@estopia/shared 1.0.42 → 1.0.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/helpers/middlware/scope.d.ts +12 -0
- package/dist/helpers/middlware/scope.d.ts.map +1 -0
- package/dist/helpers/middlware/scope.js +28 -0
- package/dist/helpers/middlware/scope.js.map +1 -0
- package/dist/server.d.ts +3 -1
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +4 -2
- package/dist/server.js.map +1 -1
- package/dist/types/oauth.d.ts +93 -1
- package/dist/types/oauth.d.ts.map +1 -1
- package/dist/types/oauth.js +25 -1
- package/dist/types/oauth.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { Response, NextFunction } from 'express';
|
|
2
|
+
import { EstopiaRequest } from '../../types/request';
|
|
3
|
+
/**
|
|
4
|
+
* Middleware to require a specific OAuth scope for the endpoint.
|
|
5
|
+
* - This checks if the user is authenticated via OAuth ('req.auth.OAuthId').
|
|
6
|
+
* - If it is a first-party session/cookie ('req.auth' exists but no 'OAuthId'), it bypasses the scope check.
|
|
7
|
+
* - If the required scope is not granted, it returns 403.
|
|
8
|
+
*
|
|
9
|
+
* @param requiredScope The exact scope or parent scope required to access this endpoint.
|
|
10
|
+
*/
|
|
11
|
+
export declare const requireScope: (requiredScope: string) => (req: EstopiaRequest, res: Response, next: NextFunction) => Response<any, Record<string, any>> | undefined;
|
|
12
|
+
//# sourceMappingURL=scope.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scope.d.ts","sourceRoot":"","sources":["../../../src/helpers/middlware/scope.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD;;;;;;;GAOG;AACH,eAAO,MAAM,YAAY,GAAI,eAAe,MAAM,MACtC,KAAK,cAAc,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,mDAcjE,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.requireScope = void 0;
|
|
4
|
+
const scopeMatching_1 = require("../scopeMatching");
|
|
5
|
+
/**
|
|
6
|
+
* Middleware to require a specific OAuth scope for the endpoint.
|
|
7
|
+
* - This checks if the user is authenticated via OAuth ('req.auth.OAuthId').
|
|
8
|
+
* - If it is a first-party session/cookie ('req.auth' exists but no 'OAuthId'), it bypasses the scope check.
|
|
9
|
+
* - If the required scope is not granted, it returns 403.
|
|
10
|
+
*
|
|
11
|
+
* @param requiredScope The exact scope or parent scope required to access this endpoint.
|
|
12
|
+
*/
|
|
13
|
+
const requireScope = (requiredScope) => {
|
|
14
|
+
return (req, res, next) => {
|
|
15
|
+
if (!req.auth) {
|
|
16
|
+
return res.status(401).json({ error: 'Unauthorized' });
|
|
17
|
+
}
|
|
18
|
+
// Only enforce OAuth scopes if the request was made using an OAuth token
|
|
19
|
+
if (req.auth.OAuthId) {
|
|
20
|
+
if (!(0, scopeMatching_1.hasScope)(req.auth.scopes || [], requiredScope)) {
|
|
21
|
+
return res.status(403).json({ error: `Insufficient scope: requires ${requiredScope}` });
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
next();
|
|
25
|
+
};
|
|
26
|
+
};
|
|
27
|
+
exports.requireScope = requireScope;
|
|
28
|
+
//# sourceMappingURL=scope.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scope.js","sourceRoot":"","sources":["../../../src/helpers/middlware/scope.ts"],"names":[],"mappings":";;;AAEA,oDAA4C;AAE5C;;;;;;;GAOG;AACI,MAAM,YAAY,GAAG,CAAC,aAAqB,EAAE,EAAE;IAClD,OAAO,CAAC,GAAmB,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC9D,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YACZ,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,CAAC,CAAC;QAC3D,CAAC;QAED,yEAAyE;QACzE,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACnB,IAAI,CAAC,IAAA,wBAAQ,EAAC,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,EAAE,aAAa,CAAC,EAAE,CAAC;gBAClD,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,gCAAgC,aAAa,EAAE,EAAE,CAAC,CAAC;YAC5F,CAAC;QACL,CAAC;QAED,IAAI,EAAE,CAAC;IACX,CAAC,CAAC;AACN,CAAC,CAAC;AAfW,QAAA,YAAY,gBAevB"}
|
package/dist/server.d.ts
CHANGED
