@icure/api 8.0.0-RC.6 → 8.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (212) hide show
  1. package/icc-api/api/IccAccesslogApi.d.ts +3 -7
  2. package/icc-api/api/IccAccesslogApi.js +2 -2
  3. package/icc-api/api/IccAccesslogApi.js.map +1 -1
  4. package/icc-api/api/IccAgendaApi.d.ts +1 -1
  5. package/icc-api/api/IccAgendaApi.js +2 -2
  6. package/icc-api/api/IccAgendaApi.js.map +1 -1
  7. package/icc-api/api/IccAnonymousAccessApi.d.ts +10 -0
  8. package/icc-api/api/IccAnonymousAccessApi.js +33 -0
  9. package/icc-api/api/IccAnonymousAccessApi.js.map +1 -1
  10. package/icc-api/api/IccApplicationsettingsApi.d.ts +1 -1
  11. package/icc-api/api/IccApplicationsettingsApi.js +2 -2
  12. package/icc-api/api/IccApplicationsettingsApi.js.map +1 -1
  13. package/icc-api/api/IccArticleApi.d.ts +1 -1
  14. package/icc-api/api/IccArticleApi.js +2 -2
  15. package/icc-api/api/IccArticleApi.js.map +1 -1
  16. package/icc-api/api/IccAuthApi.d.ts +4 -2
  17. package/icc-api/api/IccAuthApi.js +11 -4
  18. package/icc-api/api/IccAuthApi.js.map +1 -1
  19. package/icc-api/api/IccCalendarItemApi.d.ts +4 -12
  20. package/icc-api/api/IccCalendarItemApi.js +2 -2
  21. package/icc-api/api/IccCalendarItemApi.js.map +1 -1
  22. package/icc-api/api/IccCalendarItemTypeApi.d.ts +1 -1
  23. package/icc-api/api/IccCalendarItemTypeApi.js +2 -2
  24. package/icc-api/api/IccCalendarItemTypeApi.js.map +1 -1
  25. package/icc-api/api/IccClassificationApi.d.ts +4 -12
  26. package/icc-api/api/IccClassificationApi.js +2 -2
  27. package/icc-api/api/IccClassificationApi.js.map +1 -1
  28. package/icc-api/api/IccClassificationTemplateApi.d.ts +1 -1
  29. package/icc-api/api/IccClassificationTemplateApi.js +2 -2
  30. package/icc-api/api/IccClassificationTemplateApi.js.map +1 -1
  31. package/icc-api/api/IccCodeApi.d.ts +1 -1
  32. package/icc-api/api/IccCodeApi.js +2 -2
  33. package/icc-api/api/IccCodeApi.js.map +1 -1
  34. package/icc-api/api/IccContactApi.d.ts +3 -11
  35. package/icc-api/api/IccContactApi.js.map +1 -1
  36. package/icc-api/api/IccDataownerApi.d.ts +1 -1
  37. package/icc-api/api/IccDataownerApi.js +2 -2
  38. package/icc-api/api/IccDataownerApi.js.map +1 -1
  39. package/icc-api/api/IccDeviceApi.d.ts +1 -1
  40. package/icc-api/api/IccDeviceApi.js +2 -2
  41. package/icc-api/api/IccDeviceApi.js.map +1 -1
  42. package/icc-api/api/IccDoctemplateApi.d.ts +1 -1
  43. package/icc-api/api/IccDoctemplateApi.js +2 -2
  44. package/icc-api/api/IccDoctemplateApi.js.map +1 -1
  45. package/icc-api/api/IccDocumentApi.d.ts +3 -7
  46. package/icc-api/api/IccDocumentApi.js +2 -2
  47. package/icc-api/api/IccDocumentApi.js.map +1 -1
  48. package/icc-api/api/IccEntityrefApi.d.ts +1 -1
  49. package/icc-api/api/IccEntityrefApi.js +2 -2
  50. package/icc-api/api/IccEntityrefApi.js.map +1 -1
  51. package/icc-api/api/IccEntitytemplateApi.d.ts +1 -1
  52. package/icc-api/api/IccEntitytemplateApi.js +2 -2
  53. package/icc-api/api/IccEntitytemplateApi.js.map +1 -1
  54. package/icc-api/api/IccFormApi.d.ts +4 -12
  55. package/icc-api/api/IccFormApi.js +2 -2
  56. package/icc-api/api/IccFormApi.js.map +1 -1
  57. package/icc-api/api/IccFrontendmigrationApi.d.ts +1 -1
  58. package/icc-api/api/IccFrontendmigrationApi.js +2 -2
  59. package/icc-api/api/IccFrontendmigrationApi.js.map +1 -1
  60. package/icc-api/api/IccGroupApi.d.ts +1 -1
  61. package/icc-api/api/IccGroupApi.js +2 -2
  62. package/icc-api/api/IccGroupApi.js.map +1 -1
  63. package/icc-api/api/IccHcpartyApi.d.ts +1 -1
  64. package/icc-api/api/IccHcpartyApi.js +2 -2
  65. package/icc-api/api/IccHcpartyApi.js.map +1 -1
  66. package/icc-api/api/IccHelementApi.d.ts +4 -12
  67. package/icc-api/api/IccHelementApi.js +2 -2
  68. package/icc-api/api/IccHelementApi.js.map +1 -1
  69. package/icc-api/api/IccIcureApi.d.ts +1 -1
  70. package/icc-api/api/IccIcureApi.js +2 -2
  71. package/icc-api/api/IccIcureApi.js.map +1 -1
  72. package/icc-api/api/IccInsuranceApi.d.ts +1 -1
  73. package/icc-api/api/IccInsuranceApi.js +2 -2
  74. package/icc-api/api/IccInsuranceApi.js.map +1 -1
  75. package/icc-api/api/IccInvoiceApi.d.ts +4 -12
  76. package/icc-api/api/IccInvoiceApi.js +2 -2
  77. package/icc-api/api/IccInvoiceApi.js.map +1 -1
  78. package/icc-api/api/IccKeywordApi.d.ts +1 -1
  79. package/icc-api/api/IccKeywordApi.js +2 -2
  80. package/icc-api/api/IccKeywordApi.js.map +1 -1
  81. package/icc-api/api/IccMaintenanceTaskApi.d.ts +3 -7
  82. package/icc-api/api/IccMaintenanceTaskApi.js +2 -2
  83. package/icc-api/api/IccMaintenanceTaskApi.js.map +1 -1
  84. package/icc-api/api/IccMedexApi.d.ts +1 -1
  85. package/icc-api/api/IccMedexApi.js +2 -2
  86. package/icc-api/api/IccMedexApi.js.map +1 -1
  87. package/icc-api/api/IccMedicallocationApi.d.ts +1 -1
  88. package/icc-api/api/IccMedicallocationApi.js +2 -2
  89. package/icc-api/api/IccMedicallocationApi.js.map +1 -1
  90. package/icc-api/api/IccMessageApi.d.ts +3 -7
  91. package/icc-api/api/IccMessageApi.js +2 -2
  92. package/icc-api/api/IccMessageApi.js.map +1 -1
  93. package/icc-api/api/IccPatientApi.d.ts +3 -7
  94. package/icc-api/api/IccPatientApi.js +2 -2
  95. package/icc-api/api/IccPatientApi.js.map +1 -1
  96. package/icc-api/api/IccPermissionApi.d.ts +1 -1
  97. package/icc-api/api/IccPermissionApi.js +2 -2
  98. package/icc-api/api/IccPermissionApi.js.map +1 -1
  99. package/icc-api/api/IccPlaceApi.d.ts +1 -1
  100. package/icc-api/api/IccPlaceApi.js +2 -2
  101. package/icc-api/api/IccPlaceApi.js.map +1 -1
  102. package/icc-api/api/IccReceiptApi.d.ts +3 -7
  103. package/icc-api/api/IccReceiptApi.js +2 -2
  104. package/icc-api/api/IccReceiptApi.js.map +1 -1
  105. package/icc-api/api/IccReplicationApi.d.ts +1 -1
  106. package/icc-api/api/IccReplicationApi.js +2 -2
  107. package/icc-api/api/IccReplicationApi.js.map +1 -1
  108. package/icc-api/api/IccRoleApi.d.ts +1 -1
  109. package/icc-api/api/IccRoleApi.js +2 -2
  110. package/icc-api/api/IccRoleApi.js.map +1 -1
  111. package/icc-api/api/IccTarificationApi.d.ts +1 -1
  112. package/icc-api/api/IccTarificationApi.js +2 -2
  113. package/icc-api/api/IccTarificationApi.js.map +1 -1
  114. package/icc-api/api/IccTimeTableApi.d.ts +3 -7
  115. package/icc-api/api/IccTimeTableApi.js +2 -2
  116. package/icc-api/api/IccTimeTableApi.js.map +1 -1
  117. package/icc-api/api/IccTopicApi.d.ts +3 -7
  118. package/icc-api/api/IccTopicApi.js +2 -2
  119. package/icc-api/api/IccTopicApi.js.map +1 -1
  120. package/icc-api/api/IccUserApi.d.ts +16 -1
  121. package/icc-api/api/IccUserApi.js +46 -2
  122. package/icc-api/api/IccUserApi.js.map +1 -1
  123. package/icc-api/api/XHR.d.ts +1 -1
  124. package/icc-api/api/XHR.js +4 -3
  125. package/icc-api/api/XHR.js.map +1 -1
  126. package/icc-api/api/internal/IccExchangeDataMapApi.d.ts +0 -3
  127. package/icc-api/api/internal/IccExchangeDataMapApi.js +0 -31
  128. package/icc-api/api/internal/IccExchangeDataMapApi.js.map +1 -1
  129. package/icc-api/api/internal/IccSecureDelegationKeyMapApi.d.ts +2 -6
  130. package/icc-api/api/internal/IccSecureDelegationKeyMapApi.js.map +1 -1
  131. package/icc-api/model/MedicalLocation.d.ts +3 -0
  132. package/icc-api/model/MedicalLocation.js.map +1 -1
  133. package/icc-api/model/PaginatedListMedicalLocation.d.ts +20 -0
  134. package/icc-api/model/PaginatedListMedicalLocation.js +10 -0
  135. package/icc-api/model/PaginatedListMedicalLocation.js.map +1 -0
  136. package/icc-api/model/requests/BulkShareOrUpdateMetadataParams.d.ts +12 -0
  137. package/icc-api/model/requests/BulkShareOrUpdateMetadataParams.js +3 -0
  138. package/icc-api/model/requests/BulkShareOrUpdateMetadataParams.js.map +1 -0
  139. package/icc-x-api/auth/AuthService.d.ts +2 -1
  140. package/icc-x-api/auth/AuthService.js.map +1 -1
  141. package/icc-x-api/auth/AuthenticationProvider.d.ts +1 -1
  142. package/icc-x-api/auth/AuthenticationProvider.js +1 -1
  143. package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
  144. package/icc-x-api/auth/EnsembleAuthService.d.ts +1 -1
  145. package/icc-x-api/auth/EnsembleAuthService.js +2 -2
  146. package/icc-x-api/auth/EnsembleAuthService.js.map +1 -1
  147. package/icc-x-api/auth/JwtAuthService.d.ts +0 -2
  148. package/icc-x-api/auth/JwtAuthService.js +3 -15
  149. package/icc-x-api/auth/JwtAuthService.js.map +1 -1
  150. package/icc-x-api/auth/JwtBridgedAuthService.js +1 -1
  151. package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
  152. package/icc-x-api/auth/JwtUtils.d.ts +10 -0
  153. package/icc-x-api/auth/JwtUtils.js +31 -0
  154. package/icc-x-api/auth/JwtUtils.js.map +1 -0
  155. package/icc-x-api/auth/SmartAuthProvider.d.ts +132 -0
  156. package/icc-x-api/auth/SmartAuthProvider.js +419 -0
  157. package/icc-x-api/auth/SmartAuthProvider.js.map +1 -0
  158. package/icc-x-api/crypto/BaseExchangeDataManager.d.ts +20 -0
  159. package/icc-x-api/crypto/BaseExchangeDataManager.js +32 -2
  160. package/icc-x-api/crypto/BaseExchangeDataManager.js.map +1 -1
  161. package/icc-x-api/crypto/ConfidentialEntities.d.ts +2 -6
  162. package/icc-x-api/crypto/ConfidentialEntities.js.map +1 -1
  163. package/icc-x-api/crypto/CryptoStrategies.d.ts +3 -1
