@autofleet/zehut 1.7.1 → 1.7.3-alpha
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.ts +3 -0
- package/lib/secret-getter.d.ts +1 -0
- package/lib/secret-getter.js +34 -1
- package/lib/services.d.ts +1 -0
- package/lib/services.js +14 -1
- package/lib/user/index.d.ts +3 -0
- package/lib/user/index.js +20 -3
- package/lib/utils.d.ts +1 -0
- package/lib/utils.js +16 -1
- package/package.json +1 -1
package/lib/index.d.ts
CHANGED
|
@@ -16,6 +16,9 @@ declare const _default: {
|
|
|
16
16
|
middlewareWithDecode: (options?: {
|
|
17
17
|
eagerLoadUserPermissions?: boolean;
|
|
18
18
|
eagerLoadUserPermissionsLegacy?: boolean;
|
|
19
|
+
appId?: string;
|
|
20
|
+
clientSecret?: string;
|
|
21
|
+
returnErrorIfNoToken?: boolean;
|
|
19
22
|
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
20
23
|
eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
21
24
|
getCurrentPayload: () => any;
|
package/lib/secret-getter.d.ts
CHANGED
package/lib/secret-getter.js
CHANGED
|
@@ -1,11 +1,40 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
|
|
5
|
+
}) : (function(o, m, k, k2) {
|
|
6
|
+
if (k2 === undefined) k2 = k;
|
|
7
|
+
o[k2] = m[k];
|
|
8
|
+
}));
|
|
9
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
10
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
11
|
+
}) : function(o, v) {
|
|
12
|
+
o["default"] = v;
|
|
13
|
+
});
|
|
14
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
15
|
+
if (mod && mod.__esModule) return mod;
|
|
16
|
+
var result = {};
|
|
17
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
18
|
+
__setModuleDefault(result, mod);
|
|
19
|
+
return result;
|
|
20
|
+
};
|
|
21
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
22
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
23
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
24
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
25
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
26
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
27
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
28
|
+
});
|
|
29
|
+
};
|
|
2
30
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
31
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
32
|
};
|
|
5
33
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.getTokenSecret = exports.getRefreshTokenSecret = void 0;
|
|
34
|
+
exports.getTokenSecret = exports.getRefreshTokenSecret = exports.getAppSecret = void 0;
|
|
7
35
|
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
|
8
36
|
const moment_1 = __importDefault(require("moment"));
|
|
37
|
+
const identityNetwork = __importStar(require("./services"));
|
|
9
38
|
const { DEPRECATED_JWT_SECRET, JWT_NEW_SECRET, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET, DEPRECATION_UNIX_TIMESTAMP, } = process.env;
|
|
10
39
|
const getRelevantSecret = (token, deprecatedSecret, newSecret) => {
|
|
11
40
|
const deprecationTime = moment_1.default(parseInt(DEPRECATION_UNIX_TIMESTAMP, 10) * 1000);
|
|
@@ -24,5 +53,9 @@ const getRelevantSecret = (token, deprecatedSecret, newSecret) => {
|
|
|
24
53
|
return newSecret;
|
|
25
54
|
}
|
|
26
55
|
};
|
|
56
|
+
exports.getAppSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
|
|
57
|
+
const app = yield identityNetwork.getAppSecret(appId);
|
|
58
|
+
return app.appSecret;
|
|
59
|
+
});
|
|
27
60
|
exports.getRefreshTokenSecret = (token) => getRelevantSecret(token, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET);
|
|
28
61
|
exports.getTokenSecret = (token) => getRelevantSecret(token, DEPRECATED_JWT_SECRET, JWT_NEW_SECRET);
|
package/lib/services.d.ts
CHANGED
package/lib/services.js
CHANGED
|
@@ -1,9 +1,18 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
2
11
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
13
|
};
|
|
5
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.IdentityNetwork = void 0;
|
|
15
|
+
exports.getAppSecret = exports.IdentityNetwork = void 0;
|
|
7
16
|
const network_1 = __importDefault(require("@autofleet/network"));
|
|
8
17
|
const CACHE_LIFETIME_IN_SEC = 10;
|
|
9
18
|
// eslint-disable-next-line import/prefer-default-export
|
|
@@ -15,3 +24,7 @@ exports.IdentityNetwork = new network_1.default({
|
|
|
15
24
|
maxAge: CACHE_LIFETIME_IN_SEC * 1000,
|
|
16
25
|
} : undefined,
|
|
17
26
|
});
|
|
27
|
+
exports.getAppSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
|
|
28
|
+
const { data } = yield exports.IdentityNetwork.get(`/api/v1/apps/${appId}`);
|
|
29
|
+
return data;
|
|
30
|
+
});
|
package/lib/user/index.d.ts
CHANGED
|
@@ -9,6 +9,9 @@ export declare const middleware: (options?: {
|
|
|
9
9
|
export declare const middlewareWithDecode: (options?: {
|
|
10
10
|
eagerLoadUserPermissions?: boolean;
|
|
11
11
|
eagerLoadUserPermissionsLegacy?: boolean;
