@eduzz/miau-client 1.4.3 → 1.4.4-rc.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/.turbo/turbo-build$colon$types.log +1 -1
  2. package/README.md +71 -53
  3. package/package.json +1 -1
package/.turbo/turbo-build$colon$types.log CHANGED
@@ -1,4 +1,4 @@
1
1
 
2
- > @eduzz/miau-client@1.4.3 build:types /home/runner/work/eduzz-miau/eduzz-miau/clients/node-client
2
+ > @eduzz/miau-client@1.4.4 build:types /home/runner/work/eduzz-miau/eduzz-miau/clients/node-client
3
3
  > tsc --emitDeclarationOnly --outDir dist
4
4
 
package/README.md CHANGED
@@ -8,6 +8,10 @@ Node.js client for the Eduzz Miau authentication and authorization service. Incl
8
8
  npm install @eduzz/miau-client
9
9
  ```
10
10
 
11
+ ## Requirements
12
+
13
+ - Node.js >= 18
14
+
11
15
  ## Usage
12
16
 
13
17
  ```typescript
@@ -43,7 +47,7 @@ console.log(JSON.stringify(data, null, 2));
43
47
 
44
48
  ## Express Middleware
45
49
 
46
- Validates incoming requests using Miau tokens and checks permissions automatically.
50
+ The client includes an Express middleware that authenticates incoming requests using Miau tokens and checks permissions automatically.
47
51
 
48
52
  ```typescript
49
53
  import express from 'express';
@@ -55,89 +59,103 @@ const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET }
55
59
  app.use(miau.middleware());
56
60
 
57
61
  app.get('/your/endpoint', (req, res) => {
58
- // req.miauApplication - the authenticated application
62
+ // req.miauApplication - { id: '...', name: '...' }
59
63
  // req.miauMetadata - permission metadata
60
64
  res.json({ app: req.miauApplication });
61
65
  });
62
66
  ```
63
67
 
64
- With custom request augmentation:
65
-
66
- ```typescript
67
- app.use(
68
- miau.middleware({
69
- requestAugmentation: ({ req, app, meta }) => {
70
- // Attach custom data to the request
71
- },
72
- fallbackMiddleware: (req, res, next) => {
73
- // Called when token is missing/malformed (400 errors)
74
- next();
75
- },
76
- })
77
- );
78
- ```
68
+ ### Fallback handler
79
69
 
80
- ## Fastify Hook
70
+ The middleware triggers the fallback when the incoming token is missing or not a valid Miau token (HTTP 400 errors). This lets you handle alternative authentication schemes on the same routes -- for example, accepting Basic Auth for legacy clients while still supporting Miau tokens.
81
71
 
82
72
  ```typescript
83
- import Fastify from 'fastify';
73
+ import express, { type Request, type Response, type NextFunction } from 'express';
84
74
  import { MiauClient } from '@eduzz/miau-client';
85
75
 
86
- const app = Fastify();
76
+ const app = express();
87
77
  const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
88
78
 
89
- app.addHook('preHandler', miau.hook());
90
-
91
- app.get('/your/endpoint', async (request, reply) => {
92
- // request.miauApplication - the authenticated application
93
- // request.miauMetadata - permission metadata
94
- return { app: request.miauApplication };
95
- });
96
- ```
79
+ const basicAuthFallback = (req: Request, res: Response, next: NextFunction) => {
80
+ const authHeader = req.headers.authorization || '';
97
81
 
98
- ## API
82
+ if (!authHeader.startsWith('Basic ')) {
83
+ res.status(401).json({ error: 'Unauthorized', message: 'No credentials provided' });
84
+ return;
85
+ }
99
86
 
100
- ### `new MiauClient({ apiUrl, appSecret })`
87
+ const [username, password] = Buffer.from(authHeader.slice(6), 'base64').toString().split(':');
101
88
 
102
- Creates a new client instance.
89
+ // Validate credentials against your own logic
90
+ if (!validateCredentials(username, password)) {
91
+ res.status(401).json({ error: 'Unauthorized', message: 'Invalid credentials' });
92
+ return;
93
+ }
103
94
 
