@icure/api 6.4.2 → 6.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccAuthApi.d.ts +19 -0
- package/icc-api/api/IccAuthApi.js +46 -1
- package/icc-api/api/IccAuthApi.js.map +1 -1
- package/icc-api/api/IccBesamv2Api.d.ts +6 -0
- package/icc-api/api/IccBesamv2Api.js +13 -0
- package/icc-api/api/IccBesamv2Api.js.map +1 -1
- package/icc-api/api/IccGroupApi.d.ts +6 -0
- package/icc-api/api/IccGroupApi.js +13 -0
- package/icc-api/api/IccGroupApi.js.map +1 -1
- package/icc-api/index.d.ts +0 -1
- package/icc-api/index.js +0 -1
- package/icc-api/index.js.map +1 -1
- package/icc-api/model/AuthenticationToken.d.ts +1 -0
- package/icc-api/model/AuthenticationToken.js.map +1 -1
- package/icc-api/model/FlatRateTarification.d.ts +4 -1
- package/icc-api/model/FlatRateTarification.js +3 -0
- package/icc-api/model/FlatRateTarification.js.map +1 -1
- package/icc-api/model/UserGroup.d.ts +1 -0
- package/icc-api/model/UserGroup.js.map +1 -1
- package/icc-x-api/auth/AuthenticationProvider.d.ts +34 -2
- package/icc-x-api/auth/AuthenticationProvider.js +28 -6
- package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
- package/icc-x-api/auth/EnsembleAuthService.d.ts +6 -2
- package/icc-x-api/auth/EnsembleAuthService.js +9 -0
- package/icc-x-api/auth/EnsembleAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtAuthService.d.ts +5 -4
- package/icc-x-api/auth/JwtAuthService.js +7 -20
- package/icc-x-api/auth/JwtAuthService.js.map +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +26 -0
- package/icc-x-api/auth/JwtBridgedAuthService.js +128 -0
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -0
- package/icc-x-api/filters/ServiceByHcPartyTagCodeDateFilter.d.ts +1 -0
- package/icc-x-api/filters/ServiceByHcPartyTagCodeDateFilter.js.map +1 -1
- package/icc-x-api/icc-crypto-x-api.d.ts +3 -5
- package/icc-x-api/icc-crypto-x-api.js +46 -50
- package/icc-x-api/icc-crypto-x-api.js.map +1 -1
- package/icc-x-api/index.d.ts +7 -2
- package/icc-x-api/index.js +6 -4
- package/icc-x-api/index.js.map +1 -1
- package/package.json +1 -1
- package/icc-api/api/IccBemikronoApi.d.ts +0 -81
- package/icc-api/api/IccBemikronoApi.js +0 -162
- package/icc-api/api/IccBemikronoApi.js.map +0 -1
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
import { AuthService } from './AuthService';
|
|
2
|
+
import { XHR } from '../../icc-api/api/XHR';
|
|
3
|
+
import { IccAuthApi } from '../../icc-api';
|
|
4
|
+
import Header = XHR.Header;
|
|
5
|
+
export declare class JwtBridgedAuthService implements AuthService {
|
|
6
|
+
private authApi;
|
|
7
|
+
private username;
|
|
8
|
+
private password;
|
|
9
|
+
private thirdPartyTokens;
|
|
10
|
+
private _error;
|
|
11
|
+
private _currentPromise;
|
|
12
|
+
constructor(authApi: IccAuthApi, username: string, password: string, thirdPartyTokens?: {
|
|
13
|
+
[thirdParty: string]: string;
|
|
14
|
+
});
|
|
15
|
+
getIcureTokens(): Promise<{
|
|
16
|
+
token: string;
|
|
17
|
+
refreshToken: string;
|
|
18
|
+
} | undefined>;
|
|
19
|
+
getAuthHeaders(): Promise<Array<Header>>;
|
|
20
|
+
private _refreshAuthJwt;
|
|
21
|
+
private _loginAndGetTokens;
|
|
22
|
+
private _isJwtExpired;
|
|
23
|
+
private _base64Decode;
|
|
24
|
+
invalidateHeader(error: Error): void;
|
|
25
|
+
isInErrorState(): boolean;
|
|
26
|
+
}
|
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.JwtBridgedAuthService = void 0;
|
|
13
|
+
const XHR_1 = require("../../icc-api/api/XHR");
|
|
14
|
+
