@gapi/auth 1.8.122

package/.prettierrc

@@ -0,0 +1,4 @@
+{
+    "singleQuote": true,
+    "printWidth": 80
+}

package/README.md

@@ -0,0 +1,150 @@
+# @Gapi authentication Module
+
+##### For questions/issues you can write ticket [here](http://gitlab.youvolio.com/Stradivario/gapi-auth/issues)
+##### This module is intended to be used with [rxdi](https://github.com/rxdi/core) or [gapi](https://github.com/Stradivario/gapi)
+
+## Installation and basic examples:
+##### To install this Gapi module, run:
+
+```bash
+$ npm install @gapi/auth --save
+```
+
+## Consuming @gapi/auth
+
+##### Import inside AppModule or CoreModule
+```typescript
+import { Module } from "@rxdi/core";
+import { AuthModule } from "@gapi/auth";
+
+@Module({
+    imports: [
+       AuthModule.forRoot({
+            algorithm: 'HS256',
+            cert: 'dadada',
+            cyper: {
+                algorithm: 'dada',
+                iv: '',
+                privateKey: 'dadada'
+            }
+        }),
+    ]
+})
+export class CoreModule {}
+```
+
+##### Create Auth Service and provide it
+
+```typescript
+
+import { Service } from '@rxdi/core';
+import * as Boom from 'boom';
+import { AuthInterface, AuthInternalService, TokenData } from '@gapi/auth';
+
+export interface UserInfo {
+    scope: ['ADMIN', 'USER'];
+    type: 'ADMIN' | 'USER';
+    iat: number;
+}
+
+@Service()
+export class AuthService implements AuthInterface {
+
+    constructor(
+        private authService: AuthInternalService
+    ) { }
+
+    onSubOperation(message, params, webSocket) {
+        return params;
+    }
+
+    onSubConnection(connectionParams): TokenData {
+        if (connectionParams.token) {
+            return this.validateToken(connectionParams.token, 'Subscription');
+        } else {
+            throw Boom.unauthorized();
+        }
+    }
+
+    validateToken(token: string, requestType: 'Query' | 'Subscription' = 'Query'): any {
+        const user = <any>this.authService.verifyToken(token);
+        user.type = user.scope[0];
+        console.log(`${requestType} from: ${JSON.stringify(user)}`);
+        if (user) {
+            return user;
+        } else {
+            throw Boom.unauthorized();
+        }
+    }
+
+    signJWTtoken(tokenData: TokenData): string {
+        return this.authService.sign(tokenData);
+    }
+
+    issueJWTToken(tokenData: TokenData) {
+        const jwtToken = this.authService.sign({
+            email: '',
+            id: 1,
+            scope: ['ADMIN', 'USER']
+        });
+        return jwtToken;
+    }
+
+    verifyToken(token: string): TokenData {
+        return this.authService.verifyToken(token);
+    }
+
+    decryptPassword(password: string): string {
+        return this.authService.decrypt(password);
+    }
+
+    encryptPassword(password: string): string {
+        return this.authService.encrypt(password);
+    }
+
+}
+
+```
+
+##### Provide this particular Auth Service to `authentication` parameter inside CoreModule.forRoot
+
+```typescript
+
+import { CoreModule, Module } from '@gapi/core';
+import { AuthService } from './app/core/services/auth/auth.service';
+import { AuthModule } from '@gapi/auth';
+import { readFileSync } from 'fs';
+
+@Module({
+    imports: [
+        AuthModule.forRoot({
+            algorithm: 'HS256',
+            cert: readFileSync('./cert.key'),
+            cyper: {
+                algorithm: 'aes256',
+                iv: 'Jkyt1H3FA8JK9L3B',
+                privateKey: '8zTVzr3p53VC12jHV54rIYu2545x47lA'
+            }
+        }),
+        CoreModule.forRoot({
+            pubsub: {
+                authentication: AuthService
+            },
+            graphql: {
+                authentication: AuthService
+            },
+        }),
+
+    ]
+})
+export class FrameworkImports {}
+
+```
+
+Then Subscriptions, Mutations and Queries will be secured via single authentication method `validateToken` inside `AuthService`!
+
+
+
+TODO: Better documentation...
+
+Enjoy ! :)

package/dist/auth.config.d.ts

@@ -0,0 +1,21 @@
+import { InjectionToken } from '@rxdi/core';
+export declare const AUTH_MODULE_CONFIG: InjectionToken<unknown>;
+export interface AuthInterface {
+    onSubOperation(message: any, params: any, webSocket: any): unknown;
+    onSubConnection(connectionParams: any): TokenData;
+    validateToken(token: any, requestType: 'Query' | 'Subscription'): any;
+}
+export interface TokenData {
+    email: string;
+    scope: Array<string>;
+    id: number;
+}
+export interface AuthModuleConfig {
+    cert: unknown;
+    algorithm: string;
+    cyper: {
+        algorithm: string;
+        privateKey: string;
+        iv: string;
+    };
+}

