@api-client/core 0.8.15 → 0.8.17

package/src/runtime/http-runner/HttpRequestRunner.ts

@@ -9,7 +9,7 @@ import { HttpEngineOptions } from '../http-engine/HttpEngine.js';
 import { CoreEngine } from '../http-engine/CoreEngine.js';
 import { Logger } from '../../lib/logging/Logger.js';
 import { CookieJar } from '../../cookies/CookieJar.js';
-import { RequestAuthorizationProcessor } from './RequestAuthorizationProcessor.js';
+import { SecurityProcessor } from '../../authorization/lib/SecurityProcessor.js';
 import { RequestCookiesProcessor } from './RequestCookiesProcessor.js';
 import { HttpFlowRunner } from './HttpFlowRunner.js';
 import { ISentRequest } from "../../models/SentRequest.js";
@@ -174,7 +174,7 @@ export class HttpRequestRunner {
 
   async applyAuthorization(request: IHttpRequest): Promise<IHttpRequest> {
     const auth = await this.readAuthorization();
-    RequestAuthorizationProcessor.setAuthorization(request, auth);
+    SecurityProcessor.applyAuthorization(request, auth);
     return request;
   }
 
@@ -264,7 +264,7 @@ export class HttpRequestRunner {
     const { logger, signal } = this;
     const auth = await this.readAuthorization();
     const config = await this.readConfig();
-    const cert = RequestAuthorizationProcessor.readCertificate(auth);
+    const cert = SecurityProcessor.readCertificate(auth);
     const opts: HttpEngineOptions = {};
     if (cert) {
       opts.certificates = [cert];

package/src/runtime/node/ProjectRequestRunner.ts

@@ -251,12 +251,17 @@ export class ProjectRequestRunner extends EventEmitter {
     const info: IRunResult = {
       key: request.key,
     };
+    let url: string | undefined;
+    const typedProject = request as ProjectRequest;
+    if (typeof typedProject.readUrl === 'function') {
+      url = typedProject.readUrl({ variables });
+    }
     const requestData = request.expects.toJSON();
     
     try {
       // Below replaces the single call to the `run()` function of the factory to 
       // report via the events a request object that has evaluated with the Jexl library.
-      requestData.url = factory.prepareRequestUrl(requestData.url, variables);
+      requestData.url = url || factory.prepareRequestUrl(requestData.url, variables);
       const requestCopy = await factory.applyVariables(requestData);
       await factory.applyAuthorization(requestCopy);
       await factory.applyCookies(requestCopy);

package/build/src/runtime/http-runner/RequestAuthorizationProcessor.d.ts

@@ -1,56 +0,0 @@
-import { IHttpRequest } from '../../models/HttpRequest.js';
-import { IRequestAuthorization } from '../../models/RequestAuthorization.js';
-import { IBearerAuthorization, IBasicAuthorization, IOidcAuthorization, IOAuth2Authorization } from '../../models/Authorization.js';
-import { HttpCertificate } from '../../models/ClientCertificate.js';
-/**
- * Applies authorization data to the HttpRequest from
- * request authorization configuration.
- */
-export declare class RequestAuthorizationProcessor {
-    /**
-     * Applies the auth data from the authorization config.
-     *
-     * Note, this mutates the original request. Make a copy of you don't want to change
-     * the values in the source request.
-     *
-     * Note, this does not process client certificates. Use the `#readCertificates()` method to
-     * get a certificate to use with the HTTP request,
-     *
-     * @param request The request to apply the authorization to.
-     * @returns The same request (a reference)
-     */
-    static setAuthorization(request: IHttpRequest, authorization?: IRequestAuthorization[]): IHttpRequest;
-    /**
-     * Reads the client certificate from the authorization configuration.
-     *
-     * @param authorization The HTTP request authorization configuration.
-     * @returns The certificate to use with the HTTP request or undefined when not configured.
-     */
-    static readCertificate(authorization?: IRequestAuthorization[]): HttpCertificate | undefined;
-    /**
-     * Injects basic auth header into the request headers.
-     */
-    protected static processBasicAuth(request: IHttpRequest, config: IBasicAuthorization): void;
-    /**
-     * Injects oauth 2 auth header into the request headers.
-     */
-    protected static processOAuth2(request: IHttpRequest, config: IOAuth2Authorization): void;
-    /**
-     * Injects OpenID Connect auth header into the request headers.
-     */
-    protected static processOpenId(request: IHttpRequest, config: IOidcAuthorization): void;
-    /**
-     * Injects bearer auth header into the request headers.
-     */
-    protected static processBearer(request: IHttpRequest, config: IBearerAuthorization): void;
-    /**
-     * Applies the basic authorization data to the request.
-     *
-     * If the header value have changed then it fires `request-headers-changed` custom event.
-     * It sets computed value of the readers to the event's detail object.
-     *
-     * @param request The event's detail object. Changes made here will be propagated to the event.
-     * @param data The authorization data to apply.
-     */
-    protected static applyRequestBasicAuthData(request: IHttpRequest, data: IBasicAuthorization): void;
-}