  164. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  165. package/icc-x-api/crypto/ExchangeDataManager.d.ts +3 -1
  166. package/icc-x-api/crypto/ExchangeDataManager.js +36 -22
  167. package/icc-x-api/crypto/ExchangeDataManager.js.map +1 -1
  168. package/icc-x-api/crypto/ExchangeDataMapManager.d.ts +0 -5
  169. package/icc-x-api/crypto/ExchangeDataMapManager.js +0 -11
  170. package/icc-x-api/crypto/ExchangeDataMapManager.js.map +1 -1
  171. package/icc-x-api/crypto/ExtendedApisUtils.d.ts +4 -16
  172. package/icc-x-api/crypto/ExtendedApisUtils.js.map +1 -1
  173. package/icc-x-api/crypto/ExtendedApisUtilsImpl.d.ts +4 -16
  174. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +12 -3
  175. package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
  176. package/icc-x-api/crypto/KeyPairRecoverer.d.ts +34 -0
  177. package/icc-x-api/crypto/KeyPairRecoverer.js +32 -0
  178. package/icc-x-api/crypto/KeyPairRecoverer.js.map +1 -0
  179. package/icc-x-api/crypto/RecoveryDataEncryption.d.ts +85 -0
  180. package/icc-x-api/crypto/RecoveryDataEncryption.js +171 -0
  181. package/icc-x-api/crypto/RecoveryDataEncryption.js.map +1 -0
  182. package/icc-x-api/crypto/SecureDelegationsManager.js +2 -2
  183. package/icc-x-api/crypto/SecureDelegationsManager.js.map +1 -1
  184. package/icc-x-api/crypto/ShamirKeysManager.js +1 -1
  185. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  186. package/icc-x-api/crypto/UserEncryptionKeysManager.d.ts +4 -1
  187. package/icc-x-api/crypto/UserEncryptionKeysManager.js +4 -3
  188. package/icc-x-api/crypto/UserEncryptionKeysManager.js.map +1 -1
  189. package/icc-x-api/icc-bekmehr-x-api.d.ts +1 -0
  190. package/icc-x-api/icc-bekmehr-x-api.js +37 -36
  191. package/icc-x-api/icc-bekmehr-x-api.js.map +1 -1
  192. package/icc-x-api/icc-contact-x-api.js +15 -12
  193. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  194. package/icc-x-api/icc-crypto-x-api.d.ts +1 -0
  195. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  196. package/icc-x-api/icc-maintenance-task-x-api.d.ts +1 -1
  197. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  198. package/icc-x-api/icc-patient-x-api.d.ts +18 -0
  199. package/icc-x-api/icc-patient-x-api.js +29 -0
  200. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  201. package/icc-x-api/icc-recovery-x-api.d.ts +127 -0
  202. package/icc-x-api/icc-recovery-x-api.js +217 -0
  203. package/icc-x-api/icc-recovery-x-api.js.map +1 -1
  204. package/icc-x-api/icc-user-x-api.js +15 -2
  205. package/icc-x-api/icc-user-x-api.js.map +1 -1
  206. package/icc-x-api/index.d.ts +46 -2
  207. package/icc-x-api/index.js +44 -11
  208. package/icc-x-api/index.js.map +1 -1
  209. package/icc-x-api/utils/collection-utils.d.ts +14 -1
  210. package/icc-x-api/utils/collection-utils.js +49 -3
  211. package/icc-x-api/utils/collection-utils.js.map +1 -1
  212. package/package.json +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"IccSecureDelegationKeyMapApi.js","sourceRoot":"","sources":["../../../../icc-api/api/internal/IccSecureDelegationKeyMapApi.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,sFAAkF;AAClF,gCAA4B;AAC5B,kDAAqF;AACrF,sDAAkD;AAClD,wFAAoF;AAGpF;;GAEG;AACH,MAAa,4BAA4B;IAMvC,YACE,IAAY,EACZ,OAAY,EACZ,sBAA+C,EAC/C,SAAyE;QAEzE,IAAI,CAAC,IAAI,GAAG,IAAA,+BAAc,EAAC,IAAI,CAAC,CAAA;QAChC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9E,IAAI,CAAC,sBAAsB,GAAG,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,IAAI,oCAAwB,EAAE,CAAA;QAChH,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,IAAI,OAAO;QACT,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACvC,CAAC;IAED,UAAU,CAAC,CAAoB;QAC7B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,WAAW,CAAC,CAAe;QACzB,MAAM,CAAC,CAAA;IACT,CAAC;IAEK,mBAAmB,CAAC,cAAyB,EAAE,oBAAkC;;YACrF,IAAI,KAAK,GAAG,cAAc,CAAA;YAE1B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,0CAA0C,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YACnG,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,EAAE,CAAC,CAAC,CAAC;iBACpF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,MAAM,CAAC,gBAAwC,EAAE,mBAA+B;;YACpF,IAAI,KAAK,GAAG,gBAAgB,CAAA;YAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,yBAAyB,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAClF,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,mBAAmB,CAAC,CAAA;YAC5D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,GAAG,CAAC,IAAY,CAAC,CAAC;iBAC3D,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,+BAA+B,CACnC,OAEC,EACD,oBAAkC;;YAElC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,kDAAkD,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAC3G,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC3H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,6CAAqB,CAAyB,CAAC,EAAE,+CAAsB,CAAC,CAAC,CAAC;iBACjI,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;CACF;AAjED,oEAiEC","sourcesContent":["import { EntityShareOrMetadataUpdateRequest } from '../../model/requests/EntityShareOrMetadataUpdateRequest'\nimport { EntityBulkShareResult } from '../../model/requests/EntityBulkShareResult'\nimport { XHR } from '../XHR'\nimport { AuthenticationProvider, NoAuthenticationProvider } from '../../../icc-x-api'\nimport { iccRestApiPath } from '../IccRestApiPath'\nimport { SecureDelegationKeyMap } from '../../model/internal/SecureDelegationKeyMap'\nimport { ListOfIds } from '../../model/ListOfIds'\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n */\nexport class IccSecureDelegationKeyMapApi {\n host: string\n _headers: Array<XHR.Header>\n authenticationProvider: AuthenticationProvider\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n\n constructor(\n host: string,\n headers: any,\n authenticationProvider?: AuthenticationProvider,\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n ) {\n this.host = iccRestApiPath(host)\n this._headers = Object.keys(headers).map((k) => new XHR.Header(k, headers[k]))\n this.authenticationProvider = !!authenticationProvider ? authenticationProvider : new NoAuthenticationProvider()\n this.fetchImpl = fetchImpl\n }\n\n get headers(): Promise<Array<XHR.Header>> {\n return Promise.resolve(this._headers)\n }\n\n setHeaders(h: Array<XHR.Header>) {\n this._headers = h\n }\n\n handleError(e: XHR.XHRError): never {\n throw e\n }\n\n async getByDelegationKeys(delegationKeys: ListOfIds, proofOfAccessHeaders: XHR.Header[]): Promise<SecureDelegationKeyMap[]> {\n let _body = delegationKeys\n\n const _url = this.host + `/securedelegationkeymap/bydelegationkeys` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((it) => new SecureDelegationKeyMap(it)))\n .catch((err) => this.handleError(err))\n }\n\n async create(delegationKeyMap: SecureDelegationKeyMap, proofOfAccessHeader: XHR.Header): Promise<SecureDelegationKeyMap> {\n let _body = delegationKeyMap\n\n const _url = this.host + `/securedelegationkeymap` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), proofOfAccessHeader]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => new SecureDelegationKeyMap(doc.body as JSON))\n .catch((err) => this.handleError(err))\n }\n\n async bulkShareSecureDelegationKeyMap(\n request: {\n [entityId: string]: { [requestId: string]: EntityShareOrMetadataUpdateRequest }\n },\n proofOfAccessHeaders: XHR.Header[]\n ): Promise<EntityBulkShareResult<SecureDelegationKeyMap>[]> {\n const _url = this.host + '/securedelegationkeymap/bulkSharedMetadataUpdate' + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('PUT', _url, headers, request, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((x) => new EntityBulkShareResult<SecureDelegationKeyMap>(x, SecureDelegationKeyMap)))\n .catch((err) => this.handleError(err))\n }\n}\n"]}
1
+ {"version":3,"file":"IccSecureDelegationKeyMapApi.js","sourceRoot":"","sources":["../../../../icc-api/api/internal/IccSecureDelegationKeyMapApi.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,sFAAkF;AAClF,gCAA4B;AAC5B,kDAAqF;AACrF,sDAAkD;AAClD,wFAAoF;AAIpF;;GAEG;AACH,MAAa,4BAA4B;IAMvC,YACE,IAAY,EACZ,OAAY,EACZ,sBAA+C,EAC/C,SAAyE;QAEzE,IAAI,CAAC,IAAI,GAAG,IAAA,+BAAc,EAAC,IAAI,CAAC,CAAA;QAChC,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9E,IAAI,CAAC,sBAAsB,GAAG,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,IAAI,oCAAwB,EAAE,CAAA;QAChH,IAAI,CAAC,SAAS,GAAG,SAAS,CAAA;IAC5B,CAAC;IAED,IAAI,OAAO;QACT,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;IACvC,CAAC;IAED,UAAU,CAAC,CAAoB;QAC7B,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAA;IACnB,CAAC;IAED,WAAW,CAAC,CAAe;QACzB,MAAM,CAAC,CAAA;IACT,CAAC;IAEK,mBAAmB,CAAC,cAAyB,EAAE,oBAAkC;;YACrF,IAAI,KAAK,GAAG,cAAc,CAAA;YAE1B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,0CAA0C,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YACnG,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,EAAE,CAAC,CAAC,CAAC;iBACpF,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,MAAM,CAAC,gBAAwC,EAAE,mBAA+B;;YACpF,IAAI,KAAK,GAAG,gBAAgB,CAAA;YAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,yBAAyB,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAClF,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,mBAAmB,CAAC,CAAA;YAC5D,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC1H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,+CAAsB,CAAC,GAAG,CAAC,IAAY,CAAC,CAAC;iBAC3D,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;IAEK,+BAA+B,CACnC,OAAwC,EACxC,oBAAkC;;YAElC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,kDAAkD,GAAG,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;YAC3G,IAAI,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,oBAAoB,CAAC,CAAA;YAChE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,cAAc,CAAC,CAAC,MAAM,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC,CAAA;YACvH,OAAO,SAAG,CAAC,WAAW,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,CAAC;iBAC3H,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAE,GAAG,CAAC,IAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,6CAAqB,CAAyB,CAAC,EAAE,+CAAsB,CAAC,CAAC,CAAC;iBACjI,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAA;QAC1C,CAAC;KAAA;CACF;AA/DD,oEA+DC","sourcesContent":["import { EntityShareOrMetadataUpdateRequest } from '../../model/requests/EntityShareOrMetadataUpdateRequest'\nimport { EntityBulkShareResult } from '../../model/requests/EntityBulkShareResult'\nimport { XHR } from '../XHR'\nimport { AuthenticationProvider, NoAuthenticationProvider } from '../../../icc-x-api'\nimport { iccRestApiPath } from '../IccRestApiPath'\nimport { SecureDelegationKeyMap } from '../../model/internal/SecureDelegationKeyMap'\nimport { ListOfIds } from '../../model/ListOfIds'\nimport { BulkShareOrUpdateMetadataParams } from '../../model/requests/BulkShareOrUpdateMetadataParams'\n\n/**\n * @internal this class is for internal use only and may be changed without notice.\n */\nexport class IccSecureDelegationKeyMapApi {\n host: string\n _headers: Array<XHR.Header>\n authenticationProvider: AuthenticationProvider\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n\n constructor(\n host: string,\n headers: any,\n authenticationProvider?: AuthenticationProvider,\n fetchImpl?: (input: RequestInfo, init?: RequestInit) => Promise<Response>\n ) {\n this.host = iccRestApiPath(host)\n this._headers = Object.keys(headers).map((k) => new XHR.Header(k, headers[k]))\n this.authenticationProvider = !!authenticationProvider ? authenticationProvider : new NoAuthenticationProvider()\n this.fetchImpl = fetchImpl\n }\n\n get headers(): Promise<Array<XHR.Header>> {\n return Promise.resolve(this._headers)\n }\n\n setHeaders(h: Array<XHR.Header>) {\n this._headers = h\n }\n\n handleError(e: XHR.XHRError): never {\n throw e\n }\n\n async getByDelegationKeys(delegationKeys: ListOfIds, proofOfAccessHeaders: XHR.Header[]): Promise<SecureDelegationKeyMap[]> {\n let _body = delegationKeys\n\n const _url = this.host + `/securedelegationkeymap/bydelegationkeys` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((it) => new SecureDelegationKeyMap(it)))\n .catch((err) => this.handleError(err))\n }\n\n async create(delegationKeyMap: SecureDelegationKeyMap, proofOfAccessHeader: XHR.Header): Promise<SecureDelegationKeyMap> {\n let _body = delegationKeyMap\n\n const _url = this.host + `/securedelegationkeymap` + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), proofOfAccessHeader]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('POST', _url, headers, _body, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => new SecureDelegationKeyMap(doc.body as JSON))\n .catch((err) => this.handleError(err))\n }\n\n async bulkShareSecureDelegationKeyMap(\n request: BulkShareOrUpdateMetadataParams,\n proofOfAccessHeaders: XHR.Header[]\n ): Promise<EntityBulkShareResult<SecureDelegationKeyMap>[]> {\n const _url = this.host + '/securedelegationkeymap/bulkSharedMetadataUpdate' + '?ts=' + new Date().getTime()\n let headers = [...(await this.headers), ...proofOfAccessHeaders]\n headers = headers.filter((h) => h.header !== 'Content-Type').concat(new XHR.Header('Content-Type', 'application/json'))\n return XHR.sendCommand('PUT', _url, headers, request, this.fetchImpl, undefined, this.authenticationProvider.getAuthService())\n .then((doc) => (doc.body as Array<JSON>).map((x) => new EntityBulkShareResult<SecureDelegationKeyMap>(x, SecureDelegationKeyMap)))\n .catch((err) => this.handleError(err))\n }\n}\n"]}
@@ -32,4 +32,7 @@ export declare class MedicalLocation {
32
32
  options?: {
33
33
  [key: string]: string;
34
34
  };
35
+ publicInformations?: {
36
+ [key: string]: string;
37
+ };
35
38
  }
@@ -1 +1 @@
1
- {"version":3,"file":"MedicalLocation.js","sourceRoot":"","sources":["../../../icc-api/model/MedicalLocation.ts"],"names":[],"mappings":";;;AAaA,MAAa,eAAe;IAC1B,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAuB,EAAE,IAAI,CAAC,CAAA;IAC9C,CAAC;CAoBF;AAvBD,0CAuBC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { Address } from './Address'\n\nexport class MedicalLocation {\n constructor(json: JSON | any) {\n Object.assign(this as MedicalLocation, json)\n }\n\n id?: string\n rev?: string\n /**\n * hard delete (unix epoch in ms) timestamp of the object. Filled automatically when deletePatient is called.\n */\n deletionDate?: number\n name?: string\n description?: string\n responsible?: string\n guardPost?: boolean\n cbe?: string\n bic?: string\n bankAccount?: string\n nihii?: string\n ssin?: string\n address?: Address\n agendaIds?: Array<string>\n options?: { [key: string]: string }\n}\n"]}
1
+ {"version":3,"file":"MedicalLocation.js","sourceRoot":"","sources":["../../../icc-api/model/MedicalLocation.ts"],"names":[],"mappings":";;;AAaA,MAAa,eAAe;IAC1B,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAuB,EAAE,IAAI,CAAC,CAAA;IAC9C,CAAC;CAqBF;AAxBD,0CAwBC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { Address } from './Address'\n\nexport class MedicalLocation {\n constructor(json: JSON | any) {\n Object.assign(this as MedicalLocation, json)\n }\n\n id?: string\n rev?: string\n /**\n * hard delete (unix epoch in ms) timestamp of the object. Filled automatically when deletePatient is called.\n */\n deletionDate?: number\n name?: string\n description?: string\n responsible?: string\n guardPost?: boolean\n cbe?: string\n bic?: string\n bankAccount?: string\n nihii?: string\n ssin?: string\n address?: Address\n agendaIds?: Array<string>\n options?: { [key: string]: string }\n publicInformations?: { [key: string]: string }\n}\n"]}
@@ -0,0 +1,20 @@
1
+ /**
2
+ * iCure Data Stack API Documentation
3
+ * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.
4
+ *
5
+ * OpenAPI spec version: v1
6
+ *
7
+ *
8
+ * NOTE: This class is auto generated by the swagger code generator program.
9
+ * https://github.com/swagger-api/swagger-codegen.git
10
+ * Do not edit the class manually.
11
+ */
12
+ import { MedicalLocation } from './MedicalLocation';
13
+ import { PaginatedDocumentKeyIdPairObject } from './PaginatedDocumentKeyIdPairObject';
14
+ export declare class PaginatedListMedicalLocation {
15
+ constructor(json: JSON | any);
16
+ pageSize?: number;
17
+ totalSize?: number;
18
+ rows?: Array<MedicalLocation>;
19
+ nextKeyPair?: PaginatedDocumentKeyIdPairObject;
20
+ }
@@ -0,0 +1,10 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.PaginatedListMedicalLocation = void 0;
4
+ class PaginatedListMedicalLocation {
5
+ constructor(json) {
6
+ Object.assign(this, json);
7
+ }
8
+ }
9
+ exports.PaginatedListMedicalLocation = PaginatedListMedicalLocation;
10
+ //# sourceMappingURL=PaginatedListMedicalLocation.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"PaginatedListMedicalLocation.js","sourceRoot":"","sources":["../../../icc-api/model/PaginatedListMedicalLocation.ts"],"names":[],"mappings":";;;AAcA,MAAa,4BAA4B;IACvC,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CAAC,IAAoC,EAAE,IAAI,CAAC,CAAA;IAC3D,CAAC;CAMF;AATD,oEASC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { MedicalLocation } from './MedicalLocation'\nimport { PaginatedDocumentKeyIdPairObject } from './PaginatedDocumentKeyIdPairObject'\n\nexport class PaginatedListMedicalLocation {\n constructor(json: JSON | any) {\n Object.assign(this as PaginatedListMedicalLocation, json)\n }\n\n pageSize?: number\n totalSize?: number\n rows?: Array<MedicalLocation>\n nextKeyPair?: PaginatedDocumentKeyIdPairObject\n}\n"]}
@@ -0,0 +1,12 @@
1
+ import { EntityShareOrMetadataUpdateRequest } from './EntityShareOrMetadataUpdateRequest';
2
+ export type BulkShareOrUpdateMetadataParams = {
3
+ requestsByEntityId: {
4
+ [entityId: string]: EntityRequestInformation;
5
+ };
6
+ };
7
+ export type EntityRequestInformation = {
8
+ requests: {
9
+ [requestId: string]: EntityShareOrMetadataUpdateRequest;
10
+ };
11
+ potentialParentDelegations: string[];
12
+ };
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=BulkShareOrUpdateMetadataParams.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"BulkShareOrUpdateMetadataParams.js","sourceRoot":"","sources":["../../../../icc-api/model/requests/BulkShareOrUpdateMetadataParams.ts"],"names":[],"mappings":"","sourcesContent":["import { EntityShareOrMetadataUpdateRequest } from './EntityShareOrMetadataUpdateRequest'\n\nexport type BulkShareOrUpdateMetadataParams = {\n requestsByEntityId: { [entityId: string]: EntityRequestInformation }\n}\nexport type EntityRequestInformation = {\n requests: { [requestId: string]: EntityShareOrMetadataUpdateRequest }\n potentialParentDelegations: string[]\n}\n"]}
@@ -4,9 +4,10 @@ export interface AuthService {
4
4
  /**
5
5
  * This method returns the headers needed to authenticate the user.
