npm - @autofleet/zehut - Versions diffs - 4.3.4-beta-4f94cfec.12 → 4.3.4-beta-4f94cfec.14 - Mend

@autofleet/zehut 4.3.4-beta-4f94cfec.12 → 4.3.4-beta-4f94cfec.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/lib/index.cjs CHANGED Viewed

@@ -1,3 +1,3 @@
-'use strict';Object.defineProperty(exports,'__esModule',{value:true});var O=require('@autofleet/outbreak'),L=require('jsonwebtoken'),je=require('node-cache'),q=require('object-hash'),M=require('moment'),Y=require('@autofleet/network');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var O__namespace=/*#__PURE__*/_interopNamespace(O);var L__default=/*#__PURE__*/_interopDefault(L);var je__default=/*#__PURE__*/_interopDefault(je);var q__default=/*#__PURE__*/_interopDefault(q);var M__default=/*#__PURE__*/_interopDefault(M);var Y__default=/*#__PURE__*/_interopDefault(Y);var Ae=Object.defineProperty;var Ce=(s,e)=>{for(var t in e)Ae(s,t,{get:e[t],enumerable:true});};var {DEPRECATED_JWT_SECRET:Te,JWT_NEW_SECRET:Ne,DEPRECATED_REFRESH_JWT_SECRET:_e,REFRESH_JWT_SECRET:we,DEPRECATION_UNIX_TIMESTAMP:De}=process.env,X=(s,e,t)=>{let r=M__default.default(parseInt(De,10)*1e3);try{let o;if(s){let{iat:n}=L__default.default.decode(s);o=M__default.default(n*1e3);}else o=M__default.default();return o.isBefore(r)?e:t}catch{return t}},ke=s=>X(s,_e,we),B=s=>X(s,Te,Ne);var j=s=>s.replace("Bearer ",""),A=(s,e)=>{let t=j(s);return L__default.default.verify(t,B(t))};var Fe="00000000-0000-0000-0000-000000000000",He="ffffffff-ffff-ffff-ffff-ffffffffffff",U="[0-9a-f]",Me="[1-8]",Be=new RegExp(`^(?:${U}{8}-${U}{4}-${Me}${U}{3}-[89ab]${U}{3}-${U}{12}|${Fe}|${He})$`,"i");function K(s){return typeof s=="string"&&Be.test(s)}var Z=10,Q=process.env.API_GATEWAY_URL||"https://api.autofleet.io",R=new Y__default.default({serviceName:"IDENTITY_MS",retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:Z*1e3}:void 0}),w=new Y__default.default({baseURL:Q,serviceUrl:Q,retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:Z*1e3}:void 0});var I="x-af-elevated-permissions",y="x-af-context-ids",P=new je__default.default({stdTTL:10}),ee=(s,e)=>{let t={...s,fleets:{...s?.fleets},businessModels:{...s?.businessModels},demandSources:{...s?.demandSources}};for(let r of e)Object.keys(r).forEach(o=>{t[o]??={},Object.entries(r[o]).forEach(([n,a])=>{t[o][n]=(t[o][n]||[]).concat(a);});});return t};typeof Symbol.dispose!="symbol"&&Object.defineProperty(Symbol,"dispose",{__proto__:null,configurable:false,enumerable:false,value:Symbol.for("nodejs.dispose"),writable:false});typeof Symbol.asyncDispose!="symbol"&&Object.defineProperty(Symbol,"asyncDispose",{__proto__:null,configurable:false,enumerable:false,value:Symbol.for("nodejs.asyncDispose"),writable:false});var l=class{constructor(e,t,r,o){this.id=e;this.accountType=t;this.contextIds=o;this.privateElevatedPermissionsHash=new Map;this.appPermission={};this.emptyUser=!!e,r&&this.privateElevatedPermissionsHash.set(Symbol("initial"),r);}async getUserPermissions(){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let e=q__default.default({id:this.id,contextIds:this.contextIds}),t=P.get(e);return t||({data:t}=await R.get(`/api/v1/users/${this.id}/authorization-payload`,{params:{contextIds:this.contextIds}}),P.set(e,t)),this.accountType=t.accountType,this.privatePermissions=t,this.privatePermissions}async useCustomPermissionLoader(e){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let t=this.id,r=P.get(t);if(r)return this.privatePermissions=r,r;let o=await e(this.id);return P.set(t,o),this.privatePermissions=o,this.privatePermissions}get businessModels(){return this.getUserProperty("businessModels")}get fleets(){return this.getUserProperty("fleets")}get demandSources(){return this.getUserProperty("demandSources")}getUserProperty(e){if(!this.privatePermissions)throw new Error(`Cannot get ${e} without calling (async) getUserPermissions before`);return Object.keys(this.privatePermissions[e]||{})}get elevatedPermissions(){return ee(void 0,this.privateElevatedPermissionsHash.values())}get permissions(){if(!this.privatePermissions)throw new Error("Cannot get permissions without calling (async) getUserPermissions before");return ee(this.privatePermissions,this.privateElevatedPermissionsHash.values())}elevatePermissions(e){let t=Symbol();Object.values(e).forEach(i=>{Object.keys(i).forEach(c=>{if(!K(c))throw new Error(`Entity id on elevatePermissions is not a valid UUID, provided: ${c}`)});});let r=O.getCurrentContext();if(!r)throw new Error("Cannot find current user cross services trace");let o=JSON.parse(r.context[I]||"{}"),n=Object.assign(o,e);this.privateElevatedPermissionsHash.set(t,n),r.context.set(I,JSON.stringify(this.elevatedPermissions));let a=()=>{this.privateElevatedPermissionsHash.delete(t),r.context.set(I,JSON.stringify(this.elevatedPermissions));};return a[Symbol.dispose]=a,a}async getUserPermissionsLegacy(){if(!this.id)return;if(this.privatePermissionsLegacy)return