@eduzz/miau-client 0.0.15 → 0.0.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.turbo/turbo-build$colon$types.log +1 -1
  2. package/.turbo/turbo-build.log +4 -4
  3. package/.turbo/turbo-prepublish.log +1 -1
  4. package/dist/index.js +37 -34
  5. package/dist/index.js.map +3 -3
  6. package/dist/miau-types/types/Resource.d.ts +3 -3
  7. package/package.json +1 -1
  8. package/src/MiauClient.ts +4 -1
  9. package/src/middleware.ts +6 -5
package/.turbo/turbo-build$colon$types.log CHANGED
@@ -1,4 +1,4 @@
1
1
 
2
- > @eduzz/miau-client@0.0.15 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.17 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > tsc --emitDeclarationOnly --outDir dist
4
4
 
package/.turbo/turbo-build.log CHANGED
@@ -1,9 +1,9 @@
1
1
 
2
- > @eduzz/miau-client@0.0.15 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.17 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > esbuild src/index.ts --bundle --sourcemap --platform=node --target=es2020 --outfile=dist/index.js
4
4
 
5
5
 
6
- dist/index.js 438.5kb
7
- dist/index.js.map 735.4kb
6
+ dist/index.js 438.7kb
7
+ dist/index.js.map 735.8kb
8
8
 
9
- ⚡ Done in 462ms
9
+ ⚡ Done in 473ms
package/.turbo/turbo-prepublish.log CHANGED
@@ -1,4 +1,4 @@
1
1
 
2
- > @eduzz/miau-client@0.0.15 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
2
+ > @eduzz/miau-client@0.0.17 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
3
3
  > sh ./scripts/prepare-publish.sh
4
4
 