package/build/src/runtime/http-runner/RequestAuthorizationProcessor.js

@@ -1,143 +0,0 @@
-import { Headers } from '../../lib/headers/Headers.js';
-/**
- * Applies authorization data to the HttpRequest from
- * request authorization configuration.
- */
-export class RequestAuthorizationProcessor {
-    /**
-     * Applies the auth data from the authorization config.
-     *
-     * Note, this mutates the original request. Make a copy of you don't want to change
-     * the values in the source request.
-     *
-     * Note, this does not process client certificates. Use the `#readCertificates()` method to
-     * get a certificate to use with the HTTP request,
-     *
-     * @param request The request to apply the authorization to.
-     * @returns The same request (a reference)
-     */
-    static setAuthorization(request, authorization) {
-        if (!Array.isArray(authorization) || !authorization.length) {
-            return request;
-        }
-        for (const auth of authorization) {
-            if (auth.enabled === false || !auth.config) {
-                continue;
-            }
-            switch (auth.type) {
-                case 'basic':
-                    this.processBasicAuth(request, auth.config);
-                    break;
-                case 'oauth 2':
-                    this.processOAuth2(request, auth.config);
-                    break;
-                case 'open id':
-                    this.processOpenId(request, auth.config);
-                    break;
-                case 'bearer':
-                    this.processBearer(request, auth.config);
-                    break;
-                default:
-            }
-        }
-        return request;
-    }
-    /**
-     * Reads the client certificate from the authorization configuration.
-     *
-     * @param authorization The HTTP request authorization configuration.
-     * @returns The certificate to use with the HTTP request or undefined when not configured.
-     */
-    static readCertificate(authorization) {
-        if (!Array.isArray(authorization) || !authorization.length) {
-            return undefined;
-        }
-        const item = authorization.find(i => i.enabled !== false && i.type === 'client certificate');
-        if (!item || !item.config) {
-            return undefined;
-        }
-        const init = item.config;
-        return init.certificate;
-    }
-    /**
-     * Injects basic auth header into the request headers.
-     */
-    static processBasicAuth(request, config) {
-        const { username } = config;
-        if (!username) {
-            return;
-        }
-        this.applyRequestBasicAuthData(request, config);
-    }
-    /**
-     * Injects oauth 2 auth header into the request headers.
-     */
-    static processOAuth2(request, config) {
-        const { accessToken, tokenType = 'Bearer', deliveryMethod = 'header', deliveryName = 'authorization' } = config;
-        if (!accessToken) {
-            return;
-        }
-        const value = `${tokenType} ${accessToken}`;
-        if (deliveryMethod === 'header') {
-            const headers = new Headers(request.headers || '');
-            headers.append(deliveryName, value);
-            request.headers = headers.toString();
-        }
-        else if (deliveryMethod === 'query') {
-            const { url } = request;
-            try {
-                const parsed = new URL(url);
-                parsed.searchParams.append(deliveryName, value);
-                request.url = parsed.toString();
-            }
-            catch (e) {
-                // ...
-            }
-        }
-    }
-    /**
-     * Injects OpenID Connect auth header into the request headers.
-     */
-    static processOpenId(request, config) {
-        const { accessToken } = config;
-        if (accessToken) {
-            this.processOAuth2(request, config);
-        }
-        // todo - if AT is missing find the current token from the tokens list in the passed configuration.
-        // Currently the authorization method UI sets the token when the requests is generated so it's not as much important.
-    }
-    /**
-     * Injects bearer auth header into the request headers.
-     */
-    static processBearer(request, config) {
-        const { token } = config;
-        const value = `Bearer ${token}`;
-        const headers = new Headers(request.headers || '');
-        headers.append('authorization', value);
-        request.headers = headers.toString();
-    }
-    /**
-     * Applies the basic authorization data to the request.
-     *
-     * If the header value have changed then it fires `request-headers-changed` custom event.
-     * It sets computed value of the readers to the event's detail object.
-     *
-     * @param request The event's detail object. Changes made here will be propagated to the event.
-     * @param data The authorization data to apply.
-     */
-    static applyRequestBasicAuthData(request, data) {
-        const { username = '', password = '' } = data;
-        const headers = new Headers(request.headers || '');
-        let hash;
-        const decoded = `${username}:${password}`;
-        if (typeof Buffer === 'function' && typeof Buffer.from === 'function') {
-            hash = Buffer.from(decoded).toString('base64');
-        }
-        else {
-            hash = btoa(decoded);
-        }
-        headers.set('authorization', `Basic ${hash}`);
-        request.headers = headers.toString();
-    }
-}
-//# sourceMappingURL=RequestAuthorizationProcessor.js.map

