npm - @commercetools/connect-payments-sdk - Versions diffs - 0.0.5 → 0.0.6 - Mend

@commercetools/connect-payments-sdk 0.0.5 → 0.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/CHANGELOG.md +6 -0
package/dist/api/hooks/authorize.hook.d.ts +12 -0
package/dist/api/hooks/authorize.hook.js +22 -0
package/dist/api/index.d.ts +1 -0
package/dist/api/index.js +1 -0
package/dist/security/authz/authorization-manager.d.ts +6 -0
package/dist/security/authz/authorization-manager.js +29 -0
package/dist/security/authz/types/authz.type.d.ts +11 -0
package/dist/security/authz/types/authz.type.js +2 -0
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,11 @@
 # @commercetools/connect-payments-sdk
+## 0.0.6
+### Patch Changes
+- 11ae367: Export authorization hook AuthorityAuthorizationHook in the root path
 ## 0.0.5
 ### Patch Changes

package/dist/api/hooks/authorize.hook.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { AuthorityAuthorizationManager } from '../../security/authz/authorization-manager';
+import { ContextProvider, RequestContextData } from '../context/types/request-context.type';
+import { AuthorizationHook } from './types/hook.type';
+export declare class AuthorityAuthorizationHook implements AuthorizationHook {
+    private authorizationManager;
+    private contextProvider;
+    constructor(opts: {
+        authorizationManager: AuthorityAuthorizationManager;
+        contextProvider: ContextProvider<RequestContextData>;
+    });
+    authorize(...authorities: string[]): () => Promise<void>;
+}

package/dist/api/hooks/authorize.hook.js ADDED Viewed

@@ -0,0 +1,22 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthorityAuthorizationHook = void 0;
+const errorx_1 = require("../../errorx");
+class AuthorityAuthorizationHook {
+    authorizationManager;
+    contextProvider;
+    constructor(opts) {
+        this.authorizationManager = opts.authorizationManager;
+        this.contextProvider = opts.contextProvider;
+    }
+    authorize(...authorities) {
+        return async () => {
+            const authn = this.contextProvider.getContextData().authentication;
+            if (!authn) {
+                throw new errorx_1.ErrorAuthErrorResponse('Authentication is required.');
+            }
+            this.authorizationManager.verify(authn, authorities);
+        };
+    }
+}
+exports.AuthorityAuthorizationHook = AuthorityAuthorizationHook;

package/dist/api/index.d.ts CHANGED Viewed

@@ -6,3 +6,4 @@ export * from './hooks/jwt-auth.hook';
 export * from './hooks/oauth2-auth.hook';
 export * from './hooks/session-auth.hook';
 export * from './hooks/types/hook.type';
+export * from './hooks/authorize.hook';

package/dist/api/index.js CHANGED Viewed

@@ -22,3 +22,4 @@ __exportStar(require("./hooks/jwt-auth.hook"), exports);
 __exportStar(require("./hooks/oauth2-auth.hook"), exports);
 __exportStar(require("./hooks/session-auth.hook"), exports);
 __exportStar(require("./hooks/types/hook.type"), exports);
+__exportStar(require("./hooks/authorize.hook"), exports);

package/dist/security/authz/authorization-manager.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { Authentication } from '../authn/types/authn.type';
+import { AuthorizationManager } from './types/authz.type';
+export declare class AuthorityAuthorizationManager implements AuthorizationManager<string[]> {
+    verify(authentication: Authentication, authorities: string[]): void;
+    check(authentication: Authentication, authorities: string[]): boolean;
+}

package/dist/security/authz/authorization-manager.js ADDED Viewed

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthorityAuthorizationManager = void 0;
+const errorx_1 = require("../../errorx");
+class AuthorityAuthorizationManager {
+    verify(authentication, authorities) {
+        const isAuthorized = this.check(authentication, authorities);
+        if (!isAuthorized) {
+            throw new errorx_1.ErrorAuthErrorResponse('Not authorized', {
+                skipLog: true,
+                fields: {
+                    validAuthorities: authorities,
+                },
+                privateFields: {
+                    grantedAuthorities: authentication.getAuthorities(),
+                    requiredAuthorities: authorities,
+                },
+            });
+        }
+    }
+    check(authentication, authorities) {
+        const grantedAuthorities = authentication.getAuthorities();
+        const hasGrantedAuthorities = authorities.some((authority) => {
+            return grantedAuthorities.find((grantedAuthority) => grantedAuthority === authority);
+        });
+        return hasGrantedAuthorities;
+    }
+}
+exports.AuthorityAuthorizationManager = AuthorityAuthorizationManager;

package/dist/security/authz/types/authz.type.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { Authentication } from '../../authn/types/authn.type';
+export interface AuthorizationManager<T> {
+    /**
+     * Determines if access should be granted for a specific authentication and object.
+     */
+    verify(authentication: Authentication, object: T): void;
+    /**
+     * Determines if access is granted for a specific object.
+     */
+    check(authentication: Authentication, object: T): boolean;
+}

package/dist/security/authz/types/authz.type.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@commercetools/connect-payments-sdk",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "description": "Payment SDK for commercetools payment connectors",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",