@axinom/mosaic-id-guard 0.20.0-rc.7 → 0.20.1-rc.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/common/deprecated/index.js +5 -1
- package/dist/common/deprecated/index.js.map +1 -1
- package/dist/common/helpers/index.js +5 -1
- package/dist/common/helpers/index.js.map +1 -1
- package/dist/common/helpers/parse-jwt-token-error-handler.d.ts +1 -1
- package/dist/common/helpers/parse-jwt-token-error-handler.d.ts.map +1 -1
- package/dist/common/helpers/parse-jwt-token-error-handler.js +5 -1
- package/dist/common/helpers/parse-jwt-token-error-handler.js.map +1 -1
- package/dist/common/index.js +5 -1
- package/dist/common/index.js.map +1 -1
- package/dist/common/parse-jwt-token.d.ts +1 -1
- package/dist/common/parse-jwt-token.d.ts.map +1 -1
- package/dist/common/parse-jwt-token.js +5 -1
- package/dist/common/parse-jwt-token.js.map +1 -1
- package/dist/common/types/index.js +5 -1
- package/dist/common/types/index.js.map +1 -1
- package/dist/graphql/guard-context.d.ts +2 -2
- package/dist/graphql/guard-context.d.ts.map +1 -1
- package/dist/graphql/guard-middleware.d.ts +1 -1
- package/dist/graphql/guard-middleware.d.ts.map +1 -1
- package/dist/graphql/index.js +5 -1
- package/dist/graphql/index.js.map +1 -1
- package/dist/index.js +5 -1
- package/dist/index.js.map +1 -1
- package/dist/message-bus/index.js +5 -1
- package/dist/message-bus/index.js.map +1 -1
- package/package.json +9 -8
- package/src/common/parse-jwt-token.spec.ts +36 -0
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/deprecated/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/deprecated/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/helpers/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/helpers/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mDAAiC;AACjC,kEAAgD"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IdGuardErrors } from '../id-guard-errors';
|
|
2
|
-
|
|
2
|
+
type JwtErrors = typeof IdGuardErrors.MalformedToken.code | typeof IdGuardErrors.AccessTokenExpired.code | typeof IdGuardErrors.SigningKeyNotFound.code | typeof IdGuardErrors.JwksError.code | typeof IdGuardErrors.AccessTokenVerificationFailed.code | typeof IdGuardErrors.AuthConfigInvalid.code | typeof IdGuardErrors.AccessTokenRequired.code | typeof IdGuardErrors.IdentityServiceNotAccessible.code | typeof IdGuardErrors.UserServiceNotAccessible.code;
|
|
3
3
|
/**
|
|
4
4
|
* Handles an error thrown by the parseJwtToken function.
|
|
5
5
|
* Returns error code of type IdGuardErrors, a message and original error.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-jwt-token-error-handler.d.ts","sourceRoot":"","sources":["../../../src/common/helpers/parse-jwt-token-error-handler.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAInD,
|
|
1
|
+