6
6
  * It can throw an error if is not possible to get the headers.
7
+ * @param minimumAuthenticationClassLevel the minimum authentication class level which the headers should have.
7
8
  * @return an array of headers for authentication.
8
9
  */
9
- getAuthHeaders(): Promise<Array<Header>>;
10
+ getAuthHeaders(minimumAuthenticationClassLevel?: number): Promise<Array<Header>>;
10
11
  /**
11
12
  * If the headers are invalidated, you can set the error to throw
12
13
  * the next time the headers are requested.
@@ -1 +1 @@
1
- {"version":3,"file":"AuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthService.ts"],"names":[],"mappings":"","sourcesContent":["import { XHR } from '../../icc-api/api/XHR'\nimport Header = XHR.Header\n\nexport interface AuthService {\n /**\n * This method returns the headers needed to authenticate the user.\n * It can throw an error if is not possible to get the headers.\n * @return an array of headers for authentication.\n */\n getAuthHeaders(): Promise<Array<Header>>\n\n /**\n * If the headers are invalidated, you can set the error to throw\n * the next time the headers are requested.\n * @param error the error to throw\n */\n invalidateHeader(error: Error): void\n}\n"]}
1
+ {"version":3,"file":"AuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthService.ts"],"names":[],"mappings":"","sourcesContent":["import { XHR } from '../../icc-api/api/XHR'\nimport Header = XHR.Header\n\nexport interface AuthService {\n /**\n * This method returns the headers needed to authenticate the user.\n * It can throw an error if is not possible to get the headers.\n * @param minimumAuthenticationClassLevel the minimum authentication class level which the headers should have.\n * @return an array of headers for authentication.\n */\n getAuthHeaders(minimumAuthenticationClassLevel?: number): Promise<Array<Header>>\n\n /**\n * If the headers are invalidated, you can set the error to throw\n * the next time the headers are requested.\n * @param error the error to throw\n */\n invalidateHeader(error: Error): void\n}\n"]}
@@ -5,7 +5,7 @@ import { BasicAuthService } from './BasicAuthService';
5
5
  import { JwtAuthService } from './JwtAuthService';
6
6
  import { UserGroup } from '../../icc-api/model/UserGroup';
7
7
  /**
8
- * @internal you should not instantiate implementations of this interface directly.
8
+ * @internal you should not implement this interface yourself.
9
9
  */
10
10
  export interface AuthenticationProvider {
11
11
  /**
@@ -112,7 +112,7 @@ class NoAuthenticationProvider {
112
112
  }
113
113
  switchGroup(newGroupId, matches) {
114
114
  return __awaiter(this, void 0, void 0, function* () {
115
- return this;
115
+ return Promise.resolve(new NoAuthenticationProvider());
116
116
  });
117
117
  }
118
118
  }
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationProvider.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthenticationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,+DAA2D;AAC3D,mEAA+D;AAC/D,mDAA+C;AAC/C,yDAAqD;AACrD,qDAAiD;AA0BjD,MAAa,8BAA8B;IAKzC,YACmB,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,aAAqB,IAAI,EAC1C,OAAgD,EAChD,SAA4B,EAC5B,mBAAqD,EAAE;QANtC,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,eAAU,GAAV,UAAU,CAAe;QAK1C,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC/F,IAAI,CAAC,SAAS,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAClF,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAED,cAAc;QACZ,kEAAkE;QAClE,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE;YACjC,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAA;YAClD,IAAI,CAAC,OAAO,GAAG,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;YACpF,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;SAC7E;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,aAAa;YAC7D,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC;YACpE,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IAChF,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,8BAA8B,CACvC,IAAI,CAAC,OAAO,EACZ,UAAU,CAAC,aAAa,EACxB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,UAAU,EACf,UAAU,CAAC,eAAe,EAC1B,IAAI,mCAAgB,CAAC,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAC9D,CAAA;QACH,CAAC;KAAA;CACF;AA/CD,wEA+CC;AAED,MAAa,yBAAyB;IACpC,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAID;;;;;;;OAOG;IACH,YACmB,OAAmB,EACnB,QAAiB,EACjB,QAAiB,EAClC,OAAgD,EAC/B,UAAoD;QAJpD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAS;QACjB,aAAQ,GAAR,QAAQ,CAAS;QAEjB,eAAU,GAAV,UAAU,CAA0C;QAErE,MAAM,YAAY,GAChB,OAAO,aAAP,OAAO,cAAP,OAAO,GACP,CAAC,UAAU;YACT,CAAC,CAAC,IAAI,+BAAc,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,YAAY,EAAE,CAAC;YACjG,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;gBAC1B,CAAC,CAAC,IAAI,6CAAqB,CAAC,OAAO,EAAE,QAAS,EAAE,QAAS,CAAC;gBAC1D,CAAC,CAAC,SAAS,CAAC,CAAA;QAChB,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;SACrD;QACD,IAAI,CAAC,OAAO,GAAG,YAAY,CAAA;IAC7B,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;QACzH,CAAC;KAAA;CACF;AA3CD,8DA2CC;AAED,MAAa,2BAA2B;IACtC,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAED,YAAoB,QAAgB,EAAU,QAAgB;QAA1C,aAAQ,GAAR,QAAQ,CAAQ;QAAU,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAElE,cAAc;QACZ,OAAO,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAC3D,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,2BAA2B,CAAC,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;CACF;AAdD,kEAcC;AAED,MAAa,wBAAwB;IACnC,cAAc;QACZ,OAAO,IAAI,6BAAa,EAAE,CAAA;IAC5B,CAAC;IAED,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,IAAI,CAAA;QACb,CAAC;KAAA;CACF;AAZD,4DAYC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,OAAyB;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAA;IAChE,IAAI,CAAC,CAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,MAAM,CAAA,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,wBAAwB,CAAC,CAAA;KAC1E;IACD,OAAO,GAAG,OAAO,IAAI,aAAa,CAAC,MAAM,EAAE,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,SAAe,aAAa,CAC1B,OAAmB,EACnB,OAA+C,EAC/C,QAA4B,EAC5B,QAA4B,EAC5B,UAAkB,EAClB,OAAyB;;QAEzB,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,YAAY,CAAA;QACtF,MAAM,eAAe,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpI,MAAM,YAAY,GAAG,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QACvD,MAAM,eAAe,GACnB,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;YACtB,CAAC,CAAC,IAAI,6CAAqB,CACvB,OAAO,EACP,YAAY,EACZ,QAAQ,EACR,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd;YACH,CAAC,CAAC,IAAI,+BAAc,CAChB,OAAO,EACP,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd,CAAA;QACP,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,CAAA;IACzD,CAAC;CAAA","sourcesContent":["import { AuthService } from './AuthService'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { EnsembleAuthService } from './EnsembleAuthService'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport { JwtAuthService } from './JwtAuthService'\nimport { UserGroup } from '../../icc-api/model/UserGroup'\n\n/**\n * @internal you should not instantiate implementations of this interface directly.\n */\nexport interface AuthenticationProvider {\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n */\n getAuthService(): AuthService\n\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n * Gives a new authentication provider for the same user and authentication method but for a different iCure group\n * @param newGroupId id of the new group to switch to\n * @param matches the list of groups the user is in, containing also the group-specific id of the user. Note that users with same login username but\n * different password are considered as if they are different users and should not appear in these matches. You can get this list by calling\n * {@link IccUserApi.getMatchingUsers} authenticated.\n * @return a new authentication provider\n */\n switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider>\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined>\n}\n\nexport class EnsembleAuthenticationProvider implements AuthenticationProvider {\n private readonly basicAuth: BasicAuthService\n private jwtAuth: JwtAuthService | JwtBridgedAuthService\n private suspensionEnd: Date | undefined\n\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username: string,\n private readonly password: string,\n private readonly jwtTimeout: number = 3600,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n basicAuth?: BasicAuthService,\n thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {\n this.jwtAuth = jwtAuth ?? new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.basicAuth = basicAuth ?? new BasicAuthService(this.username, this.password)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n getAuthService(): AuthService {\n // If the jwtAuth is in an error state, it instantiates a new one,\n // but it will not use it until the suspension ends\n if (this.jwtAuth.isInErrorState()) {\n console.warn('Error state in JWT, I will skip it')\n this.jwtAuth = new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.suspensionEnd = new Date(new Date().getTime() + this.jwtTimeout * 1000)\n }\n\n return !!this.suspensionEnd && new Date() <= this.suspensionEnd\n ? new EnsembleAuthService(null, new NoAuthService(), this.basicAuth)\n : new EnsembleAuthService(this.jwtAuth, new NoAuthService(), this.basicAuth)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new EnsembleAuthenticationProvider(\n this.authApi,\n switchInfo.loginForGroup,\n this.password,\n this.jwtTimeout,\n switchInfo.switchedJwtAuth,\n new BasicAuthService(switchInfo.loginForGroup, this.password)\n )\n }\n}\n\nexport class JwtAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n private readonly jwtAuth: JwtAuthService | JwtBridgedAuthService\n\n /**\n * @internal\n * @param authApi\n * @param username\n * @param password\n * @param jwtAuth\n * @param icureToken\n */\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username?: string,\n private readonly password?: string,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n private readonly icureToken?: { token: string; refreshToken: string }\n ) {\n const composedAuth =\n jwtAuth ??\n (icureToken\n ? new JwtAuthService(authApi, { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken })\n : !!username && !!password\n ? new JwtBridgedAuthService(authApi, username!, password!)