npm - @autofleet/zehut - Versions diffs - 1.5.6 → 1.5.8 - Mend

@autofleet/zehut 1.5.6 → 1.5.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/lib/check-permission.d.ts +2 -2
package/lib/check-permission.js +6 -6
package/lib/errors.d.ts +1 -1
package/lib/errors.js +1 -0
package/lib/secret-getter.js +1 -1
package/lib/secret-getter.test.d.ts +1 -0
package/lib/secret-getter.test.js +90 -0
package/lib/services.js +1 -0
package/lib/user/ApiUser.js +1 -0
package/lib/user/index.js +1 -1
package/lib/utils.js +9 -10
package/package.json +13 -6

package/lib/check-permission.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
+export declare const getUser: () => any;
+export declare const isUserExist: () => boolean;
 export declare const checkFleetPermission: (fleetId: any) => boolean;
 export declare const checkBusinessModelPermission: (businessModelId: any) => boolean;
 export declare const checkDemandSourcePermission: (demandSourceId: any) => boolean;
-export declare const getUser: () => any;
-export declare const isUserExist: () => boolean;

package/lib/check-permission.js CHANGED Viewed

@@ -1,8 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isUserExist = exports.getUser = exports.checkDemandSourcePermission = exports.checkBusinessModelPermission = exports.checkFleetPermission = void 0;
+exports.checkDemandSourcePermission = exports.checkBusinessModelPermission = exports.checkFleetPermission = exports.isUserExist = exports.getUser = void 0;
 const tracer_1 = require("./tracer");
-exports.checkFleetPermission = fleetId => {
+exports.getUser = () => { var _a, _b; return (_b = (_a = tracer_1.getCurrentTrace()) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.user; };
+exports.isUserExist = () => !!exports.getUser();
+exports.checkFleetPermission = (fleetId) => {
     if (exports.isUserExist()) {
         const { context } = tracer_1.getCurrentTrace();
         const user = context === null || context === void 0 ? void 0 : context.get('userObject');
@@ -10,7 +12,7 @@ exports.checkFleetPermission = fleetId => {
     }
     return true;
 };
-exports.checkBusinessModelPermission = businessModelId => {
+exports.checkBusinessModelPermission = (businessModelId) => {
     if (exports.isUserExist()) {
         const { context } = tracer_1.getCurrentTrace();
         const user = context === null || context === void 0 ? void 0 : context.get('userObject');
@@ -18,7 +20,7 @@ exports.checkBusinessModelPermission = businessModelId => {
     }
     return true;
 };
-exports.checkDemandSourcePermission = demandSourceId => {
+exports.checkDemandSourcePermission = (demandSourceId) => {
     if (exports.isUserExist()) {
         const { context } = tracer_1.getCurrentTrace();
         const user = context === null || context === void 0 ? void 0 : context.get('userObject');
@@ -26,5 +28,3 @@ exports.checkDemandSourcePermission = demandSourceId => {
     }
     return true;
 };
-exports.getUser = () => { var _a, _b; return (_b = (_a = tracer_1.getCurrentTrace()) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.user; };
-exports.isUserExist = () => !!exports.getUser();

package/lib/errors.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import ApiUser from "./user";
+import ApiUser from './user';
 export declare class UnauthorizedAccessError extends Error {
     user: ApiUser;
     constructor(user: any, message: any);

package/lib/errors.js CHANGED Viewed

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.UnauthorizedAccessError = void 0;
+// eslint-disable-next-line import/prefer-default-export
 class UnauthorizedAccessError extends Error {
     constructor(user = null, message) {
         super(message);

package/lib/secret-getter.js CHANGED Viewed

@@ -7,8 +7,8 @@ exports.getTokenSecret = exports.getRefreshTokenSecret = void 0;
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const moment_1 = __importDefault(require("moment"));
 const { DEPRECATED_JWT_SECRET, JWT_SECRET, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET, DEPRECATION_UNIX_TIMESTAMP, } = process.env;
-const deprecationTime = moment_1.default(DEPRECATION_UNIX_TIMESTAMP || undefined);
 const getRelevantSecret = (token, deprecatedSecret, newSecret) => {
+    const deprecationTime = moment_1.default((parseInt(DEPRECATION_UNIX_TIMESTAMP, 10) * 1000) || undefined);
     try {
         let unixTime;
         if (token) {

package/lib/secret-getter.test.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/lib/secret-getter.test.js ADDED Viewed