this.privatePermissionsLegacy;let e=q__default.default({id:this.id,contextIds:this.contextIds,legacy:true}),t=P.get(e);return t||({data:t}=await R.get(`/api/v1/users/${this.id}/authorization-payload-legacy`,{params:{contextIds:this.contextIds}}),P.set(e,t)),this.privatePermissionsLegacy=t,this.privatePermissionsLegacy}get permissionsLegacy(){if(!this.privatePermissionsLegacy)throw new Error("Cannot get permissionsLegacy without calling (async) getUserPermissionsLegacy before");return this.privatePermissionsLegacy}async getUserAppPermissions(e,t){if(!this.id||!e||!t)return;let r=this.appPermission[e];if(r)return r;let o=`${this.id}:${e}`,n=P.get(o);if(n)return this.appPermission[e]=n,n;let{data:a}=await w.post(`/api/v1/apps/${e}/get-user-payload`,{userId:this.id},{headers:{"x-autofleet-apps-secret":t}});return P.set(o,a),this.appPermission[e]=a,this.appPermission[e]}};var se=async(s,e)=>{let{data:t}=await w.post("/api/v1/auth",{bearer:s,appId:e});return t};var S=class extends Error{constructor(){super(...arguments);this.name="AppDoesNotExist";this.message="app does not exist";}};var te="identity-ms",re="accessToken",f="userObject",C="x-af-user-id",$="X-IAF-ORIGIN-SERVICE",D="x-af-user-permissions",oe=$.toLowerCase(),ne="x-autofleet-apps-secret";var k=async(s,e)=>{let t=e[$]||e[oe]||"";if(!Array.isArray(t)&&t.toLowerCase()===te)return;let{eagerLoadUserPermissions:r,eagerLoadUserPermissionsLegacy:o,customPermissionLoader:n}=s,a=e[C];if(!a||Array.isArray(a))return;let i=e[I]?.length>0?JSON.parse(e[I]):{},c=e?.[y]?.split(","),d=new l(a,"user",i,c);return r&&(n?await d.useCustomPermissionLoader(n):await d.getUserPermissions()),o&&await d.getUserPermissionsLegacy(),O.getCurrentContext().nonHeaderContext?.set(f,d),d};var ae=(s={})=>async(e,t,r)=>{try{let o=await k(s,e.headers);o&&(e.user=o,e.headers[D]=o),r();}catch{t.status(401).json({error:"cannot authenticate user"});}},ce=(s={})=>async(e,t,r)=>{let{eagerLoadUserPermissions:o,eagerLoadUserPermissionsLegacy:n,returnErrorIfNoToken:a}=s,i;if(e.headers.authorization){try{i=await A(e.headers.authorization);}catch(u){u instanceof L__default.default.TokenExpiredError?t.status(401).json({errors:["Access token expired"]}):u instanceof L__default.default.JsonWebTokenError?t.status(400).json({errors:[u.message]}):t.status(500).json({errors:["Server error while parsing token"]});return}let c=i?.user?.id;c&&(e.headers[C]=c);let d=e.headers?.[y]?.split(","),m=new l(c,i?.user?.accountType,void 0,d);(o||n)&&await Promise.all([o&&m.getUserPermissions(),n&&m.getUserPermissionsLegacy()]),e.user=m,O.getCurrentContext().nonHeaderContext?.set(f,m),e.headers[D]=m;}else if(a){t.status(401).json({errors:["No token provided"]});return}r();},de=s=>async(e,t,r)=>{let{appId:o,clientSecret:n}=s,a;if(!e.headers.authorization){t.status(401).json({errors:["No token provided"]});return}try{if(a=await se(e.headers.authorization,o),!a)throw new S}catch(m){if(m instanceof L__default.default.TokenExpiredError){t.status(401).json({errors:["Access token expired"]});return}if([L__default.default.JsonWebTokenError,S].some(u=>m instanceof u)){t.status(400).json({errors:[m.message]});return}t.status(500).json({errors:["Server error while parsing token"]});return}let i=a?.userId;i&&(e.headers[C]=i);let c=new l(i);o&&(e.headers[ne]=n,await c.getUserAppPermissions(o,n)),e.user=c;let d=O.getCurrentContext().nonHeaderContext;d?.set(f,c),d?.set(re,j(e.headers.authorization)),e.headers[D]=c,r();},me=async(s,e,t)=>{await s.user.getUserPermissions(),t();},ue=s=>s.headers.authorization?A(s.headers.authorization):null,pe=async(s,e)=>{let t=new l(e);await t.getUserPermissions(),s??=O.newTrace(O.traceTypes.RABBIT),s.nonHeaderContext.set(f,t);},le=l;var z=(s,e,t)=>{s.decorateRequest("user",void 0),s.addHook("onRequest",async(r,o)=>{try{let n=await k(e,r.headers);n&&(r.user=n);}catch{o.status(401).send({error:"cannot authenticate user"});}}),t();};z[Symbol.for("skip-override")]=true;var x=()=>O.getCurrentContext().nonHeaderContext?.get(f),J=()=>x()?.id,W=(s,e)=>!J()||Object.hasOwn(x().permissions[e],s),fe=s=>W(s,"fleets"),Ee=s=>W(s,"businessModels"),ge=s=>W(s,"demandSources");var F=class extends Error{constructor(t=null,r="UnauthorizedAccessError"){super(r);this.user=t;this.name="UnauthorizedAccessError";}};var b={NONE:"NONE",BASIC:"BASIC",JWT:"JWT"},Pe={[b.NONE]:()=>{},[b.BASIC]:s=>{let{username:e,password:t}=s;return `Basic ${Buffer.from(`${e}:${t}`).toString("base64")}`},[b.JWT]:s=>{let{secret:e}=s;if(e)return `Bearer ${L__default.default.sign({},e,{expiresIn:10})}`}},ye=s=>{let e=s?.method;if(!