package/dist/index.js CHANGED
@@ -338,14 +338,14 @@ var require_buffer_equal_constant_time = __commonJS({
338
338
  var require_jwa = __commonJS({
339
339
  "../../node_modules/.pnpm/jwa@1.4.2/node_modules/jwa/index.js"(exports2, module2) {
340
340
  var Buffer2 = require_safe_buffer().Buffer;
341
- var crypto = require("crypto");
341
+ var crypto2 = require("crypto");
342
342
  var formatEcdsa = require_ecdsa_sig_formatter();
343
343
  var util = require("util");
344
344
  var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" and "none".';
345
345
  var MSG_INVALID_SECRET = "secret must be a string or buffer";
346
346
  var MSG_INVALID_VERIFIER_KEY = "key must be a string or a buffer";
347
347
  var MSG_INVALID_SIGNER_KEY = "key must be a string, a buffer or an object";
348
- var supportsKeyObjects = typeof crypto.createPublicKey === "function";
348
+ var supportsKeyObjects = typeof crypto2.createPublicKey === "function";
349
349
  if (supportsKeyObjects) {
350
350
  MSG_INVALID_VERIFIER_KEY += " or a KeyObject";
351
351
  MSG_INVALID_SECRET += "or a KeyObject";
@@ -435,17 +435,17 @@ var require_jwa = __commonJS({
435
435
  return function sign(thing, secret) {
436
436
  checkIsSecretKey(secret);
437
437
  thing = normalizeInput(thing);
438
- var hmac = crypto.createHmac("sha" + bits, secret);
438
+ var hmac = crypto2.createHmac("sha" + bits, secret);
439
439
  var sig = (hmac.update(thing), hmac.digest("base64"));
440
440
  return fromBase64(sig);
441
441
  };
442
442
  }
443
443
  var bufferEqual;
444
- var timingSafeEqual = "timingSafeEqual" in crypto ? function timingSafeEqual2(a, b) {
444
+ var timingSafeEqual = "timingSafeEqual" in crypto2 ? function timingSafeEqual2(a, b) {
445
445
  if (a.byteLength !== b.byteLength) {
446
446
  return false;
447
447
  }
448
- return crypto.timingSafeEqual(a, b);
448
+ return crypto2.timingSafeEqual(a, b);
449
449
  } : function timingSafeEqual2(a, b) {
450
450
  if (!bufferEqual) {
451
451
  bufferEqual = require_buffer_equal_constant_time();
@@ -462,7 +462,7 @@ var require_jwa = __commonJS({
462
462
  return function sign(thing, privateKey) {
463
463
  checkIsPrivateKey(privateKey);
464
464
  thing = normalizeInput(thing);
465
- var signer = crypto.createSign("RSA-SHA" + bits);
465
+ var signer = crypto2.createSign("RSA-SHA" + bits);
466
466
  var sig = (signer.update(thing), signer.sign(privateKey, "base64"));
467
467
  return fromBase64(sig);
468
468
  };
@@ -472,7 +472,7 @@ var require_jwa = __commonJS({
472
472
  checkIsPublicKey(publicKey);
473
473
  thing = normalizeInput(thing);
474
474
  signature = toBase64(signature);
475
- var verifier = crypto.createVerify("RSA-SHA" + bits);
475
+ var verifier = crypto2.createVerify("RSA-SHA" + bits);
476
476
  verifier.update(thing);
477
477
  return verifier.verify(publicKey, signature, "base64");
478
478
  };
@@ -481,11 +481,11 @@ var require_jwa = __commonJS({
481
481
  return function sign(thing, privateKey) {
482
482
  checkIsPrivateKey(privateKey);
483
483
  thing = normalizeInput(thing);
484
- var signer = crypto.createSign("RSA-SHA" + bits);
484
+ var signer = crypto2.createSign("RSA-SHA" + bits);
485
485
  var sig = (signer.update(thing), signer.sign({
486
486
  key: privateKey,
487
- padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
488
- saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
487
+ padding: crypto2.constants.RSA_PKCS1_PSS_PADDING,
488
+ saltLength: crypto2.constants.RSA_PSS_SALTLEN_DIGEST
489
489
  }, "base64"));
490
490
  return fromBase64(sig);
491
491
  };
@@ -495,12 +495,12 @@ var require_jwa = __commonJS({
495
495
  checkIsPublicKey(publicKey);
496
496
  thing = normalizeInput(thing);
497
497
  signature = toBase64(signature);
498
- var verifier = crypto.createVerify("RSA-SHA" + bits);
498
+ var verifier = crypto2.createVerify("RSA-SHA" + bits);
499
499
  verifier.update(thing);
500
500
  return verifier.verify({
501
501
  key: publicKey,
502
- padding: crypto.constants.RSA_PKCS1_PSS_PADDING,
503
- saltLength: crypto.constants.RSA_PSS_SALTLEN_DIGEST
502