104
- | Parameter | Type | Description |
105
- |------------|----------|------------------------------|
106
- | `apiUrl` | `string` | Miau API base URL |
107
- | `appSecret`| `string` | Application secret from Miau |
95
+ req.username = username;
96
+ next();
97
+ };
108
98
 
109
- ### `client.getToken(): Promise<string>`
99
+ app.use('/legacy-route', miau.middleware({ fallbackMiddleware: basicAuthFallback }));
110
100
 
111
- Returns a valid JWT access token. Tokens are cached in memory and automatically refreshed when they are within 60 seconds of expiration.
101
+ app.get('/legacy-route', (req, res) => {
102
+ if (req.miauApplication) {
103
+ // Authenticated via Miau token
104
+ res.json({ auth: 'miau', application: req.miauApplication });
105
+ return;
106
+ }
112
107
 
113
- ### `client.getTokenData(): Promise<MiauClientToken>`
108
+ // Authenticated via Basic Auth fallback
109
+ res.json({ auth: 'basic', username: req.username });
110
+ });
111
+ ```
114
112
 
115
- Returns the decoded token payload.
113
+ ## Fastify Hook
116
114
 
117
- ### `client.getEnvironment(): SecretEnv`
115
+ The client also provides a Fastify `preHandler` hook with the same authentication flow.
118
116
 
119
- Returns the environment extracted from the app secret (e.g. `production`, `staging`).
117
+ ```typescript
118
+ import Fastify from 'fastify';
119
+ import { MiauClient } from '@eduzz/miau-client';
120
120
 
121
- ### `client.getPublicKey(kid: string): Promise<string>`
121
+ const app = Fastify();
122
+ const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
122
123
 
123
- Fetches and caches the public key for the given key ID from the JWKS endpoint.
124
+ app.addHook('preHandler', miau.hook());
124
125
 
125
- ### `client.verify(token: string, publicKey: string): Promise<MiauClientToken>`
126
+ app.get('/your/endpoint', async (request, reply) => {
127
+ // request.miauApplication - { id: '...', name: '...' }
128
+ // request.miauMetadata - permission metadata
129
+ return { app: request.miauApplication };
130
+ });
131
+ ```
126
132
 
127
- Verifies a JWT token using the provided public key (RS256).
133
+ ### Fallback handler
128
134
 
129
- ### `client.hasPermission(sourceAppId: string, resource: Resource): Promise<HasPermissionResponse>`
135
+ ```typescript
136
+ import Fastify from 'fastify';
137
+ import { MiauClient } from '@eduzz/miau-client';
130
138
 
131
- Checks if a source application has permission to access a given resource.
139
+ const app = Fastify();
140
+ const miau = new MiauClient({ apiUrl: MIAU_API_URL, appSecret: MIAU_APP_SECRET });
132
141
 
133
- ### `client.middleware(config?): RequestHandler`
142
+ const basicAuthFallback = async (request: FastifyRequest, reply: FastifyReply) => {
143
+ const authHeader = request.headers.authorization || '';
134
144
 
135
- Returns an Express middleware that authenticates requests and checks permissions.
145
+ if (!authHeader.startsWith('Basic ')) {
146
+ reply.code(401).send({ error: 'Unauthorized', message: 'No credentials provided' });
147
+ return;
148
+ }
136
149
 
137
- ### `client.hook(config?): FastifyHook`
150
+ const [username, password] = Buffer.from(authHeader.slice(6), 'base64').toString().split(':');
138
151
 
139
- Returns a Fastify `preHandler` hook that authenticates requests and checks permissions.
152
+ if (!validateCredentials(username, password)) {
153
+ reply.code(401).send({ error: 'Unauthorized', message: 'Invalid credentials' });
154
+ return;
155
+ }
140
156
 
141
- ## Requirements
157
+ request.username = username;
158
+ };
142
159
 
143
- - Node.js >= 18
160
+ app.addHook('preHandler', miau.hook({ fallbackMiddleware: basicAuthFallback }));
161
+ ```
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@eduzz/miau-client",
3
- "version": "1.4.3",
3
+ "version": "1.4.4-rc.15",
4
4
  "description": "Eduzz Miau Client",
5
5
  "main": "./dist/index.js",
6
6
  "types": "./dist/index.d.ts",