(!e||!Pe[e]))return Pe[e](s)};var G={};Ce(G,{default:()=>ps,middlewares:()=>xe,sdk:()=>Se});var V=class{constructor(e){this.cache=e||new je__default.default({stdTTL:10});}async getUserPermissions(e,t){try{let r=`perm-${e}`,o=t.map(i=>`${r}-${i}`),n=await this.cache.mget(o),a={};return Object.entries(n).filter(([,i])=>i).forEach(([i,c])=>{let d=i.replace(`${r}-`,"");a[d]=c;}),a}catch{return {}}}async setUserPermissions(e,t,r){try{let o=a=>`perm-${e}-${a}`,n=Object.entries(t).map(([a,i])=>({key:o(a),val:i,ttl:r??10}));return await this.cache.mset(n),{success:!0}}catch(o){return {success:false,error:o}}}async getSeenPermissions(e,t){try{let r=`seen-${e}`,o=t.map(i=>`${r}-${i}`),n=await this.cache.mget(o),a={};return Object.entries(n).filter(([,i])=>i).forEach(([i,c])=>{let d=i.replace(`${r}-`,"");a[d]=c;}),a}catch{return {}}}async setSeenPermissions(e,t,r,o){try{let n=i=>`seen-${e}-${i}`,a=t.map(i=>({key:n(i),val:r,ttl:o??10}));return await this.cache.mset(a),{success:!0}}catch{return {success:false}}}},T=new V;var h={AND:"and",OR:"or"},E={USER_NOT_FOUND:"USER_NOT_FOUND",INSUFFICIENT_PERMISSIONS:"INSUFFICIENT_PERMISSIONS",VALIDATION_ERROR:"VALIDATION_ERROR",API_ERROR:"API_ERROR",NO_REQUIRED_PERMISSIONS:"NO_REQUIRED_PERMISSIONS",UNAUTHORIZED:"UNAUTHORIZED",BAD_REQUEST:"BAD_REQUEST",INTERNAL_ERROR:"INTERNAL_ERROR"},N={USER_NOT_FOUND:"User not found",INSUFFICIENT_PERMISSIONS:"User does not have sufficient permissions",VALIDATION_ERROR:"Validation error occurred",API_ERROR:"API error occurred",NO_REQUIRED_PERMISSIONS:"No required permissions provided for evaluation",UNAUTHORIZED:"User is not authorized to perform this action",BAD_REQUEST:"Bad request, please check the input parameters",INTERNAL_ERROR:"Internal server error occurred while checking permissions"};var Re=(s,e,t)=>{let r=new Set(s),o=e.filter(n=>r.has(n));return t===h.AND?o.length===e.length:o.length>0};var Ke=(s,e)=>{let t=Object.values(s);return e?t.every(r=>r.hasRequiredPermissions):t.some(r=>r.hasRequiredPermissions)};var Qe=s=>{let e=[];return s?.length||e.push("contextIds cannot be empty"),e},he=(s,e,t,r)=>({isAuthorized:false,error:s,resolvedPermissions:{},requiredPermissions:e,contextIds:t,...r&&{message:r}}),Ye=async(s,e,t,r)=>{let o={},n=new Map;if(Object.entries(e).forEach(([i,c])=>{if(c?.permissions)if(c.hasRequiredPermissions){let d=new Set(c.permissions),m=t.filter(u=>d.has(u));o[i]=m;}else {let d=new Set(c.permissions),u=t.filter(g=>!d.has(g)).sort().join(",");n.has(u)||n.set(u,[]),n.get(u).push(i);}}),Object.keys(o).length>0){let{success:i,error:c}=await T.setUserPermissions(s,o);i||r.error("Failed to cache granted permissions",{userId:s,permissionsToCache:o,error:c});}let a=Array.from(n.entries()).map(([i,c])=>{let d=i.split(",");return T.setSeenPermissions(s,c,d)});await Promise.all(a);},Ze=(s,e,t)=>{if(!s.length)return {isResolvableFromCache:false,hasRequiredPermissions:false};let r=new Set(s),o=e.filter(n=>r.has(n));return t===h.AND?{isResolvableFromCache:o.length>0,hasRequiredPermissions:false}:{isResolvableFromCache:o.length===e.length,hasRequiredPermissions:false}},qe=(s,e,t)=>{let r=[...s],o=e.filter(n=>!t[n]);return r.push(...o),r},es=(s,e,t,r)=>{let o={};return s.forEach(n=>{let a=e[n],i=Ze(a,t,r);i.isResolvableFromCache&&(o[n]={permissions:[],hasRequiredPermissions:i.hasRequiredPermissions});}),o},ss=(s,e,t)=>{let r={};return Object.keys(s||{}).length&&Object.entries(s).forEach(([o,n])=>{let a=Re(n,e,t);r[o]={permissions:n,hasRequiredPermissions:a};}),r},ts=async(s,e,t,r)=>{let o=await R.post("/api/v1/permissions/resolve",{userId:s,contextIds:e,requiredPermissions:t},{timeout:r.timeout}),{data:n}=o;if(!Object.keys(n||{}).length)throw new Error("Failed to resolve permissions");if(r.permissionsEvaluationOperator===h.AND)return n;let a={};return Object.entries(n).forEach(([i,c])=>{let d=c?.permissions||[],m=Re(d,t,r.permissionsEvaluationOperator);a[i]={permissions:d,hasRequiredPermissions:m};}),a},rs=(s,e,t,r)=>{let o=Qe(s);return o.length?he(E.VALIDATION_ERROR,e,s,o.join(", ")):t?e?.length?null:(r?.info("No requiredPermissions provided",{userId:t,contextIds:s}),{isAuthorized:false,userId:t,resolvedPermissions:{},requiredPermissions:e,contextIds:s,error:E.NO_REQUIRED_PERMISSIONS}):(r?.warn("User not found in context, cannot check permissions",{contextIds:s,requiredPermissions:e}),he(E.USER_NOT_FOUND,e,s))},os=async(s,e,t,r)=>{let{logger:o}=r,n=await T.getUserPermissions(s,e),a=ss(n,t,r.permissionsEvaluationOperator),i={...a},c=e.filter(p=>!a[p]),d=await T.getSeenPermissions(s,c),m=c.filter(p=>!d[p]);o?.debug("Permission cache results",{userId:s,requiredPermissions:t,cachedPermissions:n,resolvedPermissionsFromCache:a,seenPermissions:d,unseenContextIds:m,uncachedContextIds:c});let u=c.filter(p=>d[p]),g=es(u,d,t,r.permissionsEvaluationOperator);i={...i,...g},o?.debug("Processed seen contexts from cache",{userId:s,requiredPermissions:t,seenContextIds:u,seenContextEntries:g,resolvedPermissions:i});let v=qe(m,u,g);if(v.length){o?.debug("Resolving permissions from Identity API",{userId:s,requiredPermissions:t,contextIdsNeedingAPI:v});let p=await ts(s,v,t,r);i={...i,...p};let _=await Ye(s,p,t,o);o?.debug("Cached permissions results",{userId:s,results:_});}return o?.debug("Final resolved permissions",{userId:s,requiredPermissions:t,resolvedPermissions:i}),i},H=async({requiredPermissions:s,contextIds:e,logger:t,userId:r,options:{requireAll:o=true,permissionsEvaluationOperator:n=h.AND,timeout:a=1e4}})=>{let i=r||x()?.id||null,c=rs(e,s,i,t);if(c)return c;let d=await os(i,e,s,{permissionsEvaluationOperator:n,timeout:a,logger:t}),m=Ke(d,o);return t?.info("Resolved permissions",{userId:i,requiredPermissions:s,resolvedPermissions:d,isAuthorized:m,requireAll:o,permissionsEvaluationOperator:n,contextIds:e}),{isAuthorized:m,userId:i,resolvedPermissions:d,requiredPermissions:s,contextIds:e,...m?