@alanszp/jwt 10.0.1 → 11.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/JWTUser.d.ts +31 -0
  2. package/dist/JWTUser.js +62 -0
  3. package/dist/JWTUser.js.map +1 -0
  4. package/dist/index.d.ts +1 -0
  5. package/dist/index.js +1 -0
  6. package/dist/index.js.map +1 -1
  7. package/dist/jwt.d.ts +2 -3
  8. package/dist/jwt.js +4 -26
  9. package/dist/jwt.js.map +1 -1
  10. package/dist/types.d.ts +3 -3
  11. package/package.json +2 -2
  12. package/src/JWTUser.ts +85 -0
  13. package/src/index.ts +1 -0
  14. package/src/jwt.ts +4 -29
  15. package/src/types.ts +3 -3
package/dist/JWTUser.d.ts ADDED
@@ -0,0 +1,31 @@
1
+ import { IJWTUser, JWTPayload } from "./types";
2
+ export declare class JWTUser implements IJWTUser {
3
+ id: string;
4
+ employeeReference: string | null;
5
+ organizationReference: string;
6
+ originalOrganizationReference: string | null;
7
+ roles: string[];
8
+ permissions: string;
9
+ segmentReference: string | null;
10
+ constructor({ id, employeeReference, organizationReference, roles, permissions, segmentReference, }: IJWTUser);
11
+ static fromPayload(payload: JWTPayload): JWTUser;
12
+ toTokenPayload(): JWTPayload;
13
+ /**
14
+ * Old way of checking for a role
15
+ * Will be replaced by permission checks
16
+ * @param role - role code to check
17
+ */
18
+ hasRole(role: string): boolean;
19
+ /**
20
+ * Old way of checking for roles
21
+ * Will be replaced by permission checks
22
+ */
23
+ hasRoles(validateRoles: string | string[]): boolean;
24
+ /**
25
+ * Check if user has permission to perform an action
26
+ * @note - not implemented, will be implemented in the next release
27
+ * @param permissionCode - permission code to check
28
+ * @returns boolean
29
+ */
30
+ hasPermission(_permissionCode: string): boolean;
31
+ }
package/dist/JWTUser.js ADDED
@@ -0,0 +1,62 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.JWTUser = void 0;
4
+ class JWTUser {
5
+ constructor({ id, employeeReference, organizationReference, roles, permissions, segmentReference, }) {
6
+ this.id = id;
7
+ this.employeeReference = employeeReference;
8
+ this.organizationReference = organizationReference;
9
+ this.roles = roles;
10
+ this.permissions = permissions;
11
+ this.segmentReference = segmentReference;
12
+ }
13
+ static fromPayload(payload) {
14
+ return new JWTUser({
15
+ id: payload.sub,
16
+ employeeReference: payload.ref,
17
+ organizationReference: payload.org,
18
+ roles: payload.rls,
19
+ permissions: payload.prms,
20
+ segmentReference: payload.seg || null,
21
+ });
22
+ }
23
+ toTokenPayload() {
24
+ return {
25
+ sub: this.id,
26
+ ref: this.employeeReference,
27
+ org: this.organizationReference,
28
+ rls: this.roles,
29
+ prms: this.permissions,
30
+ seg: this.segmentReference,
31
+ };
32
+ }
33
+ /**
34
+ * Old way of checking for a role
35
+ * Will be replaced by permission checks
36
+ * @param role - role code to check
37
+ */
38
+ hasRole(role) {
39
+ return this.roles.includes(role);
40
+ }
41
+ /**
42
+ * Old way of checking for roles
43
+ * Will be replaced by permission checks
44
+ */
45
+ hasRoles(validateRoles) {
46
+ if (typeof validateRoles === "string") {
47
+ return this.hasRole(validateRoles);
48
+ }
49
+ return validateRoles.some((role) => this.hasRole(role));
50
+ }
51
+ /**
52
