@budibase/backend-core 2.9.16 → 2.9.18

package/dist/src/logging/system.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"system.js","sourceRoot":"","sources":["../../../src/logging/system.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAAmB;AACnB,gDAAuB;AACvB,0DAA2C;AAE3C,iEAAgC;AAChC,gDAAgD;AAEhD,MAAM,YAAY,GAAG,cAAc,CAAA;AACnC,MAAM,2BAA2B,GAAG,2BAA2B,CAAA;AAE/D,MAAM,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,IAAA,6BAAe,GAAE,EAAE,YAAY,CAAC,CAAA;AAE3D,SAAS,WAAW,CAAC,QAAgB;IACnC,OAAO,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;AACtC,CAAC;AAED,SAAgB,wBAAwB,CAAC,YAAoB;IAC3D,MAAM,KAAK,GAAG,iBAAiB,CAAA;IAC/B,MAAM,KAAK,GAAG,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,KAAK,CAAC,KAAK,CAAC,CAAA;IACxC,IAAI,CAAC,KAAK,EAAE;QACV,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE;YACvD,YAAY;SACb,CAAC,CAAA;QACF,OAAO,SAAS,CAAA;KACjB;IAED,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IACtB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;IACrB,IAAI,IAAI,KAAK,CAAC,EAAE;QACd,QAAQ,IAAI,EAAE;YACZ,KAAK,GAAG;gBACN,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,GAAG,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAA;YACnD,KAAK,GAAG;gBACN,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAA;YAChE,KAAK,GAAG;gBACN,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAA;YAChE,KAAK,GAAG;gBACN,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAA;YAChE;gBACE,OAAO,SAAS,CAAA;SACnB;KACF;IAED,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE;QAClB,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,EAAE,EAAE,iBAAiB,EAAE,CAAC,EAAE,CAAA;KAC5D;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,EAAE,iBAAiB,EAAE,IAAI,GAAG,CAAC,EAAE,CAAA;AAC1D,CAAC;AAhCD,4DAgCC;AAED,SAAgB,oBAAoB;IAClC,MAAM,QAAQ,GAAG,wBAAwB,CAAC,qBAAG,CAAC,oBAAoB,CAAC,CAAA;IACnE,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,CAAC,YAAY,EAAE;QAC7C,0DAA0D;QAC1D,IAAI,EAAE,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI;QACpB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,iBAAiB,KAAI,CAAC;QAC1C,SAAS,EAAE,IAAI;QACf,OAAO,EAAE,2BAA2B;QACpC,eAAe,EAAE,KAAK;KACvB,CAAC,CAAA;IAEF,OAAO,OAAO,CAAA;AAChB,CAAC;AAbD,oDAaC;AAED,SAAgB,gBAAgB;IAC9B,MAAM,OAAO,GAAG,EAAE,CAAA;IAClB,MAAM,WAAW,GAAG,WAAW,CAAC,2BAA2B,CAAC,CAAA;IAC5D,IAAI,YAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE;QAC9B,MAAM,WAAW,GAAG,YAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;QACzD,MAAM,YAAY,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC5C,KAAK,MAAM,WAAW,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE;YACrD,OAAO,CAAC,IAAI,CAAC,YAAE,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAA;SAC3C;KACF;IAED,OAAO,CAAC,IAAI,CAAC,YAAE,CAAC,YAAY,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAC9C,OAAO,eAAe,CAAA;AACxB,CAAC;AAfD,4CAeC"}

package/dist/src/middleware/adminOnly.js

@@ -1,19 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const users_1 = require("../users");
-exports.default = (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
-    if (!ctx.internal && !(0, users_1.isAdmin)(ctx.user)) {
-        ctx.throw(403, "Admin user only endpoint.");
-    }
-    return next();
-});
-//# sourceMappingURL=adminOnly.js.map

package/dist/src/middleware/adminOnly.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"adminOnly.js","sourceRoot":"","sources":["../../../src/middleware/adminOnly.ts"],"names":[],"mappings":";;;;;;;;;;;AACA,oCAAkC;AAElC,kBAAe,CAAO,GAAY,EAAE,IAAS,EAAE,EAAE;IAC/C,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,IAAA,eAAO,EAAC,GAAG,CAAC,IAAI,CAAC,EAAE;QACvC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,2BAA2B,CAAC,CAAA;KAC5C;IACD,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA,CAAA"}

package/dist/src/middleware/auditLog.js

@@ -1,16 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
-    // Placeholder for audit log middleware
-    return next();
-});
-//# sourceMappingURL=auditLog.js.map

