@de-otio/trellis 0.10.2 → 0.10.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lambda/pre-token-generation.js +20 -14
- package/dist/lambda/pre-token-generation.js.map +1 -1
- package/dist/lib/routes/deletion.d.ts.map +1 -1
- package/dist/lib/routes/deletion.js +8 -1
- package/dist/lib/routes/deletion.js.map +1 -1
- package/package.json +1 -1
- package/src/lambda/pre-token-generation.ts +20 -14
|
@@ -157,7 +157,7 @@ export const handler = async (event) => {
|
|
|
157
157
|
if (!loaded.user) {
|
|
158
158
|
logger.warn("pretoken.drift", { cognitoSub });
|
|
159
159
|
claims = { ...DRIFT_CLAIMS };
|
|
160
|
-
|
|
160
|
+
writeTokenClaims(event, claims);
|
|
161
161
|
return event;
|
|
162
162
|
}
|
|
163
163
|
// `suspended` is the authoritative flag set by user-deprovisioning + admin
|
|
@@ -167,7 +167,7 @@ export const handler = async (event) => {
|
|
|
167
167
|
if (loaded.user.suspended || loaded.user.suspendedAt !== null) {
|
|
168
168
|
logger.warn("pretoken.suspended", { cognitoSub });
|
|
169
169
|
claims = { ...DRIFT_CLAIMS };
|
|
170
|
-
|
|
170
|
+
writeTokenClaims(event, claims);
|
|
171
171
|
return event;
|
|
172
172
|
}
|
|
173
173
|
claims = {
|
|
@@ -223,22 +223,28 @@ export const handler = async (event) => {
|
|
|
223
223
|
if (!cacheHit && claims.userId) {
|
|
224
224
|
await claimsCache.put(cognitoSub, claims, DEFAULT_CACHE_TTL_SECONDS);
|
|
225
225
|
}
|
|
226
|
-
|
|
226
|
+
writeTokenClaims(event, claims);
|
|
227
227
|
return event;
|
|
228
228
|
};
|
|
229
|
-
function
|
|
229
|
+
function writeTokenClaims(event, claims) {
|
|
230
|
+
// Inject the tenant/identity claims into BOTH the ID and access tokens.
|
|
231
|
+
// The API authenticates requests with the ID token (`Authorization: Bearer
|
|
232
|
+
// <idToken>`), and `authMiddleware` reads `custom:activeTenantId` from it, so
|
|
233
|
+
// the claims MUST be in the ID token — writing only `accessTokenGeneration`
|
|
234
|
+
// left the ID token without them and 401'd every tenant-scoped request. The
|
|
235
|
+
// access-token copy is kept for API-authorization clients that use it.
|
|
236
|
+
const claimsToAddOrOverride = {
|
|
237
|
+
"custom:userId": claims.userId,
|
|
238
|
+
"custom:globalRole": claims.globalRole,
|
|
239
|
+
"custom:activeTenantId": claims.activeTenantId,
|
|
240
|
+
"custom:tenantSlug": claims.tenantSlug,
|
|
241
|
+
"custom:tenantRole": claims.tenantRole,
|
|
242
|
+
"custom:handle": claims.handle,
|
|
243
|
+
};
|
|
230
244
|
event.response = {
|
|
231
245
|
claimsAndScopeOverrideDetails: {
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
"custom:userId": claims.userId,
|
|
235
|
-
"custom:globalRole": claims.globalRole,
|
|
236
|
-
"custom:activeTenantId": claims.activeTenantId,
|
|
237
|
-
"custom:tenantSlug": claims.tenantSlug,
|
|
238
|
-
"custom:tenantRole": claims.tenantRole,
|
|
239
|
-
"custom:handle": claims.handle,
|
|
240
|
-
},
|
|
241
|
-
},
|
|
246
|
+
idTokenGeneration: { claimsToAddOrOverride },
|
|
247
|
+
accessTokenGeneration: { claimsToAddOrOverride },
|
|
242
248
|
},
|
|
243
249
|
};
|
|
244
250
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pre-token-generation.js","sourceRoot":"","sources":["../../src/lambda/pre-token-generation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAMH,OAAO,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAEvD,OAAO,EAAE,eAAe,IAAI,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAEL,wBAAwB,EACxB,yBAAyB,GAE1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,iBAAiB,EAAyB,MAAM,+BAA+B,CAAC;AAEzF,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC,CAAC;AACnE,IAAI,KAAK,GAAuB,IAAI,CAAC;AAErC,SAAS,QAAQ;IACf,IAAI,CAAC,KAAK;QAAE,KAAK,GAAG,wBAAwB,EAAE,CAAC;IAC/C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,YAAY,GAAiB;IACjC,MAAM,EAAE,EAAE;IACV,UAAU,EAAE,EAAE;IACd,cAAc,EAAE