@fonoster/authz 0.8.0 → 0.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/README.md +2 -3
  2. package/dist/client/AuthzClient.d.ts +5 -11
  3. package/dist/client/AuthzClient.js +5 -25
  4. package/dist/client/AuthzServiceClient.d.ts +3 -6
  5. package/dist/createCheckMethodAuthorized.js +8 -4
  6. package/dist/index.d.ts +1 -0
  7. package/dist/index.js +1 -0
  8. package/dist/server/AuthzServer.d.ts +2 -1
  9. package/dist/server/AuthzServer.js +11 -20
  10. package/dist/server/DummyAuthzHandler.d.ts +2 -3
  11. package/dist/server/DummyAuthzHandler.js +2 -6
  12. package/dist/server/server.js +2 -5
  13. package/dist/types.d.ts +4 -8
  14. package/package.json +5 -5
package/README.md CHANGED
@@ -18,8 +18,7 @@ type AuthzHandler = {
18
18
  checkMethodAuthorized(
19
19
  request: CheckMethodAuthorizedRequest
20
20
  ): Promise<boolean>;
21
- chargeAccount(request: ChargeAccountRequest): Promise<void>;
22
- getAccountBalance(request: GetAccountBalanceRequest): Promise<number>;
21
+ addBillingMeterEvent(request: AddBillingMeterEventRequest): Promise<void>;
23
22
  };
24
23
  ```
25
24
 
@@ -29,4 +28,4 @@ Please look at the [DummyAuthzHandler](./src/server/DummyAuthzHandler.ts) for an
29
28
 
30
29
  To enable the Authz module you need to set the `AUTHZ_SERVICE_ENABLED` environment variable to `true`. Also, you need the `AUTHZ_SERVICE_HOST` (required), `AUTHZ_SERVICE_PORT` (defaults), and `AUTHZ_SERVICE_METHODS` (default is `/fonoster.calls.v1beta2.Calls/CreateCall`) environment variables.
31
30
 
32
- Imagine you want to authorize the creation of new Workspaces. You can add the `/fonoster.workspaces.v1beta2.Workspaces/CreateWorkspace` method to the `AUTHZ_SERVICE_METHODS` environment variable and implement the `checkMethodAuthorized` method in your AuthzHandler.
31
+ Imagine you want to authorize the creation of new Workspaces. You can add the `/fonoster.identity.v1beta2.Identity/CreateWorkspace` method to the `AUTHZ_SERVICE_METHODS` environment variable and implement the `checkMethodAuthorized` method in your AuthzHandler.
package/dist/client/AuthzClient.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { CheckMethodAuthorizedRequest, ChargeAccountRequest, GetAccountBalanceRequest, VoiceRequest } from "../types";
1
+ import { CheckMethodAuthorizedRequest, AddBillingMeterEventRequest, VoiceRequest } from "../types";
2
2
  /**
3
3
  * AuthzClient class to interact with the AuthzServer via gRPC.
4
4
  */
@@ -14,7 +14,7 @@ export declare class AuthzClient {
14
14
  * @param request VoiceRequest containing session details.
15
15
  * @returns Promise resolving to a boolean indicating authorization.
16
16
  */
17
- checkSessionAuthorized(request: VoiceRequest): Promise<boolean>;
17
+ checkSessionAuthorized(request: Partial<VoiceRequest>): Promise<boolean>;
18
18
  /**
19
19
  * Checks if a specific method is authorized.
20
20
  * @param request CheckMethodAuthorizedRequest containing accessKeyId and method.
@@ -22,17 +22,11 @@ export declare class AuthzClient {
22
22
  */
23
23
  checkMethodAuthorized(request: CheckMethodAuthorizedRequest): Promise<boolean>;
24
24
  /**
25
- * Charges an account by a specified amount.
26
- * @param request ChargeAccountRequest containing accessKeyId and amount.
25
+ * Adds a billing meter event.
26
+ * @param request AddBillingMeterEventRequest containing accessKeyId and amount.
27
27
  * @returns Promise resolving when the charge is successful.
28
28
  */
29
- chargeAccount(request: ChargeAccountRequest): Promise<void>;
30
- /**
31
- * Retrieves the account balance.
32
- * @param request GetAccountBalanceRequest containing accessKeyId.
33
- * @returns Promise resolving to the account balance.
34
- */
35
- getAccountBalance(request: GetAccountBalanceRequest): Promise<number>;
29
+ addBillingMeterEvent(request: AddBillingMeterEventRequest): Promise<void>;
36
30
  /**
37
31
  * Closes the gRPC client connection.