package/dist/src/middleware/auditLog.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auditLog.js","sourceRoot":"","sources":["../../../src/middleware/auditLog.ts"],"names":[],"mappings":";;;;;;;;;;;AAEA,kBAAe,CAAO,GAAoB,EAAE,IAAS,EAAE,EAAE;IACvD,uCAAuC;IACvC,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA,CAAA"}

package/dist/src/middleware/authenticated.js

@@ -1,204 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const constants_1 = require("../constants");
-const utils_1 = require("../utils");
-const user_1 = require("../cache/user");
-const sessions_1 = require("../security/sessions");
-const matchers_1 = require("./matchers");
-const db_1 = require("../db");
-const context_1 = require("../context");
-const encryption_1 = require("../security/encryption");
-const identity = __importStar(require("../context/identity"));
-const environment_1 = __importDefault(require("../environment"));
-const errors_1 = require("../errors");
-const ONE_MINUTE = environment_1.default.SESSION_UPDATE_PERIOD
-    ? parseInt(environment_1.default.SESSION_UPDATE_PERIOD)
-    : 60 * 1000;
-function timeMinusOneMinute() {
-    return new Date(Date.now() - ONE_MINUTE).toISOString();
-}
-function finalise(ctx, opts = {}) {
-    ctx.publicEndpoint = opts.publicEndpoint || false;
-    ctx.isAuthenticated = opts.authenticated || false;
-    ctx.user = opts.user;
-    ctx.internal = opts.internal || false;
-    ctx.version = opts.version;
-}
-function checkApiKey(apiKey, populateUser) {
-    return __awaiter(this, void 0, void 0, function* () {
-        // check both the primary and the fallback internal api keys
-        // this allows for rotation
-        if ((0, utils_1.isValidInternalAPIKey)(apiKey)) {
-            return { valid: true, user: undefined };
-        }
-        const decrypted = (0, encryption_1.decrypt)(apiKey);
-        const tenantId = decrypted.split(db_1.SEPARATOR)[0];
-        return (0, context_1.doInTenant)(tenantId, () => __awaiter(this, void 0, void 0, function* () {
-            let userId;
-            try {
-                const db = (0, context_1.getGlobalDB)();
-                // api key is encrypted in the database
-                userId = (yield (0, db_1.queryGlobalView)(db_1.ViewName.BY_API_KEY, {
-                    key: apiKey,
-                }, db));
-            }
-            catch (err) {
-                userId = undefined;
-            }
-            if (userId) {
-                return {
-                    valid: true,
-                    user: yield (0, user_1.getUser)(userId, tenantId, populateUser),
-                };
-            }
-            else {
-                throw new errors_1.InvalidAPIKeyError();
-            }
-        }));
-    });
-}
-/**
- * This middleware is tenancy aware, so that it does not depend on other middlewares being used.
- * The tenancy modules should not be used here and it should be assumed that the tenancy context
- * has not yet been populated.
- */
-function default_1(noAuthPatterns = [], opts = {
-    publicAllowed: false,
-}) {
-    const noAuthOptions = noAuthPatterns ? (0, matchers_1.buildMatcherRegex)(noAuthPatterns) : [];
-    return (ctx, next) => __awaiter(this, void 0, void 0, function* () {
-        let publicEndpoint = false;
-        const version = ctx.request.headers[constants_1.Header.API_VER];
-        // the path is not authenticated
-        const found = (0, matchers_1.matches)(ctx, noAuthOptions);
-        if (found) {
-            publicEndpoint = true;
-        }
-        try {
-            // check the actual user is authenticated first, try header or cookie
-            let headerToken = ctx.request.headers[constants_1.Header.TOKEN];
-            const authCookie = (0, utils_1.getCookie)(ctx, constants_1.Cookie.Auth) || (0, utils_1.openJwt)(headerToken);
-            let apiKey = ctx.request.headers[constants_1.Header.API_KEY];
-            if (!apiKey && ctx.request.headers[constants_1.Header.AUTHORIZATION]) {
-                apiKey = ctx.request.headers[constants_1.Header.AUTHORIZATION].split(" ")[1];
-            }
-            const tenantId = ctx.request.headers[constants_1.Header.TENANT_ID];
-            let authenticated = false, user = null, internal = false;
-            if (authCookie && !apiKey) {
-                const sessionId = authCookie.sessionId;
-                const userId = authCookie.userId;
-                let session;
-                try {
-                    // getting session handles error checking (if session exists etc)
-                    session = yield (0, sessions_1.getSession)(userId, sessionId);
-                    if (opts && opts.populateUser) {
-                        user = yield (0, user_1.getUser)(userId, session.tenantId, opts.populateUser(ctx));
-                    }
-                    else {
-                        user = yield (0, user_1.getUser)(userId, session.tenantId);
-                    }
-                    user.csrfToken = session.csrfToken;
-                    if ((session === null || session === void 0 ? void 0 : session.lastAccessedAt) < timeMinusOneMinute()) {
-                        // make sure we denote that the session is still in use
-                        yield (0, sessions_1.updateSessionTTL)(session);
-                    }
-                    authenticated = true;
-                }
-                catch (err) {
-                    authenticated = false;
-                    console.error(`Auth Error: ${err.message}`);
-                    console.error(err);
-                    // remove the cookie as the user does not exist anymore
-                    (0, utils_1.clearCookie)(ctx, constants_1.Cookie.Auth);
-                }
-            }
-            // this is an internal request, no user made it
-            if (!authenticated && apiKey) {
-                const populateUser = opts.populateUser ? opts.populateUser(ctx) : null;
-                const { valid, user: foundUser } = yield checkApiKey(apiKey, populateUser);
-                if (valid && foundUser) {
-                    authenticated = true;
-                    user = foundUser;
-                }
-                else if (valid) {
-                    authenticated = true;
-                    internal = true;
-                }
-            }
-            if (!user && tenantId) {
-                user = { tenantId };
-            }
-            else if (user) {
-                delete user.password;
-            }
-            // be explicit
-            if (!authenticated) {
-                authenticated = false;
-            }
-            // isAuthenticated is a function, so use a variable to be able to check authed state
-            finalise(ctx, { authenticated, user, internal, version, publicEndpoint });
-            if (user && user.email) {
-                return identity.doInUserContext(user, ctx, next);
-            }
-            else {
-                return next();
-            }
-        }
-        catch (err) {
-            console.error(`Auth Error: ${err.message}`);
-            console.error(err);
-            // invalid token, clear the cookie
-            if ((err === null || err === void 0 ? void 0 : err.name) === "JsonWebTokenError") {
-                (0, utils_1.clearCookie)(ctx, constants_1.Cookie.Auth);
-            }
-            else if ((err === null || err === void 0 ? void 0 : err.code) === errors_1.ErrorCode.INVALID_API_KEY) {
-                ctx.throw(403, err.message);
-            }
-            // allow configuring for public access
-            if ((opts && opts.publicAllowed) || publicEndpoint) {
-                finalise(ctx, { authenticated: false, version, publicEndpoint });
-                return next();
-            }
-            else {
-                ctx.throw(err.status || 403, err);
-            }
-        }
-    });
-}
-exports.default = default_1;
-//# sourceMappingURL=authenticated.js.map

