@hitchy/plugin-auth 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api/model/authorization/rule.js +1 -1
- package/api/model/role.js +2 -2
- package/api/model/user.js +2 -2
- package/api/policy/authentication.js +5 -5
- package/api/policy/user.js +1 -1
- package/api/service/auth/manager.js +2 -2
- package/api/service/authentication/passport.js +2 -2
- package/api/service/authentication/strategies.js +5 -5
- package/api/service/authorization/node.js +4 -4
- package/api/service/authorization/policy-generator.js +1 -1
- package/api/service/authorization/tree.js +1 -1
- package/api/service/authorization.js +1 -1
- package/api/service/session.js +3 -3
- package/hash-password.js +1 -1
- package/index.js +1 -1
- package/package.json +4 -5
package/api/model/role.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
1
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
2
2
|
const api = this;
|
|
3
3
|
const { models } = api;
|
|
4
4
|
|
|
@@ -8,7 +8,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
8
8
|
* @property {string} name unique name of user
|
|
9
9
|
*
|
|
10
10
|
* @name Hitchy.Plugin.Auth.Role
|
|
11
|
-
* @type Hitchy.Plugin.Odem.Model
|
|
11
|
+
* @type {Hitchy.Plugin.Odem.Model}
|
|
12
12
|
*/
|
|
13
13
|
return {
|
|
14
14
|
props: {
|
package/api/model/user.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import Crypto from "node:crypto";
|
|
2
2
|
|
|
3
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
3
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
4
4
|
const api = this;
|
|
5
5
|
const { services, models } = api;
|
|
6
6
|
|
|
@@ -55,7 +55,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
55
55
|
|
|
56
56
|
async beforeSave( existsAlready, record ) {
|
|
57
57
|
if ( record.password ) {
|
|
58
|
-
record.password = await this.hashPassword( record.password );
|
|
58
|
+
record.password = await this.hashPassword( record.password );
|
|
59
59
|
}
|
|
60
60
|
|
|
61
61
|
return record;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
1
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
2
2
|
const api = this;
|
|
3
3
|
const { models, service } = api;
|
|
4
4
|
|
|
@@ -76,7 +76,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
76
76
|
|
|
77
77
|
service.AuthManager.checkAuthentication( parts[1], parts[2] )
|
|
78
78
|
.then( user => {
|
|
79
|
-
req.user = user;
|
|
79
|
+
req.user = user;
|
|
80
80
|
|
|
81
81
|
this.qualifyAuthenticated( req, res, next );
|
|
82
82
|
} )
|
|
@@ -99,7 +99,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
99
99
|
|
|
100
100
|
req.fetchBody()
|
|
101
101
|
.then( body => {
|
|
102
|
-
req.body = body;
|
|
102
|
+
req.body = body;
|
|
103
103
|
|
|
104
104
|
return new Promise( ( resolve, reject ) => {
|
|
105
105
|
AuthenticationPassport.authenticate( strategy || defaultStrategy )( req, res, err => {
|
|
@@ -146,7 +146,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
146
146
|
|
|
147
147
|
service.AuthManager.listRolesOfUser( new models.User( uuid ) )
|
|
148
148
|
.then( roles => {
|
|
149
|
-
req.user.roles = roles;
|
|
149
|
+
req.user.roles = roles;
|
|
150
150
|
|
|
151
151
|
logDebug( "authenticated as", req.user.name );
|
|
152
152
|
|
|
@@ -199,7 +199,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
199
199
|
await new Promise( ( resolve, reject ) => req.session.regenerate( error => ( error ? reject( error ) : resolve() ) ) );
|
|
200
200
|
}
|
|
201
201
|
|
|
202
|
-
req.user = undefined;
|
|
202
|
+
req.user = undefined;
|
|
203
203
|
|
|
204
204
|
res.set( "X-Authenticated-As", undefined );
|
|
205
205
|
res.set( "X-Authorized-As", undefined );
|
package/api/policy/user.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
1
