@autofleet/zehut 1.8.1-beta5 → 1.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/README.md +0 -4
  2. package/lib/index.d.ts +1 -0
  3. package/lib/user/index.d.ts +1 -0
  4. package/lib/user/index.js +5 -20
  5. package/package.json +1 -1
  6. package/lib/app-auth.d.ts +0 -2
  7. package/lib/app-auth.js +0 -21
  8. package/lib/exceptions/appDoesNotExist.d.ts +0 -3
  9. package/lib/exceptions/appDoesNotExist.js +0 -5
package/README.md CHANGED
@@ -70,8 +70,4 @@ and run
70
70
  ```
71
71
  npm publish
72
72
  ```
73
-
74
- # Environment Variables
75
-
76
- when using this package locally or outside autofleet-prod project you must set INTEGRATION_MS_SERVICE_HOST in .env file
77
73
  # zehut
package/lib/index.d.ts CHANGED
@@ -31,6 +31,7 @@ declare const _default: {
31
31
  appMiddleware: (options: {
32
32
  appId: string;
33
33
  clientSecret: string;
34
+ appSecret: string;
34
35
  }) => (req: any, res: any, next: any) => Promise<void>;
35
36
  };
36
37
  export default _default;
package/lib/user/index.d.ts CHANGED
@@ -12,6 +12,7 @@ export declare const middlewareWithDecode: (options?: {
12
12
  export declare const appMiddleware: (options: {
13
13
  appId: string;
14
14
  clientSecret: string;
15
+ appSecret: string;
15
16
  }) => (req: any, res: any, next: any) => Promise<void>;
16
17
  export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
17
18
  export declare const getDecodedBearer: (req: any) => any;
package/lib/user/index.js CHANGED
@@ -27,17 +27,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
27
27
  step((generator = generator.apply(thisArg, _arguments || [])).next());
28
28
  });
29
29
  };
30
- var __importDefault = (this && this.__importDefault) || function (mod) {
31
- return (mod && mod.__esModule) ? mod : { "default": mod };
32
- };
33
30
  Object.defineProperty(exports, "__esModule", { value: true });
34
31
  exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.appMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
35
32
  const jsonwebtoken_1 = require("jsonwebtoken");
36
33
  const ApiUser_1 = __importStar(require("./ApiUser"));
37
- const tracer_1 = require("../tracer");
38
- const app_auth_1 = require("../app-auth");
39
- const appDoesNotExist_1 = __importDefault(require("../exceptions/appDoesNotExist"));
40
34
  const utils_1 = require("../utils");
35
+ const tracer_1 = require("../tracer");
41
36
  exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
42
37
  const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
43
38
  const userId = req.headers['x-af-user-id'];
@@ -73,7 +68,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
73
68
  let decoded;
74
69
  if (req.headers.authorization) {
75
70
  try {
76
- decoded = yield utils_1.decodeBearer(req.headers.authorization);
71
+ decoded = utils_1.decodeBearer(req.headers.authorization);
77
72
  }
78
73
  catch (e) {
79
74
  if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -123,7 +118,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
123
118
  return next();
124
119
  });
125
120
  exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
126
- const { appId, clientSecret, } = options;
121
+ const { appId, clientSecret, appSecret, } = options;
127
122
  const trace = tracer_1.newTrace('userPayload');
128
123
  let decoded;
129
124
  if (!req.headers.authorization) {
@@ -133,10 +128,7 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
133
128
  });
134
129
  }
135
130
  try {
136
- decoded = yield app_auth_1.decodeAppBearer(req.headers.authorization, appId);
137
- if (!decoded) {
138
- throw new appDoesNotExist_1.default();
139
- }
131
+ decoded = utils_1.decodeBearer(req.headers.authorization, appSecret);
140
132
  }
141
133
  catch (e) {
142
134
  if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -151,12 +143,6 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
151
143
  errors: [e.message],
152
144
  });
153
145
  }
154
- if (e instanceof appDoesNotExist_1.default) {
155
- res.status(400);
156
- return res.json({
157
- errors: [e.message],
158
- });
159
- }
160
146
  res.status(500);
161
147
  return res.json({
162
148
  errors: ['Server error while parsing token'],
@@ -167,14 +153,13 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
167
153
  req.headers['X-AF-USER-ID'] = userId;
168
154
  }
169
155
  const userObject = new ApiUser_1.default(userId);
170
- if (appId) {
156
+ if (appId && clientSecret) {
171
157
  req.headers['x-autofleet-apps-secret'] = clientSecret;
172
158
  // Won't work until we find a better solution for identity ms
173
159
  yield userObject.getUserAppPermissions(appId, clientSecret);
174
160
  }
175
161
  req.user = userObject;
176
162
  trace.context.set('userObject', userObject);
177
- trace.context.set('accessToken', utils_1.getAuthFromBearer(req.headers.authorization));
178
163
  // Added in order to support outbreak.
179
164
  req.headers['x-af-user-permissions'] = userObject;
180
165
  return next();
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@autofleet/zehut",
3
- "version": "1.8.1-beta5",
3
+ "version": "1.8.1",
4
4
  "description": "manage user's identity",
5
5
  "main": "lib/index.js",
6
6
  "types": "lib/index.d.ts",
package/lib/app-auth.d.ts DELETED
@@ -1,2 +0,0 @@
1
- export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
2
- export declare const getClientSecret: (appId: string) => Promise<any>;
package/lib/app-auth.js DELETED
@@ -1,21 +0,0 @@
1
- "use strict";
2
- var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
- return new (P || (P = Promise))(function (resolve, reject) {
5
- function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
6
- function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
7
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
8
- step((generator = generator.apply(thisArg, _arguments || [])).next());
9
- });
10
- };
11
- Object.defineProperty(exports, "__esModule", { value: true });
12
- exports.getClientSecret = exports.decodeAppBearer = void 0;
13
- const services_1 = require("./services");
14
- exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
15
- const { data: decoded } = yield services_1.AutofleetApiNetwork.post('/api/v1/auth', { bearer, appId });
16
- return decoded;
17
- });
18
- exports.getClientSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
19
- const { data: secret } = yield services_1.AutofleetApiNetwork.get(`/api/v1/auth/client-secret/${appId}`);
20
- return secret;
21
- });
package/lib/exceptions/appDoesNotExist.d.ts DELETED
@@ -1,3 +0,0 @@
1
- export default class AppDoesNotExist extends Error {
2
- mesaage: 'app does not exist';
3
- }
package/lib/exceptions/appDoesNotExist.js DELETED
@@ -1,5 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- class AppDoesNotExist extends Error {
4
- }
5
- exports.default = AppDoesNotExist;