@authup/server-kit 1.0.0-beta.4 → 1.0.0-beta.40

package/dist/index.cjs

@@ -1,642 +0,0 @@
-'use strict';
-
-var bcrypt = require('bcrypt');
-var node_crypto = require('node:crypto');
-var core = require('@authup/core');
-var path = require('node:path');
-var fs = require('node:fs');
-var jsonwebtoken = require('jsonwebtoken');
-var smob = require('smob');
-var redisExtension = require('redis-extension');
-var redisEmitter = require('@socket.io/redis-emitter');
-var nodemailer = require('nodemailer');
-
-async function compare(value, hashedValue) {
-    return bcrypt.compare(value, hashedValue);
-}
-
-async function hash(str, saltOrRounds = 10) {
-    return bcrypt.hash(str, saltOrRounds);
-}
-
-/*
- * Copyright (c) 2022.
- * Author Peter Placzek (tada5hi)
- * For the full copyright and license information,
- * view the LICENSE file that was distributed with this source code.
- */ exports.KeyPairKind = void 0;
-(function(KeyPairKind) {
-    KeyPairKind["PRIVATE"] = "private";
-    KeyPairKind["PUBLIC"] = "public";
-})(exports.KeyPairKind || (exports.KeyPairKind = {}));
-
-function isKeyPair(data) {
-    return core.isObject(data) && typeof data.privateKey !== 'undefined' && typeof data.publicKey !== 'undefined';
-}
-function isKeyPairWithPublicKey(data) {
-    return core.isObject(data) && typeof data.publicKey !== 'undefined';
-}
-
-function extendKeyPairOptions(options) {
-    var _options;
-    options = options ?? {};
-    options.directory = options.directory || process.cwd();
-    options.directory = path.isAbsolute(options.directory) ? options.directory : path.resolve(process.cwd(), options.directory);
-    (_options = options).type ?? (_options.type = 'rsa');
-    if (options.type === 'rsa' || options.type === 'rsa-pss' || options.type === 'dsa') {
-        options.modulusLength = 2048;
-    }
-    if (!options.privateKeyEncoding) {
-        options.privateKeyEncoding = {
-            type: 'pkcs8',
-            format: 'pem'
-        };
-    }
-    if (!options.publicKeyEncoding) {
-        options.publicKeyEncoding = {
-            type: 'spki',
-            format: 'pem'
-        };
-    }
-    if (options.privateKeyEncoding.passphrase && !options.privateKeyEncoding.cipher) {
-        options.privateKeyEncoding.cipher = 'aes-256-cbc';
-    }
-    return options;
-}
-
-function buildKeyFileName(type, context) {
-    const options = extendKeyPairOptions(context);
-    const parts = [];
-    switch(type){
-        case exports.KeyPairKind.PRIVATE:
-            {
-                if (options.privateName) {
-                    parts.push(options.privateName);
-                } else {
-                    parts.push(type);
-                }
-                if (options.privateExtension) {
-                    if (options.privateExtension.startsWith('.')) {
-                        options.privateExtension = options.privateExtension.slice(1);
-                    }
-                    parts.push(options.privateExtension);
-                } else {
-                    parts.push('pem');
-                }
-                break;
-            }
-        case exports.KeyPairKind.PUBLIC:
-            {
-                if (options.publicName) {
-                    parts.push(options.publicName);
-                } else {
-                    parts.push(type);
-                }
-                if (options.publicExtension) {
-                    if (options.publicExtension.startsWith('.')) {
-                        options.publicExtension = options.publicExtension.slice(1);
-                    }
-                    parts.push(options.publicExtension);
-                } else {
-                    parts.push('pem');
-                }
-                break;
-            }
-    }
-    return parts.join('.');
-}
-
-function decryptRSAPrivateKey(context, key) {
-    const privateKey = node_crypto.createPrivateKey({
-        type: context.privateKeyEncoding.type,
-        format: context.privateKeyEncoding.format,
-        key,
-        passphrase: context.privateKeyEncoding.passphrase || context.passphrase
-    });
-    let content = privateKey.export({
-        type: context.privateKeyEncoding.type,
-        format: context.privateKeyEncoding.format
-    });
-    if (typeof content !== 'string') {
-        content = Buffer.from(content).toString('utf-8');
-    }
-    return content;
-}
-
-async function saveKeyPair(keyPair, context) {
-    context = extendKeyPairOptions(context);
-    await fs.promises.mkdir(context.directory, {
-        recursive: true
-    });
-    await Promise.all([
-        {
-            path: path.resolve(context.directory, buildKeyFileName(exports.KeyPairKind.PRIVATE, context)),