,EAAE;IAClB,UAAU,EAAE,EAAE;IACd,UAAU,EAAE,EAAE;IACd,MAAM,EAAE,EAAE;CACX,CAAC;AAEF,SAAS,cAAc,CAAC,GAA8B;IACpD,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,OAAO,GAAG;SACP,KAAK,CAAC,OAAO,CAAC;SACd,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAuC;IAC/D,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,CAAC,aAAa;QAAE,OAAO,KAAK,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QACzC,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAiBD,KAAK,UAAU,WAAW,CACxB,EAAgB,EAChB,UAAkB,EAClB,eAAwB,EACxB,iBAAgC;IAEhC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;QACpC,KAAK,EAAE,EAAE,UAAU,EAAE;QACrB,MAAM,EAAE;YACN,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,IAAI;YACf,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,IAAI;SACvB;KACF,CAAC,CAAC;IACH,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;IAEzD,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;QACjD,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;QAC5C,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE;KACpF,CAAC,CAAC;IAEH,wEAAwE;IACxE,0DAA0D;IAC1D,IAAI,MAAM,GAAG,iBAAiB;QAC5B,CAAC,CAAC,WAAW,CAAC,IAAI,CACd,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,iBAAiB,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CACzE;QACH,CAAC,CAAC,SAAS,CAAC;IACd,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,EAAE,CACJ,eAAe,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CACtF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,gBAAgB,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAC7E,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;IACjE,CAAC;IAED,OAAO;QACL,IAAI,EAAE;YACJ,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B;QACD,gBAAgB,EAAE,MAAM;YACtB,CAAC,CAAC;gBACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;aACnE;YACH,CAAC,CAAC,IAAI;KACT,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,yBAAyB,CACtC,EAAgB,EAChB,QAAgB,EAChB,SAAmB,EACnB,WAAmB;IAEnB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,QAAQ,CAAC;QACnD,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,MAAM,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE;KACjE,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;QACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,MAAM,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;KAC5C,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEjD,MAAM,QAAQ,GAAG,iBAAiB,CAChC,SAAS,EACT,QAA8B,EAC9B,GAAG,CAAC,WAAW,CAChB,CAAC;IACF,IAAI,CAAC,QAAQ,IAAI,QAAQ,KAAK,WAAW;QAAE,OAAO,IAAI,CAAC;IACvD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAuC,KAAK,EAAE,KAAK,EAAE,EAAE;IACzE,4EAA4E;IAC5E,8EAA8E;IAC9E,uEAAuE;IACvE,8EAA8E;IAC9E,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC;IACpD,MAAM,WAAW,GAAG,QAAQ,EAAE,CAAC;IAC/B,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAEnF,qEAAqE;IACrE,4EAA4E;IAC5E,4EAA4E;IAC5E,8EAA8E;IAC9E,wEAAwE;IACxE,2EAA2E;IAC3E,IAAI,MAAM,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC/C,IAAI,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC;IAExB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;QAC7B,wEAAwE;QACxE,qEAAqE;QACrE,IAAI,iBAAiB,GAAkB,IAAI,CAAC;QAC5C,IAAI,CAAC;YACH,iBAAiB,GAAG,MAAM,WAAW,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;QAC9E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE;gBAC/C,UAAU;gBACV,KAAK,EAAG,GAAyB,EAAE,IAAI,IAAI,SAAS;aACrD,CAAC,CAAC;QACL,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAE/E,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YAC9C,MAAM,GAAG,EAAE,GAAG,YAAY,EAAE,CAAC;YAC7B,
|
|
1
|
+