+ * Check if user has permission to perform an action
53
+ * @note - not implemented, will be implemented in the next release
54
+ * @param permissionCode - permission code to check
55
+ * @returns boolean
56
+ */
57
+ hasPermission(_permissionCode) {
58
+ throw new Error("Not implemented");
59
+ }
60
+ }
61
+ exports.JWTUser = JWTUser;
62
+ //# sourceMappingURL=JWTUser.js.map
package/dist/JWTUser.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JWTUser.js","sourceRoot":"","sources":["../src/JWTUser.ts"],"names":[],"mappings":";;;AAEA,MAAa,OAAO;IAelB,YAAY,EACV,EAAE,EACF,iBAAiB,EACjB,qBAAqB,EACrB,KAAK,EACL,WAAW,EACX,gBAAgB,GACP;QACT,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;QAC3C,IAAI,CAAC,qBAAqB,GAAG,qBAAqB,CAAC;QACnD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IAC3C,CAAC;IAED,MAAM,CAAC,WAAW,CAAC,OAAmB;QACpC,OAAO,IAAI,OAAO,CAAC;YACjB,EAAE,EAAE,OAAO,CAAC,GAAG;YACf,iBAAiB,EAAE,OAAO,CAAC,GAAG;YAC9B,qBAAqB,EAAE,OAAO,CAAC,GAAG;YAClC,KAAK,EAAE,OAAO,CAAC,GAAG;YAClB,WAAW,EAAE,OAAO,CAAC,IAAI;YACzB,gBAAgB,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;SACtC,CAAC,CAAC;IACL,CAAC;IAEM,cAAc;QACnB,OAAO;YACL,GAAG,EAAE,IAAI,CAAC,EAAE;YACZ,GAAG,EAAE,IAAI,CAAC,iBAAiB;YAC3B,GAAG,EAAE,IAAI,CAAC,qBAAqB;YAC/B,GAAG,EAAE,IAAI,CAAC,KAAK;YACf,IAAI,EAAE,IAAI,CAAC,WAAW;YACtB,GAAG,EAAE,IAAI,CAAC,gBAAgB;SAC3B,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACI,OAAO,CAAC,IAAY;QACzB,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IAED;;;OAGG;IACI,QAAQ,CAAC,aAAgC;QAC9C,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE;YACrC,OAAO,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;SACpC;QACD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED;;;;;OAKG;IACI,aAAa,CAAC,eAAuB;QAC1C,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;CACF;AAlFD,0BAkFC"}
package/dist/index.d.ts CHANGED
@@ -1,2 +1,3 @@
1
1
  export * from "./types";
2
+ export * from "./JWTUser";
2
3
  export * from "./jwt";
package/dist/index.js CHANGED
@@ -11,5 +11,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
11
11
  };
12
12
  Object.defineProperty(exports, "__esModule", { value: true });
13
13
  __exportStar(require("./types"), exports);
14
+ __exportStar(require("./JWTUser"), exports);
14
15
  __exportStar(require("./jwt"), exports);
15
16
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CAAwB;AACxB,wCAAsB"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,0CAAwB;AACxB,4CAA0B;AAC1B,wCAAsB"}
package/dist/jwt.d.ts CHANGED
@@ -1,12 +1,11 @@
1
1
  /// <reference types="node" />
2
2
  import { KeyObject } from "crypto";
3
- import type { JWTPayload, JWTUser, SignOptions, VerifyOptions } from "./types";
3
+ import type { SignOptions, VerifyOptions } from "./types";
4
+ import { JWTUser } from "./JWTUser";
4
5
  export declare const JWT_ALGORITHM = "RS512";
5
6
  export declare function privateKeyFromPem(key: string): KeyObject;
6
7
  export declare function publicKeyFromPem(key: string): KeyObject;
7
8
  export declare function withDefaultSignOptions(options?: Partial<SignOptions>): SignOptions;
8
9
  export declare function withDefaultVerifyOptions(options?: Partial<VerifyOptions>): VerifyOptions;
9
10
  export declare function generateJWT(privateKey: KeyObject | string, user: JWTUser, options?: Partial<SignOptions>): Promise<string>;
10
- export declare function createTokenPayload(user: JWTUser): JWTPayload;