\n : undefined)\n if (!composedAuth) {\n throw new Error('No authentication method provided')\n }\n this.jwtAuth = composedAuth\n }\n\n getAuthService(): AuthService {\n return this.jwtAuth\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new JwtAuthenticationProvider(this.authApi, switchInfo.loginForGroup, this.password, switchInfo.switchedJwtAuth)\n }\n}\n\nexport class BasicAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n constructor(private username: string, private password: string) {}\n\n getAuthService(): AuthService {\n return new BasicAuthService(this.username, this.password)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new BasicAuthenticationProvider(loginForGroup(newGroupId, matches), this.password))\n }\n}\n\nexport class NoAuthenticationProvider implements AuthenticationProvider {\n getAuthService(): AuthService {\n return new NoAuthService()\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return this\n }\n}\n\n/**\n * @internal\n */\nfunction loginForGroup(groupId: string, matches: Array<UserGroup>): string {\n const matchForGroup = matches.find((x) => x.groupId === groupId)\n if (!matchForGroup?.userId) {\n throw new Error(`Can't switch to group ${groupId} for the current user.`)\n }\n return `${groupId}/${matchForGroup.userId}`\n}\n\n/**\n * @internal\n * Creates a jwtAuth from an existing one in order to switch group\n */\nasync function switchJwtAuth(\n authApi: IccAuthApi,\n jwtAuth: JwtAuthService | JwtBridgedAuthService,\n username: string | undefined,\n password: string | undefined,\n newGroupId: string,\n matches: Array<UserGroup>\n): Promise<{ loginForGroup: string; switchedJwtAuth: JwtAuthService | JwtBridgedAuthService }> {\n const refreshToken = jwtAuth.isInErrorState() ? undefined : await jwtAuth.refreshToken\n const switchedJwtInfo = refreshToken ? await authApi.switchGroup(refreshToken, newGroupId).catch(() => undefined as any) : undefined\n const updatedLogin = loginForGroup(newGroupId, matches)\n const switchedJwtAuth =\n !!username && !!password\n ? new JwtBridgedAuthService(\n authApi,\n updatedLogin,\n password,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n : new JwtAuthService(\n authApi,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n return { loginForGroup: updatedLogin, switchedJwtAuth }\n}\n"]}
1
+ {"version":3,"file":"AuthenticationProvider.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthenticationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,+DAA2D;AAC3D,mEAA+D;AAC/D,mDAA+C;AAC/C,yDAAqD;AACrD,qDAAiD;AA0BjD,MAAa,8BAA8B;IAKzC,YACmB,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,aAAqB,IAAI,EAC1C,OAAgD,EAChD,SAA4B,EAC5B,mBAAqD,EAAE;QANtC,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,eAAU,GAAV,UAAU,CAAe;QAK1C,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC/F,IAAI,CAAC,SAAS,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAClF,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAED,cAAc;QACZ,kEAAkE;QAClE,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE;YACjC,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAA;YAClD,IAAI,CAAC,OAAO,GAAG,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;YACpF,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;SAC7E;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,aAAa;YAC7D,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC;YACpE,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IAChF,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,8BAA8B,CACvC,IAAI,CAAC,OAAO,EACZ,UAAU,CAAC,aAAa,EACxB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,UAAU,EACf,UAAU,CAAC,eAAe,EAC1B,IAAI,mCAAgB,CAAC,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAC9D,CAAA;QACH,CAAC;KAAA;CACF;AA/CD,wEA+CC;AAED,MAAa,yBAAyB;IACpC,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAID;;;;;;;OAOG;IACH,YACmB,OAAmB,EACnB,QAAiB,EACjB,QAAiB,EAClC,OAAgD,EAC/B,UAAoD;QAJpD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAS;QACjB,aAAQ,GAAR,QAAQ,CAAS;QAEjB,eAAU,GAAV,UAAU,CAA0C;QAErE,MAAM,YAAY,GAChB,OAAO,aAAP,OAAO,cAAP,OAAO,GACP,CAAC,UAAU;YACT,CAAC,CAAC,IAAI,+BAAc,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,YAAY,EAAE,CAAC;YACjG,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;gBAC1B,CAAC,CAAC,IAAI,6CAAqB,CAAC,OAAO,EAAE,QAAS,EAAE,QAAS,CAAC;gBAC1D,CAAC,CAAC,SAAS,CAAC,CAAA;QAChB,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;SACrD;QACD,IAAI,CAAC,OAAO,GAAG,YAAY,CAAA;IAC7B,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;QACzH,CAAC;KAAA;CACF;AA3CD,8DA2CC;AAED,MAAa,2BAA2B;IACtC,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAED,YAAoB,QAAgB,EAAU,QAAgB;QAA1C,aAAQ,GAAR,QAAQ,CAAQ;QAAU,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAElE,cAAc;QACZ,OAAO,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAC3D,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,2BAA2B,CAAC,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;CACF;AAdD,kEAcC;AAED,MAAa,wBAAwB;IACnC,cAAc;QACZ,OAAO,IAAI,6BAAa,EAAE,CAAA;IAC5B,CAAC;IAED,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,wBAAwB,EAAE,CAAC,CAAA;QACxD,CAAC;KAAA;CACF;AAZD,4DAYC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,OAAyB;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAA;IAChE,IAAI,CAAC,CAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,MAAM,CAAA,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,wBAAwB,CAAC,CAAA;KAC1E;IACD,OAAO,GAAG,OAAO,IAAI,aAAa,CAAC,MAAM,EAAE,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,SAAe,aAAa,CAC1B,OAAmB,EACnB,OAA+C,EAC/C,QAA4B,EAC5B,QAA4B,EAC5B,UAAkB,EAClB,OAAyB;;QAEzB,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,YAAY,CAAA;QACtF,MAAM,eAAe,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpI,MAAM,YAAY,GAAG,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QACvD,MAAM,eAAe,GACnB,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;YACtB,CAAC,CAAC,IAAI,6CAAqB,CACvB,OAAO,EACP,YAAY,EACZ,QAAQ,EACR,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd;YACH,CAAC,CAAC,IAAI,+BAAc,CAChB,OAAO,EACP,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd,CAAA;QACP,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,CAAA;IACzD,CAAC;CAAA","sourcesContent":["import { AuthService } from './AuthService'\nimport { IccAuthApi } from '../../icc-api'\nimport { EnsembleAuthService } from './EnsembleAuthService'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport { JwtAuthService } from './JwtAuthService'\nimport { UserGroup } from '../../icc-api/model/UserGroup'\n\n/**\n * @internal you should not implement this interface yourself.\n */\nexport interface AuthenticationProvider {\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n */\n getAuthService(): AuthService\n\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n * Gives a new authentication provider for the same user and authentication method but for a different iCure group\n * @param newGroupId id of the new group to switch to\n * @param matches the list of groups the user is in, containing also the group-specific id of the user. Note that users with same login username but\n * different password are considered as if they are different users and should not appear in these matches. You can get this list by calling\n * {@link IccUserApi.getMatchingUsers} authenticated.\n * @return a new authentication provider\n */\n switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider>\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined>\n}\n\nexport class EnsembleAuthenticationProvider implements AuthenticationProvider {\n private readonly basicAuth: BasicAuthService\n private jwtAuth: JwtAuthService | JwtBridgedAuthService\n private suspensionEnd: Date | undefined\n\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username: string,\n private readonly password: string,\n private readonly jwtTimeout: number = 3600,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n basicAuth?: BasicAuthService,\n thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {\n this.jwtAuth = jwtAuth ?? new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.basicAuth = basicAuth ?? new BasicAuthService(this.username, this.password)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n getAuthService(): AuthService {\n // If the jwtAuth is in an error state, it instantiates a new one,\n // but it will not use it until the suspension ends\n if (this.jwtAuth.isInErrorState()) {\n console.warn('Error state in JWT, I will skip it')\n this.jwtAuth = new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.suspensionEnd = new Date(new Date().getTime() + this.jwtTimeout * 1000)\n }\n\n return !!this.suspensionEnd && new Date() <= this.suspensionEnd\n ? new EnsembleAuthService(null, new NoAuthService(), this.basicAuth)\n : new EnsembleAuthService(this.jwtAuth, new NoAuthService(), this.basicAuth)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new EnsembleAuthenticationProvider(\n this.authApi,\n switchInfo.loginForGroup,\n this.password,\n this.jwtTimeout,\n switchInfo.switchedJwtAuth,\n new BasicAuthService(switchInfo.loginForGroup, this.password)\n )\n }\n}\n\nexport class JwtAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n private readonly jwtAuth: JwtAuthService | JwtBridgedAuthService\n\n /**\n * @internal\n * @param authApi\n * @param username\n * @param password\n * @param jwtAuth\n * @param icureToken\n */\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username?: string,\n private readonly password?: string,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n private readonly icureToken?: { token: string; refreshToken: string }\n ) {\n const composedAuth =\n jwtAuth ??\n (icureToken\n ? new JwtAuthService(authApi, { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken })\n : !!username && !!password\n ? new JwtBridgedAuthService(authApi, username!, password!)\n : undefined)\n if (!composedAuth) {\n throw new Error('No authentication method provided')\n }\n this.jwtAuth = composedAuth\n }\n\n getAuthService(): AuthService {\n return this.jwtAuth\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new JwtAuthenticationProvider(this.authApi, switchInfo.loginForGroup, this.password, switchInfo.switchedJwtAuth)\n }\n}\n\nexport class BasicAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n constructor(private username: string, private password: string) {}\n\n getAuthService(): AuthService {\n return new BasicAuthService(this.username, this.password)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new BasicAuthenticationProvider(loginForGroup(newGroupId, matches), this.password))\n }\n}\n\nexport class NoAuthenticationProvider implements AuthenticationProvider {\n getAuthService(): AuthService {\n return new NoAuthService()\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new NoAuthenticationProvider())\n }\n}\n\n/**\n * @internal\n */\nfunction loginForGroup(groupId: string, matches: Array<UserGroup>): string {\n const matchForGroup = matches.find((x) => x.groupId === groupId)\n if (!matchForGroup?.userId) {\n throw new Error(`Can't switch to group ${groupId} for the current user.`)\n }\n return `${groupId}/${matchForGroup.userId}`\n}\n\n/**\n * @internal\n * Creates a jwtAuth from an existing one in order to switch group\n */\nasync function switchJwtAuth(\n authApi: IccAuthApi,\n jwtAuth: JwtAuthService | JwtBridgedAuthService,\n username: string | undefined,\n password: string | undefined,\n newGroupId: string,\n matches: Array<UserGroup>\n): Promise<{ loginForGroup: string; switchedJwtAuth: JwtAuthService | JwtBridgedAuthService }> {\n const refreshToken = jwtAuth.isInErrorState() ? undefined : await jwtAuth.refreshToken\n const switchedJwtInfo = refreshToken ? await authApi.switchGroup(refreshToken, newGroupId).catch(() => undefined as any) : undefined\n const updatedLogin = loginForGroup(newGroupId, matches)\n const switchedJwtAuth =\n !!username && !!password\n ? new JwtBridgedAuthService(\n authApi,\n updatedLogin,\n password,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n : new JwtAuthService(\n authApi,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n return { loginForGroup: updatedLogin, switchedJwtAuth }\n}\n"]}