|
|
12
|
+
appId?: string;
|
|
13
|
+
clientSecret?: string;
|
|
14
|
+
returnErrorIfNoToken?: boolean;
|
|
12
15
|
}) => (req: any, res: any, next: any) => Promise<void>;
|
|
13
16
|
export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
|
|
14
17
|
export declare const getDecodedBearer: (req: any) => any;
|
package/lib/user/index.js
CHANGED
|
@@ -49,11 +49,17 @@ exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, voi
|
|
|
49
49
|
});
|
|
50
50
|
exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
|
|
51
51
|
var _a;
|
|
52
|
+
const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, appId, clientSecret, returnErrorIfNoToken, } = options;
|
|
52
53
|
const trace = tracer_1.newTrace('userPayload');
|
|
53
54
|
let decoded;
|
|
54
55
|
if (req.headers.authorization) {
|
|
55
56
|
try {
|
|
56
|
-
|
|
57
|
+
if (appId) {
|
|
58
|
+
decoded = yield utils_1.decodeAppBearer(req.headers.authorization, appId);
|
|
59
|
+
}
|
|
60
|
+
else {
|
|
61
|
+
decoded = utils_1.decodeBearer(req.headers.authorization);
|
|
62
|
+
}
|
|
57
63
|
}
|
|
58
64
|
catch (e) {
|
|
59
65
|
if (e instanceof jsonwebtoken_1.TokenExpiredError) {
|
|
@@ -81,17 +87,28 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
|
|
|
81
87
|
req.headers['X-AF-USER-ID'] = userId;
|
|
82
88
|
}
|
|
83
89
|
const userObject = new ApiUser_1.default(userId);
|
|
84
|
-
if (
|
|
90
|
+
if (eagerLoadUserPermissions) {
|
|
85
91
|
yield userObject.getUserPermissions();
|
|
86
92
|
}
|
|
87
|
-
if (
|
|
93
|
+
if (eagerLoadUserPermissionsLegacy) {
|
|
88
94
|
yield userObject.getUserPermissionsLegacy();
|
|
89
95
|
}
|
|
96
|
+
if (appId && clientSecret) {
|
|
97
|
+
req.headers['x-autofleet-apps-secret'] = clientSecret;
|
|
98
|
+
yield userObject.getUserAppPermissions(appId);
|
|
99
|
+
}
|
|
90
100
|
req.user = userObject;
|
|
91
101
|
trace.context.set('userObject', userObject);
|
|
92
102
|
// Added in order to support outbreak.
|
|
93
103
|
req.headers['x-af-user-permissions'] = userObject;
|
|
94
104
|
}
|
|
105
|
+
else if (returnErrorIfNoToken) {
|
|
106
|
+
res.status(401);
|
|
107
|
+
// eslint-disable-next-line consistent-return
|
|
108
|
+
return res.json({
|
|
109
|
+
errors: ['No token provided'],
|
|
110
|
+
});
|
|
111
|
+
}
|
|
95
112
|
trace.context.set('userObject', {});
|
|
96
113
|
// eslint-disable-next-line consistent-return
|
|
97
114
|
return next();
|
package/lib/utils.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export declare const getAuthFromBearer: (bearer: string) => string;
|
|
2
|
+
export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
|
|
2
3
|
export declare const decodeBearer: (bearer: string) => any;
|
|
3
4
|
export declare const parsePermissions: (contextId: any, decodedToken: any) => any;
|
|
4
5
|
export declare const getEntitiesFromContext: (contextId: string, decodedToken: any) => any;
|
package/lib/utils.js
CHANGED
|
@@ -18,8 +18,17 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
18
18
|
__setModuleDefault(result, mod);
|
|
19
19
|
return result;
|
|
20
20
|
};
|
|
21
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
22
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
23
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
24
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
25
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
26
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
27
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
28
|
+
});
|
|
29
|
+
};
|
|
21
30
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
22
|
-
exports.getContextAttributes = exports.getEntitiesFromContext = exports.parsePermissions = exports.decodeBearer = exports.getAuthFromBearer = void 0;
|
|
31
|
+
exports.getContextAttributes = exports.getEntitiesFromContext = exports.parsePermissions = exports.decodeBearer = exports.decodeAppBearer = exports.getAuthFromBearer = void 0;
|
|
23
32
|
/* eslint-disable prefer-destructuring */
|
|
24
33
|
const jwt = __importStar(require("jsonwebtoken"));
|
|
25
34
|
const secret_getter_1 = require("./secret-getter");
|
|
@@ -30,6 +39,12 @@ const CONTEXT_MAP_PROPS = {
|
|
|
30
39
|
demand: 'demandSources',
|
|
31
40
|
};
|
|
32
41
|
exports.getAuthFromBearer = (bearer) => bearer.replace('Bearer ', '');
|
|
42
|
+
exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
|
|
43
|
+
const token = exports.getAuthFromBearer(bearer);
|
|
44
|
+
const secret = yield secret_getter_1.getAppSecret(appId);
|
|
45
|
+
const decoded = jwt.verify(token, secret);
|
|
46
|
+
return decoded;
|
|
47
|
+
});
|
|
33
48
|
exports.decodeBearer = (bearer) => {
|
|
34
49
|
const token = bearer.replace('Bearer ', '');
|
|
35
50
|
const decoded = jwt.verify(token, secret_getter_1.getTokenSecret(token));
|