@hemia/auth-sdk 0.0.9 → 0.0.10

package/dist/hemia-auth-sdk.esm.js

@@ -1,4 +1,4 @@
-import { BadRequestError, CustomHttpError, InternalServerError, Get, Req, Res, Post, HttpError } from '@hemia/common';
+import { BadRequestError, CustomHttpError, InternalServerError, Get, Req, Res, Post, Controller, HttpError, METADATA_KEYS, ControllerRegistry } from '@hemia/common';
 import { HMNetworkServices } from '@hemia/network-services';
 import { JwtManager } from '@hemia/jwt-manager';
 import { randomBytes, createHash } from 'crypto';
@@ -178,10 +178,10 @@ let AuthService = class AuthService {
             if (response.status !== 200) {
                 throw new CustomHttpError('Token exchange failed', response.status, 'token_exchange_failed');
             }
-            if (!response.data.access_token) {
+            if (!response.data.data?.access_token) {
                 throw new InternalServerError('No access token received from SSO', 'invalid_token_response');
             }
-            const { access_token, refresh_token, id_token, expires_in, session_id } = response.data;
+            const { access_token, refresh_token, id_token, expires_in, session_id } = response.data.data;
             const sessionId = randomBytes(16).toString('hex');
             const sessionData = {
                 accessToken: access_token,
@@ -352,13 +352,19 @@ let AuthService = class AuthService {
             refreshToken: session.refreshToken,
             sessionId: session.ssoSessionId
         });
-        const { access_token, refresh_token, id_token, expires_in } = response.data;
+        if (response.status !== 200) {
+            throw new CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
+        }
+        if (!response.data.data) {
+            throw new InternalServerError('No token data received from SSO during refresh', 'invalid_token_response');
+        }
+        const { access_token, refresh_token, id_token, expires_in, session_id } = response.data.data;
         const updatedSession = {
             accessToken: access_token,
             refreshToken: refresh_token || session.refreshToken,
             idToken: id_token || session.idToken,
             expiresAt: Date.now() + (expires_in * 1000),
-            sessionId: response.data.session_id || '',
+            sessionId: session_id || '',
             createdAt: Date.now().toString()
         };
         await this.storage.set(`x-session:${sessionId}`, updatedSession, expires_in);
@@ -374,11 +380,13 @@ AuthService = __decorate([
 const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
 
 /**
- * Controller Abstracto Reutilizable
+ * Controller AuthController
  * Gestiona automáticamente Login, Callback, Me y Logout.
  */
-let AbstractAuthController = class AbstractAuthController {
-    constructor() { }
+let AuthController = class AuthController {
+    constructor(authService) {
+        this.authService = authService;
+    }
     async login(req, res) {
         try {
             const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
@@ -495,22 +503,18 @@ let AbstractAuthController = class AbstractAuthController {
         return res.status(200).json({ success: true });
     }
 };
-__decorate([
-    inject(AUTH_SERVICE_ID),
-    __metadata("design:type", AuthService)
-], AbstractAuthController.prototype, "authService", void 0);
 __decorate([
     Get('/login'),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "login", null);
+], AuthController.prototype, "login", null);
 __decorate([
     Get('/callback'),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "callback", null);
+], AuthController.prototype, "callback", null);
 __decorate([
     Get('/me'),
     __param(0, Req()),
@@ -518,7 +522,7 @@ __decorate([
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "me", null);
+], AuthController.prototype, "me", null);
 __decorate([
     Post('/logout'),
     __param(0, Req()),
@@ -526,11 +530,12 @@ __decorate([
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], AbstractAuthController.prototype, "logout", null);
-AbstractAuthController = __decorate([
-    injectable(),
-    __metadata("design:paramtypes", [])
-], AbstractAuthController);
+], AuthController.prototype, "logout", null);
+AuthController = __decorate([
+    Controller('/'),
+    __param(0, inject(AUTH_SERVICE_ID)),
+    __metadata("design:paramtypes", [AuthService])
+], AuthController);
 
 class AuthCacheAdapter {
     constructor(externalCache) {
@@ -547,14 +552,21 @@ class AuthCacheAdapter {
     }
 }
 
-const registerAuthSdk = (bind, config, cacheFactory) => {
-    bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
-        const rawCache = await Promise.resolve(cacheFactory(context));
-        const storageAdapter = new AuthCacheAdapter(rawCache);
-        const network = new HMNetworkServices(config.ssoBaseUrl);
-        const jwt = new JwtManager();
-        return new AuthService(config, storageAdapter, network, jwt);
-    }).inSingletonScope();
+const authPlugin = (config, cacheFactory, options) => {
+    return async (container) => {
+        container.bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
+            const rawCache = await Promise.resolve(cacheFactory(context));
+            const storageAdapter = new AuthCacheAdapter(rawCache);
+            const network = new HMNetworkServices(config.ssoBaseUrl);
+            const jwt = new JwtManager();
+            return new AuthService(config, storageAdapter, network, jwt);
+        }).inSingletonScope();
+        Reflect.defineMetadata(METADATA_KEYS.BASE_PATH, options.basePath, AuthController);
+        ControllerRegistry.register(AuthController);
+        if (!container.isBound(AuthController)) {
+            container.bind(AuthController).toSelf().inSingletonScope();
+        }
+    };
 };
 