{}:{error:E.INSUFFICIENT_PERMISSIONS}}};var cs=(s,e)=>{e?.debug("Extracting context IDs from request",{headers:s.headers,query:s.query,body:s.body});let t=s.headers?.[y]?.split(",")||[],r=s.headers?.["af-context"]?[s.headers["af-context"]]:[],o=s.query?.contextIds?.split(",")||[],n=s.query?.contextId?[s.query.contextId]:[],a=s.query?.context?[s.query.context]:[],i=s.body?.contextIds||[],c=s.body?.contextId?[s.body.contextId]:[];return Array.from(new Set([...t,...r,...o,...n,...a,...i,...c])).filter(Boolean)},ds=(s,e,t,r,o,n,a,i,c)=>r?(i?.error(e,{url:n.url,method:n.method,requiredPermissions:c?.requiredPermissions||[],...c}),o.status(t).json({error:s,message:e,...c?.requiredPermissions&&{requiredPermissions:c.requiredPermissions}})):(i?.warn(e,{url:n.url,method:n.method,requiredPermissions:c?.requiredPermissions||[],...c}),a()),ms=(s,e,t)=>{try{O.newTrace(O.traceTypes.HTTP_REQUEST);let r=new l(s,void 0,void 0,e);O.getCurrentContext().nonHeaderContext?.set(f,r);}catch(r){}},us=async(s,e)=>{try{let r=((await R.get(`/api/v1/users/${s}/contexts`,{timeout:e}))?.data||[]).map(o=>o.id);return ms(s,r),r}catch{return []}},Ie=(s,e={enforce:false,requireAll:true,permissionsEvaluationOperator:h.AND})=>async(t,r,o)=>{try{let{logger:n,enforce:a,requireAll:i,permissionsEvaluationOperator:c}=e,d=(Oe,ve,Ue)=>ds(Oe,ve,Ue,a,r,t,o,n,{requiredPermissions:s}),u=A(t.headers.authorization||"")?.user;if(!u?.id)return d(E.UNAUTHORIZED,N.UNAUTHORIZED,401);let g=cs(t,n),v=g?.length?[]:await us(u.id,e.timeout),p=Array.from(new Set([...g,...v]));if(!p?.length)return d(E.BAD_REQUEST,N.BAD_REQUEST,400);let _=await H({requiredPermissions:s,contextIds:p,logger:n,userId:u.id,options:{requireAll:i??!0,permissionsEvaluationOperator:c??h.AND,timeout:1e4}});return _.isAuthorized?(n?.info("User has required permissions",{userId:u.id,requiredPermissions:s,contextIds:p,url:t.url,method:t.method}),o()):a?r.status(403).json({error:E.INSUFFICIENT_PERMISSIONS,message:N.INSUFFICIENT_PERMISSIONS,required:s,contexts:p,userId:_.userId}):(n?.warn("User does not have required permissions, skipping enforcement",{userId:u.id,requiredPermissions:s,contextIds:p,url:t.url,method:t.method}),o())}catch(n){return e.logger?.error("Error in requirePermissions middleware",{error:n,requiredPermissions:s,url:t.url,method:t.method}),e.enforce?r.status(500).json({error:E.INTERNAL_ERROR,message:N.INTERNAL_ERROR}):(e.logger?.error("Error during permission check, skipping enforcement",{error:n,url:t.url,method:t.method}),o())}};var Se={evaluatePermissions:H},xe={requirePermissions:Ie},ps={sdk:Se,middlewares:xe};var ls=O__namespace.getCurrentContext,bt=({outbreakOptions:s={},logger:e}={})=>{O__namespace.default({headersPrefix:"x-af",contextMiddlewareGetter:e?.addContextMiddleware,...s});},{traceTypes:fs,newTrace:Es}=O__namespace;var Tt={traceTypes:fs,newTrace:Es,User:le,middleware:ae,middlewareWithDecode:ce,eagerLoadPermissionsMiddleware:me,getCurrentPayload:ls,getDecodedBearer:ue,checkFleetPermission:fe,checkBusinessModelPermission:Ee,checkDemandSourcePermission:ge,isUserExist:J,getUser:x,UnauthorizedAccessError:F,appMiddleware:de,createOrSetRabbitTrace:pe,outbreak:O__namespace,AUTHORIZATION_METHODS:b,getAuthorizationHeader:ye,CONTEXTS_IDS_HEADER:y,authFromUserIdHeaderPlugin:z,permissions:G};
-exports.outbreak=O__namespace;exports.AUTHORIZATION_METHODS=b;exports.CONTEXTS_IDS_HEADER=y;exports.UnauthorizedAccessError=F;exports.User=le;exports.appMiddleware=de;exports.authFromUserIdHeaderPlugin=z;exports.checkBusinessModelPermission=Ee;exports.checkDemandSourcePermission=ge;exports.checkFleetPermission=fe;exports.createOrSetRabbitTrace=pe;exports.default=Tt;exports.eagerLoadPermissionsMiddleware=me;exports.enableTracing=bt;exports.getAuthorizationHeader=ye;exports.getCurrentPayload=ls;exports.getDecodedBearer=ue;exports.getRefreshTokenSecret=ke;exports.getTokenSecret=B;exports.getUser=x;exports.isUserExist=J;exports.middleware=ae;exports.middlewareWithDecode=ce;exports.newTrace=Es;exports.permissions=G;exports.traceTypes=fs;//# sourceMappingURL=index.cjs.map
