@bearei/server-common 0.0.69 → 0.0.71

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/dist/access/access.guard.d.ts +6 -4
  2. package/dist/access/access.guard.js +19 -13
  3. package/dist/access/access.guard.js.map +1 -1
  4. package/dist/access/access.interceptor.js +2 -1
  5. package/dist/access/access.interceptor.js.map +1 -1
  6. package/dist/app.interface.d.ts +1 -1
  7. package/dist/authentication/authentication.service.d.ts +0 -1
  8. package/dist/authentication/authentication.service.js +0 -3
  9. package/dist/authentication/authentication.service.js.map +1 -1
  10. package/dist/external/external.interface.d.ts +0 -7
  11. package/dist/external/external.module.js +2 -1
  12. package/dist/external/external.module.js.map +1 -1
  13. package/dist/external/external.service.d.ts +4 -3
  14. package/dist/external/external.service.js +16 -10
  15. package/dist/external/external.service.js.map +1 -1
  16. package/dist/index.d.ts +1 -0
  17. package/dist/index.js +1 -0
  18. package/dist/index.js.map +1 -1
  19. package/dist/jwt/index.d.ts +3 -0
  20. package/dist/jwt/index.js +20 -0
  21. package/dist/jwt/index.js.map +1 -0
  22. package/dist/jwt/jwt.interface.d.ts +15 -0
  23. package/dist/jwt/jwt.interface.js +3 -0
  24. package/dist/jwt/jwt.interface.js.map +1 -0
  25. package/dist/jwt/jwt.module.d.ts +2 -0
  26. package/dist/jwt/jwt.module.js +42 -0
  27. package/dist/jwt/jwt.module.js.map +1 -0
  28. package/dist/jwt/jwt.service.d.ts +8 -0
  29. package/dist/jwt/jwt.service.js +53 -0
  30. package/dist/jwt/jwt.service.js.map +1 -0
  31. package/dist/permission/permission.guard.d.ts +3 -1
  32. package/dist/permission/permission.guard.js +7 -2
  33. package/dist/permission/permission.guard.js.map +1 -1
  34. package/dist/tsconfig.build.tsbuildinfo +1 -1
  35. package/dist/util/error.util.js +3 -6
  36. package/dist/util/error.util.js.map +1 -1
  37. package/dist/util/format.util.d.ts +1 -1
  38. package/dist/util/format.util.js +2 -2
  39. package/dist/util/format.util.js.map +1 -1
  40. package/package.json +3 -1
@@ -1,9 +1,11 @@
1
1
  import { CanActivate, ExecutionContext } from '@nestjs/common';
2
+ import { ConfigService } from '@nestjs/config';
2
3
  import { Reflector } from '@nestjs/core';
3
- import { AuthenticationService } from '../authentication';
4
+ import { JWTService } from '../jwt';
4
5
  export declare class AccessGuard implements CanActivate {
5
- private readonly authenticationService;
6
+ private readonly jwtService;
7
+ private readonly configService;
6
8
  private readonly reflector;
7
- constructor(authenticationService: AuthenticationService, reflector: Reflector);
8
- canActivate(context: ExecutionContext): true | Promise<boolean>;
9
+ constructor(jwtService: JWTService, configService: ConfigService, reflector: Reflector);
10
+ canActivate(context: ExecutionContext): Promise<boolean>;
9
11
  }
@@ -11,17 +11,20 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.AccessGuard = void 0;
13
13
  const common_1 = require("@nestjs/common");
14
+ const config_1 = require("@nestjs/config");
14
15
  const core_1 = require("@nestjs/core");
15
16
  const app_decorator_1 = require("../app.decorator");
16
17
  const app_interface_1 = require("../app.interface");
17
- const authentication_1 = require("../authentication");
18
+ const jwt_1 = require("../jwt");
18
19
  const util_1 = require("../util");
19
20
  const access_interface_1 = require("./access.interface");
20
21
  let AccessGuard = class AccessGuard {
21
- authenticationService;
22
+ jwtService;
23
+ configService;
22
24
  reflector;
23
- constructor(authenticationService, reflector) {
24
- this.authenticationService = authenticationService;
25
+ constructor(jwtService, configService, reflector) {
26
+ this.jwtService = jwtService;
27
+ this.configService = configService;
25
28
  this.reflector = reflector;
26
29
  }
27
30
  canActivate(context) {
@@ -31,26 +34,29 @@ let AccessGuard = class AccessGuard {
31
34
  ]);
32
35
  const request = context.switchToHttp().getRequest();
33
36
  const headers = request.headers;
34
- const publicAccesses = [headers['ei-internal-service']].some(Boolean);
35
- if (publicAccesses) {
36
- return true;
37
- }
38
- const token = (0, util_1.formatToken)(headers);
37
+ const tokenKey = headers['ei-internal-authorization'] ? 'ei-internal-authorization' : 'authorization';
38
+ const token = (0, util_1.formatToken)(headers)(tokenKey);
39
39
  !token && (0, util_1.throwAPIError)({ code: '401001', message: 'Authentication token does not exist' })(app_interface_1.APIError.UNAUTHORIZED);
40
- return this.authenticationService.authenticationAccess(headers).then(payload => {
40
+ const processVerifyResult = (request) => (requiredAccesses) => (payload) => {
41
+ const internalAccess = payload.sub.startsWith(`internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}`);
42