const LoginCredentials_1 = require("../../icc-api/model/LoginCredentials");
|
|
15
|
+
const utils_1 = require("../utils");
|
|
16
|
+
var XHRError = XHR_1.XHR.XHRError;
|
|
17
|
+
class JwtBridgedAuthService {
|
|
18
|
+
constructor(authApi, username, password, thirdPartyTokens = {}) {
|
|
19
|
+
this.authApi = authApi;
|
|
20
|
+
this.username = username;
|
|
21
|
+
this.password = password;
|
|
22
|
+
this.thirdPartyTokens = thirdPartyTokens;
|
|
23
|
+
this._error = null;
|
|
24
|
+
this._currentPromise = Promise.resolve({});
|
|
25
|
+
}
|
|
26
|
+
getIcureTokens() {
|
|
27
|
+
return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt, refreshToken: refreshJwt })));
|
|
28
|
+
}
|
|
29
|
+
getAuthHeaders() {
|
|
30
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
31
|
+
return this._currentPromise
|
|
32
|
+
.then(({ authJwt, refreshJwt }) => {
|
|
33
|
+
if (!authJwt || this._isJwtExpired(authJwt)) {
|
|
34
|
+
// If it does not have the JWT, tries to get it
|
|
35
|
+
// If the JWT is expired, tries to refresh it
|
|
36
|
+
this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {
|
|
37
|
+
// If here the token is null,
|
|
38
|
+
// it goes in a suspension status
|
|
39
|
+
if (!updatedTokens.authJwt) {
|
|
40
|
+
throw new Error('Your iCure back-end version does not support JWT authentication');
|
|
41
|
+
}
|
|
42
|
+
return updatedTokens;
|
|
43
|
+
});
|
|
44
|
+
}
|
|
45
|
+
else if (!!this._error) {
|
|
46
|
+
throw this._error;
|
|
47
|
+
}
|
|
48
|
+
return this._currentPromise;
|
|
49
|
+
})
|
|
50
|
+
.then(({ authJwt }) => {
|
|
51
|
+
return [new XHR_1.XHR.Header('Authorization', `Bearer ${authJwt}`)];
|
|
52
|
+
});
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
_refreshAuthJwt(refreshJwt) {
|
|
56
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
57
|
+
// If I do not have a refresh JWT or the refresh JWT is expired,
|
|
58
|
+
// I have to log in again
|
|
59
|
+
if (!refreshJwt || this._isJwtExpired(refreshJwt)) {
|
|
60
|
+
return this._loginAndGetTokens();
|
|
61
|
+
}
|
|
62
|
+
else {
|
|
63
|
+
return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({
|
|
64
|
+
authJwt: refreshResponse.token,
|
|
65
|
+
refreshJwt: refreshJwt,
|
|
66
|
+
}));
|
|
67
|
+
}
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
_loginAndGetTokens() {
|
|
71
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
72
|
+
let authResponse;
|
|
73
|
+
let firstError;
|
|
74
|
+
if (this.username && this.password) {
|
|
75
|
+
try {
|
|
76
|
+
authResponse = yield this.authApi.login(new LoginCredentials_1.LoginCredentials({
|
|
77
|
+
username: this.username,
|
|
78
|
+
password: this.password,
|
|
79
|
+
}));
|
|
80
|
+
}
|
|
81
|
+
catch (e) {
|
|
82
|
+
firstError = e;
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
if (!authResponse) {
|
|
86
|
+
authResponse = yield Object.entries(this.thirdPartyTokens).reduce((acc, [thirdParty, token]) => __awaiter(this, void 0, void 0, function* () {
|
|
87
|
+
const prev = yield acc;
|
|
88
|
+
return (prev !== null && prev !== void 0 ? prev : (token
|
|
89
|
+
? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {
|
|
90
|
+
if (!firstError) {
|
|
91
|
+
firstError = e;
|
|
92
|
+
}
|
|
93
|
+
return Promise.resolve();
|
|
94
|
+
})
|
|
95
|
+
: undefined));
|
|
96
|
+
}), Promise.resolve());
|
|
97
|
+
}
|
|
98
|
+
if (!authResponse) {
|
|
99
|
+
if (firstError)
|
|
100
|
+
throw firstError;
|
|
101
|
+
throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers());
|
|
102
|
+
}
|
|
103
|
+
return {
|
|
104
|
+
authJwt: authResponse.token,
|
|
105
|
+
refreshJwt: authResponse.refreshToken,
|
|
106
|
+
};
|
|
107
|
+
});
|
|
108
|
+
}
|
|
109
|
+
_isJwtExpired(jwt) {
|
|
110
|
+
const parts = jwt.split('.');
|
|
111
|
+
if (parts.length !== 3) {
|
|
112
|
+
return false;
|
|
113
|
+
}
|
|
114
|
+
const payload = this._base64Decode(parts[1]);
|
|
115
|
+
return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime();
|
|
116
|
+
}
|
|
117
|
+
_base64Decode(encodedString) {
|
|
118
|
+
return JSON.parse((0, utils_1.a2b)(encodedString));
|
|
119
|
+
}
|
|
120
|
+
invalidateHeader(error) {
|
|
121
|
+
this._error = error;
|
|
122
|
+
}
|
|
123
|
+
isInErrorState() {
|
|
124
|
+
return !!this._error;
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
exports.JwtBridgedAuthService = JwtBridgedAuthService;
|
|
128
|
+
//# sourceMappingURL=JwtBridgedAuthService.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE;oBAC3C,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;gBACpB,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,aAAa,CAAC,UAAU,CAAC,EAAE;gBACjD,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,aAAa,CAAC,GAAW;QAC/B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,KAAK,CAAA;SACb;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AArHD,sDAqHC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string,\n private password: string,\n private thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {}\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then(({ authJwt }) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return false\n }\n const payload = this._base64Decode(parts[1])\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ServiceByHcPartyTagCodeDateFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/ServiceByHcPartyTagCodeDateFilter.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;GAUG;AACH,qFAAiF;AAEjF,MAAa,iCAAkC,SAAQ,6CAAqB;IAE1E,YAAY,IAAgB;QAC1B,KAAK,CAAC,IAAI,CAAC,CAAA;QAFb,UAAK,GAAW,mCAAmC,CAAA;QAIjD,MAAM,CAAC,MAAM,CAAC,IAAyC,EAAE,IAAI,CAAC,CAAA;IAChE,CAAC;
|
|
1
|
+
{"version":3,"file":"ServiceByHcPartyTagCodeDateFilter.js","sourceRoot":"","sources":["../../../icc-x-api/filters/ServiceByHcPartyTagCodeDateFilter.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;GAUG;AACH,qFAAiF;AAEjF,MAAa,iCAAkC,SAAQ,6CAAqB;IAE1E,YAAY,IAAgB;QAC1B,KAAK,CAAC,IAAI,CAAC,CAAA;QAFb,UAAK,GAAW,mCAAmC,CAAA;QAIjD,MAAM,CAAC,MAAM,CAAC,IAAyC,EAAE,IAAI,CAAC,CAAA;IAChE,CAAC;CAYF;AAlBD,8EAkBC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { AbstractFilterService } from '../../icc-api/model/AbstractFilterService'\n\nexport class ServiceByHcPartyTagCodeDateFilter extends AbstractFilterService {\n $type: string = 'ServiceByHcPartyTagCodeDateFilter'\n constructor(json: JSON | any) {\n super(json)\n\n Object.assign(this as ServiceByHcPartyTagCodeDateFilter, json)\n }\n\n desc?: string\n healthcarePartyId?: string\n patientSecretForeignKey?: string\n tagType?: string\n tagCode?: string\n codeType?: string\n codeCode?: string\n startValueDate?: number\n endValueDate?: number\n descending?: boolean\n}\n"]}
|
|
@@ -408,13 +408,11 @@ export declare class IccCryptoXApi {
|
|
|
408
408
|
* When a user lost his keys, people to whom he shared information may call this method to give access back to him, re-encrypting their common
|
|
409
409
|
* AES key using the new user public key.
