@autofleet/zehut 1.7.3-alpha → 1.7.3-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/lib/secret-getter.d.ts +0 -1
  2. package/lib/secret-getter.js +1 -34
  3. package/lib/services.d.ts +1 -1
  4. package/lib/services.js +10 -13
  5. package/lib/user/ApiUser.js +2 -2
  6. package/lib/user/index.d.ts +5 -0
  7. package/lib/user/index.js +50 -7
  8. package/lib/utils.d.ts +1 -2
  9. package/lib/utils.js +3 -18
  10. package/package.json +1 -1
package/lib/secret-getter.d.ts CHANGED
@@ -1,3 +1,2 @@
1
- export declare const getAppSecret: (appId: any) => Promise<any>;
2
1
  export declare const getRefreshTokenSecret: (token?: any) => string;
3
2
  export declare const getTokenSecret: (token?: any) => string;
package/lib/secret-getter.js CHANGED
@@ -1,40 +1,11 @@
1
1
  "use strict";
2
- var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
- if (k2 === undefined) k2 = k;
4
- Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
5
- }) : (function(o, m, k, k2) {
6
- if (k2 === undefined) k2 = k;
7
- o[k2] = m[k];
8
- }));
9
- var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
10
- Object.defineProperty(o, "default", { enumerable: true, value: v });
11
- }) : function(o, v) {
12
- o["default"] = v;
13
- });
14
- var __importStar = (this && this.__importStar) || function (mod) {
15
- if (mod && mod.__esModule) return mod;
16
- var result = {};
17
- if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
18
- __setModuleDefault(result, mod);
19
- return result;
20
- };
21
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
22
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
23
- return new (P || (P = Promise))(function (resolve, reject) {
24
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
25
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
26
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
27
- step((generator = generator.apply(thisArg, _arguments || [])).next());
28
- });
29
- };
30
2
  var __importDefault = (this && this.__importDefault) || function (mod) {
31
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
32
4
  };
33
5
  Object.defineProperty(exports, "__esModule", { value: true });
34
- exports.getTokenSecret = exports.getRefreshTokenSecret = exports.getAppSecret = void 0;
6
+ exports.getTokenSecret = exports.getRefreshTokenSecret = void 0;
35
7
  const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
36
8
  const moment_1 = __importDefault(require("moment"));
37
- const identityNetwork = __importStar(require("./services"));
38
9
  const { DEPRECATED_JWT_SECRET, JWT_NEW_SECRET, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET, DEPRECATION_UNIX_TIMESTAMP, } = process.env;
39
10
  const getRelevantSecret = (token, deprecatedSecret, newSecret) => {
40
11
  const deprecationTime = moment_1.default(parseInt(DEPRECATION_UNIX_TIMESTAMP, 10) * 1000);
@@ -53,9 +24,5 @@ const getRelevantSecret = (token, deprecatedSecret, newSecret) => {
53
24
  return newSecret;
54
25
  }
55
26
  };
56
- exports.getAppSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
57
- const app = yield identityNetwork.getAppSecret(appId);
58
- return app.appSecret;
59
- });
60
27
  exports.getRefreshTokenSecret = (token) => getRelevantSecret(token, DEPRECATED_REFRESH_JWT_SECRET, REFRESH_JWT_SECRET);
61
28
  exports.getTokenSecret = (token) => getRelevantSecret(token, DEPRECATED_JWT_SECRET, JWT_NEW_SECRET);
package/lib/services.d.ts CHANGED
@@ -1,2 +1,2 @@
1
1
  export declare const IdentityNetwork: any;
2
- export declare const getAppSecret: (appId: any) => Promise<any>;
2
+ export declare const AutofleetApiNetwork: any;
package/lib/services.js CHANGED
@@ -1,20 +1,12 @@
1
1
  "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
2
  var __importDefault = (this && this.__importDefault) || function (mod) {
12
3
  return (mod && mod.__esModule) ? mod : { "default": mod };
13
4
  };
14
5
  Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.getAppSecret = exports.IdentityNetwork = void 0;
6
+ exports.AutofleetApiNetwork = exports.IdentityNetwork = void 0;
16
7
  const network_1 = __importDefault(require("@autofleet/network"));
17
8
  const CACHE_LIFETIME_IN_SEC = 10;
9
+ const apiGwUrl = process.env.API_GATEWAY_URL || 'https://api.autofleet.io';
18
10
  // eslint-disable-next-line import/prefer-default-export
19
11
  exports.IdentityNetwork = new network_1.default({
20
12
  serviceName: 'IDENTITY_MS',
@@ -24,7 +16,12 @@ exports.IdentityNetwork = new network_1.default({
24
16
  maxAge: CACHE_LIFETIME_IN_SEC * 1000,
25
17
  } : undefined,
26
18
  });
27