{"version":3,"file":"parse-jwt-token-error-handler.d.ts","sourceRoot":"","sources":["../../../src/common/helpers/parse-jwt-token-error-handler.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAInD,KAAK,SAAS,GACV,OAAO,aAAa,CAAC,cAAc,CAAC,IAAI,GACxC,OAAO,aAAa,CAAC,kBAAkB,CAAC,IAAI,GAC5C,OAAO,aAAa,CAAC,kBAAkB,CAAC,IAAI,GAC5C,OAAO,aAAa,CAAC,SAAS,CAAC,IAAI,GACnC,OAAO,aAAa,CAAC,6BAA6B,CAAC,IAAI,GACvD,OAAO,aAAa,CAAC,iBAAiB,CAAC,IAAI,GAC3C,OAAO,aAAa,CAAC,mBAAmB,CAAC,IAAI,GAC7C,OAAO,aAAa,CAAC,4BAA4B,CAAC,IAAI,GACtD,OAAO,aAAa,CAAC,wBAAwB,CAAC,IAAI,CAAC;AA2EvD;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,QACzB,OAAO,YACF,YAAY,GAAG,UAAU,GAAG,SAAS,SACxC,MAAM,6DAoCd,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-jwt-token-error-handler.js","sourceRoot":"","sources":["../../../src/common/helpers/parse-jwt-token-error-handler.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"parse-jwt-token-error-handler.js","sourceRoot":"","sources":["../../../src/common/helpers/parse-jwt-token-error-handler.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yEAGuC;AACvC,gEAA+B;AAC/B,+CAAiC;AACjC,wDAAmD;AAenD;;;;;;;;GAQG;AACH,MAAM,oBAAoB,GAAG,CAC3B,SAAoB,EACpB,QAA+C,EAC/C,KAAa,EACL,EAAE;IACV,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,QAAQ,SAAS,EAAE;QACjB,KAAK,+BAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAC1C,MAAM,YAAY,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvC,OAAO,GAAG,kJACP,YAA+C,CAAC,QACnD,iBACG,YAA+C,CAAC,aACnD,IACE,QAAQ,KAAK,UAAU;gBACrB,CAAC,CAAC,gBACG,YAAqC,CAAC,aACzC,GAAG;gBACL,CAAC,CAAC,EACN,8BAA8B,CAAC;YAC/B,MAAM;SACP;QACD,KAAK,+BAAa,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,YAAY,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACvC,OAAO,GAAG,2FACP,YAA+C,CAAC,QACnD,iBACG,YAA+C,CAAC,aACnD,IACE,QAAQ,KAAK,UAAU;gBACrB,CAAC,CAAC,gBACG,YAAqC,CAAC,aACzC,IAAI;gBACN,CAAC,CAAC,GACN,EAAE,CAAC;YACH,MAAM;SACP;QACD,KAAK,+BAAa,CAAC,wBAAwB,CAAC,IAAI;YAC9C,OAAO,GAAG,+BAAa,CAAC,wBAAwB,CAAC,OAAO,CAAC;YACzD,MAAM;QACR,KAAK,+BAAa,CAAC,4BAA4B,CAAC,IAAI;YAClD,OAAO,GAAG,+BAAa,CAAC,4BAA4B,CAAC,OAAO,CAAC;YAC7D,MAAM;QACR,KAAK,+BAAa,CAAC,kBAAkB,CAAC,IAAI;YACxC,OAAO,GAAG,+BAAa,CAAC,kBAAkB,CAAC,OAAO,CAAC;YACnD,MAAM;QACR,KAAK,+BAAa,CAAC,6BAA6B,CAAC,IAAI;YACnD,OAAO,GAAG,+BAAa,CAAC,6BAA6B,CAAC,OAAO,CAAC;YAC9D,MAAM;QACR,KAAK,+BAAa,CAAC,mBAAmB,CAAC,IAAI;YACzC,OAAO,GAAG,+BAAa,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACpD,MAAM;QACR,KAAK,+BAAa,CAAC,iBAAiB,CAAC,IAAI;YACvC,OAAO,GAAG,+BAAa,CAAC,iBAAiB,CAAC,OAAO,CAAC;YAClD,MAAM;QACR,KAAK,+BAAa,CAAC,cAAc,CAAC,IAAI;YACpC,OAAO,GAAG,+BAAa,CAAC,cAAc,CAAC,OAAO,CAAC;YAC/C,MAAM;QACR;YACE,MAAM,IAAI,4CAAoB,CAAC,SAAS,CAAC,CAAC;KAC7C;IACD,OAAO,OAAO,CAAC;AACjB,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACI,MAAM,mBAAmB,GAAG,CACjC,GAAY,EACZ,QAA+C,EAC/C,KAAa,EAC6C,EAAE;IAC5D,IAAI,IAA2B,CAAC;IAChC,IAAI,OAA2B,CAAC;IAChC,IAAI,aAAgC,CAAC;IAErC,IAAI,GAAG,YAAY,sBAAG,CAAC,iBAAiB,EAAE;QACxC,IAAI,GAAG,+BAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC;QAC7C,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;SAAM,IAAI,GAAG,YAAY,IAAI,CAAC,uBAAuB,EAAE;QACtD,IAAI,GAAG,+BAAa,CAAC,kBAAkB,CAAC,IAAI,CAAC;QAC7C,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;SAAM,IAAI,GAAG,YAAY,IAAI,CAAC,SAAS,EAAE;QACxC,IAAI,GAAG,+BAAa,CAAC,SAAS,CAAC,IAAI,CAAC;QACpC,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;SAAM