npm - @autofleet/zehut - Versions diffs - 1.7.5-beta.0 → 1.7.6-beta.1 - Mend

@autofleet/zehut 1.7.5-beta.0 → 1.7.6-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/lib/app-auth.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
2	+ export declare const getClientSecret: (appId: string) => Promise<any>;

package/lib/app-auth.js ADDED Viewed

@@ -0,0 +1,27 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getClientSecret = exports.decodeAppBearer = void 0;
+const network_1 = __importDefault(require("@autofleet/network"));
+const integrationMsNetwork = new network_1.default({
+    serviceName: 'INTEGRATION_MS',
+});
+exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: decoded } = yield integrationMsNetwork.post('/api/v1/auth', { bearer, appId });
+    return decoded;
+});
+exports.getClientSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: secret } = yield integrationMsNetwork.get(`/api/v1/auth/client-secret/${appId}`);
+    return secret;
+});

package/lib/index.d.ts CHANGED Viewed

@@ -27,8 +27,6 @@ declare const _default: {
     UnauthorizedAccessError: typeof UnauthorizedAccessError;
     appMiddleware: (options: {
         appId: string;
-        clientSecret: string;
-        appSecret: string;
     }) => (req: any, res: any, next: any) => Promise<void>;
 };
 export default _default;

package/lib/user/index.d.ts CHANGED Viewed

@@ -11,8 +11,6 @@ export declare const middlewareWithDecode: (options?: {
 }) => (req: any, res: any, next: any) => Promise<void>;
 export declare const appMiddleware: (options: {
     appId: string;
-    clientSecret: string;
-    appSecret: string;
 }) => (req: any, res: any, next: any) => Promise<void>;
 export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
 export declare const getDecodedBearer: (req: any) => any;

package/lib/user/index.js CHANGED Viewed

@@ -17,6 +17,7 @@ const jsonwebtoken_1 = require("jsonwebtoken");
 const ApiUser_1 = __importDefault(require("./ApiUser"));
 const utils_1 = require("../utils");
 const tracer_1 = require("../tracer");
+const app_auth_1 = require("../app-auth");
 exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
     const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
     const userId = req.headers['x-af-user-id'];
@@ -50,7 +51,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
     let decoded;
     if (req.headers.authorization) {
         try {
-            decoded = utils_1.decodeBearer(req.headers.authorization);
+            decoded = yield utils_1.decodeBearer(req.headers.authorization);
         }
         catch (e) {
             if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -101,7 +102,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
     return next();
 });
 exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const { appId, clientSecret, appSecret, } = options;
+    const { appId, } = options;
     const trace = tracer_1.newTrace('userPayload');
     let decoded;
     if (!req.headers.authorization) {
@@ -111,7 +112,10 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         });
     }
     try {
-        decoded = utils_1.decodeBearer(req.headers.authorization, appSecret);
+        decoded = yield app_auth_1.decodeAppBearer(req.headers.authorization, appId);
+        if (!decoded) {
+            throw new Error('app does not exists');
+        }
     }
     catch (e) {
         if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -136,7 +140,8 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         req.headers['X-AF-USER-ID'] = userId;
     }
     const userObject = new ApiUser_1.default(userId);
-    if (appId && clientSecret) {
+    if (appId) {
+        const clientSecret = yield app_auth_1.getClientSecret(appId);
         req.headers['x-autofleet-apps-secret'] = clientSecret;
         // Won't work until we find a better solution for identity ms
         yield userObject.getUserAppPermissions(appId, clientSecret);

package/lib/utils.js CHANGED Viewed

@@ -1,22 +1,38 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getContextAttributes = exports.getEntitiesFromContext = exports.parsePermissions = exports.decodeBearer = exports.getAuthFromBearer = void 0;
-const network_1 = __importDefault(require("@autofleet/network"));
+/* eslint-disable prefer-destructuring */
+const jwt = __importStar(require("jsonwebtoken"));
+const secret_getter_1 = require("./secret-getter");
 const CONTEXT_PROPS = ['fleetId', 'businessModelId', 'demandSourceId'];
 const CONTEXT_MAP_PROPS = {
     fleet: 'fleets',
     business: 'businessModels',
     demand: 'demandSources',
 };
-const integrationMsNetwork = new network_1.default({
-    serviceName: 'INTEGRATION_MS',
-});
 exports.getAuthFromBearer = (bearer) => bearer.replace('Bearer ', '');
 exports.decodeBearer = (bearer, appSecret) => {
-    const decoded = yield integrationMsNetwork;
+    const token = exports.getAuthFromBearer(bearer);
+    const decoded = jwt.verify(token, appSecret || secret_getter_1.getTokenSecret(token));
     return decoded;
 };
 exports.parsePermissions = (contextId, decodedToken) => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "1.7.5-beta.0",
+  "version": "1.7.6-beta.1",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",