@betterportal/auth-authress-io 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. package/bsb-plugin.json +22 -0
  2. package/bsb-tests.json +14 -0
  3. package/lib/index.d.ts +2 -0
  4. package/lib/index.d.ts.map +1 -0
  5. package/lib/index.js +2 -0
  6. package/lib/index.js.map +1 -0
  7. package/lib/plugins/service-betterportal-auth-authress-io/.bp-generated/registry.d.ts +3 -0
  8. package/lib/plugins/service-betterportal-auth-authress-io/.bp-generated/registry.d.ts.map +1 -0
  9. package/lib/plugins/service-betterportal-auth-authress-io/.bp-generated/registry.js +82 -0
  10. package/lib/plugins/service-betterportal-auth-authress-io/.bp-generated/registry.js.map +1 -0
  11. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_background.monitor.d.ts +5 -0
  12. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_background.monitor.d.ts.map +1 -0
  13. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_background.monitor.js +51 -0
  14. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_background.monitor.js.map +1 -0
  15. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_nav.profile.d.ts +5 -0
  16. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_nav.profile.d.ts.map +1 -0
  17. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_nav.profile.js +10 -0
  18. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/_nav.profile.js.map +1 -0
  19. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/index.d.ts +5 -0
  20. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/index.d.ts.map +1 -0
  21. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/index.js +206 -0
  22. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.bootstrap1/index.js.map +1 -0
  23. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.embedded/_background.monitor.d.ts +3 -0
  24. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.embedded/_background.monitor.d.ts.map +1 -0
  25. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.embedded/_background.monitor.js +3 -0
  26. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/_theme.embedded/_background.monitor.js.map +1 -0
  27. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/index.d.ts +92 -0
  28. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/index.d.ts.map +1 -0
  29. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/index.js +187 -0
  30. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/login/index.js.map +1 -0
  31. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/logout/index.d.ts +27 -0
  32. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/logout/index.d.ts.map +1 -0
  33. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/logout/index.js +35 -0
  34. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/logout/index.js.map +1 -0
  35. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/refresh/index.d.ts +29 -0
  36. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/refresh/index.d.ts.map +1 -0
  37. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/refresh/index.js +87 -0
  38. package/lib/plugins/service-betterportal-auth-authress-io/bp-routes/refresh/index.js.map +1 -0
  39. package/lib/plugins/service-betterportal-auth-authress-io/index.d.ts +146 -0
  40. package/lib/plugins/service-betterportal-auth-authress-io/index.d.ts.map +1 -0
  41. package/lib/plugins/service-betterportal-auth-authress-io/index.js +366 -0
  42. package/lib/plugins/service-betterportal-auth-authress-io/index.js.map +1 -0
  43. package/lib/schemas/service-betterportal-auth-authress-io.json +139 -0
  44. package/lib/schemas/service-betterportal-auth-authress-io.plugin.json +151 -0
  45. package/package.json +66 -0
package/lib/plugins/service-betterportal-auth-authress-io/index.js ADDED
@@ -0,0 +1,366 @@
1
+ import { createConfigSchema, createEventSchemas } from "@bsb/base";
2
+ import * as av from "anyvali";
3
+ import { BetterPortalConfigSchema, BPService } from "@betterportal/plugin-bsb";
4
+ import { verify as verifySignature } from "node:crypto";
5
+ import jwt from "jsonwebtoken";
6
+ import { createBpTokenIssuer, getSigningKeyForKid, loadOrGenerateKeyPair, publicKeyToJwk } from "@betterportal/framework";
7
+ import { registry } from "./.bp-generated/registry.js";
8
+ import { resolve } from "node:path";
9
+ const PluginConfigSchema = av.object({
10
+ host: av.string().minLength(1).default("0.0.0.0"),
11
+ port: av.int().min(1).default(3211),
12
+ issuer: av.string().minLength(1).default("https://authress.betterportal.local"),
13
+ audience: av.string().minLength(1).default("betterportal-runtime"),
14
+ accessTokenSeconds: av.int().min(1).default(60 * 15),
15
+ refreshTokenSeconds: av.int().min(1).default(60 * 60 * 24 * 7),
16
+ keyStorePath: av.string().minLength(1).default("./.bp-authress-state/keys.json"),
17
+ betterportal: BetterPortalConfigSchema
18
+ }, { unknownKeys: "strip" });
19
+ const Config = createConfigSchema({
20
+ name: "service.betterportal.auth.authress-io",
21
+ description: "BetterPortal Authress.io auth service",
22
+ tags: ["betterportal", "auth", "authress"],
23
+ documentation: ["./README.md"]
24
+ }, PluginConfigSchema);
25
+ const EventSchemas = createEventSchemas({
26
+ emitEvents: {},
27
+ onEvents: {},
28
+ emitReturnableEvents: {},
29
+ onReturnableEvents: {},
30
+ emitBroadcast: {},
31
+ onBroadcast: {}
32
+ });
33
+ const STRONG_JWT_ALGORITHMS = [
34
+ "RS256", "RS384", "RS512",
35
