@bearei/server-common 0.0.72 → 0.0.74

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -37,17 +37,29 @@ let AccessGuard = class AccessGuard {
37
37
  const tokenKey = headers['ei-internal-authorization'] ? 'ei-internal-authorization' : 'authorization';
38
38
  const token = (0, util_1.formatToken)(headers)(tokenKey);
39
39
  !token && (0, util_1.throwAPIError)({ code: '401001', message: 'Authentication token does not exist' })(app_interface_1.APIError.UNAUTHORIZED);
40
- const processVerifyResult = (request) => (requiredAccesses) => ({ sub, iss }) => {
41
- const internalAccess = sub.startsWith(`internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}`);
42
- if (internalAccess) {
43
- return true;
44
- }
45
- sub === 'guest' &&
46
- !requiredAccesses?.includes(access_interface_1.Access.GUEST) &&
47
- (0, util_1.throwAPIError)({ code: '401002', message: 'Guest user do not have access to current resource' })(app_interface_1.APIError.UNAUTHORIZED);
48
- request['issuer'] = iss;
49
- request['subject'] = sub;
50
- return Boolean(sub);
40
+ const processVerifyResult = (request) => {
41
+ const processBcryptResult = (request) => (result) => {
42
+ !result &&
43
+ (0, util_1.throwAPIError)({ code: '401007', message: 'Internal service signature verification failed' })(app_interface_1.APIError.FORBIDDEN);
44
+ request['internalAccess'] = result;
45
+ return result;
46
+ };
47
+ return (requiredAccesses) => ({ sub, iss }) => {
48
+ request['issuer'] = iss;
49
+ request['subject'] = sub;
50
+ if (request.headers['ei-internal-authorization']) {
51
+ return (0, util_1.compare)({
52
+ accessKey: this.configService.get('service.accessKey'),
53
+ secretKey: this.configService.get('service.secretKey'),
54
+ serviceName: this.configService.get('service.name'),
55
+ timestamp: request.headers['ei-timestamp']
56
+ })(sub).then(processBcryptResult(request));
57
+ }
58
+ sub === 'guest' &&
59
+ !requiredAccesses?.includes(access_interface_1.Access.GUEST) &&
60
+ (0, util_1.throwAPIError)({ code: '401002', message: 'Guest user do not have access to current resource' })(app_interface_1.APIError.UNAUTHORIZED);
61
+ return Boolean(sub);
62
+ };
51
63
  };
52
64
  return this.jwtService.verifyAsync(token).then(processVerifyResult(request)(requiredAccesses));
53
65
  }
@@ -1 +1 @@
1
- {"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,2CAA4C;AAC5C,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AAEzC,gCAA6C;AAC7C,kCAAkD;AAClD,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IACA;IAHrB,YACqB,UAAsB,EACtB,aAA4B,EAC5B,SAAoB;QAFpB,eAAU,GAAV,UAAU,CAAY;QACtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,2BAA2B,CAAC,CAAC,CAAC,eAAe,CAAA;QACrG,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAA;QAE5C,CAAC,KAAK,IAAI,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,qCAAqC,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAA;QAEhH,MAAM,mBAAmB,GACrB,CAAC,OAAmB,EAAE,EAAE,CACxB,CAAC,gBAA0B,EAAE,EAAE,CAC/B,CAAC,EAAC,GAAG,EAAE,GAAG,EAAa,EAAE,EAAE;YACvB,MAAM,cAAc,GAAG,GAAG,CAAC,UAAU,CACjC,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE,CAC3G,CAAA;YAED,IAAI,cAAc,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAA;YACf,CAAC;YAED,GAAG,KAAK,OAAO;gBACX,CAAC,gBAAgB,EAAE,QAAQ,CAAC,yBAAM,CAAC,KAAK,CAAC;gBACzC,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,mDAAmD,EAAC,CAAC,CACzF,wBAAQ,CAAC,YAAY,CACxB,CAAA;YAEL,OAAO,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAA;YACvB,OAAO,CAAC,SAAS,CAAC,GAAG,GAAG,CAAA;YAExB,OAAO,OAAO,CAAC,GAAG,CAAC,CAAA;QACvB,CAAC,CAAA;QAEL,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAA;IAClG,CAAC;CACJ,CAAA;AA9CY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGwB,gBAAU;QACP,sBAAa;QACjB,gBAAS;GAJhC,WAAW,CA8CvB"}
