@eduzz/miau-client 0.0.18 → 0.0.20

package/.turbo/turbo-build$colon$types.log

@@ -1,4 +1,4 @@
 
-> @eduzz/miau-client@0.0.18 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
+> @eduzz/miau-client@0.0.20 build:types /home/runner/work/eduzz-miau/eduzz-miau/packages/client
 > tsc --emitDeclarationOnly --outDir dist
 

package/.turbo/turbo-prepublish.log

@@ -1,4 +1,4 @@
 
-> @eduzz/miau-client@0.0.18 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
+> @eduzz/miau-client@0.0.20 prepublish /home/runner/work/eduzz-miau/eduzz-miau/packages/client
 > sh ./scripts/prepare-publish.sh
 

package/dist/MiauClient.d.ts

@@ -1,21 +1,27 @@
 import { type RequestHandler } from 'express';
-import { type Permission } from '@eduzz/miau-types';
+import { type SecretEnv, type Permission } from '@eduzz/miau-types';
 import { type RequestAugmentation } from './middleware';
 type MiauClientConfig = {
     apiUrl: string;
     appSecret: string;
+    environment: SecretEnv;
 };
 export declare class MiauClient {
     private apiUrl;
+    private environment;
     private jwtToken;
     private jwksClient;
     private basicAuthToken;
     private permissionsCache;
     private permissionsRequests;
-    constructor(props: MiauClientConfig);
+    constructor(config: MiauClientConfig);
+    getEnvironment(): SecretEnv;
     getPublicKey(kid: string): Promise<string>;
     getToken(): Promise<string | undefined>;
-    middleware<T = Record<string, string>>(requestAugmentation?: RequestAugmentation<T>, fallbackMidlleware?: RequestHandler): RequestHandler;
+    middleware<T = Record<string, string>>(config?: {
+        requestAugmentation?: RequestAugmentation<T>;
+        fallbackMidlleware?: RequestHandler;
+    }): RequestHandler;
     getPermissions(targetAppId: string): Promise<Permission>;
     private requestPermissions;
     private getApiJwtUrl;

package/dist/index.js

@@ -11715,14 +11715,133 @@ var index_exports = {};
 __export(index_exports, {
   HttpMethods: () => HttpMethods,
   MiauClient: () => MiauClient,
-  ResourceProtocols: () => ResourceProtocols
+  ResourceProtocols: () => ResourceProtocols,
+  envMap: () => envMap,
+  envs: () => envs,
+  expirationOptions: () => expirationOptions,
+  expirationOptionsValues: () => expirationOptionsValues,
+  expirationTimeToDate: () => expirationTimeToDate
 });
 module.exports = __toCommonJS(index_exports);
 
 // ../types/src/types/Resource.ts
-var ResourceProtocols = ["http", "websocket", "grpc"];
+var ResourceProtocols = ["http"];
 var HttpMethods = ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"];
 