+ "PS256", "PS384", "PS512",
36
+ "ES256", "ES384", "ES512"
37
+ ];
38
+ const STRONG_EXTERNAL_ALGORITHMS = new Set([...STRONG_JWT_ALGORITHMS, "EdDSA"]);
39
+ function nonEmptyString(value) {
40
+ return typeof value === "string" && value.trim().length > 0 ? value.trim() : undefined;
41
+ }
42
+ function stripTrailingSlash(value) {
43
+ return value.replace(/\/+$/, "");
44
+ }
45
+ export function resolveAuthressBrowserConfig(raw) {
46
+ const authressApiUrl = nonEmptyString(raw?.authressApiUrl);
47
+ const applicationId = nonEmptyString(raw?.applicationId);
48
+ if (!authressApiUrl || !applicationId)
49
+ return null;
50
+ return {
51
+ authressApiUrl,
52
+ applicationId,
53
+ ...(nonEmptyString(raw?.scopes) ? { scopes: nonEmptyString(raw?.scopes) } : {})
54
+ };
55
+ }
56
+ export function resolveAuthressAppConfig(raw) {
57
+ const browser = resolveAuthressBrowserConfig(raw);
58
+ if (!browser)
59
+ return null;
60
+ const authressApiUrl = stripTrailingSlash(browser.authressApiUrl);
61
+ return {
62
+ ...browser,
63
+ authressApiUrl,
64
+ expectedIssuer: nonEmptyString(raw?.expectedIssuer) ?? authressApiUrl,
65
+ ...(nonEmptyString(raw?.expectedAudience) ? { expectedAudience: nonEmptyString(raw?.expectedAudience) } : {}),
66
+ jwksUri: nonEmptyString(raw?.jwksUri) ?? `${authressApiUrl}/.well-known/openid-configuration/jwks`,
67
+ ...(nonEmptyString(raw?.loginRedirectPath) ? { loginRedirectPath: nonEmptyString(raw?.loginRedirectPath) } : {}),
68
+ ...(nonEmptyString(raw?.logoutRedirectPath) ? { logoutRedirectPath: nonEmptyString(raw?.logoutRedirectPath) } : {}),
69
+ ...(nonEmptyString(raw?.roleClaimPath) ? { roleClaimPath: nonEmptyString(raw?.roleClaimPath) } : {}),
70
+ ...(nonEmptyString(raw?.subjectClaimPath) ? { subjectClaimPath: nonEmptyString(raw?.subjectClaimPath) } : {}),
71
+ ...(nonEmptyString(raw?.nameClaimPath) ? { nameClaimPath: nonEmptyString(raw?.nameClaimPath) } : {}),
72
+ ...(nonEmptyString(raw?.emailClaimPath) ? { emailClaimPath: nonEmptyString(raw?.emailClaimPath) } : {}),
73
+ ...(nonEmptyString(raw?.pictureClaimPath) ? { pictureClaimPath: nonEmptyString(raw?.pictureClaimPath) } : {}),
74
+ ...(nonEmptyString(raw?.clientSecret) ? { clientSecret: nonEmptyString(raw?.clientSecret) } : {}),
75
+ ...(nonEmptyString(raw?.apiKey) ? { apiKey: nonEmptyString(raw?.apiKey) } : {})
76
+ };
77
+ }
78
+ export const AuthressConfigSchemas = [
79
+ {
80
+ id: "authress.app",
81
+ title: "Authress App Config",
82
+ description: "App-scoped Authress settings for browser login and JWT verification.",
83
+ scope: "app",
84
+ jsonSchema: {
85
+ authressApiUrl: "string",
86
+ applicationId: "string",
87
+ expectedIssuer: "string",
88
+ expectedAudience: "string",
89
+ jwksUri: "string",
90
+ scopes: "string",
91
+ loginRedirectPath: "string",
92
+ logoutRedirectPath: "string",
93
+ roleClaimPath: "string",
94
+ subjectClaimPath: "string",
95
+ nameClaimPath: "string",
96
+ emailClaimPath: "string",
97
+ pictureClaimPath: "string",
98
+ clientSecret: "string",
99
+ apiKey: "string"
100
+ },
101
+ groups: [
102
+ { id: "connection", title: "Connection", description: "Authress application and API endpoints.", order: 10, optional: false },
103
+ { id: "jwt", title: "JWT Verification", description: "Optional overrides for Authress token verification. Leave blank to derive from the Authress API URL.", order: 20, optional: true },
104
+ { id: "login", title: "Login", description: "Browser login request options.", order: 30, optional: true },
105
+ { id: "claims", title: "Claims", description: "JWT claim paths mapped into the BetterPortal user context.", order: 40, optional: true },
106
+ { id: "secrets", title: "Server Credentials", description: "Optional encrypted credentials for server-side Authress API calls.", order: 50, optional: true }
107
+ ],
108
+ fields: [
109
+ { key: "authressApiUrl", title: "Authress API URL", description: "Authress account API URL used by the browser SDK.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "connection", order: 10, required: true },
110
+ { key: "applicationId", title: "Application ID", description: "Authress application ID for this BP app.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "connection", order: 20, required: true },
111
+ { key: "expectedIssuer", title: "Expected Issuer", description: "Optional JWT issuer override. Blank uses the Authress API URL.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "jwt", order: 10, required: false },
112
+ { key: "expectedAudience", title: "Expected Audience", description: "Optional JWT audience override. Blank disables audience validation.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "jwt", order: 20, required: false },
113
+ { key: "jwksUri", title: "JWKS URI", description: "Optional JWKS endpoint override. Blank uses Authress API URL + /.well-known/openid-configuration/jwks.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "jwt", order: 30, required: false },
114
+ { key: "scopes", title: "Scopes", description: "Space-separated scopes requested by the browser login flow.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "login", order: 10, required: false },
115
+ { key: "loginRedirectPath", title: "Logged In Route", description: "Tenant route shown after signing in when no next path is supplied.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "login", order: 20, defaultValue: "/", ui: { control: "select", optionsSource: "app.routes" }, required: false },