-export { AUTH_SERVICE_ID, AbstractAuthController, AuthService, InvalidTokenFormatError, SessionError, SessionExpiredError, SessionInvalidError, SessionNotFoundError, TokenRefreshFailedError, registerAuthSdk };
+export { AUTH_SERVICE_ID, AuthController, AuthService, InvalidTokenFormatError, SessionError, SessionExpiredError, SessionInvalidError, SessionNotFoundError, TokenRefreshFailedError, authPlugin };

package/dist/hemia-auth-sdk.js

@@ -180,10 +180,10 @@ exports.AuthService = class AuthService {
             if (response.status !== 200) {
                 throw new common.CustomHttpError('Token exchange failed', response.status, 'token_exchange_failed');
             }
-            if (!response.data.access_token) {
+            if (!response.data.data?.access_token) {
                 throw new common.InternalServerError('No access token received from SSO', 'invalid_token_response');
             }
-            const { access_token, refresh_token, id_token, expires_in, session_id } = response.data;
+            const { access_token, refresh_token, id_token, expires_in, session_id } = response.data.data;
             const sessionId = crypto.randomBytes(16).toString('hex');
             const sessionData = {
                 accessToken: access_token,
@@ -354,13 +354,19 @@ exports.AuthService = class AuthService {
             refreshToken: session.refreshToken,
             sessionId: session.ssoSessionId
         });
-        const { access_token, refresh_token, id_token, expires_in } = response.data;
+        if (response.status !== 200) {
+            throw new common.CustomHttpError('Token refresh failed', response.status, 'token_refresh_failed');
+        }
+        if (!response.data.data) {
+            throw new common.InternalServerError('No token data received from SSO during refresh', 'invalid_token_response');
+        }
+        const { access_token, refresh_token, id_token, expires_in, session_id } = response.data.data;
         const updatedSession = {
             accessToken: access_token,
             refreshToken: refresh_token || session.refreshToken,
             idToken: id_token || session.idToken,
             expiresAt: Date.now() + (expires_in * 1000),
-            sessionId: response.data.session_id || '',
+            sessionId: session_id || '',
             createdAt: Date.now().toString()
         };
         await this.storage.set(`x-session:${sessionId}`, updatedSession, expires_in);
@@ -376,11 +382,13 @@ exports.AuthService = __decorate([
 const AUTH_SERVICE_ID = Symbol.for('HemiaAuthService');
 
 /**
- * Controller Abstracto Reutilizable
+ * Controller AuthController
  * Gestiona automáticamente Login, Callback, Me y Logout.
  */
-exports.AbstractAuthController = class AbstractAuthController {
-    constructor() { }
+exports.AuthController = class AuthController {
+    constructor(authService) {
+        this.authService = authService;
+    }
     async login(req, res) {
         try {
             const autoParam = typeof req.query.auto === 'string' ? req.query.auto : 'false';
@@ -497,22 +505,18 @@ exports.AbstractAuthController = class AbstractAuthController {
         return res.status(200).json({ success: true });
     }
 };
-__decorate([
-    inversify.inject(AUTH_SERVICE_ID),
-    __metadata("design:type", exports.AuthService)
-], exports.AbstractAuthController.prototype, "authService", void 0);
 __decorate([
     common.Get('/login'),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], exports.AbstractAuthController.prototype, "login", null);
+], exports.AuthController.prototype, "login", null);
 __decorate([
     common.Get('/callback'),
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], exports.AbstractAuthController.prototype, "callback", null);
+], exports.AuthController.prototype, "callback", null);
 __decorate([
     common.Get('/me'),
     __param(0, common.Req()),
@@ -520,7 +524,7 @@ __decorate([
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], exports.AbstractAuthController.prototype, "me", null);
+], exports.AuthController.prototype, "me", null);
 __decorate([
     common.Post('/logout'),
     __param(0, common.Req()),
@@ -528,11 +532,12 @@ __decorate([
     __metadata("design:type", Function),
     __metadata("design:paramtypes", [Object, Object]),
     __metadata("design:returntype", Promise)
-], exports.AbstractAuthController.prototype, "logout", null);
-exports.AbstractAuthController = __decorate([
-    inversify.injectable(),
-    __metadata("design:paramtypes", [])
-], exports.AbstractAuthController);
+], exports.AuthController.prototype, "logout", null);
+exports.AuthController = __decorate([
+    common.Controller('/'),
+    __param(0, inversify.inject(AUTH_SERVICE_ID)),
+    __metadata("design:paramtypes", [exports.AuthService])
+], exports.AuthController);
 
 class AuthCacheAdapter {
     constructor(externalCache) {
@@ -549,14 +554,21 @@ class AuthCacheAdapter {
     }
 }
 
