npm - @autofleet/zehut - Versions diffs - 1.8.2 → 2.0.0 - Mend

@autofleet/zehut 1.8.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +4 -0
package/lib/app-auth.d.ts +2 -0
package/lib/app-auth.js +21 -0
package/lib/exceptions/appDoesNotExist.d.ts +3 -0
package/lib/exceptions/appDoesNotExist.js +5 -0
package/lib/index.d.ts +0 -1
package/lib/user/index.d.ts +0 -1
package/lib/user/index.js +50 -27
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -70,4 +70,8 @@ and run
 ```
 npm publish
 ```
+# Environment Variables
+when using this package locally or outside autofleet-prod project you must set INTEGRATION_MS_SERVICE_HOST in .env file
 # zehut

package/lib/app-auth.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export declare const decodeAppBearer: (bearer: string, appId: string) => Promise<any>;
2	+ export declare const getClientSecret: (appId: string) => Promise<any>;

package/lib/app-auth.js ADDED Viewed

@@ -0,0 +1,21 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getClientSecret = exports.decodeAppBearer = void 0;
+const services_1 = require("./services");
+exports.decodeAppBearer = (bearer, appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: decoded } = yield services_1.AutofleetApiNetwork.post('/api/v1/auth', { bearer, appId });
+    return decoded;
+});
+exports.getClientSecret = (appId) => __awaiter(void 0, void 0, void 0, function* () {
+    const { data: secret } = yield services_1.AutofleetApiNetwork.get(`/api/v1/auth/client-secret/${appId}`);
+    return secret;
+});

package/lib/exceptions/appDoesNotExist.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export default class AppDoesNotExist extends Error {
+    mesaage: 'app does not exist';
+}

package/lib/exceptions/appDoesNotExist.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class AppDoesNotExist extends Error {
+}
+exports.default = AppDoesNotExist;

package/lib/index.d.ts CHANGED Viewed

@@ -31,7 +31,6 @@ declare const _default: {
     appMiddleware: (options: {
         appId: string;
         clientSecret: string;
-        appSecret: string;
     }) => (req: any, res: any, next: any) => Promise<void>;
 };
 export default _default;

package/lib/user/index.d.ts CHANGED Viewed

@@ -12,7 +12,6 @@ export declare const middlewareWithDecode: (options?: {
 export declare const appMiddleware: (options: {
     appId: string;
     clientSecret: string;
-    appSecret: string;
 }) => (req: any, res: any, next: any) => Promise<void>;
 export declare const eagerLoadPermissionsMiddleware: (req: any, res: any, next: any) => Promise<any>;
 export declare const getDecodedBearer: (req: any) => any;