- exports.getAppSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
28
- const { data } = yield exports.IdentityNetwork.get(`/api/v1/apps/${appId}`);
29
- return data;
19
+ exports.AutofleetApiNetwork = new network_1.default({
20
+ baseURL: apiGwUrl,
21
+ serviceUrl: apiGwUrl,
22
+ retries: 3,
23
+ retryCondition: () => true,
24
+ cache: process.env.NODE_ENV !== 'test' ? {
25
+ maxAge: CACHE_LIFETIME_IN_SEC * 1000,
26
+ } : undefined,
30
27
  });
package/lib/user/ApiUser.js CHANGED
@@ -96,7 +96,7 @@ class ApiUser {
96
96
  }
97
97
  getUserAppPermissions(appId) {
98
98
  return __awaiter(this, void 0, void 0, function* () {
99
- if (!this.id) {
99
+ if (!this.id || appId) {
100
100
  return;
101
101
  }
102
102
  const currentAppPermission = this.appPermission[appId];
@@ -108,7 +108,7 @@ class ApiUser {
108
108
  this.appPermission[appId] = cachedResult;
109
109
  return cachedResult;
110
110
  }
111
- const { data } = yield services_1.IdentityNetwork.post(`/api/v1/apps/${appId}/get-user-payload`, {
111
+ const { data } = yield services_1.AutofleetApiNetwork.post(`/api/v1/apps/${appId}/get-user-payload`, {
112
112
  userId: this.id,
113
113
  });
114
114
  userCache.set(this.id, data);
package/lib/user/index.d.ts CHANGED
@@ -13,6 +13,11 @@ export declare const middlewareWithDecode: (options?: {
13
13
  clientSecret?: string;
14
14
  returnErrorIfNoToken?: boolean;
15
15
  }) => (req: any, res: any, next: any) => Promise<void>;
16
+ export declare const appMiddleware: (options: {
17
+ appId: string;
18
+ clientSecret: string;
19
+ appSecret: string;
20
+ }) => (req: any, res: any, next: any) => Promise<void>;
16
21
  export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
17
22
  export declare const getDecodedBearer: (req: any) => any;
18
23
  export default ApiUser;
package/lib/user/index.js CHANGED
@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
12
12
  return (mod && mod.__esModule) ? mod : { "default": mod };
13
13
  };
14
14
  Object.defineProperty(exports, "__esModule", { value: true });
15
- exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
15
+ exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.appMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
16
16
  const jsonwebtoken_1 = require("jsonwebtoken");
17
17
  const ApiUser_1 = __importDefault(require("./ApiUser"));
18
18
  const utils_1 = require("../utils");
@@ -54,12 +54,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
54
54
  let decoded;
55
55
  if (req.headers.authorization) {
56
56
  try {
57
- if (appId) {
58
- decoded = yield utils_1.decodeAppBearer(req.headers.authorization, appId);
59
- }
60
- else {
61
- decoded = utils_1.decodeBearer(req.headers.authorization);
62
- }
57
+ decoded = utils_1.decodeBearer(req.headers.authorization);
63
58
  }
64
59
  catch (e) {
65
60
  if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -113,6 +108,54 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
113
108
  // eslint-disable-next-line consistent-return
114
109
  return next();
115
110
  });
111
+ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
112
+ var _b;
113
+ const { appId, clientSecret, appSecret, } = options;
114
+ const trace = tracer_1.newTrace('userPayload');
115
+ let decoded;
116
+ if (!req.headers.authorization) {
117
+ res.status(401);
118
+ return res.json({
119
+ errors: ['No token provided'],
120
+ });
121
+ }
122
+ try {
123
+ decoded = utils_1.decodeBearer(req.headers.authorization, appSecret);
124
+ }
125
+ catch (e) {
126
+ if (e instanceof jsonwebtoken_1.TokenExpiredError) {
127
+ res.status(401);
128
+ return res.json({
129
+ errors: ['Access token expired'],
130
+ });
131
+ }
132
+ if (e instanceof jsonwebtoken_1.JsonWebTokenError) {
133
+ res.status(400);
134
+ return res.json({
135
+ errors: [e.message],
136
+ });
137
+ }
138
+ res.status(500);
139
+ return res.json({
140
+ errors: ['Server error while parsing token'],
141
+ });
142
+ }
143
+ const userId = (_b = decoded === null || decoded === void 0 ? void 0 : decoded.user) === null || _b === void 0 ? void 0 : _b.id;
144
+ if (userId) {
145
+ req.headers['X-AF-USER-ID'] = userId;
146
+ }
147
+ const userObject = new ApiUser_1.default(userId);
148
+ if (appId && clientSecret) {
149
+ req.headers['x-autofleet-apps-secret'] = clientSecret;
150
+ // Won't work until we find a better solution for identity ms
151
+ yield userObject.getUserAppPermissions(appId);
152
+ }
153
+ req.user = userObject;
154
+ trace.context.set('userObject', userObject);
155
+ // Added in order to support outbreak.