-            content: keyPair.privateKey
-        },
-        {
-            path: path.resolve(context.directory, buildKeyFileName(exports.KeyPairKind.PUBLIC, context)),
-            content: keyPair.publicKey
-        }
-    ].map((file)=>fs.promises.writeFile(file.path, file.content)));
-    return keyPair;
-}
-
-async function createKeyPair(context) {
-    const options = extendKeyPairOptions(context);
-    const keyPair = await new Promise((resolve, reject)=>{
-        const callback = (err, publicKey, privateKey)=>{
-            if (err) reject(err);
-            resolve({
-                privateKey,
-                publicKey
-            });
-        };
-        switch(options.type){
-            case 'dsa':
-                node_crypto.generateKeyPair(options.type, options, callback);
-                break;
-            case 'ec':
-                node_crypto.generateKeyPair(options.type, options, callback);
-                break;
-            case 'rsa':
-                node_crypto.generateKeyPair(options.type, options, callback);
-                break;
-            case 'rsa-pss':
-                node_crypto.generateKeyPair(options.type, options, callback);
-                break;
-        }
-    });
-    if (options.save) {
-        await saveKeyPair(keyPair, options);
-    }
-    if (options.passphrase || options.privateKeyEncoding.passphrase) {
-        keyPair.privateKey = decryptRSAPrivateKey(options, keyPair.privateKey);
-    }
-    return keyPair;
-}
-
-async function deleteKeyPair(context) {
-    const options = extendKeyPairOptions(context);
-    const privateKeyPath = path.resolve(options.directory, buildKeyFileName(exports.KeyPairKind.PRIVATE, options));
-    const publicKeyPath = path.resolve(options.directory, buildKeyFileName(exports.KeyPairKind.PUBLIC, options));
-    try {
-        await Promise.all([
-            privateKeyPath,
-            publicKeyPath
-        ].map((filePath)=>fs.promises.stat(filePath)));
-    } catch (e) {
-        return;
-    }
-    await Promise.all([
-        privateKeyPath,
-        publicKeyPath
-    ].map((filePath)=>fs.promises.rm(filePath)));
-}
-
-async function loadKeyPair(context) {
-    const options = extendKeyPairOptions(context);
-    const privateKeyPath = path.resolve(options.directory, buildKeyFileName(exports.KeyPairKind.PRIVATE, options));
-    try {
-        await fs.promises.stat(privateKeyPath);
-    } catch (e) {
-        return undefined;
-    }
-    const privateKeyBuffer = await fs.promises.readFile(privateKeyPath);
-    let privateKey = privateKeyBuffer.toString();
-    if (options.passphrase || options.privateKeyEncoding.passphrase) {
-        privateKey = decryptRSAPrivateKey(options, privateKey);
-    }
-    const publicKeyPath = path.resolve(options.directory, buildKeyFileName(exports.KeyPairKind.PUBLIC, options));
-    let publicKey;
-    try {
-        await fs.promises.stat(publicKeyPath);
-        const publicKeyBuffer = await fs.promises.readFile(publicKeyPath);
-        publicKey = publicKeyBuffer.toString();
-    } catch (e) {
-        const publicKeyObject = node_crypto.createPublicKey({
-            key: privateKey,
-            format: options.privateKeyEncoding.format,
-            type: options.publicKeyEncoding.type
-        });
-        const stringOrBuffer = publicKeyObject.export({
-            format: options.publicKeyEncoding.format,
-            type: options.publicKeyEncoding.type
-        });
-        if (typeof stringOrBuffer !== 'string') {
-            publicKey = stringOrBuffer.toString();
-        } else {
-            publicKey = stringOrBuffer;
-        }
-        if (options.save) {
-            await saveKeyPair({
-                privateKey,
-                publicKey
-            }, options);
-        }
-    }
-    return {
-        privateKey,
-        publicKey
-    };
-}
-
-const keyPairCache = {};
-async function useKeyPair(value) {
-    let options;
-    if (typeof value === 'string') {
-        options = extendKeyPairOptions({
-            privateName: value
-        });
-    } else {
-        options = extendKeyPairOptions(value || {});
-    }
-    if (Object.prototype.hasOwnProperty.call(keyPairCache, options.privateName)) {
-        return keyPairCache[options.privateName];
-    }
-    let keyPair = await loadKeyPair(options);
-    if (typeof keyPair === 'undefined') {
-        keyPair = await createKeyPair(options);
-    }
-    keyPairCache[options.privateName] = keyPair;
-    return keyPair;
-}
-
-function createErrorForJWTError(e) {
-    if (smob.isObject(e) && typeof e.name === 'string') {
-        switch(e.name){
-            case 'TokenExpiredError':