116
+ { key: "logoutRedirectPath", title: "Logged Out Route", description: "Tenant route shown after signing out.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "login", order: 30, defaultValue: "/", ui: { control: "select", optionsSource: "app.routes" }, required: false },
117
+ { key: "roleClaimPath", title: "Role Claim Path", description: "Dot path to roles in the Authress token.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "claims", order: 10, defaultValue: "roles", required: false },
118
+ { key: "subjectClaimPath", title: "Subject Claim Path", description: "Dot path to the user subject in the Authress token.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "claims", order: 20, defaultValue: "sub", required: false },
119
+ { key: "nameClaimPath", title: "Name Claim Path", description: "Dot path to display name in the Authress token.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "claims", order: 30, defaultValue: "name", required: false },
120
+ { key: "emailClaimPath", title: "Email Claim Path", description: "Dot path to email in the Authress token.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "claims", order: 40, defaultValue: "email", required: false },
121
+ { key: "pictureClaimPath", title: "Picture Claim Path", description: "Dot path to avatar URL in the Authress token.", scope: "app", visibility: "protected", ownership: "bp", sourceOfTruth: "bp", groupId: "claims", order: 50, defaultValue: "picture", required: false },
122
+ { key: "clientSecret", title: "Client Secret", description: "Optional Authress client secret for server-side Authress flows.", scope: "app", visibility: "secret", ownership: "bp", sourceOfTruth: "bp", groupId: "secrets", order: 10, required: false },
123
+ { key: "apiKey", title: "API Key", description: "Optional Authress API key for server-side Authress API calls.", scope: "app", visibility: "secret", ownership: "bp", sourceOfTruth: "bp", groupId: "secrets", order: 20, required: false }
124
+ ]
125
+ }
126
+ ];
127
+ export class Plugin extends BPService {
128
+ static Config = Config;
129
+ static EventSchemas = EventSchemas;
130
+ keyPair;
131
+ constructor(cfg) {
132
+ super({ ...cfg, eventSchemas: EventSchemas });
133
+ }
134
+ async init(obs) {
135
+ this.keyPair = loadOrGenerateKeyPair(resolve(this.config.keyStorePath));
136
+ await super.init(obs);
137
+ const jwk = publicKeyToJwk(this.keyPair.publicKeyPem, this.keyPair.kid);
138
+ this.registerAsAuthProvider({
139
+ jwks: { keys: [jwk] }
140
+ });
141
+ }
142
+ definition() {
143
+ return {
144
+ manifest: {
145
+ pluginId: "service.betterportal.auth.authress-io",
146
+ title: "BetterPortal Authress.io",
147
+ description: "Authress-backed auth service for BetterPortal apps.",
148
+ capabilities: ["auth"],
149
+ configSchemas: AuthressConfigSchemas
150
+ },
151
+ registry
152
+ };
153
+ }
154
+ getJwtVerifier(tenantId, appId) {
155
+ void tenantId;
156
+ void appId;
157
+ return this.tokenIssuer().verifier("access");
158
+ }
159
+ signAccessToken(input) {
160
+ return this.tokenIssuer().signAccessToken(input);
161
+ }
162
+ verifyAuthressToken(token, appConfig, scope) {
163
+ return verifyAuthressToken(token, appConfig, scope);
164
+ }
165
+ issueTokenPair(input, options) {
166
+ return this.tokenIssuer().issueTokenPair(input, options);
167
+ }
168
+ getAuthressAppConfig(tenantId, appId) {
169
+ return resolveAuthressAppConfig(this.getAuthressRawConfig(tenantId, appId));
170
+ }
171
+ getAuthressBrowserConfig(tenantId, appId) {
172
+ return resolveAuthressBrowserConfig(this.getAuthressRawConfig(tenantId, appId));
173
+ }
174
+ getAuthressRawConfig(tenantId, appId) {
175
+ const ticket = this.authressConfigReadTicket(tenantId);
176
+ const state = this.configStore.read(ticket);
177
+ return { ...state.tenant, ...(state.app[appId] ?? {}) };
178
+ }
179
+ authressConfigReadTicket(tenantId) {
180
+ const now = Math.floor(Date.now() / 1000);
181
+ return {
182
+ iss: "service.betterportal.auth.authress-io",
183
+ aud: "service.betterportal.auth.authress-io",
184
+ sub: "service.betterportal.auth.authress-io",
185
+ iat: now,
186
+ exp: now + 60,
187
+ jti: `${tenantId}:${now}`,
188
+ realm: "control-plane",
189
+ tenantId,
190
+ serviceId: "service.betterportal.auth.authress-io",
191
+ actions: ["config.read"]
192
+ };
193
+ }
194
+ tokenIssuer() {
195
+ return createBpTokenIssuer({
196
+ keyPair: this.keyPair,
197
+ issuer: this.config.issuer,
198
+ audience: this.config.audience,
199
+ accessTokenSeconds: this.config.accessTokenSeconds,
200
+ refreshTokenSeconds: this.config.refreshTokenSeconds
201
+ });
202
+ }
203
+ }
204
+ export { Config, EventSchemas };
205
+ async function verifyAuthressToken(token, appConfig, scope) {
206
+ const raw = await verifyExternalAuthressJwt(token, appConfig);
207
+ const subjectPath = appConfig.subjectClaimPath ?? "sub";
208
+ const sub = readStringClaim(raw, subjectPath) ?? readStringClaim(raw, "sub");
209
+ if (!sub)
210
+ throw new Error(`Authress token missing subject claim ${subjectPath}`);
211
+ const name = readStringClaim(raw, appConfig.nameClaimPath ?? "name") ??
212
+ readStringClaim(raw, "name") ??
213
+ readStringClaim(raw, "data.name") ??
214
+ readStringClaim(raw, "displayName") ??
215
+ readStringClaim(raw, "preferred_username") ??
216
+ readStringClaim(raw, "nickname") ??