11
11
  export declare function verifyJWT(publicKey: KeyObject | string, token: string, options?: Partial<VerifyOptions>): Promise<JWTUser>;
12
- export declare function jwtUserHasRoles(jwtUser: JWTUser, roles: string | string[]): boolean;
package/dist/jwt.js CHANGED
@@ -9,9 +9,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
9
9
  });
10
10
  };
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.jwtUserHasRoles = exports.verifyJWT = exports.createTokenPayload = exports.generateJWT = exports.withDefaultVerifyOptions = exports.withDefaultSignOptions = exports.publicKeyFromPem = exports.privateKeyFromPem = exports.JWT_ALGORITHM = void 0;
12
+ exports.verifyJWT = exports.generateJWT = exports.withDefaultVerifyOptions = exports.withDefaultSignOptions = exports.publicKeyFromPem = exports.privateKeyFromPem = exports.JWT_ALGORITHM = void 0;
13
13
  const crypto_1 = require("crypto");
14
14
  const jose_1 = require("jose");
15
+ const JWTUser_1 = require("./JWTUser");
15
16
  exports.JWT_ALGORITHM = "RS512";
16
17
  function privateKeyFromPem(key) {
17
18
  return (0, crypto_1.createPrivateKey)({
@@ -39,7 +40,7 @@ function generateJWT(privateKey, user, options) {
39
40
  return __awaiter(this, void 0, void 0, function* () {
40
41
  const key = typeof privateKey === "string" ? privateKeyFromPem(privateKey) : privateKey;
41
42
  const opts = withDefaultSignOptions(options);
42
- return new jose_1.SignJWT(createTokenPayload(user))
43
+ return new jose_1.SignJWT(user.toTokenPayload())
43
44
  .setProtectedHeader({ alg: exports.JWT_ALGORITHM })
44
45
  .setIssuedAt()
45
46
  .setIssuer(opts.issuer)
@@ -49,17 +50,6 @@ function generateJWT(privateKey, user, options) {
49
50
  });
50
51
  }
51
52
  exports.generateJWT = generateJWT;
52
- function createTokenPayload(user) {
53
- return {
54
- sub: user.id,
55
- ref: user.employeeReference,
56
- org: user.organizationReference,
57
- rls: user.roles,
58
- prms: user.permissions,
59
- seg: user.segmentReference,
60
- };
61
- }
62
- exports.createTokenPayload = createTokenPayload;
63
53
  function verifyJWT(publicKey, token, options) {
64
54
  return __awaiter(this, void 0, void 0, function* () {
65
55
  const key = typeof publicKey === "string" ? publicKeyFromPem(publicKey) : publicKey;
@@ -70,20 +60,8 @@ function verifyJWT(publicKey, token, options) {
70
60
  audience: opts.audience,
71
61
  });
72
62
  const payload = verify.payload;
73
- return {
74
- id: payload.sub,
75
- employeeReference: payload.ref,
76
- organizationReference: payload.org,
77
- roles: payload.rls,
78
- permissions: payload.prms,
79
- segmentReference: payload.seg || null,
80
- };
63
+ return JWTUser_1.JWTUser.fromPayload(payload);
81
64
  });
82
65
  }
83
66
  exports.verifyJWT = verifyJWT;
84
- function jwtUserHasRoles(jwtUser, roles) {
85
- const validateRoles = typeof roles === "string" ? [roles] : roles;
86
- return validateRoles.some((role) => jwtUser.roles.includes(role));
87
- }
88
- exports.jwtUserHasRoles = jwtUserHasRoles;
89
67
  //# sourceMappingURL=jwt.js.map