,IAAK,GAAyB,CAAC,IAAI,KAAK,cAAc,EAAE;QAC7D,IAAI;YACF,QAAQ,KAAK,UAAU;gBACrB,CAAC,CAAC,+BAAa,CAAC,wBAAwB,CAAC,IAAI;gBAC7C,CAAC,CAAC,+BAAa,CAAC,4BAA4B,CAAC,IAAI,CAAC;QACtD,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;SAAM,IAAI,GAAG,YAAY,WAAW,EAAE;QACrC,IAAI,GAAG,+BAAa,CAAC,cAAc,CAAC,IAAI,CAAC;QACzC,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;SAAM;QACL,IAAI,GAAG,+BAAa,CAAC,6BAA6B,CAAC,IAAI,CAAC;QACxD,OAAO,GAAG,oBAAoB,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;KACvD;IAED,wJAAwJ;IACxJ,IAAI,GAAG,YAAY,KAAK,EAAE;QACxB,aAAa,GAAG,GAAG,CAAC;KACrB;SAAM;QACL,aAAa,GAAG,IAAI,sCAAc,CAAC,GAAG,CAAC,CAAC;KACzC;IACD,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;AACxC,CAAC,CAAC;AAvCW,QAAA,mBAAmB,uBAuC9B"}
|
package/dist/common/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
package/dist/common/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/common/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/common/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAA6B;AAC7B,8DAA4C;AAC5C,kEAAgD;AAChD,yEAAuD;AACvD,mDAAiC;AACjC,oDAAkC;AAClC,uDAAqC;AACrC,oDAAkC;AAClC,iDAA+B;AAC/B,oDAAkC;AAClC,0CAAwB"}
|
|
@@ -5,7 +5,7 @@ import { AuthenticatedEndUser, AuthenticatedManagementSubject, AuthenticationCon
|
|
|
5
5
|
* @param authConfig an object with ID/User service connection information or a path to a public key file.
|
|
6
6
|
* @param authType The type of Token that's being passed. Should be either `MANAGEMENT` or `END_USER`.
|
|
7
7
|
*/
|
|
8
|
-
export declare const parseJwtToken: (token: string | undefined, authConfig: string | AuthenticationConfig, authType?:
|
|
8
|
+
export declare const parseJwtToken: (token: string | undefined, authConfig: string | AuthenticationConfig, authType?: 'MANAGEMENT' | 'END_USER') => Promise<ManagementAuthenticationContext | EndUserAuthenticationContext>;
|
|
9
9
|
/**
|
|
10
10
|
*
|
|
11
11
|
* @param token The raw JWT which should be decoded
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-jwt-token.d.ts","sourceRoot":"","sources":["../../src/common/parse-jwt-token.ts"],"names":[],"mappings":"AAcA,OAAO,EACL,oBAAoB,EAEpB,8BAA8B,EAC9B,oBAAoB,EACpB,4BAA4B,EAC5B,+BAA+B,EAChC,MAAM,SAAS,CAAC;AAEjB;;;;;GAKG;AACH,eAAO,MAAM,aAAa,UACjB,MAAM,GAAG,SAAS,cACb,MAAM,GAAG,oBAAoB,
|
|
1
|
+
{"version":3,"file":"parse-jwt-token.d.ts","sourceRoot":"","sources":["../../src/common/parse-jwt-token.ts"],"names":[],"mappings":"AAcA,OAAO,EACL,oBAAoB,EAEpB,8BAA8B,EAC9B,oBAAoB,EACpB,4BAA4B,EAC5B,+BAA+B,EAChC,MAAM,SAAS,CAAC;AAEjB;;;;;GAKG;AACH,eAAO,MAAM,aAAa,UACjB,MAAM,GAAG,SAAS,cACb,MAAM,GAAG,oBAAoB,aAC9B,YAAY,GAAG,UAAU,KACnC,QAAQ,+BAA+B,GAAG,4BAA4B,CAiFxE,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,2BAA2B,UAC/B,MAAM,KACZ,8BAEF,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,wBAAwB,UAC5B,MAAM,KACZ,oBAEF,CAAC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parse-jwt-token.js","sourceRoot":"","sources":["../../src/common/parse-jwt-token.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"parse-jwt-token.js","sourceRoot":"","sources":["../../src/common/parse-jwt-token.