+ if (internalAccess) {
43
+ return true;
44
+ }
41
45
  payload.sub === 'guest' &&
42
46
  !requiredAccesses?.includes(access_interface_1.Access.GUEST) &&
43
47
  (0, util_1.throwAPIError)({ code: '401002', message: 'Guest user do not have access to current resource' })(app_interface_1.APIError.UNAUTHORIZED);
44
48
  request['issuer'] = payload.iss;
45
49
  request['subject'] = payload.sub;
46
- return true;
47
- });
50
+ return Boolean(payload.sub);
51
+ };
52
+ return this.jwtService.verifyAsync(token).then(processVerifyResult(request)(requiredAccesses));
48
53
  }
49
54
  };
50
55
  exports.AccessGuard = AccessGuard;
51
56
  exports.AccessGuard = AccessGuard = __decorate([
52
57
  (0, common_1.Injectable)(),
53
- __metadata("design:paramtypes", [authentication_1.AuthenticationService,
58
+ __metadata("design:paramtypes", [jwt_1.JWTService,
59
+ config_1.ConfigService,
54
60
  core_1.Reflector])
55
61
  ], AccessGuard);
56
62
  //# sourceMappingURL=access.guard.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AACzC,sDAAuD;AAEvD,kCAAkD;AAClD,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,cAAc,GAAG,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAErE,IAAI,cAAc,EAAE,CAAC;YACjB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAA;QAElC,CAAC,KAAK,IAAI,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,qCAAqC,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAA;QAEhH,OAAO,IAAI,CAAC,qBAAqB,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;YAC3E,OAAO,CAAC,GAAG,KAAK,OAAO;gBACnB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,yBAAM,CAAC,KAAK,CAAC;gBACzC,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,mDAAmD,EAAC,CAAC,CACzF,wBAAQ,CAAC,YAAY,CACxB,CAAA;YAEL,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAC/B,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAEhC,OAAO,IAAI,CAAA;QACf,CAAC,CAAC,CAAA;IACN,CAAC;CACJ,CAAA;AArCY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QACjC,gBAAS;GAHhC,WAAW,CAqCvB"}
1
+ {"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,2CAA4C;AAC5C,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AAEzC,gCAA6C;AAC7C,kCAAkD;AAClD,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IACA;IAHrB,YACqB,UAAsB,EACtB,aAA4B,EAC5B,SAAoB;QAFpB,eAAU,GAAV,UAAU,CAAY;QACtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,2BAA2B,CAAC,CAAC,CAAC,eAAe,CAAA;QACrG,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAA;QAE5C,CAAC,KAAK,IAAI,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,qCAAqC,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAA;QAEhH,MAAM,mBAAmB,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,CAAC,gBAA0B,EAAE,EAAE,CAAC,CAAC,OAAmB,EAAE,EAAE;YACzG,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,UAAU,CACzC,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE,CAC3G,CAAA;YAED,IAAI,cAAc,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAA;YACf,CAAC;YAED,OAAO,CAAC,GAAG,KAAK,OAAO;gBACnB,CAAC,gBAAgB,EAAE,QAAQ,CAAC,yBAAM,CAAC,KAAK,CAAC;gBACzC,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,mDAAmD,EAAC,CAAC,CACzF,wBAAQ,CAAC,YAAY,CACxB,CAAA;YAEL,OAAO,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAC/B,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC,GAAG,CAAA;YAEhC,OAAO,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;QAC/B,CAAC,CAAA;QAED,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAA;IAClG,CAAC;CACJ,CAAA;AA3CY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGwB,gBAAU;QACP,sBAAa;QACjB,gBAAS;GAJhC,WAAW,CA2CvB"}
@@ -13,7 +13,8 @@ let AccessInterceptor = class AccessInterceptor {
13
13
  const request = context.switchToHttp().getRequest();
14
14
  !request.headers['ei-ip'] &&
15
15
  (request.headers['ei-ip'] = request.headers['x-forwarded-for'] ?? request.headers['x-real-ip']);
16
- !request.headers['ei-authorization'] && (request.headers['ei-authorization'] = request.subject);
16
+ !request.headers['ei-subject'] && (request.headers['ei-subject'] = request.subject);
17
+ !request.headers['ei-domainId'] && (request.headers['ei-domainId'] = request.issuer);
17
18
  return next.handle();
18
19
  }
19
20
  };
@@ -1 +1 @@
1
- {"version":3,"file":"access.interceptor.js","sourceRoot":"","sources":["../../src/access/access.interceptor.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAyF;AAGlF,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC1B,SAAS,CAAC,OAAyB,EAAE,IAAiB;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAA;QAEnD,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;YACrB,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAA;QAEnG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;QAE/F,OAAO,IAAI,CAAC,MAAM,EAAE,CAAA;IACxB,CAAC;CACJ,CAAA;AAXY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;GACA,iBAAiB,CAW7B"}
1
