npm - @docbrasil/api-systemmanager - Versions diffs - 1.1.83 → 1.1.84 - Mend

@docbrasil/api-systemmanager 1.1.83 → 1.1.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/api/dispatch.js CHANGED Viewed

@@ -199,18 +199,73 @@ class Dispatch {
     return this._client;
   }
+  /**
+   * @description Decode the payload of a JWT token (base64url → JSON).
+   * Does NOT verify the signature — used only to extract claims for header building.
+   * @param {string} token JWT token string
+   * @return {object|null} Decoded payload or null on failure
+   * @private
+   */
+  _decodeJwtPayload(token) {
+    try {
+      const parts = token.split('.');
+      if (parts.length !== 3) return null;
+      const base64 = parts[1].replace(/-/g, '+').replace(/_/g, '/');
+      const json = decodeURIComponent(
+        atob(base64).split('').map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)).join('')
+      );
+      return JSON.parse(json);
+    } catch (e) {
+      return null;
+    }
+  }
   /**
    * @description Create a dedicated Axios client for Akamai routes.
+   * In DEV there is no NGiNX to translate the Authorization JWT into the
+   * x-api-key / x-user-id / x-organization-id headers that Akamai expects.
+   * When an apiKey is supplied the client adds a request interceptor that
+   * decodes the JWT and sets those headers automatically.
    * @param {string} url The Akamai base URL (e.g., http://localhost:9008 in DEV).
+   * @param {object} [options] Optional configuration
+   * @param {string} [options.apiKey] API key for Akamai authentication.
+   *   When provided, the client will transform the Authorization JWT into
+   *   x-api-key, x-user-id and x-organization-id headers on every request.
    * @public
    */
-  setAkamaiBaseUrl(url) {
+  setAkamaiBaseUrl(url, options = {}) {
     Joi.assert(url, Joi.string().required());
-    this._akamaiClient = Axios.create({
+    const self = this;
+    self._akamaiClient = Axios.create({
       baseURL: url,
       withCredentials: true
     });
+    // When an API key is provided, add interceptor to build Akamai headers from the JWT
+    if (options.apiKey) {
+      const apiKey = options.apiKey;
+      self._akamaiClient.interceptors.request.use((config) => {
+        const auth = config.headers && (config.headers.Authorization || config.headers.authorization);
+        if (auth) {
+          const payload = self._decodeJwtPayload(auth);
+          if (payload) {
+            config.headers['x-api-key'] = apiKey;
+            config.headers['x-user-id'] = payload._id || payload.userId;
+            config.headers['x-organization-id'] = payload.orgId || payload.organizationId;
+            if (payload.language) {
+              config.headers['x-country'] = payload.language;
+            }
+            // Remove the Authorization header — Akamai doesn't use it
+            delete config.headers.Authorization;
+            delete config.headers.authorization;
+          }
+        }
+        return config;
+      });
+    }
   }
   /**

package/dist/bundle.cjs CHANGED Viewed

@@ -211,18 +211,73 @@ class Dispatch {
     return this._client;
   }
+  /**
+   * @description Decode the payload of a JWT token (base64url → JSON).
+   * Does NOT verify the signature — used only to extract claims for header building.
+   * @param {string} token JWT token string
+   * @return {object|null} Decoded payload or null on failure
+   * @private
+   */
+  _decodeJwtPayload(token) {
+    try {
+      const parts = token.split('.');
+      if (parts.length !== 3) return null;
+      const base64 = parts[1].replace(/-/g, '+').replace(/_/g, '/');
+      const json = decodeURIComponent(
+        atob(base64).split('').map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)).join('')
+      );
+      return JSON.parse(json);
+    } catch (e) {
+      return null;
+    }
+  }
   /**
    * @description Create a dedicated Axios client for Akamai routes.
+   * In DEV there is no NGiNX to translate the Authorization JWT into the
+   * x-api-key / x-user-id / x-organization-id headers that Akamai expects.
+   * When an apiKey is supplied the client adds a request interceptor that
+   * decodes the JWT and sets those headers automatically.
    * @param {string} url The Akamai base URL (e.g., http://localhost:9008 in DEV).
+   * @param {object} [options] Optional configuration
+   * @param {string} [options.apiKey] API key for Akamai authentication.
+   *   When provided, the client will transform the Authorization JWT into
+   *   x-api-key, x-user-id and x-organization-id headers on every request.
    * @public
    */
-  setAkamaiBaseUrl(url) {
+  setAkamaiBaseUrl(url, options = {}) {
     Joi__default["default"].assert(url, Joi__default["default"].string().required());
-    this._akamaiClient = Axios__default["default"].create({
+    const self = this;
+    self._akamaiClient = Axios__default["default"].create({
       baseURL: url,
       withCredentials: true
     });
+    // When an API key is provided, add interceptor to build Akamai headers from the JWT
+    if (options.apiKey) {
+      const apiKey = options.apiKey;
+      self._akamaiClient.interceptors.request.use((config) => {
+        const auth = config.headers && (config.headers.Authorization || config.headers.authorization);
+        if (auth) {
+          const payload = self._decodeJwtPayload(auth);
+          if (payload) {
+            config.headers['x-api-key'] = apiKey;
+            config.headers['x-user-id'] = payload._id || payload.userId;
+            config.headers['x-organization-id'] = payload.orgId || payload.organizationId;
+            if (payload.language) {
+              config.headers['x-country'] = payload.language;
+            }
+            // Remove the Authorization header — Akamai doesn't use it
+            delete config.headers.Authorization;
+            delete config.headers.authorization;
+          }
+        }
+        return config;
+      });
+    }
   }
   /**
@@ -16557,17 +16612,20 @@ class API {
     // If akamaiUri was provided in options, configure the Akamai client
     if (self.options.akamaiUri) {
-      self.dispatch.setAkamaiBaseUrl(self.options.akamaiUri);
+      self.dispatch.setAkamaiBaseUrl(self.options.akamaiUri, { apiKey: self.options.akamaiApiKey });
     }
   }
   /**
    * @description Set the Akamai base URL for agent/AI routes.
    * @param {string} url The Akamai base URL.
+   * @param {object} [options] Optional configuration
+   * @param {string} [options.apiKey] API key for Akamai authentication (required in DEV,
+   *   where there is no NGiNX to translate Authorization JWT into x-* headers).
    * @public
    */
-  setAkamaiBaseUrl(url) {
-    this.dispatch.setAkamaiBaseUrl(url);
+  setAkamaiBaseUrl(url, options = {}) {
+    this.dispatch.setAkamaiBaseUrl(url, options);
   }
 }