@appland/scanner 1.56.0 → 1.59.0

package/built/ruleChecker.js

@@ -8,85 +8,22 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-var __generator = (this && this.__generator) || function (thisArg, body) {
-    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
-    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
-    function verb(n) { return function (v) { return step([n, v]); }; }
-    function step(op) {
-        if (f) throw new TypeError("Generator is already executing.");
-        while (_) try {
-            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
-            if (y = 0, t) op = [op[0] & 2, t.value];
-            switch (op[0]) {
-                case 0: case 1: t = op; break;
-                case 4: _.label++; return { value: op[1], done: false };
-                case 5: _.label++; y = op[1]; op = [0]; continue;
-                case 7: op = _.ops.pop(); _.trys.pop(); continue;
-                default:
-                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
-                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
-                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
-                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
-                    if (t[2]) _.ops.pop();
-                    _.trys.pop(); continue;
-            }
-            op = body.call(thisArg, _);
-        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
-        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
-    }
-};
-var __values = (this && this.__values) || function(o) {
-    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
-    if (m) return m.call(o);
-    if (o && typeof o.length === "number") return {
-        next: function () {
-            if (o && i >= o.length) o = void 0;
-            return { value: o && o[i++], done: !o };
-        }
-    };
-    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
-};
-var __read = (this && this.__read) || function (o, n) {
-    var m = typeof Symbol === "function" && o[Symbol.iterator];
-    if (!m) return o;
-    var i = m.call(o), r, ar = [], e;
-    try {
-        while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);
-    }
-    catch (error) { e = { error: error }; }
-    finally {
-        try {
-            if (r && !r.done && (m = i["return"])) m.call(i);
-        }
-        finally { if (e) throw e.error; }
-    }
-    return ar;
-};
-var __spreadArray = (this && this.__spreadArray) || function (to, from, pack) {
-    if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {
-        if (ar || !(i in from)) {
-            if (!ar) ar = Array.prototype.slice.call(from, 0, i);
-            ar[i] = from[i];
-        }
-    }
-    return to.concat(ar || Array.prototype.slice.call(from));
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var errors_1 = require("./errors");
-var util_1 = require("./rules/lib/util");
-var rootScope_1 = __importDefault(require("./scope/rootScope"));
-var httpServerRequestScope_1 = __importDefault(require("./scope/httpServerRequestScope"));
-var httpClientRequestScope_1 = __importDefault(require("./scope/httpClientRequestScope"));
-var commandScope_1 = __importDefault(require("./scope/commandScope"));
-var sqlTransactionScope_1 = __importDefault(require("./scope/sqlTransactionScope"));
-var checkInstance_1 = __importDefault(require("./checkInstance"));
-var crypto_1 = require("crypto");
-var eventUtil_1 = require("./eventUtil");
-var RuleChecker = /** @class */ (function () {
-    function RuleChecker() {
+const errors_1 = require("./errors");
+const util_1 = require("./rules/lib/util");
+const rootScope_1 = __importDefault(require("./scope/rootScope"));
+const httpServerRequestScope_1 = __importDefault(require("./scope/httpServerRequestScope"));
+const httpClientRequestScope_1 = __importDefault(require("./scope/httpClientRequestScope"));
+const commandScope_1 = __importDefault(require("./scope/commandScope"));
+const sqlTransactionScope_1 = __importDefault(require("./scope/sqlTransactionScope"));
+const checkInstance_1 = __importDefault(require("./checkInstance"));
+const crypto_1 = require("crypto");
+const eventUtil_1 = require("./eventUtil");
+class RuleChecker {
+    constructor() {
         this.scopes = {
             root: new rootScope_1.default(),
             command: new commandScope_1.default(),
@@ -95,231 +32,143 @@ var RuleChecker = /** @class */ (function () {
             transaction: new sqlTransactionScope_1.default(),
         };
     }
-    RuleChecker.prototype.check = function (appMapFile, appMapIndex, check, findings) {
-        return __awaiter(this, void 0, void 0, function () {
-            var numScopesChecked;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0: return [4 /*yield*/, this.checkScope(appMapFile, appMapIndex, check, check.scope, findings)];
-                    case 1:
-                        numScopesChecked = _a.sent();
-                        if (!(numScopesChecked === 0 && check.scope === 'command')) return [3 /*break*/, 3];
-                        return [4 /*yield*/, this.checkScope(appMapFile, appMapIndex, check, 'root', findings)];
-                    case 2:
-                        _a.sent();
-                        _a.label = 3;
-                    case 3: return [2 /*return*/];
-                }
-            });
+    check(appMapFile, appMapIndex, check, findings) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const numScopesChecked = yield this.checkScope(appMapFile, appMapIndex, check, check.scope, findings);
+            if (numScopesChecked === 0 && check.scope === 'command') {