package/dist/src/middleware/authenticated.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"authenticated.js","sourceRoot":"","sources":["../../../src/middleware/authenticated.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAA6C;AAC7C,oCAKiB;AACjB,wCAAuC;AACvC,mDAAmE;AACnE,yCAAuD;AACvD,8BAA4D;AAC5D,wCAAoD;AACpD,uDAAgD;AAChD,8DAA+C;AAC/C,iEAAgC;AAEhC,sCAAyD;AAEzD,MAAM,UAAU,GAAG,qBAAG,CAAC,qBAAqB;IAC1C,CAAC,CAAC,QAAQ,CAAC,qBAAG,CAAC,qBAAqB,CAAC;IACrC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAA;AAUb,SAAS,kBAAkB;IACzB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE,CAAA;AACxD,CAAC;AAED,SAAS,QAAQ,CAAC,GAAQ,EAAE,OAAqB,EAAE;IACjD,GAAG,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,KAAK,CAAA;IACjD,GAAG,CAAC,eAAe,GAAG,IAAI,CAAC,aAAa,IAAI,KAAK,CAAA;IACjD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAA;IACpB,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAA;IACrC,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAA;AAC5B,CAAC;AAED,SAAe,WAAW,CAAC,MAAc,EAAE,YAAuB;;QAChE,4DAA4D;QAC5D,2BAA2B;QAC3B,IAAI,IAAA,6BAAqB,EAAC,MAAM,CAAC,EAAE;YACjC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAA;SACxC;QACD,MAAM,SAAS,GAAG,IAAA,oBAAO,EAAC,MAAM,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,cAAS,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9C,OAAO,IAAA,oBAAU,EAAC,QAAQ,EAAE,GAAS,EAAE;YACrC,IAAI,MAAM,CAAA;YACV,IAAI;gBACF,MAAM,EAAE,GAAG,IAAA,qBAAW,GAAE,CAAA;gBACxB,uCAAuC;gBACvC,MAAM,GAAG,CAAC,MAAM,IAAA,oBAAe,EAC7B,aAAQ,CAAC,UAAU,EACnB;oBACE,GAAG,EAAE,MAAM;iBACZ,EACD,EAAE,CACH,CAAW,CAAA;aACb;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,GAAG,SAAS,CAAA;aACnB;YACD,IAAI,MAAM,EAAE;gBACV,OAAO;oBACL,KAAK,EAAE,IAAI;oBACX,IAAI,EAAE,MAAM,IAAA,cAAO,EAAC,MAAM,EAAE,QAAQ,EAAE,YAAY,CAAC;iBACpD,CAAA;aACF;iBAAM;gBACL,MAAM,IAAI,2BAAkB,EAAE,CAAA;aAC/B;QACH,CAAC,CAAA,CAAC,CAAA;IACJ,CAAC;CAAA;AAED;;;;GAIG;AACH,mBACE,iBAAoC,EAAE,EACtC,OAA6D;IAC3D,aAAa,EAAE,KAAK;CACrB;IAED,MAAM,aAAa,GAAG,cAAc,CAAC,CAAC,CAAC,IAAA,4BAAiB,EAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;IAC7E,OAAO,CAAO,GAAc,EAAE,IAAS,EAAE,EAAE;QACzC,IAAI,cAAc,GAAG,KAAK,CAAA;QAC1B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,OAAO,CAAC,CAAA;QACnD,gCAAgC;QAChC,MAAM,KAAK,GAAG,IAAA,kBAAO,EAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACzC,IAAI,KAAK,EAAE;YACT,cAAc,GAAG,IAAI,CAAA;SACtB;QACD,IAAI;YACF,qEAAqE;YACrE,IAAI,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,KAAK,CAAC,CAAA;YAEnD,MAAM,UAAU,GAAG,IAAA,iBAAS,EAAC,GAAG,EAAE,kBAAM,CAAC,IAAI,CAAC,IAAI,IAAA,eAAO,EAAC,WAAW,CAAC,CAAA;YACtE,IAAI,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,OAAO,CAAC,CAAA;YAEhD,IAAI,CAAC,MAAM,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,aAAa,CAAC,EAAE;gBACxD,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;aACjE;YAED,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