@brightchain/brightchain-api-lib 0.17.2 → 0.18.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +4 -4
- package/src/index.d.ts +2 -1
- package/src/index.d.ts.map +1 -1
- package/src/index.js +3 -1
- package/src/index.js.map +1 -1
- package/src/lib/application.d.ts +7 -7
- package/src/lib/application.d.ts.map +1 -1
- package/src/lib/application.js +21 -43
- package/src/lib/application.js.map +1 -1
- package/src/lib/controllers/api/channels.d.ts +1 -3
- package/src/lib/controllers/api/channels.d.ts.map +1 -1
- package/src/lib/controllers/api/channels.js +13 -13
- package/src/lib/controllers/api/channels.js.map +1 -1
- package/src/lib/controllers/api/conversations.d.ts +1 -2
- package/src/lib/controllers/api/conversations.d.ts.map +1 -1
- package/src/lib/controllers/api/conversations.js +7 -7
- package/src/lib/controllers/api/conversations.js.map +1 -1
- package/src/lib/controllers/api/emails.d.ts.map +1 -1
- package/src/lib/controllers/api/emails.js +12 -14
- package/src/lib/controllers/api/emails.js.map +1 -1
- package/src/lib/controllers/api/explodingMessages.d.ts +1 -2
- package/src/lib/controllers/api/explodingMessages.d.ts.map +1 -1
- package/src/lib/controllers/api/explodingMessages.js +11 -11
- package/src/lib/controllers/api/explodingMessages.js.map +1 -1
- package/src/lib/controllers/api/groups.d.ts +1 -3
- package/src/lib/controllers/api/groups.d.ts.map +1 -1
- package/src/lib/controllers/api/groups.js +9 -9
- package/src/lib/controllers/api/groups.js.map +1 -1
- package/src/lib/controllers/crypto/gitController.d.ts +1 -1
- package/src/lib/controllers/crypto/gitController.d.ts.map +1 -1
- package/src/lib/controllers/crypto/gitController.js +8 -8
- package/src/lib/controllers/crypto/gitController.js.map +1 -1
- package/src/lib/controllers/crypto/walletController.d.ts +1 -1
- package/src/lib/controllers/crypto/walletController.d.ts.map +1 -1
- package/src/lib/controllers/crypto/walletController.js +5 -5
- package/src/lib/controllers/crypto/walletController.js.map +1 -1
- package/src/lib/controllers/identity/deviceController.d.ts +1 -2
- package/src/lib/controllers/identity/deviceController.d.ts.map +1 -1
- package/src/lib/controllers/identity/deviceController.js +7 -8
- package/src/lib/controllers/identity/deviceController.js.map +1 -1
- package/src/lib/controllers/identity/directoryController.d.ts +1 -2
- package/src/lib/controllers/identity/directoryController.d.ts.map +1 -1
- package/src/lib/controllers/identity/directoryController.js +6 -7
- package/src/lib/controllers/identity/directoryController.js.map +1 -1
- package/src/lib/controllers/identity/identityProofController.d.ts +1 -1
- package/src/lib/controllers/identity/identityProofController.d.ts.map +1 -1
- package/src/lib/controllers/identity/identityProofController.js +15 -17
- package/src/lib/controllers/identity/identityProofController.js.map +1 -1
- package/src/lib/enumerations/brightChainApiStrings.d.ts +1 -1
- package/src/lib/enumerations/brightChainApiStrings.d.ts.map +1 -1
- package/src/lib/enumerations/brightChainApiStrings.js +1 -1
- package/src/lib/enumerations/brightChainApiStrings.js.map +1 -1
- package/src/lib/environment.d.ts +4 -4
- package/src/lib/environment.d.ts.map +1 -1
- package/src/lib/environment.js +6 -5
- package/src/lib/environment.js.map +1 -1
- package/src/lib/interfaces/index.d.ts +1 -0
- package/src/lib/interfaces/index.d.ts.map +1 -1
- package/src/lib/interfaces/member-init-config.d.ts +20 -0
- package/src/lib/interfaces/member-init-config.d.ts.map +1 -0
- package/src/lib/{documents/base.js → interfaces/member-init-config.js} +1 -1
- package/src/lib/interfaces/member-init-config.js.map +1 -0
- package/src/lib/interfaces/schema.d.ts +5 -3
- package/src/lib/interfaces/schema.d.ts.map +1 -1
- package/src/lib/interfaces/storage/index.d.ts +4 -0
- package/src/lib/interfaces/storage/index.d.ts.map +1 -1
- package/src/lib/interfaces/storage/index.js +14 -2
- package/src/lib/interfaces/storage/index.js.map +1 -1
- package/src/lib/interfaces/storage/mnemonicSchema.d.ts +10 -0
- package/src/lib/interfaces/storage/mnemonicSchema.d.ts.map +1 -0
- package/src/lib/interfaces/storage/mnemonicSchema.js +22 -0
- package/src/lib/interfaces/storage/mnemonicSchema.js.map +1 -0
- package/src/lib/interfaces/storage/roleSchema.d.ts +10 -0
- package/src/lib/interfaces/storage/roleSchema.d.ts.map +1 -0
- package/src/lib/interfaces/storage/roleSchema.js +45 -0
- package/src/lib/interfaces/storage/roleSchema.js.map +1 -0
- package/src/lib/interfaces/storage/userRoleSchema.d.ts +10 -0
- package/src/lib/interfaces/storage/userRoleSchema.d.ts.map +1 -0
- package/src/lib/interfaces/storage/userRoleSchema.js +35 -0
- package/src/lib/interfaces/storage/userRoleSchema.js.map +1 -0