package/lib/user/index.js CHANGED Viewed

@@ -27,39 +27,52 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getDecodedBearer = exports.eagerLoadPermissionsMiddleware = exports.appMiddleware = exports.middlewareWithDecode = exports.middleware = void 0;
 const jsonwebtoken_1 = require("jsonwebtoken");
 const ApiUser_1 = __importStar(require("./ApiUser"));
-const utils_1 = require("../utils");
 const tracer_1 = require("../tracer");
+const app_auth_1 = require("../app-auth");
+const appDoesNotExist_1 = __importDefault(require("../exceptions/appDoesNotExist"));
+const utils_1 = require("../utils");
 exports.middleware = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
-    const userId = req.headers['x-af-user-id'];
-    const trace = tracer_1.newTrace('userPayload');
-    if (!userId) {
-        return next();
-    }
-    const elevatedPermissionsFromHeader = req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER] && req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER].length > 0
-        ? JSON.parse(req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER])
-        : {};
-    const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader);
-    if (eagerLoadUserPermissions) {
-        if (customPermissionLoader) {
-            yield userObject.useCustomPermissionLoader(customPermissionLoader);
+    try {
+        const { eagerLoadUserPermissions, eagerLoadUserPermissionsLegacy, customPermissionLoader, } = options;
+        const userId = req.headers['x-af-user-id'];
+        const trace = tracer_1.newTrace('userPayload');
+        if (!userId) {
+            return next();
         }
-        else {
-            yield userObject.getUserPermissions();
+        const elevatedPermissionsFromHeader = req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER] && req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER].length > 0
+            ? JSON.parse(req.headers[ApiUser_1.ELEVATED_PERMISSIONS_HEADER])
+            : {};
+        const userObject = new ApiUser_1.default(userId, 'user', elevatedPermissionsFromHeader);
+        if (eagerLoadUserPermissions) {
+            if (customPermissionLoader) {
+                yield userObject.useCustomPermissionLoader(customPermissionLoader);
+            }
+            else {
+                yield userObject.getUserPermissions();
+            }
         }
+        if (eagerLoadUserPermissionsLegacy) {
+            yield userObject.getUserPermissionsLegacy();
+        }
+        req.user = userObject;
+        trace.context.set('userObject', userObject);
+        // Added in order to support outbreak.
+        req.headers['x-af-user-permissions'] = userObject;
+        return next();
     }
-    if (eagerLoadUserPermissionsLegacy) {
-        yield userObject.getUserPermissionsLegacy();
+    catch (e) {
+        res.status(401);
+        return res.json({
+            error: 'cannot authenticate user',
+        });
     }
-    req.user = userObject;
-    trace.context.set('userObject', userObject);
-    // Added in order to support outbreak.
-    req.headers['x-af-user-permissions'] = userObject;
-    return next();
 });
 exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
     var _a, _b;
@@ -68,7 +81,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
     let decoded;
     if (req.headers.authorization) {
         try {
-            decoded = utils_1.decodeBearer(req.headers.authorization);
+            decoded = yield utils_1.decodeBearer(req.headers.authorization);
         }
         catch (e) {
             if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -118,7 +131,7 @@ exports.middlewareWithDecode = (options = {}) => (req, res, next) => __awaiter(v
     return next();
 });
 exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const { appId, clientSecret, appSecret, } = options;
+    const { appId, clientSecret, } = options;
     const trace = tracer_1.newTrace('userPayload');
     let decoded;
     if (!req.headers.authorization) {
@@ -128,7 +141,10 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         });
     }
     try {
-        decoded = utils_1.decodeBearer(req.headers.authorization, appSecret);
+        decoded = yield app_auth_1.decodeAppBearer(req.headers.authorization, appId);
+        if (!decoded) {
+            throw new appDoesNotExist_1.default();
+        }
     }
     catch (e) {
         if (e instanceof jsonwebtoken_1.TokenExpiredError) {
@@ -143,6 +159,12 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
                 errors: [e.message],
             });
         }
+        if (e instanceof appDoesNotExist_1.default) {
+            res.status(400);
+            return res.json({
+                errors: [e.message],
+            });
+        }
         res.status(500);
         return res.json({
             errors: ['Server error while parsing token'],
@@ -153,13 +175,14 @@ exports.appMiddleware = (options) => (req, res, next) => __awaiter(void 0, void
         req.headers['X-AF-USER-ID'] = userId;
     }
     const userObject = new ApiUser_1.default(userId);
-    if (appId && clientSecret) {
+    if (appId) {
         req.headers['x-autofleet-apps-secret'] = clientSecret;
         // Won't work until we find a better solution for identity ms
         yield userObject.getUserAppPermissions(appId, clientSecret);
     }
     req.user = userObject;
     trace.context.set('userObject', userObject);
+    trace.context.set('accessToken', utils_1.getAuthFromBearer(req.headers.authorization));
     // Added in order to support outbreak.
     req.headers['x-af-user-permissions'] = userObject;
     return next();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@autofleet/zehut",
-  "version": "1.8.2",
+  "version": "2.0.0",
   "description": "manage user's identity",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",