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/constants.js
+var daysInYear = 365.2425;
+var maxTime = Math.pow(10, 8) * 24 * 60 * 60 * 1e3;
+var minTime = -maxTime;
+var millisecondsInHour = 36e5;
+var secondsInHour = 3600;
+var secondsInDay = secondsInHour * 24;
+var secondsInWeek = secondsInDay * 7;
+var secondsInYear = secondsInDay * daysInYear;
+var secondsInMonth = secondsInYear / 12;
+var secondsInQuarter = secondsInMonth * 3;
+var constructFromSymbol = Symbol.for("constructDateFrom");
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/constructFrom.js
+function constructFrom(date, value) {
+  if (typeof date === "function") return date(value);
+  if (date && typeof date === "object" && constructFromSymbol in date)
+    return date[constructFromSymbol](value);
+  if (date instanceof Date) return new date.constructor(value);
+  return new Date(value);
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/toDate.js
+function toDate(argument, context) {
+  return constructFrom(context || argument, argument);
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/addDays.js
+function addDays(date, amount, options) {
+  const _date = toDate(date, options?.in);
+  if (isNaN(amount)) return constructFrom(options?.in || date, NaN);
+  if (!amount) return _date;
+  _date.setDate(_date.getDate() + amount);
+  return _date;
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/addMilliseconds.js
+function addMilliseconds(date, amount, options) {
+  return constructFrom(options?.in || date, +toDate(date) + amount);
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/addHours.js
+function addHours(date, amount, options) {
+  return addMilliseconds(date, amount * millisecondsInHour, options);
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/addMonths.js
+function addMonths(date, amount, options) {
+  const _date = toDate(date, options?.in);
+  if (isNaN(amount)) return constructFrom(options?.in || date, NaN);
+  if (!amount) {
+    return _date;
+  }
+  const dayOfMonth = _date.getDate();
+  const endOfDesiredMonth = constructFrom(options?.in || date, _date.getTime());
+  endOfDesiredMonth.setMonth(_date.getMonth() + amount + 1, 0);
+  const daysInMonth = endOfDesiredMonth.getDate();
+  if (dayOfMonth >= daysInMonth) {
+    return endOfDesiredMonth;
+  } else {
+    _date.setFullYear(
+      endOfDesiredMonth.getFullYear(),
+      endOfDesiredMonth.getMonth(),
+      dayOfMonth
+    );
+    return _date;
+  }
+}
+
+// ../../node_modules/.pnpm/date-fns@4.1.0/node_modules/date-fns/addYears.js
+function addYears(date, amount, options) {
+  return addMonths(date, amount * 12, options);
+}
+
+// ../types/src/types/Secret.ts
+var expirationOptions = {
+  "Forever": "forever",
+  "One hour": "oneHour",
+  "Six hours": "sixHours",
+  "Twelve hours": "twelveHours",
+  "One day": "oneDay",
+  "One week": "sevenDays",
+  "One month": "oneMonth",
+  "Six months": "sixMonths",
+  "One year": "oneYear"
+};
+var expirationOptionsValues = Object.values(expirationOptions);
+var conversionMap = {
+  forever: () => void 0,
+  oneHour: () => addHours(/* @__PURE__ */ new Date(), 1),
+  sixHours: () => addHours(/* @__PURE__ */ new Date(), 6),
+  twelveHours: () => addHours(/* @__PURE__ */ new Date(), 12),
+  oneDay: () => addDays(/* @__PURE__ */ new Date(), 1),
+  sevenDays: () => addDays(/* @__PURE__ */ new Date(), 7),
+  oneMonth: () => addMonths(/* @__PURE__ */ new Date(), 1),
+  sixMonths: () => addMonths(/* @__PURE__ */ new Date(), 6),
+  oneYear: () => addYears(/* @__PURE__ */ new Date(), 1)
+};
+var expirationTimeToDate = (option) => {
+  return conversionMap[option]() ?? void 0;
+};
+
+// ../types/src/types/Environments.ts
+var envs = {
+  development: "Development",
+  test: "Testing",
+  production: "Production"
+};
+var envMap = {
+  development: "d",
+  test: "q",
+  production: "p"
+};
+
 // src/MiauClient.ts
 var import_node_crypto = __toESM(require("node:crypto"));
 var import_jsonwebtoken2 = __toESM(require_jsonwebtoken());
@@ -11756,11 +11875,19 @@ var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
         throw new HttpError(400, "Invalid Token", "Missing kid in token header");
       }