217
+ readStringClaim(raw, "data.login");
218
+ const email = readStringClaim(raw, appConfig.emailClaimPath ?? "email") ??
219
+ readStringClaim(raw, "email") ??
220
+ readStringClaim(raw, "email_address");
221
+ const picture = readStringClaim(raw, appConfig.pictureClaimPath ?? "picture") ??
222
+ readStringClaim(raw, "picture") ??
223
+ readStringClaim(raw, "avatar") ??
224
+ readStringClaim(raw, "avatarUrl") ??
225
+ readStringClaim(raw, "data.avatar_url");
226
+ const now = Math.floor(Date.now() / 1000);
227
+ return {
228
+ iss: String(raw.iss),
229
+ aud: normalizeAudience(raw.aud),
230
+ sub,
231
+ exp: typeof raw.exp === "number" ? raw.exp : now,
232
+ iat: typeof raw.iat === "number" ? raw.iat : now,
233
+ ...(typeof raw.nbf === "number" ? { nbf: raw.nbf } : {}),
234
+ jti: typeof raw.jti === "string" && raw.jti.length > 0 ? raw.jti : `${sub}:${raw.iat ?? now}`,
235
+ realm: "runtime",
236
+ tenantId: scope.tenantId,
237
+ appId: scope.appId,
238
+ roles: readStringArrayClaim(raw, appConfig.roleClaimPath ?? "roles"),
239
+ tokenType: "access",
240
+ authProvider: "authress.io",
241
+ providerSubject: sub,
242
+ provider: authressProviderReference(raw),
243
+ ...optionalClaim("name", name),
244
+ ...optionalClaim("email", email),
245
+ ...optionalClaim("picture", picture)
246
+ };
247
+ }
248
+ async function verifyExternalAuthressJwt(token, appConfig) {
249
+ if (typeof token !== "string" || token.length === 0)
250
+ throw new Error("Token is empty");
251
+ const parts = token.split(".");
252
+ if (parts.length !== 3)
253
+ throw new Error("Token must have exactly three parts");
254
+ const header = parseHeader(parts[0]);
255
+ if (!STRONG_EXTERNAL_ALGORITHMS.has(String(header.alg)))
256
+ throw new Error(`Algorithm not allowed: ${String(header.alg)}`);
257
+ if (typeof header.kid !== "string" || header.kid.length === 0)
258
+ throw new Error("Token header missing kid");
259
+ if ("jku" in header || "x5u" in header)
260
+ throw new Error("Token header contains untrusted reference (jku/x5u)");
261
+ const publicKeyPem = await getSigningKeyForKid({ jwksUri: appConfig.jwksUri, issuer: appConfig.expectedIssuer }, header.kid);
262
+ const claims = header.alg === "EdDSA"
263
+ ? verifyEdDsaJwt(token, publicKeyPem)
264
+ : verifyJwtWithJsonwebtoken(token, publicKeyPem, appConfig);
265
+ assertAuthressClaims(claims, appConfig);
266
+ return claims;
267
+ }
268
+ function verifyJwtWithJsonwebtoken(token, publicKeyPem, appConfig) {
269
+ const verified = jwt.verify(token, publicKeyPem, {
270
+ algorithms: STRONG_JWT_ALGORITHMS,
271
+ issuer: appConfig.expectedIssuer,
272
+ ...(appConfig.expectedAudience ? { audience: appConfig.expectedAudience } : {}),
273
+ complete: false
274
+ });
275
+ if (!verified || typeof verified !== "object")
276
+ throw new Error("Library returned non-object claims");
277
+ return verified;
278
+ }
279
+ function verifyEdDsaJwt(token, publicKeyPem) {
280
+ const [encodedHeader, encodedPayload, encodedSignature] = token.split(".");
281
+ const verified = verifySignature(null, Buffer.from(`${encodedHeader}.${encodedPayload}`), publicKeyPem, Buffer.from(encodedSignature, "base64url"));
282
+ if (!verified)
283
+ throw new Error("Library verification failed: invalid signature");
284
+ return parsePayload(encodedPayload);
285
+ }
286
+ function assertAuthressClaims(claims, appConfig) {
287
+ const now = Math.floor(Date.now() / 1000);
288
+ if (claims.iss !== appConfig.expectedIssuer)
289
+ throw new Error(`Issuer mismatch (manual re-check) (${claims.iss} != ${appConfig.expectedIssuer})`);
290
+ if (appConfig.expectedAudience) {
291
+ const audiences = Array.isArray(claims.aud) ? claims.aud : [claims.aud];
292
+ if (!audiences.includes(appConfig.expectedAudience)) {
293
+ throw new Error(`Audience mismatch (manual re-check) (${appConfig.expectedAudience} != ${audiences.join(",")})`);
294
+ }
295
+ }
296
+ if (typeof claims.exp !== "number" || claims.exp <= now)
297
+ throw new Error("Token is expired (manual re-check)");
298
+ if (typeof claims.nbf === "number" && claims.nbf > now)
299
+ throw new Error("Token is not yet valid (manual re-check)");
300
+ }
301
+ function parseHeader(encodedHeader) {
302
+ const parsed = parsePayload(encodedHeader);
303
+ return parsed;
304
+ }
305
+ function parsePayload(encodedPayload) {
306
+ let parsed;
307
+ try {
308
+ parsed = JSON.parse(Buffer.from(encodedPayload, "base64url").toString("utf8"));
309
+ }
310
+ catch {
311
+ throw new Error("Token part is not valid JSON");
312
+ }
313
+ if (!parsed || typeof parsed !== "object")
314
+ throw new Error("Token part is not an object");
315
+ return parsed;
316
+ }
317
+ function readStringClaim(claims, path) {
318
+ const value = readPath(claims, path);
319
+ return typeof value === "string" && value.length > 0 ? value : undefined;
320
+ }
321
+ function readStringArrayClaim(claims, path) {
322
+ const value = readPath(claims, path);
323
+ if (Array.isArray(value))
324
+ return value.filter((entry) => typeof entry === "string" && entry.length > 0);
325
+ return typeof value === "string" && value.length > 0 ? [value] : [];
326
+ }
327
+ function authressProviderReference(claims) {
