@autofleet/zehut 1.8.0 → 1.8.1-beta1

package/README.md

@@ -70,4 +70,8 @@ and run
 ```
 npm publish
 ```
+
+# Environment Variables 
+
+when using this package locally or outside autofleet-prod project you must set INTEGRATION_MS_SERVICE_HOST in .env file 
 # zehut

package/lib/app-auth.d.ts

@@ -0,0 +1,2 @@
+export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
+export declare const getClientSecret: (appId: string) => Promise<any>;

package/lib/app-auth.js

@@ -0,0 +1,21 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getClientSecret = exports.decodeAppBearer = void 0;
+const services_1 = require("./services");
+exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: decoded } = yield services_1.AutofleetApiNetwork.post('/api/v1/auth', { bearer, appId });
+    return decoded;
+});
+exports.getClientSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: secret } = yield services_1.AutofleetApiNetwork.get(`/api/v1/auth/client-secret/${appId}`);
+    return secret;
+});

package/lib/check-permission.d.ts

@@ -1,6 +1,6 @@
 import ApiUser from './user/ApiUser';
 export declare const getUser: () => ApiUser | undefined;
-export declare const isUserExist: () => boolean;
+export declare const isUserExist: () => string;
 export declare const checkFleetPermission: (fleetId: any) => boolean;
 export declare const checkBusinessModelPermission: (businessModelId: any) => boolean;
 export declare const checkDemandSourcePermission: (demandSourceId: any) => boolean;

package/lib/check-permission.js

@@ -3,27 +3,27 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.checkDemandSourcePermission = exports.checkBusinessModelPermission = exports.checkFleetPermission = exports.isUserExist = exports.getUser = void 0;
 const tracer_1 = require("./tracer");
 exports.getUser = () => { var _a, _b; return (_b = (_a = tracer_1.getCurrentTrace()) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.get('userObject'); };
-exports.isUserExist = () => !!exports.getUser();
+exports.isUserExist = () => {
+    const u = exports.getUser();
+    return u && u.id;
+};
 exports.checkFleetPermission = (fleetId) => {
     if (exports.isUserExist()) {
-        const { context } = tracer_1.getCurrentTrace();
-        const user = context === null || context === void 0 ? void 0 : context.get('userObject');
+        const user = exports.getUser();
         return !user || Object.keys(user.permissions.fleets).includes(fleetId);
     }
     return true;
 };
 exports.checkBusinessModelPermission = (businessModelId) => {
     if (exports.isUserExist()) {
-        const { context } = tracer_1.getCurrentTrace();
-        const user = context === null || context === void 0 ? void 0 : context.get('userObject');
+        const user = exports.getUser();
         return !user || Object.keys(user.permissions.businessModels).includes(businessModelId);
     }
     return true;
 };
 exports.checkDemandSourcePermission = (demandSourceId) => {
     if (exports.isUserExist()) {
-        const { context } = tracer_1.getCurrentTrace();
-        const user = context === null || context === void 0 ? void 0 : context.get('userObject');
+        const user = exports.getUser();
         return !user || Object.keys(user.permissions.demandSources).includes(demandSourceId);
     }
     return true;

package/lib/exceptions/appDoesNotExist.d.ts

@@ -0,0 +1,3 @@
+export default class AppDoesNotExist extends Error {
+    mesaage: 'app does not exist';
+}

package/lib/exceptions/appDoesNotExist.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class AppDoesNotExist extends Error {
+}
+exports.default = AppDoesNotExist;

package/lib/index.d.ts

@@ -25,13 +25,11 @@ declare const _default: {
     checkFleetPermission: (fleetId: any) => boolean;
     checkBusinessModelPermission: (businessModelId: any) => boolean;
     checkDemandSourcePermission: (demandSourceId: any) => boolean;
-    isUserExist: () => boolean;
+    isUserExist: () => string;
     getUser: () => User;
     UnauthorizedAccessError: typeof UnauthorizedAccessError;
     appMiddleware: (options: {
         appId: string;
-        clientSecret: string;
-        appSecret: string;
     }) => (req: any, res: any, next: any) => Promise<void>;
 };
 export default _default;