-                {
-                    return core.TokenError.expired();
-                }
-            case 'NotBeforeError':
-                {
-                    if (typeof e.date === 'string' || e.date instanceof Date) {
-                        return core.TokenError.notActiveBefore(e.date);
-                    }
-                    break;
-                }
-            case 'JsonWebTokenError':
-                {
-                    if (typeof e.message === 'string') {
-                        return core.TokenError.payloadInvalid(e.message);
-                    }
-                    break;
-                }
-        }
-    }
-    return new core.TokenError({
-        cause: e,
-        logMessage: true,
-        message: 'The JWT error could not be determined.'
-    });
-}
-
-function decodeToken(token, options) {
-    options ?? (options = {});
-    let output;
-    try {
-        output = jsonwebtoken.decode(token, {
-            ...options
-        });
-    } catch (e) {
-        throw createErrorForJWTError(e);
-    }
-    if (output === null) {
-        throw core.TokenError.payloadInvalid('The token could not be decoded.');
-    }
-    return output;
-}
-
-async function signToken(payload, context) {
-    context.expiresIn = context.expiresIn || 3600;
-    switch(context.type){
-        case core.KeyType.RSA:
-        case core.KeyType.EC:
-            {
-                const { type, keyPair, ...options } = context;
-                const { privateKey } = isKeyPair(keyPair) ? keyPair : await useKeyPair(keyPair);
-                if (type === core.KeyType.RSA) {
-                    options.algorithm = options.algorithm || 'RS256';
-                } else {
-                    options.algorithm = options.algorithm || 'ES256';
-                }
-                return jsonwebtoken.sign(payload, privateKey, options);
-            }
-        case core.KeyType.OCT:
-            {
-                const { type, secret, ...options } = context;
-                options.algorithm = options.algorithm || 'HS256';
-                return jsonwebtoken.sign(payload, secret, options);
-            }
-    }
-    throw new core.TokenError();
-}
-
-async function verifyToken(token, context) {
-    let promise;
-    let output;
-    try {
-        switch(context.type){
-            case core.KeyType.RSA:
-            case core.KeyType.EC:
-                {
-                    const { type, keyPair, ...options } = context;
-                    const { publicKey } = isKeyPairWithPublicKey(keyPair) ? keyPair : await useKeyPair(keyPair);
-                    if (type === core.KeyType.RSA) {
-                        options.algorithms = options.algorithms || [
-                            'RS256',
-                            'RS384',
-                            'RS512',
-                            'PS256',
-                            'PS384',
-                            'PS512'
-                        ];
-                    } else {
-                        options.algorithms = options.algorithms || [
-                            'ES256',
-                            'ES384',
-                            'ES512'
-                        ];
-                    }
-                    promise = new Promise((resolve, reject)=>{
-                        jsonwebtoken.verify(token, publicKey, options, (err, decoded)=>{
-                            if (err) {
-                                reject(err);
-                                return;
-                            }
-                            resolve(decoded);
-                        });
-                    });
-                    break;
-                }
-            case core.KeyType.OCT:
-                {
-                    const { type, secret, ...options } = context;
-                    options.algorithms = options.algorithms || [
-                        'HS256',
-                        'HS384',
-                        'HS512'
-                    ];
-                    promise = new Promise((resolve, reject)=>{
-                        jsonwebtoken.verify(token, secret, options, (err, decoded)=>{
-                            if (err) {
-                                reject(err);
-                                return;
-                            }
-                            resolve(decoded);
-                        });
-                    });
-                }
-        }
-        output = await promise;
-    } catch (e) {
-        throw createErrorForJWTError(e);
-    }
-    if (typeof output === 'undefined') {
-        throw new core.TokenError({
-            message: 'Invalid type.'