{"version":3,"file":"pre-token-generation.js","sourceRoot":"","sources":["../../src/lambda/pre-token-generation.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAMH,OAAO,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAEvD,OAAO,EAAE,eAAe,IAAI,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAEL,wBAAwB,EACxB,yBAAyB,GAE1B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,iBAAiB,EAAyB,MAAM,+BAA+B,CAAC;AAEzF,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE,CAAC,CAAC;AACnE,IAAI,KAAK,GAAuB,IAAI,CAAC;AAErC,SAAS,QAAQ;IACf,IAAI,CAAC,KAAK;QAAE,KAAK,GAAG,wBAAwB,EAAE,CAAC;IAC/C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,YAAY,GAAiB;IACjC,MAAM,EAAE,EAAE;IACV,UAAU,EAAE,EAAE;IACd,cAAc,EAAE,EAAE;IAClB,UAAU,EAAE,EAAE;IACd,UAAU,EAAE,EAAE;IACd,MAAM,EAAE,EAAE;CACX,CAAC;AAEF,SAAS,cAAc,CAAC,GAA8B;IACpD,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,OAAO,GAAG;SACP,KAAK,CAAC,OAAO,CAAC;SACd,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAuC;IAC/D,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;IACjE,IAAI,CAAC,aAAa;QAAE,OAAO,KAAK,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QACzC,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAiBD,KAAK,UAAU,WAAW,CACxB,EAAgB,EAChB,UAAkB,EAClB,eAAwB,EACxB,iBAAgC;IAEhC,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;QACpC,KAAK,EAAE,EAAE,UAAU,EAAE;QACrB,MAAM,EAAE;YACN,EAAE,EAAE,IAAI;YACR,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,IAAI;YACf,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,IAAI;SACvB;KACF,CAAC,CAAC;IACH,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;IAEzD,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC;QACjD,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE;QAC5C,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE;KACpF,CAAC,CAAC;IAEH,wEAAwE;IACxE,0DAA0D;IAC1D,IAAI,MAAM,GAAG,iBAAiB;QAC5B,CAAC,CAAC,WAAW,CAAC,IAAI,CACd,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,iBAAiB,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CACzE;QACH,CAAC,CAAC,SAAS,CAAC;IACd,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,EAAE,CACJ,eAAe,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,cAAc,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CACtF,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,KAAK,IAAI,CAAC,gBAAgB,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAC7E,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC;IACjE,CAAC;IAED,OAAO;QACL,IAAI,EAAE;YACJ,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B;QACD,gBAAgB,EAAE,MAAM;YACtB,CAAC,CAAC;gBACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;aACnE;YACH,CAAC,CAAC,IAAI;KACT,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,yBAAyB,CACtC,EAAgB,EAChB,QAAgB,EAChB,SAAmB,EACnB,WAAmB;IAEnB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,iBAAiB,CAAC,QAAQ,CAAC;QACnD,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,MAAM,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE;KACjE,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,sBAAsB,CAAC,UAAU,CAAC;QACrD,KAAK,EAAE,EAAE,QAAQ,EAAE;QACnB,MAAM,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;KAC5C,CAAC,CAAC;IACH,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEjD,MAAM,QAAQ,GAAG,iBAAiB,CAChC,SAAS,EACT,QAA8B,EAC9B,GAAG,CAAC,WAAW,CAChB,CAAC;IACF,IAAI,CAAC,QAAQ,IAAI,QAAQ,KAAK,WAAW;QAAE,OAAO,IAAI,CAAC;IACvD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,MAAM,OAAO,GAAuC,KAAK,EAAE,KAAK,EAAE,EAAE;IACzE,4EAA4E;IAC5E,8EAA8E;IAC9E,uEAAuE;IACvE,8EAA8E;IAC9E,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC;IACpD,MAAM,WAAW,GAAG,QAAQ,EAAE,CAAC;IAC/B,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAEnF,qEAAqE;IACrE,4EAA4E;IAC5E,4EAA4E;IAC5E,8EAA8E;IAC9E,wEAAwE;IACxE,2EAA2E;IAC3E,IAAI,MAAM,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC/C,IAAI,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC;IAExB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;QAC7B,wEAAwE;QACxE,qEAAqE;QACrE,IAAI,iBAAiB,GAAkB,IAAI,CAAC;QAC5C,IAAI,CAAC;YACH,iBAAiB,GAAG,MAAM,WAAW,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;QAC9E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE;gBAC/C,UAAU;gBACV,KAAK,EAAG,GAAyB,EAAE,IAAI,IAAI,SAAS;aACrD,CAAC,CAAC;QACL,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAE/E,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YAC9C,MAAM,GAAG,EAAE,GAAG,YAAY,EAAE,CAAC;YAC7B,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAChC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,2EAA2E;QAC3E,yEAAyE;QACzE,4EAA4E;QAC5E,wEAAwE;QACxE,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,KAAK,IAAI,EAAE,CAAC;YAC9D,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YAClD,MAAM,GAAG,EAAE,GAAG,YAAY,EAAE,CAAC;YAC7B,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;YAChC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,GAAG;YACP,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE;YACtB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI;YAC5B,cAAc,EAAE,MAAM,CAAC,gBAAgB,EAAE,QAAQ,IAAI,EAAE;YACvD,UAAU,EAAE,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,IAAI,EAAE;YACtD,UAAU,EAAE,MAAM,CAAC,gBAAgB,EAAE,IAAI,IAAI,EAAE;YAC/C,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE;SACjC,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,IAAI,MAAM,CAAC,cAAc,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,MAAM,SAAS,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,MAAM,yBAAyB,CAC/C,EAAE,EACF,MAAM,CAAC,cAAc,EACrB,SAAS,EACT,MAAM,CAAC,UAAU,CAClB,CAAC;YACF,IAAI,SAAS,EAAE,CAAC;gBACd,qEAAqE;gBACrE,sEAAsE;gBACtE,wEAAwE;gBACxE,IAAI,SAAS,GAAG,KAAK,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC;wBAC3B,KAAK,EAAE;4BACL,eAAe,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE;yBAC5E;wBACD,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;qBAC1B,CAAC,CAAC;oBACH,SAAS,GAAG,IAAI,CAAC;gBACnB,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE;wBAClD,UAAU;wBACV,KAAK,EAAG,GAAyB,EAAE,IAAI,IAAI,SAAS;qBACrD,CAAC,CAAC;gBACL,CAAC;gBACD,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,GAAG,EAAE,GAAG,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;oBAC9C,QAAQ,GAAG,KAAK,CAAC;oBACjB,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;wBACrC,UAAU;wBACV,QAAQ,EAAE,MAAM,CAAC,cAAc;qBAChC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;gBAC1C,UAAU;gBACV,KAAK,EAAG,GAAyB,CAAC,IAAI,IAAI,SAAS;aACpD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAC/B,MAAM,WAAW,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,yBAAyB,CAAC,CAAC;IACvE,CAAC;IAED,gBAAgB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAChC,OAAO,KAAK,CAAC;AACf,CAAC,CAAC;AAEF,SAAS,gBAAgB,CACvB,KAAuC,EACvC,MAAoB;IAEpB,wEAAwE;IACxE,2EAA2E;IAC3E,8EAA8E;IAC9E,4EAA4E;IAC5E,4EAA4E;IAC5E,uEAAuE;IACvE,MAAM,qBAAqB,GAAG;QAC5B,eAAe,EAAE,MAAM,CAAC,MAAM;QAC9B,mBAAmB,EAAE,MAAM,CAAC,UAAU;QACtC,uBAAuB,EAAE,MAAM,CAAC,cAAc;QAC9C,mBAAmB,EAAE,MAAM,CAAC,UAAU;QACtC,mBAAmB,EAAE,MAAM,CAAC,UAAU;QACtC,eAAe,EAAE,MAAM,CAAC,MAAM;KAC/B,CAAC;IACF,KAAK,CAAC,QAAQ,GAAG;QACf,6BAA6B,EAAE;YAC7B,iBAAiB,EAAE,EAAE,qBAAqB,EAAE;YAC5C,qBAAqB,EAAE,EAAE,qBAAqB,EAAE;SACjD;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deletion.d.ts","sourceRoot":"","sources":["../../../src/lib/routes/deletion.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAExC,eAAO,MAAM,cAAc,EAAE,KAAK,
|
|
1
|
+
{"version":3,"file":"deletion.d.ts","sourceRoot":"","sources":["../../../src/lib/routes/deletion.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,YAAY,CAAC;AAExC,eAAO,MAAM,cAAc,EAAE,KAAK,EA0PjC,CAAC"}
|
|
@@ -106,7 +106,14 @@ export const deletionRoutes = [
|
|
|
106
106
|
}
|
|
107
107
|
catch (error) {
|
|
108
108
|
const msg = error.message || "Failed to cancel deletion";
|
|
109
|
-
|
|
109
|
+
// Client-state conditions cancelDeletion can throw ("No deletion
|
|
110
|
+
// request found to cancel", "Grace period has expired...") are 4xx,
|
|
111
|
+
// not server errors. Without these, cancelling with nothing pending
|
|
112
|
+
// returns 500 (the "not found" check misses "...request found to...").