|
@@ -4,7 +4,8 @@ export { createCockroachDBConnection } from './database/cockroach';
|
|
|
4
4
|
export type { CockroachConfig } from './database/types';
|
|
5
5
|
export { Pool as CockroachDBClient } from 'pg';
|
|
6
6
|
export { Client as ScyllaDBClient } from 'cassandra-driver';
|
|
7
|
-
export { Kysely
|
|
7
|
+
export { Kysely } from 'kysely';
|
|
8
|
+
export type { DB } from './database/dataTypes';
|
|
8
9
|
export { EventPublisher } from './broker/publisher';
|
|
9
10
|
export { EventSubscriber } from './broker/subscriber';
|
|
10
11
|
export type { EventPayloads } from './broker/eventTypes';
|
|
@@ -14,4 +15,5 @@ export type { EstopiaRequest } from './types/request';
|
|
|
14
15
|
export { requireAuth } from './helpers/middlware/auth';
|
|
15
16
|
export { requireSecure } from './helpers/middlware/secure';
|
|
16
17
|
export { requireAdmin } from './helpers/middlware/admin';
|
|
18
|
+
export { requireScope } from './helpers/middlware/scope';
|
|
17
19
|
//# sourceMappingURL=server.d.ts.map
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,YAAY,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAE/D,OAAO,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAGnE,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGxD,OAAO,EAAE,IAAI,IAAI,iBAAiB,EAAE,MAAM,IAAI,CAAC;AAC/C,OAAO,EAAE,MAAM,IAAI,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,YAAY,EAAE,aAAa,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAE/D,OAAO,EAAE,2BAA2B,EAAE,MAAM,sBAAsB,CAAC;AAGnE,YAAY,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGxD,OAAO,EAAE,IAAI,IAAI,iBAAiB,EAAE,MAAM,IAAI,CAAC;AAC/C,OAAO,EAAE,MAAM,IAAI,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAChC,YAAY,EAAE,EAAE,EAAE,MAAM,sBAAsB,CAAC;AAE/C,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEzD,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACnF,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAEnD,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC"}
|
package/dist/server.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.requireAdmin = exports.requireSecure = exports.requireAuth = exports.hasScope = exports.tryValidateJWTToken = exports.validateJWTToken = exports.EventSubscriber = exports.EventPublisher = exports.
|
|
3
|
+
exports.requireScope = exports.requireAdmin = exports.requireSecure = exports.requireAuth = exports.hasScope = exports.tryValidateJWTToken = exports.validateJWTToken = exports.EventSubscriber = exports.EventPublisher = exports.Kysely = exports.ScyllaDBClient = exports.CockroachDBClient = exports.createCockroachDBConnection = exports.createLogger = void 0;
|
|
4
4
|
var logger_1 = require("./logging/logger");
|
|
5
5
|
Object.defineProperty(exports, "createLogger", { enumerable: true, get: function () { return logger_1.createLogger; } });
|
|
6
6
|
var cockroach_1 = require("./database/cockroach");
|
|
@@ -11,7 +11,7 @@ Object.defineProperty(exports, "CockroachDBClient", { enumerable: true, get: fun
|
|
|
11
11
|
var cassandra_driver_1 = require("cassandra-driver");
|
|
12
12
|
Object.defineProperty(exports, "ScyllaDBClient", { enumerable: true, get: function () { return cassandra_driver_1.Client; } });
|
|
13
13
|
var kysely_1 = require("kysely");
|
|
14
|
-
Object.defineProperty(exports, "
|
|
14
|
+
Object.defineProperty(exports, "Kysely", { enumerable: true, get: function () { return kysely_1.Kysely; } });
|
|
15
15
|
var publisher_1 = require("./broker/publisher");
|
|
16
16
|
Object.defineProperty(exports, "EventPublisher", { enumerable: true, get: function () { return publisher_1.EventPublisher; } });
|
|
17
17
|
var subscriber_1 = require("./broker/subscriber");
|
|
@@ -27,4 +27,6 @@ var secure_1 = require("./helpers/middlware/secure");
|
|
|
27
27
|
Object.defineProperty(exports, "requireSecure", { enumerable: true, get: function () { return secure_1.requireSecure; } });
|
|
28
28
|