+                yield this.checkScope(appMapFile, appMapIndex, check, 'root', findings);
+            }
         });
-    };
-    RuleChecker.prototype.checkScope = function (appMapFile, appMapIndex, check, scope, findings) {
-        return __awaiter(this, void 0, void 0, function () {
-            var scopeIterator, callEvents, numScopes, _a, _b, scope_1, checkInstance, _c, _d, event, e_1_1, e_2_1;
-            var e_2, _e, e_1, _f;
-            return __generator(this, function (_g) {
-                switch (_g.label) {
-                    case 0:
-                        if ((0, util_1.verbose)()) {
-                            console.warn("Checking AppMap ".concat(appMapIndex.appMap.name, " with scope ").concat(scope));
-                        }
-                        scopeIterator = this.scopes[scope];
-                        if (!scopeIterator) {
-                            throw new errors_1.AbortError("Invalid scope name \"".concat(scope, "\""));
-                        }
-                        callEvents = function () {
-                            var events, i;
-                            return __generator(this, function (_a) {
-                                switch (_a.label) {
-                                    case 0:
-                                        events = appMapIndex.appMap.events;
-                                        i = 0;
-                                        _a.label = 1;
-                                    case 1:
-                                        if (!(i < events.length)) return [3 /*break*/, 4];
-                                        return [4 /*yield*/, events[i]];
-                                    case 2:
-                                        _a.sent();
-                                        _a.label = 3;
-                                    case 3:
-                                        i++;
-                                        return [3 /*break*/, 1];
-                                    case 4: return [2 /*return*/];
-                                }
-                            });
-                        };
-                        numScopes = 0;
-                        _g.label = 1;
-                    case 1:
-                        _g.trys.push([1, 15, 16, 17]);
-                        _a = __values(scopeIterator.scopes(callEvents())), _b = _a.next();
-                        _g.label = 2;
-                    case 2:
-                        if (!!_b.done) return [3 /*break*/, 14];
-                        scope_1 = _b.value;
-                        numScopes += 1;
-                        if ((0, util_1.verbose)()) {
-                            console.warn("Scope ".concat(scope_1.scope));
-                        }
-                        checkInstance = new checkInstance_1.default(check);
-                        if (!check.filterScope(scope_1.scope, appMapIndex)) {
-                            return [3 /*break*/, 13];
-                        }
-                        if (!checkInstance.enumerateScope) return [3 /*break*/, 11];
-                        _g.label = 3;
-                    case 3:
-                        _g.trys.push([3, 8, 9, 10]);
-                        _c = (e_1 = void 0, __values(scope_1.events())), _d = _c.next();
-                        _g.label = 4;
-                    case 4:
-                        if (!!_d.done) return [3 /*break*/, 7];
-                        event = _d.value;
-                        return [4 /*yield*/, this.checkEvent(event, scope_1.scope, appMapFile, appMapIndex, checkInstance, findings)];
-                    case 5:
-                        _g.sent();
-                        _g.label = 6;
-                    case 6:
-                        _d = _c.next();
-                        return [3 /*break*/, 4];
-                    case 7: return [3 /*break*/, 10];
-                    case 8:
-                        e_1_1 = _g.sent();
-                        e_1 = { error: e_1_1 };
-                        return [3 /*break*/, 10];
-                    case 9:
-                        try {
-                            if (_d && !_d.done && (_f = _c.return)) _f.call(_c);
-                        }
-                        finally { if (e_1) throw e_1.error; }
-                        return [7 /*endfinally*/];
-                    case 10: return [3 /*break*/, 13];
-                    case 11: return [4 /*yield*/, this.checkEvent(scope_1.scope, scope_1.scope, appMapFile, appMapIndex, checkInstance, findings)];
-                    case 12:
-                        _g.sent();
-                        _g.label = 13;
-                    case 13:
-                        _b = _a.next();
-                        return [3 /*break*/, 2];
-                    case 14: return [3 /*break*/, 17];
-                    case 15:
-                        e_2_1 = _g.sent();
-                        e_2 = { error: e_2_1 };
-                        return [3 /*break*/, 17];
-                    case 16:
-                        try {
-                            if (_b && !_b.done && (_e = _a.return)) _e.call(_a);
-                        }
-                        finally { if (e_2) throw e_2.error; }
-                        return [7 /*endfinally*/];
-                    case 17: return [2 /*return*/, numScopes];
+    }
+    checkScope(appMapFile, appMapIndex, check, scope, findings) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if ((0, util_1.verbose)()) {
+                console.warn(`Checking AppMap ${appMapIndex.appMap.name} with scope ${scope}`);
+            }
+            const scopeIterator = this.scopes[scope];