1
+ {"version":3,"file":"access.guard.js","sourceRoot":"","sources":["../../src/access/access.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,2CAA4C;AAC5C,uCAAsC;AACtC,oDAA8C;AAC9C,oDAAyC;AAEzC,gCAA6C;AAC7C,kCAA2D;AAC3D,yDAAyC;AAGlC,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEC;IACA;IACA;IAHrB,YACqB,UAAsB,EACtB,aAA4B,EAC5B,SAAoB;QAFpB,eAAU,GAAV,UAAU,CAAY;QACtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,gBAAgB,GAAa,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,6BAAa,EAAE;YAC/E,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC/D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAA;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC,CAAC,CAAC,2BAA2B,CAAC,CAAC,CAAC,eAAe,CAAA;QACrG,MAAM,KAAK,GAAG,IAAA,kBAAW,EAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAA;QAE5C,CAAC,KAAK,IAAI,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,qCAAqC,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAA;QAEhH,MAAM,mBAAmB,GAAG,CAAC,OAAmB,EAAE,EAAE;YAChD,MAAM,mBAAmB,GAAG,CAAC,OAAmB,EAAE,EAAE,CAAC,CAAC,MAAe,EAAE,EAAE;gBACrE,CAAC,MAAM;oBACH,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,gDAAgD,EAAC,CAAC,CACtF,wBAAQ,CAAC,SAAS,CACrB,CAAA;gBAEL,OAAO,CAAC,gBAAgB,CAAC,GAAG,MAAM,CAAA;gBAElC,OAAO,MAAM,CAAA;YACjB,CAAC,CAAA;YAED,OAAO,CAAC,gBAA0B,EAAE,EAAE,CAClC,CAAC,EAAC,GAAG,EAAE,GAAG,EAAa,EAAE,EAAE;gBACvB,OAAO,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAA;gBACvB,OAAO,CAAC,SAAS,CAAC,GAAG,GAAG,CAAA;gBAExB,IAAI,OAAO,CAAC,OAAO,CAAC,2BAA2B,CAAC,EAAE,CAAC;oBAC/C,OAAO,IAAA,cAAO,EAAC;wBACX,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC;wBACtD,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC;wBACtD,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC;wBACnD,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC;qBAC7C,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAA;gBAC9C,CAAC;gBAED,GAAG,KAAK,OAAO;oBACX,CAAC,gBAAgB,EAAE,QAAQ,CAAC,yBAAM,CAAC,KAAK,CAAC;oBACzC,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,mDAAmD,EAAC,CAAC,CACzF,wBAAQ,CAAC,YAAY,CACxB,CAAA;gBAEL,OAAO,OAAO,CAAC,GAAG,CAAC,CAAA;YACvB,CAAC,CAAA;QACT,CAAC,CAAA;QAED,OAAO,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAA;IAClG,CAAC;CACJ,CAAA;AA1DY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAGwB,gBAAU;QACP,sBAAa;QACjB,gBAAS;GAJhC,WAAW,CA0DvB"}
@@ -12,7 +12,7 @@ export declare enum Order {
12
12
  ASC = "asc",
13
13
  DESC = "desc"
14
14
  }
15
- export type CustomHeaders = Record<'ei-domain-id' | 'ei-ip' | 'ei-client' | 'ei-internal-authorization' | 'ei-subject', string>;
15
+ export type CustomHeaders = Record<'ei-domain-id' | 'ei-ip' | 'ei-client' | 'ei-internal-authorization' | 'ei-subject' | 'ei-timestamp', string>;
16
16
  export type APIHeaders = Record<string, string> | CustomHeaders | AxiosRequestConfig['headers'];
17
17
  export declare enum APIError {
18
18
  BAD_REQUEST = "badRequest",
@@ -26,7 +26,8 @@ export interface AuthenticationExternalPermissionOptions {
26
26
  }
27
27
  export interface APIRequest {
28
28
  headers: APIHeaders;
29
+ internalAccess?: boolean;
30
+ issuer: string;
29
31
  params: Record<string, string>;
30
32
