAAO,CAAC,wBAAwB,CAAuB;IACvD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAK;IACzC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAS;gBAGlD,UAAU,EAAE,UAAU,EACtB,KAAK,EAAE,YAAY,EACnB,MAAM,EAAE,gBAAgB,EACxB,YAAY,CAAC,EAAE,YAAY;IAkB7B;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI;IAIxC;;;OAGG;IACG,GAAG,CAAC,KAAK,EAAE,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC;IAsBzC;;;OAGG;IACG,KAAK,CAAC,KAAK,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAmGlD;;OAEG;IACH,YAAY,IAAI,MAAM;IAItB;;OAEG;IACH,KAAK,IAAI,IAAI;CAOd"}
|
|
@@ -27,6 +27,13 @@ class AuditLogQueue {
|
|
|
27
27
|
process.on("beforeExit", () => this.flush(true));
|
|
28
28
|
}
|
|
29
29
|
}
|
|
30
|
+
/**
|
|
31
|
+
* Set ApiClient instance (used to resolve circular dependency)
|
|
32
|
+
* @param apiClient - ApiClient instance
|
|
33
|
+
*/
|
|
34
|
+
setApiClient(apiClient) {
|
|
35
|
+
this.apiClient = apiClient;
|
|
36
|
+
}
|
|
30
37
|
/**
|
|
31
38
|
* Add log entry to queue
|
|
32
39
|
* Automatically flushes if batch size is reached
|
|
@@ -98,14 +105,28 @@ class AuditLogQueue {
|
|
|
98
105
|
}
|
|
99
106
|
// Fallback to HTTP batch endpoint
|
|
100
107
|
try {
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
108
|
+
// Use ApiClient if available, otherwise fallback to HttpClient
|
|
109
|
+
if (this.apiClient) {
|
|
110
|
+
await this.apiClient.logs.createBatchLogs({
|
|
111
|
+
logs: logEntries.map((e) => ({
|
|
112
|
+
...e,
|
|
113
|
+
// Remove fields that backend extracts from credentials
|
|
114
|
+
environment: undefined,
|
|
115
|
+
application: undefined,
|
|
116
|
+
})),
|
|
117
|
+
});
|
|
118
|
+
}
|
|
119
|
+
else {
|
|
120
|
+
// Fallback to HttpClient (shouldn't happen after initialization)
|
|
121
|
+
await this.httpClient.request("POST", "/api/v1/logs/batch", {
|
|
122
|
+
logs: logEntries.map((e) => ({
|
|
123
|
+
...e,
|
|
124
|
+
// Remove fields that backend extracts from credentials
|
|
125
|
+
environment: undefined,
|
|
126
|
+
application: undefined,
|
|
127
|
+
})),
|
|
128
|
+
});
|
|
129
|
+
}
|
|
109
130
|
// Success - reset failure counter
|
|
110
131
|
this.httpLoggingFailures = 0;
|
|
111
132
|
this.httpLoggingDisabledUntil = null;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-log-queue.js","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;
|
|
1
|
+
{"version":3,"file":"audit-log-queue.js","sourceRoot":"","sources":["../../src/utils/audit-log-queue.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAaH,MAAa,aAAa;IAiBxB,YACE,UAAsB,EACtB,KAAmB,EACnB,MAAwB,EACxB,YAA2B;QApBrB,UAAK,GAAqB,EAAE,CAAC;QAC7B,eAAU,GAAyC,IAAI,CAAC;QAOxD,eAAU,GAAG,KAAK,CAAC;QAE3B,2EAA2E;QACnE,wBAAmB,GAAG,CAAC,CAAC;QACxB,6BAAwB,GAAkB,IAAI,CAAC;QAUrD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;QACvC,IAAI,CAAC,SAAS,GAAG,WAAW,CAAC,SAAS,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,WAAW,CAAC,aAAa,IAAI,GAAG,CAAC;QAEtD,iDAAiD;QACjD,IAAI,OAAO,OAAO,KAAK,WAAW,EAAE,CAAC;YACnC,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7C,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;YAC9C,OAAO,CAAC,EAAE,CAAC,YAAY,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,YAAY,CAAC,SAAoB;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,GAAG,CAAC,KAAe;QACvB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YACd,KAAK;YACL,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,8BAA8B;QAC9B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACxB,OAAO;QACT,CAAC;QAED,uCAAuC;QACvC,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC,GAAG,EAAE;gBAChC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;oBAC3B,gCAAgC;gBAClC,CAAC,CAAC,CAAC;YACL,CAAC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CAAC,QAAiB,KAAK;QAChC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,OAAO;QACT,CAAC;QAED,oBAAoB;QACpB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QAEvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YAEpD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACzB,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAE/C,iEAAiE;YACjE,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAChD,wDAAwD;gBACxD,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;gBAChD,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,iCAAiC;YACjC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBAC7B,MAAM,SAAS,GAAG,cAAc,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,KAAK,CACpC,SAAS,EACT,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAC3B,CAAC;gBAEF,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;oBACxB,OAAO,CAAC,+BAA+B;gBACzC,CAAC;YACH,CAAC;YAED,2EAA2E;YAC3E,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,IAAI,IAAI,CAAC,wBAAwB,IAAI,GAAG,GAAG,IAAI,CAAC,wBAAwB,EAAE,CAAC;gBACzE,sDAAsD;gBACtD,OAAO;YACT,CAAC;YAED,kCAAkC;YAClC,IAAI,CAAC;gBACH,+DAA+D;gBAC/D,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;oBACnB,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,eAAe,CAAC;wBACxC,IAAI,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;4BAC3B,GAAG,CAAC;4BACJ,uDAAuD;4BACvD,WAAW,EAAE,SAAS;4BACtB,WAAW,EAAE,SAAS;yBACvB,CAAC,CAAC;qBACJ,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,iEAAiE;oBACjE,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,oBAAoB,EAAE;wBAC1D,IAAI,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;4BAC3B,GAAG,CAAC;4BACJ,uDAAuD;4BACvD,WAAW,EAAE,SAAS;4BACtB,WAAW,EAAE,SAAS;yBACvB,CAAC,CAAC;qBACJ,CAAC,CAAC;gBACL,CAAC;gBACD,kCAAkC;gBAClC,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC;gBAC7B,IAAI,CAAC,wBAAwB,GAAG,IAAI,CAAC;YACvC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,2EAA2E;gBAC3E,IAAI,CAAC,mBAAmB,EAAE,CAAC;gBAC3B,IAAI,IAAI,CAAC,mBAAmB,IAAI,aAAa,CAAC,YAAY,EAAE,CAAC;oBAC3D,2DAA2D;oBAC3D,IAAI,CAAC,wBAAwB,GAAG,GAAG,GAAG,aAAa,CAAC,mBAAmB,CAAC;oBACxE,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC,CAAC,gDAAgD;gBAChF,CAAC;gBACD,wCAAwC;YAC1C,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,gDAAgD;QAClD,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;QAC1B,CAAC;IACH,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;IAClB,CAAC;;AAhMH,sCAiMC;AAnLyB,0BAAY,GAAG,CAAC,AAAJ,CAAK;AACjB,iCAAmB,GAAG,KAAK,AAAR,CAAS,CAAC,WAAW"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-client.d.ts","sourceRoot":"","sources":["../../src/utils/data-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EAEd,WAAW,EACZ,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"data-client.d.ts","sourceRoot":"","sources":["../../src/utils/data-client.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EAEd,WAAW,EACZ,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AA8BhD,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAEjD,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAAmB;IACjC,OAAO,CAAC,UAAU,CAA2B;IAC7C,OAAO,CAAC,KAAK,CAAsC;IACnD,OAAO,CAAC,eAAe,CAA4C;IACnE,OAAO,CAAC,YAAY,CAAyB;IAC7C,OAAO,CAAC,OAAO,CAYb;IACF,OAAO,CAAC,iBAAiB,CAAyC;IAClE,OAAO,CAAC,WAAW,CAAmC;gBAE1C,MAAM,EAAE,gBAAgB;IAiIpC;;OAEG;IACH,OAAO,CAAC,QAAQ;IAIhB;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACH,OAAO,CAAC,WAAW;IAQnB;;;;OAIG;YACW,cAAc;IAQ5B;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAIxB;;OAEG;IACH,eAAe,IAAI,OAAO;IAI1B;;;;;;OAMG;IACH,mBAAmB,IAAI,MAAM,GAAG,IAAI;IAIpC;;;;OAIG;IACG,eAAe,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI1D;;;;OAIG;IACG,MAAM,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWjD;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI;IAIhD;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI;IAIlD;;;;OAIG;IACH,WAAW,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI;IAkB7D;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;OAEG;IACH,UAAU,IAAI,cAAc;IA8B5B;;OAEG;YACW,OAAO;IAuErB;;;OAGG;YACW,gBAAgB;IA6B9B;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;OAEG;YACW,uBAAuB;IAYrC;;OAEG;IACG,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,CAAC,CAAC;IAQvE;;OAEG;IACG,IAAI,CAAC,CAAC,EACV,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE,OAAO,EACd,OAAO,CAAC,EAAE,iBAAiB,GAC1B,OAAO,CAAC,CAAC,CAAC;IAab;;OAEG;IACG,GAAG,CAAC,CAAC,EACT,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE,OAAO,EACd,OAAO,CAAC,EAAE,iBAAiB,GAC1B,OAAO,CAAC,CAAC,CAAC;IAab;;OAEG;IACG,KAAK,CAAC,CAAC,EACX,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE,OAAO,EACd,OAAO,CAAC,EAAE,iBAAiB,GAC1B,OAAO,CAAC,CAAC,CAAC;IAab;;OAEG;IACG,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,CAAC,CAAC;IAU1E;;;;OAIG;IACG,cAAc,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAavD;;;;;OAKG;IACG,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAazE;;;;;OAKG;IACG,gBAAgB,CACpB,WAAW,EAAE,MAAM,EAAE,EACrB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC;IAanB;;;;;OAKG;IACG,iBAAiB,CACrB,WAAW,EAAE,MAAM,EAAE,EACrB,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC;IAanB;;;;OAIG;IACG,kBAAkB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAa3D;;;OAGG;IACG,qBAAqB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa1D;;;;OAIG;IACG,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAajD;;;;;OAKG;IACG,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAa7D;;;;;OAKG;IACG,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAanE;;;;;OAKG;IACG,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAapE;;;;OAIG;IACG,YAAY,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAarD;;;OAGG;IACG,eAAe,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAepD;;;;OAIG;IACG,aAAa,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAarD;;;;OAIG;IACG,OAAO,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAavD;;;;OAIG;IACG,WAAW,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;IAa3D;;;;OAIG;IACG,oBAAoB,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5D;;;;;;;OAOG;IACG,mBAAmB,IAAI,OAAO,CAAC,MAAM,CAAC;IAI5C;;;;;OAKG;IACH,kBAAkB,IAAI,eAAe,GAAG,IAAI;CAG7C;AAOD;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,CAAC,EAAE,gBAAgB,GAAG,UAAU,CAUhE"}
|
|
@@ -51,6 +51,7 @@ const browser_role_service_1 = require("../services/browser-role.service");
|
|
|
51
51
|
const cache_service_1 = require("../services/cache.service");
|
|
52
52
|
const http_client_1 = require("../utils/http-client");
|
|
53
53
|
const internal_http_client_1 = require("../utils/internal-http-client");
|
|
54
|
+
const api_1 = require("../api");
|
|
54
55
|
const logger_service_1 = require("../services/logger.service");
|
|
55
56
|
const redis_service_1 = require("../services/redis.service");
|
|
56
57
|
class DataClient {
|
|
@@ -152,11 +153,15 @@ class DataClient {
|
|
|
152
153
|
// Update LoggerService to use the new HttpClient (for logging)
|
|
153
154
|
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
154
155
|
logger.httpClient = httpClient;
|
|
156
|
+
// Create ApiClient that wraps HttpClient (provides typed API interfaces)
|
|
157
|
+
const apiClient = new api_1.ApiClient(httpClient);
|
|
158
|
+
// Set ApiClient in LoggerService (resolves circular dependency)
|
|
159
|
+
logger.setApiClient(apiClient);
|
|
155
160
|
// Create CacheService without Redis (in-memory only for browser)
|
|
156
161
|
const cacheService = new cache_service_1.CacheService(undefined);
|
|
157
|
-
// Create browser-compatible services
|
|
158
|
-
this.permissionService = new browser_permission_service_1.BrowserPermissionService(httpClient, cacheService);
|
|
159
|
-
this.roleService = new browser_role_service_1.BrowserRoleService(httpClient, cacheService);
|
|
162
|
+
// Create browser-compatible services (pass both httpClient and apiClient)
|
|
163
|
+
this.permissionService = new browser_permission_service_1.BrowserPermissionService(httpClient, apiClient, cacheService);
|
|
164
|
+
this.roleService = new browser_role_service_1.BrowserRoleService(httpClient, apiClient, cacheService);
|
|
160
165
|
}
|
|
161
166
|
// Auto-handle OAuth callback on initialization (browser only)
|
|
162
167
|
// This ensures tokens are extracted immediately when DataClient is created
|