@@ -0,0 +1,90 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const moment_1 = __importDefault(require("moment"));
+const sleep = (ms) => __awaiter(void 0, void 0, void 0, function* () { return new Promise((resolve) => setTimeout(resolve, ms)); });
+process.env.NODE_ENV = 'node-common-test';
+describe('secret getter tests', () => {
+    const testSecrets = {
+        DEPRECATED_JWT_SECRET: 'test_deprecated_secret',
+        JWT_SECRET: 'test_secret',
+        DEPRECATED_REFRESH_JWT_SECRET: 'test_deprecated_refresh_secret',
+        REFRESH_JWT_SECRET: 'test_refresh_secret',
+    };
+    beforeEach(() => {
+        jest.resetModules();
+        process.env = Object.assign(Object.assign({}, (process.env || {})), testSecrets); // Make a copy
+    });
+    it('test get new refresh token secret when after deprecation timestamp', () => __awaiter(void 0, void 0, void 0, function* () {
+        process.env.DEPRECATION_UNIX_TIMESTAMP = moment_1.default().subtract(1, 'days').unix().toString();
+        const { getTokenSecret } = yield Promise.resolve().then(() => __importStar(require('./secret-getter')));
+        const token = jsonwebtoken_1.default.sign({
+            exp: moment_1.default().unix() + (60 * 60 * 24 * 365),
+        }, testSecrets.JWT_SECRET);
+        const result = getTokenSecret(token);
+        expect(result).toBe(testSecrets.JWT_SECRET);
+    }));
+    it('test get old refresh token secret when before deprecation timestamp', () => __awaiter(void 0, void 0, void 0, function* () {
+        process.env.DEPRECATION_UNIX_TIMESTAMP = moment_1.default().add(1, 'days').unix().toString();
+        const { getTokenSecret } = yield Promise.resolve().then(() => __importStar(require('./secret-getter')));
+        const token = jsonwebtoken_1.default.sign({
+            exp: moment_1.default().unix() + (60 * 60 * 24 * 365),
+        }, testSecrets.DEPRECATED_JWT_SECRET);
+        const result = getTokenSecret(token);
+        expect(result).toBe(testSecrets.DEPRECATED_JWT_SECRET);
+    }));
+    it('test get old refresh token secret when after deprecation timestamp, but token is from before', () => __awaiter(void 0, void 0, void 0, function* () {
+        const token = jsonwebtoken_1.default.sign({
+            exp: moment_1.default().unix() + (60 * 60 * 24 * 365),
+        }, testSecrets.DEPRECATED_JWT_SECRET);
+        process.env.DEPRECATION_UNIX_TIMESTAMP = moment_1.default().add(10, 'seconds').unix().toString();
+        const { getTokenSecret } = yield Promise.resolve().then(() => __importStar(require('./secret-getter')));
+        yield sleep(1000);
+        const result = getTokenSecret(token);
+        expect(result).toBe(testSecrets.DEPRECATED_JWT_SECRET);
+    }));
+    it('test malformed token returns new secret', () => __awaiter(void 0, void 0, void 0, function* () {
+        const { getTokenSecret } = yield Promise.resolve().then(() => __importStar(require('./secret-getter')));
+        const token = 'shit';
+        const result = getTokenSecret(token);
+        expect(result).toBe(testSecrets.JWT_SECRET);
+    }));
+    it('test malformed token returns new secret even before deprecation time', () => __awaiter(void 0, void 0, void 0, function* () {
+        process.env.DEPRECATION_UNIX_TIMESTAMP = moment_1.default().add(10, 'day').unix().toString();
+        const { getTokenSecret } = yield Promise.resolve().then(() => __importStar(require('./secret-getter')));
+        const token = 'shit';
+        const result = getTokenSecret(token);
+        expect(result).toBe(testSecrets.JWT_SECRET);
+    }));
+});

package/lib/services.js CHANGED Viewed

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.IdentityNetwork = void 0;
 const network_1 = __importDefault(require("@autofleet/network"));
 const CACHE_LIFETIME_IN_SEC = 10;
+// eslint-disable-next-line import/prefer-default-export
 exports.IdentityNetwork = new network_1.default({
     serviceName: 'IDENTITY_MS',
     retries: 3,

package/lib/user/ApiUser.js CHANGED Viewed

@@ -9,6 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+/* eslint-disable consistent-return */
 const services_1 = require("../services");
 class ApiUser {
     constructor(id) {

package/lib/user/index.js CHANGED Viewed

@@ -81,9 +81,9 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
         trace.context.set('userObject', userObject);
         // Added in order to support outbreak.
         req.headers['x-af-user-permissions'] = userObject;
-        const entities = req.user.permissions;
     }
     trace.context.set('userObject', {});
+    // eslint-disable-next-line consistent-return
     return next();
 });
 exports.eagerLoadPermissionsMiddleware = (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {

package/lib/utils.js CHANGED Viewed

@@ -41,9 +41,8 @@ exports.parsePermissions = (contextId, decodedToken) => {
         return [];
     }
     const contexts = decodedToken.contexts;
-    const activeContext = contexts.find(context => context.id === contextId);
-    const permissionsByContext = {};
-    const permissionsValue = `${(_a = activeContext.permissions) === null || _a === void 0 ? void 0 : _a.map(cp => `${cp},`)}`;
+    const activeContext = contexts.find((context) => context.id === contextId);
+    const permissionsValue = `${(_a = activeContext.permissions) === null || _a === void 0 ? void 0 : _a.map((cp) => `${cp},`)}`;
     return {
         key: activeContext.entityId,
         value: permissionsValue,
@@ -55,15 +54,15 @@ exports.getEntitiesFromContext = (contextId, decodedToken) => {
     }
     let contexts = decodedToken.contexts;
     if (contextId) {
-        contexts = contexts.filter(context => context.id === contextId);
+        contexts = contexts.filter((context) => context.id === contextId);
     }
     const attributes = {};
     contexts.forEach((context) => {
         const prop = CONTEXT_MAP_PROPS[context.subSystem || 'business'];
         const permissions = exports.parsePermissions(context.id, decodedToken);
         // eslint-disable-next-line no-unused-expressions
-        attributes[prop] ?
-            attributes[prop][permissions.key] = permissions.value
+        attributes[prop]
+            ? attributes[prop][permissions.key] = permissions.value
             : attributes[prop] = { [permissions.key]: permissions.value };
     });
     return attributes;
@@ -74,7 +73,7 @@ exports.getContextAttributes = (contextId, decodedToken) => {
     }
     let contexts = decodedToken.contexts;
     if (contextId) {
-        contexts = contexts.filter(context => context.id === contextId);
+        contexts = contexts.filter((context) => context.id === contextId);
     }
     const attributes = {};
     contexts.forEach((context) => {
@@ -82,9 +81,9 @@ exports.getContextAttributes = (contextId, decodedToken) => {
             if (context[prop]) {
                 const contextPropWrapped = [context[prop]];
                 // eslint-disable-next-line no-unused-expressions
-                attributes[prop] ?
-                    attributes[prop] = attributes[prop].concat(contextPropWrapped) :
-                    attributes[prop] = contextPropWrapped;
+                attributes[prop]
+                    ? attributes[prop] = attributes[prop].concat(contextPropWrapped)
+                    : attributes[prop] = contextPropWrapped;
             }
         });
     });

package/package.json CHANGED Viewed

@@ -1,20 +1,20 @@
 {
   "name": "@autofleet/zehut",
-  "version": "1.5.6",
+  "version": "1.5.8",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
   "scripts": {
     "build": "rm -rf lib && tsc",
     "prepublish": "npm run build",
-    "coverage": "jest --coverage --forceExit --runInBand",
+    "coverage": "jest --coverage --forceExit --runInBand && rm -rf ./coverage",
     "test": "jest --forceExit --runInBand",
     "test-auto": "jest --watch --runInBand",
     "linter": "./node_modules/.bin/eslint ."
   },
   "jest": {
-    "setupTestFrameworkScriptFile": "jest-extended",
-    "testURL": "http://localhost:8085/"
+    "verbose": true,
+    "testURL": "http://localhost/"
   },
   "repository": {
     "type": "git",
@@ -27,15 +27,22 @@
   },
   "homepage": "https://github.com/Autofleet/zehut",
   "dependencies": {
-    "@autofleet/network": "^1.2.3",
+    "@autofleet/network": "^1.1.4",
     "@autofleet/outbreak": "0.0.7",
+    "@types/jest": "^22.0.0",
     "axios": "^0.19.2",
     "jsonwebtoken": "^8.5.1",
     "moment": "^2.29.1",
     "uuid": "^8.3.2"
   },
   "devDependencies": {
-    "typescript": "^3.9.5"
+    "typescript": "^3.9.5",
+    "jest": "^22.4.4",
+    "ts-jest": "^25.4.0",
+    "@typescript-eslint/eslint-plugin": "^4.8.1",
+    "eslint": "^7.13.0",
+    "eslint-config-airbnb-typescript": "^12.0.0",
+    "eslint-plugin-import": "^2.22.1"
   },
   "files": [
     "lib/**/*"