+            if (!scopeIterator) {
+                throw new errors_1.AbortError(`Invalid scope name "${scope}"`);
+            }
+            const callEvents = function* () {
+                const events = appMapIndex.appMap.events;
+                for (let i = 0; i < events.length; i++) {
+                    yield events[i];
+                }
+            };
+            let numScopes = 0;
+            for (const scope of scopeIterator.scopes(callEvents())) {
+                numScopes += 1;
+                if ((0, util_1.verbose)()) {
+                    console.warn(`Scope ${scope.scope}`);
+                }
+                const checkInstance = new checkInstance_1.default(check);
+                if (!check.filterScope(scope.scope, appMapIndex)) {
+                    continue;
                 }
-            });
+                if (checkInstance.enumerateScope) {
+                    for (const event of scope.events()) {
+                        yield this.checkEvent(event, scope.scope, appMapFile, appMapIndex, checkInstance, findings);
+                    }
+                }
+                else {
+                    yield this.checkEvent(scope.scope, scope.scope, appMapFile, appMapIndex, checkInstance, findings);
+                }
+            }
+            return numScopes;
         });
-    };
-    RuleChecker.prototype.checkEvent = function (event, scope, appMapFile, appMapIndex, checkInstance, findings) {
-        return __awaiter(this, void 0, void 0, function () {
-            var buildFinding, matchResult, numFindings, finding, message, finding;
-            return __generator(this, function (_a) {
-                switch (_a.label) {
-                    case 0:
-                        if (!event.isCall()) {
-                            return [2 /*return*/];
-                        }
-                        if ((0, util_1.verbose)()) {
-                            console.warn("Asserting ".concat(checkInstance.ruleId, " on ").concat(event.codeObject.fqid, " event ").concat(event.toString()));
-                        }
-                        if (!event.returnEvent) {
-                            if ((0, util_1.verbose)()) {
-                                console.warn("\tEvent has no returnEvent. Skipping.");
-                            }
-                            return [2 /*return*/];
-                        }
-                        if (!checkInstance.filterEvent(event, appMapIndex)) {
-                            return [2 /*return*/];
-                        }
-                        buildFinding = function (matchEvent, message, groupMessage, occurranceCount, 
-                        // matchEvent will be added to additionalEvents to create the relatedEvents array
-                        additionalEvents) {
-                            var findingEvent = matchEvent || event;
-                            // Fixes:
-                            // TypeError: Cannot read property 'forEach' of undefined
-                            //   at hashHttp (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:1663:11)
-                            //   at hashEvent (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:1714:14)
-                            //   at Event.get hash [as hash] (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:3325:27)
-                            findingEvent.message || (findingEvent.message = []);
-                            var stack = __spreadArray([
-                                findingEvent.codeObject.location
-                            ], __read(findingEvent.ancestors().map(function (ancestor) { return ancestor.codeObject.location; })), false).filter(Boolean);
-                            var hash = (0, crypto_1.createHash)('sha256');
-                            hash.update(findingEvent.hash);
-                            hash.update(checkInstance.ruleId);
-                            var uniqueEvents = new Set();
-                            var relatedEvents = [];
-                            [findingEvent].concat((additionalEvents || []).map(eventUtil_1.cloneEvent)).forEach(function (event) {
-                                if (uniqueEvents.has(event.id)) {
-                                    return;
-                                }
-                                uniqueEvents.add(event.id);
-                                relatedEvents.push(event);
-                            });
-                            // Update event hash with unique hashes of related events
-                            new Set(relatedEvents.map(function (e) { return e.hash; })).forEach(function (eventHash) {
-                                hash.update(eventHash);
-                            });
-                            return {
-                                appMapFile: appMapFile,
-                                checkId: checkInstance.checkId,
-                                ruleId: checkInstance.ruleId,
-                                ruleTitle: checkInstance.title,
-                                event: (0, eventUtil_1.cloneEvent)(findingEvent),
-                                hash: hash.digest('hex'),
-                                stack: stack,
-                                scope: (0, eventUtil_1.cloneEvent)(scope),
-                                message: message || checkInstance.title,
-                                groupMessage: groupMessage,
-                                occurranceCount: occurranceCount,
-                                relatedEvents: relatedEvents.sort(function (event) { return event.id; }),
-                            };
-                        };
