@fonoster/identity 0.7.22 → 0.7.26

package/dist/apikeys/deleteApiKey.js

@@ -43,5 +43,5 @@ function deleteApiKey(prisma) {
         });
         callback(null, { ref });
     });
-    return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.Validators.baseApiObjectSchema);
+    return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.Validators.emptySchema);
 }

package/dist/apikeys/regenerateApiKey.js

@@ -51,5 +51,5 @@ function regenerateApiKey(prisma) {
             accessKeySecret: response.accessKeySecret
         });
     });
-    return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.Validators.baseApiObjectSchema);
+    return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.Validators.emptySchema);
 }

package/dist/constants.d.ts

@@ -0,0 +1,2 @@
+export declare const SIGN_ALGORITHM = "RS256";
+export declare const VERIFICATION_CODE_EXPIRATION: number;

package/dist/{invites/EmailTemplatesEnum.js → constants.js}

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EmailTemplatesEnum = void 0;
+exports.VERIFICATION_CODE_EXPIRATION = exports.SIGN_ALGORITHM = void 0;
 /*
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
  * http://github.com/fonoster/fonoster
@@ -19,8 +19,5 @@ exports.EmailTemplatesEnum = void 0;
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-var EmailTemplatesEnum;
-(function (EmailTemplatesEnum) {
-    EmailTemplatesEnum["INVITE_NEW_USER"] = "inviteNewUser";
-    EmailTemplatesEnum["INVITE_EXISTING_USER"] = "inviteExistingUser";
-})(EmailTemplatesEnum || (exports.EmailTemplatesEnum = EmailTemplatesEnum = {}));
+exports.SIGN_ALGORITHM = "RS256";
+exports.VERIFICATION_CODE_EXPIRATION = 5 * 60 * 1000;

package/dist/envs.d.ts

@@ -1 +1,8 @@
 export declare const CLOAK_ENCRYPTION_KEY: string;
+export declare const IDENTITY_MFA_REQUIRED: boolean;
+export declare const IDENTITY_OAUTH2_GITHUB_CLIENT_ID: string;
+export declare const IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET: string;
+export declare const IDENTITY_OAUTH2_GITHUB_ENABLED: boolean;
+export declare const IDENTITY_USER_VERIFICATION_REQUIRED: boolean;
+export declare const IDENTITY_WORKSPACE_INVITATION_URL: string;
+export declare const IDENTITY_WORKSPACE_INVITE_EXPIRATION: string;

package/dist/envs.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CLOAK_ENCRYPTION_KEY = void 0;
+exports.IDENTITY_WORKSPACE_INVITE_EXPIRATION = exports.IDENTITY_WORKSPACE_INVITATION_URL = exports.IDENTITY_USER_VERIFICATION_REQUIRED = exports.IDENTITY_OAUTH2_GITHUB_ENABLED = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET = exports.IDENTITY_OAUTH2_GITHUB_CLIENT_ID = exports.IDENTITY_MFA_REQUIRED = exports.CLOAK_ENCRYPTION_KEY = void 0;
 /*
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
  * http://github.com/fonoster/fonoster
@@ -20,5 +20,26 @@ exports.CLOAK_ENCRYPTION_KEY = void 0;
  * limitations under the License.
  */
 const common_1 = require("@fonoster/common");
-(0, common_1.assertEnvsAreSet)(["CLOAK_ENCRYPTION_KEY"]);
-exports.CLOAK_ENCRYPTION_KEY = process.env.CLOAK_ENCRYPTION_KEY;
+const e = process.env;
+exports.CLOAK_ENCRYPTION_KEY = e.CLOAK_ENCRYPTION_KEY;
+exports.IDENTITY_MFA_REQUIRED = e.IDENTITY_MFA_REQUIRED === "true";
+exports.IDENTITY_OAUTH2_GITHUB_CLIENT_ID = e.IDENTITY_OAUTH2_GITHUB_CLIENT_ID;
+exports.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET = e.IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET;
+exports.IDENTITY_OAUTH2_GITHUB_ENABLED = e.IDENTITY_OAUTH2_GITHUB_ENABLED === "true";
+exports.IDENTITY_USER_VERIFICATION_REQUIRED = e.IDENTITY_USER_VERIFICATION_REQUIRED === "true";
+exports.IDENTITY_WORKSPACE_INVITATION_URL = e.IDENTITY_WORKSPACE_INVITATION_URL;
+exports.IDENTITY_WORKSPACE_INVITE_EXPIRATION = e.IDENTITY_WORKSPACE_INVITE_EXPIRATION || "1d";
+(0, common_1.assertEnvsAreSet)(["CLOAK_ENCRYPTION_KEY", "IDENTITY_WORKSPACE_INVITATION_URL"]);
+if (exports.IDENTITY_USER_VERIFICATION_REQUIRED) {
+    (0, common_1.assertEnvsAreSet)([
+        "TWILIO_ACCOUNT_SID",
+        "TWILIO_AUTH_TOKEN",
+        "TWILIO_PHONE_NUMBER"
+    ]);
+}
+if (exports.IDENTITY_OAUTH2_GITHUB_ENABLED) {
+    (0, common_1.assertEnvsAreSet)([
+        "IDENTITY_OAUTH2_GITHUB_CLIENT_ID",
+        "IDENTITY_OAUTH2_GITHUB_CLIENT_SECRET"
+    ]);
+}