       const publicKey = await miauClient.getPublicKey(decodedToken.header.kid);
-      const appToken = import_jsonwebtoken.default.verify(token, publicKey, { algorithms: ["RS256"] });
-      if (!appToken || !appToken.id || !appToken.name) {
+      const clientToken = import_jsonwebtoken.default.verify(token, publicKey, { algorithms: ["RS256"] });
+      if (!clientToken || !clientToken.application || !clientToken.secret || !clientToken.application.id || !clientToken.secret.id || !clientToken.secret.environment) {
         throw new HttpError(400, "Invalid Token", "Token verification failed");
       }
-      const permission = await miauClient.getPermissions(appToken.id);
+      const { application, secret } = clientToken;
+      if (secret.environment != miauClient.getEnvironment()) {
+        throw new HttpError(
+          400,
+          "Invalid Environment",
+          `Secret environment ${secret.environment} does not match client environment ${miauClient.getEnvironment()}`
+        );
+      }
+      const permission = await miauClient.getPermissions(application.id);
       if (!permission) {
         throw new HttpError(401, "Unauthorized", "No permissions found for this application");
       }
@@ -11771,8 +11898,9 @@ var miauMiddleware = (miauClient, requestAugmentation, fallbackMidlleware) => {
       if (!isAllowed) {
         throw new HttpError(403, "Forbidden", `You do not have permission to access ${req.method} ${req.path}`);
       }
-      req.miauApplication = { id: appToken?.id, name: appToken?.name };
-      req.miauMetadata = permission?.metadata || {};
+      req.miauApplication = { id: application.id, name: application.name };
+      const environment = miauClient.getEnvironment();
+      req.miauMetadata = permission?.metadata?.[environment] || {};
       if (requestAugmentation) {
         requestAugmentation({ req, app: req.miauApplication, meta: req.miauMetadata });
       }
@@ -11802,7 +11930,7 @@ var reusableFetch = async (input, init) => {
   });
 };
 var MiauClient = class {
-  constructor(props) {
+  constructor(config) {
     this.permissionsCache = /* @__PURE__ */ new Map();
     this.permissionsRequests = /* @__PURE__ */ new Map();
     this.getApiJwtUrl = () => {
@@ -11814,11 +11942,15 @@ var MiauClient = class {
     this.getJwksUrl = () => {
       return `${this.apiUrl}/v1/jwks.json`;
     };
-    this.apiUrl = props.apiUrl;
-    const apiKey = props.appSecret.substring(7, 32);
-    const hashedSecret = import_node_crypto.default.createHash("sha256").update(props.appSecret).digest("hex");
+    this.apiUrl = config.apiUrl;
+    this.environment = config.environment;
+    const apiKey = config.appSecret.substring(7, 32);
+    const hashedSecret = import_node_crypto.default.createHash("sha256").update(config.appSecret).digest("hex");
     this.basicAuthToken = Buffer.from(`${apiKey}:${hashedSecret}`).toString("base64");
   }
+  getEnvironment() {
+    return this.environment;
+  }
   async getPublicKey(kid) {
     if (!this.jwksClient) {
       this.jwksClient = new import_jwks_rsa.JwksClient({ jwksUri: this.getJwksUrl(), cache: true });
@@ -11840,14 +11972,15 @@ var MiauClient = class {
         "Content-Type": "application/json"
       }
     });
+    const data = await response.json();
     if (response.status !== 200) {
-      throw new Error("Failed to fetch token");
+      throw new Error(data.message || "Failed to fetch JWT token");
     }
-    this.jwtToken = (await response.json()).jwt;
+    this.jwtToken = data.jwt;
     return this.jwtToken;
   }
-  middleware(requestAugmentation, fallbackMidlleware) {
-    return miauMiddleware(this, requestAugmentation, fallbackMidlleware);
+  middleware(config) {
+    return miauMiddleware(this, config?.requestAugmentation, config?.fallbackMidlleware);
   }
   async getPermissions(targetAppId) {
     if (this.permissionsCache.has(targetAppId)) {
@@ -11884,7 +12017,12 @@ var MiauClient = class {
 0 && (module.exports = {
   HttpMethods,
   MiauClient,
-  ResourceProtocols
+  ResourceProtocols,
+  envMap,
+  envs,
+  expirationOptions,
+  expirationOptionsValues,
+  expirationTimeToDate
 });
 /*! Bundled license information: