@fiado/api-invoker 4.15.0 → 4.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/platformRbac/api/PlatformRbacBusinessApi.d.ts +2 -1
- package/bin/platformRbac/api/PlatformRbacBusinessApi.js +4 -0
- package/bin/platformRbac/api/interfaces/IPlatformRbacBusinessApi.d.ts +8 -1
- package/package.json +2 -2
- package/src/platformRbac/api/PlatformRbacBusinessApi.ts +8 -0
- package/src/platformRbac/api/interfaces/IPlatformRbacBusinessApi.ts +11 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { IHttpRequest } from "@fiado/http-client";
|
|
2
2
|
import { ApiGatewayResponse } from "@fiado/gateway-adapter";
|
|
3
|
-
import { DefineNextChallengeRequest, DefineNextChallengeResponse, PrepareChallengeRequest, PrepareChallengeResponse, VerifyChallengeRequest, VerifyChallengeResponse, AuthorizeRequest, AuthorizeResponse } from "@fiado/type-kit/bin/platformRbac";
|
|
3
|
+
import { DefineNextChallengeRequest, DefineNextChallengeResponse, PrepareChallengeRequest, PrepareChallengeResponse, VerifyChallengeRequest, VerifyChallengeResponse, AuthorizeRequest, AuthorizeResponse, EffectivePermissionsResponse } from "@fiado/type-kit/bin/platformRbac";
|
|
4
4
|
import { IPlatformRbacBusinessApi } from "./interfaces/IPlatformRbacBusinessApi";
|
|
5
5
|
/**
|
|
6
6
|
* Publisher HTTP del lambda `platform-rbac-business` (componente 06 SureKeep Fase 0)
|
|
@@ -24,4 +24,5 @@ export default class PlatformRbacBusinessApi implements IPlatformRbacBusinessApi
|
|
|
24
24
|
prepareChallenge(input: PrepareChallengeRequest): Promise<ApiGatewayResponse<PrepareChallengeResponse>>;
|
|
25
25
|
verifyChallenge(input: VerifyChallengeRequest): Promise<ApiGatewayResponse<VerifyChallengeResponse>>;
|
|
26
26
|
authorize(input: AuthorizeRequest): Promise<ApiGatewayResponse<AuthorizeResponse>>;
|
|
27
|
+
effectivePermissions(cognitoSub: string): Promise<ApiGatewayResponse<EffectivePermissionsResponse>>;
|
|
27
28
|
}
|
|
@@ -49,6 +49,10 @@ let PlatformRbacBusinessApi = class PlatformRbacBusinessApi {
|
|
|
49
49
|
const url = `${this.baseUrl}/internal/authorize`;
|
|
50
50
|
return await this.httpRequest.post(url, input);
|
|
51
51
|
}
|
|
52
|
+
async effectivePermissions(cognitoSub) {
|
|
53
|
+
const url = `${this.baseUrl}/internal/users/${encodeURIComponent(cognitoSub)}/effective-permissions`;
|
|
54
|
+
return await this.httpRequest.get(url);
|
|
55
|
+
}
|
|
52
56
|
};
|
|
53
57
|
PlatformRbacBusinessApi = __decorate([
|
|
54
58
|
(0, inversify_1.injectable)(),
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { ApiGatewayResponse } from "@fiado/gateway-adapter";
|
|
2
|
-
import { DefineNextChallengeRequest, DefineNextChallengeResponse, PrepareChallengeRequest, PrepareChallengeResponse, VerifyChallengeRequest, VerifyChallengeResponse, AuthorizeRequest, AuthorizeResponse } from "@fiado/type-kit/bin/platformRbac";
|
|
2
|
+
import { DefineNextChallengeRequest, DefineNextChallengeResponse, PrepareChallengeRequest, PrepareChallengeResponse, VerifyChallengeRequest, VerifyChallengeResponse, AuthorizeRequest, AuthorizeResponse, EffectivePermissionsResponse } from "@fiado/type-kit/bin/platformRbac";
|
|
3
3
|
/**
|
|
4
4
|
* Contrato del publisher HTTP del lambda `platform-rbac-business` (componente 06 SureKeep Fase 0)
|
|
5
5
|
* para los 3 endpoints internos del Custom Auth Challenge flow (MFA).
|
|
@@ -45,4 +45,11 @@ export interface IPlatformRbacBusinessApi {
|
|
|
45
45
|
* resuelve permisos efectivos y devuelve `{ allow, reason?, context? }`.
