@digilogiclabs/platform-core 1.7.0 → 1.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.d.mts +3 -2
- package/dist/auth.d.ts +3 -2
- package/dist/auth.js +119 -0
- package/dist/auth.js.map +1 -1
- package/dist/auth.mjs +113 -0
- package/dist/auth.mjs.map +1 -1
- package/dist/email-templates.d.mts +210 -0
- package/dist/email-templates.d.ts +210 -0
- package/dist/email-templates.js +338 -0
- package/dist/email-templates.js.map +1 -0
- package/dist/email-templates.mjs +297 -0
- package/dist/email-templates.mjs.map +1 -0
- package/dist/{env-DerQ7Da-.d.mts → env-DHPZR3Lv.d.mts} +345 -74
- package/dist/{env-DerQ7Da-.d.ts → env-DHPZR3Lv.d.ts} +345 -74
- package/dist/{index-CepDdu7h.d.mts → index-DzQ0Js5Z.d.mts} +13 -1
- package/dist/{index-CepDdu7h.d.ts → index-DzQ0Js5Z.d.ts} +13 -1
- package/dist/index.d.mts +99 -3
- package/dist/index.d.ts +99 -3
- package/dist/index.js +974 -14
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +960 -14
- package/dist/index.mjs.map +1 -1
- package/dist/migrations/index.d.mts +1 -1
- package/dist/migrations/index.d.ts +1 -1
- package/dist/migrations/index.js +72 -1
- package/dist/migrations/index.js.map +1 -1
- package/dist/migrations/index.mjs +72 -1
- package/dist/migrations/index.mjs.map +1 -1
- package/dist/security-BvLXaQkv.d.mts +88 -0
- package/dist/security-BvLXaQkv.d.ts +88 -0
- package/package.json +6 -1
package/dist/auth.d.mts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { R as RateLimitStore, a as RateLimitRule, b as RateLimitOptions } from './env-
|
|
2
|
-
export {
|
|
1
|
+
import { R as RateLimitStore, a as RateLimitRule, b as RateLimitOptions } from './env-DHPZR3Lv.mjs';
|
|
2
|
+
export { al as AllowlistConfig, A as ApiError, d as ApiErrorCode, f as ApiErrorCodeType, h as ApiPaginatedResponse, Q as ApiSecurityConfig, V as ApiSecurityContext, g as ApiSuccessResponse, aD as AuditRequest, H as AuthCookiesConfig, N as AuthMethod, aL as BetaClientConfig, C as CommonApiErrors, ar as CommonRateLimits, ac as DateRangeInput, a6 as DateRangeSchema, ag as DeploymentStage, aa as EmailInput, $ as EmailSchema, E as EnvValidationConfig, p as EnvValidationResult, ai as FlagDefinition, aj as FlagDefinitions, ah as FlagValue, r as KEYCLOAK_DEFAULT_ROLES, F as KeycloakCallbacksConfig, K as KeycloakConfig, G as KeycloakJwtFields, q as KeycloakTokenSet, ae as LoginInput, a8 as LoginSchema, ay as OpsAuditActor, aA as OpsAuditEvent, aC as OpsAuditLoggerOptions, aB as OpsAuditRecord, az as OpsAuditResource, ab as PaginationInput, a5 as PaginationSchema, a0 as PasswordSchema, a3 as PersonNameSchema, a2 as PhoneSchema, aq as RateLimitCheckResult, P as RateLimitPreset, J as RedirectCallbackConfig, ak as ResolvedFlags, O as RouteAuditConfig, ad as SearchQueryInput, a7 as SearchQuerySchema, U as SecuritySession, af as SignupInput, a9 as SignupSchema, a1 as SlugSchema, aF as StandardAuditActionType, aE as StandardAuditActions, S as StandardRateLimitPresets, T as TokenRefreshResult, _ as WrapperPresets, ao as buildAllowlist, I as buildAuthCookies, Z as buildErrorBody, M as buildKeycloakCallbacks, e as buildPagination, Y as buildRateLimitHeaders, aw as buildRateLimitResponseHeaders, L as buildRedirectCallback, y