package/build/src/runtime/http-runner/RequestAuthorizationProcessor.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"RequestAuthorizationProcessor.js","sourceRoot":"","sources":["../../../../src/runtime/http-runner/RequestAuthorizationProcessor.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AAEvD;;;GAGG;AACH,MAAM,OAAO,6BAA6B;IAExC;;;;;;;;;;;OAWG;IACH,MAAM,CAAC,gBAAgB,CAAC,OAAqB,EAAE,aAAuC;QACpF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YAC1D,OAAO,OAAO,CAAC;SAChB;QAED,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE;YAChC,IAAI,IAAI,CAAC,OAAO,KAAK,KAAK,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;gBAC1C,SAAS;aACV;YACD,QAAQ,IAAI,CAAC,IAAI,EAAE;gBACjB,KAAK,OAAO;oBAAE,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,MAA6B,CAAC,CAAC;oBAAC,MAAM;gBACxF,KAAK,SAAS;oBAAE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,MAA8B,CAAC,CAAC;oBAAC,MAAM;gBACxF,KAAK,SAAS;oBAAE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,MAA4B,CAAC,CAAC;oBAAC,MAAM;gBACtF,KAAK,QAAQ;oBAAE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,MAA8B,CAAC,CAAC;oBAAC,MAAM;gBACvF,QAAQ;aACT;SACF;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,eAAe,CAAC,aAAuC;QAC5D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YAC1D,OAAO,SAAS,CAAC;SAClB;QACD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,IAAI,CAAC,CAAC,IAAI,KAAK,oBAAoB,CAAC,CAAC;QAC7F,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YACzB,OAAO,SAAS,CAAC;SAClB;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,MAA0B,CAAC;QAC7C,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;OAEG;IACO,MAAM,CAAC,gBAAgB,CAAC,OAAqB,EAAE,MAA2B;QAClF,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;QAC5B,IAAI,CAAC,QAAQ,EAAE;YACb,OAAO;SACR;QACD,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACO,MAAM,CAAC,aAAa,CAAC,OAAqB,EAAE,MAA4B;QAChF,MAAM,EAAE,WAAW,EAAE,SAAS,GAAC,QAAQ,EAAE,cAAc,GAAC,QAAQ,EAAE,YAAY,GAAC,eAAe,EAAE,GAAG,MAAM,CAAC;QAC1G,IAAI,CAAC,WAAW,EAAE;YAChB,OAAO;SACR;QACD,MAAM,KAAK,GAAG,GAAG,SAAS,IAAI,WAAW,EAAE,CAAC;QAC5C,IAAI,cAAc,KAAK,QAAQ,EAAE;YAC/B,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;YACpC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;SACtC;aAAM,IAAI,cAAc,KAAK,OAAO,EAAE;YACrC,MAAM,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;YACxB,IAAI;gBACF,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC5B,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;aACjC;YAAC,OAAO,CAAC,EAAE;gBACV,MAAM;aACP;SACF;IACH,CAAC;IAED;;OAEG;IACO,MAAM,CAAC,aAAa,CAAC,OAAqB,EAAE,MAA0B;QAC9E,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC;QAC/B,IAAI,WAAW,EAAE;YACf,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;SACrC;QACD,mGAAmG;QACnG,qHAAqH;IACvH,CAAC;IAED;;OAEG;IACO,MAAM,CAAC,aAAa,CAAC,OAAqB,EAAE,MAA4B;QAChF,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;QACzB,MAAM,KAAK,GAAG,UAAU,KAAK,EAAE,CAAC;QAChC,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,MAAM,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;IACvC,CAAC;IAED;;;;;;;;OAQG;IACO,MAAM,CAAC,yBAAyB,CAAC,OAAqB,EAAE,IAAyB;QACzF,MAAM,EAAE,QAAQ,GAAC,EAAE,EAAE,QAAQ,GAAC,EAAE,EAAE,GAAG,IAAI,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QACnD,IAAI,IAAY,CAAC;QACjB,MAAM,OAAO,GAAG,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC;QAC1C,IAAI,OAAO,MAAM,KAAK,UAAU,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE;YACrE,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;SAChD;aAAM;YACL,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC;SACtB;QACD,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC;QAC9C,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC;IACvC,CAAC;CACF"}