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,yEAGuC;AACvC,uCAAyB;AACzB,gEAA+B;AAC/B,2EAGqC;AACrC,uCAAgD;AAChD,uDAAkD;AAClD,6DAA2D;AAC3D,iDAA6C;AAU7C;;;;;GAKG;AACI,MAAM,aAAa,GAAG,KAAK,EAChC,KAAyB,EACzB,UAAyC,EACzC,QAAoC,EACqC,EAAE;IAC3E,IAAI,IAAwB,CAAC;IAC7B,IAAI,OAA2B,CAAC;IAChC,IAAI,aAAgC,CAAC;IACrC,IAAI,OAIS,CAAC;IACd,IAAI,aAA0C,CAAC;IAE/C,IAAI,CAAC,IAAA,0CAAkB,EAAC,KAAK,CAAC,EAAE;QAC9B,IAAI;YACF,yIAAyI;YACzI,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE;gBAClC,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC1B,IAAI,GAAG,+BAAa,CAAC,iBAAiB,CAAC,IAAI,CAAC;oBAC5C,OAAO;wBACL,wEAAwE,CAAC;oBAC3E,aAAa,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;iBACpC;qBAAM;oBACL,MAAM,aAAa,GAAG,UAAoB,CAAC;oBAC3C,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;oBACzD,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,IAAA,wCAAmB,GAAE,CAAC,CAAC;oBACpE,OAAO,GAAG,OAAyC,CAAC;iBACrD;aACF;iBAAM;gBACL,IAAI,QAAQ,KAAK,SAAS,EAAE;oBAC1B,IAAI,GAAG,+BAAa,CAAC,iBAAiB,CAAC,IAAI,CAAC;oBAC5C,OAAO,GAAG,oDAAoD,CAAC;oBAC/D,aAAa,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;iBACpC;qBAAM,IAAI,QAAQ,KAAK,YAAY,EAAE;oBACpC,OAAO,GAAG,MAAM,IAAA,6DAAiC,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;iBACtE;qBAAM,IAAI,QAAQ,KAAK,UAAU,EAAE;oBAClC,OAAO,GAAG,MAAM,IAAA,mDAAuB,EAAC,KAAK,EAAE,UAAU,CAAC,CAAC;iBAC5D;aACF;SACF;QAAC,OAAO,GAAG,EAAE;YACZ,CAAC,IAAI,EAAE,OAAO,EAAE,aAAa,CAAC,GAAG,IAAA,6BAAmB,EAClD,GAAG,EACH,QAAQ,EACR,KAAK,CACN,CAAC;SACH;KACF;SAAM;QACL,IAAI,GAAG,+BAAa,CAAC,mBAAmB,CAAC,IAAI,CAAC;QAC9C,OAAO,GAAG,+BAAa,CAAC,mBAAmB,CAAC,OAAO,CAAC;QACpD,aAAa,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;KACpC;IAED,IACE,IAAI,KAAK,SAAS;QAClB,OAAO,KAAK,SAAS;QACrB,aAAa,KAAK,SAAS,EAC3B;QACA,aAAa,GAAG;YACd,IAAI;YACJ,OAAO;YACP,KAAK,EAAE,aAAa;SACrB,CAAC;KACH;IAED,gDAAgD;IAChD,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,QAAQ,KAAK,YAAY,EAAE;QAC/D,OAAO;YACL,OAAO,EAAE,OAAyC;YAClD,aAAa;SACd,CAAC;KACH;SAAM;QACL,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,MAAK,0BAAW,CAAC,cAAc,EAAE;YACvD,OAAO;gBACL,OAAO,EAAE,OAA+B;gBACxC,aAAa;aACd,CAAC;SACH;aAAM;YACL,OAAO;gBACL,OAAO,EAAE,OAA0C;gBACnD,aAAa;aACd,CAAC;SACH;KACF;AACH,CAAC,CAAC;AArFW,QAAA,aAAa,iBAqFxB;AAEF;;;;GAIG;AACI,MAAM,2BAA2B,GAAG,CACzC,KAAa,EACmB,EAAE;IAClC,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAmC,CAAC;AAC7D,CAAC,CAAC;AAJW,QAAA,2BAA2B,+BAItC;AAEF;;;;GAIG;AACI,MAAM,wBAAwB,GAAG,CACtC,KAAa,EACS,EAAE;IACxB,OAAO,sBAAG,CAAC,MAAM,CAAC,KAAK,CAAyB,CAAC;AACnD,CAAC,CAAC;AAJW,QAAA,wBAAwB,4BAInC"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/types/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/types/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAMA,0DAAwC"}
|
|
@@ -9,7 +9,7 @@ import { AuthenticationConfig, EndUserAuthenticationContext, ManagementAuthentic
|
|
|
9
9
|
* @param {string | AuthenticationConfig} authParams The authentication endpoint for ID Service when used by a managed-service or an instance of `AuthenticationConfig` when used by a customizable-service.
|
|
10
10
|
* @returns {Promise<ManagementAuthenticationContext>} ManagementAuthenticationContext
|
|
11
11
|
*/
|
|
12
|
-
export declare const getManagementAuthenticationContext: (req: Request, authParams?: string | AuthenticationConfig
|
|
12
|
+
export declare const getManagementAuthenticationContext: (req: Request, authParams?: string | AuthenticationConfig) => Promise<ManagementAuthenticationContext>;
|
|
13
13
|
/**
|
|
14
14
|
* Retrieves an `EndUserAuthenticationContext` object from request, containing End-User and error information.
|
|
15
15
|
* In case a non-http request needs to be authenticated - publicKeyInfo must be provided to extract a jwt token from said request.
|
|
@@ -19,5 +19,5 @@ export declare const getManagementAuthenticationContext: (req: Request, authPara
|
|
|
19
19
|
* @param {string | AuthenticationConfig} authParams The authentication endpoint for User Service or an instance of `AuthenticationConfig`.
|
|
20
20
|
* @returns {Promise<ManagementAuthenticationContext>} ManagementAuthenticationContext
|
|
21
21
|
*/
|
|
22
|
-
export declare const getEndUserAuthenticationContext: (req: Request, authParams?: string | AuthenticationConfig
|
|
22
|
+
export declare const getEndUserAuthenticationContext: (req: Request, authParams?: string | AuthenticationConfig) => Promise<EndUserAuthenticationContext>;
|
|
23
23
|
//# sourceMappingURL=guard-context.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guard-context.d.ts","sourceRoot":"","sources":["../../src/graphql/guard-context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAKL,oBAAoB,EACpB,4BAA4B,EAC5B,+BAA+B,EAEhC,MAAM,WAAW,CAAC;AAEnB;;;;;;;;GAQG;AACH,eAAO,MAAM,kCAAkC,QACxC,OAAO,
|
|
1
|
+
{"version":3,"file":"guard-context.d.ts","sourceRoot":"","sources":["../../src/graphql/guard-context.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAKL,oBAAoB,EACpB,4BAA4B,EAC5B,+BAA+B,EAEhC,MAAM,WAAW,CAAC;AAEnB;;;;;;;;GAQG;AACH,eAAO,MAAM,kCAAkC,QACxC,OAAO,eACC,MAAM,GAAG,oBAAoB,KACzC,QAAQ,+BAA+B,CA0BzC,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,+BAA+B,QACrC,OAAO,eACC,MAAM,GAAG,oBAAoB,KACzC,QAAQ,4BAA4B,CAwBtC,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { Express, NextFunction, Request, Response } from 'express';
|
|
2
2
|
import { Middleware } from 'postgraphile';
|
|
3
3
|
import { AuthenticationConfig } from '../common';
|
|
4
|
-
export declare const jwtParserMiddleware: (authConfig: AuthenticationConfig, authType?:
|
|
4
|
+
export declare const jwtParserMiddleware: (authConfig: AuthenticationConfig, authType?: 'MANAGEMENT' | 'END_USER') => (req: Request, _res: Response, next: NextFunction) => Promise<void>;
|
|
5
5
|
/**
|
|
6
6
|
* This is an Express Middleware which throws an error if there're any Authorization errors in ManagementAuthenticationContext.