  subject: string;
31
- issuer: string;
32
33
  }
@@ -8,11 +8,15 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
8
8
  var __metadata = (this && this.__metadata) || function (k, v) {
9
9
  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
10
10
  };
11
+ var __importDefault = (this && this.__importDefault) || function (mod) {
12
+ return (mod && mod.__esModule) ? mod : { "default": mod };
13
+ };
11
14
  Object.defineProperty(exports, "__esModule", { value: true });
12
15
  exports.ExternalService = void 0;
13
16
  const axios_1 = require("@nestjs/axios");
14
17
  const common_1 = require("@nestjs/common");
15
18
  const config_1 = require("@nestjs/config");
19
+ const dayjs_1 = __importDefault(require("dayjs"));
16
20
  const rxjs_1 = require("rxjs");
17
21
  const app_interface_1 = require("../app.interface");
18
22
  const jwt_1 = require("../jwt");
@@ -60,10 +64,16 @@ let ExternalService = class ExternalService {
60
64
  };
61
65
  }
62
66
  async request({ baseURL, headers, method = 'GET', params, path = '/', serviceName, timeout, version, async = false, ...options }) {
63
- const subject = `internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}:${this.configService.get('service.name')}`;
67
+ const requestTimestamp = `${dayjs_1.default.utc().valueOf()}`;
68
+ const subject = await (0, util_1.hash)(this.configService.get('service.secretKey'))({
69
+ accessKey: this.configService.get('service.accessKey'),
70
+ secretKey: this.configService.get('service.secretKey'),
71
+ serviceName,
72
+ timestamp: requestTimestamp
73
+ });
64
74
  const token = await this.jwtService.signAsync({
65
- domainId: headers['ei-domainId'],
66
- client: headers['ei-client'],
75
+ audience: `internal:${this.configService.get('service.name')}`,
76
+ issuer: headers['ei-domainId'],
67
77
  jwtSignOptions: { expiresIn: 180000 }
68
78
  })(subject);
69
79
  const processParams = (params = {}) => Object.entries(params).reduce((accumulator, [key, value]) => {
@@ -84,6 +94,7 @@ let ExternalService = class ExternalService {
84
94
  'ei-internal-authorization': token,
85
95
  'ei-ip': headers['ei-ip'],
86
96
  'ei-subject': headers['ei-subject'],
97
+ 'ei-timestamp': requestTimestamp,
87
98
  authorization: headers['authorization']
88
99
  },
89
100
  method,
@@ -1 +1 @@
1
- {"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,+BAA+C;AAC/C,oDAAqD;AACrD,gCAAiC;AACjC,kCAAqC;AAQ9B,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IACA;IAHrB,YACqB,aAA4B,EAC5B,WAAwB,EACxB,UAAsB;QAFtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;QACxB,eAAU,GAAV,UAAU,CAAY;IACxC,CAAC;IAEJ,4BAA4B,CAAC,OAAmB;QAC5C,OAAO,KAAK,EAAE,OAAgD,EAAE,EAAE;YAC9D,OAAO,IAAI,CAAC,OAAO,CAAC;gBAChB,OAAO;gBACP,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,cAAc;aAC9B,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,eAAe,CAAC,OAAmB;QAC/B,OAAO,KAAK,EAAE,EAAC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAiC,EAAE,EAAE;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC;gBACf,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;gBACvC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE;oBACF,GAAG,IAAI;oBACP,MAAM;oBACN,OAAO,EAAE,GAAG,MAAM,IAAI,WAAW,EAAE;oBACnC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;oBAC5B,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;oBACjC,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC;oBACpB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