,SAAS,CAAC,CAAA;YACtD,IAAI,aAAa,GAAG,KAAK,EACvB,IAAI,GAAG,IAAI,EACX,QAAQ,GAAG,KAAK,CAAA;YAClB,IAAI,UAAU,IAAI,CAAC,MAAM,EAAE;gBACzB,MAAM,SAAS,GAAG,UAAU,CAAC,SAAS,CAAA;gBACtC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAA;gBAChC,IAAI,OAAO,CAAA;gBACX,IAAI;oBACF,iEAAiE;oBACjE,OAAO,GAAG,MAAM,IAAA,qBAAU,EAAC,MAAM,EAAE,SAAS,CAAC,CAAA;oBAC7C,IAAI,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE;wBAC7B,IAAI,GAAG,MAAM,IAAA,cAAO,EAClB,MAAM,EACN,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CACvB,CAAA;qBACF;yBAAM;wBACL,IAAI,GAAG,MAAM,IAAA,cAAO,EAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAA;qBAC/C;oBACD,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;oBAElC,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,cAAc,IAAG,kBAAkB,EAAE,EAAE;wBAClD,uDAAuD;wBACvD,MAAM,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAA;qBAChC;oBACD,aAAa,GAAG,IAAI,CAAA;iBACrB;gBAAC,OAAO,GAAQ,EAAE;oBACjB,aAAa,GAAG,KAAK,CAAA;oBACrB,OAAO,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;oBAC3C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBAClB,uDAAuD;oBACvD,IAAA,mBAAW,EAAC,GAAG,EAAE,kBAAM,CAAC,IAAI,CAAC,CAAA;iBAC9B;aACF;YACD,+CAA+C;YAC/C,IAAI,CAAC,aAAa,IAAI,MAAM,EAAE;gBAC5B,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;gBACtE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,MAAM,WAAW,CAClD,MAAM,EACN,YAAY,CACb,CAAA;gBACD,IAAI,KAAK,IAAI,SAAS,EAAE;oBACtB,aAAa,GAAG,IAAI,CAAA;oBACpB,IAAI,GAAG,SAAS,CAAA;iBACjB;qBAAM,IAAI,KAAK,EAAE;oBAChB,aAAa,GAAG,IAAI,CAAA;oBACpB,QAAQ,GAAG,IAAI,CAAA;iBAChB;aACF;YACD,IAAI,CAAC,IAAI,IAAI,QAAQ,EAAE;gBACrB,IAAI,GAAG,EAAE,QAAQ,EAAE,CAAA;aACpB;iBAAM,IAAI,IAAI,EAAE;gBACf,OAAO,IAAI,CAAC,QAAQ,CAAA;aACrB;YACD,cAAc;YACd,IAAI,CAAC,aAAa,EAAE;gBAClB,aAAa,GAAG,KAAK,CAAA;aACtB;YACD,oFAAoF;YACpF,QAAQ,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;YAEzE,IAAI,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE;gBACtB,OAAO,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;aACjD;iBAAM;gBACL,OAAO,IAAI,EAAE,CAAA;aACd;SACF;QAAC,OAAO,GAAQ,EAAE;YACjB,OAAO,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;YAC3C,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAClB,kCAAkC;YAClC,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,mBAAmB,EAAE;gBACrC,IAAA,mBAAW,EAAC,GAAG,EAAE,kBAAM,CAAC,IAAI,CAAC,CAAA;aAC9B;iBAAM,IAAI,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,MAAK,kBAAS,CAAC,eAAe,EAAE;gBAClD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,OAAO,CAAC,CAAA;aAC5B;YACD,sCAAsC;YACtC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,cAAc,EAAE;gBAClD,QAAQ,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAA;gBAChE,OAAO,IAAI,EAAE,CAAA;aACd;iBAAM;gBACL,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,IAAI,GAAG,EAAE,GAAG,CAAC,CAAA;aAClC;SACF;IACH,CAAC,CAAA,CAAA;AACH,CAAC;AA/GD,4BA+GC"}