+'use strict';Object.defineProperty(exports,'__esModule',{value:true});var v=require('@autofleet/outbreak'),k=require('jsonwebtoken'),je=require('node-cache'),q=require('object-hash'),H=require('moment'),Y=require('@autofleet/network');function _interopDefault(e){return e&&e.__esModule?e:{default:e}}function _interopNamespace(e){if(e&&e.__esModule)return e;var n=Object.create(null);if(e){Object.keys(e).forEach(function(k){if(k!=='default'){var d=Object.getOwnPropertyDescriptor(e,k);Object.defineProperty(n,k,d.get?d:{enumerable:true,get:function(){return e[k]}});}})}n.default=e;return Object.freeze(n)}var v__namespace=/*#__PURE__*/_interopNamespace(v);var k__default=/*#__PURE__*/_interopDefault(k);var je__default=/*#__PURE__*/_interopDefault(je);var q__default=/*#__PURE__*/_interopDefault(q);var H__default=/*#__PURE__*/_interopDefault(H);var Y__default=/*#__PURE__*/_interopDefault(Y);var Ae=Object.defineProperty;var Ce=(s,e)=>{for(var t in e)Ae(s,t,{get:e[t],enumerable:true});};var {DEPRECATED_JWT_SECRET:Te,JWT_NEW_SECRET:Ne,DEPRECATED_REFRESH_JWT_SECRET:_e,REFRESH_JWT_SECRET:we,DEPRECATION_UNIX_TIMESTAMP:De}=process.env,X=(s,e,t)=>{let r=H__default.default(parseInt(De,10)*1e3);try{let o;if(s){let{iat:n}=k__default.default.decode(s);o=H__default.default(n*1e3);}else o=H__default.default();return o.isBefore(r)?e:t}catch{return t}},ke=s=>X(s,_e,we),M=s=>X(s,Te,Ne);var B=s=>s.replace("Bearer ",""),A=(s,e)=>{let t=B(s);return k__default.default.verify(t,M(t))};var Fe="00000000-0000-0000-0000-000000000000",He="ffffffff-ffff-ffff-ffff-ffffffffffff",U="[0-9a-f]",Me="[1-8]",Be=new RegExp(`^(?:${U}{8}-${U}{4}-${Me}${U}{3}-[89ab]${U}{3}-${U}{12}|${Fe}|${He})$`,"i");function K(s){return typeof s=="string"&&Be.test(s)}var Z=10,Q=process.env.API_GATEWAY_URL||"https://api.autofleet.io",I=new Y__default.default({serviceName:"IDENTITY_MS",retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:Z*1e3}:void 0}),_=new Y__default.default({baseURL:Q,serviceUrl:Q,retries:3,retryCondition:()=>true,cache:process.env.NODE_ENV!=="test"?{maxAge:Z*1e3}:void 0});var S="x-af-elevated-permissions",y="x-af-context-ids",P=new je__default.default({stdTTL:10}),ee=(s,e)=>{let t={...s,fleets:{...s?.fleets},businessModels:{...s?.businessModels},demandSources:{...s?.demandSources}};for(let r of e)Object.keys(r).forEach(o=>{t[o]??={},Object.entries(r[o]).forEach(([n,a])=>{t[o][n]=(t[o][n]||[]).concat(a);});});return t};typeof Symbol.dispose!="symbol"&&Object.defineProperty(Symbol,"dispose",{__proto__:null,configurable:false,enumerable:false,value:Symbol.for("nodejs.dispose"),writable:false});typeof Symbol.asyncDispose!="symbol"&&Object.defineProperty(Symbol,"asyncDispose",{__proto__:null,configurable:false,enumerable:false,value:Symbol.for("nodejs.asyncDispose"),writable:false});var l=class{constructor(e,t,r,o){this.id=e;this.accountType=t;this.contextIds=o;this.privateElevatedPermissionsHash=new Map;this.appPermission={};this.emptyUser=!!e,r&&this.privateElevatedPermissionsHash.set(Symbol("initial"),r);}async getUserPermissions(){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let e=q__default.default({id:this.id,contextIds:this.contextIds}),t=P.get(e);return t||({data:t}=await I.get(`/api/v1/users/${this.id}/authorization-payload`,{params:{contextIds:this.contextIds}}),P.set(e,t)),this.accountType=t.accountType,this.privatePermissions=t,this.privatePermissions}async useCustomPermissionLoader(e){if(!this.id)return;if(this.privatePermissions)return this.privatePermissions;let t=this.id,r=P.get(t);if(r)return this.privatePermissions=r,r;let o=await e(this.id);return P.set(t,o),this.privatePermissions=o,this.privatePermissions}get businessModels(){return this.getUserProperty("businessModels")}get fleets(){return this.getUserProperty("fleets")}get demandSources(){return this.getUserProperty("demandSources")}getUserProperty(e){if(!this.privatePermissions)throw new Error(`Cannot get ${e} without calling (async) getUserPermissions before`);return Object.keys(this.privatePermissions[e]||{})}get elevatedPermissions(){return ee(void 0,this.privateElevatedPermissionsHash.values())}get permissions(){if(!this.privatePermissions)throw new Error("Cannot get permissions without calling (async) getUserPermissions before");return ee(this.privatePermissions,this.privateElevatedPermissionsHash.values())}elevatePermissions(e){let t=Symbol();Object.values(e).forEach(i=>{Object.keys(i).forEach(c=>{if(!K(c))throw new Error(`Entity id on elevatePermissions is not a valid UUID, provided: ${c}`)});});let r=v.getCurrentContext();if(!r)throw new Error("Cannot find current user cross services trace");let o=JSON.parse(r.context[S]||"{}"),n=Object.assign(o,e);this.privateElevatedPermissionsHash.set(t,n),r.context.set(S,JSON.stringify(this.elevatedPermissions));let a=()=>{this.privateElevatedPermissionsHash.delete(t),r.context.set(S,JSON.stringify(this.elevatedPermissions));};return a[Symbol.dispose]=a,a}async getUserPermissionsLegacy(){if(!this.id)return;if(this.privatePermissionsLegacy)return this.privatePermissionsLegacy;let