|
|
113
|
+
const isExpected = msg.includes("not found") ||
|
|
114
|
+
msg.includes("No deletion request") ||
|
|
115
|
+
msg.includes("Grace period") ||
|
|
116
|
+
msg.includes("rate limit");
|
|
110
117
|
if (!isExpected) {
|
|
111
118
|
logger.error("Error cancelling account deletion:", error);
|
|
112
119
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deletion.js","sourceRoot":"","sources":["../../../src/lib/routes/deletion.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,+BAA+B,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,sCAAsC,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7C,MAAM,CAAC,MAAM,cAAc,GAAY;IACrC;QACE,IAAI,EAAE,0BAA0B;QAChC,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;YACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,MAAM,iBAAiB,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAC1D,GAAU,EACV,OAAO,EACP,0BAA0B,EAC1B,CAAC,EACD,IAAI,EACJ,SAAS,EACT,SAAS,EACT,OAAO,CAAC,MAAM,CACf,CAAC;YACF,IAAI,iBAAiB,EAAE,CAAC;gBACtB,OAAO,eAAe,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,eAAe,CAClD,OAAO,EACP,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;oBAClC,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,IAAI,SAAS,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;gBAC5D,MAAM,UAAU,GACd,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBACrF,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;gBAC5D,CAAC;gBACD,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,EAC9B;oBACE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;oBAC9B,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,EAAE,cAAc,EAAE,CAAC;QAChD,WAAW,EAAE,0BAA0B;KACxC;IAED;QACE,IAAI,EAAE,kCAAkC;QACxC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,eAAe,CACtC,OAAO,EACP,+BAA+B,CAChC,CAAC;gBACF,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;oBACxB,OAAO,eAAe,CAAC,kBAAkB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAC9D,CAAC;gBACD,MAAM,EAAE,gBAAgB,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC;gBAE7C,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,eAAe,CAClD,OAAO,CAAC,MAAM,EACd,gBAAgB,EAChB,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;gBAC1D,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC;oBACb,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,4BAA4B;iBACrD,CAAC,EACF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,EAAE,cAAc,EAAE,CAAC;QAChD,WAAW,EAAE,0BAA0B;KACxC;IAED;QACE,IAAI,EAAE,iCAAiC;QACvC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,cAAc,CACjD,OAAO,EACP,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,IAAI,2BAA2B,CAAC;gBACzD,MAAM,UAAU,GACd,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"deletion.js","sourceRoot":"","sources":["../../../src/lib/routes/deletion.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,+BAA+B,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,sCAAsC,CAAC;AACnF,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7C,MAAM,CAAC,MAAM,cAAc,GAAY;IACrC;QACE,IAAI,EAAE,0BAA0B;QAChC,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;YACtC,MAAM,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,MAAM,iBAAiB,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAC1D,GAAU,EACV,OAAO,EACP,0BAA0B,EAC1B,CAAC,EACD,IAAI,EACJ,SAAS,EACT,SAAS,EACT,OAAO,CAAC,MAAM,CACf,CAAC;YACF,IAAI,iBAAiB,EAAE,CAAC;gBACtB,OAAO,eAAe,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,CAAC;YAC/D,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,eAAe,CAClD,OAAO,EACP,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