+ padding: crypto2.constants.RSA_PKCS1_PSS_PADDING,
503
+ saltLength: crypto2.constants.RSA_PSS_SALTLEN_DIGEST
504
504
  }, signature, "base64");
505
505
  };
506
506
  }
@@ -4946,9 +4946,9 @@ var require_webcrypto = __commonJS({
4946
4946
  "use strict";
4947
4947
  Object.defineProperty(exports2, "__esModule", { value: true });
4948
4948
  exports2.isCryptoKey = void 0;
4949
- var crypto = require("crypto");
4949
+ var crypto2 = require("crypto");
4950
4950
  var util = require("util");
4951
- var webcrypto = crypto.webcrypto;
4951
+ var webcrypto = crypto2.webcrypto;
4952
4952
  exports2.default = webcrypto;
4953
4953
  exports2.isCryptoKey = util.types.isCryptoKey ? (key) => util.types.isCryptoKey(key) : (key) => false;
4954
4954
  }
@@ -7599,22 +7599,22 @@ var require_sign2 = __commonJS({
7599
7599
  "../../node_modules/.pnpm/jose@4.15.9/node_modules/jose/dist/node/cjs/runtime/sign.js"(exports2) {
7600
7600
  "use strict";
7601
7601
  Object.defineProperty(exports2, "__esModule", { value: true });
7602
- var crypto = require("crypto");
7602
+ var crypto2 = require("crypto");
7603
7603
  var util_1 = require("util");
7604
7604
  var dsa_digest_js_1 = require_dsa_digest();
7605
7605
  var hmac_digest_js_1 = require_hmac_digest();
7606
7606
  var node_key_js_1 = require_node_key();
7607
7607
  var get_sign_verify_key_js_1 = require_get_sign_verify_key();
7608
7608
  var oneShotSign;
7609
- if (crypto.sign.length > 3) {
7610
- oneShotSign = (0, util_1.promisify)(crypto.sign);
7609
+ if (crypto2.sign.length > 3) {
7610
+ oneShotSign = (0, util_1.promisify)(crypto2.sign);
7611
7611
  } else {
7612
- oneShotSign = crypto.sign;
7612
+ oneShotSign = crypto2.sign;
7613
7613
  }
7614
7614
  var sign = async (alg, key, data) => {
7615
7615
  const keyObject = (0, get_sign_verify_key_js_1.default)(alg, key, "sign");
7616
7616
  if (alg.startsWith("HS")) {
7617
- const hmac = crypto.createHmac((0, hmac_digest_js_1.default)(alg), keyObject);
7617
+ const hmac = crypto2.createHmac((0, hmac_digest_js_1.default)(alg), keyObject);
7618
7618
  hmac.update(data);
7619
7619
  return hmac.digest();
7620
7620
  }
@@ -7629,7 +7629,7 @@ var require_verify2 = __commonJS({
7629
7629
  "../../node_modules/.pnpm/jose@4.15.9/node_modules/jose/dist/node/cjs/runtime/verify.js"(exports2) {
7630
7630
  "use strict";
7631
7631
  Object.defineProperty(exports2, "__esModule", { value: true });
7632
- var crypto = require("crypto");
7632
+ var crypto2 = require("crypto");
7633
7633
  var util_1 = require("util");
7634
7634
  var dsa_digest_js_1 = require_dsa_digest();
7635
7635
  var node_key_js_1 = require_node_key();
@@ -7637,10 +7637,10 @@ var require_verify2 = __commonJS({
7637
7637
  var get_sign_verify_key_js_1 = require_get_sign_verify_key();
7638
7638
  var flags_js_1 = require_flags();
7639
7639
  var oneShotVerify;
7640
- if (crypto.verify.length > 4 && flags_js_1.oneShotCallback) {
7641
- oneShotVerify = (0, util_1.promisify)(crypto.verify);
7640
+ if (crypto2.verify.length > 4 && flags_js_1.oneShotCallback) {
7641
+ oneShotVerify = (0, util_1.promisify)(crypto2.verify);
7642
7642
  } else {
7643
- oneShotVerify = crypto.verify;
7643
+ oneShotVerify = crypto2.verify;
7644
7644
  }
7645
7645
  var verify = async (alg, key, signature, data) => {
7646
7646
  const keyObject = (0, get_sign_verify_key_js_1.default)(alg, key, "verify");
@@ -7648,7 +7648,7 @@ var require_verify2 = __commonJS({
7648
7648
  const expected = await (0, sign_js_1.default)(alg, keyObject, data);
7649
7649
  const actual = signature;
7650
7650
  try {
7651
- return crypto.timingSafeEqual(actual, expected);
7651
+ return crypto2.timingSafeEqual(actual, expected);
7652
7652
  } catch {
7653
7653
  return false;
7654
7654
  }
@@ -11715,15 +11715,16 @@ var index_exports = {};
11715
11715
  __export(index_exports, {
11716
11716
  HttpMethods: () => HttpMethods,
11717
11717
  MiauClient: () => MiauClient,
11718
- ResourceTypes: () => ResourceTypes
11718
+ ResourceProtocols: () => ResourceProtocols
11719
11719
  });
11720
11720
  module.exports = __toCommonJS(index_exports);
11721
11721
 