|
|
46
46
|
*/
|
|
47
47
|
authorize(input: AuthorizeRequest): Promise<ApiGatewayResponse<AuthorizeResponse>>;
|
|
48
|
+
/**
|
|
49
|
+
* GET /internal/users/{cognitoSub}/effective-permissions — resuelve los permisos
|
|
50
|
+
* efectivos (más epoch y role assignments) de un usuario. Invocado por el
|
|
51
|
+
* `jwt-inyector-trigger` al emitir el token para embeber el bitset RBAC.
|
|
52
|
+
* El `cognitoSub` va en el path param (encodeURIComponent en el publisher).
|
|
53
|
+
*/
|
|
54
|
+
effectivePermissions(cognitoSub: string): Promise<ApiGatewayResponse<EffectivePermissionsResponse>>;
|
|
48
55
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@fiado/api-invoker",
|
|
3
|
-
"version": "4.
|
|
3
|
+
"version": "4.16.0",
|
|
4
4
|
"description": "Sirve como un puente entre diferentes funciones lambda, facilitando la comunicación entre ellas a través de invocaciones http",
|
|
5
5
|
"main": "bin/index.js",
|
|
6
6
|
"types": "bin/index.d.ts",
|
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
"@fiado/gateway-adapter": "^2.0.0",
|
|
18
18
|
"@fiado/http-client": "^2.0.0",
|
|
19
19
|
"@fiado/logger": "^1.0.3",
|
|
20
|
-
"@fiado/type-kit": "^3.
|
|
20
|
+
"@fiado/type-kit": "^3.71.0",
|
|
21
21
|
"dotenv": "^16.4.7"
|
|
22
22
|
},
|
|
23
23
|
"peerDependencies": {
|
|
@@ -11,6 +11,7 @@ import {
|
|
|
11
11
|
VerifyChallengeResponse,
|
|
12
12
|
AuthorizeRequest,
|
|
13
13
|
AuthorizeResponse,
|
|
14
|
+
EffectivePermissionsResponse,
|
|
14
15
|
} from "@fiado/type-kit/bin/platformRbac";
|
|
15
16
|
import { IPlatformRbacBusinessApi } from "./interfaces/IPlatformRbacBusinessApi";
|
|
16
17
|
|
|
@@ -61,4 +62,11 @@ export default class PlatformRbacBusinessApi implements IPlatformRbacBusinessApi
|
|
|
61
62
|
const url = `${this.baseUrl}/internal/authorize`;
|
|
62
63
|
return await this.httpRequest.post(url, input);
|
|
63
64
|
}
|
|
65
|
+
|
|
66
|
+
async effectivePermissions(
|
|
67
|
+
cognitoSub: string,
|
|
68
|
+
): Promise<ApiGatewayResponse<EffectivePermissionsResponse>> {
|
|
69
|
+
const url = `${this.baseUrl}/internal/users/${encodeURIComponent(cognitoSub)}/effective-permissions`;
|
|
70
|
+
return await this.httpRequest.get(url);
|
|
71
|
+
}
|
|
64
72
|
}
|
|
@@ -8,6 +8,7 @@ import {
|
|
|
8
8
|
VerifyChallengeResponse,
|
|
9
9
|
AuthorizeRequest,
|
|
10
10
|
AuthorizeResponse,
|
|
11
|
+
EffectivePermissionsResponse,
|
|
11
12
|
} from "@fiado/type-kit/bin/platformRbac";
|
|
12
13
|
|
|
13
14
|
/**
|
|
@@ -66,4 +67,14 @@ export interface IPlatformRbacBusinessApi {
|
|
|
66
67
|
authorize(
|
|
67
68
|
input: AuthorizeRequest,
|
|
68
69
|
): Promise<ApiGatewayResponse<AuthorizeResponse>>;
|
|
70
|
+
|
|
71
|
+
/**
|
|
72
|
+
* GET /internal/users/{cognitoSub}/effective-permissions — resuelve los permisos
|
|
73
|
+
* efectivos (más epoch y role assignments) de un usuario. Invocado por el
|
|
74
|
+
* `jwt-inyector-trigger` al emitir el token para embeber el bitset RBAC.
|
|
75
|
+
* El `cognitoSub` va en el path param (encodeURIComponent en el publisher).
|
|
76
|
+
*/
|
|
77
|
+
effectivePermissions(
|
|
78
|
+
cognitoSub: string,
|
|
79
|
+
): Promise<ApiGatewayResponse<EffectivePermissionsResponse>>;
|
|
69
80
|
}
|