package/dist/exchanges/exchangeApiKey.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {

package/dist/exchanges/exchangeCredentials.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {
@@ -55,20 +65,45 @@ const common_1 = require("@fonoster/common");
 const logger_1 = require("@fonoster/logger");
 const grpc = __importStar(require("@grpc/grpc-js"));
 const exchangeTokens_1 = require("./exchangeTokens");
+const envs_1 = require("../envs");
+const createIsValidVerificationCode_1 = require("../utils/createIsValidVerificationCode");
 const getUserByEmail_1 = require("../utils/getUserByEmail");
+const verification_1 = require("../verification");
 const logger = (0, logger_1.getLogger)({ service: "identity", filePath: __filename });
+const verificationRequiredButNotProvided = (user) => envs_1.IDENTITY_USER_VERIFICATION_REQUIRED &&
+    (!user.emailVerified || !user.phoneNumberVerified);
 function exchangeCredentials(prisma, identityConfig) {
+    const isValidVerificationCode = (0, createIsValidVerificationCode_1.createIsValidVerificationCode)(prisma);
     const fn = (call, callback) => __awaiter(this, void 0, void 0, function* () {
         const { request } = call;
-        const { username, password } = request;
-        logger.verbose("call to exchangeCredentials", { username });
-        const user = yield (0, getUserByEmail_1.getUserByEmail)(prisma)(username);
+        const { username: email, password, verificationCode } = request;
+        logger.verbose("call to exchangeCredentials", { username: email });
+        const user = yield (0, getUserByEmail_1.getUserByEmail)(prisma)(email);
         if (!user || user.password !== (password === null || password === void 0 ? void 0 : password.trim())) {
             return callback({
                 code: grpc.status.PERMISSION_DENIED,
                 message: "Invalid credentials"
             });
         }
+        if (verificationRequiredButNotProvided(user)) {
+            return callback({
+                code: grpc.status.PERMISSION_DENIED,
+                message: "User contact information not verified"
+            });
+        }
+        if (envs_1.IDENTITY_USER_VERIFICATION_REQUIRED) {
+            const isValid = yield isValidVerificationCode({
+                type: verification_1.ContactType.EMAIL,
+                value: email,
+                code: verificationCode
+            });
+            if (!isValid) {
+                return callback({
+                    code: grpc.status.PERMISSION_DENIED,
+                    message: "Invalid verification code"
+                });
+            }
+        }
         callback(null, yield (0, exchangeTokens_1.exchangeTokens)(prisma, identityConfig)(user.accessKeyId));
     });
     return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.exchangeCredentialsRequestSchema);

package/dist/exchanges/exchangeOauth2Code.d.ts

@@ -0,0 +1,7 @@
+import { GrpcErrorMessage } from "@fonoster/common";
+import { IdentityConfig } from "./types";
+import { Prisma } from "../db";
+declare function exchangeOauth2Code(prisma: Prisma, identityConfig: IdentityConfig): (call: {
+    request: unknown;
+}, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
+export { exchangeOauth2Code };