38
32
  */
package/dist/client/AuthzClient.js CHANGED
@@ -106,15 +106,15 @@ class AuthzClient {
106
106
  });
107
107
  }
108
108
  /**
109
- * Charges an account by a specified amount.
110
- * @param request ChargeAccountRequest containing accessKeyId and amount.
109
+ * Adds a billing meter event.
110
+ * @param request AddBillingMeterEventRequest containing accessKeyId and amount.
111
111
  * @returns Promise resolving when the charge is successful.
112
112
  */
113
- async chargeAccount(request) {
113
+ async addBillingMeterEvent(request) {
114
114
  return new Promise((resolve, reject) => {
115
- this.client.chargeAccount(request, (error, _response) => {
115
+ this.client.addBillingMeterEvent(request, (error, _response) => {
116
116
  if (error) {
117
- reject(new Error(`chargeAccount failed: ${error.message || error}`));
117
+ reject(new Error(`addBillingMeterEvent failed: ${error.message || error}`));
118
118
  }
119
119
  else {
120
120
  resolve();
@@ -122,26 +122,6 @@ class AuthzClient {
122
122
  });
123
123
  });
124
124
  }
125
- /**
126
- * Retrieves the account balance.
127
- * @param request GetAccountBalanceRequest containing accessKeyId.
128
- * @returns Promise resolving to the account balance.
129
- */
130
- async getAccountBalance(request) {
131
- return new Promise((resolve, reject) => {
132
- this.client.getAccountBalance(request, (error, response) => {
133
- if (error) {
134
- reject(new Error(`getAccountBalance failed: ${error.message || error}`));
135
- }
136
- else if (response && typeof response.balance === "number") {
137
- resolve(response.balance);
138
- }
139
- else {
140
- reject(new Error(`getAccountBalance failed: Invalid response format.`));
141
- }
142
- });
143
- });
144
- }
145
125
  /**
146
126
  * Closes the gRPC client connection.
147
127
  */
package/dist/client/AuthzServiceClient.d.ts CHANGED
@@ -1,19 +1,16 @@
1
1
  import * as grpc from "@grpc/grpc-js";
2
- import { CheckMethodAuthorizedRequest, ChargeAccountRequest, GetAccountBalanceRequest, VoiceRequest } from "../types";
2
+ import { CheckMethodAuthorizedRequest, VoiceRequest, AddBillingMeterEventRequest } from "../types";
3
3
  /**
4
4
  * Interface representing the AuthzService client methods.
5
5
  * This should match the service definition used by the server.
6
6
  */
7
7
  interface AuthzServiceClient extends grpc.Client {
8
- checkSessionAuthorized(request: VoiceRequest, callback: grpc.requestCallback<{
8
+ checkSessionAuthorized(request: Partial<VoiceRequest>, callback: grpc.requestCallback<{
9
9
  authorized: boolean;
10
10
  }>): void;
11
11
  checkMethodAuthorized(request: CheckMethodAuthorizedRequest, callback: grpc.requestCallback<{
12
12
  authorized: boolean;
13
13
  }>): void;
14
- chargeAccount(request: ChargeAccountRequest, callback: grpc.requestCallback<{}>): void;
15
- getAccountBalance(request: GetAccountBalanceRequest, callback: grpc.requestCallback<{
16
- balance: number;
17
- }>): void;
14
+ addBillingMeterEvent(request: AddBillingMeterEventRequest, callback: grpc.requestCallback<{}>): void;
18
15
  }
19
16
  export { AuthzServiceClient };
package/dist/createCheckMethodAuthorized.js CHANGED
@@ -61,11 +61,15 @@ function createCheckMethodAuthorized(authzServer, methods) {
61
61
  })
62
62
  .then(() => {
63
63
  call.sendMessage({ authorized: true }, () => {
64
- logger.silly("method is authorized", { method });
64
+ logger.verbose("method is authorized", { method, accessKeyId });
65
+ });
66
+ })
67
+ .catch((error) => {
68
+ logger.verbose("method is not authorized", { method, accessKeyId });
69
+ call.sendStatus({
70