|
|
7
7
|
* @param req Express Request object
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guard-middleware.d.ts","sourceRoot":"","sources":["../../src/graphql/guard-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAQ,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAGL,oBAAoB,EAKrB,MAAM,WAAW,CAAC;AAEnB,eAAO,MAAM,mBAAmB,eAClB,oBAAoB,
|
|
1
|
+
{"version":3,"file":"guard-middleware.d.ts","sourceRoot":"","sources":["../../src/graphql/guard-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAQ,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEzE,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAGL,oBAAoB,EAKrB,MAAM,WAAW,CAAC;AAEnB,eAAO,MAAM,mBAAmB,eAClB,oBAAoB,aACrB,YAAY,GAAG,UAAU,WAGjB,OAAO,QAAQ,QAAQ,QAAQ,YAAY,kBAkB/D,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,wBAAwB,QAC9B,OAAO,QACN,QAAQ,uBAEO,GAAG,KAAK,IAAI,KAChC,IAMF,CAAC;AAEF;;;;;GAKG;AACH,eAAO,MAAM,qBAAqB,QAC3B,OAAO,QACN,QAAQ,uBAEO,GAAG,KAAK,IAAI,KAChC,IAMF,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAC3C,GAAG,EAAE,OAAO,EACZ,WAAW,EAAE,MAAM,EAAE,EACrB,UAAU,EAAE,MAAM,GAAG,oBAAoB,GACxC,IAAI,CAqBN;AAED;;;;;;;;GAQG;AACH,wBAAgB,0BAA0B,CACxC,GAAG,EAAE,OAAO,EACZ,WAAW,EAAE,MAAM,EAAE,EACrB,UAAU,EAAE,MAAM,GAAG,oBAAoB,GACxC,IAAI,CAqBN;AAED;;;;;;;GAOG;AACH,eAAO,MAAM,4CAA4C,eAC3C,MAAM,GAAG,oBAAoB,KACxC,WAAW,OAAO,EAAE,QAAQ,CAAC,EAmB/B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,yCAAyC,eACxC,MAAM,GAAG,oBAAoB,KACxC,WAAW,OAAO,EAAE,QAAQ,CAAC,EAmB/B,CAAC"}
|
package/dist/graphql/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/graphql/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/graphql/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,oDAAkC;AAClC,sEAAoD;AACpD,kDAAgC;AAChC,uDAO4B;AAN1B,8HAAA,0BAA0B,OAAA;AAC1B,6IAAA,yCAAyC,OAAA;AACzC,iIAAA,6BAA6B,OAAA;AAC7B,gJAAA,4CAA4C,OAAA;AAC5C,yHAAA,qBAAqB,OAAA;AACrB,4HAAA,wBAAwB,OAAA;AAE1B,gEAA8C;AAC9C,8DAA4C"}
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,2DAIiC;AAH/B,6HAAA,0BAA0B,OAAA;AAE1B,4HAAA,yBAAyB,OAAA;AAE3B,2CAAyB;AACzB,4CAA0B;AAC1B,8EAA4D;AAC5D,gDAA8B"}
|
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/message-bus/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/message-bus/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0DAAwC;AACxC,mEAAiD;AACjD,gEAA8C"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axinom/mosaic-id-guard",
|
|
3
|
-
"version": "0.20.
|
|
3
|
+
"version": "0.20.1-rc.7",
|
|
4
4
|
"description": "Authentication and authorization helpers for Axinom Mosaic services",
|
|
5
5
|
"author": "Axinom",
|
|
6
6
|
"license": "PROPRIETARY",
|
|
@@ -28,9 +28,9 @@
|
|
|
28
28
|
"lint": "eslint . --ext .ts,.tsx,.js --color --cache"
|
|
29
29
|
},
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"@axinom/mosaic-id-utils": "^0.
|
|
32
|
-
"@axinom/mosaic-message-bus": "^0.14.