- package/src/lib/interfaces/storage/userSchema.d.ts +12 -0
- package/src/lib/interfaces/storage/userSchema.d.ts.map +1 -0
- package/src/lib/interfaces/storage/userSchema.js +62 -0
- package/src/lib/interfaces/storage/userSchema.js.map +1 -0
- package/src/lib/plugins/brightchain-database-plugin.d.ts +150 -0
- package/src/lib/plugins/brightchain-database-plugin.d.ts.map +1 -0
- package/src/lib/plugins/brightchain-database-plugin.js +252 -0
- package/src/lib/plugins/brightchain-database-plugin.js.map +1 -0
- package/src/lib/plugins/configure-brightchain-app.d.ts +41 -0
- package/src/lib/plugins/configure-brightchain-app.d.ts.map +1 -0
- package/src/lib/plugins/configure-brightchain-app.js +70 -0
- package/src/lib/plugins/configure-brightchain-app.js.map +1 -0
- package/src/lib/routers/api.d.ts +1 -5
- package/src/lib/routers/api.d.ts.map +1 -1
- package/src/lib/services/blockStore.d.ts +1 -2
- package/src/lib/services/blockStore.d.ts.map +1 -1
- package/src/lib/services/blockStore.js +4 -6
- package/src/lib/services/blockStore.js.map +1 -1
- package/src/lib/services/brightchain-authentication-provider.d.ts +35 -0
- package/src/lib/services/brightchain-authentication-provider.d.ts.map +1 -0
- package/src/lib/services/brightchain-authentication-provider.js +196 -0
- package/src/lib/services/brightchain-authentication-provider.js.map +1 -0
- package/src/lib/services/brightchain-member-init.service.d.ts +103 -20
- package/src/lib/services/brightchain-member-init.service.d.ts.map +1 -1
- package/src/lib/services/brightchain-member-init.service.js +411 -5
- package/src/lib/services/brightchain-member-init.service.js.map +1 -1
- package/src/lib/services/expirationScheduler.d.ts +1 -2
- package/src/lib/services/expirationScheduler.d.ts.map +1 -1
- package/src/lib/services/expirationScheduler.js +3 -3
- package/src/lib/services/expirationScheduler.js.map +1 -1
- package/src/lib/services/quorum.d.ts.map +1 -1
- package/src/lib/services/quorum.js +2 -2
- package/src/lib/services/quorum.js.map +1 -1
- package/src/lib/services/wireConversationPromotion.d.ts +1 -2
- package/src/lib/services/wireConversationPromotion.d.ts.map +1 -1
- package/src/lib/services/wireConversationPromotion.js.map +1 -1
- package/src/lib/shared-types.d.ts +0 -17
- package/src/lib/shared-types.d.ts.map +1 -1
- package/src/lib/stores/diskBlockStore.d.ts.map +1 -1
- package/src/lib/stores/diskBlockStore.js +4 -1
- package/src/lib/stores/diskBlockStore.js.map +1 -1
- package/src/lib/utils/type-converters.d.ts +5 -8
- package/src/lib/utils/type-converters.d.ts.map +1 -1
- package/src/lib/utils/type-converters.js.map +1 -1
- package/src/lib/application-base.d.ts +0 -11
- package/src/lib/application-base.d.ts.map +0 -1
- package/src/lib/application-base.js +0 -12
- package/src/lib/application-base.js.map +0 -1
- package/src/lib/documents/base.d.ts +0 -6
- package/src/lib/documents/base.d.ts.map +0 -1
- package/src/lib/documents/base.js.map +0 -1
- package/src/lib/documents/email-token.d.ts +0 -8
- package/src/lib/documents/email-token.d.ts.map +0 -1
- package/src/lib/documents/email-token.js +0 -3
- package/src/lib/documents/email-token.js.map +0 -1
- package/src/lib/documents/index.d.ts +0 -7
- package/src/lib/documents/index.d.ts.map +0 -1
- package/src/lib/documents/index.js +0 -3
- package/src/lib/documents/index.js.map +0 -1
- package/src/lib/documents/mnemonic.d.ts +0 -8
- package/src/lib/documents/mnemonic.d.ts.map +0 -1
- package/src/lib/documents/mnemonic.js +0 -3
- package/src/lib/documents/mnemonic.js.map +0 -1
- package/src/lib/documents/role.d.ts +0 -8
- package/src/lib/documents/role.d.ts.map +0 -1
- package/src/lib/documents/role.js +0 -3
- package/src/lib/documents/role.js.map +0 -1
- package/src/lib/documents/used-direct-login-token.d.ts +0 -5
- package/src/lib/documents/used-direct-login-token.d.ts.map +0 -1
- package/src/lib/documents/used-direct-login-token.js +0 -3
- package/src/lib/documents/used-direct-login-token.js.map +0 -1
- package/src/lib/documents/user-role.d.ts +0 -8
- package/src/lib/documents/user-role.d.ts.map +0 -1
- package/src/lib/documents/user-role.js +0 -3
- package/src/lib/documents/user-role.js.map +0 -1
- package/src/lib/documents/user.d.ts +0 -13
- package/src/lib/documents/user.d.ts.map +0 -1
- package/src/lib/documents/user.js +0 -3
- package/src/lib/documents/user.js.map +0 -1
- package/src/lib/upstream-stubs.d.ts +0 -36
- package/src/lib/upstream-stubs.d.ts.map +0 -1
- package/src/lib/upstream-stubs.js +0 -43
- package/src/lib/upstream-stubs.js.map +0 -1
- /package/{README.md → brightchain-api-lib/README.md} +0 -0
|
@@ -0,0 +1,196 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* @fileoverview BrightChain block-store-backed implementation of IAuthenticationProvider.
