@fraym/auth 0.6.0 → 0.7.0

package/README.md

@@ -15,34 +15,12 @@ There is a sandbox available at `http://auth:3000/management/graphql/sandbox`.
 
 You need to add the `Tenant-Id` header in order to use the graphQL Endpoint and the sandbox.
 
-## CLI command
-
-Use the `auth` cli command to automatically apply your permissions to the auth service.
-
-You can specify the address (and port) of the auth service instance you use in the `AUTH_SERVER_ADDRESS` env variable (default: `127.0.0.1:9000`).
-
-In case of scopes api you need to configure the HTTP api:
-
--   `AUTH_HTTP_SERVER_ADDRESS`: Http api url of the auth service (default: `http://127.0.0.1`)
--   `AUTH_HTTP_API_TOKEN`: The value of that token has to match the token configured in the auth service
-
-The needed schema for auth is a simple enum containing all your permissions. Example:
-
-```graphql
-enum Permission {
-    USER_READ
-    USER_WRITE
-}
-```
-
 ### Config
 
 Use a `.env` file or env variables to configure cte clients and the command:
 
 ```env
 AUTH_SERVER_ADDRESS=127.0.0.1:9000
-AUTH_HTTP_SERVER_ADDRESS=http://127.0.0.1
-AUTH_HTTP_API_TOKEN=
 ```
 
 ## JWT functions
@@ -93,42 +71,10 @@ Parameters:
 
 ### Create the client
 
-management client:
-
 ```typescript
 const managementClient = await newManagementClient();
 ```
 