var admin_1 = require("./helpers/middlware/admin");
|
|
29
29
|
Object.defineProperty(exports, "requireAdmin", { enumerable: true, get: function () { return admin_1.requireAdmin; } });
|
|
30
|
+
var scope_1 = require("./helpers/middlware/scope");
|
|
31
|
+
Object.defineProperty(exports, "requireScope", { enumerable: true, get: function () { return scope_1.requireScope; } });
|
|
30
32
|
//# sourceMappingURL=server.js.map
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;AAAA,2CAAgD;AAAvC,sGAAA,YAAY,OAAA;AAGrB,kDAAmE;AAA1D,wHAAA,2BAA2B,OAAA;AAKpC,iEAAiE;AACjE,yBAA+C;AAAtC,uGAAA,IAAI,OAAqB;AAClC,qDAA4D;AAAnD,kHAAA,MAAM,OAAkB;AACjC,
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":";;;AAAA,2CAAgD;AAAvC,sGAAA,YAAY,OAAA;AAGrB,kDAAmE;AAA1D,wHAAA,2BAA2B,OAAA;AAKpC,iEAAiE;AACjE,yBAA+C;AAAtC,uGAAA,IAAI,OAAqB;AAClC,qDAA4D;AAAnD,kHAAA,MAAM,OAAkB;AACjC,iCAAgC;AAAvB,gGAAA,MAAM,OAAA;AAGf,gDAAoD;AAA3C,2GAAA,cAAc,OAAA;AACvB,kDAAsD;AAA7C,6GAAA,eAAe,OAAA;AAGxB,+DAAmF;AAA1E,oHAAA,gBAAgB,OAAA;AAAE,uHAAA,mBAAmB,OAAA;AAC9C,yDAAmD;AAA1C,yGAAA,QAAQ,OAAA;AAGjB,iDAAuD;AAA9C,mGAAA,WAAW,OAAA;AACpB,qDAA2D;AAAlD,uGAAA,aAAa,OAAA;AACtB,mDAAyD;AAAhD,qGAAA,YAAY,OAAA;AACrB,mDAAyD;AAAhD,qGAAA,YAAY,OAAA"}
|
package/dist/types/oauth.d.ts
CHANGED
|
@@ -78,7 +78,99 @@ export declare const OAUTH_SCOPES: readonly [{
|
|
|
78
78
|
readonly id: "openid";
|
|
79
79
|
readonly label: "User ID";
|
|
80
80
|
readonly desc: "Access to your user ID. This could be used for tracking";
|
|
81
|
+
}, {
|
|
82
|
+
readonly id: "files";
|
|
83
|
+
readonly label: "Files Full Access";
|
|
84
|
+
readonly desc: "Full access to manage all your files.";
|
|
85
|
+
}, {
|
|
86
|
+
readonly id: "files:read";
|
|
87
|
+
readonly label: "Read Files";
|
|
88
|
+
readonly desc: "Read access to your personal files.";
|
|
89
|
+
}, {
|
|
90
|
+
readonly id: "files:write";
|
|
91
|
+
readonly label: "Write Files";
|
|
92
|
+
readonly desc: "Permission to upload and delete your personal files.";
|
|
93
|
+
}, {
|
|
94
|
+
readonly id: "medical";
|
|
95
|
+
readonly label: "Medical Full Access";
|
|
96
|
+
readonly desc: "Full access to your medical tracker data.";
|
|
97
|
+
}, {
|
|
98
|
+
readonly id: "medical:read";
|
|
99
|
+
readonly label: "Read Medical";
|
|
100
|
+
readonly desc: "Read access to your medical tracker data.";
|
|
101
|
+
}, {
|
|
102
|
+
readonly id: "medical:write";
|
|
103
|
+
readonly label: "Write Medical";
|
|
104
|
+
readonly desc: "Permission to modify your medical tracker data.";
|
|
105
|
+
}, {
|
|
106
|
+
readonly id: "plated";
|
|
107
|
+
readonly label: "Plated Full Access";
|
|
108
|
+
readonly desc: "Full access to your Plated meal planner.";
|
|
109
|
+
}, {
|
|
110
|
+
readonly id: "plated:read";
|
|
111
|
+
readonly label: "Read Plated";
|
|
112
|
+
readonly desc: "Read access to your Plated meal planner.";
|
|
113
|
+
}, {
|
|
114
|
+
readonly id: "plated:write";
|
|
115
|
+
readonly label: "Write Plated";
|
|
116
|
+
readonly desc: "Permission to modify your Plated meal planner.";
|
|
117
|
+
}, {
|
|
118
|
+
readonly id: "confess";
|
|
119
|
+
readonly label: "Confess Full Access";
|
|
120
|
+
readonly desc: "Full access to Confess card packs.";
|
|
121
|
+
}, {
|
|
122
|
+
readonly id: "confess:read";
|
|
123
|
+
readonly label: "Read Confess";
|
|
124
|
+
readonly desc: "Read access to Confess card packs.";
|
|
125
|
+
}, {
|
|
126
|
+
readonly id: "confess:write";
|
|
127
|
+
readonly label: "Write Confess";
|
|
128
|
+
readonly desc: "Permission to modify Confess card packs.";
|
|
129
|
+
}, {
|
|
130
|
+
readonly id: "grocy";
|
|
131
|
+
readonly label: "Grocy Full Access";
|
|
132
|
+
readonly desc: "Full access to Grocy inventory.";
|
|
133
|
+
}, {
|
|
134
|
+
readonly id: "grocy:read";
|
|
135
|
+
readonly label: "Read Grocy";
|
|
136
|
+
readonly desc: "Read access to your Grocy inventory.";
|
|
137
|
+
}, {
|
|
138
|
+