+ {"version":3,"file":"access.interceptor.js","sourceRoot":"","sources":["../../src/access/access.interceptor.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAyF;AAGlF,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC1B,SAAS,CAAC,OAAyB,EAAE,IAAiB;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAA;QAEnD,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;YACrB,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAA;QAEnG,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;QACnF,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,CAAA;QAEpF,OAAO,IAAI,CAAC,MAAM,EAAE,CAAA;IACxB,CAAC;CACJ,CAAA;AAZY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;GACA,iBAAiB,CAY7B"}
@@ -12,7 +12,7 @@ export declare enum Order {
12
12
  ASC = "asc",
13
13
  DESC = "desc"
14
14
  }
15
- export type CustomHeaders = Record<'ei-project-id' | 'ei-domain-id' | 'ei-ip' | 'ei-client' | 'ei-internal-service' | 'ei-authorization', string>;
15
+ export type CustomHeaders = Record<'ei-domain-id' | 'ei-ip' | 'ei-client' | 'ei-internal-authorization' | 'ei-subject', string>;
16
16
  export type APIHeaders = Record<string, string> | CustomHeaders | AxiosRequestConfig['headers'];
17
17
  export declare enum APIError {
18
18
  BAD_REQUEST = "badRequest",
@@ -4,6 +4,5 @@ import { AuthenticationPermissionOptions } from './authentication.interface';
4
4
  export declare class AuthenticationService {
5
5
  private readonly externalService;
6
6
  constructor(externalService: ExternalService);
7
- authenticationAccess(headers: APIHeaders): Promise<import("../external").AuthenticatedToken>;
8
7
  authenticationPermission(headers: APIHeaders): (options: AuthenticationPermissionOptions) => Promise<any>;
9
8
  }
@@ -17,9 +17,6 @@ let AuthenticationService = class AuthenticationService {
17
17
  constructor(externalService) {
18
18
  this.externalService = externalService;
19
19
  }
20
- async authenticationAccess(headers) {
21
- return this.externalService.authenticationUserAccess(headers);
22
- }
23
20
  authenticationPermission(headers) {
24
21
  return async (options) => this.externalService.authenticationUserPermission(headers)(options);
25
22
  }
@@ -1 +1 @@
1
- {"version":3,"file":"authentication.service.js","sourceRoot":"","sources":["../../src/authentication/authentication.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyC;AAEzC,0CAA2C;AAIpC,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IACD;IAA7B,YAA6B,eAAgC;QAAhC,oBAAe,GAAf,eAAe,CAAiB;IAAG,CAAC;IAEjE,KAAK,CAAC,oBAAoB,CAAC,OAAmB;QAC1C,OAAO,IAAI,CAAC,eAAe,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAA;IACjE,CAAC;IAED,wBAAwB,CAAC,OAAmB;QACxC,OAAO,KAAK,EAAE,OAAwC,EAAE,EAAE,CACtD,IAAI,CAAC,eAAe,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;IAC3E,CAAC;CACJ,CAAA;AAXY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;qCAEqC,0BAAe;GADpD,qBAAqB,CAWjC"}
1
+ {"version":3,"file":"authentication.service.js","sourceRoot":"","sources":["../../src/authentication/authentication.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyC;AAEzC,0CAA2C;AAIpC,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IACD;IAA7B,YAA6B,eAAgC;QAAhC,oBAAe,GAAf,eAAe,CAAiB;IAAG,CAAC;IAEjE,wBAAwB,CAAC,OAAmB;QACxC,OAAO,KAAK,EAAE,OAAwC,EAAE,EAAE,CACtD,IAAI,CAAC,eAAe,CAAC,4BAA4B,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAA;IAC3E,CAAC;CACJ,CAAA;AAPY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;qCAEqC,0BAAe;GADpD,qBAAqB,CAOjC"}
@@ -24,13 +24,6 @@ export interface AuthenticationExternalPermissionOptions {
24
24
  keys: Permission[];
25
25
  userId: string;
26
26
  }
27
- export interface AuthenticatedToken {
28
- aud: string;
29
- iss: string;
30
- jti: string;
31
- nbf: number;
32
- sub: string;
33
- }
34
27
  export interface APIRequest {
35
28
  headers: APIHeaders;
36
29
  params: Record<string, string>;
@@ -10,6 +10,7 @@ exports.ExternalModule = void 0;
10
10
  const axios_1 = require("@nestjs/axios");
11
11
  const common_1 = require("@nestjs/common");
12
12
  const config_1 = require("@nestjs/config");
13
+ const jwt_1 = require("../jwt");
13
14
  const external_service_1 = require("./external.service");
14
15
  let ExternalModule = class ExternalModule {
15
16
  };
@@ -17,7 +18,7 @@ exports.ExternalModule = ExternalModule;
17
18
  exports.ExternalModule = ExternalModule = __decorate([
18
19
  (0, common_1.Module)({
19
20
  exports: [external_service_1.ExternalService],
20
- imports: [config_1.ConfigModule, axios_1.HttpModule.register({ timeout: 20000, maxRedirects: 5 })],
21
+ imports: [config_1.ConfigModule, axios_1.HttpModule.register({ timeout: 20000, maxRedirects: 5 }), jwt_1.JWTModule],
21
22
  providers: [external_service_1.ExternalService]
22
23
  })
23
24
  ], ExternalModule);
@@ -1 +1 @@
1
- {"version":3,"file":"external.module.js","sourceRoot":"","sources":["../../src/external/external.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,yCAAwC;AACxC,2CAAqC;AACrC,2CAA2C;AAC3C,yDAAkD;AAO3C,IAAM,cAAc,GAApB,MAAM,cAAc;CAAG,CAAA;AAAjB,wCAAc;yBAAd,cAAc;IAL1B,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE,CAAC,kCAAe,CAAC;QAC1B,OAAO,EAAE,CAAC,qBAAY,EAAE,kBAAU,CAAC,QAAQ,CAAC,EAAC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,EAAC,CAAC,CAAC;QAC/E,SAAS,EAAE,CAAC,kCAAe,CAAC;KAC/B,CAAC;GACW,cAAc,CAAG"}