;oBAClD,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC;oBAChC,MAAM,EAAE,OAAO,CAAC,YAAY,CAAC;iBAChC;gBACD,OAAO;aACV,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EACV,OAAO,EACP,OAAO,EACP,MAAM,GAAG,KAAK,EACd,MAAM,EACN,IAAI,GAAG,GAAG,EACV,WAAW,EACX,OAAO,EACP,OAAO,EACP,KAAK,GAAG,KAAK,EACb,GAAG,OAAO,EACG;QACb,MAAM,OAAO,GAAG,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,CAAA;QAClK,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;YAC1C,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC;YAChC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;YAC5B,cAAc,EAAE,EAAC,SAAS,EAAE,MAAM,EAAC;SACtC,CAAC,CAAC,OAAO,CAAC,CAAA;QAEX,MAAM,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,CAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,CAAC;YAAA,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,WAAW,CAAC;gBACjE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;YAEvE,OAAO,WAAW,CAAA;QACtB,CAAC,EAAE,EAAE,CAAC,CAAA;QAEV,OAAO,IAAA,qBAAc,EACjB,IAAI,CAAC,WAAW;aACX,OAAO,CAAC;YACL,GAAG,OAAO;YACV,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC5D,OAAO,EAAE;gBACL,GAAG,CAAC,KAAK,IAAI,EAAC,sBAAsB,EAAE,OAAO,EAAC,CAAC;gBAC/C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC;gBACjC,aAAa,EAAE,OAAO,CAAC,aAAa,CAAC;gBACrC,2BAA2B,EAAE,KAAK;gBAClC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;gBACzB,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC;gBACnC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC;aAC1C;YACD,MAAM;YACN,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAChE,GAAG,EAAE,IAAI,WAAW,IAAI,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;YAChG,GAAG,CAAC,MAAM,IAAI,EAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,EAAC,CAAC;SACjD,CAAC;aACD,IAAI,CACD,IAAA,iBAAU,EAAC,KAAK,CAAC,EAAE;YACf,KAAK,CAAC,IAAI,KAAK,WAAW;gBACtB,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,kCAAkC,EAAC,CAAC,CACzE,wBAAQ,CAAC,eAAe,CAC3B,CAAA;YAEL,MAAM,KAAK,CAAA;QACf,CAAC,CAAC,CACL,CACR,CAAC,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;CACJ,CAAA;AArGY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAG2B,sBAAa;QACf,mBAAW;QACZ,gBAAU;GAJlC,eAAe,CAqG3B"}
1
+ {"version":3,"file":"external.service.js","sourceRoot":"","sources":["../../src/external/external.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,yCAAyC;AACzC,2CAAyC;AACzC,2CAA4C;AAC5C,kDAAyB;AACzB,+BAA+C;AAC/C,oDAAqD;AACrD,gCAAiC;AACjC,kCAA2C;AAQpC,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IACA;IAHrB,YACqB,aAA4B,EAC5B,WAAwB,EACxB,UAAsB;QAFtB,kBAAa,GAAb,aAAa,CAAe;QAC5B,gBAAW,GAAX,WAAW,CAAa;QACxB,eAAU,GAAV,UAAU,CAAY;IACxC,CAAC;IAEJ,4BAA4B,CAAC,OAAmB;QAC5C,OAAO,KAAK,EAAE,OAAgD,EAAE,EAAE;YAC9D,OAAO,IAAI,CAAC,OAAO,CAAC;gBAChB,OAAO;gBACP,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,OAAO;gBACf,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,cAAc;aAC9B,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,eAAe,CAAC,OAAmB;QAC/B,OAAO,KAAK,EAAE,EAAC,MAAM,EAAE,WAAW,EAAE,GAAG,IAAI,EAAiC,EAAE,EAAE;YAC5E,MAAM,IAAI,CAAC,OAAO,CAAC;gBACf,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,OAAO;gBACvC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,aAAa;gBAC1B,IAAI,EAAE;oBACF,GAAG,IAAI;oBACP,MAAM;oBACN,OAAO,EAAE,GAAG,MAAM,IAAI,WAAW,EAAE;oBACnC,MAAM,EAAE,OAAO,CAAC,WAAW,CAAC;oBAC5B,QAAQ,EAAE,OAAO,CAAC,cAAc,CAAC;oBACjC,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC;oBACpB,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,aAAa,CAAC;oBAClD,