|
|
410
410
|
*
|
|
411
|
-
* @param
|
|
412
|
-
* @param ownerId Id of the data owner to which we would like to
|
|
411
|
+
* @param accessGiver User, in charge of giving access back to the person who previously gave him some access (should be the current user)
|
|
412
|
+
* @param ownerId Id of the data owner to which we would like to get access back
|
|
413
413
|
* @param ownerNewPublicKey New Data Owner Public Key we want to use to re-encrypt previously created AES key
|
|
414
|
-
*
|
|
415
|
-
* @return The DataOwner, updated by the delegateUser to add the new encrypted AES Key using the new provided public key
|
|
416
414
|
*/
|
|
417
|
-
giveAccessBackTo(
|
|
415
|
+
giveAccessBackTo(accessGiver: User, ownerId: string, ownerNewPublicKey: string): Promise<void>;
|
|
418
416
|
addNewKeyPairForOwnerId(maintenanceTasksApi: IccMaintenanceTaskXApi, user: User, ownerId: string, generateTransferKey?: boolean, sendMaintenanceTasks?: boolean): Promise<{
|
|
419
417
|
dataOwner: HealthcareParty | Patient | Device;
|
|
420
418
|
publicKey: string;
|
|
@@ -1280,60 +1280,56 @@ class IccCryptoXApi {
|
|
|
1280
1280
|
* When a user lost his keys, people to whom he shared information may call this method to give access back to him, re-encrypting their common
|
|
1281
1281
|
* AES key using the new user public key.
|
|
1282
1282
|
*
|
|
1283
|
-
* @param
|
|
1284
|
-
* @param ownerId Id of the data owner to which we would like to
|
|
1283
|
+
* @param accessGiver User, in charge of giving access back to the person who previously gave him some access (should be the current user)
|
|
1284
|
+
* @param ownerId Id of the data owner to which we would like to get access back
|
|
1285
1285
|
* @param ownerNewPublicKey New Data Owner Public Key we want to use to re-encrypt previously created AES key
|
|
1286
|
-
*
|
|
1287
|
-
* @return The DataOwner, updated by the delegateUser to add the new encrypted AES Key using the new provided public key
|
|
1288
1286
|
*/
|
|
1289
|
-
giveAccessBackTo(
|
|
1290
|
-
var _a, _b
|
|
1287
|
+
giveAccessBackTo(accessGiver, ownerId, ownerNewPublicKey) {
|
|
1288
|
+
var _a, _b;
|
|
1291
1289
|
return __awaiter(this, void 0, void 0, function* () {
|
|
1292
|
-
const
|
|
1293
|
-
|
|
1294
|
-
|
|
1290
|
+
const newPubKeyCryptoKey = yield this._RSA.importKey('spki', (0, binary_utils_1.hex2ua)(ownerNewPublicKey), ['encrypt']);
|
|
1291
|
+
const giverDoId = (_b = (_a = accessGiver.healthcarePartyId) !== null && _a !== void 0 ? _a : accessGiver.patientId) !== null && _b !== void 0 ? _b : accessGiver.deviceId;
|
|
1292
|
+
if (!giverDoId) {
|
|
1293
|
+
throw new Error(`Access giver ${accessGiver.id} must be a data Owner`);
|
|
1295
1294
|
}
|
|
1296