as buildTokenRefreshParams, n as checkEnvVars, at as checkRateLimit, c as classifyError, aR as clearStoredBetaCode, aJ as createAuditActor, aK as createAuditLogger, aM as createBetaClient, an as createFeatureFlags, as as createMemoryRateLimitStore, a4 as createSafeTextSchema, am as detectStage, aG as extractAuditIp, aI as extractAuditRequestId, aH as extractAuditUserAgent, X as extractClientIp, aN as fetchBetaSettings, l as getBoolEnv, B as getEndSessionEndpoint, o as getEnvSummary, m as getIntEnv, k as getOptionalEnv, au as getRateLimitStatus, j as getRequiredEnv, aQ as getStoredBetaCode, z as getTokenEndpoint, w as hasAllRoles, u as hasAnyRole, t as hasRole, ap as isAllowlisted, i as isApiError, x as isTokenExpired, s as parseKeycloakRoles, D as refreshKeycloakToken, av as resetRateLimitForKey, ax as resolveIdentifier, W as resolveRateLimitIdentifier, aP as storeBetaCode, aO as validateBetaCode, v as validateEnvVars } from './env-DHPZR3Lv.mjs';
|
|
3
|
+
export { c as constantTimeEqual, b as containsHtml, a as containsUrls, e as escapeHtml, g as getCorrelationId, d as sanitizeApiError, s as stripHtml } from './security-BvLXaQkv.mjs';
|
|
3
4
|
import 'zod';
|
|
4
5
|
|
|
5
6
|
/**
|
package/dist/auth.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
|
-
import { R as RateLimitStore, a as RateLimitRule, b as RateLimitOptions } from './env-
|
|
2
|
-
export {
|
|
1
|
+
import { R as RateLimitStore, a as RateLimitRule, b as RateLimitOptions } from './env-DHPZR3Lv.js';
|
|
2
|
+
export { al as AllowlistConfig, A as ApiError, d as ApiErrorCode, f as ApiErrorCodeType, h as ApiPaginatedResponse, Q as ApiSecurityConfig, V as ApiSecurityContext, g as ApiSuccessResponse, aD as AuditRequest, H as AuthCookiesConfig, N as AuthMethod, aL as BetaClientConfig, C as CommonApiErrors, ar as CommonRateLimits, ac as DateRangeInput, a6 as DateRangeSchema, ag as DeploymentStage, aa as EmailInput, $ as EmailSchema, E as EnvValidationConfig, p as EnvValidationResult, ai as FlagDefinition, aj as FlagDefinitions, ah as FlagValue, r as KEYCLOAK_DEFAULT_ROLES, F as KeycloakCallbacksConfig, K as KeycloakConfig, G as KeycloakJwtFields, q as KeycloakTokenSet, ae as LoginInput, a8 as LoginSchema, ay as OpsAuditActor, aA as OpsAuditEvent, aC as OpsAuditLoggerOptions, aB as OpsAuditRecord, az as OpsAuditResource, ab as PaginationInput, a5 as PaginationSchema, a0 as PasswordSchema, a3 as PersonNameSchema, a2 as PhoneSchema, aq as RateLimitCheckResult, P as RateLimitPreset, J as RedirectCallbackConfig, ak as ResolvedFlags, O as RouteAuditConfig, ad as SearchQueryInput, a7 as SearchQuerySchema, U as SecuritySession, af as SignupInput, a9 as SignupSchema, a1 as SlugSchema, aF as StandardAuditActionType, aE as StandardAuditActions, S as StandardRateLimitPresets, T as TokenRefreshResult, _ as WrapperPresets, ao as buildAllowlist, I as buildAuthCookies, Z as buildErrorBody, M as buildKeycloakCallbacks, e as buildPagination, Y as buildRateLimitHeaders, aw as buildRateLimitResponseHeaders, L as buildRedirectCallback, y as buildTokenRefreshParams, n as checkEnvVars, at as checkRateLimit, c as classifyError, aR as clearStoredBetaCode, aJ as createAuditActor, aK as