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
2
2
|
const api = this;
|
|
3
3
|
const { models, services } = api;
|
|
4
4
|
|
|
@@ -61,7 +61,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
61
61
|
const { Role } = models;
|
|
62
62
|
|
|
63
63
|
if ( !( role instanceof Role ) ) {
|
|
64
|
-
role = String( role );
|
|
64
|
+
role = String( role );
|
|
65
65
|
|
|
66
66
|
if ( !/^[a-z_]/i.test( role ) || /\s/.test( role ) ) {
|
|
67
67
|
throw new TypeError( "missing role information" );
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import PassportLib from "passport";
|
|
2
2
|
|
|
3
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
3
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
4
4
|
const api = this;
|
|
5
5
|
|
|
6
6
|
const logAlert = api.log( "hitchy:auth:alert" );
|
|
@@ -26,7 +26,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
26
26
|
} );
|
|
27
27
|
|
|
28
28
|
passport.deserializeUser( ( uuid, done ) => {
|
|
29
|
-
/** @type Hitchy.Plugin.Auth.User */
|
|
29
|
+
/** @type {Hitchy.Plugin.Auth.User} */
|
|
30
30
|
const user = new User( uuid );
|
|
31
31
|
|
|
32
32
|
user.$exists
|
|
@@ -13,7 +13,7 @@ import { Strategy as LocalStrategy } from "passport-local";
|
|
|
13
13
|
*/
|
|
14
14
|
const RemoteAuthCustomData = new Map();
|
|
15
15
|
|
|
16
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
16
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
17
17
|
const api = this;
|
|
18
18
|
const { models, services } = api;
|
|
19
19
|
|
|
@@ -60,7 +60,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
60
60
|
*
|
|
61
61
|
* @param {string} username name of user to authenticate
|
|
62
62
|
* @param {string} password named user's password for authentication
|
|
63
|
-
* @param {function(Error?, object, object)} done invoked with optional error, authenticated user or some message as feedback
|
|
63
|
+
* @param {function(Error?, object, object):void} done invoked with optional error, authenticated user or some message as feedback
|
|
64
64
|
* @returns {void}
|
|
65
65
|
*/
|
|
66
66
|
static checkAuthentication( username, password, done ) {
|
|
@@ -222,10 +222,10 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
222
222
|
* supporting OpenID Connect with Authorization Code Flow.
|
|
223
223
|
*
|
|
224
224
|
* @param {string} strategyName name of resulting strategy in context of your application
|
|
225
|
-
* @param {
|
|
225
|
+
* @param {object} config OpenID Connect client configuration
|
|
226
226
|
* @returns {Promise<Strategy>} promises generated strategy for use with passport.js
|
|
227
227
|
*/
|
|
228
|
-
static async generateOpenIdConnect( strategyName, config ) {
|
|
228
|
+
static async generateOpenIdConnect( strategyName, config ) {
|
|
229
229
|
const verifyLocalProfileOnLogin = ( req, tokens, userInfo, done ) => {
|
|
230
230
|
getLocalProfile( strategyName, userInfo.preferred_username, true, done );
|
|
231
231
|
};
|
|
@@ -246,7 +246,7 @@ export default function() { // eslint-disable-line require-jsdoc
|
|
|
246
246
|
return Promise.resolve( false );
|
|
247
247
|
}
|
|
248
248
|
|
|
249
|
-
const state = req.session[key] = generators.state( 32 );
|
|
249
|
+
const state = req.session[key] = generators.state( 32 );
|
|
250
250
|
|
|
251
251
|
// redirect user to discovered end_session_url of IdP
|
|
252
252
|
req.context.response.redirect( 302, client.endSessionUrl( { state } ) );
|
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
export default function() { // eslint-disable-line require-jsdoc
|
|
1
|
+
export default function() { // eslint-disable-line jsdoc/require-jsdoc
|
|
2
2
|
/**
|
|
3
3
|
* Implements behavior of a single node in a hierarchy of authorization
|
|
4
4
|
* rules.