package/dist/src/middleware/builderOnly.js

@@ -1,33 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const users_1 = require("../users");
-const context_1 = require("../context");
-const environment_1 = __importDefault(require("../environment"));
-exports.default = (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const appId = (0, context_1.getAppId)();
-    const builderFn = environment_1.default.isWorker()
-        ? users_1.hasBuilderPermissions
-        : environment_1.default.isApps()
-            ? users_1.isBuilder
-            : undefined;
-    if (!builderFn) {
-        throw new Error("Service name unknown - middleware inactive.");
-    }
-    if (!ctx.internal && !builderFn(ctx.user, appId)) {
-        ctx.throw(403, "Builder user only endpoint.");
-    }
-    return next();
-});
-//# sourceMappingURL=builderOnly.js.map

package/dist/src/middleware/builderOnly.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"builderOnly.js","sourceRoot":"","sources":["../../../src/middleware/builderOnly.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AACA,oCAA2D;AAC3D,wCAAqC;AACrC,iEAAgC;AAEhC,kBAAe,CAAO,GAAY,EAAE,IAAS,EAAE,EAAE;IAC/C,MAAM,KAAK,GAAG,IAAA,kBAAQ,GAAE,CAAA;IACxB,MAAM,SAAS,GAAG,qBAAG,CAAC,QAAQ,EAAE;QAC9B,CAAC,CAAC,6BAAqB;QACvB,CAAC,CAAC,qBAAG,CAAC,MAAM,EAAE;YACd,CAAC,CAAC,iBAAS;YACX,CAAC,CAAC,SAAS,CAAA;IACb,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAA;KAC/D;IACD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE;QAChD,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,6BAA6B,CAAC,CAAA;KAC9C;IACD,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA,CAAA"}

package/dist/src/middleware/builderOrAdmin.js

@@ -1,33 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const users_1 = require("../users");
-const context_1 = require("../context");
-const environment_1 = __importDefault(require("../environment"));
-exports.default = (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const appId = (0, context_1.getAppId)();
-    const builderFn = environment_1.default.isWorker()
-        ? users_1.hasBuilderPermissions
-        : environment_1.default.isApps()
-            ? users_1.isBuilder
-            : undefined;
-    if (!builderFn) {
-        throw new Error("Service name unknown - middleware inactive.");
-    }
-    if (!ctx.internal && !builderFn(ctx.user, appId) && !(0, users_1.isAdmin)(ctx.user)) {
-        ctx.throw(403, "Admin/Builder user only endpoint.");
-    }
-    return next();
-});
-//# sourceMappingURL=builderOrAdmin.js.map

package/dist/src/middleware/builderOrAdmin.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"builderOrAdmin.js","sourceRoot":"","sources":["../../../src/middleware/builderOrAdmin.ts"],"names":[],"mappings":";;;;;;;;;;;;;;AACA,oCAAoE;AACpE,wCAAqC;AACrC,iEAAgC;AAEhC,kBAAe,CAAO,GAAY,EAAE,IAAS,EAAE,EAAE;IAC/C,MAAM,KAAK,GAAG,IAAA,kBAAQ,GAAE,CAAA;IACxB,MAAM,SAAS,GAAG,qBAAG,CAAC,QAAQ,EAAE;QAC9B,CAAC,CAAC,6BAAqB;QACvB,CAAC,CAAC,qBAAG,CAAC,MAAM,EAAE;YACd,CAAC,CAAC,iBAAS;YACX,CAAC,CAAC,SAAS,CAAA;IACb,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAA;KAC/D;IACD,IAAI,CAAC,GAAG,CAAC,QAAQ,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,IAAA,eAAO,EAAC,GAAG,CAAC,IAAI,CAAC,EAAE;QACtE,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,mCAAmC,CAAC,CAAA;KACpD;IACD,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA,CAAA"}