|
|
33
|
-
"@axinom/mosaic-service-common": "^0.30.
|
|
31
|
+
"@axinom/mosaic-id-utils": "^0.14.0-rc.7",
|
|
32
|
+
"@axinom/mosaic-message-bus": "^0.14.2-rc.7",
|
|
33
|
+
"@axinom/mosaic-service-common": "^0.30.1-rc.7",
|
|
34
34
|
"amqplib": "^0.6.0",
|
|
35
35
|
"express": "^4.17.1",
|
|
36
36
|
"express-bearer-token": "^2.4.0",
|
|
@@ -49,17 +49,18 @@
|
|
|
49
49
|
},
|
|
50
50
|
"devDependencies": {
|
|
51
51
|
"@types/supertest": "^2.0.11",
|
|
52
|
+
"cross-env": "^7.0.3",
|
|
52
53
|
"graphql-subscriptions": "^1.2.1",
|
|
53
|
-
"jest": "
|
|
54
|
+
"jest": "^29",
|
|
54
55
|
"mock-jwks": "^1.0.8",
|
|
55
56
|
"nock": "^13.2.9",
|
|
56
57
|
"rimraf": "^3.0.2",
|
|
57
58
|
"supertest": "^6.1.6",
|
|
58
|
-
"ts-node": "^
|
|
59
|
-
"typescript": "^4.5
|
|
59
|
+
"ts-node": "^10.9.1",
|
|
60
|
+
"typescript": "^4.9.5"
|
|
60
61
|
},
|
|
61
62
|
"publishConfig": {
|
|
62
63
|
"access": "public"
|
|
63
64
|
},
|
|
64
|
-
"gitHead": "
|
|
65
|
+
"gitHead": "c73c00639711d8a82e99e17a39e4d50364e870db"
|
|
65
66
|
}
|
|
@@ -112,6 +112,30 @@ describe('parse-jwt-token', () => {
|
|
|
112
112
|
|
|
113
113
|
describe('When authenticationConfig is a string (used only in tenant and environment admin authentication scenarios)', () => {
|
|
114
114
|
type AuthType = 'MANAGEMENT' | 'END_USER';
|
|
115
|
+
|
|
116
|
+
it('can successfully verify a token', async () => {
|
|
117
|
+
mockReadFileSync.mockImplementation(() => publicKey);
|
|
118
|
+
const authContext = await parseJwtToken(RS256EnvAdminToken, 'url');
|
|
119
|
+
|
|
120
|
+
expect(authContext.authErrorInfo).toBeUndefined();
|
|
121
|
+
expect(authContext.subject).toBeDefined();
|
|
122
|
+
expect(authContext.subject).toMatchObject({
|
|
123
|
+
aud: 'app-administration',
|
|
124
|
+
email: 'jonas@sicumundus.time',
|
|
125
|
+
environmentId: '*',
|
|
126
|
+
exp: 1754110895,
|
|
127
|
+
iat: 1643107295,
|
|
128
|
+
iss: 'ax-id-service',
|
|
129
|
+
name: 'Jonas Khanwald',
|
|
130
|
+
permissions: {
|
|
131
|
+
'ax-id-service': ['ADMIN'],
|
|
132
|
+
},
|
|
133
|
+
sub: '36ccd7d7-0015-4aae-b696-75873c42321b',
|
|
134
|
+
subjectType: 'EnvironmentAdminAccount',
|
|
135
|
+
tenantId: '00000000-0000-0000-0000-000000000000',
|
|
136
|
+
});
|
|
137
|
+
});
|
|
138
|
+
|
|
115
139
|
it('When the token is signed with a different algorithm, an error is given in the AuthenticationContext object', async () => {
|
|
116
140
|
mockReadFileSync.mockImplementation(() => publicKey);
|
|
117
141
|
const authContext = await parseJwtToken(HS256Token, 'url');
|
|
@@ -240,6 +264,7 @@ describe('parse-jwt-token', () => {
|
|
|
240
264
|
});
|
|
241
265
|
},
|
|
242
266
|
);
|
|
267
|
+
|
|
243
268
|
it.each([
|
|
244
269
|
{
|
|
245
270
|
tenantId,
|
|
@@ -277,6 +302,7 @@ describe('parse-jwt-token', () => {
|
|
|
277
302
|
RS256ManagementUserToken,
|
|
278
303
|
) as AuthenticatedManagementSubject,