package/dist/auth.config.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AUTH_MODULE_CONFIG = void 0;
+const core_1 = require("@rxdi/core");
+exports.AUTH_MODULE_CONFIG = new core_1.InjectionToken('gapi-auth-module-config-injection-token');

package/dist/auth.service.d.ts

@@ -0,0 +1,10 @@
+import { AuthModuleConfig, TokenData } from './auth.config';
+export declare class AuthInternalService {
+    private config;
+    constructor(config: AuthModuleConfig);
+    verifyToken(token: any): TokenData;
+    decrypt(password: string): string;
+    encrypt(password: string): string;
+    validate(token: any, callback: any): any;
+    sign(tokenData: TokenData): string;
+}

package/dist/auth.service.js

@@ -0,0 +1,60 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthInternalService = void 0;
+const core_1 = require("@rxdi/core");
+const crypto_1 = require("crypto");
+const jsonwebtoken_1 = require("jsonwebtoken");
+const Moment = require("moment");
+const auth_config_1 = require("./auth.config");
+let AuthInternalService = class AuthInternalService {
+    constructor(config) {
+        this.config = config;
+    }
+    verifyToken(token) {
+        return jsonwebtoken_1.verify(token, this.config.cert, { algorithm: 'HS256' });
+    }
+    decrypt(password) {
+        const decipher = crypto_1.createDecipheriv(this.config.cyper.algorithm, this.config.cyper.privateKey, this.config.cyper.iv);
+        let dec = decipher.update(password, 'hex', 'utf8');
+        dec += decipher.final('utf8');
+        return dec;
+    }
+    encrypt(password) {
+        const cipher = crypto_1.createCipheriv(this.config.cyper.algorithm, this.config.cyper.privateKey, this.config.cyper.iv);
+        let crypted = cipher.update(password, 'utf8', 'hex');
+        crypted += cipher.final('hex');
+        return crypted;
+    }
+    validate(token, callback) {
+        // Check token timestamp
+        const ttl = 30 * 1000 * 60;
+        const diff = Moment().diff(Moment(token.iat * 1000));
+        if (diff > ttl) {
+            return callback(null, false);
+        }
+        callback(null, true, token);
+    }
+    sign(tokenData) {
+        return jsonwebtoken_1.sign(tokenData, this.config.cert, {
+            algorithm: this.config.algorithm,
+        });
+    }
+};
+AuthInternalService = __decorate([
+    core_1.Service(),
+    __param(0, core_1.Inject(auth_config_1.AUTH_MODULE_CONFIG)),
+    __metadata("design:paramtypes", [Object])
+], AuthInternalService);
+exports.AuthInternalService = AuthInternalService;

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+import { ModuleWithServices } from '@rxdi/core';
+import { AuthModuleConfig } from './auth.config';
+export declare class AuthModule {
+    static forRoot(config?: AuthModuleConfig): ModuleWithServices;
+}
+export * from './auth.service';
+export * from './auth.config';

package/dist/index.js

@@ -0,0 +1,43 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !exports.hasOwnProperty(p)) __createBinding(exports, m, p);
+};
+var AuthModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthModule = void 0;
+const core_1 = require("@rxdi/core");
+const auth_config_1 = require("./auth.config");
+const auth_service_1 = require("./auth.service");
+let AuthModule = AuthModule_1 = class AuthModule {
+    static forRoot(config) {
+        return {
+            module: AuthModule_1,
+            services: [
+                auth_service_1.AuthInternalService,
+                {
+                    provide: auth_config_1.AUTH_MODULE_CONFIG,
+                    useValue: config || {},
+                },
+            ],
+        };
+    }
+};
+AuthModule = AuthModule_1 = __decorate([
+    core_1.Module()
+], AuthModule);
+exports.AuthModule = AuthModule;
+__exportStar(require("./auth.service"), exports);
+__exportStar(require("./auth.config"), exports);