package/dist/src/middleware/csrf.js

@@ -1,81 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const constants_1 = require("../constants");
-const matchers_1 = require("./matchers");
-/**
- * GET, HEAD and OPTIONS methods are considered safe operations
- *
- * POST, PUT, PATCH, and DELETE methods, being state changing verbs,
- * should have a CSRF token attached to the request
- */
-const EXCLUDED_METHODS = ["GET", "HEAD", "OPTIONS"];
-/**
- * There are only three content type values that can be used in cross domain requests.
- * If any other value is used, e.g. application/json, the browser will first make a OPTIONS
- * request which will be protected by CORS.
- */
-const INCLUDED_CONTENT_TYPES = [
-    "application/x-www-form-urlencoded",
-    "multipart/form-data",
-    "text/plain",
-];
-/**
- * Validate the CSRF token generated aganst the user session.
- * Compare the token with the x-csrf-token header.
- *
- * If the token is not found within the request or the value provided
- * does not match the value within the user session, the request is rejected.
- *
- * CSRF protection provided using the 'Synchronizer Token Pattern'
- * https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#synchronizer-token-pattern
- *
- */
-function default_1(opts = { noCsrfPatterns: [] }) {
-    const noCsrfOptions = (0, matchers_1.buildMatcherRegex)(opts.noCsrfPatterns);
-    return (ctx, next) => __awaiter(this, void 0, void 0, function* () {
-        var _a;
-        // don't apply for excluded paths
-        const found = (0, matchers_1.matches)(ctx, noCsrfOptions);
-        if (found) {
-            return next();
-        }
-        // don't apply for the excluded http methods
-        if (EXCLUDED_METHODS.indexOf(ctx.method) !== -1) {
-            return next();
-        }
-        // don't apply when the content type isn't supported
-        let contentType = ctx.get("content-type")
-            ? ctx.get("content-type").toLowerCase()
-            : "";
-        if (!INCLUDED_CONTENT_TYPES.filter(type => contentType.includes(type)).length) {
-            return next();
-        }
-        // don't apply csrf when the internal api key has been used
-        if (ctx.internal) {
-            return next();
-        }
-        // apply csrf when there is a token in the session (new logins)
-        // in future there should be a hard requirement that the token is present
-        const userToken = (_a = ctx.user) === null || _a === void 0 ? void 0 : _a.csrfToken;
-        if (!userToken) {
-            return next();
-        }
-        // reject if no token in request or mismatch
-        const requestToken = ctx.get(constants_1.Header.CSRF_TOKEN);
-        if (!requestToken || requestToken !== userToken) {
-            ctx.throw(403, "Invalid CSRF token");
-        }
-        return next();
-    });
-}
-exports.default = default_1;
-//# sourceMappingURL=csrf.js.map

package/dist/src/middleware/csrf.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"csrf.js","sourceRoot":"","sources":["../../../src/middleware/csrf.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,4CAAqC;AACrC,yCAAuD;AAGvD;;;;;GAKG;AACH,MAAM,gBAAgB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAA;AAEnD;;;;GAIG;AACH,MAAM,sBAAsB,GAAG;IAC7B,mCAAmC;IACnC,qBAAqB;IACrB,YAAY;CACb,CAAA;AAED;;;;;;;;;;GAUG;AACH,mBACE,OAA8C,EAAE,cAAc,EAAE,EAAE,EAAE;IAEpE,MAAM,aAAa,GAAG,IAAA,4BAAiB,EAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC5D,OAAO,CAAO,GAAoB,EAAE,IAAS,EAAE,EAAE;;QAC/C,iCAAiC;QACjC,MAAM,KAAK,GAAG,IAAA,kBAAO,EAAC,GAAG,EAAE,aAAa,CAAC,CAAA;QACzC,IAAI,KAAK,EAAE;YACT,OAAO,IAAI,EAAE,CAAA;SACd;QAED,4CAA4C;QAC5C,IAAI,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE;YAC/C,OAAO,IAAI,EAAE,CAAA;SACd;QAED,oDAAoD;QACpD,IAAI,WAAW,GAAG,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC;YACvC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE;YACvC,CAAC,CAAC,EAAE,CAAA;QACN,IACE,CAAC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EACzE;YACA,OAAO,IAAI,EAAE,CAAA;SACd;QAED,2DAA2D;QAC3D,IAAI,GAAG,CAAC,QAAQ,EAAE;YAChB,OAAO,IAAI,EAAE,CAAA;SACd;QAED,+DAA+D;QAC/D,yEAAyE;QACzE,MAAM,SAAS,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,SAAS,CAAA;QACrC,IAAI,CAAC,SAAS,EAAE;YACd,OAAO,IAAI,EAAE,CAAA;SACd;QAED,4CAA4C;QAC5C,MAAM,YAAY,GAAG,GAAG,CAAC,GAAG,CAAC,kBAAM,CAAC,UAAU,CAAC,CAAA;QAC/C,IAAI,CAAC,YAAY,IAAI,YAAY,KAAK,SAAS,EAAE;YAC/C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAA;SACrC;QAED,OAAO,IAAI,EAAE,CAAA;IACf,CAAC,CAAA,CAAA;AACH,CAAC;AA9CD,4BA8CC"}