|
|
4
|
+
* Delegates user lookup to MemberStore, credential verification to bcrypt/mnemonic,
|
|
5
|
+
* and JWT operations to jsonwebtoken — fully decoupled from Mongoose.
|
|
6
|
+
*
|
|
7
|
+
* Follows the same structural pattern as MongoAuthenticationProvider:
|
|
8
|
+
* - findUserById → MemberStore.getMember + getMemberProfile
|
|
9
|
+
* - buildRequestUserDTO → MemberStore + MemberType-based role mapping
|
|
10
|
+
* - verifyToken → jwt.verify (no Mongoose JwtService)
|
|
11
|
+
* - authenticateWith* → MemberStore + bcrypt / Member.fromMnemonic
|
|
12
|
+
*
|
|
13
|
+
* @module services/brightchain-authentication-provider
|
|
14
|
+
*/
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.BrightChainAuthenticationProvider = void 0;
|
|
17
|
+
const tslib_1 = require("tslib");
|
|
18
|
+
const brightchain_lib_1 = require("@brightchain/brightchain-lib");
|
|
19
|
+
const ecies_lib_1 = require("@digitaldefiance/ecies-lib");
|
|
20
|
+
const bcrypt = tslib_1.__importStar(require("bcrypt"));
|
|
21
|
+
const jsonwebtoken_1 = require("jsonwebtoken");
|
|
22
|
+
// ── Helpers ──────────────────────────────────────────────────────────
|
|
23
|
+
/**
|
|
24
|
+
* Map MemberStatusType → AccountStatus-compatible string.
|
|
25
|
+
*/
|
|
26
|
+
function memberStatusToAccountStatus(status) {
|
|
27
|
+
switch (status) {
|
|
28
|
+
case brightchain_lib_1.MemberStatusType.Active:
|
|
29
|
+
return 'Active';
|
|
30
|
+
case brightchain_lib_1.MemberStatusType.Suspended:
|
|
31
|
+
return 'AdminLock';
|
|
32
|
+
case brightchain_lib_1.MemberStatusType.Inactive:
|
|
33
|
+
default:
|
|
34
|
+
return 'PendingEmailVerification';
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Derive combined role privileges from a MemberType.
|
|
39
|
+
* BrightChain has no separate Role collection — MemberType is the role.
|
|
40
|
+
*/
|
|
41
|
+
function memberTypeToRolePrivileges(type) {
|
|
42
|
+
return {
|
|
43
|
+
admin: type === ecies_lib_1.MemberType.Admin,
|
|
44
|
+
member: type === ecies_lib_1.MemberType.User,
|
|
45
|
+
child: false,
|
|
46
|
+
system: type === ecies_lib_1.MemberType.System,
|
|
47
|
+
};
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* Build a minimal IRoleDTO from a MemberType.
|
|
51
|
+
*/
|
|
52
|
+
function memberTypeToRoleDTO(type, memberId) {
|
|
53
|
+
const now = new Date().toISOString();
|
|
54
|
+
return {
|
|
55
|
+
_id: `role-${memberId}`,
|
|
56
|
+
name: type.toString(),
|
|
57
|
+
admin: type === ecies_lib_1.MemberType.Admin,
|
|
58
|
+
member: type === ecies_lib_1.MemberType.User,
|
|
59
|
+
child: false,
|
|
60
|
+
system: type === ecies_lib_1.MemberType.System,
|
|
61
|
+
createdAt: now,
|
|
62
|
+
updatedAt: now,
|
|
63
|
+
createdBy: memberId,
|
|
64
|
+
updatedBy: memberId,
|
|
65
|
+
};
|
|
66
|
+
}
|
|
67
|
+
// ── Provider ─────────────────────────────────────────────────────────
|
|
68
|
+
/**
|
|
69
|
+
* BrightChain block-store-backed authentication provider.
|
|
70
|
+
* Uses MemberStore for user lookup, bcrypt for password verification,
|
|
71
|
+
* and jwt.verify for token validation — no Mongoose dependency.
|
|
72
|
+
*/
|
|
73
|
+
class BrightChainAuthenticationProvider {
|
|
74
|
+
constructor(application) {
|
|
75
|
+
this.application = application;
|
|
76
|
+
}
|
|
77
|
+
/** Resolve MemberStore from the service container. */
|
|
78
|
+
getMemberStore() {
|
|
79
|
+
return this.application.services.get('memberStore');
|
|
80
|
+
}
|
|
81
|
+
async findUserById(userId) {
|
|
82
|
+
const memberStore = this.getMemberStore();
|
|
83
|
+
const idBytes = Buffer.from(userId, 'hex');
|
|
84
|
+
try {
|
|
85
|
+
const member = await memberStore.getMember(idBytes);
|
|
86
|
+
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(idBytes);
|
|
87
|
+
const accountStatus = publicProfile
|
|
88
|
+
? memberStatusToAccountStatus(publicProfile.status)
|
|
89
|
+
: 'Active';
|
|
90
|
+
const settings = privateProfile?.settings ?? {};
|
|
91
|
+
return {
|
|
92
|
+
id: userId,
|
|
93
|
+
accountStatus,
|
|
94
|
+
email: member.email.toString(),
|
|
95
|
+
siteLanguage: settings['siteLanguage'],
|
|
96
|
+
timezone: settings['timezone'] ?? 'UTC',
|
|
97
|
+
lastLogin: publicProfile?.lastActive?.toISOString(),
|
|
98
|
+
};
|
|
99
|
+
}
|
|
100
|
+
catch {
|
|
101
|
+
// MemberNotFound or other retrieval failure
|
|
102
|
+
return null;
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
async buildRequestUserDTO(userId) {
|
|
106
|
+
const memberStore = this.getMemberStore();
|
|
107
|
+
const idBytes = Buffer.from(userId, 'hex');
|
|
108
|
+
try {
|
|
109
|
+
const member = await memberStore.getMember(idBytes);
|
|
110
|
+
const { publicProfile, privateProfile } = await memberStore.getMemberProfile(idBytes);
|
|
111
|
+
if (publicProfile && publicProfile.status !== brightchain_lib_1.MemberStatusType.Active) {
|
|
112
|
+
return null;
|
|
113
|
+
}
|
|
114
|
+
const memberId = userId;
|
|
115
|
+
const rolePrivileges = memberTypeToRolePrivileges(member.type);
|
|
116
|
+
const roleDTO = memberTypeToRoleDTO(member.type, memberId);
|
|
117
|
+
const settings = privateProfile?.settings ?? {};
|
|
118
|
+
return {
|
|
119
|
+
id: memberId,
|
|
120
|
+
email: member.email.toString(),
|
|
121
|
+
username: member.name,
|
|
122
|
+
roles: [roleDTO],
|
|
123
|
+
rolePrivileges,
|
|
124
|
+
emailVerified: true, // BrightChain members are verified at creation
|
|
125
|
+
timezone: settings['timezone'] ?? 'UTC',
|
|
126
|
+
siteLanguage: settings['siteLanguage'] ?? 'en',
|
|
127
|
+
darkMode: settings['darkMode'] ?? false,
|
|
128
|
+
currency: settings['currency'] ?? 'USD',
|
|
129
|
+
directChallenge: settings['directChallenge'] ?? false,
|
|
130
|
+
lastLogin: publicProfile?.lastActive?.toISOString(),
|
|
131
|
+
};
|
|
132
|
+
}
|
|
133
|
+
catch {
|
|
134
|
+
return null;
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
async verifyToken(token) {
|
|
138
|
+
try {
|
|
139
|
+
const decoded = (0, jsonwebtoken_1.verify)(token, this.application.environment.jwtSecret);
|
|
140
|
+
// Map ITokenPayload → ITokenUser shape expected by middleware
|
|
141
|
+
return {
|
|
142
|
+
userId: decoded.memberId,
|
|
143
|
+
roles: [],
|
|
144
|
+
};
|
|
145
|
+
}
|
|
146
|
+
catch {
|
|
147
|
+
return null;
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
async authenticateWithMnemonic(email, mnemonic) {
|
|
151
|
+
const memberStore = this.getMemberStore();
|
|
152
|
+
// Look up member by email
|
|
153
|
+
const results = await memberStore.queryIndex({ email, limit: 1 });
|
|
154
|
+
if (results.length === 0) {
|
|
155
|
+
throw new Error('Invalid credentials');
|
|
156
|
+
}
|
|
157
|
+
const reference = results[0];
|
|
158
|
+
// Hydrate the full member, then load the wallet from the mnemonic
|
|
159
|
+
// to make the private key available.
|
|
160
|
+
const member = (await memberStore.getMember(reference.id));
|
|
161
|
+
member.loadWallet(mnemonic);
|
|
162
|
+
if (!member.hasPrivateKey) {
|
|
163
|
+
throw new Error('Invalid mnemonic');
|
|
164
|
+
}
|
|
165
|
+
return {
|
|
166
|
+
userId: member.getIdString(),
|
|
167
|
+
userMember: member,
|
|
168
|
+
};
|
|
169
|
+
}
|
|
170
|
+
async authenticateWithPassword(email, password) {
|
|
171
|
+
const memberStore = this.getMemberStore();
|
|
172
|
+
// Look up member by email
|
|
173
|
+
const results = await memberStore.queryIndex({ email, limit: 1 });
|
|
174
|
+
if (results.length === 0) {
|
|
175
|
+
throw new Error('Invalid credentials');
|
|
176
|
+
}
|
|
177
|
+
const reference = results[0];
|
|
178
|
+
// Retrieve stored password hash from private profile
|
|
179
|
+
const { privateProfile } = await memberStore.getMemberProfile(reference.id);
|
|
180
|
+
const storedHash = privateProfile?.passwordHash;
|
|
181
|
+
if (!storedHash) {
|
|
182
|
+
throw new Error('Password authentication not configured for this member');
|
|
183
|
+
}
|
|
184
|
+
const isValid = await bcrypt.compare(password, storedHash);
|
|
185
|
+
if (!isValid) {
|
|
186
|
+
throw new Error('Invalid credentials');
|
|
187
|
+
}
|
|
188
|
+
const member = (await memberStore.getMember(reference.id));
|
|
189
|
+
return {
|
|
190
|
+
userId: member.getIdString(),
|
|
191
|
+
userMember: member,
|
|
192
|
+
};
|
|
193
|
+
}
|
|
194
|
+
}
|
|
195
|
+
exports.BrightChainAuthenticationProvider = BrightChainAuthenticationProvider;
|
|
196
|
+
//# sourceMappingURL=brightchain-authentication-provider.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"brightchain-authentication-provider.js","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-authentication-provider.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;AAEH,kEAA6E;AAE7E,0DAAwD;AAcxD,uDAAiC;AACjC,+CAAsC;AAItC,wEAAwE;AAExE;;GAEG;AACH,SAAS,2BAA2B,CAAC,MAAwB;IAC3D,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,kCAAgB,CAAC,MAAM;YAC1B,OAAO,QAAQ,CAAC;QAClB,KAAK,kCAAgB,CAAC,SAAS;YAC7B,OAAO,WAAW,CAAC;QACrB,KAAK,kCAAgB,CAAC,QAAQ,CAAC;QAC/B;YACE,OAAO,0BAA0B,CAAC;IACtC,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAS,0BAA0B,CAAC,IAAgB;IAClD,OAAO;QACL,KAAK,EAAE,IAAI,KAAK,sBAAU,CAAC,KAAK;QAChC,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,IAAI;QAChC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,MAAM;KACnC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,IAAgB,EAAE,QAAgB;IAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO;QACL,GAAG,EAAE,QAAQ,QAAQ,EAAE;QACvB,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;QACrB,KAAK,EAAE,IAAI,KAAK,sBAAU,CAAC,KAAK;QAChC,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,IAAI;QAChC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,IAAI,KAAK,sBAAU,CAAC,MAAM;QAClC,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,QAAQ;KACpB,CAAC;AACJ,CAAC;AAED,wEAAwE;AAExE;;;;GAIG;AACH,MAAa,iCAAiC;IAI5C,YAA6B,WAAyC;QAAzC,gBAAW,GAAX,WAAW,CAA8B;IAAG,CAAC;IAE1E,sDAAsD;IAC9C,cAAc;QACpB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAgB,CAAC;IACrE,CAAC;IAED,KAAK,CAAC,YAAY,CAChB,MAAc;QAEd,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAA0B,CAAC;QAEpE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GACrC,MAAM,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAE9C,MAAM,aAAa,GAAG,aAAa;gBACjC,CAAC,CAAC,2BAA2B,CAAC,aAAa,CAAC,MAAM,CAAC;gBACnD,CAAC,CAAC,QAAQ,CAAC;YAEb,MAAM,QAAQ,GAAG,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;YAEhD,OAAO;gBACL,EAAE,EAAE,MAAM;gBACV,aAAa;gBACb,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;gBAC9B,YAAY,EAAE,QAAQ,CAAC,cAAc,CAA0B;gBAC/D,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,SAAS,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE;aACpD,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;YAC5C,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CAAC,MAAc;QACtC,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAA0B,CAAC;QAEpE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,EAAE,aAAa,EAAE,cAAc,EAAE,GACrC,MAAM,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAE9C,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,kCAAgB,CAAC,MAAM,EAAE,CAAC;gBACtE,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,CAAC;YACxB,MAAM,cAAc,GAAG,0BAA0B,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC/D,MAAM,OAAO,GAAG,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