1
+ {"version":3,"file":"external.module.js","sourceRoot":"","sources":["../../src/external/external.module.ts"],"names":[],"mappings":";;;;;;;;;AAAA,yCAAwC;AACxC,2CAAqC;AACrC,2CAA2C;AAC3C,gCAAgC;AAChC,yDAAkD;AAO3C,IAAM,cAAc,GAApB,MAAM,cAAc;CAAG,CAAA;AAAjB,wCAAc;yBAAd,cAAc;IAL1B,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE,CAAC,kCAAe,CAAC;QAC1B,OAAO,EAAE,CAAC,qBAAY,EAAE,kBAAU,CAAC,QAAQ,CAAC,EAAC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,EAAC,CAAC,EAAE,eAAS,CAAC;QAC1F,SAAS,EAAE,CAAC,kCAAe,CAAC;KAC/B,CAAC;GACW,cAAc,CAAG"}
@@ -1,12 +1,13 @@
1
1
  import { HttpService } from '@nestjs/axios';
2
2
  import { ConfigService } from '@nestjs/config';
3
3
  import { APIHeaders } from '../app.interface';
4
- import { AuthenticatedToken, AuthenticationExternalPermissionOptions, CreateExternalActionLogOptions, RequestOptions } from './external.interface';
4
+ import { JWTService } from '../jwt';
5
+ import { AuthenticationExternalPermissionOptions, CreateExternalActionLogOptions, RequestOptions } from './external.interface';
5
6
  export declare class ExternalService {
6
7
  private readonly configService;
7
8
  private readonly httpService;
8
- constructor(configService: ConfigService, httpService: HttpService);
9
- authenticationUserAccess(headers: APIHeaders): Promise<AuthenticatedToken>;
9
+ private readonly jwtService;
10
+ constructor(configService: ConfigService, httpService: HttpService, jwtService: JWTService);
10
11
  authenticationUserPermission(headers: APIHeaders): (options: AuthenticationExternalPermissionOptions) => Promise<any>;
11
12
  createActionLog(headers: APIHeaders): ({ action, serviceName, ...args }: CreateExternalActionLogOptions) => Promise<void>;
12
13
  request({ baseURL, headers, method, params, path, serviceName, timeout, version, async, ...options }: RequestOptions): Promise<any>;
@@ -15,16 +15,16 @@ const common_1 = require("@nestjs/common");
15
15
  const config_1 = require("@nestjs/config");
16
16
  const rxjs_1 = require("rxjs");
17
17
  const app_interface_1 = require("../app.interface");
18
+ const jwt_1 = require("../jwt");
18
19
  const util_1 = require("../util");
19
20
  let ExternalService = class ExternalService {
20
21
  configService;
21
22
  httpService;
22
- constructor(configService, httpService) {
23
+ jwtService;
24
+ constructor(configService, httpService, jwtService) {
23
25
  this.configService = configService;
24
26
  this.httpService = httpService;
25
- }
26
- async authenticationUserAccess(headers) {
27
- return this.request({ headers, method: 'GET', path: '/user-authentications/access', serviceName: 'bearei-users' });
27
+ this.jwtService = jwtService;
28
28
  }
29
29
  authenticationUserPermission(headers) {
30
30
  return async (options) => {
@@ -51,16 +51,21 @@ let ExternalService = class ExternalService {
51
51
  client: headers['ei-client'],
52
52
  domainId: headers['ei-domain-id'],
53
53
  ip: headers['ei-ip'],
54
- projectId: headers['ei-project-id'],
55
54
  serviceName: this.configService.get('serviceName'),
56
55
  userAgent: headers['user-agent'],
57
- userId: headers['ei-authorization']
56
+ userId: headers['ei-subject']
58
57
  },
59
58
  headers
60
59
  });
61
60
  };
62
61
  }
63
62
  async request({ baseURL, headers, method = 'GET', params, path = '/', serviceName, timeout, version, async = false, ...options }) {
63
+ const subject = `internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}:${this.configService.get('service.name')}`;
64
+ const token = await this.jwtService.signAsync({
65
+ domainId: headers['ei-domainId'],
66
+ client: headers['ei-client'],
67
+ jwtSignOptions: { expiresIn: 180000 }
68
+ })(subject);
64
69
  const processParams = (params = {}) => Object.entries(params).reduce((accumulator, [key, value]) => {
65
70
  ;
66
71
  (Array.isArray(value) ? value.length : typeof value !== 'undefined') &&
@@ -74,11 +79,11 @@ let ExternalService = class ExternalService {
74
79
  baseURL: baseURL ?? this.configService.get('apiService.url'),
75
80
  headers: {
76
81
  ...(async && { 'x-fc-invocation-type': 'Async' }),
77
- 'ei-authorization': headers['ei-authorization'],
78
82
  'ei-client': headers['ei-client'],
79
- 'ei-internal-service': headers['ei-internal-service'] ?? this.configService.get('serviceName'),
83
+ 'ei-domainId': headers['ei-domainId'],
84
+ 'ei-internal-authorization': token,
80
85
  'ei-ip': headers['ei-ip'],
81
- 'ei-project-id': headers['ei-project-id'],
86
+ 'ei-subject': headers['ei-subject'],
82
87
  authorization: headers['authorization']
83
88
  },
84
89
  method,
@@ -97,6 +102,7 @@ exports.ExternalService = ExternalService;