package/dist/src/middleware/errorHandling.js

@@ -1,64 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.errorHandling = void 0;
-const errors = __importStar(require("../errors"));
-function errorHandling(ctx, next) {
-    return __awaiter(this, void 0, void 0, function* () {
-        try {
-            yield next();
-        }
-        catch (err) {
-            const status = err.status || err.statusCode || 500;
-            ctx.status = status;
-            if (status >= 400 && status < 500) {
-                console.warn(err);
-            }
-            else {
-                console.error(err);
-            }
-            const error = errors.getPublicError(err);
-            const body = {
-                message: err.message,
-                status: status,
-                validationErrors: err.validation,
-                error,
-            };
-            ctx.body = body;
-        }
-    });
-}
-exports.errorHandling = errorHandling;
-exports.default = errorHandling;
-//# sourceMappingURL=errorHandling.js.map

package/dist/src/middleware/errorHandling.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"errorHandling.js","sourceRoot":"","sources":["../../../src/middleware/errorHandling.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,kDAAmC;AAEnC,SAAsB,aAAa,CAAC,GAAQ,EAAE,IAAS;;QACrD,IAAI;YACF,MAAM,IAAI,EAAE,CAAA;SACb;QAAC,OAAO,GAAQ,EAAE;YACjB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAA;YAClD,GAAG,CAAC,MAAM,GAAG,MAAM,CAAA;YAEnB,IAAI,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG,EAAE;gBACjC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;aAClB;iBAAM;gBACL,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;aACnB;YAED,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAA;YACxC,MAAM,IAAI,GAAa;gBACrB,OAAO,EAAE,GAAG,CAAC,OAAO;gBACpB,MAAM,EAAE,MAAM;gBACd,gBAAgB,EAAE,GAAG,CAAC,UAAU;gBAChC,KAAK;aACN,CAAA;YAED,GAAG,CAAC,IAAI,GAAG,IAAI,CAAA;SAChB;IACH,CAAC;CAAA;AAvBD,sCAuBC;AAED,kBAAe,aAAa,CAAA"}

package/dist/src/middleware/index.js

@@ -1,65 +0,0 @@
-"use strict";
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.joiValidator = exports.querystringToBody = exports.errorHandling = exports.correlation = exports.pino = exports.builderOnly = exports.builderOrAdmin = exports.adminOnly = exports.csrf = exports.internalApi = exports.tenancy = exports.auditLog = exports.authenticated = exports.ssoCallbackUrl = exports.authError = exports.datasource = exports.oidc = exports.google = exports.local = void 0;
-exports.local = __importStar(require("./passport/local"));
-exports.google = __importStar(require("./passport/sso/google"));
-exports.oidc = __importStar(require("./passport/sso/oidc"));
-const datasourceGoogle = __importStar(require("./passport/datasource/google"));
-exports.datasource = {
-    google: datasourceGoogle,
-};
-var utils_1 = require("./passport/utils");
-Object.defineProperty(exports, "authError", { enumerable: true, get: function () { return utils_1.authError; } });
-Object.defineProperty(exports, "ssoCallbackUrl", { enumerable: true, get: function () { return utils_1.ssoCallbackUrl; } });
-var authenticated_1 = require("./authenticated");
-Object.defineProperty(exports, "authenticated", { enumerable: true, get: function () { return __importDefault(authenticated_1).default; } });
-var auditLog_1 = require("./auditLog");
-Object.defineProperty(exports, "auditLog", { enumerable: true, get: function () { return __importDefault(auditLog_1).default; } });
-var tenancy_1 = require("./tenancy");
-Object.defineProperty(exports, "tenancy", { enumerable: true, get: function () { return __importDefault(tenancy_1).default; } });
-var internalApi_1 = require("./internalApi");
-Object.defineProperty(exports, "internalApi", { enumerable: true, get: function () { return __importDefault(internalApi_1).default; } });
-var csrf_1 = require("./csrf");
-Object.defineProperty(exports, "csrf", { enumerable: true, get: function () { return __importDefault(csrf_1).default; } });
-var adminOnly_1 = require("./adminOnly");
-Object.defineProperty(exports, "adminOnly", { enumerable: true, get: function () { return __importDefault(adminOnly_1).default; } });
-var builderOrAdmin_1 = require("./builderOrAdmin");
-Object.defineProperty(exports, "builderOrAdmin", { enumerable: true, get: function () { return __importDefault(builderOrAdmin_1).default; } });
-var builderOnly_1 = require("./builderOnly");
-Object.defineProperty(exports, "builderOnly", { enumerable: true, get: function () { return __importDefault(builderOnly_1).default; } });
-var middleware_1 = require("../logging/pino/middleware");
-Object.defineProperty(exports, "pino", { enumerable: true, get: function () { return __importDefault(middleware_1).default; } });
-var middleware_2 = require("../logging/correlation/middleware");
-Object.defineProperty(exports, "correlation", { enumerable: true, get: function () { return __importDefault(middleware_2).default; } });
-var errorHandling_1 = require("./errorHandling");
-Object.defineProperty(exports, "errorHandling", { enumerable: true, get: function () { return __importDefault(errorHandling_1).default; } });
-var querystringToBody_1 = require("./querystringToBody");
-Object.defineProperty(exports, "querystringToBody", { enumerable: true, get: function () { return __importDefault(querystringToBody_1).default; } });
-exports.joiValidator = __importStar(require("./joi-validator"));
-//# sourceMappingURL=index.js.map