package/dist/exchanges/exchangeOauth2Code.js

@@ -0,0 +1,105 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.exchangeOauth2Code = exchangeOauth2Code;
+/*
+ * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
+ * http://github.com/fonoster/fonoster
+ *
+ * This file is part of Fonoster
+ *
+ * Licensed under the MIT License (the "License");
+ * you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ *    https://opensource.org/licenses/MIT
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+const common_1 = require("@fonoster/common");
+const logger_1 = require("@fonoster/logger");
+const grpc = __importStar(require("@grpc/grpc-js"));
+const exchangeTokens_1 = require("./exchangeTokens");
+const getUserByEmail_1 = require("../utils/getUserByEmail");
+const logger = (0, logger_1.getLogger)({ service: "identity", filePath: __filename });
+function exchangeOauth2Code(prisma, identityConfig) {
+    const fn = (call, callback) => __awaiter(this, void 0, void 0, function* () {
+        const { request } = call;
+        const { provider, username: email, code } = request;
+        logger.verbose("call to exchangeOauth2Code", { provider });
+        const tokenResponse = yield fetch("https://github.com/login/oauth/access_token", {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                Accept: "application/json"
+            },
+            body: JSON.stringify({
+                client_id: identityConfig.githubOauth2Config.clientId,
+                client_secret: identityConfig.githubOauth2Config.clientSecret,
+                code
+            })
+        });
+        const tokenData = yield tokenResponse.json();
+        const accessToken = tokenData === null || tokenData === void 0 ? void 0 : tokenData.access_token;
+        const userResponse = yield fetch("https://api.github.com/user", {
+            headers: {
+                Authorization: `token ${accessToken}`
+            }
+        });
+        const userData = yield userResponse.json();
+        const user = yield (0, getUserByEmail_1.getUserByEmail)(prisma)(email);
+        if (userData.email !== email || !user) {
+            return callback({
+                code: grpc.status.PERMISSION_DENIED,
+                message: "Invalid credentials"
+            });
+        }
+        callback(null, yield (0, exchangeTokens_1.exchangeTokens)(prisma, identityConfig)(user.accessKeyId));
+    });
+    return (0, common_1.withErrorHandlingAndValidation)(fn, common_1.exchangeOauth2RequestSchema);
+}

package/dist/exchanges/exchangeRefreshToken.js

@@ -35,15 +35,15 @@ const common_1 = require("@fonoster/common");
 const logger_1 = require("@fonoster/logger");
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
 const exchangeTokens_1 = require("./exchangeTokens");
+const constants_1 = require("../constants");
 const logger = (0, logger_1.getLogger)({ service: "identity", filePath: __filename });
-const SIGN_ALGORITHM = "RS256";
 function exchangeRefreshToken(prisma, identityConfig) {
     const fn = (call, callback) => __awaiter(this, void 0, void 0, function* () {
         const { privateKey } = identityConfig;
         const { request } = call;
         const { refreshToken: oldRefreshToken } = request;
         const oldRefreshTokenDecoded = jsonwebtoken_1.default.verify(oldRefreshToken, privateKey, {
-            algorithms: [SIGN_ALGORITHM]
+            algorithms: [constants_1.SIGN_ALGORITHM]
         });
         const { accessKeyId } = oldRefreshTokenDecoded;
         logger.verbose("call to exchangeRefreshToken", { accessKeyId });

package/dist/exchanges/exchangeTokens.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
     function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
     return new (P || (P = Promise))(function (resolve, reject) {

package/dist/exchanges/index.d.ts

@@ -1,5 +1,6 @@
 export * from "./TokenUseEnum";
 export * from "./exchangeApiKey";
 export * from "./exchangeCredentials";
+export * from "./exchangeOauth2Code";
 export * from "./exchangeRefreshToken";
 export * from "./types";

package/dist/exchanges/index.js

@@ -35,5 +35,6 @@ __exportStar(require("./TokenUseEnum"), exports);
  */
 __exportStar(require("./exchangeApiKey"), exports);
 __exportStar(require("./exchangeCredentials"), exports);
+__exportStar(require("./exchangeOauth2Code"), exports);
 __exportStar(require("./exchangeRefreshToken"), exports);
 __exportStar(require("./types"), exports);

package/dist/exchanges/payloads/users/getAccessTokenPayload.js

@@ -55,10 +55,11 @@ function getAccessTokenPayload(prisma, identityConfig) {
             role: types_1.WorkspaceRoleEnum.OWNER
         }));
         memberships.forEach((membership) => {
-            access.push({
-                accessKeyId: membership.workspace.accessKeyId,
-                role: membership.role
-            });
+            membership.status === types_1.WorkspaceMemberStatus.ACTIVE &&
+                access.push({
+                    accessKeyId: membership.workspace.accessKeyId,
+                    role: membership.role
+                });
         });
         return {
             iss: issuer,