@@ -17,6 +17,6 @@ export declare class EnsembleAuthService implements AuthService {
17
17
  token: string;
18
18
  refreshToken: string;
19
19
  } | undefined>;
20
- getAuthHeaders(): Promise<Array<Header>>;
20
+ getAuthHeaders(minimumAuthenticationClass: number | undefined): Promise<Array<Header>>;
21
21
  invalidateHeader(error: Error): void;
22
22
  }
@@ -30,14 +30,14 @@ class EnsembleAuthService {
30
30
  var _a, _b;
31
31
  return (_b = (_a = this.jwtAuth) === null || _a === void 0 ? void 0 : _a.getIcureTokens()) !== null && _b !== void 0 ? _b : Promise.resolve();
32
32
  }
33
- getAuthHeaders() {
33
+ getAuthHeaders(minimumAuthenticationClass) {
34
34
  return __awaiter(this, void 0, void 0, function* () {
35
35
  this.currentState = !!this.currentState ? this.stateMap[this.currentState].next : this.currentState;
36
36
  if (!!this.currentState) {
37
37
  // If I have a state I return the headers, otherwise I return empty headers
38
38
  // And delegate the responsibility of handling the error to the next call
39
39
  return !!this.stateMap[this.currentState].state
40
- ? this.stateMap[this.currentState].state.getAuthHeaders().catch((e) => {
40
+ ? this.stateMap[this.currentState].state.getAuthHeaders(minimumAuthenticationClass).catch((e) => {
41
41
  if (e instanceof XHRError && e.statusCode === 417) {
42
42
  throw e;
43
43
  }
@@ -1 +1 @@
1
- {"version":3,"file":"EnsembleAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/EnsembleAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAK3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAG9B,MAAa,mBAAmB;IAK9B,YACmB,OAAsD,EACtD,WAA0B,EAC1B,SAA2B;QAF3B,YAAO,GAAP,OAAO,CAA+C;QACtD,gBAAW,GAAX,WAAW,CAAe;QAC1B,cAAS,GAAT,SAAS,CAAkB;QANtC,UAAK,GAAiB,IAAI,CAAA;QAQhC,IAAI,CAAC,QAAQ,GAAG;YACd,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE;YACnC,GAAG,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;YAC7C,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE;YACnD,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE;SAC7C,CAAA;QACD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAA;IAC7B,CAAC;IAED,cAAc;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,cAAc,EAAE,mCAAK,OAAO,CAAC,OAAO,EAAyB,CAAA;IACpF,CAAC;IAEK,cAAc;;YAClB,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAA;YAEnG,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,EAAE;gBACvB,2EAA2E;gBAC3E,yEAAyE;gBACzE,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK;oBAC7C,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAM,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACnE,IAAI,CAAC,YAAY,QAAQ,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE;4BACjD,MAAM,CAAC,CAAA;yBACR;wBACD,sFAAsF;wBACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;wBACvB,IAAI,CAAC,KAAK,GAAG,CAAC,CAAA;wBAEd,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC;oBACJ,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;aACxB;iBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE;gBACvB,oEAAoE;gBACpE,MAAM,IAAI,CAAC,KAAK,CAAA;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;aACvC;QACH,CAAC;KAAA;IAED,gBAAgB,CAAC,KAAY;;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,EAAE;YACvB,MAAA,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,0CAAE,gBAAgB,CAAC,KAAK,CAAC,CAAA;SAChE;IACH,CAAC;CACF;AAvDD,kDAuDC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport Header = XHR.Header\nimport XHRError = XHR.XHRError\nimport { JwtAuthService } from './JwtAuthService'\n\nexport class EnsembleAuthService implements AuthService {\n private currentState: string | null\n private error: Error | null = null\n private stateMap: { [key: string]: { state: AuthService | null; next: string | null } }\n\n constructor(\n private readonly jwtAuth: JwtBridgedAuthService | JwtAuthService | null,\n private readonly sessionAuth: NoAuthService,\n private readonly basicAuth: BasicAuthService\n ) {\n this.stateMap = {\n start: { state: null, next: 'jwt' },\n jwt: { state: this.jwtAuth, next: 'session' },\n session: { state: this.sessionAuth, next: 'basic' },\n basic: { state: this.basicAuth, next: null },\n }\n this.currentState = 'start'\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth?.getIcureTokens() ?? (Promise.resolve() as Promise<undefined>)\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n this.currentState = !!this.currentState ? this.stateMap[this.currentState].next : this.currentState\n\n if (!!this.currentState) {\n // If I have a state I return the headers, otherwise I return empty headers\n // And delegate the responsibility of handling the error to the next call\n return !!this.stateMap[this.currentState].state\n ? this.stateMap[this.currentState].state!.getAuthHeaders().catch((e) => {\n if (e instanceof XHRError && e.statusCode === 417) {\n throw e\n }\n // If I get an error, it is also responsibility of the next call, but I give a warning\n console.warn(e.message)\n this.error = e\n\n return []\n })\n : Promise.resolve([])\n } else if (!!this.error) {\n // If I have no more states, I throw the last error or a default one\n throw this.error\n } else {\n throw new Error('Cannot authenticate')\n }\n }\n\n invalidateHeader(error: Error): void {\n this.error = error\n if (!!this.currentState) {\n this.stateMap[this.currentState].state?.invalidateHeader(error)\n }\n }\n}\n"]}
1
+ {"version":3,"file":"EnsembleAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/EnsembleAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAK3C,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAG9B,MAAa,mBAAmB;IAK9B,YACmB,OAAsD,EACtD,WAA0B,EAC1B,SAA2B;QAF3B,YAAO,GAAP,OAAO,CAA+C;QACtD,gBAAW,GAAX,WAAW,CAAe;QAC1B,cAAS,GAAT,SAAS,CAAkB;QANtC,UAAK,GAAiB,IAAI,CAAA;QAQhC,IAAI,CAAC,QAAQ,GAAG;YACd,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE;YACnC,GAAG,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE;YAC7C,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,EAAE;YACnD,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE;SAC7C,CAAA;QACD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAA;IAC7B,CAAC;IAED,cAAc;;QACZ,OAAO,MAAA,MAAA,IAAI,CAAC,OAAO,0CAAE,cAAc,EAAE,mCAAK,OAAO,CAAC,OAAO,EAAyB,CAAA;IACpF,CAAC;IAEK,cAAc,CAAC,0BAA8C;;YACjE,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAA;YAEnG,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,EAAE;gBACvB,2EAA2E;gBAC3E,yEAAyE;gBACzE,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK;oBAC7C,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAM,CAAC,cAAc,CAAC,0BAA0B,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBAC7F,IAAI,CAAC,YAAY,QAAQ,IAAI,CAAC,CAAC,UAAU,KAAK,GAAG,EAAE;4BACjD,MAAM,CAAC,CAAA;yBACR;wBACD,sFAAsF;wBACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;wBACvB,IAAI,CAAC,KAAK,GAAG,CAAC,CAAA;wBAEd,OAAO,EAAE,CAAA;oBACX,CAAC,CAAC;oBACJ,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;aACxB;iBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE;gBACvB,oEAAoE;gBACpE,MAAM,IAAI,CAAC,KAAK,CAAA;aACjB;iBAAM;gBACL,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;aACvC;QACH,CAAC;KAAA;IAED,gBAAgB,CAAC,KAAY;;QAC3B,IAAI,CAAC,KAAK,GAAG,KAAK,CAAA;QAClB,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,EAAE;YACvB,MAAA,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,KAAK,0CAAE,gBAAgB,CAAC,KAAK,CAAC,CAAA;SAChE;IACH,CAAC;CACF;AAvDD,kDAuDC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport Header = XHR.Header\nimport XHRError = XHR.XHRError\nimport { JwtAuthService } from './JwtAuthService'\n\nexport class EnsembleAuthService implements AuthService {\n private currentState: string | null\n private error: Error | null = null\n private stateMap: { [key: string]: { state: AuthService | null; next: string | null } }\n\n constructor(\n private readonly jwtAuth: JwtBridgedAuthService | JwtAuthService | null,\n private readonly sessionAuth: NoAuthService,\n private readonly basicAuth: BasicAuthService\n ) {\n this.stateMap = {\n start: { state: null, next: 'jwt' },\n jwt: { state: this.jwtAuth, next: 'session' },\n session: { state: this.sessionAuth, next: 'basic' },\n basic: { state: this.basicAuth, next: null },\n }\n this.currentState = 'start'\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth?.getIcureTokens() ?? (Promise.resolve() as Promise<undefined>)\n }\n\n async getAuthHeaders(minimumAuthenticationClass: number | undefined): Promise<Array<Header>> {\n this.currentState = !!this.currentState ? this.stateMap[this.currentState].next : this.currentState\n\n if (!!this.currentState) {\n // If I have a state I return the headers, otherwise I return empty headers\n // And delegate the responsibility of handling the error to the next call\n return !!this.stateMap[this.currentState].state\n ? this.stateMap[this.currentState].state!.getAuthHeaders(minimumAuthenticationClass).catch((e) => {\n if (e instanceof XHRError && e.statusCode === 417) {\n throw e\n }\n // If I get an error, it is also responsibility of the next call, but I give a warning\n console.warn(e.message)\n this.error = e\n\n return []\n })\n : Promise.resolve([])\n } else if (!!this.error) {\n // If I have no more states, I throw the last error or a default one\n throw this.error\n } else {\n throw new Error('Cannot authenticate')\n }\n }\n\n invalidateHeader(error: Error): void {\n this.error = error\n if (!!this.currentState) {\n this.stateMap[this.currentState].state?.invalidateHeader(error)\n }\n }\n}\n"]}
@@ -20,8 +20,6 @@ export declare class JwtAuthService implements AuthService {
20
20
  } | undefined>;
21
21
  getAuthHeaders(): Promise<Array<Header>>;
22
22
  private _refreshAuthJwt;
23
- private _isJwtInvalidOrExpired;
24
- private _base64Decode;
25
23
  invalidateHeader(error: Error): void;
26
24
  isInErrorState(): boolean;
27
25
  }
@@ -11,7 +11,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.JwtAuthService = void 0;
13
13
  const XHR_1 = require("../../icc-api/api/XHR");
14
- const utils_1 = require("../utils");
14