-const registerAuthSdk = (bind, config, cacheFactory) => {
-    bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
-        const rawCache = await Promise.resolve(cacheFactory(context));
-        const storageAdapter = new AuthCacheAdapter(rawCache);
-        const network = new networkServices.HMNetworkServices(config.ssoBaseUrl);
-        const jwt = new jwtManager.JwtManager();
-        return new exports.AuthService(config, storageAdapter, network, jwt);
-    }).inSingletonScope();
+const authPlugin = (config, cacheFactory, options) => {
+    return async (container) => {
+        container.bind(AUTH_SERVICE_ID).toDynamicValue(async (context) => {
+            const rawCache = await Promise.resolve(cacheFactory(context));
+            const storageAdapter = new AuthCacheAdapter(rawCache);
+            const network = new networkServices.HMNetworkServices(config.ssoBaseUrl);
+            const jwt = new jwtManager.JwtManager();
+            return new exports.AuthService(config, storageAdapter, network, jwt);
+        }).inSingletonScope();
+        Reflect.defineMetadata(common.METADATA_KEYS.BASE_PATH, options.basePath, exports.AuthController);
+        common.ControllerRegistry.register(exports.AuthController);
+        if (!container.isBound(exports.AuthController)) {
+            container.bind(exports.AuthController).toSelf().inSingletonScope();
+        }
+    };
 };
 
 exports.AUTH_SERVICE_ID = AUTH_SERVICE_ID;
@@ -566,4 +578,4 @@ exports.SessionExpiredError = SessionExpiredError;
 exports.SessionInvalidError = SessionInvalidError;
 exports.SessionNotFoundError = SessionNotFoundError;
 exports.TokenRefreshFailedError = TokenRefreshFailedError;
-exports.registerAuthSdk = registerAuthSdk;
+exports.authPlugin = authPlugin;

package/dist/types/controllers/{abstract-auth.controller.d.ts → auth.controller.d.ts}

@@ -1,12 +1,12 @@
 import { Request, Response } from "express";
 import { AuthService } from "../services/auth.service";
 /**
- * Controller Abstracto Reutilizable
+ * Controller AuthController
  * Gestiona automáticamente Login, Callback, Me y Logout.
  */
-export declare abstract class AbstractAuthController {
-    protected readonly authService: AuthService;
-    constructor();
+export declare class AuthController {
+    private readonly authService;
+    constructor(authService: AuthService);
     login(req: Request, res: Response): Promise<void>;
     callback(req: Request, res: Response): Promise<void>;
     me(req: Request, res: Response): Promise<Response>;

package/dist/types/index.d.ts

@@ -1,4 +1,4 @@
-export * from "./controllers/abstract-auth.controller";
+export * from "./controllers/auth.controller";
 export * from "./services";
 export * from "./types";
 export * from "./errors";

package/dist/types/ioc.d.ts

@@ -1,5 +1,8 @@
-import { Bind, ResolutionContext } from "inversify";
+import { ResolutionContext } from "inversify";
 import { IAuthConfig } from "./types";
 import { IHemiaCacheService } from "./adapters";
+import { Plugin } from "@hemia/common";
 export type CacheFactory = (context: ResolutionContext) => Promise<IHemiaCacheService> | IHemiaCacheService;
-export declare const registerAuthSdk: (bind: Bind, config: IAuthConfig, cacheFactory: CacheFactory) => void;
+export declare const authPlugin: (config: IAuthConfig, cacheFactory: CacheFactory, options: {
+    basePath: string;
+}) => Plugin;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hemia/auth-sdk",
-  "version": "0.0.9",
+  "version": "0.0.10",
   "description": "Hemia SDK for authentication",
   "main": "dist/hemia-auth-sdk.js",
   "module": "dist/hemia-auth-sdk.esm.js",
@@ -15,7 +15,7 @@
   },
   "devDependencies": {
     "@hemia/cache-manager": "^0.0.5",
-    "@hemia/common": "^0.0.5",
+    "@hemia/common": "^0.0.9",
     "@hemia/jwt-manager": "^0.0.4",
     "@hemia/network-services": "^0.0.3",
     "@rollup/plugin-commonjs": "^26.0.1",
@@ -43,7 +43,7 @@
   ],
   "peerDependencies": {
     "@hemia/cache-manager": "^0.0.5",
-    "@hemia/common": "^0.0.5",
+    "@hemia/common": "^0.0.9",
     "@hemia/jwt-manager": "^0.0.4",
     "@hemia/network-services": "^0.0.3",
     "inversify": "^7.11.0",