readonly id: "grocy:write";
|
|
139
|
+
readonly label: "Write Grocy";
|
|
140
|
+
readonly desc: "Permission to modify your Grocy inventory.";
|
|
141
|
+
}, {
|
|
142
|
+
readonly id: "ai";
|
|
143
|
+
readonly label: "AI Full Access";
|
|
144
|
+
readonly desc: "Full access to all AI endpoints.";
|
|
145
|
+
}, {
|
|
146
|
+
readonly id: "ai:general";
|
|
147
|
+
readonly label: "AI General Assistant";
|
|
148
|
+
readonly desc: "Access to the general AI chat assistant.";
|
|
149
|
+
}, {
|
|
150
|
+
readonly id: "ai:science";
|
|
151
|
+
readonly label: "AI Science Assistant";
|
|
152
|
+
readonly desc: "Access to the science-focused AI assistant.";
|
|
153
|
+
}, {
|
|
154
|
+
readonly id: "admin";
|
|
155
|
+
readonly label: "Admin Full Access";
|
|
156
|
+
readonly desc: "Full administrative access. Very dangerous.";
|
|
157
|
+
}, {
|
|
158
|
+
readonly id: "admin:read";
|
|
159
|
+
readonly label: "Admin Read Access";
|
|
160
|
+
readonly desc: "Read-only administrative access across services.";
|
|
161
|
+
}, {
|
|
162
|
+
readonly id: "admin:write";
|
|
163
|
+
readonly label: "Admin Write Access";
|
|
164
|
+
readonly desc: "Write administrative access across services.";
|
|
165
|
+
}, {
|
|
166
|
+
readonly id: "admin:users";
|
|
167
|
+
readonly label: "Admin Users Access";
|
|
168
|
+
readonly desc: "Administrative access to manage users.";
|
|
169
|
+
}, {
|
|
170
|
+
readonly id: "admin:files";
|
|
171
|
+
readonly label: "Admin Files Access";
|
|
172
|
+
readonly desc: "Administrative access to manage all files.";
|
|
81
173
|
}];
|
|
82
174
|
export type OAuthScope = typeof OAUTH_SCOPES[number]['id'];
|
|
83
|
-
export declare const SCOPE_IDS: ("profile" | "profile:read" | "profile:write" | "profile:write:username" | "profile:read:email" | "profile:read:phone" | "profile:read:admin" | "profile:read:icon" | "profile:read:preferences" | "profile:read:passkeys" | "profile:read:authapps" | "profile:read:username" | "profile:write:email" | "profile:write:password" | "profile:write:icon" | "profile:write:preferences" | "profile:write:passkeys" | "profile:write:authapps" | "profile:delete:email" | "openid")[];
|
|
175
|
+
export declare const SCOPE_IDS: ("profile" | "profile:read" | "profile:write" | "profile:write:username" | "profile:read:email" | "profile:read:phone" | "profile:read:admin" | "profile:read:icon" | "profile:read:preferences" | "profile:read:passkeys" | "profile:read:authapps" | "profile:read:username" | "profile:write:email" | "profile:write:password" | "profile:write:icon" | "profile:write:preferences" | "profile:write:passkeys" | "profile:write:authapps" | "profile:delete:email" | "openid" | "files" | "files:read" | "files:write" | "medical" | "medical:read" | "medical:write" | "plated" | "plated:read" | "plated:write" | "confess" | "confess:read" | "confess:write" | "grocy" | "grocy:read" | "grocy:write" | "ai" | "ai:general" | "ai:science" | "admin" | "admin:read" | "admin:write" | "admin:users" | "admin:files")[];
|
|
84
176
|
//# sourceMappingURL=oauth.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/types/oauth.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY
|
|
1
|
+
{"version":3,"file":"oauth.d.ts","sourceRoot":"","sources":["../../src/types/oauth.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAoDf,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC;AAE3D,eAAO,MAAM,SAAS,+xBAA8B,CAAC"}
|
package/dist/types/oauth.js
CHANGED
|
@@ -21,7 +21,31 @@ exports.OAUTH_SCOPES = [
|
|
|
21
21
|
{ id: 'profile:write:passkeys', label: 'Write Passkeys', desc: 'Permission to update your registered passkeys.' },
|
|
22
22
|
{ id: 'profile:write:authapps', label: 'Write Auth Apps', desc: 'Permission to update your registered authentication apps.' },
|
|
23
23
|
{ id: 'profile:delete:email', label: 'Delete Email', desc: 'Permission to delete your email address.' },
|