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@gapi/auth",
+  "version": "1.8.122",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/Stradivario/gapi-auth"
+  },
+  "scripts": {
+    "start": "npx parcel ./examples/index.html --out-dir build/examples",
+    "patch": "npm run build && npm version patch && npm publish --update-readme --access public && npm run delete-dist",
+    "delete-dist": "rm -rf dist",
+    "clean": "git clean -dxf",
+    "lint": "npx eslint . --ext .ts",
+    "lint-fix": "npx eslint . --fix --ext .ts",
+    "build": "rm -rf dist && tsc || true"
+  },
+  "author": {
+    "name": "Kristian Tachev(Stradivario)",
+    "email": "kristiqn.tachev@gmail.com"
+  },
+  "keywords": [
+    "graphql",
+    "gapi",
+    "node"
+  ],
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/Stradivario/gapi-auth/issues"
+  },
+  "homepage": "https://github.com/Stradivario/gapi-auth#readme",
+  "module": "index.js",
+  "typings": "index.d.ts",
+  "dependencies": {
+    "jsonwebtoken": "^8.3.0",
+    "moment": "^2.22.2"
+  },
+  "devDependencies": {
+    "@rxdi/core": "^0.7.114",
+    "@types/node": "^13.11.1",
+    "typescript": "^3.8.3"
+  }
+}

package/src/auth.config.ts

@@ -0,0 +1,27 @@
+import { InjectionToken } from '@rxdi/core';
+
+export const AUTH_MODULE_CONFIG = new InjectionToken(
+  'gapi-auth-module-config-injection-token'
+);
+
+export interface AuthInterface {
+  onSubOperation(message, params, webSocket): unknown;
+  onSubConnection(connectionParams): TokenData;
+  validateToken(token, requestType: 'Query' | 'Subscription');
+}
+
+export interface TokenData {
+  email: string;
+  scope: Array<string>;
+  id: number;
+}
+
+export interface AuthModuleConfig {
+  cert: unknown;
+  algorithm: string;
+  cyper: {
+    algorithm: string;
+    privateKey: string;
+    iv: string;
+  };
+}

package/src/auth.service.ts

@@ -0,0 +1,53 @@
+import { Inject, Service } from '@rxdi/core';
+import { createCipheriv, createDecipheriv } from 'crypto';
+import { sign, verify } from 'jsonwebtoken';
+import * as Moment from 'moment';
+
+import { AUTH_MODULE_CONFIG, AuthModuleConfig, TokenData } from './auth.config';
+
+@Service()
+export class AuthInternalService {
+  constructor(@Inject(AUTH_MODULE_CONFIG) private config: AuthModuleConfig) {}
+
+  verifyToken(token): TokenData {
+    return verify(token, this.config.cert, { algorithm: 'HS256' });
+  }
+
+  decrypt(password: string) {
+    const decipher = createDecipheriv(
+      this.config.cyper.algorithm,
+      this.config.cyper.privateKey,
+      this.config.cyper.iv
+    );
+    let dec = decipher.update(password, 'hex', 'utf8');
+    dec += decipher.final('utf8');
+    return dec;
+  }
+
+  encrypt(password: string) {
+    const cipher = createCipheriv(
+      this.config.cyper.algorithm,
+      this.config.cyper.privateKey,
+      this.config.cyper.iv
+    );
+    let crypted = cipher.update(password, 'utf8', 'hex');
+    crypted += cipher.final('hex');
+    return crypted;
+  }
+
+  validate(token, callback) {
+    // Check token timestamp
+    const ttl = 30 * 1000 * 60;
+    const diff = Moment().diff(Moment(token.iat * 1000));
+    if (diff > ttl) {
+      return callback(null, false);
+    }
+    callback(null, true, token);
+  }
+
+  sign(tokenData: TokenData): string {
+    return sign(tokenData, this.config.cert, {
+      algorithm: this.config.algorithm,
+    });
+  }
+}

package/src/index.ts

@@ -0,0 +1,23 @@
+import { Module, ModuleWithServices } from '@rxdi/core';
+
+import { AUTH_MODULE_CONFIG, AuthModuleConfig } from './auth.config';
+import { AuthInternalService } from './auth.service';
+
+@Module()
+export class AuthModule {
+  public static forRoot(config?: AuthModuleConfig): ModuleWithServices {
+    return {
+      module: AuthModule,
+      services: [
+        AuthInternalService,
+        {
+          provide: AUTH_MODULE_CONFIG,
+          useValue: config || {},
+        },
+      ],
+    };
+  }
+}
+
+export * from './auth.service';
+export * from './auth.config';

package/tsconfig.json

@@ -0,0 +1,19 @@
+{
+  "compilerOptions": {
+    "declaration": true,
+    "module": "commonjs",
+    "target": "es6",
+    "baseUrl": ".",
+    "stripInternal": true,
+    "emitDecoratorMetadata": true,
+    "experimentalDecorators": true,
+    "moduleResolution": "node",
+    "outDir": "dist",
+    "rootDir": "src",
+    "lib": ["es2017", "es2016", "es2015", "es6", "dom", "esnext.asynciterable"],
+    "skipLibCheck": true,
+    "types": ["node"],
+    "typeRoots": ["node_modules/@types"]
+  },
+  "files": ["src/index.ts"]
+}