@flink-app/jwt-auth-plugin 0.12.1-alpha.0 → 0.12.1-alpha.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/FlinkJwtAuthPlugin.js +17 -17
- package/dist/PermissionValidator.js +1 -1
- package/dist/index.js +5 -1
- package/package.json +33 -33
|
@@ -25,7 +25,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
25
25
|
function verb(n) { return function (v) { return step([n, v]); }; }
|
|
26
26
|
function step(op) {
|
|
27
27
|
if (f) throw new TypeError("Generator is already executing.");
|
|
28
|
-
while (_) try {
|
|
28
|
+
while (g && (g = 0, op[0] && (_ = 0)), _) try {
|
|
29
29
|
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
|
|
30
30
|
if (y = 0, t) op = [op[0] & 2, t.value];
|
|
31
31
|
switch (op[0]) {
|
|
@@ -86,12 +86,12 @@ function jwtAuthPlugin(_a) {
|
|
|
86
86
|
};
|
|
87
87
|
}
|
|
88
88
|
exports.jwtAuthPlugin = jwtAuthPlugin;
|
|
89
|
-
function authenticateRequest(
|
|
90
|
-
|
|
91
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
89
|
+
function authenticateRequest(req_1, routePermissions_1, rolePermissions_1, _a) {
|
|
90
|
+
return __awaiter(this, arguments, void 0, function (req, routePermissions, rolePermissions, _b) {
|
|
92
91
|
var token, decodedToken, permissionsArr, validPerms, user;
|
|
93
|
-
|
|
94
|
-
|
|
92
|
+
var secret = _b.secret, algo = _b.algo, getUser = _b.getUser;
|
|
93
|
+
return __generator(this, function (_c) {
|
|
94
|
+
switch (_c.label) {
|
|
95
95
|
case 0:
|
|
96
96
|
token = getTokenFromReq(req);
|
|
97
97
|
if (!token) return [3 /*break*/, 2];
|
|
@@ -100,7 +100,7 @@ function authenticateRequest(req, routePermissions, rolePermissions, _a) {
|
|
|
100
100
|
decodedToken = jwt_simple_1.default.decode(token, secret, false, algo);
|
|
101
101
|
}
|
|
102
102
|
catch (err) {
|
|
103
|
-
flink_1.log.debug("Failed to decode token: "
|
|
103
|
+
flink_1.log.debug("Failed to decode token: ".concat(err));
|
|
104
104
|
decodedToken = null;
|
|
105
105
|
}
|
|
106
106
|
if (!decodedToken) return [3 /*break*/, 2];
|
|
@@ -108,14 +108,14 @@ function authenticateRequest(req, routePermissions, rolePermissions, _a) {
|
|
|
108
108
|
? routePermissions
|
|
109
109
|
: [routePermissions];
|
|
110
110
|
if (permissionsArr && permissionsArr.length > 0) {
|
|
111
|
-
validPerms = PermissionValidator_1.hasValidPermissions(decodedToken.roles || [], rolePermissions, permissionsArr);
|
|
111
|
+
validPerms = (0, PermissionValidator_1.hasValidPermissions)(decodedToken.roles || [], rolePermissions, permissionsArr);
|
|
112
112
|
if (!validPerms) {
|
|
113
113
|
return [2 /*return*/, false];
|
|
114
114
|
}
|
|
115
115
|
}
|
|
116
116
|
return [4 /*yield*/, getUser(decodedToken)];
|
|
117
117
|
case 1:
|
|
118
|
-
user =
|
|
118
|
+
user = _c.sent();
|
|
119
119
|
req.user = user;
|
|
120
120
|
return [2 /*return*/, true];
|
|
121
121
|
case 2: return [2 /*return*/, false];
|
|
@@ -131,10 +131,10 @@ function getTokenFromReq(req) {
|
|
|
131
131
|
}
|
|
132
132
|
return;
|
|
133
133
|
}
|
|
134
|
-
function createToken(
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
return __generator(this, function (
|
|
134
|
+
function createToken(payload_1, _a) {
|
|
135
|
+
return __awaiter(this, arguments, void 0, function (payload, _b) {
|
|
136
|
+
var secret = _b.secret, algo = _b.algo, tokenTTL = _b.tokenTTL;
|
|
137
|
+
return __generator(this, function (_c) {
|
|
138
138
|
if (!payload) {
|
|
139
139
|
throw new Error("Cannot create token - payload is missing");
|
|
140
140
|
}
|
|
@@ -152,13 +152,13 @@ function createPasswordHashAndSalt(password, passwordPolicy) {
|
|
|
152
152
|
switch (_a.label) {
|
|
153
153
|
case 0:
|
|
154
154
|
if (!passwordPolicy.test(password)) {
|
|
155
|
-
flink_1.log.debug("Password does not match password policy '"
|
|
155
|
+
flink_1.log.debug("Password does not match password policy '".concat(passwordPolicy, "'"));
|
|
156
156
|
return [2 /*return*/, null];
|
|
157
157
|
}
|
|
158
|
-
return [4 /*yield*/, BcryptUtils_1.genSalt(10)];
|
|
158
|
+
return [4 /*yield*/, (0, BcryptUtils_1.genSalt)(10)];
|
|
159
159
|
case 1:
|
|
160
160
|
salt = _a.sent();
|
|
161
|
-
return [4 /*yield*/, BcryptUtils_1.encrypt(password, salt)];
|
|
161
|
+
return [4 /*yield*/, (0, BcryptUtils_1.encrypt)(password, salt)];
|
|
162
162
|
case 2:
|
|
163
163
|
hash = _a.sent();
|
|
164
164
|
return [2 /*return*/, { salt: salt, hash: hash }];
|
|
@@ -171,7 +171,7 @@ function validatePassword(password, passwordHash, salt) {
|
|
|
171
171
|
var hashCandidate;
|
|
172
172
|
return __generator(this, function (_a) {
|
|
173
173
|
switch (_a.label) {
|
|
174
|
-
case 0: return [4 /*yield*/, BcryptUtils_1.encrypt(password, salt)];
|
|
174
|
+
case 0: return [4 /*yield*/, (0, BcryptUtils_1.encrypt)(password, salt)];
|
|
175
175
|
case 1:
|
|
176
176
|
hashCandidate = _a.sent();
|
|
177
177
|
return [2 /*return*/, hashCandidate === passwordHash];
|
|
@@ -21,7 +21,7 @@ function hasValidPermissions(roles, rolePermissions, routePermissions) {
|
|
|
21
21
|
var _loop_1 = function (role) {
|
|
22
22
|
var thisRolesPermissions = rolePermissions[role];
|
|
23
23
|
if (!thisRolesPermissions) {
|
|
24
|
-
flink_1.log.warn("Role '"
|
|
24
|
+
flink_1.log.warn("Role '".concat(role, "' does not have any permissions defined"));
|
|
25
25
|
return "continue";
|
|
26
26
|
}
|
|
27
27
|
if (thisRolesPermissions.includes("*")) {
|
package/dist/index.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
3
|
if (k2 === undefined) k2 = k;
|
|
4
|
-
Object.
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
5
9
|
}) : (function(o, m, k, k2) {
|
|
6
10
|
if (k2 === undefined) k2 = k;
|
|
7
11
|
o[k2] = m[k];
|
package/package.json
CHANGED
|
@@ -1,35 +1,35 @@
|
|
|
1
1
|
{
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
2
|
+
"name": "@flink-app/jwt-auth-plugin",
|
|
3
|
+
"version": "0.12.1-alpha.2",
|
|
4
|
+
"description": "Flink plugin for JWT auth",
|
|
5
|
+
"scripts": {
|
|
6
|
+
"test": "node --preserve-symlinks -r ts-node/register -- node_modules/jasmine/bin/jasmine --config=./spec/support/jasmine.json",
|
|
7
|
+
"test:watch": "nodemon --ext ts --exec 'jasmine-ts --config=./spec/support/jasmine.json'",
|
|
8
|
+
"prepublish": "tsc --project tsconfig.dist.json",
|
|
9
|
+
"watch": "tsc-watch --project tsconfig.dist.json"
|
|
10
|
+
},
|
|
11
|
+
"author": "joel@frost.se",
|
|
12
|
+
"license": "MIT",
|
|
13
|
+
"types": "dist/index.d.ts",
|
|
14
|
+
"main": "dist/index.js",
|
|
15
|
+
"publishConfig": {
|
|
16
|
+
"access": "public"
|
|
17
|
+
},
|
|
18
|
+
"dependencies": {
|
|
19
|
+
"bcrypt": "^5.0.1",
|
|
20
|
+
"jwt-simple": "^0.5.6"
|
|
21
|
+
},
|
|
22
|
+
"devDependencies": {
|
|
23
|
+
"@flink-app/flink": "^0.12.1-alpha.2",
|
|
24
|
+
"@types/bcrypt": "^5.0.0",
|
|
25
|
+
"@types/jasmine": "^3.7.1",
|
|
26
|
+
"@types/node": "22.13.10",
|
|
27
|
+
"jasmine": "^3.7.0",
|
|
28
|
+
"jasmine-spec-reporter": "^7.0.0",
|
|
29
|
+
"nodemon": "^2.0.7",
|
|
30
|
+
"ts-node": "^9.1.1",
|
|
31
|
+
"tsc-watch": "^4.2.9",
|
|
32
|
+
"typescript": "5.4.5"
|
|
33
|
+
},
|
|
34
|
+
"gitHead": "b5be77c75e10067c81e0ecab8716b30f99833b83"
|
|
35
35
|
}
|