npm - @eduzz/miau-client - Versions diffs - 0.0.11 → 0.0.13 - Mend

@eduzz/miau-client 0.0.11 → 0.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/.turbo/turbo-build$colon$types.log +1 -1
package/.turbo/turbo-build.log +4 -4
package/.turbo/turbo-prepublish.log +1 -1
package/dist/MiauClient.d.ts +3 -0
package/dist/index.d.ts +0 -1
package/dist/index.js +70 -48
package/dist/index.js.map +4 -4
package/dist/miau-types/types/Application.d.ts +1 -1
package/dist/miau-types/types/Permission.d.ts +1 -1
package/dist/miau-types/types/Resource.d.ts +1 -1
package/dist/middleware.d.ts +9 -0
package/package.json +1 -1
package/src/MiauClient.ts +10 -4
package/src/index.ts +0 -1
package/src/middleware.ts +93 -0
package/dist/MiauMiddleware.d.ts +0 -3
package/src/MiauMiddleware.ts +0 -61

package/.turbo/turbo-build$colon$types.log CHANGED Viewed

@@ -1,4 +1,4 @@
-> @eduzz/miau-client@0.0.11 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
+> @eduzz/miau-client@0.0.13 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
 > tsc --emitDeclarationOnly --outDir dist

package/.turbo/turbo-build.log CHANGED Viewed

@@ -1,9 +1,9 @@
-> @eduzz/miau-client@0.0.11 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
+> @eduzz/miau-client@0.0.13 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
 > esbuild src/index.ts --bundle --sourcemap --platform=node --target=es2020 --outfile=dist/index.js
-  dist/index.js      437.6kb
-  dist/index.js.map  733.5kb
+  dist/index.js      438.5kb
+  dist/index.js.map  735.4kb
-⚡ Done in 361ms
+⚡ Done in 459ms

package/.turbo/turbo-prepublish.log CHANGED Viewed

@@ -1,4 +1,4 @@
-> @eduzz/miau-client@0.0.11 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
+> @eduzz/miau-client@0.0.13 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
 > sh ./scripts/prepare-publish.sh

package/dist/MiauClient.d.ts CHANGED Viewed

@@ -1,4 +1,6 @@
+import { type RequestHandler } from 'express';
 import { type Permission } from '@eduzz/miau-types';
+import { type RequestAugmentation } from './middleware';
 type MiauClientConfig = {
     apiUrl: string;
     appSecret: string;
@@ -13,6 +15,7 @@ export declare class MiauClient {
     constructor(props: MiauClientConfig);
     getPublicKey(kid: string): Promise<string>;
     getToken(): Promise<string | undefined>;
+    middleware<T = Record<string, string>>(requestAugmentation?: RequestAugmentation<T>, fallbackMidlleware?: RequestHandler): RequestHandler;
     getPermissions(targetAppId: string): Promise<Permission>;
     private requestPermissions;
     private getApiJwtUrl;

package/dist/index.d.ts CHANGED Viewed

@@ -1,3 +1,2 @@
 export * from './miau-types';
 export * from './MiauClient';
-export * from './MiauMiddleware';