-## Get all scopes (permissions)
-
-The `clientId` paramenter is optional. If none is given the default client will be used.
-
-```typescript
-const scopes = await managementClient.getScopes();
-```
-
-Note: you need to configure `AUTH_HTTP_SERVER_ADDRESS` and `AUTH_HTTP_API_TOKEN` to use this function.
-
-## Create a scope (permission)
-
-The `clientId` paramenter is optional. If none is given the default client will be used.
-
-```typescript
-await managementClient.createScope("PERMISSION_NAME");
-```
-
-Note: you need to configure `AUTH_HTTP_SERVER_ADDRESS` and `AUTH_HTTP_API_TOKEN` to use this function.
-
-## Delete a scope (permission)
-
-The `clientId` paramenter is optional. If none is given the default client will be used.
-
-```typescript
-await managementClient.deleteScope("PERMISSION_NAME");
-```
-
-Note: you need to configure `AUTH_HTTP_SERVER_ADDRESS` and `AUTH_HTTP_API_TOKEN` to use this function.
-
 ## Get all roles
 
 ```typescript

package/dist/management/client.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.newManagementClient = void 0;
-const auth_proto_1 = require("@fraym/auth-proto");
+const management_1 = require("@fraym/proto/freym/auth/management");
 const grpc_js_1 = require("@grpc/grpc-js");
 const config_1 = require("../config/config");
 const createUser_1 = require("./createUser");
@@ -13,7 +13,7 @@ const updateUser_1 = require("./updateUser");
 const upsertRole_1 = require("./upsertRole");
 const newManagementClient = async (config) => {
     const currentConfig = (0, config_1.useConfigDefaults)(config);
-    const serviceClient = new auth_proto_1.ManagementServiceClient(currentConfig.serverAddress, grpc_js_1.credentials.createInsecure(), {
+    const serviceClient = new management_1.ServiceClient(currentConfig.serverAddress, grpc_js_1.credentials.createInsecure(), {
         "grpc.keepalive_time_ms": currentConfig.keepaliveInterval,
         "grpc.keepalive_timeout_ms": currentConfig.keepaliveTimeout,
         "grpc.keepalive_permit_without_calls": 1,

package/dist/management/createUser.d.ts

@@ -1,6 +1,6 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
 export interface CreateUserResponse {
     id: string;
     setInitialPasswordToken: string;
 }
-export declare const createNewUser: (tenantId: string, login: string, email: string, displayName: string, password: string, assignedRoleIds: string[], active: boolean, blockedUntil: Date, serviceClient: ManagementServiceClient) => Promise<CreateUserResponse>;
+export declare const createNewUser: (tenantId: string, login: string, email: string, displayName: string, password: string, assignedRoleIds: string[], active: boolean, blockedUntil: Date, serviceClient: ServiceClient) => Promise<CreateUserResponse>;

package/dist/management/deleteRole.d.ts

@@ -1,2 +1,2 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
-export declare const deleteExistingRole: (tenantId: string, id: string, serviceClient: ManagementServiceClient) => Promise<void>;
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
+export declare const deleteExistingRole: (tenantId: string, id: string, serviceClient: ServiceClient) => Promise<void>;

package/dist/management/deleteUser.d.ts

@@ -1,2 +1,2 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
-export declare const deleteExistingUser: (tenantId: string, id: string, serviceClient: ManagementServiceClient) => Promise<void>;
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
+export declare const deleteExistingUser: (tenantId: string, id: string, serviceClient: ServiceClient) => Promise<void>;

package/dist/management/getRoles.d.ts

@@ -1,4 +1,4 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
 export interface Role {
     id: string;
     allowedScopes: RoleScope[];
@@ -7,4 +7,4 @@ export interface RoleScope {
     clientId: string;
     scopeName: string;
 }
-export declare const getAllRoles: (tenantId: string, serviceClient: ManagementServiceClient) => Promise<Role[]>;
+export declare const getAllRoles: (tenantId: string, serviceClient: ServiceClient) => Promise<Role[]>;

package/dist/management/getUsers.d.ts

@@ -1,4 +1,4 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
 export interface User {
     id: string;
     login: string;
@@ -10,4 +10,4 @@ export interface User {
     lastAttempt: number;
     blockedUntil: number;
 }
-export declare const getAllUsers: (tenantId: string, serviceClient: ManagementServiceClient) => Promise<User[]>;
+export declare const getAllUsers: (tenantId: string, serviceClient: ServiceClient) => Promise<User[]>;

package/dist/management/updateUser.d.ts

@@ -1,2 +1,2 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
-export declare const updateExistingUser: (tenantId: string, id: string, login: string, email: string, displayName: string, password: string, assignedRoleIds: string[], active: boolean, blockedUntil: Date, serviceClient: ManagementServiceClient) => Promise<void>;
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
+export declare const updateExistingUser: (tenantId: string, id: string, login: string, email: string, displayName: string, password: string, assignedRoleIds: string[], active: boolean, blockedUntil: Date, serviceClient: ServiceClient) => Promise<void>;

package/dist/management/upsertRole.d.ts

@@ -1,6 +1,6 @@
-import { ManagementServiceClient } from "@fraym/auth-proto";
+import { ServiceClient } from "@fraym/proto/freym/auth/management";
 export interface UpsertRoleScope {
     scopeName: string;
     clientId?: string;
 }
-export declare const createOrUpdateRole: (tenantId: string, id: string, allowedScopes: UpsertRoleScope[], serviceClient: ManagementServiceClient) => Promise<string>;
+export declare const createOrUpdateRole: (tenantId: string, id: string, allowedScopes: UpsertRoleScope[], serviceClient: ServiceClient) => Promise<string>;

package/dist/util/token.js

@@ -26,7 +26,9 @@ exports.generateJwt = generateJwt;
 const addDataToJwt = async (appSecret, token, data) => {
     var _a;
     const secret = new TextEncoder().encode(appSecret);
-    const { payload, protectedHeader } = await (0, jose_1.jwtVerify)(token, secret);
+    const { payload, protectedHeader } = await (0, jose_1.jwtVerify)(token, secret, {
+        clockTolerance: "10 seconds",
+    });
     if (!payload.exp) {
         throw Error("expiration time is missing in JWT");
     }
@@ -42,7 +44,9 @@ exports.addDataToJwt = addDataToJwt;
 const getTokenData = async (appSecret, token, requireUserId = true) => {
     var _a, _b, _c;
     const secret = new TextEncoder().encode(appSecret);
-    const { payload } = await (0, jose_1.jwtVerify)(token, secret);
+    const { payload } = await (0, jose_1.jwtVerify)(token, secret, {
+        clockTolerance: "10 seconds",
+    });
     if (!payload.exp) {
         throw Error("expiration time is missing in JWT");
     }

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@fraym/auth",
-    "version": "0.6.0",
+    "version": "0.7.0",
     "license": "MIT",
     "homepage": "https://github.com/fraym/auth-nodejs",
     "repository": {
@@ -21,25 +21,28 @@
     "files": [
         "dist/**/*"
     ],
+    "engines": {
+        "node": ">=16"
+    },
     "main": "dist/index.js",
     "types": "dist/index.d.ts",
     "dependencies": {
-        "@fraym/auth-proto": "^0.6.0",
-        "@graphql-tools/graphql-file-loader": "^7.5.11",
-        "@graphql-tools/load": "^7.8.6",
-        "@grpc/grpc-js": "^1.8.7",
-        "dotenv": "^16.0.3",
-        "graphql": "^16.6.0",
-        "jose": "^4.13.1",
-        "yargs": "^17.6.2"
+        "@fraym/proto": "^0.2.0",
+        "@graphql-tools/graphql-file-loader": "^7.5.17",
+        "@graphql-tools/load": "^7.8.14",
+        "@grpc/grpc-js": "^1.9.3",
+        "dotenv": "^16.3.1",
+        "graphql": "^16.8.0",
+        "jose": "^4.14.6",
+        "yargs": "^17.7.2"
     },
     "devDependencies": {
         "@becklyn/prettier": "^1.0.2",
         "@types/uuid": "^8.3.4",
-        "@types/yargs": "^17.0.13",
-        "prettier": "^2.7.1",
-        "typescript": "^4.8.4",
-        "uuid": "^9.0.0"
+        "@types/yargs": "^17.0.24",
+        "prettier": "^2.8.8",
+        "typescript": "^4.9.5",
+        "uuid": "^9.0.1"
     },
     "prettier": "@becklyn/prettier"
 }