+ code: grpc_js_1.status.PERMISSION_DENIED,
71
+ details: `Method ${method} is not authorized for accessKeyId ${accessKeyId}`
65
72
  });
66
- }).catch((error) => {
67
- logger.error("error checking if method is authorized", { method, error });
68
- call.sendStatus({ code: grpc_js_1.status.PERMISSION_DENIED, details: `Method ${method} is not authorized for accessKeyId ${accessKeyId}` });
69
73
  });
70
74
  return call;
71
75
  };
package/dist/index.d.ts CHANGED
@@ -1,3 +1,4 @@
1
1
  export * from "./server";
2
2
  export * from "./client";
3
3
  export * from "./createCheckMethodAuthorized";
4
+ export * from "./types";
package/dist/index.js CHANGED
@@ -35,3 +35,4 @@ Object.defineProperty(exports, "__esModule", { value: true });
35
35
  __exportStar(require("./server"), exports);
36
36
  __exportStar(require("./client"), exports);
37
37
  __exportStar(require("./createCheckMethodAuthorized"), exports);
38
+ __exportStar(require("./types"), exports);
package/dist/server/AuthzServer.d.ts CHANGED
@@ -1,6 +1,7 @@
1
1
  import { ServerConfig, AuthzHandler } from "../types";
2
- export default class AuthzServer {
2
+ declare class AuthzServer {
3
3
  config: ServerConfig;
4
4
  constructor(config?: ServerConfig);
5
5
  listen(handler: AuthzHandler): Promise<void>;
6
6
  }
7
+ export { AuthzServer };
package/dist/server/AuthzServer.js CHANGED
@@ -36,6 +36,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
36
36
  return (mod && mod.__esModule) ? mod : { "default": mod };
37
37
  };
38
38
  Object.defineProperty(exports, "__esModule", { value: true });
39
+ exports.AuthzServer = void 0;
39
40
  /*
40
41
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
41
42
  * http://github.com/fonoster/fonoster
@@ -61,6 +62,7 @@ const deepmerge_1 = __importDefault(require("deepmerge"));
61
62
  const grpc_health_check_1 = require("grpc-health-check");
62
63
  const defaultServerConfig_1 = require("./defaultServerConfig");
63
64
  const serviceDefinition_1 = require("../serviceDefinition");
65
+ const pb_util_1 = require("pb-util");
64
66
  const logger = (0, logger_1.getLogger)({ service: "authz", filePath: __filename });
65
67
  class AuthzServer {
66
68
  constructor(config = defaultServerConfig_1.defaultServerConfig) {
@@ -118,30 +120,19 @@ class AuthzServer {
118
120
  });
119
121
  }
120
122
  },
121
- chargeAccount: async (call, callback) => {
122
- logger.verbose("chargeAccount called");
123
+ addBillingMeterEvent: async (call, callback) => {
124
+ logger.verbose("addBillingMeterEvent called");
123
125
  logger.verbose(JSON.stringify(call.request));
124
126
  try {
125
- await handler.chargeAccount(call.request);
127
+ const request = {
128
+ accessKeyId: call.request.accessKeyId,
129
+ payload: pb_util_1.struct.decode(call.request.payload)
130
+ };
131
+ await handler.addBillingMeterEvent(request);
126
132
  callback(null, {});
127
133
  }
128
134
  catch (error) {
129
- logger.error("Error in chargeAccount:", error);
130
- callback({
131
- code: grpc.status.INTERNAL,
132
- message: "Internal server error."
133
- });
134
- }
135
- },
136
- getAccountBalance: async (call, callback) => {
137
- logger.verbose("getAccountBalance called");
138
- logger.verbose(JSON.stringify(call.request));
139
- try {
140
- const balance = await handler.getAccountBalance(call.request);
141
- callback(null, { balance });
142
- }
143
- catch (error) {
144
- logger.error("Error in getAccountBalance:", error);
135
+ logger.error("Error in while adding billing meter event:", error);
145
136
  callback({
146
137
  code: grpc.status.INTERNAL,
147
138
  message: "Internal server error."