97
102
  exports.ExternalService = ExternalService = __decorate([
98
103
  (0, common_1.Injectable)(),
99
104
  __metadata("design:paramtypes", [config_1.ConfigService,
100
- axios_1.HttpService])
105
+ axios_1.HttpService,
106
+ jwt_1.JWTService])
101
107
  ], ExternalService);
102
108
  //# sourceMappingURL=external.service.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,+BAA+C;AAC/C,oDAAqD;AACrD,kCAAqC;AAS9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,aAA4B,EAC5B,WAAwB;QADxB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;IAC1C,CAAC;IAEJ,KAAK,CAAC,wBAAwB,CAAC,OAAmB;QAC9C,OAAO,IAAI,CAAC,OAAO,CAAC,EAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,8BAA8B,EAAE,WAAW,EAAE,cAAc,EAAC,CAAC,CAAA;IACpH,CAAC;IAED,4BAA4B,CAAC,OAAmB;QAC5C,OAAO,KAAK,EAAE,OAAgD,EAAE,EAAE;YAC9D,OAAO,IAAI,CAAC,OAAO,CAAC;gBAChB,OAAO;gBACP,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,cAAc;aAC9B,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,eAAe,CAAC,OAAmB;QAC/B,OAAO,KAAK,EAAE,EAAC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAiC,EAAE,EAAE;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC;gBACf,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;gBACvC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE;oBACF,GAAG,IAAI;oBACP,MAAM;oBACN,OAAO,EAAE,GAAG,MAAM,IAAI,WAAW,EAAE;oBACnC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;oBAC5B,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;oBACjC,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC;oBACpB,SAAS,EAAE,OAAO,CAAC,eAAe,CAAC;oBACnC,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;oBAClD,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC;oBAChC,MAAM,EAAE,OAAO,CAAC,kBAAkB,CAAC;iBACtC;gBACD,OAAO;aACV,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EACV,OAAO,EACP,OAAO,EACP,MAAM,GAAG,KAAK,EACd,MAAM,EACN,IAAI,GAAG,GAAG,EACV,WAAW,EACX,OAAO,EACP,OAAO,EACP,KAAK,GAAG,KAAK,EACb,GAAG,OAAO,EACG;QACb,MAAM,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,CAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,CAAC;YAAA,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,WAAW,CAAC;gBACjE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;YAEvE,OAAO,WAAW,CAAA;QACtB,CAAC,EAAE,EAAE,CAAC,CAAA;QAEV,OAAO,IAAA,qBAAc,EACjB,IAAI,CAAC,WAAW;aACX,OAAO,CAAC;YACL,GAAG,OAAO;YACV,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC5D,OAAO,EAAE;gBACL,GAAG,CAAC,KAAK,IAAI,EAAC,sBAAsB,EAAE,OAAO,EAAC,CAAC;gBAC/C,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,CAAC;gBAC/C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC;gBACjC,qBAAqB,EAAE,OAAO,CAAC,qBAAqB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;gBAC9F,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;gBACzB,eAAe,EAAE,OAAO,CAAC,eAAe,CAAC;gBACzC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC;aAC1C;YACD,MAAM;YACN,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAChE,GAAG,EAAE,IAAI,WAAW,IAAI,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;YAChG,GAAG,CAAC,MAAM,IAAI,EAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,EAAC,CAAC;SACjD,CAAC;aACD,IAAI,CACD,IAAA,iBAAU,EAAC,KAAK,CAAC,EAAE;YACf,KAAK,CAAC,IAAI,KAAK,WAAW;gBACtB,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,kCAAkC,EAAC,CAAC,CACzE,wBAAQ,CAAC,eAAe,CAC3B,CAAA;YAEL,MAAM,KAAK,CAAA;QACf,CAAC,CAAC,CACL,CACR,CAAC,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;CACJ,CAAA;AAlGY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAG2B,sBAAa;QACf,mBAAW;GAHpC,eAAe,CAkG3B"}
1
+ {"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,+BAA+C;AAC/C,oDAAqD;AACrD,gCAAiC;AACjC,kCAAqC;AAQ9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IACA;IAHrB,YACqB,aAA4B,EAC5B,WAAwB,EACxB,UAAsB;QAFtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;QACxB,eAAU,GAAV,UAAU,CAAY;IACxC,CAAC;IAEJ,4BAA4B,CAAC,OAAmB;QAC5C,OAAO,KAAK,EAAE,OAAgD,EAAE,EAAE;YAC9D,OAAO,IAAI,CAAC,OAAO,CAAC;gBAChB,OAAO;gBACP,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,cAAc;aAC9B,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,eAAe,CAAC,OAAmB;QAC/B,OAAO,KAAK,EAAE,EAAC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAiC,EAAE,EAAE;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC;gBACf,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;gBACvC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE;oBACF,GAAG,IAAI;oBACP,MAAM;oBACN,OAAO,EAAE,GAAG,MAAM,IAAI,WAAW,EAAE;oBACnC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;oBAC5B,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;oBACjC,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC;oBACpB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;oBAClD,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC;oBAChC,MAAM,EAAE,OAAO,CAAC,YAAY,CAAC;iBAChC;gBACD,OAAO;aACV,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EACV,OAAO,EACP,OAAO,EACP,MAAM,GAAG,KAAK,EACd,MAAM,EACN,IAAI,GAAG,GAAG,EACV,WAAW,EACX,OAAO,EACP,OAAO,EACP,KAAK,GAAG,KAAK,EACb,GAAG,OAAO,EACG;QACb,MAAM,OAAO,GAAG,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAA;QAClK,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;YAC1C,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC;YAChC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;YAC5B,cAAc,EAAE,EAAC,SAAS,EAAE,MAAM,EAAC;SACtC,CAAC,CAAC,OAAO,CAAC,CAAA;QAEX,MAAM,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,CAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,CAAC;YAAA,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,WAAW,CAAC;gBACjE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;YAEvE,OAAO,WAAW,CAAA;QACtB,CAAC,EAAE,EAAE,CAAC,CAAA;QAEV,OAAO,IAAA,qBAAc,EACjB,IAAI,CAAC,WAAW;aACX,OAAO,CAAC;YACL,GAAG,OAAO;YACV,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC5D,OAAO,EAAE;gBACL,GAAG,CAAC,KAAK,IAAI,EAAC,sBAAsB,EAAE,OAAO,EAAC,CAAC;gBAC/C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC;gBACjC,aAAa,EAAE,OAAO,CAAC,aAAa,CAAC;gBACrC,2BAA2B,EAAE,KAAK;gBAClC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;gBACzB,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC;gBACnC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC;aAC1C;YACD,MAAM;YACN,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAChE,GAAG,EAAE,IAAI,WAAW,IAAI,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;YAChG,GAAG,CAAC,MAAM,IAAI,EAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,EAAC,CAAC;SACjD,CAAC;aACD,IAAI,CACD,IAAA,iBAAU,EAAC,KAAK,CAAC,EAAE;YACf,KAAK,CAAC,IAAI,KAAK,WAAW;gBACtB,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,kCAAkC,EAAC,CAAC,CACzE,wBAAQ,CAAC,eAAe,CAC3B,CAAA;YAEL,MAAM,KAAK,CAAA;QACf,CAAC,CAAC,CACL,CACR,CAAC,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;CACJ,CAAA;AArGY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAG2B,sBAAa;QACf,mBAAW;QACZ,gBAAU;GAJlC,eAAe,CAqG3B"}
package/dist/index.d.ts CHANGED
@@ -8,6 +8,7 @@ export * from './authentication';
8
8
  export * from './base';
9
9
  export * from './database';
10
10
  export * from './external';
11
+ export * from './jwt';
11
12
  export * from './permission';
12
13
  export * from './redis';
13
14
  export * from './util';
package/dist/index.js CHANGED
@@ -24,6 +24,7 @@ __exportStar(require("./authentication"), exports);
24
24
  __exportStar(require("./base"), exports);
25
25
  __exportStar(require("./database"), exports);
26
26
  __exportStar(require("./external"), exports);
27
+ __exportStar(require("./jwt"), exports);
27
28
  __exportStar(require("./permission"), exports);
28
29
  __exportStar(require("./redis"), exports);
29
30
  __exportStar(require("./util"), exports);
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAwB;AACxB,+CAA4B;AAC5B,kDAA+B;AAC/B,4CAAyB;AACzB,+CAA4B;AAC5B,kDAA+B;AAC/B,mDAAgC;AAChC,yCAAsB;AACtB,6CAA0B;AAC1B,6CAA0B;AAC1B,+CAA4B;AAC5B,0CAAuB;AACvB,yCAAsB"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAwB;AACxB,+CAA4B;AAC5B,kDAA+B;AAC/B,4CAAyB;AACzB,+CAA4B;AAC5B,kDAA+B;AAC/B,mDAAgC;AAChC,yCAAsB;AACtB,6CAA0B;AAC1B,6CAA0B;AAC1B,wCAAqB;AACrB,+CAA4B;AAC5B,0CAAuB;AACvB,yCAAsB"}
@@ -0,0 +1,3 @@
1
+ export * from './jwt.interface';
2
+ export * from './jwt.module';
3
+ export * from './jwt.service';
@@ -0,0 +1,20 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
+ for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
+ };
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ __exportStar(require("./jwt.interface"), exports);
18
+ __exportStar(require("./jwt.module"), exports);
19
+ __exportStar(require("./jwt.service"), exports);
20
+ //# sourceMappingURL=index.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/jwt/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,kDAA+B;AAC/B,+CAA4B;AAC5B,gDAA6B"}
@@ -0,0 +1,15 @@
1
+ import { JwtSignOptions } from '@nestjs/jwt';
2
+ export interface JWTSignAsyncOptions {
3
+ domainId: string;
4
+ client: string;
5
+ jwtSignOptions?: JwtSignOptions;
6
+ }
7
+ export type JWTPayload = {
8
+ aud: string;
9
+ exp: number;
10
+ iat: number;
11
+ iss: string;
12
+ jti: string;
13
+ nbf: number;
14
+ sub: string;
15
+ };
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=jwt.interface.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt.interface.js","sourceRoot":"","sources":["../../src/jwt/jwt.interface.ts"],"names":[],"mappings":""}
@@ -0,0 +1,2 @@
1
+ export declare class JWTModule {
2
+ }
@@ -0,0 +1,42 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __importDefault = (this && this.__importDefault) || function (mod) {
9
+ return (mod && mod.__esModule) ? mod : { "default": mod };
10
+ };
11
+ Object.defineProperty(exports, "__esModule", { value: true });
12
+ exports.JWTModule = void 0;
13
+ const common_1 = require("@nestjs/common");
14
+ const config_1 = require("@nestjs/config");
15
+ const jwt_1 = require("@nestjs/jwt");
16
+ const crypto_1 = __importDefault(require("crypto"));
17
