@grandlinex/kernel 0.27.1 → 0.28.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/KernelModule.js +2 -2
  2. package/dist/classes/BaseAction.js +4 -1
  3. package/dist/classes/BaseAuthProvider.d.ts +4 -7
  4. package/dist/classes/BaseEndpoint.d.ts +2 -1
  5. package/dist/classes/BaseEndpoint.js +8 -1
  6. package/dist/lib/index.d.ts +5 -5
  7. package/dist/modules/crypto/CryptoClient.d.ts +6 -4
  8. package/dist/modules/crypto/CryptoClient.js +40 -12
  9. package/package.json +2 -2
package/dist/KernelModule.js CHANGED
@@ -23,11 +23,11 @@ class KernelModule extends BaseKernelModule_1.default {
23
23
  super('base-mod', kernel);
24
24
  this.addAction(new ApiVersionAction_1.default(this), new ApiAuthTestAction_1.default(this), new GetTokenAction_1.default(this));
25
25
  this.addService(new core_1.OfflineService(this));
26
+ const endpoint = new KernelEndpoint_1.default('api', this, this.getKernel().getAppServerPort());
27
+ this.setPresenter(endpoint);
26
28
  }
27
29
  initModule() {
28
30
  return __awaiter(this, void 0, void 0, function* () {
29
- const endpoint = new KernelEndpoint_1.default('api', this, this.getKernel().getAppServerPort());
30
- this.setPresenter(endpoint);
31
31
  yield this.getKernel().triggerFunction('load');
32
32
  });
33
33
  }
package/dist/classes/BaseAction.js CHANGED
@@ -46,12 +46,15 @@ class BaseAction extends core_1.CoreAction {
46
46
  }
47
47
  const dat = yield cc.bearerTokenValidation(req);
48
48
  auth.stop();
49
- if (dat) {
49
+ if (dat && typeof dat !== 'number') {
50
50
  yield this.handler(req, res, next, dat, extension);
51
51
  }
52
52
  else if (this.mode === ActionMode.DMZ_WITH_USER) {
53
53
  yield this.handler(req, res, next, null, extension);
54
54
  }
55
+ else if (dat) {
56
+ res.sendStatus(dat);
57
+ }
55
58
  else {
56
59
  res.status(401).send('no no no ...');
57
60
  }
package/dist/classes/BaseAuthProvider.d.ts CHANGED
@@ -1,12 +1,9 @@
1
+ import { JwtPayload } from 'jsonwebtoken';
1
2
  import { XRequest } from '../lib/express';
2
- export interface JwtTokenData {
3
+ export interface JwtToken extends JwtPayload {
3
4
  username: string;
4
5
  userid: string;
5
6
  }
6
- export interface JwtToken extends JwtTokenData {
7
- exp: number;
8
- iat: number;
9
- }
10
7
  export type AuthResult = {
11
8
  valid: boolean;
12
9
  userId: string | null;
@@ -14,10 +11,10 @@ export type AuthResult = {
14
11
  export interface IAuthProvider {
15
12
  authorizeToken(userid: string, token: string, requestType: string): Promise<AuthResult>;
16
13
  validateAccess(token: JwtToken, requestType: string): Promise<boolean>;
17
- bearerTokenValidation(req: XRequest): Promise<JwtToken | null>;
14
+ bearerTokenValidation(req: XRequest): Promise<JwtToken | number>;
18
15
  }
19
16
  export default abstract class BaseAuthProvider implements IAuthProvider {
20
17
  abstract authorizeToken(username: string, token: string, requestType: string): Promise<AuthResult>;
21
18
  abstract validateAccess(token: JwtToken, requestType: string): Promise<boolean>;
22
- abstract bearerTokenValidation(req: XRequest): Promise<JwtToken | null>;
19
+ abstract bearerTokenValidation(req: XRequest): Promise<JwtToken | number>;
23
20
  }
package/dist/classes/BaseEndpoint.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  /// <reference types="node" />
2
2
  /// <reference types="node" />
3
- import express from 'express';
3
+ import express, { Express } from 'express';
4
4
  import http from 'http';
5
5
  import { CorePresenter, IDataBase } from '@grandlinex/core';
6
6
  import { IBaseCache, IBaseClient, IBaseKernelModule, IBasePresenter, IKernel } from '../lib';
@@ -11,6 +11,7 @@ export default abstract class BaseEndpoint<K extends IKernel = IKernel, T extend
11
11
  protected httpServer: http.Server;
12
12
  protected port: number;
13
13
  constructor(chanel: string, module: IBaseKernelModule<any, any, any, any>, port: number);
14
+ appServerOverride(app: Express): void;
14
15
  start(): Promise<boolean>;
15
16
  stop(): Promise<boolean>;
16
17
  getApp(): express.Express;
package/dist/classes/BaseEndpoint.js CHANGED
@@ -9,7 +9,10 @@ const http_1 = __importDefault(require("http"));
9
9
  const body_parser_1 = require("body-parser");
10
10
  const core_1 = require("@grandlinex/core");
11
11
  function keepRawBody(req, res, buf, encoding) {
12
- if (buf && buf.length) {
12
+ var _a;
13
+ if (((_a = req.headers['content-type']) === null || _a === void 0 ? void 0 : _a.startsWith('application/json')) &&
14
+ buf &&
15
+ buf.length) {
13
16
  try {
14
17
  req.rawBody = buf.toString(encoding || 'utf8');
15
18
  }
@@ -27,6 +30,10 @@ class BaseEndpoint extends core_1.CorePresenter {
27
30
  this.appServer.use((0, body_parser_1.json)({ verify: keepRawBody }));
28
31
  this.httpServer = http_1.default.createServer(this.appServer);
29
32
  }
33
+ appServerOverride(app) {
34
+ this.appServer = app;
35
+ this.httpServer = http_1.default.createServer(this.appServer);
36
+ }
30
37
  start() {
31
38
  return new Promise((resolve) => {
32
39
  this.httpServer
package/dist/lib/index.d.ts CHANGED
@@ -1,21 +1,21 @@
1
1
  import { ICoreAction, ICoreBridge, ICoreCache, ICoreCClient, ICoreClient, ICoreElement, ICoreKernel, ICoreKernelModule, ICorePresenter, ICoreService, IDataBase } from '@grandlinex/core';
2
2
  import express from 'express';
3
+ import { JwtPayload } from 'jsonwebtoken';
3
4
  import { IAuthProvider, JwtToken } from '../classes/BaseAuthProvider';
4
5
  import { IExtensionInterface } from '../classes/timing/ExpressServerTiming';
5
6
  import { XNextFc, XRequest, XResponse } from './express';
6
7
  export type ActionTypes = 'POST' | 'GET' | 'USE' | 'PATCH' | 'DELETE';
7
8
  export interface ICClient extends ICoreCClient {
8
9
  setAuthProvider(provider: IAuthProvider): boolean;
9
- jwtVerifyAccessToken(token: string): Promise<JwtToken | null>;
10
- jwtGenerateAccessToken(data: {
11
- username: string;
12
- }): string;
10
+ jwtVerifyAccessToken(token: string): Promise<JwtToken | number>;
11
+ jwtDecodeAccessToken(token: string): JwtPayload | null;
12
+ jwtGenerateAccessToken(data: JwtToken, expire?: string | number): string;
13
13
  apiTokenValidation(username: string, token: string, requestType: string): Promise<{
14
14
  valid: boolean;
15
15
  userId: string | null;
16
16
  }>;
17
17
  permissionValidation(token: JwtToken, requestType: string): Promise<boolean>;
18
- bearerTokenValidation(req: XRequest): Promise<JwtToken | null>;
18
+ bearerTokenValidation(req: XRequest): Promise<JwtToken | number>;
19
19
  }
20
20
  export interface IKernel extends ICoreKernel<ICClient> {
21
21
  getAppServerPort(): number;
package/dist/modules/crypto/CryptoClient.d.ts CHANGED
@@ -1,6 +1,7 @@
1
+ import { JwtPayload } from 'jsonwebtoken';
1
2
  import { CoreCryptoClient } from '@grandlinex/core';
2
3
  import { ICClient, IKernel } from '../../lib';
3
- import { IAuthProvider, JwtToken, JwtTokenData } from '../../classes/BaseAuthProvider';
4
+ import { IAuthProvider, JwtToken } from '../../classes/BaseAuthProvider';
4
5
  import { XRequest } from '../../lib/express';
5
6
  export default class CryptoClient extends CoreCryptoClient implements ICClient {
6
7
  protected authProvider: IAuthProvider | null;
@@ -8,12 +9,13 @@ export default class CryptoClient extends CoreCryptoClient implements ICClient {
8
9
  protected expiresIn: string;
9
10
  constructor(key: string, kernel: IKernel);
10
11
  setAuthProvider(provider: IAuthProvider): boolean;
11
- jwtVerifyAccessToken(token: string): Promise<JwtToken | null>;
12
- jwtGenerateAccessToken(data: JwtTokenData): string;
12
+ jwtVerifyAccessToken(token: string): Promise<JwtToken | number>;
13
+ jwtDecodeAccessToken(token: string): JwtPayload | null;
14
+ jwtGenerateAccessToken(data: JwtToken, expire?: string | number): string;
13
15
  apiTokenValidation(username: string, token: string, requestType: string): Promise<{
14
16
  valid: boolean;
15
17
  userId: string | null;
16
18
  }>;
17
19
  permissionValidation(token: JwtToken, requestType: string): Promise<boolean>;
18
- bearerTokenValidation(req: XRequest): Promise<JwtToken | null>;
20
+ bearerTokenValidation(req: XRequest): Promise<JwtToken | number>;
19
21
  }
package/dist/modules/crypto/CryptoClient.js CHANGED
@@ -1,4 +1,27 @@
1
1
  "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || function (mod) {
19
+ if (mod && mod.__esModule) return mod;
20
+ var result = {};
21
+ if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
22
+ __setModuleDefault(result, mod);
23
+ return result;
24
+ };
2
25
  var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
3
26
  function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
4
27
  return new (P || (P = Promise))(function (resolve, reject) {
@@ -8,11 +31,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
8
31
  step((generator = generator.apply(thisArg, _arguments || [])).next());
9
32
  });
10
33
  };
11
- var __importDefault = (this && this.__importDefault) || function (mod) {
12
- return (mod && mod.__esModule) ? mod : { "default": mod };
13
- };
14
34
  Object.defineProperty(exports, "__esModule", { value: true });
15
- const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
35
+ const jsonwebtoken_1 = __importStar(require("jsonwebtoken"));
16
36
  const core_1 = require("@grandlinex/core");
17
37
  class CryptoClient extends core_1.CoreCryptoClient {
18
38
  constructor(key, kernel) {
@@ -31,8 +51,11 @@ class CryptoClient extends core_1.CoreCryptoClient {
31
51
  jwtVerifyAccessToken(token) {
32
52
  return new Promise((resolve) => {
33
53
  jsonwebtoken_1.default.verify(token, this.AesKey, (err, user) => {
34
- if (err || user === null) {
35
- resolve(null);
54
+ if (err instanceof jsonwebtoken_1.TokenExpiredError) {
55
+ resolve(498);
56
+ }
57
+ else if (err || user === null) {
58
+ resolve(403);
36
59
  }
37
60
  else {
38
61
  resolve(user);
@@ -40,8 +63,11 @@ class CryptoClient extends core_1.CoreCryptoClient {
40
63
  });
41
64
  });
42
65
  }
43
- jwtGenerateAccessToken(data) {
44
- return jsonwebtoken_1.default.sign(data, this.AesKey, { expiresIn: this.expiresIn });
66
+ jwtDecodeAccessToken(token) {
67
+ return jsonwebtoken_1.default.decode(token, { json: true });
68
+ }
69
+ jwtGenerateAccessToken(data, expire) {
70
+ return jsonwebtoken_1.default.sign(data, this.AesKey, { expiresIn: expire !== null && expire !== void 0 ? expire : this.expiresIn });
45
71
  }
46
72
  apiTokenValidation(username, token, requestType) {
47
73
  return __awaiter(this, void 0, void 0, function* () {
@@ -49,10 +75,12 @@ class CryptoClient extends core_1.CoreCryptoClient {
49
75
  return this.authProvider.authorizeToken(username, token, requestType);
50
76
  }
51
77
  const store = this.kernel.getConfigStore();
78
+ const cc = this.kernel.getCryptoClient();
52
79
  if (!store.has('SERVER_PASSWORD')) {
53
80
  return { valid: false, userId: null };
54
81
  }
55
- if (token === store.get('SERVER_PASSWORD') && username === 'admin') {
82
+ if ((cc === null || cc === void 0 ? void 0 : cc.timeSavePWValidation(token, store.get('SERVER_PASSWORD') || '')) ||
83
+ (token === store.get('SERVER_PASSWORD') && username === 'admin')) {
56
84
  return {
57
85
  valid: true,
58
86
  userId: 'admin',
@@ -79,14 +107,14 @@ class CryptoClient extends core_1.CoreCryptoClient {
79
107
  }
80
108
  const authHeader = req.headers.authorization;
81
109
  const token = authHeader && authHeader.split(' ')[1];
82
- if (token == null) {
83
- return null;
110
+ if (!token) {
111
+ return 401;
84
112
  }
85
113
  const tokenData = yield this.jwtVerifyAccessToken(token);
86
114
  if (tokenData) {
87
115
  return tokenData;
88
116
  }
89
- return null;
117
+ return 403;
90
118
  });
91
119
  }
92
120
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@grandlinex/kernel",
3
- "version": "0.27.1",
3
+ "version": "0.28.1",
4
4
  "description": "GrandLineX is an out-of-the-box server framework on top of ExpressJs.",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -27,7 +27,7 @@
27
27
  },
28
28
  "license": "BSD-3-Clause",
29
29
  "dependencies": {
30
- "@grandlinex/core": "0.27.0",
30
+ "@grandlinex/core": "0.28.0",
31
31
  "axios": "0.27.2",
32
32
  "body-parser": "1.20.1",
33
33
  "express": "4.18.2",