package/dist/src/middleware/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/middleware/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0DAAyC;AACzC,gEAA+C;AAC/C,4DAA2C;AAC3C,+EAAgE;AACnD,QAAA,UAAU,GAAG;IACxB,MAAM,EAAE,gBAAgB;CACzB,CAAA;AACD,0CAA4D;AAAnD,kGAAA,SAAS,OAAA;AAAE,uGAAA,cAAc,OAAA;AAClC,iDAA0D;AAAjD,+HAAA,OAAO,OAAiB;AACjC,uCAAgD;AAAvC,qHAAA,OAAO,OAAY;AAC5B,qCAA8C;AAArC,mHAAA,OAAO,OAAW;AAC3B,6CAAsD;AAA7C,2HAAA,OAAO,OAAe;AAC/B,+BAAwC;AAA/B,6GAAA,OAAO,OAAQ;AACxB,yCAAkD;AAAzC,uHAAA,OAAO,OAAa;AAC7B,mDAA4D;AAAnD,iIAAA,OAAO,OAAkB;AAClC,6CAAsD;AAA7C,2HAAA,OAAO,OAAe;AAC/B,yDAA4D;AAAnD,mHAAA,OAAO,OAAQ;AACxB,gEAA0E;AAAjE,0HAAA,OAAO,OAAe;AAC/B,iDAA0D;AAAjD,+HAAA,OAAO,OAAiB;AACjC,yDAAkE;AAAzD,uIAAA,OAAO,OAAqB;AACrC,gEAA+C"}

package/dist/src/middleware/internalApi.js

@@ -1,30 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const constants_1 = require("../constants");
-const utils_1 = require("../utils");
-/**
- * API Key only endpoint.
- */
-exports.default = (ctx, next) => __awaiter(void 0, void 0, void 0, function* () {
-    const apiKey = ctx.request.headers[constants_1.Header.API_KEY];
-    if (!apiKey) {
-        ctx.throw(403, "Unauthorized");
-    }
-    if (Array.isArray(apiKey)) {
-        ctx.throw(403, "Unauthorized");
-    }
-    if (!(0, utils_1.isValidInternalAPIKey)(apiKey)) {
-        ctx.throw(403, "Unauthorized");
-    }
-    return next();
-});
-//# sourceMappingURL=internalApi.js.map

package/dist/src/middleware/internalApi.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"internalApi.js","sourceRoot":"","sources":["../../../src/middleware/internalApi.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,4CAAqC;AAErC,oCAAgD;AAEhD;;GAEG;AACH,kBAAe,CAAO,GAAc,EAAE,IAAS,EAAE,EAAE;IACjD,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAM,CAAC,OAAO,CAAC,CAAA;IAClD,IAAI,CAAC,MAAM,EAAE;QACX,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;KAC/B;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;QACzB,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;KAC/B;IAED,IAAI,CAAC,IAAA,6BAAqB,EAAC,MAAM,CAAC,EAAE;QAClC,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,cAAc,CAAC,CAAA;KAC/B;IAED,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA,CAAA"}