SAAS,EAAE,OAAO,CAAC,YAAY,CAAC;oBAChC,MAAM,EAAE,OAAO,CAAC,YAAY,CAAC;iBAChC;gBACD,OAAO;aACV,CAAC,CAAA;QACN,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EACV,OAAO,EACP,OAAO,EACP,MAAM,GAAG,KAAK,EACd,MAAM,EACN,IAAI,GAAG,GAAG,EACV,WAAW,EACX,OAAO,EACP,OAAO,EACP,KAAK,GAAG,KAAK,EACb,GAAG,OAAO,EACG;QACb,MAAM,gBAAgB,GAAG,GAAG,eAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,CAAA;QACnD,MAAM,OAAO,GAAG,MAAM,IAAA,WAAI,EAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,CAAC;YACpE,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC;YACtD,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC;YACtD,WAAW;YACX,SAAS,EAAE,gBAAgB;SAC9B,CAAC,CAAA;QAEF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;YAC1C,QAAQ,EAAE,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE;YAC9D,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC;YAC9B,cAAc,EAAE,EAAC,SAAS,EAAE,MAAM,EAAC;SACtC,CAAC,CAAC,OAAO,CAAC,CAAA;QAEX,MAAM,aAAa,GAAG,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,CAClC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;YACxD,CAAC;YAAA,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,WAAW,CAAC;gBACjE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;YAEvE,OAAO,WAAW,CAAA;QACtB,CAAC,EAAE,EAAE,CAAC,CAAA;QAEV,OAAO,IAAA,qBAAc,EACjB,IAAI,CAAC,WAAW;aACX,OAAO,CAAC;YACL,GAAG,OAAO;YACV,OAAO,EAAE,OAAO;YAChB,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC;YAC5D,OAAO,EAAE;gBACL,GAAG,CAAC,KAAK,IAAI,EAAC,sBAAsB,EAAE,OAAO,EAAC,CAAC;gBAC/C,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC;gBACjC,aAAa,EAAE,OAAO,CAAC,aAAa,CAAC;gBACrC,2BAA2B,EAAE,KAAK;gBAClC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;gBACzB,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC;gBACnC,cAAc,EAAE,gBAAgB;gBAChC,aAAa,EAAE,OAAO,CAAC,eAAe,CAAC;aAC1C;YACD,MAAM;YACN,OAAO,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC;YAChE,GAAG,EAAE,IAAI,WAAW,IAAI,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,GAAG,IAAI,EAAE;YAChG,GAAG,CAAC,MAAM,IAAI,EAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,EAAC,CAAC;SACjD,CAAC;aACD,IAAI,CACD,IAAA,iBAAU,EAAC,KAAK,CAAC,EAAE;YACf,KAAK,CAAC,IAAI,KAAK,WAAW;gBACtB,IAAA,oBAAa,EAAC,EAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,kCAAkC,EAAC,CAAC,CACzE,wBAAQ,CAAC,eAAe,CAC3B,CAAA;YAEL,MAAM,KAAK,CAAA;QACf,CAAC,CAAC,CACL,CACR,CAAC,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAA;IAC5B,CAAC;CACJ,CAAA;AA7GY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAG2B,sBAAa;QACf,mBAAW;QACZ,gBAAU;GAJlC,eAAe,CA6G3B"}
@@ -1,8 +1,10 @@
1
1
  import { JwtSignOptions } from '@nestjs/jwt';
2
2
  export interface JWTSignAsyncOptions {
3
- domainId: string;
4
- client: string;
3
+ audience: string;
4
+ issuer: string;
5
+ jwtId?: string;
5
6
  jwtSignOptions?: JwtSignOptions;
7
+ notBefore?: number;
6
8
  }
7
9
  export type JWTPayload = {
8
10
  aud: string;
@@ -20,6 +20,7 @@ let JWTModule = class JWTModule {
20
20
  exports.JWTModule = JWTModule;
21
21
  exports.JWTModule = JWTModule = __decorate([
22
22
  (0, common_1.Module)({
23
+ exports: [jwt_service_1.JWTService],
23
24
  imports: [
24
25
  jwt_1.JwtModule.registerAsync({
25
26
  imports: [config_1.ConfigModule],
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.module.js","sourceRoot":"","sources":["../../src/jwt/jwt.module.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAqC;AACrC,2CAA0D;AAC1D,qCAAqC;AACrC,oDAA2B;AAC3B,+CAAwC;AAsBjC,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,8BAAS;oBAAT,SAAS;IApBrB,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE;YACL,eAAS,CAAC,aAAa,CAAC;gBACpB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,UAAU,EAAE,KAAK,EAAC,aAAa,EAAC,EAAE;oBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAA;oBAC3D,MAAM,UAAU,GAAG,gBAAM,CAAC,gBAAgB,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBACrE,MAAM,SAAS,GAAG,gBAAM,CAAC,eAAe,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBAEnE,OAAO;wBACH,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAC,CAAC;wBAC7D,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAC,CAAC;wBAC1D,WAAW,EAAE,EAAC,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,SAAS,EAAE,OAAO,EAAC;qBACnF,CAAA;gBACL,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aAC1B,CAAC;SACL;QACD,SAAS,EAAE,CAAC,wBAAU,CAAC;KAC1B,CAAC;GACW,SAAS,CAAG"}
1
+ {"version":3,"file":"jwt.module.js","sourceRoot":"","sources":["../../src/jwt/jwt.module.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAqC;AACrC,2CAA0D;AAC1D,qCAAqC;AACrC,oDAA2B;AAC3B,+CAAwC;AAuBjC,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,8BAAS;oBAAT,SAAS;IArBrB,IAAA,eAAM,EAAC;QACJ,OAAO,EAAE,CAAC,wBAAU,CAAC;QACrB,OAAO,EAAE;YACL,eAAS,CAAC,aAAa,CAAC;gBACpB,OAAO,EAAE,CAAC,qBAAY,CAAC;gBACvB,UAAU,EAAE,KAAK,EAAC,aAAa,EAAC,EAAE;oBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAA;oBAC3D,MAAM,UAAU,GAAG,gBAAM,CAAC,gBAAgB,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBACrE,MAAM,SAAS,GAAG,gBAAM,CAAC,eAAe,CAAC,EAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAC,CAAC,CAAA;oBAEnE,OAAO;wBACH,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAC,CAAC;wBAC7D,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,EAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAC,CAAC;wBAC1D,WAAW,EAAE,EAAC,SAAS,EAAE,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,SAAS,EAAE,OAAO,EAAC;qBACnF,CAAA;gBACL,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aAC1B,CAAC;SACL;QACD,SAAS,EAAE,CAAC,wBAAU,CAAC;KAC1B,CAAC;GACW,SAAS,CAAG"}
@@ -3,6 +3,6 @@ import { JWTSignAsyncOptions } from './jwt.interface';
3
3
  export declare class JWTService {
4
4
  private readonly jwtService;
5
5
  constructor(jwtService: JwtService);
6
- signAsync({ domainId, client, jwtSignOptions }: JWTSignAsyncOptions): (subject: string) => Promise<string>;
6
+ signAsync({ issuer, audience, jwtId, notBefore, jwtSignOptions }: JWTSignAsyncOptions): (subject: string) => Promise<string>;
7
7
  verifyAsync(token: string): Promise<any>;
8
8
  }
@@ -26,13 +26,13 @@ let JWTService = class JWTService {
26
26
  this.jwtService = jwtService;
27
27
  dayjs_1.default.extend(utc_1.default);
28
28
  }
29
- signAsync({ domainId, client, jwtSignOptions }) {
29
+ signAsync({ issuer, audience, jwtId, notBefore, jwtSignOptions }) {
30
30
  return async (subject) => {
31
31
  const payload = {
32
- aud: client,
33
- iss: domainId,
34
- jti: (0, nanoid_1.nanoid)(),
35
- nbf: parseInt(`${dayjs_1.default.utc().valueOf() / 1000}`),
32
+ aud: audience,
33
+ iss: issuer,
34
+ jti: jwtId ?? (0, nanoid_1.nanoid)(),
35
+ nbf: notBefore ?? parseInt(`${dayjs_1.default.utc().valueOf() / 1000}`),
36
36
  sub: subject
37
37
  };
38
38
  const token = await this.jwtService.signAsync(payload, jwtSignOptions);
@@ -1 +1 @@
1