|
-
const
|
|
1297
|
-
const
|
|
1298
|
-
|
|
1299
|
-
|
|
1300
|
-
|
|
1301
|
-
|
|
1302
|
-
|
|
1303
|
-
if (
|
|
1304
|
-
|
|
1305
|
-
|
|
1306
|
-
|
|
1307
|
-
|
|
1308
|
-
|
|
1309
|
-
|
|
1310
|
-
|
|
1311
|
-
.then((encrAesInfo) => {
|
|
1312
|
-
return { pubKeyUsedToEncryptAes: Object.keys(encrAesInfo)[0], encryptedAes: Object.values(encrAesInfo)[0] };
|
|
1313
|
-
});
|
|
1314
|
-
}));
|
|
1315
|
-
delKeys[encrAesKeyInfo.pubKeyUsedToEncryptAes] = encrAesKeyInfo.encryptedAes;
|
|
1316
|
-
}
|
|
1317
|
-
catch (e) {
|
|
1318
|
-
console.log(`${delegateId} could not re-encrypt AES Key of ${dataOwnerToUpdate.dataOwner.id}`);
|
|
1319
|
-
}
|
|
1320
|
-
finally {
|
|
1321
|
-
delAcc[delId] = delKeys;
|
|
1295
|
+
const giverDoKeys = yield this.getDataOwner(giverDoId).then((doData) => { var _a; return [doData.dataOwner.publicKey, ...Object.keys((_a = doData.dataOwner.aesExchangeKeys) !== null && _a !== void 0 ? _a : {})].filter((x) => !!x); });
|
|
1296
|
+
const giveAccessBackToExchangeKey = (exchangeKeys, delegatorId, // Getter for getter exchange keys, giver for giver exchange keys
|
|
1297
|
+
delegateId // Giver for getter exchange keys, getter for giver exchange keys
|
|
1298
|
+
) => __awaiter(this, void 0, void 0, function* () {
|
|
1299
|
+
const updatedExchangeKeys = _.cloneDeep(exchangeKeys);
|
|
1300
|
+
for (const [publicKey, mapsByDelegate] of Object.entries(updatedExchangeKeys)) {
|
|
1301
|
+
const mapOfDelegate = mapsByDelegate[delegateId];
|
|
1302
|
+
if (!!mapOfDelegate && !mapOfDelegate[ownerNewPublicKey.slice(-32)]) {
|
|
1303
|
+
const decryptedKey = yield this.decryptHcPartyKey(giverDoId, delegatorId, delegateId, publicKey, mapOfDelegate, giverDoKeys)
|
|
1304
|
+
.then((x) => x === null || x === void 0 ? void 0 : x.rawKey)
|
|
1305
|
+
.catch(() => undefined);
|
|
1306
|
+
if (decryptedKey) {
|
|
1307
|
+
mapOfDelegate[ownerNewPublicKey.slice(-32)] = yield this.encryptAesKeyOnlyForProvidedKeys(decryptedKey, delegateId, [
|
|
1308
|
+
newPubKeyCryptoKey,
|
|
1309
|
+
]).then((encrAes) => Object.values(Object.values(encrAes)[0])[0]);
|
|
1322
1310
|
}
|
|
1323
1311
|
}
|
|
1324
|
-
|
|
1325
|
-
|
|
1326
|
-
delAcc[delId] = delKeys;
|
|
1327
|
-
}
|
|
1328
|
-
return delAcc;
|
|
1329
|
-
}));
|
|
1330
|
-
return pubAcc;
|
|
1331
|
-
}));
|
|
1332
|
-
// After adding the potential new aesExchangeKeys, we save the updated data owner
|
|
1333
|
-
return this._saveDataOwner({
|
|
1334
|
-
type: dataOwnerToUpdate.type,
|
|
1335
|
-
dataOwner: Object.assign(Object.assign({}, dataOwnerToUpdate.dataOwner), { aesExchangeKeys: newAesExchangeKeys }),
|
|
1312
|
+
}
|
|
1313
|
+
return updatedExchangeKeys;
|
|
1336
1314
|
});
|
|
1315
|
+