e=q__default.default({id:this.id,contextIds:this.contextIds,legacy:true}),t=P.get(e);return t||({data:t}=await I.get(`/api/v1/users/${this.id}/authorization-payload-legacy`,{params:{contextIds:this.contextIds}}),P.set(e,t)),this.privatePermissionsLegacy=t,this.privatePermissionsLegacy}get permissionsLegacy(){if(!this.privatePermissionsLegacy)throw new Error("Cannot get permissionsLegacy without calling (async) getUserPermissionsLegacy before");return this.privatePermissionsLegacy}async getUserAppPermissions(e,t){if(!this.id||!e||!t)return;let r=this.appPermission[e];if(r)return r;let o=`${this.id}:${e}`,n=P.get(o);if(n)return this.appPermission[e]=n,n;let{data:a}=await _.post(`/api/v1/apps/${e}/get-user-payload`,{userId:this.id},{headers:{"x-autofleet-apps-secret":t}});return P.set(o,a),this.appPermission[e]=a,this.appPermission[e]}};var se=async(s,e)=>{let{data:t}=await _.post("/api/v1/auth",{bearer:s,appId:e});return t};var x=class extends Error{constructor(){super(...arguments);this.name="AppDoesNotExist";this.message="app does not exist";}};var te="identity-ms",re="accessToken",E="userObject",C="x-af-user-id",j="X-IAF-ORIGIN-SERVICE",w="x-af-user-permissions",oe=j.toLowerCase(),ne="x-autofleet-apps-secret";var D=async(s,e)=>{let t=e[j]||e[oe]||"";if(!Array.isArray(t)&&t.toLowerCase()===te)return;let{eagerLoadUserPermissions:r,eagerLoadUserPermissionsLegacy:o,customPermissionLoader:n}=s,a=e[C];if(!a||Array.isArray(a))return;let i=e[S]?.length>0?JSON.parse(e[S]):{},c=e?.[y]?.split(","),d=new l(a,"user",i,c);return r&&(n?await d.useCustomPermissionLoader(n):await d.getUserPermissions()),o&&await d.getUserPermissionsLegacy(),v.getCurrentContext().nonHeaderContext?.set(E,d),d};var ae=(s={})=>async(e,t,r)=>{try{let o=await D(s,e.headers);o&&(e.user=o,e.headers[w]=o),r();}catch{t.status(401).json({error:"cannot authenticate user"});}},ce=(s={})=>async(e,t,r)=>{let{eagerLoadUserPermissions:o,eagerLoadUserPermissionsLegacy:n,returnErrorIfNoToken:a}=s,i;if(e.headers.authorization){try{i=await A(e.headers.authorization);}catch(u){u instanceof k__default.default.TokenExpiredError?t.status(401).json({errors:["Access token expired"]}):u instanceof k__default.default.JsonWebTokenError?t.status(400).json({errors:[u.message]}):t.status(500).json({errors:["Server error while parsing token"]});return}let c=i?.user?.id;c&&(e.headers[C]=c);let d=e.headers?.[y]?.split(","),m=new l(c,i?.user?.accountType,void 0,d);(o||n)&&await Promise.all([o&&m.getUserPermissions(),n&&m.getUserPermissionsLegacy()]),e.user=m,v.getCurrentContext().nonHeaderContext?.set(E,m),e.headers[w]=m;}else if(a){t.status(401).json({errors:["No token provided"]});return}r();},de=s=>async(e,t,r)=>{let{appId:o,clientSecret:n}=s,a;if(!e.headers.authorization){t.status(401).json({errors:["No token provided"]});return}try{if(a=await se(e.headers.authorization,o),!a)throw new x}catch(m){if(m instanceof k__default.default.TokenExpiredError){t.status(401).json({errors:["Access token expired"]});return}if([k__default.default.JsonWebTokenError,x].some(u=>m instanceof u)){t.status(400).json({errors:[m.message]});return}t.status(500).json({errors:["Server error while parsing token"]});return}let i=a?.userId;i&&(e.headers[C]=i);let c=new l(i);o&&(e.headers[ne]=n,await c.getUserAppPermissions(o,n)),e.user=c;let d=v.getCurrentContext().nonHeaderContext;d?.set(E,c),d?.set(re,B(e.headers.authorization)),e.headers[w]=c,r();},me=async(s,e,t)=>{await s.user.getUserPermissions(),t();},ue=s=>s.headers.authorization?A(s.headers.authorization):null,pe=async(s,e)=>{let t=new l(e);await t.getUserPermissions(),s??=v.newTrace(v.traceTypes.RABBIT),s.nonHeaderContext.set(E,t);},le=l;var $=(s,e,t)=>{s.decorateRequest("user",void 0),s.addHook("onRequest",async(r,o)=>{try{let n=await D(e,r.headers);n&&(r.user=n);}catch{o.status(401).send({error:"cannot authenticate user"});}}),t();};$[Symbol.for("skip-override")]=true;var O=()=>v.getCurrentContext().nonHeaderContext?.get(E),z=()=>O()?.id,J=(s,e)=>!z()||Object.hasOwn(O().permissions[e],s),fe=s=>J(s,"fleets"),Ee=s=>J(s,"businessModels"),ge=s=>J(s,"demandSources");var L=class extends Error{constructor(t=null,r="UnauthorizedAccessError"){super(r);this.user=t;this.name="UnauthorizedAccessError";}};var b={NONE:"NONE",BASIC:"BASIC",JWT:"JWT"},Pe={[b.NONE]:()=>{},[b.BASIC]:s=>{let{username:e,password:t}=s;return `Basic ${Buffer.from(`${e}:${t}`).toString("base64")}`},[b.JWT]:s=>{let{secret:e}=s;if(e)return `Bearer ${k__default.default.sign({},e,{expiresIn:10})}`}},ye=s=>{let e=s?.method;if(!