;oBAClC,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,IAAI,SAAS,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;gBAC5D,MAAM,UAAU,GACd,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBACrF,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;gBAC5D,CAAC;gBACD,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,EAC9B;oBACE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;oBAC9B,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,EAAE,cAAc,EAAE,CAAC;QAChD,WAAW,EAAE,0BAA0B;KACxC;IAED;QACE,IAAI,EAAE,kCAAkC;QACxC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,eAAe,CACtC,OAAO,EACP,+BAA+B,CAChC,CAAC;gBACF,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;oBACxB,OAAO,eAAe,CAAC,kBAAkB,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;gBAC9D,CAAC;gBACD,MAAM,EAAE,gBAAgB,EAAE,GAAG,UAAU,CAAC,IAAI,CAAC;gBAE7C,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,eAAe,CAClD,OAAO,CAAC,MAAM,EACd,gBAAgB,EAChB,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;gBAC1D,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC;oBACb,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,4BAA4B;iBACrD,CAAC,EACF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,EAAE,cAAc,EAAE,CAAC;QAChD,WAAW,EAAE,0BAA0B;KACxC;IAED;QACE,IAAI,EAAE,iCAAiC;QACvC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,IAAI,2BAA2B,EAAE,CAAC;gBAC1D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,cAAc,CACjD,OAAO,EACP,GAAU,CACX,CAAC;gBACF,OAAO,eAAe,CAAC,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE;oBAClE,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,IAAI,2BAA2B,CAAC;gBACzD,iEAAiE;gBACjE,oEAAoE;gBACpE,oEAAoE;gBACpE,uEAAuE;gBACvE,MAAM,UAAU,GACd,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC;oBACzB,GAAG,CAAC,QAAQ,CAAC,qBAAqB,CAAC;oBACnC,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC;oBAC5B,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAC7B,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;gBAC5D,CAAC;gBACD,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,EAC9B;oBACE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;oBAC9B,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;iBAChD,CACF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,EAAE,cAAc,EAAE,CAAC;QAChD,WAAW,EAAE,yBAAyB;KACvC;IAED;QACE,IAAI,EAAE,iCAAiC;QACvC,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE;YAC9B,MAAM,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;YAC5C,MAAM,eAAe,GAAG,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,UAAU,CAC7C,OAAO,EACP,GAAG,CAAC,cAAc,EAClB,GAAG,CACJ,CAAC;YAEF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,EACzC,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,EAAE,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;gBACrD,MAAM,EAAE,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;gBAC7B,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;oBACpC,KAAK,EAAE,EAAE,EAAE,EAAE,OAAO,CAAC,MAAM,EAAE;oBAC7B,MAAM,EAAE;wBACN,mBAAmB,EAAE,IAAI;wBACzB,mBAAmB,EAAE,IAAI;wBACzB,mBAAmB,EAAE,IAAI;wBACzB,SAAS,EAAE,IAAI;qBAChB;iBACF,CAAC,CAAC;gBAEH,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBACvC,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC,EACxE,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;gBACJ,CAAC;gBAED,IAAI,MAAc,CAAC;gBACnB,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBAC7B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,MAAM,GAAG,IAAI,CAAC,mBAAmB,IAAI,GAAG,IAAI,IAAI,CAAC,mBAAmB;wBAClE,CAAC,CAAC,YAAY;wBACd,CAAC,CAAC,WAAW,CAAC;