-                        return [4 /*yield*/, checkInstance.ruleLogic.matcher(event, appMapIndex, checkInstance.filterEvent.bind(checkInstance))];
-                    case 1:
-                        matchResult = _a.sent();
-                        numFindings = findings.length;
-                        if (matchResult === true) {
-                            finding = void 0;
-                            if (checkInstance.ruleLogic.message) {
-                                message = checkInstance.ruleLogic.message(scope, event);
-                                finding = buildFinding(event, message);
-                            }
-                            else {
-                                finding = buildFinding(event);
-                            }
-                            findings.push(finding);
-                        }
-                        else if (typeof matchResult === 'string') {
-                            finding = buildFinding(event, matchResult);
-                            finding.message = matchResult;
-                            findings.push(finding);
-                        }
-                        else if (matchResult) {
-                            matchResult.forEach(function (mr) {
-                                var finding = buildFinding(mr.event, mr.message, mr.groupMessage, mr.occurranceCount, mr.relatedEvents);
-                                findings.push(finding);
-                            });
-                        }
-                        if ((0, util_1.verbose)()) {
-                            if (findings.length > numFindings) {
-                                findings.forEach(function (finding) {
-                                    return console.log("\tFinding: ".concat(finding.ruleId, " : ").concat(finding.message));
-                                });
-                            }
-                        }
-                        return [2 /*return*/];
+    }
+    checkEvent(event, scope, appMapFile, appMapIndex, checkInstance, findings) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!event.isCall()) {
+                return;
+            }
+            if ((0, util_1.verbose)()) {
+                console.warn(`Asserting ${checkInstance.ruleId} on ${event.codeObject.fqid} event ${event.toString()}`);
+            }
+            if (!event.returnEvent) {
+                if ((0, util_1.verbose)()) {
+                    console.warn(`\tEvent has no returnEvent. Skipping.`);
+                }
+                return;
+            }
+            if (!checkInstance.filterEvent(event, appMapIndex)) {
+                return;
+            }
+            const buildFinding = (matchEvent, message, groupMessage, occurranceCount, 
+            // matchEvent will be added to additionalEvents to create the relatedEvents array
+            additionalEvents) => {
+                const findingEvent = matchEvent || event;
+                // Fixes:
+                // TypeError: Cannot read property 'forEach' of undefined
+                //   at hashHttp (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:1663:11)
+                //   at hashEvent (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:1714:14)
+                //   at Event.get hash [as hash] (/Users/kgilpin/source/appland/scanner/node_modules/@appland/models/dist/index.cjs:3325:27)
+                findingEvent.message || (findingEvent.message = []);
+                const stack = [
+                    findingEvent.codeObject.location,
+                    ...findingEvent.ancestors().map((ancestor) => ancestor.codeObject.location),
+                ].filter(Boolean);
+                const hash = (0, crypto_1.createHash)('sha256');
+                hash.update(findingEvent.hash);
+                hash.update(checkInstance.ruleId);
+                const uniqueEvents = new Set();
+                const relatedEvents = [];
+                [findingEvent].concat((additionalEvents || []).map(eventUtil_1.cloneEvent)).forEach((event) => {
+                    if (uniqueEvents.has(event.id)) {
+                        return;
+                    }
+                    uniqueEvents.add(event.id);
+                    relatedEvents.push(event);
+                });
+                // Update event hash with unique hashes of related events
+                new Set(relatedEvents.map((e) => e.hash)).forEach((eventHash) => {
+                    hash.update(eventHash);
+                });
+                return {
+                    appMapFile,
+                    checkId: checkInstance.checkId,
+                    ruleId: checkInstance.ruleId,
+                    ruleTitle: checkInstance.title,
+                    event: (0, eventUtil_1.cloneEvent)(findingEvent),
+                    hash: hash.digest('hex'),
+                    stack,
+                    scope: (0, eventUtil_1.cloneEvent)(scope),
+                    message: message || checkInstance.title,
+                    groupMessage,
+                    occurranceCount,
+                    relatedEvents: relatedEvents.sort((event) => event.id),
+                };
+            };
+            const matchResult = yield checkInstance.ruleLogic.matcher(event, appMapIndex, checkInstance.filterEvent.bind(checkInstance));
+            const numFindings = findings.length;
+            if (matchResult === true) {
+                let finding;
+                if (checkInstance.ruleLogic.message) {
+                    const message = checkInstance.ruleLogic.message(scope, event);
+                    finding = buildFinding(event, message);
+                }