+ const JwtUtils_1 = require("./JwtUtils");
15
15
  /**
16
16
  * Differs from JwtBridgedAuthService in that it cannot create new refresh tokens
17
17
  */
@@ -36,7 +36,7 @@ class JwtAuthService {
36
36
  .then((x) => {
37
37
  const authJwt = x === null || x === void 0 ? void 0 : x.authJwt;
38
38
  const refreshJwt = x === null || x === void 0 ? void 0 : x.refreshJwt;
39
- if ((!authJwt || this._isJwtInvalidOrExpired(authJwt)) && refreshJwt) {
39
+ if ((!authJwt || (0, JwtUtils_1.isJwtInvalidOrExpired)(authJwt)) && refreshJwt) {
40
40
  // If it does not have the JWT, tries to get it
41
41
  // If the JWT is expired, tries to refresh it
42
42
  this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {
@@ -62,7 +62,7 @@ class JwtAuthService {
62
62
  return __awaiter(this, void 0, void 0, function* () {
63
63
  // If I do not have a refresh JWT or the refresh JWT is expired,
64
64
  // I have to log in again
65
- if (this._isJwtInvalidOrExpired(refreshJwt)) {
65
+ if ((0, JwtUtils_1.isJwtInvalidOrExpired)(refreshJwt)) {
66
66
  throw Error('Missing or expired refresh token: please log in again');
67
67
  }
68
68
  else {
@@ -73,18 +73,6 @@ class JwtAuthService {
73
73
  }
74
74
  });
75
75
  }
76
- _isJwtInvalidOrExpired(jwt) {
77
- const parts = jwt.split('.');
78
- if (parts.length !== 3) {
79
- return true;
80
- }
81
- const payload = this._base64Decode(parts[1]);
82
- // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.
83
- return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime();
84
- }
85
- _base64Decode(encodedString) {
86
- return JSON.parse((0, utils_1.a2b)(encodedString));
87
- }
88
76
  invalidateHeader(error) {
89
77
  this._error = error;
90
78
  }
@@ -1 +1 @@
1
- {"version":3,"file":"JwtAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAI3C,oCAA8B;AAI9B;;GAEG;AACH,MAAa,cAAc;IAIzB,YAA6B,OAAmB,EAAE,UAAoD;QAAzE,YAAO,GAAP,OAAO,CAAY;QAHxC,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAiE,OAAO,CAAC,OAAO,CAAC,SAAgB,CAAC,CAAA;QAGvH,IAAI,CAAC,CAAC,UAAU,EAAE;YAChB,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;SACnD;IACH,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAiB,CAAC,CAAA;IAC/D,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7G,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,MAAM,OAAO,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,CAAA;gBAC1B,MAAM,UAAU,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,CAAA;gBAEhC,IAAI,CAAC,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,IAAI,UAAU,EAAE;oBACpE,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,OAAO,CAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,EAAC,CAAC,CAAC,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAA;YAC9H,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAAkB;;YAC9C,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC3C,MAAM,KAAK,CAAC,uDAAuD,CAAC,CAAA;aACrE;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAM;oBAC/B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AAjFD,wCAiFC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtBridgedAuthService in that it cannot create new refresh tokens\n */\nexport class JwtAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt: string; refreshJwt: string } | undefined> = Promise.resolve(undefined as any)\n\n constructor(private readonly authApi: IccAuthApi, initialJwt?: { authJwt: string; refreshJwt: string }) {\n if (!!initialJwt) {\n this._currentPromise = Promise.resolve(initialJwt)\n }\n }\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x?.refreshJwt as any)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this._currentPromise.then((x) => (x ? { token: x.authJwt, refreshToken: x.refreshJwt } : undefined))\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this._currentPromise\n .then((x) => {\n const authJwt = x?.authJwt\n const refreshJwt = x?.refreshJwt\n\n if ((!authJwt || this._isJwtInvalidOrExpired(authJwt)) && refreshJwt) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then((x) => {\n return x?.authJwt ? [new XHR.Header('Authorization', `Bearer ${x.authJwt}`)] : Promise.reject('Cannot provide auth: No JWT')\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string): Promise<{ authJwt: string; refreshJwt: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (this._isJwtInvalidOrExpired(refreshJwt)) {\n throw Error('Missing or expired refresh token: please log in again')\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token!,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
1
+ {"version":3,"file":"JwtAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAM3C,yCAAkD;AAElD;;GAEG;AACH,MAAa,cAAc;IAIzB,YAA6B,OAAmB,EAAE,UAAoD;QAAzE,YAAO,GAAP,OAAO,CAAY;QAHxC,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAiE,OAAO,CAAC,OAAO,CAAC,SAAgB,CAAC,CAAA;QAGvH,IAAI,CAAC,CAAC,UAAU,EAAE;YAChB,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;SACnD;IACH,CAAC;IAED,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAiB,CAAC,CAAA;IAC/D,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAA;IAC7G,CAAC;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,MAAM,OAAO,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,CAAA;gBAC1B,MAAM,UAAU,GAAG,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,UAAU,CAAA;gBAEhC,IAAI,CAAC,CAAC,OAAO,IAAI,IAAA,gCAAqB,EAAC,OAAO,CAAC,CAAC,IAAI,UAAU,EAAE;oBAC9D,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBACV,OAAO,CAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,EAAC,CAAC,CAAC,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAA;YAC9H,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEa,eAAe,CAAC,UAAkB;;YAC9C,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,IAAA,gCAAqB,EAAC,UAAU,CAAC,EAAE;gBACrC,MAAM,KAAK,CAAC,uDAAuD,CAAC,CAAA;aACrE;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAM;oBAC/B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AAnED,wCAmEC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi } from '../../icc-api'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\nimport { isJwtInvalidOrExpired } from './JwtUtils'\n\n/**\n * Differs from JwtBridgedAuthService in that it cannot create new refresh tokens\n */\nexport class JwtAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt: string; refreshJwt: string } | undefined> = Promise.resolve(undefined as any)\n\n constructor(private readonly authApi: IccAuthApi, initialJwt?: { authJwt: string; refreshJwt: string }) {\n if (!!initialJwt) {\n this._currentPromise = Promise.resolve(initialJwt)\n }\n }\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x?.refreshJwt as any)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this._currentPromise.then((x) => (x ? { token: x.authJwt, refreshToken: x.refreshJwt } : undefined))\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this._currentPromise\n .then((x) => {\n const authJwt = x?.authJwt\n const refreshJwt = x?.refreshJwt\n\n if ((!authJwt || isJwtInvalidOrExpired(authJwt)) && refreshJwt) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then((x) => {\n return x?.authJwt ? [new XHR.Header('Authorization', `Bearer ${x.authJwt}`)] : Promise.reject('Cannot provide auth: No JWT')\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string): Promise<{ authJwt: string; refreshJwt: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (isJwtInvalidOrExpired(refreshJwt)) {\n throw Error('Missing or expired refresh token: please log in again')\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token!,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
@@ -126,7 +126,7 @@ class JwtBridgedAuthService {
126
126
  }
127
127
  const payload = this._base64Decode(parts[1]);
128
128
  // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.
129
- return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime();
129
+ return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime() - 10000;
130
130
  }
131
131
  _base64Decode(encodedString) {
132
132
  return JSON.parse((0, utils_1.a2b)(encodedString));
@@ -1 +1 @@
1
- {"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAA4B,EAC5B,QAA4B,EAC5B,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,MAAM;;YACV,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE;oBACpD,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;gBACpB,OAAO,OAAO,CAAA;YAChB,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;gBACpC,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;IAC5E,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AA/HD,sDA+HC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired\n */\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string | undefined,\n private password: string | undefined,\n private thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {}\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x.refreshJwt as any)\n }\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getJWT(): Promise<string | undefined> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then(({ authJwt }) => {\n return authJwt\n })\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this.getJWT().then((authJwt) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime()\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
1
+ {"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAA4B,EAC5B,QAA4B,EAC5B,mBAAqD,EAAE;QAHvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAO9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,MAAM;;YACV,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE;oBACpD,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;gBACpB,OAAO,OAAO,CAAA;YAChB,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;gBACpC,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAA;IACpF,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AA/HD,sDA+HC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired\n */\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string | undefined,\n private password: string | undefined,\n private thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {}\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x.refreshJwt as any)\n }\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getJWT(): Promise<string | undefined> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then(({ authJwt }) => {\n return authJwt\n })\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this.getJWT().then((authJwt) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime() - 10000\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
@@ -0,0 +1,10 @@
1
+ /**
2
+ * @internal this function is for internal use only and may be changed without notice
3
+ * Returns true if the jwt is invalid or expired, false otherwise.
4
+ */
5
+ export declare function isJwtInvalidOrExpired(jwt: string): boolean;
6
+ /**
7
+ * @internal this function is for internal use only and may be changed without notice
8
+ * Get the claims of the jwt.