createAuditLogger, aM as createBetaClient, an as createFeatureFlags, as as createMemoryRateLimitStore, a4 as createSafeTextSchema, am as detectStage, aG as extractAuditIp, aI as extractAuditRequestId, aH as extractAuditUserAgent, X as extractClientIp, aN as fetchBetaSettings, l as getBoolEnv, B as getEndSessionEndpoint, o as getEnvSummary, m as getIntEnv, k as getOptionalEnv, au as getRateLimitStatus, j as getRequiredEnv, aQ as getStoredBetaCode, z as getTokenEndpoint, w as hasAllRoles, u as hasAnyRole, t as hasRole, ap as isAllowlisted, i as isApiError, x as isTokenExpired, s as parseKeycloakRoles, D as refreshKeycloakToken, av as resetRateLimitForKey, ax as resolveIdentifier, W as resolveRateLimitIdentifier, aP as storeBetaCode, aO as validateBetaCode, v as validateEnvVars } from './env-DHPZR3Lv.js';
|
|
3
|
+
export { c as constantTimeEqual, b as containsHtml, a as containsUrls, e as escapeHtml, g as getCorrelationId, d as sanitizeApiError, s as stripHtml } from './security-BvLXaQkv.js';
|
|
3
4
|
import 'zod';
|
|
4
5
|
|
|
5
6
|
/**
|
package/dist/auth.js
CHANGED
|
@@ -50,11 +50,13 @@ __export(auth_exports, {
|
|
|
50
50
|
checkEnvVars: () => checkEnvVars,
|
|
51
51
|
checkRateLimit: () => checkRateLimit,
|
|
52
52
|
classifyError: () => classifyError,
|
|
53
|
+
clearStoredBetaCode: () => clearStoredBetaCode,
|
|
53
54
|
constantTimeEqual: () => constantTimeEqual,
|
|
54
55
|
containsHtml: () => containsHtml,
|
|
55
56
|
containsUrls: () => containsUrls,
|
|
56
57
|
createAuditActor: () => createAuditActor,
|
|
57
58
|
createAuditLogger: () => createAuditLogger,
|
|
59
|
+
createBetaClient: () => createBetaClient,
|
|
58
60
|
createFeatureFlags: () => createFeatureFlags,
|
|
59
61
|
createMemoryRateLimitStore: () => createMemoryRateLimitStore,
|
|
60
62
|
createRedisRateLimitStore: () => createRedisRateLimitStore,
|
|
@@ -68,6 +70,7 @@ __export(auth_exports, {
|
|
|
68
70
|
extractAuditUserAgent: () => extractAuditUserAgent,
|
|
69
71
|
extractBearerToken: () => extractBearerToken,
|
|
70
72
|
extractClientIp: () => extractClientIp,
|
|
73
|
+
fetchBetaSettings: () => fetchBetaSettings,
|
|
71
74
|
getBoolEnv: () => getBoolEnv,
|
|
72
75
|
getCorrelationId: () => getCorrelationId,
|
|
73
76
|
getEndSessionEndpoint: () => getEndSessionEndpoint,
|
|
@@ -76,6 +79,7 @@ __export(auth_exports, {
|
|
|
76
79
|
getOptionalEnv: () => getOptionalEnv,
|
|
77
80
|
getRateLimitStatus: () => getRateLimitStatus,
|
|
78
81
|
getRequiredEnv: () => getRequiredEnv,
|
|
82
|
+
getStoredBetaCode: () => getStoredBetaCode,
|
|
79
83
|
getTokenEndpoint: () => getTokenEndpoint,
|
|
80
84
|
hasAllRoles: () => hasAllRoles,
|
|
81
85
|
hasAnyRole: () => hasAnyRole,
|
|
@@ -90,7 +94,9 @@ __export(auth_exports, {
|
|
|
90
94
|
resolveIdentifier: () => resolveIdentifier,
|
|
91
95
|
resolveRateLimitIdentifier: () => resolveRateLimitIdentifier,
|
|
92
96
|
sanitizeApiError: () => sanitizeApiError,
|
|
97
|
+
storeBetaCode: () => storeBetaCode,
|
|
93
98
|
stripHtml: () => stripHtml,
|
|
99
|
+
validateBetaCode: () => validateBetaCode,
|
|
94
100
|
validateEnvVars: () => validateEnvVars,
|
|
95
101
|
zodErrorResponse: () => zodErrorResponse
|
|
96
102
|
});
|
|