(!e||!Pe[e]))return Pe[e](s)};var G={};Ce(G,{default:()=>ps,middlewares:()=>xe,sdk:()=>Se});var W=class{constructor(e){this.cache=e||new je__default.default({stdTTL:10});}async getUserPermissions(e,t){try{let r=`perm-${e}`,o=t.map(i=>`${r}-${i}`),n=await this.cache.mget(o),a={};return Object.entries(n).filter(([,i])=>i).forEach(([i,c])=>{let d=i.replace(`${r}-`,"");a[d]=c;}),a}catch{return {}}}async setUserPermissions(e,t,r){try{let o=a=>`perm-${e}-${a}`,n=Object.entries(t).map(([a,i])=>({key:o(a),val:i,ttl:r??10}));return await this.cache.mset(n),{success:!0}}catch(o){return {success:false,error:o}}}async getSeenPermissions(e,t){try{let r=`seen-${e}`,o=t.map(i=>`${r}-${i}`),n=await this.cache.mget(o),a={};return Object.entries(n).filter(([,i])=>i).forEach(([i,c])=>{let d=i.replace(`${r}-`,"");a[d]=c;}),a}catch{return {}}}async setSeenPermissions(e,t,r,o){try{let n=i=>`seen-${e}-${i}`,a=t.map(i=>({key:n(i),val:r,ttl:o??10}));return await this.cache.mset(a),{success:!0}}catch{return {success:false}}}},T=new W;var h={AND:"and",OR:"or"},g={USER_NOT_FOUND:"USER_NOT_FOUND",INSUFFICIENT_PERMISSIONS:"INSUFFICIENT_PERMISSIONS",VALIDATION_ERROR:"VALIDATION_ERROR",API_ERROR:"API_ERROR",NO_REQUIRED_PERMISSIONS:"NO_REQUIRED_PERMISSIONS",UNAUTHORIZED:"UNAUTHORIZED",BAD_REQUEST:"BAD_REQUEST",INTERNAL_ERROR:"INTERNAL_ERROR"},N={USER_NOT_FOUND:"User not found",INSUFFICIENT_PERMISSIONS:"User does not have sufficient permissions",VALIDATION_ERROR:"Validation error occurred",API_ERROR:"API error occurred",NO_REQUIRED_PERMISSIONS:"No required permissions provided for evaluation",UNAUTHORIZED:"User is not authorized to perform this action",BAD_REQUEST:"Bad request, please check the input parameters",INTERNAL_ERROR:"Internal server error occurred while checking permissions"};var Re=(s,e,t)=>{let r=new Set(s),o=e.filter(n=>r.has(n));return t===h.AND?o.length===e.length:o.length>0};var Ke=(s,e)=>{let t=Object.values(s);return e?t.every(r=>r.hasRequiredPermissions):t.some(r=>r.hasRequiredPermissions)};var Qe=s=>{let e=[];return s?.length||e.push("contextIds cannot be empty"),e},he=(s,e,t,r)=>({isAuthorized:false,error:s,resolvedPermissions:{},requiredPermissions:e,contextIds:t,...r&&{message:r}}),Ye=async(s,e,t,r)=>{let o={},n=new Map;if(r?.debug("Start caching permissions results",{userId:s,resolvedPermissions:e,requiredPermissions:t}),Object.entries(e).forEach(([i,c])=>{if(c?.permissions){let d=new Set(c.permissions),m=t.filter(u=>d.has(u));if(m.length)o[i]=m;else {let f=t.filter(R=>!d.has(R)).sort().join(",");n.has(f)||n.set(f,[]),n.get(f).push(i);}}}),Object.keys(o).length>0){r?.debug("Caching granted permissions",{userId:s,permissionsToCache:o});let{success:i,error:c}=await T.setUserPermissions(s,o);i||r.error("Failed to cache granted permissions",{userId:s,permissionsToCache:o,error:c});}let a=Array.from(n.entries()).map(([i,c])=>{let d=i.split(",");return T.setSeenPermissions(s,c,d)});r?.debug("Caching denied permissions",{userId:s,deniedPermissionsGroups:Array.from(n.entries()).map(([i,c])=>({deniedPermissions:i.split(","),contextIds:c}))}),await Promise.all(a);},Ze=(s,e,t)=>{if(!s.length)return {isResolvableFromCache:false,hasRequiredPermissions:false};let r=new Set(s),o=e.filter(n=>r.has(n));return t===h.AND?{isResolvableFromCache:o.length>0,hasRequiredPermissions:false}:{isResolvableFromCache:o.length===e.length,hasRequiredPermissions:false}},qe=(s,e,t)=>{let r=[...s],o=e.filter(n=>!t[n]);return r.push(...o),r},es=(s,e,t,r)=>{let o={};return s.forEach(n=>{let a=e[n],i=Ze(a,t,r);i.isResolvableFromCache&&(o[n]={permissions:[],hasRequiredPermissions:i.hasRequiredPermissions});}),o},ss=(s,e,t)=>{let r={};return Object.keys(s||{}).length&&Object.entries(s).forEach(([o,n])=>{let a=Re(n,e,t);r[o]={permissions:n,hasRequiredPermissions:a};}),r},ts=async(s,e,t,r)=>{let o=await I.post("/api/v1/permissions/resolve",{userId:s,contextIds:e,requiredPermissions:t},{timeout:r.timeout}),{data:n}=o;if(!Object.keys(n||{}).length)throw new Error("Failed to resolve permissions");if(r.permissionsEvaluationOperator===h.AND)return n;let a={};return Object.entries(n).forEach(([i,c])=>{let d=c?.permissions||[],m=Re(d,t,r.permissionsEvaluationOperator);a[i]={permissions:d,hasRequiredPermissions:m};}),a},rs=(s,e,t,r)=>{let o=Qe(s);return o.length?he(g.VALIDATION_ERROR,e,s,o.join(", ")):t?e?.length?null:(r?.info("No requiredPermissions provided",{userId:t,contextIds:s}),{isAuthorized:false,userId:t,resolvedPermissions:{},requiredPermissions:e,contextIds:s,error:g.NO_REQUIRED_PERMISSIONS}):(r?.warn("User not found in context, cannot check permissions",{contextIds:s,requiredPermissions:e}),he(g.USER_NOT_FOUND,e,s))},os=async(s,e,t,r)=>{let{logger:o}=r,n=await T.getUserPermissions(s,e),a=ss(n,t,r.permissionsEvaluationOperator),i={...a},c=e.filter(p=>!a[p]),d=await T.getSeenPermissions(s,c),m=c.filter(p=>!d[p]);o?.debug("Permission cache results",{userId:s,requiredPermissions:t,cachedPermissions:n,resolvedPermissionsFromCache:a,seenPermissions:d,unseenContextIds:m,uncachedContextIds:c});let u=c.filter(p=>d[p]),f=es(u,d,t,r.permissionsEvaluationOperator);i={...i,...f},o?.debug("Processed seen contexts from cache",{userId:s,requiredPermissions:t,seenContextIds:u,seenContextEntries:f,resolvedPermissions:i});let R=qe(m,u,f);if(R.length){o?.debug("Resolving