@eduzz/miau-client 0.0.18 → 0.0.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build$colon$types.log +1 -1
- package/.turbo/turbo-prepublish.log +1 -1
- package/dist/MiauClient.d.ts +8 -2
- package/dist/index.js +25 -12
- package/dist/index.js.map +2 -2
- package/dist/miau-types/index.d.ts +0 -1
- package/dist/miau-types/types/Application.d.ts +0 -1
- package/dist/miau-types/types/Permission.d.ts +0 -1
- package/dist/miau-types/types/Request.d.ts +7 -0
- package/dist/miau-types/types/Secret.d.ts +1 -0
- package/package.json +5 -3
- package/scripts/prepare-publish.sh +0 -0
- package/src/MiauClient.ts +20 -12
- package/src/middleware.ts +23 -6
- package/.turbo/turbo-build.log +0 -9
- package/dist/miau-types/types/Organization.d.ts +0 -8
package/package.json
CHANGED
|
@@ -1,17 +1,19 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@eduzz/miau-client",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.19",
|
|
4
4
|
"description": "Eduzz Miau Client",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
7
7
|
"scripts": {
|
|
8
|
-
"dev": "tsx watch src/index.ts --outDir dist",
|
|
8
|
+
"-dev": "tsx watch src/index.ts --outDir dist",
|
|
9
|
+
"dev": "chokidar 'src/**/*.ts' -c 'pnpm build && pnpm i'",
|
|
9
10
|
"lint": "eslint && tsc --noEmit",
|
|
10
11
|
"build": "esbuild src/index.ts --bundle --sourcemap --platform=node --target=es2020 --outfile=dist/index.js",
|
|
11
12
|
"build:types": "tsc --emitDeclarationOnly --outDir dist",
|
|
12
13
|
"prepublish": "sh ./scripts/prepare-publish.sh"
|
|
13
14
|
},
|
|
14
15
|
"devDependencies": {
|
|
15
|
-
"@eduzz/miau-types": "workspace:*"
|
|
16
|
+
"@eduzz/miau-types": "workspace:*",
|
|
17
|
+
"chokidar-cli": "^3.0.0"
|
|
16
18
|
}
|
|
17
19
|
}
|
|
File without changes
|
package/src/MiauClient.ts
CHANGED
|
@@ -8,7 +8,7 @@ import { type Permission } from '@eduzz/miau-types';
|
|
|
8
8
|
|
|
9
9
|
import { miauMiddleware, type RequestAugmentation } from './middleware';
|
|
10
10
|
|
|
11
|
-
type MiauClientConfig = { apiUrl: string; appSecret: string };
|
|
11
|
+
type MiauClientConfig = { apiUrl: string; appSecret: string; environment: string };
|
|
12
12
|
type FetchInput = Parameters<typeof fetch>[0];
|
|
13
13
|
type FetchInit = Parameters<typeof fetch>[1];
|
|
14
14
|
|
|
@@ -27,19 +27,25 @@ const reusableFetch = async <T>(input: FetchInput, init?: FetchInit): Promise<{
|
|
|
27
27
|
|
|
28
28
|
export class MiauClient {
|
|
29
29
|
private apiUrl: string;
|
|
30
|
+
private environment: string;
|
|
30
31
|
private jwtToken: string | undefined;
|
|
31
32
|
private jwksClient: JwksClient | undefined;
|
|
32
33
|
private basicAuthToken: string;
|
|
33
34
|
private permissionsCache: Map<string, { data: Permission; expiresAt: number }> = new Map();
|
|
34
35
|
private permissionsRequests: Map<string, Promise<{ data: Permission; headers: Headers }>> = new Map();
|
|
35
36
|
|
|
36
|
-
constructor(
|
|
37
|
-
this.apiUrl =
|
|
38
|
-
|
|
39
|
-
const
|
|
37
|
+
constructor(config: MiauClientConfig) {
|
|
38
|
+
this.apiUrl = config.apiUrl;
|
|
39
|
+
this.environment = config.environment;
|
|
40
|
+
const apiKey = config.appSecret.substring(7, 32);
|
|
41
|
+
const hashedSecret = crypto.createHash('sha256').update(config.appSecret).digest('hex');
|
|
40
42
|
this.basicAuthToken = Buffer.from(`${apiKey}:${hashedSecret}`).toString('base64');
|
|
41
43
|
}
|
|
42
44
|
|
|
45
|
+
public getEnvironment() {
|
|
46
|
+
return this.environment;
|
|
47
|
+
}
|
|
48
|
+
|
|
43
49
|
public async getPublicKey(kid: string) {
|
|
44
50
|
if (!this.jwksClient) {
|
|
45
51
|
this.jwksClient = new JwksClient({ jwksUri: this.getJwksUrl(), cache: true });
|
|
@@ -66,19 +72,21 @@ export class MiauClient {
|
|
|
66
72
|
}
|
|
67
73
|
});