|
24
|
-
{ id: 'openid', label: 'User ID', desc: 'Access to your user ID. This could be used for tracking' }
|
|
24
|
+
{ id: 'openid', label: 'User ID', desc: 'Access to your user ID. This could be used for tracking' },
|
|
25
|
+
// New API Limitations
|
|
26
|
+
{ id: 'files', label: 'Files Full Access', desc: 'Full access to manage all your files.' },
|
|
27
|
+
{ id: 'files:read', label: 'Read Files', desc: 'Read access to your personal files.' },
|
|
28
|
+
{ id: 'files:write', label: 'Write Files', desc: 'Permission to upload and delete your personal files.' },
|
|
29
|
+
{ id: 'medical', label: 'Medical Full Access', desc: 'Full access to your medical tracker data.' },
|
|
30
|
+
{ id: 'medical:read', label: 'Read Medical', desc: 'Read access to your medical tracker data.' },
|
|
31
|
+
{ id: 'medical:write', label: 'Write Medical', desc: 'Permission to modify your medical tracker data.' },
|
|
32
|
+
{ id: 'plated', label: 'Plated Full Access', desc: 'Full access to your Plated meal planner.' },
|
|
33
|
+
{ id: 'plated:read', label: 'Read Plated', desc: 'Read access to your Plated meal planner.' },
|
|
34
|
+
{ id: 'plated:write', label: 'Write Plated', desc: 'Permission to modify your Plated meal planner.' },
|
|
35
|
+
{ id: 'confess', label: 'Confess Full Access', desc: 'Full access to Confess card packs.' },
|
|
36
|
+
{ id: 'confess:read', label: 'Read Confess', desc: 'Read access to Confess card packs.' },
|
|
37
|
+
{ id: 'confess:write', label: 'Write Confess', desc: 'Permission to modify Confess card packs.' },
|
|
38
|
+
{ id: 'grocy', label: 'Grocy Full Access', desc: 'Full access to Grocy inventory.' },
|
|
39
|
+
{ id: 'grocy:read', label: 'Read Grocy', desc: 'Read access to your Grocy inventory.' },
|
|
40
|
+
{ id: 'grocy:write', label: 'Write Grocy', desc: 'Permission to modify your Grocy inventory.' },
|
|
41
|
+
{ id: 'ai', label: 'AI Full Access', desc: 'Full access to all AI endpoints.' },
|
|
42
|
+
{ id: 'ai:general', label: 'AI General Assistant', desc: 'Access to the general AI chat assistant.' },
|
|
43
|
+
{ id: 'ai:science', label: 'AI Science Assistant', desc: 'Access to the science-focused AI assistant.' },
|
|
44
|
+
{ id: 'admin', label: 'Admin Full Access', desc: 'Full administrative access. Very dangerous.' },
|
|
45
|
+
{ id: 'admin:read', label: 'Admin Read Access', desc: 'Read-only administrative access across services.' },
|
|
46
|
+
{ id: 'admin:write', label: 'Admin Write Access', desc: 'Write administrative access across services.' },
|
|
47
|
+
{ id: 'admin:users', label: 'Admin Users Access', desc: 'Administrative access to manage users.' },
|
|
48
|
+
{ id: 'admin:files', label: 'Admin Files Access', desc: 'Administrative access to manage all files.' }
|
|
25
49
|
];
|
|
26
50
|
exports.SCOPE_IDS = exports.OAUTH_SCOPES.map(s => s.id);
|
|
27
51
|
//# sourceMappingURL=oauth.js.map
|
package/dist/types/oauth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/types/oauth.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG;IAC1B,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,4CAA4C,EAAE;IAC7F,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,iGAAiG,EAAE;IACtJ,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACvG,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,4CAA4C,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,0CAA0C,EAAE;IACnG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,8BAA8B,EAAE;IACvF,EAAE,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,kCAAkC,EAAE;IACzF,EAAE,EAAE,EAAE,0BAA0B,EAAE,KAAK,EAAE,kBAAkB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IAC1G,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACpG,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IAChH,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,iCAAiC,EAAE;IAChG,EAAE,EAAE,EAAE,qBAAqB,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,gHAAgH,EAAE;IAC3K,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,yCAAyC,EAAE;IAClG,EAAE,EAAE,EAAE,2BAA2B,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACvH,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACjH,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,iBAAiB,EAAE,IAAI,EAAE,2DAA2D,EAAE;IAC7H,EAAE,EAAE,EAAE,sBAAsB,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,0CAA0C,EAAE;IACvG,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,yDAAyD,EAAE;