156
+ req.headers['x-af-user-permissions'] = userObject;
157
+ return next();
158
+ });
116
159
  exports.eagerLoadPermissionsMiddleware = (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
117
160
  yield req.user.getUserPermissions();
118
161
  return next();
package/lib/utils.d.ts CHANGED
@@ -1,6 +1,5 @@
1
1
  export declare const getAuthFromBearer: (bearer: string) => string;
2
- export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
3
- export declare const decodeBearer: (bearer: string) => any;
2
+ export declare const decodeBearer: (bearer: string, appSecret?: string) => any;
4
3
  export declare const parsePermissions: (contextId: any, decodedToken: any) => any;
5
4
  export declare const getEntitiesFromContext: (contextId: string, decodedToken: any) => any;
6
5
  export declare const getContextAttributes: (contextId: string, decodedToken: any) => any;
package/lib/utils.js CHANGED
@@ -18,17 +18,8 @@ var __importStar = (this && this.__importStar) || function (mod) {
18
18
  __setModuleDefault(result, mod);
19
19
  return result;
20
20
  };
21
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
22
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
23
- return new (P || (P = Promise))(function (resolve, reject) {
24
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
25
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
26
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
27
- step((generator = generator.apply(thisArg, _arguments || [])).next());
28
- });
29
- };
30
21
  Object.defineProperty(exports, "__esModule", { value: true });
31
- exports.getContextAttributes = exports.getEntitiesFromContext = exports.parsePermissions = exports.decodeBearer = exports.decodeAppBearer = exports.getAuthFromBearer = void 0;
22
+ exports.getContextAttributes = exports.getEntitiesFromContext = exports.parsePermissions = exports.decodeBearer = exports.getAuthFromBearer = void 0;
32
23
  /* eslint-disable prefer-destructuring */
33
24
  const jwt = __importStar(require("jsonwebtoken"));
34
25
  const secret_getter_1 = require("./secret-getter");
@@ -39,15 +30,9 @@ const CONTEXT_MAP_PROPS = {
39
30
  demand: 'demandSources',
40
31
  };
41
32
  exports.getAuthFromBearer = (bearer) => bearer.replace('Bearer ', '');
42
- exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
33
+ exports.decodeBearer = (bearer, appSecret) => {
43
34
  const token = exports.getAuthFromBearer(bearer);
44
- const secret = yield secret_getter_1.getAppSecret(appId);
45
- const decoded = jwt.verify(token, secret);
46
- return decoded;
47
- });
48
- exports.decodeBearer = (bearer) => {
49
- const token = bearer.replace('Bearer ', '');
50
- const decoded = jwt.verify(token, secret_getter_1.getTokenSecret(token));
35
+ const decoded = jwt.verify(token, appSecret || secret_getter_1.getTokenSecret(token));
51
36
  return decoded;
52
37
  };
53
38
  exports.parsePermissions = (contextId, decodedToken) => {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@autofleet/zehut",
3
- "version": "1.7.3-alpha",
3
+ "version": "1.7.3-beta",
4
4
  "description": "manage user's identity",
5
5
  "main": "lib/index.js",
6
6
  "types": "lib/index.d.ts",