permissions from Identity API",{userId:s,requiredPermissions:t,contextIdsNeedingAPI:R});let p=await ts(s,R,t,r);i={...i,...p},await Ye(s,p,t,o);}return o?.debug("Final resolved permissions",{userId:s,requiredPermissions:t,resolvedPermissions:i}),i},F=async({requiredPermissions:s,contextIds:e,logger:t,userId:r,options:{requireAll:o=true,permissionsEvaluationOperator:n=h.AND,timeout:a=1e4}})=>{let i=r||O()?.id||null,c=rs(e,s,i,t);if(c)return c;let d=await os(i,e,s,{permissionsEvaluationOperator:n,timeout:a,logger:t}),m=Ke(d,o);return t?.info("Resolved permissions",{userId:i,requiredPermissions:s,resolvedPermissions:d,isAuthorized:m,requireAll:o,permissionsEvaluationOperator:n,contextIds:e}),{isAuthorized:m,userId:i,resolvedPermissions:d,requiredPermissions:s,contextIds:e,...m?{}:{error:g.INSUFFICIENT_PERMISSIONS}}};var cs=(s,e)=>{e?.debug("Extracting context IDs from request",{headers:s.headers,query:s.query,body:s.body});let t=s.headers?.[y]?.split(",")||[],r=s.headers?.["af-context"]?[s.headers["af-context"]]:[],o=s.query?.contextIds?.split(",")||[],n=s.query?.contextId?[s.query.contextId]:[],a=s.query?.context?[s.query.context]:[],i=s.body?.contextIds||[],c=s.body?.contextId?[s.body.contextId]:[];return Array.from(new Set([...t,...r,...o,...n,...a,...i,...c])).filter(Boolean)},ds=(s,e,t,r,o,n,a,i,c)=>r?(i?.error(e,{url:n.url,method:n.method,requiredPermissions:c?.requiredPermissions||[],...c}),o.status(t).json({error:s,message:e,...c?.requiredPermissions&&{requiredPermissions:c.requiredPermissions}})):(i?.warn(e,{url:n.url,method:n.method,requiredPermissions:c?.requiredPermissions||[],...c}),a()),ms=(s,e,t)=>{try{v.newTrace(v.traceTypes.HTTP_REQUEST);let r=new l(s,void 0,void 0,e);v.getCurrentContext().nonHeaderContext?.set(E,r);}catch(r){}},us=async(s,e)=>{try{let r=((await I.get(`/api/v1/users/${s}/contexts`,{timeout:e}))?.data||[]).map(o=>o.id);return ms(s,r),r}catch{return []}},Ie=(s,e={enforce:false,requireAll:true,permissionsEvaluationOperator:h.AND})=>async(t,r,o)=>{try{let{logger:n,enforce:a,requireAll:i,permissionsEvaluationOperator:c}=e,d=(Oe,ve,Ue)=>ds(Oe,ve,Ue,a,r,t,o,n,{requiredPermissions:s}),u=A(t.headers.authorization||"")?.user;if(!u?.id)return d(g.UNAUTHORIZED,N.UNAUTHORIZED,401);let f=cs(t,n),R=f?.length?[]:await us(u.id,e.timeout),p=Array.from(new Set([...f,...R]));if(!p?.length)return d(g.BAD_REQUEST,N.BAD_REQUEST,400);let V=await F({requiredPermissions:s,contextIds:p,logger:n,userId:u.id,options:{requireAll:i??!0,permissionsEvaluationOperator:c??h.AND,timeout:1e4}});return V.isAuthorized?(n?.info("User has required permissions",{userId:u.id,requiredPermissions:s,contextIds:p,url:t.url,method:t.method}),o()):a?r.status(403).json({error:g.INSUFFICIENT_PERMISSIONS,message:N.INSUFFICIENT_PERMISSIONS,required:s,contexts:p,userId:V.userId}):(n?.warn("User does not have required permissions, skipping enforcement",{userId:u.id,requiredPermissions:s,contextIds:p,url:t.url,method:t.method}),o())}catch(n){return e.logger?.error("Error in requirePermissions middleware",{error:n,requiredPermissions:s,url:t.url,method:t.method}),e.enforce?r.status(500).json({error:g.INTERNAL_ERROR,message:N.INTERNAL_ERROR}):(e.logger?.error("Error during permission check, skipping enforcement",{error:n,url:t.url,method:t.method}),o())}};var Se={evaluatePermissions:F},xe={requirePermissions:Ie},ps={sdk:Se,middlewares:xe};var ls=v__namespace.getCurrentContext,bt=({outbreakOptions:s={},logger:e}={})=>{v__namespace.default({headersPrefix:"x-af",contextMiddlewareGetter:e?.addContextMiddleware,...s});},{traceTypes:fs,newTrace:Es}=v__namespace;var Tt={traceTypes:fs,newTrace:Es,User:le,middleware:ae,middlewareWithDecode:ce,eagerLoadPermissionsMiddleware:me,getCurrentPayload:ls,getDecodedBearer:ue,checkFleetPermission:fe,checkBusinessModelPermission:Ee,checkDemandSourcePermission:ge,isUserExist:z,getUser:O,UnauthorizedAccessError:L,appMiddleware:de,createOrSetRabbitTrace:pe,outbreak:v__namespace,AUTHORIZATION_METHODS:b,getAuthorizationHeader:ye,CONTEXTS_IDS_HEADER:y,authFromUserIdHeaderPlugin:$,permissions:G};
+exports.outbreak=v__namespace;exports.AUTHORIZATION_METHODS=b;exports.CONTEXTS_IDS_HEADER=y;exports.UnauthorizedAccessError=L;exports.User=le;exports.appMiddleware=de;exports.authFromUserIdHeaderPlugin=$;exports.checkBusinessModelPermission=Ee;exports.checkDemandSourcePermission=ge;exports.checkFleetPermission=fe;exports.createOrSetRabbitTrace=pe;exports.default=Tt;exports.eagerLoadPermissionsMiddleware=me;exports.enableTracing=bt;exports.getAuthorizationHeader=ye;exports.getCurrentPayload=ls;exports.getDecodedBearer=ue;exports.getRefreshTokenSecret=ke;exports.getTokenSecret=M;exports.getUser=O;exports.isUserExist=z;exports.middleware=ae;exports.middlewareWithDecode=ce;exports.newTrace=Es;exports.permissions=G;exports.traceTypes=fs;//# sourceMappingURL=index.cjs.map
 //# sourceMappingURL=index.cjs.map