- {"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/jwt/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyC;AACzC,qCAAsC;AACtC,kDAAyB;AACzB,2DAAkC;AAClC,mCAA6B;AAC7B,oDAAyC;AACzC,kCAAqC;AAI9B,IAAM,UAAU,GAAhB,MAAM,UAAU;IACU;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;QAC/C,eAAK,CAAC,MAAM,CAAC,aAAG,CAAC,CAAA;IACrB,CAAC;IAED,SAAS,CAAC,EAAC,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAsB;QAC7D,OAAO,KAAK,EAAE,OAAe,EAAE,EAAE;YAC7B,MAAM,OAAO,GAAG;gBACZ,GAAG,EAAE,MAAM;gBACX,GAAG,EAAE,QAAQ;gBACb,GAAG,EAAE,IAAA,eAAM,GAAE;gBACb,GAAG,EAAE,QAAQ,CAAC,GAAG,eAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC;gBAChD,GAAG,EAAE,OAAO;aACf,CAAA;YAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,EAAE,cAAc,CAAC,CAAA;YAEtE,OAAO,KAAK,CAAA;QAChB,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC3B,OAAO,IAAI,CAAC,UAAU;aACjB,WAAW,CAAC,KAAK,CAAC;aAClB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,IAAA,oBAAa,EAAC,EAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAC,CAAA;IACvF,CAAC;CACJ,CAAA;AA1BY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAEgC,gBAAU;GAD1C,UAAU,CA0BtB"}
1
+ {"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/jwt/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAyC;AACzC,qCAAsC;AACtC,kDAAyB;AACzB,2DAAkC;AAClC,mCAA6B;AAC7B,oDAAyC;AACzC,kCAAqC;AAI9B,IAAM,UAAU,GAAhB,MAAM,UAAU;IACU;IAA7B,YAA6B,UAAsB;QAAtB,eAAU,GAAV,UAAU,CAAY;QAC/C,eAAK,CAAC,MAAM,CAAC,aAAG,CAAC,CAAA;IACrB,CAAC;IAED,SAAS,CAAC,EAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAsB;QAC/E,OAAO,KAAK,EAAE,OAAe,EAAE,EAAE;YAC7B,MAAM,OAAO,GAAG;gBACZ,GAAG,EAAE,QAAQ;gBACb,GAAG,EAAE,MAAM;gBACX,GAAG,EAAE,KAAK,IAAI,IAAA,eAAM,GAAE;gBACtB,GAAG,EAAE,SAAS,IAAI,QAAQ,CAAC,GAAG,eAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC;gBAC7D,GAAG,EAAE,OAAO;aACf,CAAA;YAED,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,EAAE,cAAc,CAAC,CAAA;YAEtE,OAAO,KAAK,CAAA;QAChB,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAa;QAC3B,OAAO,IAAI,CAAC,UAAU;aACjB,WAAW,CAAC,KAAK,CAAC;aAClB,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,IAAA,oBAAa,EAAC,EAAC,OAAO,EAAE,KAAK,CAAC,OAAO,EAAC,CAAC,CAAC,wBAAQ,CAAC,YAAY,CAAC,CAAC,CAAA;IACvF,CAAC;CACJ,CAAA;AA1BY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAEgC,gBAAU;GAD1C,UAAU,CA0BtB"}
@@ -1,11 +1,9 @@
1
1
  import { CanActivate, ExecutionContext } from '@nestjs/common';
2
- import { ConfigService } from '@nestjs/config';
3
2
  import { Reflector } from '@nestjs/core';
4
3
  import { AuthenticationService } from '../authentication';
5
4
  export declare class PermissionGuard implements CanActivate {
6
5
  private readonly authenticationService;
7
- private readonly configService;
8
6
  private readonly reflector;
9
- constructor(authenticationService: AuthenticationService, configService: ConfigService, reflector: Reflector);
7
+ constructor(authenticationService: AuthenticationService, reflector: Reflector);
10
8
  canActivate(context: ExecutionContext): true | Promise<boolean>;
11
9
  }
@@ -11,17 +11,14 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.PermissionGuard = void 0;
13
13
  const common_1 = require("@nestjs/common");
14
- const config_1 = require("@nestjs/config");
15
14
  const core_1 = require("@nestjs/core");
16
15
  const app_decorator_1 = require("../app.decorator");
17
16
  const authentication_1 = require("../authentication");
18
17
  let PermissionGuard = class PermissionGuard {
19
18
  authenticationService;
20
- configService;
21
19
  reflector;
22
- constructor(authenticationService, configService, reflector) {
20
+ constructor(authenticationService, reflector) {