package/dist/jwt.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,mCAAsE;AACtE,+BAA0C;AAG7B,QAAA,aAAa,GAAG,OAAO,CAAC;AAErC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO,IAAA,yBAAgB,EAAC;QACtB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,8CAKC;AAED,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,OAAO,IAAA,wBAAe,EAAC;QACrB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,4CAKC;AAED,SAAgB,sBAAsB,CACpC,OAA8B;IAE9B,uBACE,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,KAAK,EACf,UAAU,EAAE,KAAK,IACd,OAAO,EACV;AACJ,CAAC;AATD,wDASC;AAED,SAAgB,wBAAwB,CACtC,OAAgC;IAEhC,uBACE,MAAM,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC3B,QAAQ,EAAE,KAAK,IACZ,OAAO,EACV;AACJ,CAAC;AARD,4DAQC;AAED,SAAsB,WAAW,CAC/B,UAA8B,EAC9B,IAAa,EACb,OAA8B;;QAE9B,MAAM,GAAG,GACP,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;QAE9E,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAE7C,OAAO,IAAI,cAAO,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;aACzC,kBAAkB,CAAC,EAAE,GAAG,EAAE,qBAAa,EAAE,CAAC;aAC1C,WAAW,EAAE;aACb,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;aACtB,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;aAC1B,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC;aAClC,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;CAAA;AAjBD,kCAiBC;AAED,SAAgB,kBAAkB,CAAC,IAAa;IAC9C,OAAO;QACL,GAAG,EAAE,IAAI,CAAC,EAAE;QACZ,GAAG,EAAE,IAAI,CAAC,iBAAiB;QAC3B,GAAG,EAAE,IAAI,CAAC,qBAAqB;QAC/B,GAAG,EAAE,IAAI,CAAC,KAAK;QACf,IAAI,EAAE,IAAI,CAAC,WAAW;QACtB,GAAG,EAAE,IAAI,CAAC,gBAAgB;KAC3B,CAAC;AACJ,CAAC;AATD,gDASC;AAED,SAAsB,SAAS,CAC7B,SAA6B,EAC7B,KAAa,EACb,OAAgC;;QAEhC,MAAM,GAAG,GACP,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE1E,MAAM,IAAI,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAE/C,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,GAAG,EAAE;YACzC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,CAAC,qBAAa,CAAC;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,MAAM,CAAC,OAAqB,CAAC;QAE7C,OAAO;YACL,EAAE,EAAE,OAAO,CAAC,GAAG;YACf,iBAAiB,EAAE,OAAO,CAAC,GAAG;YAC9B,qBAAqB,EAAE,OAAO,CAAC,GAAG;YAClC,KAAK,EAAE,OAAO,CAAC,GAAG;YAClB,WAAW,EAAE,OAAO,CAAC,IAAI;YACzB,gBAAgB,EAAE,OAAO,CAAC,GAAG,IAAI,IAAI;SACtC,CAAC;IACJ,CAAC;CAAA;AA1BD,8BA0BC;AAED,SAAgB,eAAe,CAC7B,OAAgB,EAChB,KAAwB;IAExB,MAAM,aAAa,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAClE,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACpE,CAAC;AAND,0CAMC"}
1
+ {"version":3,"file":"jwt.js","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,mCAAsE;AACtE,+BAA0C;AAE1C,uCAAoC;AAEvB,QAAA,aAAa,GAAG,OAAO,CAAC;AAErC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO,IAAA,yBAAgB,EAAC;QACtB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,8CAKC;AAED,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,OAAO,IAAA,wBAAe,EAAC;QACrB,GAAG;QACH,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AALD,4CAKC;AAED,SAAgB,sBAAsB,CACpC,OAA8B;IAE9B,uBACE,MAAM,EAAE,OAAO,EACf,QAAQ,EAAE,KAAK,EACf,UAAU,EAAE,KAAK,IACd,OAAO,EACV;AACJ,CAAC;AATD,wDASC;AAED,SAAgB,wBAAwB,CACtC,OAAgC;IAEhC,uBACE,MAAM,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC,EAC3B,QAAQ,EAAE,KAAK,IACZ,OAAO,EACV;AACJ,CAAC;AARD,4DAQC;AAED,SAAsB,WAAW,CAC/B,UAA8B,EAC9B,IAAa,EACb,OAA8B;;QAE9B,MAAM,GAAG,GACP,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;QAE9E,MAAM,IAAI,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAE7C,OAAO,IAAI,cAAO,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;aACtC,kBAAkB,CAAC,EAAE,GAAG,EAAE,qBAAa,EAAE,CAAC;aAC1C,WAAW,EAAE;aACb,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