gBAClB,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,sBAAsB,CAAC;gBAClC,CAAC;gBAED,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC;oBACb,MAAM;oBACN,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE;oBACnD,WAAW,EAAE,IAAI,CAAC,mBAAmB,EAAE,WAAW,EAAE;oBACpD,WAAW,EAAE,IAAI,CAAC,mBAAmB,EAAE,WAAW,EAAE;iBACrD,CAAC,EACF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;gBACtD,OAAO,eAAe,CAAC,oBAAoB,CACzC,IAAI,CAAC,SAAS,CAAC;oBACb,KAAK,EAAE,KAAK,CAAC,OAAO,IAAI,+BAA+B;iBACxD,CAAC,EACF,EAAE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,EAAE,CACjE,CAAC;YACJ,CAAC;QACH,CAAC;QACD,UAAU,EAAE,CAAC,cAAc,EAAE,CAAC;QAC9B,WAAW,EAAE,qBAAqB;KACnC;CACF,CAAC"}
|
package/package.json
CHANGED
|
@@ -211,7 +211,7 @@ export const handler: PreTokenGenerationV2TriggerHandler = async (event) => {
|
|
|
211
211
|
if (!loaded.user) {
|
|
212
212
|
logger.warn("pretoken.drift", { cognitoSub });
|
|
213
213
|
claims = { ...DRIFT_CLAIMS };
|
|
214
|
-
|
|
214
|
+
writeTokenClaims(event, claims);
|
|
215
215
|
return event;
|
|
216
216
|
}
|
|
217
217
|
|
|
@@ -222,7 +222,7 @@ export const handler: PreTokenGenerationV2TriggerHandler = async (event) => {
|
|
|
222
222
|
if (loaded.user.suspended || loaded.user.suspendedAt !== null) {
|
|
223
223
|
logger.warn("pretoken.suspended", { cognitoSub });
|
|
224
224
|
claims = { ...DRIFT_CLAIMS };
|
|
225
|
-
|
|
225
|
+
writeTokenClaims(event, claims);
|
|
226
226
|
return event;
|
|
227
227
|
}
|
|
228
228
|
|
|
@@ -285,26 +285,32 @@ export const handler: PreTokenGenerationV2TriggerHandler = async (event) => {
|
|
|
285
285
|
await claimsCache.put(cognitoSub, claims, DEFAULT_CACHE_TTL_SECONDS);
|
|
286
286
|
}
|
|
287
287
|
|
|
288
|
-
|
|
288
|
+
writeTokenClaims(event, claims);
|
|
289
289
|
return event;
|
|
290
290
|
};
|
|
291
291
|
|
|
292
|
-
function
|
|
292
|
+
function writeTokenClaims(
|
|
293
293
|
event: PreTokenGenerationV2TriggerEvent,
|
|
294
294
|
claims: CachedClaims,
|
|
295
295
|
): void {
|
|
296
|
+
// Inject the tenant/identity claims into BOTH the ID and access tokens.
|
|
297
|
+
// The API authenticates requests with the ID token (`Authorization: Bearer
|
|
298
|
+
// <idToken>`), and `authMiddleware` reads `custom:activeTenantId` from it, so
|
|
299
|
+
// the claims MUST be in the ID token — writing only `accessTokenGeneration`
|
|
300
|
+
// left the ID token without them and 401'd every tenant-scoped request. The
|
|
301
|
+
// access-token copy is kept for API-authorization clients that use it.
|
|
302
|
+
const claimsToAddOrOverride = {
|
|
303
|
+
"custom:userId": claims.userId,
|
|
304
|
+
"custom:globalRole": claims.globalRole,
|
|
305
|
+
"custom:activeTenantId": claims.activeTenantId,
|
|
306
|
+
"custom:tenantSlug": claims.tenantSlug,
|
|
307
|
+
"custom:tenantRole": claims.tenantRole,
|
|
308
|
+
"custom:handle": claims.handle,
|
|
309
|
+
};
|
|
296
310
|
event.response = {
|
|
297
311
|
claimsAndScopeOverrideDetails: {
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
"custom:userId": claims.userId,
|
|
301
|
-
"custom:globalRole": claims.globalRole,
|
|
302
|
-
"custom:activeTenantId": claims.activeTenantId,
|
|
303
|
-
"custom:tenantSlug": claims.tenantSlug,
|
|
304
|
-
"custom:tenantRole": claims.tenantRole,
|
|
305
|
-
"custom:handle": claims.handle,
|
|
306
|
-
},
|
|
307
|
-
},
|
|
312
|
+
idTokenGeneration: { claimsToAddOrOverride },
|
|
313
|
+
accessTokenGeneration: { claimsToAddOrOverride },
|
|
308
314
|
},
|
|
309
315
|
};
|
|
310
316
|
}
|