328
+ const data = claims.data && typeof claims.data === "object" && !Array.isArray(claims.data)
329
+ ? claims.data
330
+ : {};
331
+ return compactProviderReference({
332
+ username: readStringClaim(claims, "preferred_username") ?? stringValue(data.login),
333
+ profileUrl: stringValue(data.html_url),
334
+ accountId: stringValue(data.id) ?? numberValue(data.id),
335
+ nodeId: stringValue(data.node_id),
336
+ scope: stringValue(claims.scope) ?? readStringClaim(claims, "context.scope")
337
+ });
338
+ }
339
+ function compactProviderReference(input) {
340
+ return Object.fromEntries(Object.entries(input).filter(([, value]) => value !== undefined));
341
+ }
342
+ function stringValue(value) {
343
+ return typeof value === "string" && value.length > 0 ? value : undefined;
344
+ }
345
+ function numberValue(value) {
346
+ return typeof value === "number" && Number.isFinite(value) ? value : undefined;
347
+ }
348
+ function readPath(claims, path) {
349
+ return path.split(".").reduce((current, segment) => {
350
+ if (!current || typeof current !== "object")
351
+ return undefined;
352
+ return current[segment];
353
+ }, claims);
354
+ }
355
+ function normalizeAudience(value) {
356
+ if (Array.isArray(value)) {
357
+ const aud = value.filter((entry) => typeof entry === "string" && entry.length > 0);
358
+ if (aud.length > 0)
359
+ return aud;
360
+ }
361
+ return typeof value === "string" && value.length > 0 ? value : "authress";
362
+ }
363
+ function optionalClaim(key, value) {
364
+ return value ? { [key]: value } : {};
365
+ }
366
+ //# sourceMappingURL=index.js.map
package/lib/plugins/service-betterportal-auth-authress-io/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/service-betterportal-auth-authress-io/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,kBAAkB,EAClB,kBAAkB,EAEnB,MAAM,WAAW,CAAC;AACnB,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,wBAAwB,EACxB,SAAS,EAEV,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,MAAM,IAAI,eAAe,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,GAAuC,MAAM,cAAc,CAAC;AACnE,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,qBAAqB,EACrB,cAAc,EAOf,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,6BAA6B,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,MAAM,kBAAkB,GAAG,EAAE,CAAC,MAAM,CAAC;IACnC,IAAI,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACjD,IAAI,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,qCAAqC,CAAC;IAC/E,QAAQ,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC;IAClE,kBAAkB,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,CAAC;IACpD,mBAAmB,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAC9D,YAAY,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,gCAAgC,CAAC;IAChF,YAAY,EAAE,wBAAwB;CACvC,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;AAG7B,MAAM,MAAM,GAAG,kBAAkB,CAC/B;IACE,IAAI,EAAE,uCAAuC;IAC7C,WAAW,EAAE,uCAAuC;IACpD,IAAI,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,aAAa,EAAE,CAAC,aAAa,CAAC;CAC/B,EACD,kBAAkB,CACnB,CAAC;AAEF,MAAM,YAAY,GAAG,kBAAkB,CAAC;IACtC,UAAU,EAAE,EAAE;IACd,QAAQ,EAAE,EAAE;IACZ,oBAAoB,EAAE,EAAE;IACxB,kBAAkB,EAAE,EAAE;IACtB,aAAa,EAAE,EAAE;IACjB,WAAW,EAAE,EAAE;CAChB,CAAC,CAAC;AAEH,MAAM,qBAAqB,GAAgB;IACzC,OAAO,EAAE,OAAO,EAAE,OAAO;IACzB,OAAO,EAAE,OAAO,EAAE,OAAO;IACzB,OAAO,EAAE,OAAO,EAAE,OAAO;CAC1B,CAAC;AACF,MAAM,0BAA0B,GAAG,IAAI,GAAG,CAAS,CAAC,GAAG,qBAAqB,EAAE,OAAO,CAAC,CAAC,CAAC;AAsBxF,SAAS,cAAc,CAAC,KAAc;IACpC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACzF,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAa;IACvC,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,GAAwC;IACnF,MAAM,cAAc,GAAG,cAAc,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IACzD,IAAI,CAAC,cAAc,IAAI,CAAC,aAAa;QAAE,OAAO,IAAI,CAAC;IACnD,OAAO;QACL,cAAc;QACd,aAAa;QACb,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,GAAwC;IAC/E,MAAM,OAAO,GAAG,4BAA4B,CAAC,GAAG,CAAC,CAAC;IAClD,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAC1B,MAAM,cAAc,GAAG,kBAAkB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IAClE,OAAO;QACL,GAAG,OAAO;QACV,cAAc;QACd,cAAc,EAAE,cAAc,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,cAAc;QACrE,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7G,OAAO,EAAE,cAAc,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,GAAG,cAAc,wCAAwC;QAClG,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,cAAc,CAAC,GAAG,EAAE,iBAAiB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAChH,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC,EAAE,kBAAkB,EAAE,cAAc,CAAC,GAAG,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACnH,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpG,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7G,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,cAAc,CAAC,GAAG,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACpG,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,cAAc,CAAC,GAAG,EAAE,cAAc,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvG,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,cAAc,CAAC,GAAG,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7G,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,cAAc,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjG,GAAG,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAChF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAA6B;IAC7D;QACE,EAAE,EAAE,cAAc;QAClB,KAAK,EAAE,qBAAqB;QAC5B,WAAW,EAAE,sEAAsE;QACnF,KAAK,EAAE,KAAK;QACZ,UAAU,EAAE;YACV,cAAc,EAAE,QAAQ;YACxB,aAAa,EAAE,QAAQ;YACvB,cAAc,EAAE,QAAQ;YACxB,gBAAgB,EAAE,QAAQ;YAC1B,OAAO,EAAE,QAAQ;YACjB,MAAM,EAAE,QAAQ;YAChB,iBAAiB,EAAE,QAAQ;YAC3B,kBAAkB,EAAE,QAAQ;YAC5B,aAAa,EAAE,QAAQ;YACvB,gBAAgB,EAAE,QAAQ;YAC1B,aAAa,EAAE,QAAQ;YACvB,cAAc,EAAE,QAAQ;YACxB,gBAAgB,EAAE,QAAQ;YAC1B,YAAY,EAAE,QAAQ;YACtB,MAAM,EAAE,QAAQ;SACjB;QACD,MAAM,EAAE;YACN,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,yCAAyC,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC7H,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,sGAAsG,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YACxL,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,gCAAgC,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YACzG,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,4DAA4D,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YACvI,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,oEAAoE,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;SAC7J;QACD,MAAM,EAAE;YACN,EAAE,GAAG,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,mDAAmD,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YACrP,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,0CAA0C,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YACzO,EAAE,GAAG,EAAE,gBAAgB,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,gEAAgE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC3P,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,qEAAqE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YACpQ,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,wGAAwG,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YACrR,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,6DAA6D,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YACzO,EAAE,GAAG,EAAE,mBAAmB,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,oEAAoE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,YAAY,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC/U,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,uCAAuC,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE,YAAY,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YACpT,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,0CAA0C,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC9P,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,qDAAqD,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC7Q,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,iDAAiD,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE;YACpQ,EAAE,GAAG,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,0CAA0C,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE;YAChQ,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,+CAA+C,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,YAAY,EAAE,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE;YAC3Q,EAAE,GAAG,EAAE,cAAc,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,iEAAiE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;YACzP,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,+DAA+D,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE;SAC5O;KACF;CACF,CAAC;AAEF,MAAM,OAAO,MAAO,SAAQ,SAA2D;IACrF,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,MAAM,CAAC,YAAY,GAAG,YAAY,CAAC;IAC3B,OAAO,CAAc;IAE7B,YAAY,GAA4E;QACtF,KAAK,CAAC,EAAE,GAAG,GAAG,EAAE,YAAY,EAAE,YAAY,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,GAAe;QACxB,IAAI,CAAC,OAAO,GAAG,qBAAqB,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC;QACxE,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,MAAM,GAAG,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxE,IAAI,CAAC,sBAAsB,CAAC;YAC1B,IAAI,EAAE,EAAE,IAAI,EAAE,CAAC,GAAyC,CAAC,EAAE;SAC5D,CAAC,CAAC;IACL,CAAC;IAES,UAAU;QAClB,OAAO;YACL,QAAQ,EAAE;gBACR,QAAQ,EAAE,uCAAuC;gBACjD,KAAK,EAAE,0BAA0B;gBACjC,WAAW,EAAE,qDAAqD;gBAClE,YAAY,EAAE,CAAC,MAAM,CAAC;gBACtB,aAAa,EAAE,qBAAqB;aACrC;YACD,QAAQ;SACT,CAAC;IACJ,CAAC;IAES,cAAc,CAAC,QAAgB,EAAE,KAAa;QACtD,KAAK,QAAQ,CAAC;QACd,KAAK,KAAK,CAAC;QACX,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC/C,CAAC;IAED,eAAe,CAAC,KAQf;QACC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IACnD,CAAC;IAED,mBAAmB,CAAC,KAAa,EAAE,SAA4B,EAAE,KAA0C;QACzG,OAAO,mBAAmB,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IACtD,CAAC;IAED,cAAc,CAAC,KAWd,EAAE,OAA2C;QAC5C,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC3D,CAAC;IAED,oBAAoB,CAAC,QAAgB,EAAE,KAAa;QAClD,OAAO,wBAAwB,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,wBAAwB,CAAC,QAAgB,EAAE,KAAa;QACtD,OAAO,4BAA4B,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAClF,CAAC;IAEO,oBAAoB,CAAC,QAAgB,EAAE,KAAa;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,wBAAwB,CAAC,QAAQ,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5C,OAAO,EAAE,GAAG,KAAK,CAAC,MAAM,EAAE,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;IAC1D,CAAC;IAEO,wBAAwB,CAAC,QAAgB;QAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,OAAO;YACL,GAAG,EAAE,uCAAuC;YAC5C,GAAG,EAAE,uCAAuC;YAC5C,GAAG,EAAE,uCAAuC;YAC5C,GAAG,EAAE,GAAG;YACR,GAAG,EAAE,GAAG,GAAG,EAAE;YACb,GAAG,EAAE,GAAG,QAAQ,IAAI,GAAG,EAAE;YACzB,KAAK,EAAE,eAAe;YACtB,QAAQ;YACR,SAAS,EAAE,uCAAuC;YAClD,OAAO,EAAE,CAAC,aAAa,CAAC;SACzB,CAAC;IACJ,CAAC;IAEO,WAAW;QACjB,OAAO,mBAAmB,CAAC;YACzB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAClD,mBAAmB,EAAE,IAAI,CAAC,MAAM,CAAC,mBAAmB;SACrD,CAAC,CAAC;IACL,CAAC;;AAGH,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;AAEhC,KAAK,UAAU,mBAAmB,CAAC,KAAa,EAAE,SAA4B,EAAE,KAA0C;IACxH,MAAM,GAAG,GAAG,MAAM,yBAAyB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;IAC9D,MAAM,WAAW,GAAG,SAAS,CAAC,gBAAgB,IAAI,KAAK,CAAC;IACxD,MAAM,GAAG,GAAG,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,eAAe,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7E,IAAI,CAAC,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,wCAAwC,WAAW,EAAE,CAAC,CAAC;IACjF,MAAM,IAAI,GACR,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,aAAa,IAAI,MAAM,CAAC;QACvD,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC;QAC5B,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC;QACjC,eAAe,CAAC,GAAG,EAAE,aAAa,CAAC;QACnC,eAAe,CAAC,GAAG,EAAE,oBAAoB,CAAC;QAC1C,eAAe,CAAC,GAAG,EAAE,UAAU,CAAC;QAChC,eAAe,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IACrC,MAAM,KAAK,GACT,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,cAAc,IAAI,OAAO,CAAC;QACzD,eAAe,CAAC,GAAG,EAAE,OAAO,CAAC;QAC7B,eAAe,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;IACxC,MAAM,OAAO,GACX,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,gBAAgB,IAAI,SAAS,CAAC;QAC7D,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC;QAC/B,eAAe,CAAC,GAAG,EAAE,QAAQ,CAAC;QAC9B,eAAe,CAAC,GAAG,EAAE,WAAW,CAAC;QACjC,eAAe,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,OAAO;QACL,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC;QACpB,GAAG,EAAE,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC;QAC/B,GAAG;QACH,GAAG,EAAE,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;QAChD,GAAG,EAAE,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;QAChD,GAAG,CAAC,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxD,GAAG,EAAE,OAAO,GAAG,CAAC,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE;QAC7F,KAAK,EAAE,SAAS;QAChB,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,KAAK,EAAE,oBAAoB,CAAC,GAAG,EAAE,SAAS,CAAC,aAAa,IAAI,OAAO,CAAC;QACpE,SAAS,EAAE,QAAQ;QACnB,YAAY,EAAE,aAAa;QAC3B,eAAe,EAAE,GAAG;QACpB,QAAQ,EAAE,yBAAyB,CAAC,GAAG,CAAC;QACxC,GAAG,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC;QAC9B,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC;QAChC,GAAG,aAAa,CAAC,SAAS,EAAE,OAAO,CAAC;KACrC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,yBAAyB,CAAC,KAAa,EAAE,SAA4B;IAClF,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACvF,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IAC/E,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,CAAC,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACzH,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;IAC3G,IAAI,KAAK,IAAI,MAAM,IAAI,KAAK,IAAI,MAAM;QAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAE/G,MAAM,YAAY,GAAG,MAAM,mBAAmB,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,CAAC,cAAc,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7H,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,KAAK,OAAO;QACnC,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,YAAY,CAAC;QACrC,CAAC,CAAC,yBAAyB,CAAC,KAAK,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;IAC9D,oBAAoB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACxC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAa,EAAE,YAAoB,EAAE,SAA4B;IAClG,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE;QAC/C,UAAU,EAAE,qBAAqB;QACjC,MAAM,EAAE,SAAS,CAAC,cAAc;QAChC,GAAG,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/E,QAAQ,EAAE,KAAK;KAChB,CAAC,CAAC;IACH,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACrG,OAAO,QAAmC,CAAC;AAC7C,CAAC;AAED,SAAS,cAAc,CAAC,KAAa,EAAE,YAAoB;IACzD,MAAM,CAAC,aAAa,EAAE,cAAc,EAAE,gBAAgB,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3E,MAAM,QAAQ,GAAG,eAAe,CAC9B,IAAI,EACJ,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,IAAI,cAAc,EAAE,CAAC,EACjD,YAAY,EACZ,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,WAAW,CAAC,CAC3C,CAAC;IACF,IAAI,CAAC,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACjF,OAAO,YAAY,CAAC,cAAc,CAAC,CAAC;AACtC,CAAC;AAED,SAAS,oBAAoB,CAAC,MAA+B,EAAE,SAA4B;IACzF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,IAAI,MAAM,CAAC,GAAG,KAAK,SAAS,CAAC,cAAc;QAAE,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,CAAC,GAAG,OAAO,SAAS,CAAC,cAAc,GAAG,CAAC,CAAC;IACjJ,IAAI,SAAS,CAAC,gBAAgB,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACxE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,wCAAwC,SAAS,CAAC,gBAAgB,OAAO,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnH,CAAC;IACH,CAAC;IACD,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,IAAI,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IAC/G,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,GAAG,GAAG;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;AACtH,CAAC;AAED,SAAS,WAAW,CAAC,aAAqB;IACxC,MAAM,MAAM,GAAG,YAAY,CAAC,aAAa,CAAC,CAAC;IAC3C,OAAO,MAA6E,CAAC;AACvF,CAAC;AAED,SAAS,YAAY,CAAC,cAAsB;IAC1C,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACjF,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAC1F,OAAO,MAAiC,CAAC;AAC3C,CAAC;AAED,SAAS,eAAe,CAAC,MAA+B,EAAE,IAAY;IACpE,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACrC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAC3E,CAAC;AAED,SAAS,oBAAoB,CAAC,MAA+B,EAAE,IAAY;IACzE,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,KAAK,EAAmB,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACzH,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACtE,CAAC;AAED,SAAS,yBAAyB,CAAC,MAA+B;IAChE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC;QACxF,CAAC,CAAC,MAAM,CAAC,IAA+B;QACxC,CAAC,CAAC,EAAE,CAAC;IACP,OAAO,wBAAwB,CAAC;QAC9B,QAAQ,EAAE,eAAe,CAAC,MAAM,EAAE,oBAAoB,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC;QAClF,UAAU,EAAE,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;QACtC,SAAS,EAAE,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;QACvD,MAAM,EAAE,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC;QACjC,KAAK,EAAE,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,eAAe,CAAC,MAAM,EAAE,eAAe,CAAC;KAC7E,CAAC,CAAC;AACL,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAyC;IACzE,OAAO,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,KAAK,SAAS,CAAC,CAA0B,CAAC;AACvH,CAAC;AAED,SAAS,WAAW,CAAC,KAAc;IACjC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAC3E,CAAC;AAED,SAAS,WAAW,CAAC,KAAc;IACjC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACjF,CAAC;AAED,SAAS,QAAQ,CAAC,MAA+B,EAAE,IAAY;IAC7D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAU,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE;QAC1D,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QAC9D,OAAQ,OAAmC,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC,EAAE,MAAM,CAAC,CAAC;AACb,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAc;IACvC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,KAAK,EAAmB,EAAE,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACpG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;IACjC,CAAC;IACD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC;AAC5E,CAAC;AAED,SAAS,aAAa,CAAyC,GAAM,EAAE,KAAyB;IAC9F,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAiC,CAAC,CAAC,CAAC,EAAE,CAAC;AACtE,CAAC"}
package/lib/schemas/service-betterportal-auth-authress-io.json ADDED
@@ -0,0 +1,139 @@
1
+ {
2
+ "pluginName": "service.betterportal.auth.authress-io",
3
+ "events": {},
4
+ "version": "0.0.1",
5
+ "configSchema": {
6
+ "anyvaliVersion": "1.0",
7
+ "schemaVersion": "1.1",
8
+ "root": {
9
+ "kind": "object",
10
+ "properties": {
11
+ "host": {
12
+ "kind": "string",
13
+ "minLength": 1,
14
+ "default": "0.0.0.0"
15
+ },
16
+ "port": {
17
+ "kind": "int",
18
+ "min": 1,
19
+ "default": 3211
20
+ },
21
+ "issuer": {
22
+ "kind": "string",
23
+ "minLength": 1,
24
+ "default": "https://authress.betterportal.local"
25
+ },
26
+ "audience": {
27
+ "kind": "string",
28
+ "minLength": 1,
29
+ "default": "betterportal-runtime"
30
+ },
31
+ "accessTokenSeconds": {
32
+ "kind": "int",
33
+ "min": 1,
34
+ "default": 900
35
+ },
36
+ "refreshTokenSeconds": {
37
+ "kind": "int",
38
+ "min": 1,
39
+ "default": 604800
40
+ },
41
+ "keyStorePath": {
42
+ "kind": "string",
43
+ "minLength": 1,
44
+ "default": "./.bp-authress-state/keys.json"
45
+ },
46
+ "betterportal": {
47
+ "kind": "optional",
48
+ "inner": {
49
+ "kind": "object",
50
+ "properties": {
51
+ "bpConfigPath": {
52
+ "kind": "optional",
53
+ "inner": {
54
+ "kind": "string",
55
+ "minLength": 1
56
+ }
57
+ },
58
+ "configApiToken": {
59
+ "kind": "optional",
60
+ "inner": {
61
+ "kind": "string",
62
+ "minLength": 1
63
+ }
64
+ },
65
+ "configEncryptionKey": {
66
+ "kind": "optional",
67
+ "inner": {
68
+ "kind": "string",
69
+ "minLength": 16
70
+ }
71
+ },
72
+ "controlPlaneUrl": {
73
+ "kind": "optional",
74
+ "inner": {
75
+ "kind": "string",
76
+ "minLength": 1
77
+ }
78
+ },
79
+ "serviceApiKey": {
80
+ "kind": "optional",
81
+ "inner": {
82
+ "kind": "string",
83
+ "minLength": 1
84
+ }
85
+ },
86
+ "bootstrapStatePath": {
87
+ "kind": "string",
88
+ "minLength": 1,
89
+ "default": "./.bp-bootstrap/state.enc"
90
+ },
91
+ "scopedConfigCachePath": {
92
+ "kind": "string",
93
+ "minLength": 1,
94
+ "default": "./.bp-sync-cache/scoped.json"
95
+ },
96
+ "trustedProxyHeaders": {
97
+ "kind": "bool",
98
+ "default": false
99
+ },
100
+ "cfProxy": {
101
+ "kind": "bool",
102
+ "default": false
103
+ },
104
+ "trustedProxyIps": {
105
+ "kind": "array",
106
+ "items": {
107
+ "kind": "string",
108
+ "minLength": 1
109
+ },
110
+ "default": []
111
+ }
112
+ },
113
+ "required": [
114
+ "bootstrapStatePath",
115
+ "scopedConfigCachePath",
116
+ "trustedProxyHeaders",
117
+ "cfProxy",
118
+ "trustedProxyIps"
119
+ ],
120
+ "unknownKeys": "strip"
121
+ }
122
+ }
123
+ },
124
+ "required": [
125
+ "host",
126
+ "port",
127
+ "issuer",
128
+ "audience",
129
+ "accessTokenSeconds",
130
+ "refreshTokenSeconds",
131
+ "keyStorePath"
132
+ ],
133
+ "unknownKeys": "strip"
134
+ },
135
+ "definitions": {},
136
+ "extensions": {}
137
+ },
138
+ "pluginType": "service"
139
+ }