package/dist/index.js CHANGED Viewed

@@ -11715,8 +11715,7 @@ var index_exports = {};
 __export(index_exports, {
   HttpMethods: () => HttpMethods,
   MiauClient: () => MiauClient,
-  ResourceTypes: () => ResourceTypes,
-  miauMiddleware: () => miauMiddleware
+  ResourceTypes: () => ResourceTypes
 });
 module.exports = __toCommonJS(index_exports);
@@ -11725,8 +11724,71 @@ var ResourceTypes = ["http", "websocket", "grpc"];
 var HttpMethods = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
 // src/MiauClient.ts
-var import_jsonwebtoken = __toESM(require_jsonwebtoken());
+var import_jsonwebtoken2 = __toESM(require_jsonwebtoken());
 var import_jwks_rsa = __toESM(require_src2());
+// src/middleware.ts
+var import_jsonwebtoken = __toESM(require_jsonwebtoken());
+var HttpError = class _HttpError extends Error {
+  constructor(status, name, message) {
+    super(message);
+    this.name = name;
+    this.status = status;
+    Object.setPrototypeOf(this, _HttpError.prototype);
+  }
+};
+var wildcardToRegex = (pattern) => {
+  const escaped = pattern.replace(/[-/\\^$+?.()|[\]{}]/g, "\\$&");
+  const withWildcards = escaped.replace(/\*/g, "[^/]+");
+  const regexStr = `^${withWildcards}$`;
+  return new RegExp(regexStr);
+};
+var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
+  return async (req, res, next) => {
+    try {
+      const token = req.headers.authorization?.split(" ").pop();
+      if (!token) {
+        throw new HttpError(401, "Invalid Token", "Token not provided");
+      }
+      const decodedToken = import_jsonwebtoken.default.decode(token, { complete: true });
+      if (!decodedToken?.header?.kid) {
+        throw new HttpError(401, "Invalid Token", "Missing kid in token header");
+      }
+      const publicKey = await miauClient.getPublicKey(decodedToken.header.kid);
+      const appToken = import_jsonwebtoken.default.verify(token, publicKey, { algorithms: ["RS256"] });
+      if (!appToken || !appToken.id || !appToken.name) {
+        throw new HttpError(401, "Invalid Token", "Token verification failed");
+      }
+      const permission = await miauClient.getPermissions(appToken.id);
+      if (!permission) {
+        res.status(401).json({ error: "Unauthorized", message: "No permissions found for this application" });
+      }
+      const resources = permission?.resources || [];
+      const isAllowed = resources.some((resource) => {
+        return resource.method.toLowerCase() === req.method.toLowerCase() && wildcardToRegex(resource.path).test(req.path.toLowerCase());
+      });
+      if (!isAllowed) {
+        throw new HttpError(403, "Forbidden", `You do not have permission to access ${req.method} ${req.path}`);
+      }
+      req.miauApplication = { id: appToken?.id, name: appToken?.name };
+      req.miauMetadata = permission?.metadata || {};
+      if (requestAugmentation) {
+        console.log("Request augmentation is being applied");
+        requestAugmentation({ req, app: req.miauApplication, meta: req.miauMetadata });
+      }
+      next();
+    } catch (err) {
+      if (err instanceof HttpError && err.status == 401 && fallbackMidlleware) {
+        return fallbackMidlleware(req, res, next);
+      }
+      const errorStatus = err.status || 403;
+      res.status(errorStatus).json({ error: err.name, message: err.message });
+      return;
+    }
+  };
+};
+// src/MiauClient.ts
 var reusableFetch = async (input, init) => {
   return new Promise(async (resolve, reject) => {
     try {
@@ -11765,7 +11827,7 @@ var MiauClient = class {
   }
   async getToken() {
     if (this.jwtToken) {
-      const { exp } = import_jsonwebtoken.default.decode(this.jwtToken);
+      const { exp } = import_jsonwebtoken2.default.decode(this.jwtToken);
       const ONE_MINUTE_FROM_NOW = Math.floor(Date.now() / 1e3) + 60;
       if (exp > ONE_MINUTE_FROM_NOW) {
         return this.jwtToken;
@@ -11783,6 +11845,9 @@ var MiauClient = class {
     this.jwtToken = (await response.json()).jwt;
     return this.jwtToken;
   }
+  middleware(requestAugmentation, fallbackMidlleware) {
+    return miauMiddleware(this, requestAugmentation, fallbackMidlleware);
+  }
   async getPermissions(targetAppId) {
     if (this.permissionsCache.has(targetAppId)) {
       const { data, expiresAt } = this.permissionsCache.get(targetAppId);
@@ -11814,54 +11879,11 @@ var MiauClient = class {
     return request;
   }
 };
-// src/MiauMiddleware.ts
-var import_jsonwebtoken2 = __toESM(require_jsonwebtoken());
-var wildcardToRegex = (pattern) => {
-  const escaped = pattern.replace(/[-/\\^$+?.()|[\]{}]/g, "\\$&");
-  const withWildcards = escaped.replace(/\*/g, "[^/]+");
-  const regexStr = `^${withWildcards}$`;
-  return new RegExp(regexStr);
-};
-var miauMiddleware = (miauService) => {
-  return async (req, res, next) => {
-    try {
-      const token = req.headers.authorization?.split(" ").pop();
-      if (!token) {
-        res.status(401).json({ error: "Invalid Token", message: "Token not provided" });
-        return;
-      }
-      const decodedToken = import_jsonwebtoken2.default.decode(token, { complete: true });
-      if (!decodedToken?.header?.kid) {
-        res.status(401).json({ error: "Invalid token", message: "Missing kid" });
-        return;
-      }
-      const publicKey = await miauService.getPublicKey(decodedToken.header.kid);
-      const appToken = import_jsonwebtoken2.default.verify(token, publicKey, { algorithms: ["RS256"] });
-      req.miauApplication = { id: appToken?.id, name: appToken?.name };
-      const permission = await miauService.getPermissions(req.miauApplication.id);
-      req.miauMetadata = permission?.metadata || {};
-      const resources = permission?.resources || [];
-      const isAllowed = resources.some((resource) => {
-        return resource.method.toLowerCase() === req.method.toLowerCase() && wildcardToRegex(resource.path).test(req.path.toLowerCase());
-      });
-      if (!isAllowed) {
-        res.status(403).json({ error: "Forbidden", message: `You do not have permission to access ${req.method} ${req.path}` });
-        return;
-      }
-      next();
-    } catch (err) {
-      res.status(401).json({ error: err.name, message: err.message });
-      return;
-    }
-  };
-};
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   HttpMethods,
   MiauClient,
-  ResourceTypes,
-  miauMiddleware
+  ResourceTypes
 });
 /*! Bundled license information: