@botfabrik/engine-webclient 4.101.3-alpha.0 → 4.101.3-alpha.2

package/dist/auth/index.d.ts

@@ -8,4 +8,4 @@ export type AuthenticatedUser = {
 };
 export declare function setUpSamlAuth(bot: BotInstance, auth: Auth, clientName: string, nsp: Namespace): void;
 export declare function storeLoginRequestToken(loginRequestToken: string, socketId: string): void;
-export declare function verifyLoginToken(token: string | undefined, auth: Auth | undefined, logger: Logger): AuthenticatedUser | undefined;
+export declare function verifyLoginToken(token: string | undefined, auth: Auth | undefined, logger: Logger): Promise<AuthenticatedUser | undefined>;

package/dist/auth/index.js

@@ -1,6 +1,6 @@
 import { Strategy, } from '@node-saml/passport-saml';
 import express from 'express';
-import { sign, verify } from 'jsonwebtoken';
+import { jwtVerify, SignJWT } from 'jose';
 import passport from 'passport';
 import { renderAuthErrorPage, renderAuthSuccessPage, setAuthPageHeaders, } from './auth-pages.js';
 import { signRelayState, verifyRelayState } from './relay-state.js';
@@ -34,7 +34,7 @@ export function setUpSamlAuth(bot, auth, clientName, nsp) {
         authenticateFn(req, res, next);
     });
     bot.webserver.express.post(callbackUrl, express.urlencoded({ extended: false }), (req, res, next) => {
-        const authenticatorFn = passport.authenticate(strategyName, { session: false }, (err, user) => {
+        const authenticatorFn = passport.authenticate(strategyName, { session: false }, async (err, user) => {
             const lang = getLang(req);
             setAuthPageHeaders(res);
             try {
@@ -52,9 +52,11 @@ export function setUpSamlAuth(bot, auth, clientName, nsp) {
                 if (!user) {
                     return res.status(401).send(renderAuthErrorPage(lang));
                 }
-                const loginToken = sign(user, auth.jwtSecret, {
-                    expiresIn: '1m',
-                });
+                const secret = new TextEncoder().encode(auth.jwtSecret);
+                const loginToken = await new SignJWT(user)
+                    .setProtectedHeader({ alg: 'HS256' })
+                    .setExpirationTime('1m')
+                    .sign(secret);
                 const socket = nsp.sockets.get(socketId);
                 if (socket) {
                     socket.emit('login-success', { loginToken });
@@ -89,14 +91,16 @@ function consumeLoginRequestToken(loginRequestToken) {
     loginTokenCache.delete(loginRequestToken);
     return { socketId: cachedLoginRequest.socketId };
 }
-export function verifyLoginToken(token, auth, logger) {
+export async function verifyLoginToken(token, auth, logger) {
     try {
         if (auth) {
-            const verified = verify(token || '', auth.jwtSecret);
+            const secret = new TextEncoder().encode(auth.jwtSecret);
+            const { payload } = await jwtVerify(token ?? '', secret);
+            const p = payload;
             return {
-                email: verified['email'],
-                firstName: verified['firstName'],
-                lastName: verified['lastName'],
+                email: p.email ?? '',
+                firstName: p.firstName,
+                lastName: p.lastName,
             };
         }
         else {

package/dist/index.js

@@ -1,6 +1,8 @@
 import { Actions, ActionTypes, BotUser, TextMessage, } from '@botfabrik/engine-domain';
 import { getPdf } from '@botfabrik/engine-transcript-export';
 import { static as serveStatic } from 'express';
+import { dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
 import { setUpSamlAuth, storeLoginRequestToken, verifyLoginToken, } from './auth/index.js';
 import { CLIENT_TYPE } from './constants.js';
 import createSessionInfo from './createSessionInfo.js';
@@ -15,6 +17,8 @@ import { Devices, } from './types.js';
 import { version } from './version.js';
 import index from './views/index.js';
 export * from './types.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
 export default (clientName, environment, props) => async (bot) => {
     const logger = bot.logger.child({ clientType: CLIENT_TYPE, clientName });
     // serve transcript pdf
@@ -127,7 +131,7 @@ const onTerminateSession = (socket, bot) => async ({ sessionId, // passed if the
 };
 const onStartChat = (socket, props, bot, clientName, environment, logger) => async ({ sessionId: sessionIdFromClient, userId: defaultUserId, querystrings, loginToken, }) => {
     try {
-        const authenticatedUser = verifyLoginToken(loginToken, props.auth, logger);
+        const authenticatedUser = await verifyLoginToken(loginToken, props.auth, logger);
         const locale = extractLocale(querystrings, socket.request.headers['accept-language']);
         const sessionsCollection = bot.store.db.collection('sessions');
         const { sessionId, sessionInfo: defaultSessionInfo, isNew, } = await requestSessionData(sessionIdFromClient, querystrings, sessionsCollection, clientName, props);

package/dist/requestSessionData.test.js

@@ -1,4 +1,4 @@
-import { describe, expect, it, vi } from 'vitest';
+import { beforeEach, describe, expect, it, vi } from 'vitest';
 import requestSessionData from './requestSessionData.js';
 vi.mock('node:crypto', () => ({
     randomUUID: vi.fn(() => 'some-uuid'),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@botfabrik/engine-webclient",
-  "version": "4.101.3-alpha.0",
+  "version": "4.101.3-alpha.2",
   "description": "Webclient for Botfabriks Bot Engine",
   "type": "module",
   "main": "./dist/index.js",
@@ -39,7 +39,7 @@
     "accept-language-parser": "^1.5.0",
     "express": "^5.1.0",
     "flat": "^6.0.1",
-    "jsonwebtoken": "^9.0.2",
+    "jose": "^6.1.0",
     "passport": "^0.7.0"
   },
   "devDependencies": {
@@ -54,5 +54,5 @@
     "tsx": "^4.20.6",
     "typescript": "5.9.3"
   },
-  "gitHead": "668bb5e26c514e7d091febc092c784db0dd65210"
+  "gitHead": "edfe65ffc53d2d999e47936b50a6f2d1258105c6"
 }