9
+ */
10
+ export declare function decodeJwtClaims(jwt: string): any;
@@ -0,0 +1,31 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.decodeJwtClaims = exports.isJwtInvalidOrExpired = void 0;
4
+ const utils_1 = require("../utils");
5
+ /**
6
+ * @internal this function is for internal use only and may be changed without notice
7
+ * Returns true if the jwt is invalid or expired, false otherwise.
8
+ */
9
+ function isJwtInvalidOrExpired(jwt) {
10
+ try {
11
+ const claims = decodeJwtClaims(jwt);
12
+ // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.
13
+ return !('exp' in claims) || claims['exp'] * 1000 < new Date().getTime();
14
+ }
15
+ catch (e) {
16
+ return true;
17
+ }
18
+ }
19
+ exports.isJwtInvalidOrExpired = isJwtInvalidOrExpired;
20
+ /**
21
+ * @internal this function is for internal use only and may be changed without notice
22
+ * Get the claims of the jwt.
23
+ */
24
+ function decodeJwtClaims(jwt) {
25
+ const parts = jwt.split('.');
26
+ if (parts.length !== 3)
27
+ throw new Error('Invalid JWT: should be 3 parts');
28
+ return JSON.parse((0, utils_1.a2b)(parts[1]));
29
+ }
30
+ exports.decodeJwtClaims = decodeJwtClaims;
31
+ //# sourceMappingURL=JwtUtils.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"JwtUtils.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtUtils.ts"],"names":[],"mappings":";;;AAAA,oCAA8B;AAE9B;;;GAGG;AACH,SAAgB,qBAAqB,CAAC,GAAW;IAC/C,IAAI;QACF,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAA;QACnC,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAA;KACzE;IAAC,OAAO,CAAC,EAAE;QACV,OAAO,IAAI,CAAA;KACZ;AACH,CAAC;AARD,sDAQC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;IACzE,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AAClC,CAAC;AAJD,0CAIC","sourcesContent":["import { a2b } from '../utils'\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Returns true if the jwt is invalid or expired, false otherwise.\n */\nexport function isJwtInvalidOrExpired(jwt: string): boolean {\n try {\n const claims = decodeJwtClaims(jwt)\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in claims) || claims['exp'] * 1000 < new Date().getTime()\n } catch (e) {\n return true\n }\n}\n\n/**\n * @internal this function is for internal use only and may be changed without notice\n * Get the claims of the jwt.\n */\nexport function decodeJwtClaims(jwt: string): any {\n const parts = jwt.split('.')\n if (parts.length !== 3) throw new Error('Invalid JWT: should be 3 parts')\n return JSON.parse(a2b(parts[1]))\n}\n"]}
@@ -0,0 +1,132 @@
1
+ import { AuthenticationProvider } from './AuthenticationProvider';
2
+ import { UserGroup } from '../../icc-api/model/UserGroup';
3
+ import { AuthService } from './AuthService';
4
+ import { IccAuthApi, OAuthThirdParty } from '../../icc-api';
5
+ /**
6
+ * Needed by a {@link SmartAuthProvider} to get the secrets (password, token, etc.) for authentication to the iCure SDK as needed.
7
+ */
8
+ export interface AuthSecretProvider {
9
+ /**
10
+ * Provides a secret for authentication to the iCure SDK.
11
+ *
12
+ * ## Accepted secrets
13
+ *
14
+ * The method will be provided with an array of the secrets types that are acceptable (`acceptedSecrets`). Usually this array will contain multiple
15
+ * elements, but this depends on the group configuration, the user (if he has 2fa setup or not), or the operation being performed. For groups using
16
+ * default configurations and for patients without 2fa enabled for example the array will always contain the {@link AuthSecretType.PASSWORD} element.
17
+ * Usually the array contain also the {@link AuthSecretType.LONG_LIVED_TOKEN} element, but if the user is attempting to perform a sensitive operations
18
+ * such as changing his password the default group configuration does not allow for the user to authenticate using a JWT obtained from a long-lived
19
+ * token for this operation, meaning the array will not contain the {@link AuthSecretType.LONG_LIVED_TOKEN} element.
20
+ *
21
+ * Regardless of the number of elements in the array only one secret of the accepted types is sufficient for the operation to succeed.
22
+ *
23
+ * ## TWO_FACTOR_AUTHENTICATION_TOKEN secret type
24
+ *
25
+ * The {@link AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN} secret type is only used when the user has 2fa enabled. In this case the SDK will call
26
+ * this method twice, once containing the {@link AuthSecretType.PASSWORD} element in the `acceptedSecrets` array, and if the provided secret is a
27
+ * valid password the SDK will immediately call this method again, this time containing the {@link AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN}
28
+ * instead of the {@link AuthSecretType.PASSWORD} element.
29
+ *
30
+ * Any future call to this method from the same provider instance will not contain the {@link AuthSecretType.PASSWORD} element anymore, as it is
31
+ * cached, but it may contain the {@link AuthSecretType.TWO_FACTOR_AUTHENTICATION_TOKEN} element instead.
32
+ *
33
+ * Note that the 2fa token is not needed for logging in through a long-lived or short-lived token, it is only used in combination with a password.
34
+ * If the user is using 2fa, and you get in input as `acceptedSecrets` an array `[PASSWORD, LONG_LIVED_TOKEN, SHORT_LIVED_TOKEN]`, and you pass to
35
+ * authenticate a long-lived token, the SDK will not call this method again to ask for the 2fa token.
36
+ *
37
+ * @param acceptedSecrets the types of secrets that are acceptable for the operation being performed.
38
+ * @param previousAttempts the secrets that were previously attempted by the SDK for this operation. This array will be empty the first time this
39
+ * method is called for a given operation, but it may contain multiple elements if the SDK has already called this method multiple times because the
40
+ * previously returned secrets were not valid. The first element is the first secret that was attempted, and the last element is the most recently
41
+ * attempted.
42
+ * @return a promise that resolves with the secret and the secret type to use for authentication. If the promise rejects then the ongoing SDK
43
+ * operation will fail without being re-attempted.
44
+ */
45
+ getSecret(acceptedSecrets: AuthSecretType[], previousAttempts: AuthSecretDetails[]): Promise<AuthSecretDetails>;
46
+ }
47
+ export type AuthSecretDetails = {
48
+ value: string;
49
+ secretType: Exclude<AuthSecretType, AuthSecretType.EXTERNAL_AUTHENTICATION>;
50
+ } | {
51
+ value: string;
52
+ secretType: AuthSecretType.EXTERNAL_AUTHENTICATION;
53
+ oauthType: OAuthThirdParty;
54
+ };
55
+ /**
56
+ * Represents a type of secret that can be used for authentication with iCure.
57
+ */
58
+ export declare enum AuthSecretType {
59
+ /**
60
+ * Password chosen by the user.
61
+ */
62
+ PASSWORD = "PASSWORD",
63
+ /**
64
+ * Time based one time password provided by authenticator applications, generated on the basis of a timestamp and a shared secret between the iCure
65
+ * server and the authenticator application.
66
+ */
67
+ TWO_FACTOR_AUTHENTICATION_TOKEN = "TWO_FACTOR_AUTHENTICATION_TOKEN",
68
+ /**
69
+ * A short-lived iCure token, an internal authentication token that lasts 5 minutes or less. Unlike passwords these tokens usually are generated by
70
+ * some component of iCure, and are not chosen by the user.
71
+ */
72
+ SHORT_LIVED_TOKEN = "SHORT_LIVED_TOKEN",
73
+ /**
74
+ * A long-lived iCure token, an internal authentication token that lasts longer than 5 minutes. Unlike passwords these tokens usually are generated
75
+ * by some component of iCure, and are not chosen by the user.
76
+ */
77
+ LONG_LIVED_TOKEN = "LONG_LIVED_TOKEN",
78
+ /**
79
+ * A token provided by an external authentication provider (e.g. Oauth/Google).
80
+ * Not yet in use.
81
+ */
82
+ EXTERNAL_AUTHENTICATION = "EXTERNAL_AUTHENTICATION"
83
+ }
84
+ /**
85
+ * @internal this class is meant for internal use only and may be changed without notice. The SmartAuthProvider will be initialised automatically
86
+ * by the iCure api depending on the authentication options you provide.
87
+ *
88
+ * An authentication provider that automatically requests secrets for authentication as needed.
89
+ *
90
+ * This authentication provider can be initialised already with some secrets or tokens, and the provider will cache them and use them as needed for
91
+ * as long as they remain valid. If at any point however the provider needs an updated secret or a secret of a different kind it will automatically
92
+ * request this to the {@link SmartAuthProvider} to get the secret.
93
+ *
94
+ * An advantage of using this provider over others is that in case all the cached tokens and secrets were to expire while performing a request,
95
+ * instead of having the request fail the provider will ask for new secrets from the {@link SmartAuthProvider} and the request will automatically
96
+ * be retried with the new secret. Additionally, the provider may request updated secrets also for performing some sensitive operations (e.g. changing
97
+ * password of the user) even if the cached tokens and/or did not expire. This could be the case for example if the cached secret is a long-lived
98
+ * token, but in order to change the password the user needs to provide his current password.
99
+ *
100
+ * Note that in this context the cache of secrets and token is in memory only, and is not persisted in any way. Different instances of this provider
101
+ * will not share the same cache.
102
+ *
103
+ */
104
+ export declare class SmartAuthProvider implements AuthenticationProvider {
105
+ private readonly tokenProvider;
106
+ private readonly groupId;
107
+ /**
108
+ * Initialises a {@link SmartAuthProvider}.
109
+ * @param authApi an "anonymous" {@link IccAuthApi} to use for authentication.
110
+ * @param login
111
+ * @param secretProvider
112
+ * @param props optional initialisation properties.
113
+ */
114
+ static initialise(authApi: IccAuthApi, login: string, secretProvider: AuthSecretProvider, props?: {
115
+ initialSecret?: {
116
+ plainSecret: string;
117
+ } | {
118
+ oauthToken: string;
119
+ oauthType: OAuthThirdParty;
120
+ };
121
+ initialAuthToken?: string;
122
+ initialRefreshToken?: string;
123
+ loginGroupId?: string;
124
+ }): SmartAuthProvider;
125
+ private constructor();
126
+ getAuthService(): AuthService;
127
+ switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider>;
128
+ getIcureTokens(): Promise<{
129
+ token: string;
130
+ refreshToken: string;
131
+ } | undefined>;
132
+ }