package/src/runtime/http-runner/RequestAuthorizationProcessor.ts

@@ -1,144 +0,0 @@
-import { IHttpRequest } from '../../models/HttpRequest.js';
-import { IRequestAuthorization } from '../../models/RequestAuthorization.js';
-import { IBearerAuthorization, IBasicAuthorization, IOidcAuthorization, IOAuth2Authorization, ICCAuthorization } from '../../models/Authorization.js';
-import { HttpCertificate } from '../../models/ClientCertificate.js';
-import { Headers } from '../../lib/headers/Headers.js';
-
-/**
- * Applies authorization data to the HttpRequest from 
- * request authorization configuration.
- */
-export class RequestAuthorizationProcessor {
-
-  /**
-   * Applies the auth data from the authorization config.
-   * 
-   * Note, this mutates the original request. Make a copy of you don't want to change 
-   * the values in the source request.
-   * 
-   * Note, this does not process client certificates. Use the `#readCertificates()` method to 
-   * get a certificate to use with the HTTP request,
-   * 
-   * @param request The request to apply the authorization to.
-   * @returns The same request (a reference)
-   */
-  static setAuthorization(request: IHttpRequest, authorization?: IRequestAuthorization[]): IHttpRequest {
-    if (!Array.isArray(authorization) || !authorization.length) {
-      return request;
-    }
-
-    for (const auth of authorization) {
-      if (auth.enabled === false || !auth.config) {
-        continue;
-      }
-      switch (auth.type) {
-        case 'basic': this.processBasicAuth(request, auth.config as IBasicAuthorization); break;
-        case 'oauth 2': this.processOAuth2(request, auth.config as IOAuth2Authorization); break;
-        case 'open id': this.processOpenId(request, auth.config as IOidcAuthorization); break;
-        case 'bearer': this.processBearer(request, auth.config as IBearerAuthorization); break;
-        default:
-      }
-    }
-    return request;
-  }
-
-  /**
-   * Reads the client certificate from the authorization configuration.
-   * 
-   * @param authorization The HTTP request authorization configuration.
-   * @returns The certificate to use with the HTTP request or undefined when not configured.
-   */
-  static readCertificate(authorization?: IRequestAuthorization[]): HttpCertificate | undefined {
-    if (!Array.isArray(authorization) || !authorization.length) {
-      return undefined;
-    }
-    const item = authorization.find(i => i.enabled !== false && i.type === 'client certificate');
-    if (!item || !item.config) {
-      return undefined;
-    }
-    const init = item.config as ICCAuthorization;
-    return init.certificate;
-  }
-
-  /**
-   * Injects basic auth header into the request headers.
-   */
-  protected static processBasicAuth(request: IHttpRequest, config: IBasicAuthorization): void {
-    const { username } = config;