;YAC3D,MAAM,QAAQ,GAAG,cAAc,EAAE,QAAQ,IAAI,EAAE,CAAC;YAEhD,OAAO;gBACL,EAAE,EAAE,QAAQ;gBACZ,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;gBAC9B,QAAQ,EAAE,MAAM,CAAC,IAAI;gBACrB,KAAK,EAAE,CAAC,OAAO,CAAC;gBAChB,cAAc;gBACd,aAAa,EAAE,IAAI,EAAE,+CAA+C;gBACpE,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,YAAY,EAAG,QAAQ,CAAC,cAAc,CAAY,IAAI,IAAI;gBAC1D,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAa,IAAI,KAAK;gBACpD,QAAQ,EAAG,QAAQ,CAAC,UAAU,CAAY,IAAI,KAAK;gBACnD,eAAe,EAAG,QAAQ,CAAC,iBAAiB,CAAa,IAAI,KAAK;gBAClE,SAAS,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE;aACpD,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CACf,KAAa;QAEb,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAA,qBAAM,EACpB,KAAK,EACL,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,SAAS,CACtB,CAAC;YAEnB,8DAA8D;YAC9D,OAAO;gBACL,MAAM,EAAE,OAAO,CAAC,QAAQ;gBACxB,KAAK,EAAE,EAAyB;aACL,CAAC;QAChC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAsB;QAEtB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,0BAA0B;QAC1B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,kEAAkE;QAClE,qCAAqC;QACrC,MAAM,MAAM,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACzC,SAAS,CAAC,EAAE,CACb,CAA2B,CAAC;QAC7B,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAE5B,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtC,CAAC;QAED,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE;YAC5B,UAAU,EAAE,MAAM;SACnB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,QAAgB;QAEhB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAE1C,0BAA0B;QAC1B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QAE7B,qDAAqD;QACrD,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QAC5E,MAAM,UAAU,GAAG,cAAc,EAAE,YAAY,CAAC;QAChD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;QAC5E,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,MAAM,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CACzC,SAAS,CAAC,EAAE,CACb,CAA2B,CAAC;QAE7B,OAAO;YACL,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE;YAC5B,UAAU,EAAE,MAAM;SACnB,CAAC;IACJ,CAAC;CACF;AApKD,8EAoKC"}
|
|
@@ -8,26 +8,12 @@
|
|
|
8
8
|
* - NO `as any` / `as unknown` casts
|
|
9
9
|
* - All writes go through BrightChainDb.withTransaction exclusively
|
|
10
10
|
*/
|
|
11
|
-
import {
|
|
11
|
+
import type { IBrightChainRbacInitInput, IBrightChainServerInitResult, IBrightChainUserCredentials } from '@brightchain/brightchain-lib';
|
|
12
|
+
import { IBrightChainBaseInitResult, IBrightChainInitResult, IBrightChainMemberInitInput } from '@brightchain/brightchain-lib';
|
|
12
13
|
import { BrightChainDb, CBLIndex } from '@brightchain/db';
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
*/
|
|
17
|
-
export interface IBrightChainMemberInitConfig {
|
|
18
|
-
/** Pool name used as the BrightChainDb name and poolId */
|
|
19
|
-
memberPoolName: string;
|
|
20
|
-
/**
|
|
21
|
-
* Filesystem path for the disk block store.
|
|
22
|
-
* When set (and useMemoryStore is false), a DiskBlockStore and
|
|
23
|
-
* PersistentHeadRegistry are used so data survives process restarts.
|
|
24
|
-
*/
|
|
25
|
-
blockStorePath?: string;
|
|
26
|
-
/** Force in-memory store even when blockStorePath is set */
|
|
27
|
-
useMemoryStore?: boolean;
|
|
28
|
-
/** Block size for the store (defaults to BlockSize.Small) */
|
|
29
|
-
blockSize?: BlockSize;
|
|
30
|
-
}
|
|
14
|
+
import { GuidV4Buffer } from '@digitaldefiance/node-ecies-lib';
|
|
15
|
+
import { IBrightChainMemberInitConfig } from '../interfaces/member-init-config';
|
|
16
|
+
export type { IBrightChainMemberInitConfig } from '../interfaces/member-init-config';
|
|
31
17
|
/**
|
|
32
18
|
* Initialises a BrightChainDb instance and persists system/admin/member users
|
|
33
19
|
* as IMemberIndexDocument entries in the member index collection.
|
|
@@ -61,6 +47,103 @@ export declare class BrightChainMemberInitService {
|
|
|
61
47
|
* 6. Check which candidates are already present (idempotency)
|
|
62
48
|
* 7. Insert missing entries in a single withTransaction call
|
|
63
49
|
*/
|
|
64
|
-
initialize(config: IBrightChainMemberInitConfig, input: IBrightChainMemberInitInput): Promise<
|
|
50
|
+
initialize(config: IBrightChainMemberInitConfig, input: IBrightChainMemberInitInput<GuidV4Buffer>): Promise<IBrightChainBaseInitResult<BrightChainDb>>;
|
|
51
|
+
/**
|
|
52
|
+
* Build a role document for insertion into the roles collection.