@@ -1204,6 +1210,113 @@ function isValidBearerToken(request, secret) {
|
|
|
1204
1210
|
return constantTimeEqual(token, secret);
|
|
1205
1211
|
}
|
|
1206
1212
|
|
|
1213
|
+
// src/auth/beta-client.ts
|
|
1214
|
+
var DEFAULT_CONFIG = {
|
|
1215
|
+
baseUrl: "",
|
|
1216
|
+
settingsEndpoint: "/api/beta-settings",
|
|
1217
|
+
validateEndpoint: "/api/validate-beta-code",
|
|
1218
|
+
storageKey: "beta_code",
|
|
1219
|
+
failSafeDefaults: {
|
|
1220
|
+
betaMode: true,
|
|
1221
|
+
requireInviteCode: true,
|
|
1222
|
+
betaMessage: ""
|
|
1223
|
+
}
|
|
1224
|
+
};
|
|
1225
|
+
function createBetaClient(config = {}) {
|
|
1226
|
+
const cfg = {
|
|
1227
|
+
...DEFAULT_CONFIG,
|
|
1228
|
+
...config,
|
|
1229
|
+
failSafeDefaults: {
|
|
1230
|
+
...DEFAULT_CONFIG.failSafeDefaults,
|
|
1231
|
+
...config.failSafeDefaults
|
|
1232
|
+
}
|
|
1233
|
+
};
|
|
1234
|
+
return {
|
|
1235
|
+
fetchSettings: () => fetchBetaSettings(cfg),
|
|
1236
|
+
validateCode: (code) => validateBetaCode(code, cfg),
|
|
1237
|
+
storeCode: (code) => storeBetaCode(code, cfg),
|
|
1238
|
+
getStoredCode: () => getStoredBetaCode(cfg),
|
|
1239
|
+
clearStoredCode: () => clearStoredBetaCode(cfg)
|
|
1240
|
+
};
|
|
1241
|
+
}
|
|
1242
|
+
async function fetchBetaSettings(config = {}) {
|
|
1243
|
+
const cfg = { ...DEFAULT_CONFIG, ...config };
|
|
1244
|
+
try {
|
|
1245
|
+
const response = await fetch(`${cfg.baseUrl}${cfg.settingsEndpoint}`, {
|
|
1246
|
+
method: "GET",
|
|
1247
|
+
headers: { "Content-Type": "application/json" },
|
|
1248
|
+
cache: "no-store"
|
|
1249
|
+
});
|
|
1250
|
+
if (!response.ok) {
|
|
1251
|
+
throw new Error(`Failed to fetch beta settings: ${response.status}`);
|
|
1252
|
+
}
|
|
1253
|
+
const data = await response.json();
|
|
1254
|
+
return {
|
|
1255
|
+
betaMode: data.betaMode ?? cfg.failSafeDefaults.betaMode ?? true,
|
|
1256
|
+
requireInviteCode: data.requireInviteCode ?? cfg.failSafeDefaults.requireInviteCode ?? true,
|
|
1257
|
+
betaMessage: data.betaMessage ?? cfg.failSafeDefaults.betaMessage ?? ""
|
|
1258
|
+
};
|
|
1259
|
+
} catch (error) {
|
|
1260
|
+
console.error("Error fetching beta settings:", error);
|
|
1261
|
+
return {
|
|
1262
|
+
betaMode: cfg.failSafeDefaults.betaMode ?? true,
|
|
1263
|
+
requireInviteCode: cfg.failSafeDefaults.requireInviteCode ?? true,
|
|
1264
|
+
betaMessage: cfg.failSafeDefaults.betaMessage ?? ""
|
|
1265
|
+
};
|
|
1266
|
+
}
|
|
1267
|
+
}
|
|
1268
|
+
async function validateBetaCode(code, config = {}) {
|
|
1269
|
+
const cfg = { ...DEFAULT_CONFIG, ...config };
|
|
1270
|
+
if (!code || code.trim().length < 3) {
|
|
1271
|
+
return {
|
|
1272
|
+
valid: false,
|
|
1273
|
+
message: "Please enter a valid invite code."
|
|
1274
|
+
};
|
|
1275
|
+
}
|
|
1276
|
+
try {
|
|
1277
|
+
const response = await fetch(`${cfg.baseUrl}${cfg.validateEndpoint}`, {
|
|
1278
|
+
method: "POST",
|
|
1279
|
+
headers: { "Content-Type": "application/json" },
|
|
1280
|
+
body: JSON.stringify({ code: code.trim().toUpperCase() })
|
|
1281
|
+
});
|
|
1282
|
+
if (response.status === 429) {
|
|
1283
|
+
return {
|
|
1284
|
+
valid: false,
|
|
1285
|
+
message: "Too many attempts. Please try again later."