-    if (!username) {
-      return;
-    }
-    this.applyRequestBasicAuthData(request, config);
-  }
-
-  /**
-   * Injects oauth 2 auth header into the request headers.
-   */
-  protected static processOAuth2(request: IHttpRequest, config: IOAuth2Authorization): void {
-    const { accessToken, tokenType='Bearer', deliveryMethod='header', deliveryName='authorization' } = config;
-    if (!accessToken) {
-      return;
-    }
-    const value = `${tokenType} ${accessToken}`;
-    if (deliveryMethod === 'header') {
-      const headers = new Headers(request.headers || '');
-      headers.append(deliveryName, value);
-      request.headers = headers.toString();
-    } else if (deliveryMethod === 'query') {
-      const { url } = request;
-      try {
-        const parsed = new URL(url);
-        parsed.searchParams.append(deliveryName, value);
-        request.url = parsed.toString();
-      } catch (e) {
-        // ...
-      }
-    }
-  }
-
-  /**
-   * Injects OpenID Connect auth header into the request headers.
-   */
-  protected static processOpenId(request: IHttpRequest, config: IOidcAuthorization): void {
-    const { accessToken } = config;
-    if (accessToken) {
-      this.processOAuth2(request, config);
-    }
-    // todo - if AT is missing find the current token from the tokens list in the passed configuration.
-    // Currently the authorization method UI sets the token when the requests is generated so it's not as much important.
-  }
-
-  /**
-   * Injects bearer auth header into the request headers.
-   */
-  protected static processBearer(request: IHttpRequest, config: IBearerAuthorization): void {
-    const { token } = config;
-    const value = `Bearer ${token}`;
-    const headers = new Headers(request.headers || '');
-    headers.append('authorization', value);
-    request.headers = headers.toString();
-  }
-
-  /**
-   * Applies the basic authorization data to the request.
-   *
-   * If the header value have changed then it fires `request-headers-changed` custom event.
-   * It sets computed value of the readers to the event's detail object.
-   *
-   * @param request The event's detail object. Changes made here will be propagated to the event.
-   * @param data The authorization data to apply.
-   */
-  protected static applyRequestBasicAuthData(request: IHttpRequest, data: IBasicAuthorization): void {
-    const { username='', password='' } = data;
-    const headers = new Headers(request.headers || '');
-    let hash: string;
-    const decoded = `${username}:${password}`;
-    if (typeof Buffer === 'function' && typeof Buffer.from === 'function') {
-      hash = Buffer.from(decoded).toString('base64');
-    } else {
-      hash = btoa(decoded);
-    }
-    headers.set('authorization', `Basic ${hash}`);
-    request.headers = headers.toString();
-  }
-}