;aACtB,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;aAC1B,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC;aAClC,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;CAAA;AAjBD,kCAiBC;AAED,SAAsB,SAAS,CAC7B,SAA6B,EAC7B,KAAa,EACb,OAAgC;;QAEhC,MAAM,GAAG,GACP,OAAO,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAE1E,MAAM,IAAI,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAE/C,MAAM,MAAM,GAAG,MAAM,IAAA,gBAAS,EAAC,KAAK,EAAE,GAAG,EAAE;YACzC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,CAAC,qBAAa,CAAC;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,MAAM,CAAC,OAAqB,CAAC;QAE7C,OAAO,iBAAO,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;CAAA;AAnBD,8BAmBC"}
package/dist/types.d.ts CHANGED
@@ -4,15 +4,15 @@ export interface JWTPayload extends LibPayload {
4
4
  ref: string | null;
5
5
  org: string;
6
6
  rls: string[];
7
- prms: string[];
7
+ prms: string;
8
8
  seg: string | null;
9
9
  }
10
- export interface JWTUser {
10
+ export interface IJWTUser {
11
11
  id: string;
12
12
  employeeReference: string | null;
13
13
  organizationReference: string;
14
14
  roles: string[];
15
- permissions: string[];
15
+ permissions: string;
16
16
  segmentReference: string | null;
17
17
  }
18
18
  export interface SignOptions {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@alanszp/jwt",
3
- "version": "10.0.1",
3
+ "version": "11.0.0",
4
4
  "description": "Alan's jwt validator & signer.",
5
5
  "main": "dist/index.js",
6
6
  "typings": "dist/index.d.ts",
@@ -26,5 +26,5 @@
26
26
  "dependencies": {
27
27
  "jose": "^5.2.2"
28
28
  },
29
- "gitHead": "43e1ad79adf9f06c314132d67495cee96dd82612"
29
+ "gitHead": "60b62fa2fff34ef094ea9af69c2bed2373c70f64"
30
30
  }
package/src/JWTUser.ts ADDED
@@ -0,0 +1,85 @@
1
+ import { IJWTUser, JWTPayload } from "./types";
2
+
3
+ export class JWTUser implements IJWTUser {
4
+ id: string;
5
+
6
+ employeeReference: string | null;
7
+
8
+ organizationReference: string;
9
+
10
+ originalOrganizationReference: string | null;
11
+
12
+ roles: string[];
13
+
14
+ permissions: string;
15
+
16
+ segmentReference: string | null;
17
+
18
+ constructor({
19
+ id,
20
+ employeeReference,
21
+ organizationReference,
22
+ roles,
23
+ permissions,
24
+ segmentReference,
25
+ }: IJWTUser) {
26
+ this.id = id;
27
+ this.employeeReference = employeeReference;
28
+ this.organizationReference = organizationReference;
29
+ this.roles = roles;
30
+ this.permissions = permissions;
31
+ this.segmentReference = segmentReference;
32
+ }
33
+
34
+ static fromPayload(payload: JWTPayload): JWTUser {
35
+ return new JWTUser({
36
+ id: payload.sub,
37
+ employeeReference: payload.ref,
38
+ organizationReference: payload.org,
39
+ roles: payload.rls,
40
+ permissions: payload.prms,
41
+ segmentReference: payload.seg || null,
42
+ });
43
+ }
44
+
45
+ public toTokenPayload(): JWTPayload {
46
+ return {
47
+ sub: this.id,
48
+ ref: this.employeeReference,
49
+ org: this.organizationReference,
50
+ rls: this.roles,
51
+ prms: this.permissions,
52
+ seg: this.segmentReference,
53
+ };
54
+ }
55
+
56
+ /**
57
+ * Old way of checking for a role
58
+ * Will be replaced by permission checks
59
+ * @param role - role code to check
60
+ */
61
+ public hasRole(role: string): boolean {
62
+ return this.roles.includes(role);