11722
11722
  // ../types/src/types/Resource.ts
11723
- var ResourceTypes = ["http", "websocket", "grpc"];
11723
+ var ResourceProtocols = ["http", "websocket", "grpc"];
11724
11724
  var HttpMethods = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
11725
11725
 
11726
11726
  // src/MiauClient.ts
11727
+ var import_node_crypto = __toESM(require("node:crypto"));
11727
11728
  var import_jsonwebtoken2 = __toESM(require_jsonwebtoken());
11728
11729
  var import_jwks_rsa = __toESM(require_src2());
11729
11730
 
@@ -11748,20 +11749,20 @@ var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
11748
11749
  try {
11749
11750
  const token = req.headers.authorization?.split(" ").pop();
11750
11751
  if (!token) {
11751
- throw new HttpError(401, "Invalid Token", "Token not provided");
11752
+ throw new HttpError(400, "Invalid Token", "Token not provided");
11752
11753
  }
11753
11754
  const decodedToken = import_jsonwebtoken.default.decode(token, { complete: true });
11754
11755
  if (!decodedToken?.header?.kid) {
11755
- throw new HttpError(401, "Invalid Token", "Missing kid in token header");
11756
+ throw new HttpError(400, "Invalid Token", "Missing kid in token header");
11756
11757
  }
11757
11758
  const publicKey = await miauClient.getPublicKey(decodedToken.header.kid);
11758
11759
  const appToken = import_jsonwebtoken.default.verify(token, publicKey, { algorithms: ["RS256"] });
11759
11760
  if (!appToken || !appToken.id || !appToken.name) {
11760
- throw new HttpError(401, "Invalid Token", "Token verification failed");
11761
+ throw new HttpError(400, "Invalid Token", "Token verification failed");
11761
11762
  }
11762
11763
  const permission = await miauClient.getPermissions(appToken.id);
11763
11764
  if (!permission) {
11764
- res.status(401).json({ error: "Unauthorized", message: "No permissions found for this application" });
11765
+ throw new HttpError(401, "Unauthorized", "No permissions found for this application");
11765
11766
  }
11766
11767
  const resources = permission?.resources || [];
11767
11768
  const isAllowed = resources.some((resource) => {
@@ -11778,7 +11779,8 @@ var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
11778
11779
  }
11779
11780
  next();
11780
11781
  } catch (err) {
11781
- if (err instanceof HttpError && err.status == 401 && fallbackMidlleware) {
11782
+ if (err instanceof HttpError && err.status == 400 && fallbackMidlleware) {
11783
+ console.log("Using fallback middleware for 400 error");
11782
11784
  return fallbackMidlleware(req, res, next);
11783
11785
  }
11784
11786
  const errorStatus = err.status || 403;
@@ -11816,7 +11818,8 @@ var MiauClient = class {
11816
11818
  };
11817
11819
  this.apiUrl = props.apiUrl;
11818
11820
  const apiKey = props.appSecret.substring(7, 32);
11819
- this.basicAuthToken = Buffer.from(`${apiKey}:${props.appSecret}`).toString("base64");
11821
+ const hashedSecret = import_node_crypto.default.createHash("sha256").update(props.appSecret).digest("hex");
11822
+ this.basicAuthToken = Buffer.from(`${apiKey}:${hashedSecret}`).toString("base64");
11820
11823
  }
11821
11824
  async getPublicKey(kid) {
11822
11825
  if (!this.jwksClient) {
@@ -11883,7 +11886,7 @@ var MiauClient = class {
11883
11886
  0 && (module.exports = {
11884
11887
  HttpMethods,
11885
11888
  MiauClient,
11886
- ResourceTypes
11889
+ ResourceProtocols
11887
11890
  });
11888
11891
  /*! Bundled license information:
11889
11892