package/lib/index.js

@@ -18,9 +18,12 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.appMiddleware = exports.UnauthorizedAccessError = exports.getTokenSecret = exports.getRefreshTokenSecret = exports.getUser = exports.isUserExist = exports.checkDemandSourcePermission = exports.checkBusinessModelPermission = exports.checkFleetPermission = exports.getDecodedBearer = exports.getCurrentPayload = exports.eagerLoadPermissionsMiddleware = exports.middlewareWithDecode = exports.middleware = exports.User = exports.enableTracing = void 0;
-const outbreak_1 = require("@autofleet/outbreak");
+const outbreak_1 = __importDefault(require("@autofleet/outbreak"));
 const user_1 = __importStar(require("./user"));
 exports.User = user_1.default;
 Object.defineProperty(exports, "middleware", { enumerable: true, get: function () { return user_1.middleware; } });
@@ -43,7 +46,7 @@ Object.defineProperty(exports, "getTokenSecret", { enumerable: true, get: functi
 const getCurrentPayload = tracer_1.getCurrentTrace;
 exports.getCurrentPayload = getCurrentPayload;
 const enableTracing = ({ outbreakOptions = {} } = {}) => {
-    outbreak_1.headersTracer(Object.assign({ headersPrefix: 'x-af' }, outbreakOptions));
+    outbreak_1.default(Object.assign({ headersPrefix: 'x-af' }, outbreakOptions));
     tracer_1.enable();
 };
 exports.enableTracing = enableTracing;

package/lib/user/ApiUser.js

@@ -89,7 +89,7 @@ class ApiUser {
         if (this.elevationCallsCounter > 1) {
             throw new Error('Maximum one elvation call in parallel is allowed');
         }
-        const currentUserTrace = outbreak_1.getCurrentTrace();
+        const currentUserTrace = outbreak_1.getCurrentContext();
         if (!currentUserTrace) {
             throw new Error('Cannot find current user cross services trace');
         }

package/lib/user/index.d.ts

@@ -11,8 +11,6 @@ export declare const middlewareWithDecode: (options?: {
 }) => (req: any, res: any, next: any) => Promise<void>;
 export declare const appMiddleware: (options: {
     appId: string;
-    clientSecret: string;
-    appSecret: string;
 }) => (req: any, res: any, next: any) => Promise<void>;
 export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
 export declare const getDecodedBearer: (req: any) => any;

package/lib/user/index.js

@@ -27,18 +27,22 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.appMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
 const jsonwebtoken_1 = require("jsonwebtoken");
 const ApiUser_1 = __importStar(require("./ApiUser"));
-const utils_1 = require("../utils");
 const tracer_1 = require("../tracer");
+const app_auth_1 = require("../app-auth");
+const appDoesNotExist_1 = __importDefault(require("../exceptions/appDoesNotExist"));
+const utils_1 = require("../utils");
 exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
     const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
     const userId = req.headers['x-af-user-id'];
     const trace = tracer_1.newTrace('userPayload');
     if (!userId) {
-        trace.context.set('userObject', {});
         return next();
     }
     const elevatedPermissionsFromHeader = req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER] && req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER].length > 0
@@ -69,7 +73,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
     let decoded;
     if (req.headers.authorization) {
         try {
-            decoded = utils_1.decodeBearer(req.headers.authorization);
+            decoded = yield utils_1.decodeBearer(req.headers.authorization);
         }
         catch (e) {
             if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -115,12 +119,11 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
             errors: ['No token provided'],
         });
     }
-    trace.context.set('userObject', {});
     // eslint-disable-next-line consistent-return
     return next();
 });
 exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const { appId, clientSecret, appSecret, } = options;
+    const { appId, } = options;
     const trace = tracer_1.newTrace('userPayload');
     let decoded;
     if (!req.headers.authorization) {
@@ -130,7 +133,10 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         });
     }
     try {
-        decoded = utils_1.decodeBearer(req.headers.authorization, appSecret);
+        decoded = yield app_auth_1.decodeAppBearer(req.headers.authorization, appId);
+        if (!decoded) {
+            throw new appDoesNotExist_1.default();
+        }
     }
     catch (e) {
         if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -145,6 +151,12 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
                 errors: [e.message],
             });
         }
+        if (e instanceof appDoesNotExist_1.default) {
+            res.status(400);
+            return res.json({
+                errors: [e.message],
+            });
+        }
         res.status(500);
         return res.json({
             errors: ['Server error while parsing token'],
@@ -155,7 +167,8 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         req.headers['X-AF-USER-ID'] = userId;
     }
     const userObject = new ApiUser_1.default(userId);
-    if (appId && clientSecret) {
+    if (appId) {
+        const clientSecret = yield app_auth_1.getClientSecret(appId);
         req.headers['x-autofleet-apps-secret'] = clientSecret;
         // Won't work until we find a better solution for identity ms
         yield userObject.getUserAppPermissions(appId, clientSecret);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "1.8.0",
+  "version": "1.8.1-beta1",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -27,8 +27,8 @@
   },
   "homepage": "https://github.com/Autofleet/zehut",
   "dependencies": {
-    "@autofleet/network": "^1.2.5",
-    "@autofleet/outbreak": "^0.1.0-beta-2",
+    "@autofleet/network": "^1.4.2",
+    "@autofleet/outbreak": "0.2.1",
     "@types/jest": "^22.0.0",
     "axios": "^0.27.2",
     "express": "^4.18.1",