|
|
53
|
+
* Returns a plain data object satisfying IRoleBase — no Document wrapper needed.
|
|
54
|
+
*/
|
|
55
|
+
private static buildRoleDocument;
|
|
56
|
+
/**
|
|
57
|
+
* Build a user document for insertion into the users collection.
|
|
58
|
+
* Returns a plain data object satisfying IUserBase — no Document wrapper needed.
|
|
59
|
+
*/
|
|
60
|
+
private static buildUserDocument;
|
|
61
|
+
/**
|
|
62
|
+
* Build a user-role junction document for insertion into the user-roles collection.
|
|
63
|
+
* Returns a plain data object satisfying IUserRoleBase — no Document wrapper needed.
|
|
64
|
+
*/
|
|
65
|
+
private static buildUserRoleDocument;
|
|
66
|
+
/**
|
|
67
|
+
* Build a mnemonic document for insertion into the mnemonics collection.
|
|
68
|
+
* Returns a plain data object satisfying IMnemonicBase — no Document wrapper needed.
|
|
69
|
+
*/
|
|
70
|
+
private static buildMnemonicDocument;
|
|
71
|
+
/**
|
|
72
|
+
* Serialize a typed RBAC document for storage/validation.
|
|
73
|
+
* Converts GuidV4Buffer values to their canonical string form and
|
|
74
|
+
* Date values to ISO strings so the document satisfies the all-string
|
|
75
|
+
* collection schemas.
|
|
76
|
+
*/
|
|
77
|
+
private static serializeForStorage;
|
|
78
|
+
/**
|
|
79
|
+
* Validate a document against a schema, returning field errors (if any).
|
|
80
|
+
*
|
|
81
|
+
* Uses a generic parameter so callers can pass any typed RBAC document
|
|
82
|
+
* (IRoleBase, IUserBase, etc.) without needing an index signature.
|
|
83
|
+
* Serializes the document before validation so GuidV4Buffer and Date
|
|
84
|
+
* values are converted to the string types the schemas expect.
|
|
85
|
+
*/
|
|
86
|
+
private static validateRbacDocument;
|
|
87
|
+
/**
|
|
88
|
+
* Initialise the block store and BrightChainDb, then persist member index
|
|
89
|
+
* entries AND full RBAC documents (roles, users, user-roles, mnemonics).
|
|
90
|
+
*
|
|
91
|
+
* This is the full-featured init that mirrors the Mongoose
|
|
92
|
+
* DatabaseInitializationService.initUserDbWithServices() flow.
|
|
93
|
+
*
|
|
94
|
+
* Steps:
|
|
95
|
+
* 1-3. Same as initialize() — build store, create DB, create CBLIndex
|
|
96
|
+
* 4. Build candidate member index entries
|
|
97
|
+
* 5. Validate member index candidates
|
|
98
|
+
* 6. Idempotency check for member index
|
|
99
|
+
* 7. Insert missing member index entries
|
|
100
|
+
* 8. Build and validate RBAC documents (roles, users, user-roles, mnemonics)
|
|
101
|
+
* 9. Idempotency check for RBAC collections
|
|
102
|
+
* 10. Insert missing RBAC documents in a single transaction
|
|
103
|
+
*/
|
|
104
|
+
initializeWithRbac(config: IBrightChainMemberInitConfig, input: IBrightChainRbacInitInput<GuidV4Buffer>): Promise<IBrightChainInitResult<GuidV4Buffer, BrightChainDb>>;
|
|
105
|
+
/**
|
|
106
|
+
* Map an IBrightChainUserInitEntry to an IBrightChainUserCredentials bundle.
|
|
107
|
+
* Plaintext fields default to empty string / empty array when absent.
|
|
108
|
+
*/
|
|
109
|
+
private static buildUserCredentials;
|
|
110
|
+
/**
|
|
111
|
+
* Helper to resolve a display label for a MemberType.
|
|
112
|
+
*/
|
|
113
|
+
private static memberTypeLabel;
|
|
114
|
+
/**
|
|
115
|
+
* Print a single user's credentials block.
|
|
116
|
+
*/
|
|
117
|
+
private static printUserCredentials;
|
|
118
|
+
/**
|
|
119
|
+
* Print a formatted summary of the BrightChain server init results,
|
|
120
|
+
* including full credentials for each user.
|
|
121
|
+
*/
|
|
122
|
+
static printServerInitResults(result: IBrightChainServerInitResult<GuidV4Buffer, BrightChainDb>, config: IBrightChainMemberInitConfig): void;
|
|
123
|
+
/**
|
|
124
|
+
* Print a formatted summary of the BrightChain member init results.