+ const jwt_service_1 = require("./jwt.service");
18
+ let JWTModule = class JWTModule {
19
+ };
20
+ exports.JWTModule = JWTModule;
21
+ exports.JWTModule = JWTModule = __decorate([
22
+ (0, common_1.Module)({
23
+ imports: [
24
+ jwt_1.JwtModule.registerAsync({
25
+ imports: [config_1.ConfigModule],
26
+ useFactory: async (configService) => {
27
+ const jwk = JSON.parse(configService.get('jwt.privateKey'));
28
+ const privateKey = crypto_1.default.createPrivateKey({ key: jwk, format: 'jwk' });
29
+ const publicKey = crypto_1.default.createPublicKey({ key: jwk, format: 'jwk' });
30
+ return {
31
+ privateKey: privateKey.export({ format: 'pem', type: 'pkcs8' }),
32
+ publicKey: publicKey.export({ format: 'pem', type: 'spki' }),
33
+ signOptions: { expiresIn: configService.get('jwt.expiresIn'), algorithm: 'RS256' }
34
+ };
35
+ },
36
+ inject: [config_1.ConfigService]
37
+ })
38
+ ],
39
+ providers: [jwt_service_1.JWTService]
40
+ })
41
+ ], JWTModule);
42
+ //# sourceMappingURL=jwt.module.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt.module.js","sourceRoot":"","sources":["../../src/jwt/jwt.module.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAqC;AACrC,2CAA0D;AAC1D,qCAAqC;AACrC,oDAA2B;AAC3B,+CAAwC;AAsBjC,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,8BAAS;oBAAT,SAAS;IApBrB,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE;YACL,eAAS,CAAC,aAAa,CAAC;gBACpB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,UAAU,EAAE,KAAK,EAAC,aAAa,EAAC,EAAE;oBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAA;oBAC3D,MAAM,UAAU,GAAG,gBAAM,CAAC,gBAAgB,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBACrE,MAAM,SAAS,GAAG,gBAAM,CAAC,eAAe,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBAEnE,OAAO;wBACH,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAC,CAAC;wBAC7D,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAC,CAAC;wBAC1D,WAAW,EAAE,EAAC,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,SAAS,EAAE,OAAO,EAAC;qBACnF,CAAA;gBACL,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aAC1B,CAAC;SACL;QACD,SAAS,EAAE,CAAC,wBAAU,CAAC;KAC1B,CAAC;GACW,SAAS,CAAG"}
@@ -0,0 +1,8 @@
1
+ import { JwtService } from '@nestjs/jwt';
2
+ import { JWTSignAsyncOptions } from './jwt.interface';
3
+ export declare class JWTService {
4
+ private readonly jwtService;
5
+ constructor(jwtService: JwtService);
6
+ signAsync({ domainId, client, jwtSignOptions }: JWTSignAsyncOptions): (subject: string) => Promise<string>;
7
+ verifyAsync(token: string): Promise<any>;
8
+ }
@@ -0,0 +1,53 @@
1
+ "use strict";
2
+ var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
3
+ var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
4
+ if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
5
+ else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
6
+ return c > 3 && r && Object.defineProperty(target, key, r), r;
7
+ };
8
+ var __metadata = (this && this.__metadata) || function (k, v) {
9
+ if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
+ };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.JWTService = void 0;
16
+ const common_1 = require("@nestjs/common");
17
+ const jwt_1 = require("@nestjs/jwt");
18
+ const dayjs_1 = __importDefault(require("dayjs"));
19
+ const utc_1 = __importDefault(require("dayjs/plugin/utc"));
20
+ const nanoid_1 = require("nanoid");
21
+ const app_interface_1 = require("../app.interface");
22
+ const util_1 = require("../util");
23
+ let JWTService = class JWTService {
24
+ jwtService;
25
+ constructor(jwtService) {
26
+ this.jwtService = jwtService;
27
+ dayjs_1.default.extend(utc_1.default);
28
+ }
29
+ signAsync({ domainId, client, jwtSignOptions }) {
30
+ return async (subject) => {
31
+ const payload = {
32
+ aud: client,
33
+ iss: domainId,
34
+ jti: (0, nanoid_1.nanoid)(),
35
+ nbf: parseInt(`${dayjs_1.default.utc().valueOf() / 1000}`),
36
+ sub: subject
37
+ };
38
+ const token = await this.jwtService.signAsync(payload, jwtSignOptions);
39
+ return token;
40
+ };
41
+ }
42
+ async verifyAsync(token) {
43
+ return this.jwtService
44
+ .verifyAsync(token)
45
+ .catch(error => (0, util_1.throwAPIError)({ message: error.message })(app_interface_1.APIError.UNAUTHORIZED));
46
+ }
47
+ };
48
+ exports.JWTService = JWTService;
49
+ exports.JWTService = JWTService = __decorate([
50
+ (0, common_1.Injectable)(),
51
+ __metadata("design:paramtypes", [jwt_1.JwtService])
52
+ ], JWTService);
53