|
|
1286
|
+
};
|
|
1287
|
+
}
|
|
1288
|
+
if (!response.ok) {
|
|
1289
|
+
throw new Error(`Validation request failed: ${response.status}`);
|
|
1290
|
+
}
|
|
1291
|
+
return await response.json();
|
|
1292
|
+
} catch (error) {
|
|
1293
|
+
console.error("Error validating invite code:", error);
|
|
1294
|
+
return {
|
|
1295
|
+
valid: false,
|
|
1296
|
+
message: "Unable to validate code. Please try again."
|
|
1297
|
+
};
|
|
1298
|
+
}
|
|
1299
|
+
}
|
|
1300
|
+
function storeBetaCode(code, config = {}) {
|
|
1301
|
+
const key = config.storageKey ?? DEFAULT_CONFIG.storageKey;
|
|
1302
|
+
if (typeof window !== "undefined") {
|
|
1303
|
+
sessionStorage.setItem(key, code.trim().toUpperCase());
|
|
1304
|
+
}
|
|
1305
|
+
}
|
|
1306
|
+
function getStoredBetaCode(config = {}) {
|
|
1307
|
+
const key = config.storageKey ?? DEFAULT_CONFIG.storageKey;
|
|
1308
|
+
if (typeof window !== "undefined") {
|
|
1309
|
+
return sessionStorage.getItem(key);
|
|
1310
|
+
}
|
|
1311
|
+
return null;
|
|
1312
|
+
}
|
|
1313
|
+
function clearStoredBetaCode(config = {}) {
|
|
1314
|
+
const key = config.storageKey ?? DEFAULT_CONFIG.storageKey;
|
|
1315
|
+
if (typeof window !== "undefined") {
|
|
1316
|
+
sessionStorage.removeItem(key);
|
|
1317
|
+
}
|
|
1318
|
+
}
|
|
1319
|
+
|
|
1207
1320
|
// src/env.ts
|
|
1208
1321
|
function getRequiredEnv(key) {
|
|
1209
1322
|
const value = process.env[key];
|
|
@@ -1326,11 +1439,13 @@ function getEnvSummary(keys) {
|
|
|
1326
1439
|
checkEnvVars,
|
|
1327
1440
|
checkRateLimit,
|
|
1328
1441
|
classifyError,
|
|
1442
|
+
clearStoredBetaCode,
|
|
1329
1443
|
constantTimeEqual,
|
|
1330
1444
|
containsHtml,
|
|
1331
1445
|
containsUrls,
|
|
1332
1446
|
createAuditActor,
|
|
1333
1447
|
createAuditLogger,
|
|
1448
|
+
createBetaClient,
|
|
1334
1449
|
createFeatureFlags,
|
|
1335
1450
|
createMemoryRateLimitStore,
|
|
1336
1451
|
createRedisRateLimitStore,
|
|
@@ -1344,6 +1459,7 @@ function getEnvSummary(keys) {
|
|
|
1344
1459
|
extractAuditUserAgent,
|
|
1345
1460
|
extractBearerToken,
|
|
1346
1461
|
extractClientIp,
|
|
1462
|
+
fetchBetaSettings,
|
|
1347
1463
|
getBoolEnv,
|
|
1348
1464
|
getCorrelationId,
|
|
1349
1465
|
getEndSessionEndpoint,
|
|
@@ -1352,6 +1468,7 @@ function getEnvSummary(keys) {
|
|
|
1352
1468
|
getOptionalEnv,
|
|
1353
1469
|
getRateLimitStatus,
|
|
1354
1470
|
getRequiredEnv,
|
|
1471
|
+
getStoredBetaCode,
|
|
1355
1472
|
getTokenEndpoint,
|
|
1356
1473
|
hasAllRoles,
|
|
1357
1474
|
hasAnyRole,
|
|
@@ -1366,7 +1483,9 @@ function getEnvSummary(keys) {
|
|
|
1366
1483
|
resolveIdentifier,
|
|
1367
1484
|
resolveRateLimitIdentifier,
|
|
1368
1485
|
sanitizeApiError,
|
|
1486
|
+
storeBetaCode,
|
|
1369
1487
|
stripHtml,
|
|
1488
|
+
validateBetaCode,
|
|
1370
1489
|
validateEnvVars,
|
|
1371
1490
|
zodErrorResponse
|
|
1372
1491
|
});
|