|
|
125
|
+
* Kept for backward compatibility — delegates to printServerInitResults
|
|
126
|
+
* when a full result is available, otherwise prints minimal info.
|
|
127
|
+
*/
|
|
128
|
+
static printInitResults(input: IBrightChainMemberInitInput<GuidV4Buffer>, result: IBrightChainInitResult<GuidV4Buffer, BrightChainDb>, config: IBrightChainMemberInitConfig): void;
|
|
129
|
+
/**
|
|
130
|
+
* Combine a basic init result with user credentials to produce the full
|
|
131
|
+
* IBrightChainServerInitResult. This keeps the initialize() method lean
|
|
132
|
+
* while allowing callers to enrich the result with environment credentials.
|
|
133
|
+
*/
|
|
134
|
+
static buildServerInitResult(baseResult: IBrightChainInitResult<GuidV4Buffer, BrightChainDb>, credentials: {
|
|
135
|
+
system: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
136
|
+
admin: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
137
|
+
member: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
138
|
+
}): IBrightChainServerInitResult<GuidV4Buffer, BrightChainDb>;
|
|
139
|
+
/**
|
|
140
|
+
* Format the full server init result as .env variable lines.
|
|
141
|
+
* Outputs all credential fields matching the .env.example layout.
|
|
142
|
+
*/
|
|
143
|
+
static formatDotEnv(credentials: {
|
|
144
|
+
system: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
145
|
+
admin: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
146
|
+
member: IBrightChainUserCredentials<GuidV4Buffer>;
|
|
147
|
+
}): string;
|
|
65
148
|
}
|
|
66
149
|
//# sourceMappingURL=brightchain-member-init.service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brightchain-member-init.service.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-member-init.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;
|
|
1
|
+
{"version":3,"file":"brightchain-member-init.service.d.ts","sourceRoot":"","sources":["../../../../../brightchain-api-lib/src/lib/services/brightchain-member-init.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAGV,yBAAyB,EACzB,4BAA4B,EAC5B,2BAA2B,EAG5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEL,0BAA0B,EAC1B,sBAAsB,EACtB,2BAA2B,EAI5B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,aAAa,EACb,QAAQ,EAGT,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAU/D,OAAO,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAC;AAoBhF,YAAY,EAAE,4BAA4B,EAAE,MAAM,kCAAkC,CAAC;AA0DrF;;;;;;GAMG;AACH,qBAAa,4BAA4B;IACvC,OAAO,CAAC,GAAG,CAA4B;IACvC,OAAO,CAAC,eAAe,CAAuB;IAE9C;;;OAGG;IACH,IAAI,EAAE,IAAI,aAAa,CAOtB;IAED;;;OAGG;IACH,IAAI,cAAc,IAAI,QAAQ,CAO7B;IAED;;;;;;;;;;;;OAYG;IACG,UAAU,CACd,MAAM,EAAE,4BAA4B,EACpC,KAAK,EAAE,2BAA2B,CAAC,YAAY,CAAC,GAC/C,OAAO,CAAC,0BAA0B,CAAC,aAAa,CAAC,CAAC;IAmErD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IAmBhC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IA4BhC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IAgBpC;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,qBAAqB;IASpC;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,mBAAmB;IAgClC;;;;;;;OAOG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAoBnC;;;;;;;;;;;;;;;;OAgBG;IACG,kBAAkB,CACtB,MAAM,EAAE,4BAA4B,EACpC,KAAK,EAAE,yBAAyB,CAAC,YAAY,CAAC,GAC7C,OAAO,CAAC,sBAAsB,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IAwL/D;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAoBnC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IAW9B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,oBAAoB;IAyBnC;;;OAGG;IACH,MAAM,CAAC,sBAAsB,CAC3B,MAAM,EAAE,4BAA4B,CAAC,YAAY,EAAE,aAAa,CAAC,EACjE,MAAM,EAAE,4BAA4B,GACnC,IAAI;IAuBP;;;;OAIG;IACH,MAAM,CAAC,gBAAgB,CACrB,KAAK,EAAE,2BAA2B,CAAC,YAAY,CAAC,EAChD,MAAM,EAAE,sBAAsB,CAAC,YAAY,EAAE,aAAa,CAAC,EAC3D,MAAM,EAAE,4BAA4B,GACnC,IAAI;IAkCP;;;;OAIG;IACH,MAAM,CAAC,qBAAqB,CAC1B,UAAU,EAAE,sBAAsB,CAAC,YAAY,EAAE,aAAa,CAAC,EAC/D,WAAW,EAAE;QACX,MAAM,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;QAClD,KAAK,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;QACjD,MAAM,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;KACnD,GACA,4BAA4B,CAAC,YAAY,EAAE,aAAa,CAAC;IAS5D;;;OAGG;IACH,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE;QAC/B,MAAM,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;QAClD,KAAK,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;QACjD,MAAM,EAAE,2BAA2B,CAAC,YAAY,CAAC,CAAC;KACnD,GAAG,MAAM;CAyBX"}
|