|
|
1
|
+
{"version":3,"file":"oauth.js","sourceRoot":"","sources":["../../src/types/oauth.ts"],"names":[],"mappings":";;;AAAa,QAAA,YAAY,GAAG;IAC1B,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,4CAA4C,EAAE;IAC7F,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,iGAAiG,EAAE;IACtJ,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACvG,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,4CAA4C,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,0CAA0C,EAAE;IACnG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,8BAA8B,EAAE;IACvF,EAAE,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,kCAAkC,EAAE;IACzF,EAAE,EAAE,EAAE,0BAA0B,EAAE,KAAK,EAAE,kBAAkB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IAC1G,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACpG,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IAChH,EAAE,EAAE,EAAE,uBAAuB,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,iCAAiC,EAAE;IAChG,EAAE,EAAE,EAAE,qBAAqB,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,gHAAgH,EAAE;IAC3K,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,yCAAyC,EAAE;IAClG,EAAE,EAAE,EAAE,2BAA2B,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACvH,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,gDAAgD,EAAE;IACjH,EAAE,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,iBAAiB,EAAE,IAAI,EAAE,2DAA2D,EAAE;IAC7H,EAAE,EAAE,EAAE,sBAAsB,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,0CAA0C,EAAE;IACvG,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,yDAAyD,EAAE;IAEnG,sBAAsB;IACtB,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,uCAAuC,EAAE;IAC1F,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtF,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,sDAAsD,EAAE;IAEzG,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,IAAI,EAAE,2CAA2C,EAAE;IAClG,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,2CAA2C,EAAE;IAChG,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,iDAAiD,EAAE;IAExG,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,0CAA0C,EAAE;IAC/F,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,0CAA0C,EAAE;IAC7F,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,gDAAgD,EAAE;IAErG,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,IAAI,EAAE,oCAAoC,EAAE;IAC3F,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,oCAAoC,EAAE;IACzF,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,0CAA0C,EAAE;IAEjG,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,iCAAiC,EAAE;IACpF,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,sCAAsC,EAAE;IACvF,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,aAAa,EAAE,IAAI,EAAE,4CAA4C,EAAE;IAE/F,EAAE,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,gBAAgB,EAAE,IAAI,EAAE,kCAAkC,EAAE;IAC/E,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,0CAA0C,EAAE;IACrG,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,sBAAsB,EAAE,IAAI,EAAE,6CAA6C,EAAE;IAExG,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,6CAA6C,EAAE;IAChG,EAAE,EAAE,EAAE,YAAY,EAAE,KAAK,EAAE,mBAAmB,EAAE,IAAI,EAAE,kDAAkD,EAAE;IAC1G,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,8CAA8C,EAAE;IACxG,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,wCAAwC,EAAE;IAClG,EAAE,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE,oBAAoB,EAAE,IAAI,EAAE,4CAA4C,EAAE;CAC9F,CAAC;AAIE,QAAA,SAAS,GAAG,oBAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC"}
|