+                else {
+                    finding = buildFinding(event);
+                }
+                findings.push(finding);
+            }
+            else if (typeof matchResult === 'string') {
+                const finding = buildFinding(event, matchResult);
+                finding.message = matchResult;
+                findings.push(finding);
+            }
+            else if (matchResult) {
+                matchResult.forEach((mr) => {
+                    const finding = buildFinding(mr.event, mr.message, mr.groupMessage, mr.occurranceCount, mr.relatedEvents);
+                    findings.push(finding);
+                });
+            }
+            if ((0, util_1.verbose)()) {
+                if (findings.length > numFindings) {
+                    findings.forEach((finding) => console.log(`\tFinding: ${finding.ruleId} : ${finding.message}`));
                 }
-            });
+            }
         });
-    };
-    return RuleChecker;
-}());
+    }
+}
 exports.default = RuleChecker;
-//# sourceMappingURL=ruleChecker.js.map

package/built/rules/authzBeforeAuthn.js

@@ -1,79 +1,46 @@
 "use strict";
-var __values = (this && this.__values) || function(o) {
-    var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
-    if (m) return m.call(o);
-    if (o && typeof o.length === "number") return {
-        next: function () {
-            if (o && i >= o.length) o = void 0;
-            return { value: o && o[i++], done: !o };
-        }
-    };
-    throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-var models_1 = require("@appland/models");
-var util_1 = require("./lib/util");
-var url_1 = require("url");
-var parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
+const models_1 = require("@appland/models");
+const util_1 = require("./lib/util");
+const url_1 = require("url");
+const parseRuleDescription_1 = __importDefault(require("./lib/parseRuleDescription"));
 function containsAuthentication(events) {
-    var e_1, _a;
-    try {
-        for (var events_1 = __values(events), events_1_1 = events_1.next(); !events_1_1.done; events_1_1 = events_1.next()) {
-            var iter = events_1_1.value;
-            if ((0, util_1.providesAuthentication)(iter.event, SecurityAuthentication)) {
-                return true;
-            }
-        }
-    }
-    catch (e_1_1) { e_1 = { error: e_1_1 }; }
-    finally {
-        try {
-            if (events_1_1 && !events_1_1.done && (_a = events_1.return)) _a.call(events_1);
+    for (const iter of events) {
+        if ((0, util_1.providesAuthentication)(iter.event, SecurityAuthentication)) {
+            return true;
         }
-        finally { if (e_1) throw e_1.error; }
     }
     return false;
 }
 function build() {
     function matcher(rootEvent) {
-        var e_2, _a;
-        try {
-            for (var _b = __values(new models_1.EventNavigator(rootEvent).descendants()), _c = _b.next(); !_c.done; _c = _b.next()) {
-                var event = _c.value;
-                if ((0, util_1.providesAuthentication)(event.event, SecurityAuthentication)) {
+        for (const event of new models_1.EventNavigator(rootEvent).descendants()) {
+            if ((0, util_1.providesAuthentication)(event.event, SecurityAuthentication)) {
+                return;
+            }
+            if (event.event.labels.has(SecurityAuthorization) && (0, util_1.isTruthy)(event.event.returnValue)) {
+                // If the authorization event has a successful authentication descendant, allow this as well.
+                if (containsAuthentication(event.descendants())) {
                     return;
                 }
-                if (event.event.labels.has(SecurityAuthorization) && (0, util_1.isTruthy)(event.event.returnValue)) {
-                    // If the authorization event has a successful authentication descendant, allow this as well.
-                    if (containsAuthentication(event.descendants())) {
-                        return;
-                    }
-                    else {
-                        return [
-                            {
-                                event: event.event,
-                                message: "".concat(event.event, " provides authorization, but the request is not authenticated"),
-                            },
-                        ];
-                    }
+                else {
+                    return [
+                        {
+                            event: event.event,
+                            message: `${event.event} provides authorization, but the request is not authenticated`,
+                        },
+                    ];
                 }
             }
         }
-        catch (e_2_1) { e_2 = { error: e_2_1 }; }
-        finally {
-            try {
-                if (_c && !_c.done && (_a = _b.return)) _a.call(_b);
-            }
-            finally { if (e_2) throw e_2.error; }
-        }
     }
-    return { matcher: matcher };
+    return { matcher };
 }
-var SecurityAuthentication = 'security.authentication';
-var SecurityAuthorization = 'security.authorization';
+const SecurityAuthentication = 'security.authentication';
+const SecurityAuthorization = 'security.authorization';
 exports.default = {
     id: 'authz-before-authn',
     title: 'Authorization performed before authentication',
@@ -86,6 +53,5 @@ exports.default = {
     },
     description: (0, parseRuleDescription_1.default)('authzBeforeAuthn'),
     url: 'https://appland.com/docs/analysis/rules-reference.html#authz-before-authn',
-    build: build,
+    build,
 };
-//# sourceMappingURL=authzBeforeAuthn.js.map