+ //# sourceMappingURL=jwt.service.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/jwt/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyC;AACzC,qCAAsC;AACtC,kDAAyB;AACzB,2DAAkC;AAClC,mCAA6B;AAC7B,oDAAyC;AACzC,kCAAqC;AAI9B,IAAM,UAAU,GAAhB,MAAM,UAAU;IACU;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;QAC/C,eAAK,CAAC,MAAM,CAAC,aAAG,CAAC,CAAA;IACrB,CAAC;IAED,SAAS,CAAC,EAAC,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAsB;QAC7D,OAAO,KAAK,EAAE,OAAe,EAAE,EAAE;YAC7B,MAAM,OAAO,GAAG;gBACZ,GAAG,EAAE,MAAM;gBACX,GAAG,EAAE,QAAQ;gBACb,GAAG,EAAE,IAAA,eAAM,GAAE;gBACb,GAAG,EAAE,QAAQ,CAAC,GAAG,eAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC;gBAChD,GAAG,EAAE,OAAO;aACf,CAAA;YAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,EAAE,cAAc,CAAC,CAAA;YAEtE,OAAO,KAAK,CAAA;QAChB,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC3B,OAAO,IAAI,CAAC,UAAU;aACjB,WAAW,CAAC,KAAK,CAAC;aAClB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,IAAA,oBAAa,EAAC,EAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAC,CAAA;IACvF,CAAC;CACJ,CAAA;AA1BY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAEgC,gBAAU;GAD1C,UAAU,CA0BtB"}
@@ -1,9 +1,11 @@
1
1
  import { CanActivate, ExecutionContext } from '@nestjs/common';
2
+ import { ConfigService } from '@nestjs/config';
2
3
  import { Reflector } from '@nestjs/core';
3
4
  import { AuthenticationService } from '../authentication';
4
5
  export declare class PermissionGuard implements CanActivate {
5
6
  private readonly authenticationService;
7
+ private readonly configService;
6
8
  private readonly reflector;
7
- constructor(authenticationService: AuthenticationService, reflector: Reflector);
9
+ constructor(authenticationService: AuthenticationService, configService: ConfigService, reflector: Reflector);
8
10
  canActivate(context: ExecutionContext): true | Promise<boolean>;
9
11
  }
@@ -11,14 +11,17 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.PermissionGuard = void 0;
13
13
  const common_1 = require("@nestjs/common");
14
+ const config_1 = require("@nestjs/config");
14
15
  const core_1 = require("@nestjs/core");
15
16
  const app_decorator_1 = require("../app.decorator");
16
17
  const authentication_1 = require("../authentication");
17
18
  let PermissionGuard = class PermissionGuard {
18
19
  authenticationService;
20
+ configService;
19
21
  reflector;
20
- constructor(authenticationService, reflector) {
22
+ constructor(authenticationService, configService, reflector) {
21
23
  this.authenticationService = authenticationService;
24
+ this.configService = configService;
22
25
  this.reflector = reflector;
23
26
  }
24
27
  canActivate(context) {
@@ -30,7 +33,8 @@ let PermissionGuard = class PermissionGuard {
30
33
  return true;
31
34
  }
32
35
  const { headers, params, subject, issuer } = context.switchToHttp().getRequest();
33
- const publicPermission = [headers['ei-internal-service'], subject === params.id].some(Boolean);
36
+ const internalAccess = subject.startsWith(`internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}`);
37
+ const publicPermission = [internalAccess, subject === params.id].some(Boolean);
34
38
  if (publicPermission) {
35
39
  return true;
36
40
  }
@@ -43,6 +47,7 @@ exports.PermissionGuard = PermissionGuard;
43
47
  exports.PermissionGuard = PermissionGuard = __decorate([
44
48
  (0, common_1.Injectable)(),
45
49
  __metadata("design:paramtypes", [authentication_1.AuthenticationService,
50
+ config_1.ConfigService,
46
51
  core_1.Reflector])
47
52
  ], PermissionGuard);
48
53
  //# sourceMappingURL=permission.guard.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA+D;AAC/D,sDAAuD;AAKhD,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,mBAAmB,GAAiB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,8CAA8B,EAAE;YACvG,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,EAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC1F,MAAM,gBAAgB,GAAG,CAAC,OAAO,CAAC,qBAAqB,CAAC,EAAE,OAAO,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAE9F,IAAI,gBAAgB,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB;aAC5B,wBAAwB,CAAC,OAAO,CAAC,CAAC,EAAC,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;aACjG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;CACJ,CAAA;AA3BY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QACjC,gBAAS;GAHhC,eAAe,CA2B3B"}
1
+ {"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,2CAA4C;AAC5C,uCAAsC;AACtC,oDAA+D;AAC/D,sDAAuD;AAKhD,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IACA;IAHrB,YACqB,qBAA4C,EAC5C,aAA4B,EAC5B,SAAoB;QAFpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,mBAAmB,GAAiB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,8CAA8B,EAAE;YACvG,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,EAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC1F,MAAM,cAAc,GAAG,OAAO,CAAC,UAAU,CACrC,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE,CAC3G,CAAA;QAED,MAAM,gBAAgB,GAAG,CAAC,cAAc,EAAE,OAAO,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAE9E,IAAI,gBAAgB,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB;aAC5B,wBAAwB,CAAC,OAAO,CAAC,CAAC,EAAC,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;aACjG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;CACJ,CAAA;AAhCY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QAC7B,sBAAa;QACjB,gBAAS;GAJhC,eAAe,CAgC3B"}