|
|
68
74
|
|
|
75
|
+
const data = await response.json();
|
|
76
|
+
|
|
69
77
|
if (response.status !== 200) {
|
|
70
|
-
throw new Error('Failed to fetch token');
|
|
78
|
+
throw new Error(data.message || 'Failed to fetch JWT token');
|
|
71
79
|
}
|
|
72
80
|
|
|
73
|
-
this.jwtToken =
|
|
81
|
+
this.jwtToken = data.jwt;
|
|
74
82
|
return this.jwtToken;
|
|
75
83
|
}
|
|
76
84
|
|
|
77
|
-
public middleware<T = Record<string, string>>(
|
|
78
|
-
requestAugmentation?: RequestAugmentation<T
|
|
79
|
-
fallbackMidlleware?: RequestHandler
|
|
80
|
-
): RequestHandler {
|
|
81
|
-
return miauMiddleware<T>(this, requestAugmentation, fallbackMidlleware);
|
|
85
|
+
public middleware<T = Record<string, string>>(config?: {
|
|
86
|
+
requestAugmentation?: RequestAugmentation<T>;
|
|
87
|
+
fallbackMidlleware?: RequestHandler;
|
|
88
|
+
}): RequestHandler {
|
|
89
|
+
return miauMiddleware<T>(this, config?.requestAugmentation, config?.fallbackMidlleware);
|
|
82
90
|
}
|
|
83
91
|
|
|
84
92
|
public async getPermissions(targetAppId: string) {
|
package/src/middleware.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { type RequestHandler, type NextFunction, type Request, type Response } from 'express';
|
|
2
2
|
import jwt from 'jsonwebtoken';
|
|
3
3
|
|
|
4
|
-
import type { MiauApplication, Resource } from '@eduzz/miau-types';
|
|
4
|
+
import type { MiauApplication, MiauClientToken, Resource } from '@eduzz/miau-types';
|
|
5
5
|
|
|
6
6
|
import type { MiauClient } from './MiauClient';
|
|
7
7
|
|
|
@@ -46,13 +46,30 @@ export const miauMiddleware = <T>(
|
|
|
46
46
|
}
|
|
47
47
|
|
|
48
48
|
const publicKey = await miauClient.getPublicKey(decodedToken.header.kid);
|
|
49
|
-
const
|
|
50
|
-
|
|
51
|
-
if (
|
|
49
|
+
const clientToken = jwt.verify(token, publicKey, { algorithms: ['RS256'] }) as MiauClientToken;
|
|
50
|
+
|
|
51
|
+
if (
|
|
52
|
+
!clientToken ||
|
|
53
|
+
!clientToken.application ||
|
|
54
|
+
!clientToken.secret ||
|
|
55
|
+
!clientToken.application.id ||
|
|
56
|
+
!clientToken.secret.id ||
|
|
57
|
+
!clientToken.secret.environment
|
|
58
|
+
) {
|
|
52
59
|
throw new HttpError(400, 'Invalid Token', 'Token verification failed');
|
|
53
60
|
}
|
|
54
61
|
|
|
55
|
-
const
|
|
62
|
+
const { application, secret } = clientToken;
|
|
63
|
+
|
|
64
|
+
if (secret.environment != miauClient.getEnvironment()) {
|
|
65
|
+
throw new HttpError(
|
|
66
|
+
400,
|
|
67
|
+
'Invalid Environment',
|
|
68
|
+
`Secret environment ${secret.environment} does not match client environment ${miauClient.getEnvironment()}`
|
|
69
|
+
);
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
const permission = await miauClient.getPermissions(application.id);
|
|
56
73
|
|
|
57
74
|
if (!permission) {
|
|
58
75
|
throw new HttpError(401, 'Unauthorized', 'No permissions found for this application');
|
|
@@ -70,7 +87,7 @@ export const miauMiddleware = <T>(
|
|
|
70
87
|
throw new HttpError(403, 'Forbidden', `You do not have permission to access ${req.method} ${req.path}`);
|
|
71
88
|
}
|
|
72
89
|
|
|
73
|
-
req.miauApplication = { id:
|
|
90
|
+
req.miauApplication = { id: application.id, name: application.name };
|
|
74
91
|
req.miauMetadata = permission?.metadata || {};
|
|
75
92
|
|
|
76
93
|
if (requestAugmentation) {
|
package/.turbo/turbo-build.log
DELETED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
|
|
2
|
-
> @eduzz/miau-client@0.0.18 build /home/runner/work/eduzz-miau/eduzz-miau/packages/client
|
|
3
|
-
> esbuild src/index.ts --bundle --sourcemap --platform=node --target=es2020 --outfile=dist/index.js
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
dist/index.js 438.6kb
|
|
7
|
-
dist/index.js.map 735.6kb
|
|
8
|
-
|
|
9
|
-
⚡ Done in 583ms
|