@@ -165,4 +156,4 @@ class AuthzServer {
165
156
  }
166
157
  }
167
158
  }
168
- exports.default = AuthzServer;
159
+ exports.AuthzServer = AuthzServer;
package/dist/server/DummyAuthzHandler.d.ts CHANGED
@@ -1,8 +1,7 @@
1
- import { AuthzHandler, ChargeAccountRequest, CheckMethodAuthorizedRequest, GetAccountBalanceRequest, VoiceRequest } from "../types";
1
+ import { AuthzHandler, AddBillingMeterEventRequest, CheckMethodAuthorizedRequest, VoiceRequest } from "../types";
2
2
  declare class DummyAuthzHandler implements AuthzHandler {
3
3
  checkSessionAuthorized(request: VoiceRequest): Promise<boolean>;
4
4
  checkMethodAuthorized(request: CheckMethodAuthorizedRequest): Promise<boolean>;
5
- chargeAccount(request: ChargeAccountRequest): Promise<void>;
6
- getAccountBalance(request: GetAccountBalanceRequest): Promise<number>;
5
+ addBillingMeterEvent(request: AddBillingMeterEventRequest): Promise<void>;
7
6
  }
8
7
  export { DummyAuthzHandler };
package/dist/server/DummyAuthzHandler.js CHANGED
@@ -28,14 +28,10 @@ class DummyAuthzHandler {
28
28
  }
29
29
  async checkMethodAuthorized(request) {
30
30
  logger.verbose("checkMethodAuthorized called", request);
31
- return false;
31
+ return true;
32
32
  }
33
- async chargeAccount(request) {
33
+ async addBillingMeterEvent(request) {
34
34
  logger.verbose("chargeAccount called", request);
35
35
  }
36
- async getAccountBalance(request) {
37
- logger.verbose("getAccountBalance called", request);
38
- return 20.2;
39
- }
40
36
  }
41
37
  exports.DummyAuthzHandler = DummyAuthzHandler;
package/dist/server/server.js CHANGED
@@ -1,7 +1,4 @@
1
1
  "use strict";
2
- var __importDefault = (this && this.__importDefault) || function (mod) {
3
- return (mod && mod.__esModule) ? mod : { "default": mod };
4
- };
5
2
  Object.defineProperty(exports, "__esModule", { value: true });
6
3
  /*
7
4
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
@@ -21,6 +18,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
21
18
  * See the License for the specific language governing permissions and
22
19
  * limitations under the License.
23
20
  */
24
- const AuthzServer_1 = __importDefault(require("./AuthzServer"));
21
+ const AuthzServer_1 = require("./AuthzServer");
25
22
  const DummyAuthzHandler_1 = require("./DummyAuthzHandler");
26
- new AuthzServer_1.default().listen(new DummyAuthzHandler_1.DummyAuthzHandler());
23
+ new AuthzServer_1.AuthzServer().listen(new DummyAuthzHandler_1.DummyAuthzHandler());
package/dist/types.d.ts CHANGED
@@ -7,17 +7,13 @@ type CheckMethodAuthorizedRequest = {
7
7
  accessKeyId: string;
8
8
  method: string;
9
9
  };
10
- type ChargeAccountRequest = {
11
- accessKeyId: string;
12
- amount: number;
13
- };
14
- type GetAccountBalanceRequest = {
10
+ type AddBillingMeterEventRequest = {
15
11
  accessKeyId: string;
12
+ payload: Record<string, unknown>;
16
13
  };
17
14
  type AuthzHandler = {
18
15
  checkSessionAuthorized(request: VoiceRequest): Promise<boolean>;
19
16
  checkMethodAuthorized(request: CheckMethodAuthorizedRequest): Promise<boolean>;
20
- chargeAccount(request: ChargeAccountRequest): Promise<void>;
21
- getAccountBalance(request: GetAccountBalanceRequest): Promise<number>;
17
+ addBillingMeterEvent(request: AddBillingMeterEventRequest): Promise<void>;
22
18
  };
23
- export { ServerConfig, AuthzHandler, VoiceRequest, CheckMethodAuthorizedRequest, ChargeAccountRequest, GetAccountBalanceRequest };
19
+ export { ServerConfig, AuthzHandler, VoiceRequest, CheckMethodAuthorizedRequest, AddBillingMeterEventRequest };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fonoster/authz",
3
- "version": "0.8.0",
3
+ "version": "0.8.4",
4
4
  "description": "Authorization module for Fonoster",
5
5
  "author": "Pedro Sanders <psanders@fonoster.com>",
6
6
  "homepage": "https://github.com/fonoster/fonoster#readme",
@@ -26,9 +26,9 @@
26
26
  "access": "public"
27
27
  },
28
28
  "dependencies": {
29
- "@fonoster/common": "^0.8.0",
30
- "@fonoster/identity": "^0.8.0",
31
- "@fonoster/logger": "^0.8.0",
29
+ "@fonoster/common": "^0.8.4",
30
+ "@fonoster/identity": "^0.8.4",
31
+ "@fonoster/logger": "^0.8.4",
32
32
  "@grpc/grpc-js": "~1.10.6",
33
33
  "deepmerge": "^4.3.1",
34
34
  "grpc-health-check": "^2.0.2"
@@ -40,5 +40,5 @@
40
40
  "bugs": {
41
41
  "url": "https://github.com/fonoster/fonoster/issues"
42
42
  },
43
- "gitHead": "9d8a6fc044fe23f4f75356c142d1ca412db5af15"
43
+ "gitHead": "230bf0c9b793e5de49ffeb30ee1bd62226f55cba"
44
44
  }