yield (0, utils_1.retry)(() => __awaiter(this, void 0, void 0, function* () {
|
|
1316
|
+
var _c;
|
|
1317
|
+
const getterDo = yield this.getDataOwner(ownerId);
|
|
1318
|
+
const updatedGetterKeys = yield giveAccessBackToExchangeKey((_c = getterDo.dataOwner.aesExchangeKeys) !== null && _c !== void 0 ? _c : {}, ownerId, giverDoId);
|
|
1319
|
+
yield this._saveDataOwner({
|
|
1320
|
+
type: getterDo.type,
|
|
1321
|
+
dataOwner: Object.assign(Object.assign({}, getterDo.dataOwner), { aesExchangeKeys: updatedGetterKeys }),
|
|
1322
|
+
});
|
|
1323
|
+
}), 3, 5000, 1);
|
|
1324
|
+
yield (0, utils_1.retry)(() => __awaiter(this, void 0, void 0, function* () {
|
|
1325
|
+
var _d;
|
|
1326
|
+
const giverDo = yield this.getDataOwner(giverDoId);
|
|
1327
|
+
const updatedGiverKeys = yield giveAccessBackToExchangeKey((_d = giverDo.dataOwner.aesExchangeKeys) !== null && _d !== void 0 ? _d : {}, giverDoId, ownerId);
|
|
1328
|
+
yield this._saveDataOwner({
|
|
1329
|
+
type: giverDo.type,
|
|
1330
|
+
dataOwner: Object.assign(Object.assign({}, giverDo.dataOwner), { aesExchangeKeys: updatedGiverKeys }),
|
|
1331
|
+
});
|
|
1332
|
+
}), 3, 5000, 1);
|
|
1337
1333
|
});
|
|
1338
1334
|
}
|
|
1339
1335
|
addNewKeyPairForOwnerId(maintenanceTasksApi, user, ownerId, generateTransferKey = true, sendMaintenanceTasks = true) {
|
|
@@ -1435,16 +1431,16 @@ class IccCryptoXApi {
|
|
|
1435
1431
|
encryptAesKeyFor(aesKey, dataOwner, doNewPublicKey) {
|
|
1436
1432
|
return __awaiter(this, void 0, void 0, function* () {
|
|
1437
1433
|
const dataOwnerAllPubKeys = [doNewPublicKey].concat(yield this.getDataOwnerPublicKeys(dataOwner));
|
|
1438
|
-
return this.encryptAesKeyOnlyForProvidedKeys(aesKey, dataOwner, dataOwnerAllPubKeys);
|
|
1434
|
+
return this.encryptAesKeyOnlyForProvidedKeys(aesKey, dataOwner.id, dataOwnerAllPubKeys);
|
|
1439
1435
|
});
|
|
1440
1436
|
}
|
|
1441
|
-
encryptAesKeyOnlyForProvidedKeys(aesKey,
|
|
1437
|
+
encryptAesKeyOnlyForProvidedKeys(aesKey, dataOwnerId, dataOwnerPubKeys) {
|
|
1442
1438
|
return __awaiter(this, void 0, void 0, function* () {
|
|
1443
1439
|
const encryptedAesForDataOwner = yield (0, utils_1.foldAsync)(dataOwnerPubKeys, {}, (encrAes, pubKey) => __awaiter(this, void 0, void 0, function* () {
|
|
1444
1440
|
encrAes[(0, binary_utils_1.ua2hex)(yield this.RSA.exportKey(pubKey, 'spki')).slice(-32)] = (0, binary_utils_1.ua2hex)(yield this._RSA.encrypt(pubKey, (0, binary_utils_1.hex2ua)(aesKey)));
|
|
1445
1441
|
return encrAes;
|
|
1446
1442
|
}));
|
|
1447
|
-
return { [
|
|
1443
|
+
return { [dataOwnerId]: encryptedAesForDataOwner };
|
|
1448
1444
|
});
|
|
1449
1445
|
}
|
|
1450
1446
|
retrieveDataOwnerInfoAfterPotentialUpdate(dataOwnerToUpdate) {
|