|
|
5
5
|
*
|
|
6
6
|
* @property {?AuthorizationNode} parent refers to superordinated node
|
|
7
7
|
* @property {?string} name name of segment addressing this node in context of its parent
|
|
8
|
-
* @property {{accept:
|
|
9
|
-
* @property {{accept:
|
|
10
|
-
* @property {
|
|
8
|
+
* @property {{accept: Object<string, number>, reject: Object<string, number>}} roles maps names of roles into number of rules requesting to accept/reject
|
|
9
|
+
* @property {{accept: Object<string, number>, reject: Object<string, number>}} users lists UUIDs of users to accept/reject in context of node
|
|
10
|
+
* @property {Object<string,AuthorizationNode>} children maps relative names into subordinated nodes
|
|
11
11
|
*/
|
|
12
12
|
class AuthorizationNode {
|
|
13
13
|
/**
|
package/api/service/session.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
export default function( options, HitchyPluginSession ) { // eslint-disable-line require-jsdoc
|
|
1
|
+
export default function( options, HitchyPluginSession ) { // eslint-disable-line jsdoc/require-jsdoc
|
|
2
2
|
const api = this;
|
|
3
3
|
|
|
4
4
|
const logDebug = api.log( "hitchy:auth:debug" );
|
|
@@ -91,7 +91,7 @@ export default function( options, HitchyPluginSession ) { // eslint-disable-line
|
|
|
91
91
|
*
|
|
92
92
|
* This method is used by passport.
|
|
93
93
|
*
|
|
94
|
-
* @param {function(
|
|
94
|
+
* @param {function((Error|undefined)): void} doneFn callback invoked when session has been re-generated or some error occurred
|
|
95
95
|
* @returns {void}
|
|
96
96
|
*/
|
|
97
97
|
regenerate( doneFn ) {
|
|
@@ -132,7 +132,7 @@ export default function( options, HitchyPluginSession ) { // eslint-disable-line
|
|
|
132
132
|
*
|
|
133
133
|
* This method is used by passport.
|
|
134
134
|
*
|
|
135
|
-
* @param {function(
|
|
135
|
+
* @param {function((Error|undefined)):void} doneFn callback invoked when session has been saved or some error occurred
|
|
136
136
|
* @returns {void}
|
|
137
137
|
*/
|
|
138
138
|
save( doneFn ) {
|
package/hash-password.js
CHANGED
|
@@ -10,7 +10,7 @@ process.stdin.once( "end", () => {
|
|
|
10
10
|
UserModel.call( { services: {}, models: {} } )
|
|
11
11
|
.methods.hashPassword( input )
|
|
12
12
|
.then( password => {
|
|
13
|
-
console.log( password );
|
|
13
|
+
console.log( password ); // eslint-disable-line no-console
|
|
14
14
|
} )
|
|
15
15
|
.catch( console.error );
|
|
16
16
|
} );
|
package/index.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hitchy/plugin-auth",
|
|
3
|
-
"version": "0.5.
|
|
3
|
+
"version": "0.5.1",
|
|
4
4
|
"description": "user authentication and authorization for Hitchy",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "index.js",
|
|
@@ -33,12 +33,11 @@
|
|
|
33
33
|
},
|
|
34
34
|
"devDependencies": {
|
|
35
35
|
"@hitchy/core": "^1.0.1",
|
|
36
|
-
"@hitchy/server-dev-tools": "^0.8.
|
|
36
|
+
"@hitchy/server-dev-tools": "^0.8.5",
|
|
37
37
|
"@hitchy/types": "^0.1.3",
|
|
38
38
|
"c8": "^10.1.2",
|
|
39
|
-
"eslint": "^
|
|
40
|
-
"eslint-config-cepharum": "^
|
|
41
|
-
"eslint-plugin-promise": "^6.6.0",
|
|
39
|
+
"eslint": "^9.15.0",
|
|
40
|
+
"eslint-config-cepharum": "^2.0.2",
|
|
42
41
|
"mermaid": "^11.4.0",
|
|
43
42
|
"mocha": "^10.8.2",
|
|
44
43
|
"openid-client": "^5.7.0",
|