|
|
279
304
|
);
|
|
305
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
280
306
|
},
|
|
281
307
|
);
|
|
282
308
|
|
|
@@ -321,6 +347,7 @@ describe('parse-jwt-token', () => {
|
|
|
321
347
|
message: 'jwt expired',
|
|
322
348
|
},
|
|
323
349
|
});
|
|
350
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
324
351
|
},
|
|
325
352
|
);
|
|
326
353
|
|
|
@@ -365,6 +392,7 @@ describe('parse-jwt-token', () => {
|
|
|
365
392
|
message: 'Signing Key Not Found',
|
|
366
393
|
},
|
|
367
394
|
});
|
|
395
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
368
396
|
},
|
|
369
397
|
);
|
|
370
398
|
|
|
@@ -409,6 +437,7 @@ describe('parse-jwt-token', () => {
|
|
|
409
437
|
message: 'JWKS Error',
|
|
410
438
|
},
|
|
411
439
|
});
|
|
440
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
412
441
|
},
|
|
413
442
|
);
|
|
414
443
|
|
|
@@ -451,6 +480,7 @@ describe('parse-jwt-token', () => {
|
|
|
451
480
|
code: 'IDENTITY_SERVICE_NOT_ACCESSIBLE',
|
|
452
481
|
message: `The Identity service is not accessible. Please contact Axinom support.`,
|
|
453
482
|
});
|
|
483
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
454
484
|
},
|
|
455
485
|
);
|
|
456
486
|
|
|
@@ -496,6 +526,7 @@ describe('parse-jwt-token', () => {
|
|
|
496
526
|
message: 'Some unknown error thrown by the method or the library',
|
|
497
527
|
},
|
|
498
528
|
});
|
|
529
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
499
530
|
},
|
|
500
531
|
);
|
|
501
532
|
|
|
@@ -550,6 +581,7 @@ describe('parse-jwt-token', () => {
|
|
|
550
581
|
code: 'UNHANDLED_ERROR',
|
|
551
582
|
},
|
|
552
583
|
});
|
|
584
|
+
getAuthenticatedManagementSubjectMock.mockRestore();
|
|
553
585
|
},
|
|
554
586
|
);
|
|
555
587
|
|
|
@@ -577,6 +609,7 @@ describe('parse-jwt-token', () => {
|
|
|
577
609
|
expect(authContext.subject).toMatchObject(
|
|
578
610
|
jwt.decode(RS256EndUserToken) as AuthenticatedEndUser,
|
|
579
611
|
);
|
|
612
|
+
getAuthenticatedEndUserMock.mockRestore();
|
|
580
613
|
});
|
|
581
614
|
|
|
582
615
|
it.each([
|
|
@@ -620,6 +653,7 @@ describe('parse-jwt-token', () => {
|
|
|
620
653
|
message: 'Signing Key Not Found',
|
|
621
654
|
},
|
|
622
655
|
});
|
|
656
|
+
getAuthenticatedEndUserMock.mockRestore();
|
|
623
657
|
},
|
|
624
658
|
);
|
|
625
659
|
|
|
@@ -664,6 +698,7 @@ describe('parse-jwt-token', () => {
|
|
|
664
698
|
message: 'JWKS Error',
|
|
665
699
|
},
|
|
666
700
|
});
|
|
701
|
+
getAuthenticatedEndUserMock.mockRestore();
|
|
667
702
|
},
|
|
668
703
|
);
|
|
669
704
|
|
|
@@ -706,6 +741,7 @@ describe('parse-jwt-token', () => {
|
|
|
706
741
|
code: 'USER_SERVICE_NOT_ACCESSIBLE',
|
|
707
742
|
message: `The User service is not accessible. Please contact Axinom support.`,
|
|
708
743
|
});
|
|
744
|
+
getAuthenticatedEndUserMock.mockRestore();
|
|
709
745
|
},
|
|
710
746
|
);
|
|
711
747
|
|