63
+ }
64
+
65
+ /**
66
+ * Old way of checking for roles
67
+ * Will be replaced by permission checks
68
+ */
69
+ public hasRoles(validateRoles: string | string[]): boolean {
70
+ if (typeof validateRoles === "string") {
71
+ return this.hasRole(validateRoles);
72
+ }
73
+ return validateRoles.some((role) => this.hasRole(role));
74
+ }
75
+
76
+ /**
77
+ * Check if user has permission to perform an action
78
+ * @note - not implemented, will be implemented in the next release
79
+ * @param permissionCode - permission code to check
80
+ * @returns boolean
81
+ */
82
+ public hasPermission(_permissionCode: string): boolean {
83
+ throw new Error("Not implemented");
84
+ }
85
+ }
package/src/index.ts CHANGED
@@ -1,2 +1,3 @@
1
1
  export * from "./types";
2
+ export * from "./JWTUser";
2
3
  export * from "./jwt";
package/src/jwt.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import { createPublicKey, createPrivateKey, KeyObject } from "crypto";
2
2
  import { SignJWT, jwtVerify } from "jose";
3
- import type { JWTPayload, JWTUser, SignOptions, VerifyOptions } from "./types";
3
+ import type { JWTPayload, SignOptions, VerifyOptions } from "./types";
4
+ import { JWTUser } from "./JWTUser";
4
5
 
5
6
  export const JWT_ALGORITHM = "RS512";
6
7
 
@@ -49,7 +50,7 @@ export async function generateJWT(
49
50
 
50
51
  const opts = withDefaultSignOptions(options);
51
52
 
52
- return new SignJWT(createTokenPayload(user))
53
+ return new SignJWT(user.toTokenPayload())
53
54
  .setProtectedHeader({ alg: JWT_ALGORITHM })
54
55
  .setIssuedAt()
55
56
  .setIssuer(opts.issuer)
@@ -58,17 +59,6 @@ export async function generateJWT(
58
59
  .sign(key);
59
60
  }
60
61
 
61
- export function createTokenPayload(user: JWTUser): JWTPayload {
62
- return {
63
- sub: user.id,
64
- ref: user.employeeReference,
65
- org: user.organizationReference,
66
- rls: user.roles,
67
- prms: user.permissions,
68
- seg: user.segmentReference,
69
- };
70
- }
71
-
72
62
  export async function verifyJWT(
73
63
  publicKey: KeyObject | string,
74
64
  token: string,
@@ -87,20 +77,5 @@ export async function verifyJWT(
87
77
 
88
78
  const payload = verify.payload as JWTPayload;
89
79
 
90
- return {
91
- id: payload.sub,
92
- employeeReference: payload.ref,
93
- organizationReference: payload.org,
94
- roles: payload.rls,
95
- permissions: payload.prms,
96
- segmentReference: payload.seg || null,
97
- };
98
- }
99
-
100
- export function jwtUserHasRoles(
101
- jwtUser: JWTUser,
102
- roles: string | string[]
103
- ): boolean {
104
- const validateRoles = typeof roles === "string" ? [roles] : roles;
105
- return validateRoles.some((role) => jwtUser.roles.includes(role));
80
+ return JWTUser.fromPayload(payload);
106
81
  }
package/src/types.ts CHANGED
@@ -5,17 +5,17 @@ export interface JWTPayload extends LibPayload {
5
5
  ref: string | null;
6
6
  org: string;
7
7
  rls: string[];
8
- prms: string[];
8
+ prms: string;
9
9
  // segmentReference
10
10
  seg: string | null;
11
11
  }
12
12
 
13
- export interface JWTUser {
13
+ export interface IJWTUser {
14
14
  id: string;
15
15
  employeeReference: string | null;
16
16
  organizationReference: string;
17
17
  roles: string[];
18
- permissions: string[];
18
+ permissions: string;
19
19
  segmentReference: string | null;
20
20
  }
21
21