23
21
  this.authenticationService = authenticationService;
24
- this.configService = configService;
25
22
  this.reflector = reflector;
26
23
  }
27
24
  canActivate(context) {
@@ -32,8 +29,7 @@ let PermissionGuard = class PermissionGuard {
32
29
  if (!requiredPermissions) {
33
30
  return true;
34
31
  }
35
- const { headers, params, subject, issuer } = context.switchToHttp().getRequest();
36
- const internalAccess = subject.startsWith(`internal:${this.configService.get('service.accessKey')}:${this.configService.get('service.secretKey')}`);
32
+ const { headers, params, subject, issuer, internalAccess } = context.switchToHttp().getRequest();
37
33
  const publicPermission = [internalAccess, subject === params.id].some(Boolean);
38
34
  if (publicPermission) {
39
35
  return true;
@@ -47,7 +43,6 @@ exports.PermissionGuard = PermissionGuard;
47
43
  exports.PermissionGuard = PermissionGuard = __decorate([
48
44
  (0, common_1.Injectable)(),
49
45
  __metadata("design:paramtypes", [authentication_1.AuthenticationService,
50
- config_1.ConfigService,
51
46
  core_1.Reflector])
52
47
  ], PermissionGuard);
53
48
  //# sourceMappingURL=permission.guard.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,2CAA4C;AAC5C,uCAAsC;AACtC,oDAA+D;AAC/D,sDAAuD;AAKhD,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IACA;IAHrB,YACqB,qBAA4C,EAC5C,aAA4B,EAC5B,SAAoB;QAFpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,mBAAmB,GAAiB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,8CAA8B,EAAE;YACvG,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,EAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC1F,MAAM,cAAc,GAAG,OAAO,CAAC,UAAU,CACrC,YAAY,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,mBAAmB,CAAC,EAAE,CAC3G,CAAA;QAED,MAAM,gBAAgB,GAAG,CAAC,cAAc,EAAE,OAAO,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAE9E,IAAI,gBAAgB,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB;aAC5B,wBAAwB,CAAC,OAAO,CAAC,CAAC,EAAC,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;aACjG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;CACJ,CAAA;AAhCY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QAC7B,sBAAa;QACjB,gBAAS;GAJhC,eAAe,CAgC3B"}
1
+ {"version":3,"file":"permission.guard.js","sourceRoot":"","sources":["../../src/permission/permission.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAwE;AACxE,uCAAsC;AACtC,oDAA+D;AAC/D,sDAAuD;AAKhD,IAAM,eAAe,GAArB,MAAM,eAAe;IAEH;IACA;IAFrB,YACqB,qBAA4C,EAC5C,SAAoB;QADpB,0BAAqB,GAArB,qBAAqB,CAAuB;QAC5C,cAAS,GAAT,SAAS,CAAW;IACtC,CAAC;IAEJ,WAAW,CAAC,OAAyB;QACjC,MAAM,mBAAmB,GAAiB,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,8CAA8B,EAAE;YACvG,OAAO,CAAC,QAAQ,EAAE;YAClB,OAAO,CAAC,UAAU,EAAE;SACvB,CAAC,CAAA;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACvB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,MAAM,EAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,cAAc,EAAC,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAc,CAAA;QAC1G,MAAM,gBAAgB,GAAG,CAAC,cAAc,EAAE,OAAO,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAE9E,IAAI,gBAAgB,EAAE,CAAC;YACnB,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB;aAC5B,wBAAwB,CAAC,OAAO,CAAC,CAAC,EAAC,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;aACjG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;CACJ,CAAA;AA3BY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,mBAAU,GAAE;qCAGmC,sCAAqB;QACjC,gBAAS;GAHhC,eAAe,CA2B3B"}