-        });
-    }
-    return output;
-}
-
-function transformDomainEventData(input) {
-    if (core.isObject(input)) {
-        const keys = Object.keys(input);
-        for(let i = 0; i < keys.length; i++){
-            const value = input[keys[i]];
-            if (value instanceof Date) {
-                input[keys[i]] = value.toISOString();
-            }
-        }
-    }
-    return input;
-}
-function buildDomainEventChannelName(input, id) {
-    if (typeof input === 'string') {
-        return input;
-    }
-    return input(id);
-}
-
-async function publishDomainRedisEvent(context, destinations) {
-    if (!redisExtension.hasClient() && !redisExtension.hasConfig()) {
-        return Promise.resolve();
-    }
-    context = transformDomainEventData(context);
-    const json = JSON.stringify(context);
-    const client = redisExtension.useClient();
-    const pipeline = client.pipeline();
-    for(let i = 0; i < destinations.length; i++){
-        const { namespace } = destinations[i];
-        const keyPrefix = namespace ? `${namespace}:` : '';
-        let key = keyPrefix + buildDomainEventChannelName(destinations[i].channel);
-        pipeline.publish(key, json);
-        if (context.event !== core.DomainEventName.CREATED && typeof destinations[i].channel === 'function') {
-            key = keyPrefix + buildDomainEventChannelName(destinations[i].channel, context.data.id);
-            pipeline.publish(key, json);
-        }
-    }
-    return pipeline.exec();
-}
-
-let instance$3;
-function useSocketEmitter() {
-    if (typeof instance$3 !== 'undefined') {
-        return instance$3;
-    }
-    instance$3 = new redisEmitter.Emitter(redisExtension.useClient());
-    return instance$3;
-}
-
-function publishDomainSocketEvent(context, destinations) {
-    if (!redisExtension.hasClient() && !redisExtension.hasConfig()) {
-        return;
-    }
-    context = transformDomainEventData(context);
-    for(let i = 0; i < destinations.length; i++){
-        let emitter = useSocketEmitter();
-        if (destinations[i].namespace) {
-            emitter = emitter.of(destinations[i].namespace);
-        }
-        let roomName = buildDomainEventChannelName(destinations[i].channel);
-        const fullEventName = core.buildDomainEventFullName(context.type, context.event);
-        emitter.in(roomName)// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-        // @ts-ignore
-        .emit(fullEventName, {
-            ...context,
-            meta: {
-                roomName
-            }
-        });
-        if (context.event !== core.DomainEventName.CREATED && typeof destinations[i].channel === 'function') {
-            roomName = buildDomainEventChannelName(destinations[i].channel, context.data.id);
-            emitter.in(roomName)// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-            // @ts-ignore
-            .emit(fullEventName, {
-                ...context,
-                meta: {
-                    roomName,
-                    roomId: context.data.id
-                }
-            });
-        }
-    }
-}
-
-async function publishDomainEvent(context, destinations) {
-    await publishDomainRedisEvent(context, destinations);
-    publishDomainSocketEvent(context, destinations);
-}
-
-/*
- * Copyright (c) 2022.
- * Author Peter Placzek (tada5hi)
- * For the full copyright and license information,
- * view the LICENSE file that was distributed with this source code.