package/dist/exchanges/types.d.ts

@@ -53,9 +53,19 @@ type IdentityConfig = {
             pass: string;
         };
     };
+    twilioSmsConfig?: {
+        accountSid: string;
+        authToken: string;
+        sender: string;
+    };
+    githubOauth2Config?: {
+        clientId: string;
+        clientSecret: string;
+    };
 };
 type DecodedToken<T extends TokenUseEnum> = T extends TokenUseEnum.ID ? IdToken : T extends TokenUseEnum.ACCESS ? AccessToken : T extends TokenUseEnum.REFRESH ? TokenUseEnum : never;
 type ExchangeApiKeysRequest = z.infer<typeof V.exchangeApiKeysRequestSchema>;
+type ExchangeOauth2CodeRequest = z.infer<typeof V.exchangeOauth2RequestSchema>;
 type ExchangeCredentialsRequest = z.infer<typeof V.exchangeCredentialsRequestSchema>;
 type ExchangeResponse = {
     idToken: string;
@@ -63,4 +73,4 @@ type ExchangeResponse = {
     refreshToken: string;
 };
 type ExchangeRefreshTokenRequest = z.infer<typeof V.exchangeRefreshTokenRequestSchema>;
-export { Access, AccessToken, DecodedToken, ExchangeApiKeysRequest, ExchangeCredentialsRequest, ExchangeRefreshTokenRequest, ExchangeResponse, IdToken, IdentityConfig, RefreshToken, Role };
+export { Access, AccessToken, DecodedToken, ExchangeApiKeysRequest, ExchangeCredentialsRequest, ExchangeOauth2CodeRequest, ExchangeRefreshTokenRequest, ExchangeResponse, IdToken, IdentityConfig, RefreshToken, Role };

package/dist/getPublicKeyClient.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getPublicKeyClient = getPublicKeyClient;
 /*

package/dist/invites/createInviteBody.d.ts

@@ -1,8 +1,3 @@
-declare function createInviteBody(params: {
-    emailTemplateDir?: string;
-    isExistingUser: boolean;
-    workspaceName: string;
-    oneTimePassword: string;
-    inviteUrl: string;
-}): string;
+import { InviteParams } from "./types";
+declare function createInviteBody(params: Omit<InviteParams, "recipient">): string;
 export { createInviteBody };

package/dist/invites/createInviteBody.js

@@ -24,13 +24,13 @@ exports.createInviteBody = createInviteBody;
  */
 const path_1 = __importDefault(require("path"));
 const common_1 = require("@fonoster/common");
-const EmailTemplatesEnum_1 = require("./EmailTemplatesEnum");
+const TemplatesEnum_1 = require("../templates/TemplatesEnum");
 function createInviteBody(params) {
-    const { emailTemplateDir, isExistingUser, workspaceName, oneTimePassword, inviteUrl } = params;
+    const { templateDir: emailTemplateDir, isExistingUser, workspaceName, oneTimePassword, inviteUrl } = params;
     const template = isExistingUser
-        ? EmailTemplatesEnum_1.EmailTemplatesEnum.INVITE_EXISTING_USER
-        : EmailTemplatesEnum_1.EmailTemplatesEnum.INVITE_NEW_USER;
-    const templateDir = emailTemplateDir || path_1.default.join(__dirname, "templates");
+        ? TemplatesEnum_1.TemplatesEnum.INVITE_EXISTING_USER
+        : TemplatesEnum_1.TemplatesEnum.INVITE_NEW_USER;
+    const templateDir = emailTemplateDir || path_1.default.join(__dirname, "..", "templates");
     const templatePath = `${templateDir}/${template}.hbs`;
     return (0, common_1.compileTemplate)({
         filePath: templatePath,

package/dist/invites/index.d.ts

@@ -1,3 +1,4 @@
-export * from "./EmailTemplatesEnum";
+export * from "../templates/TemplatesEnum";
 export * from "./createInviteBody";
 export * from "./sendInvite";
+export * from "./types";

package/dist/invites/index.js

@@ -14,7 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-__exportStar(require("./EmailTemplatesEnum"), exports);
 /*
  * Copyright (C) 2024 by Fonoster Inc (https://fonoster.com)
  * http://github.com/fonoster/fonoster
@@ -33,5 +32,7 @@ __exportStar(require("./EmailTemplatesEnum"), exports);
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+__exportStar(require("../templates/TemplatesEnum"), exports);
 __exportStar(require("./createInviteBody"), exports);
 __exportStar(require("./sendInvite"), exports);
+__exportStar(require("./types"), exports);

package/dist/invites/sendInvite.d.ts

@@ -1,11 +1,4 @@
 import { EmailParams } from "@fonoster/common";
-type InviteParams = {
-    recipient: string;
-    inviteUrl: string;
-    oneTimePassword?: string;
-    workspaceName: string;
-    isExistingUser: boolean;
-};
-type SendInvite = (sendEmail: (params: EmailParams) => Promise<void>, request: InviteParams) => Promise<void>;
+import { InviteParams } from "./types";
 declare function sendInvite(sendEmail: (params: EmailParams) => Promise<void>, request: InviteParams): Promise<void>;
-export { InviteParams, SendInvite, sendInvite };
+export { sendInvite };

package/dist/invites/sendInvite.js

@@ -13,11 +13,12 @@ exports.sendInvite = sendInvite;
 const createInviteBody_1 = require("./createInviteBody");
 function sendInvite(sendEmail, request) {
     return __awaiter(this, void 0, void 0, function* () {
-        const { recipient, inviteUrl, oneTimePassword, isExistingUser, workspaceName } = request;
+        const { recipient, inviteUrl, oneTimePassword, isExistingUser, workspaceName, templateDir } = request;
         yield sendEmail({
             to: recipient,
             subject: "Invite to join a Fonoster workspace",
             html: (0, createInviteBody_1.createInviteBody)({
+                templateDir,
                 isExistingUser,
                 workspaceName,
                 oneTimePassword: isExistingUser ? undefined : oneTimePassword,

package/dist/invites/types.d.ts

@@ -0,0 +1,11 @@
+import { EmailParams } from "@fonoster/common";
+type InviteParams = {
+    recipient: string;
+    templateDir?: string;
+    inviteUrl: string;
+    isExistingUser: boolean;
+    oneTimePassword?: string;
+    workspaceName: string;
+};
+type SendInvite = (sendEmail: (params: EmailParams) => Promise<void>, request: InviteParams) => Promise<void>;
+export { InviteParams, SendInvite };

package/dist/invites/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/service.d.ts

@@ -67,12 +67,21 @@ declare function buildIdentityService(identityConfig: IdentityConfig): {
         exchangeCredentials: (call: {
             request: unknown;
         }, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
+        exchangeOauth2Code: (call: {
+            request: unknown;
+        }, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
         exchangeRefreshToken: (call: {
             request: unknown;
         }, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
         getPublicKey: (_: unknown, callback: (error: import("@fonoster/common").GrpcErrorMessage, response?: {
             publicKey: string;
         }) => void) => Promise<void>;
+        sendVerificationCode: (call: {
+            request: unknown;
+        }, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
+        verifyCode: (call: {
+            request: unknown;
+        }, callback: (error?: import("@fonoster/common").GrpcErrorMessage, response?: unknown) => void) => Promise<void>;
     };
 };
 export { buildIdentityService, serviceDefinitionParams };

package/dist/service.js

@@ -21,7 +21,9 @@ exports.buildIdentityService = buildIdentityService;
  * limitations under the License.
  */
 const db_1 = require("./db");
+const exchangeOauth2Code_1 = require("./exchanges/exchangeOauth2Code");
 const getPublicKey_1 = require("./getPublicKey");
+const verification_1 = require("./verification");
 const _1 = require(".");
 const serviceDefinitionParams = {
     serviceName: "Identity",
@@ -56,8 +58,12 @@ function buildIdentityService(identityConfig) {
             // Exchanges
             exchangeApiKey: (0, _1.exchangeApiKey)(db_1.prisma, identityConfig),
             exchangeCredentials: (0, _1.exchangeCredentials)(db_1.prisma, identityConfig),
+            exchangeOauth2Code: (0, exchangeOauth2Code_1.exchangeOauth2Code)(db_1.prisma, identityConfig),
             exchangeRefreshToken: (0, _1.exchangeRefreshToken)(db_1.prisma, identityConfig),
-            getPublicKey: (0, getPublicKey_1.getPublicKey)(identityConfig.publicKey)
+            getPublicKey: (0, getPublicKey_1.getPublicKey)(identityConfig.publicKey),
+            // Verification
+            sendVerificationCode: (0, verification_1.createSendVerificationCode)(db_1.prisma, identityConfig),
+            verifyCode: (0, verification_1.createVerifyCode)(db_1.prisma)
         }
     };
 }

package/dist/templates/TemplatesEnum.d.ts

@@ -0,0 +1,7 @@
+declare enum TemplatesEnum {
+    INVITE_NEW_USER = "inviteNewUser",
+    INVITE_EXISTING_USER = "inviteExistingUser",
+    VERIFY_EMAIL = "verifyEmail",
+    VERIFY_PHONE = "verifyPhone"
+}
+export { TemplatesEnum };