- */ class VoidLogger {
-    error() {
-        return this;
-    }
-    warn() {
-        return this;
-    }
-    info() {
-        return this;
-    }
-    http() {
-        return this;
-    }
-    verbose() {
-        return this;
-    }
-    debug() {
-        return this;
-    }
-}
-
-let instance$2;
-function useLogger() {
-    if (typeof instance$2 !== 'undefined') {
-        return instance$2;
-    }
-    instance$2 = new VoidLogger();
-    return instance$2;
-}
-function setLogger(logger) {
-    instance$2 = logger;
-}
-
-/*
- * Copyright (c) 2022.
- * Author Peter Placzek (tada5hi)
- * For the full copyright and license information,
- * view the LICENSE file that was distributed with this source code.
- */ let instance$1;
-function hasSmtpConfig() {
-    return !!instance$1;
-}
-function setSmtpConfig(value) {
-    instance$1 = value;
-}
-function useSmtpConfig() {
-    if (typeof instance$1 !== 'undefined') {
-        return instance$1;
-    }
-    instance$1 = {};
-    return instance$1;
-}
-
-function createSmtpClient(options) {
-    let transport;
-    options = options || {};
-    if (typeof options === 'string') {
-        transport = nodemailer.createTransport(options);
-    } else if (options.connectionString) {
-        transport = nodemailer.createTransport(options.connectionString);
-    } else {
-        let auth;
-        if (options.user && options.password) {
-            auth = {
-                type: 'login',
-                user: options.user,
-                pass: options.password
-            };
-        }
-        transport = nodemailer.createTransport({
-            host: options.host,
-            port: options.port,
-            auth,
-            secure: options.ssl,
-            opportunisticTLS: options.starttls,
-            tls: {
-                rejectUnauthorized: false
-            }
-        });
-    }
-    transport.on('error', (e)=>{
-        useLogger().error(e.message);
-    });
-    return transport;
-}
-
-let instance;
-async function useSMTPClient() {
-    if (typeof instance !== 'undefined') {
-        return instance;
-    }
-    let options;
-    if (process.env.NODE_ENV === 'test') {
-        const testAccount = await nodemailer.createTestAccount();
-        options = {
-            host: 'smtp.ethereal.email',
-            port: 587,
-            ssl: false,
-            user: testAccount.user,
-            password: testAccount.pass
-        };
-    } else {
-        options = useSmtpConfig();
-    }
-    instance = createSmtpClient(options);
-    return instance;
-}
-
-/*
- * Copyright (c) 2022.
- * Author Peter Placzek (tada5hi)
- * For the full copyright and license information,
- * view the LICENSE file that was distributed with this source code.
- */ function hasOwnProperty(obj, prop) {
-    return Object.prototype.hasOwnProperty.call(obj, prop);
-}
-
-exports.VoidLogger = VoidLogger;
-exports.buildKeyFileName = buildKeyFileName;
-exports.compare = compare;
-exports.createKeyPair = createKeyPair;
-exports.createSmtpClient = createSmtpClient;
-exports.decodeToken = decodeToken;
-exports.decryptRSAPrivateKey = decryptRSAPrivateKey;
-exports.deleteKeyPair = deleteKeyPair;
-exports.extendKeyPairOptions = extendKeyPairOptions;
-exports.hasOwnProperty = hasOwnProperty;
-exports.hasSmtpConfig = hasSmtpConfig;
-exports.hash = hash;
-exports.isKeyPair = isKeyPair;
-exports.isKeyPairWithPublicKey = isKeyPairWithPublicKey;
-exports.loadKeyPair = loadKeyPair;
-exports.publishDomainEvent = publishDomainEvent;
-exports.publishDomainRedisEvent = publishDomainRedisEvent;
-exports.publishDomainSocketEvent = publishDomainSocketEvent;
-exports.saveKeyPair = saveKeyPair;
-exports.setLogger = setLogger;
-exports.setSmtpConfig = setSmtpConfig;
-exports.signToken = signToken;
-exports.useKeyPair = useKeyPair;
-exports.useLogger = useLogger;
-exports.useSMTPClient = useSMTPClient;
-exports.useSmtpConfig = useSmtpConfig;
-exports.useSocketEmitter = useSocketEmitter;
-exports.verifyToken = verifyToken;
-//# sourceMappingURL=index.cjs.map