@icure/api 8.0.0 → 8.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/icc-api/api/IccUserApi.d.ts +8 -10
- package/icc-api/api/IccUserApi.js +14 -18
- package/icc-api/api/IccUserApi.js.map +1 -1
- package/icc-api/model/Contact.js +4 -0
- package/icc-api/model/Contact.js.map +1 -1
- package/icc-api/model/Content.js +16 -1
- package/icc-api/model/Content.js.map +1 -1
- package/icc-api/model/Measure.d.ts +11 -2
- package/icc-api/model/Measure.js +19 -1
- package/icc-api/model/Measure.js.map +1 -1
- package/icc-api/model/Range.d.ts +5 -0
- package/icc-api/model/Range.js +11 -0
- package/icc-api/model/Range.js.map +1 -0
- package/icc-api/model/ReferenceRange.d.ts +25 -0
- package/icc-api/model/ReferenceRange.js +32 -0
- package/icc-api/model/ReferenceRange.js.map +1 -0
- package/icc-api/model/Service.js +4 -0
- package/icc-api/model/Service.js.map +1 -1
- package/icc-x-api/auth/AuthenticationProvider.js +7 -7
- package/icc-x-api/auth/AuthenticationProvider.js.map +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.d.ts +5 -2
- package/icc-x-api/auth/JwtBridgedAuthService.js +1 -1
- package/icc-x-api/auth/JwtBridgedAuthService.js.map +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js +1 -1
- package/icc-x-api/crypto/ExtendedApisUtilsImpl.js.map +1 -1
- package/icc-x-api/index.d.ts +4 -0
- package/icc-x-api/index.js +3 -2
- package/icc-x-api/index.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import { CodeStub } from "./CodeStub";
|
|
2
|
+
import { Annotation } from "./Annotation";
|
|
3
|
+
import { Range } from "./Range";
|
|
4
|
+
/**
|
|
5
|
+
* Reference range for the measure
|
|
6
|
+
*
|
|
7
|
+
* @export
|
|
8
|
+
* @class ReferenceRange
|
|
9
|
+
*
|
|
10
|
+
* @property {number} low lower bound of the reference range (inclusive)
|
|
11
|
+
* @property {number} high upper bound of the reference range (inclusive)
|
|
12
|
+
* @property {CodeStub[]} tags tags giving additional information about the reference range (e.g. applies to children/adults, male/female, etc.)
|
|
13
|
+
* @property {CodeStub[]} codes codes qualifying the reference range using a codification system (e.g. LOINC)
|
|
14
|
+
* @property {Annotation[]} notes notes giving additional information about the reference range
|
|
15
|
+
* @property {Range} age age range to which the reference range applies
|
|
16
|
+
*/
|
|
17
|
+
export declare class ReferenceRange {
|
|
18
|
+
constructor(json: JSON | any);
|
|
19
|
+
low?: number;
|
|
20
|
+
high?: number;
|
|
21
|
+
tags?: CodeStub[];
|
|
22
|
+
codes?: CodeStub[];
|
|
23
|
+
notes?: Annotation[];
|
|
24
|
+
age?: Range;
|
|
25
|
+
}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ReferenceRange = void 0;
|
|
4
|
+
const CodeStub_1 = require("./CodeStub");
|
|
5
|
+
const Annotation_1 = require("./Annotation");
|
|
6
|
+
const Range_1 = require("./Range");
|
|
7
|
+
/**
|
|
8
|
+
* Reference range for the measure
|
|
9
|
+
*
|
|
10
|
+
* @export
|
|
11
|
+
* @class ReferenceRange
|
|
12
|
+
*
|
|
13
|
+
* @property {number} low lower bound of the reference range (inclusive)
|
|
14
|
+
* @property {number} high upper bound of the reference range (inclusive)
|
|
15
|
+
* @property {CodeStub[]} tags tags giving additional information about the reference range (e.g. applies to children/adults, male/female, etc.)
|
|
16
|
+
* @property {CodeStub[]} codes codes qualifying the reference range using a codification system (e.g. LOINC)
|
|
17
|
+
* @property {Annotation[]} notes notes giving additional information about the reference range
|
|
18
|
+
* @property {Range} age age range to which the reference range applies
|
|
19
|
+
*/
|
|
20
|
+
class ReferenceRange {
|
|
21
|
+
constructor(json) {
|
|
22
|
+
var _a, _b, _c;
|
|
23
|
+
this.low = json === null || json === void 0 ? void 0 : json.low;
|
|
24
|
+
this.high = json === null || json === void 0 ? void 0 : json.high;
|
|
25
|
+
this.tags = (_a = json === null || json === void 0 ? void 0 : json.tags) === null || _a === void 0 ? void 0 : _a.map((tag) => new CodeStub_1.CodeStub(tag));
|
|
26
|
+
this.codes = (_b = json === null || json === void 0 ? void 0 : json.codes) === null || _b === void 0 ? void 0 : _b.map((code) => new CodeStub_1.CodeStub(code));
|
|
27
|
+
this.notes = (_c = json === null || json === void 0 ? void 0 : json.notes) === null || _c === void 0 ? void 0 : _c.map((note) => new Annotation_1.Annotation(note));
|
|
28
|
+
this.age = new Range_1.Range(json === null || json === void 0 ? void 0 : json.age);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
exports.ReferenceRange = ReferenceRange;
|
|
32
|
+
//# sourceMappingURL=ReferenceRange.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ReferenceRange.js","sourceRoot":"","sources":["../../../icc-api/model/ReferenceRange.ts"],"names":[],"mappings":";;;AAAA,yCAAmC;AACnC,6CAAuC;AACvC,mCAA6B;AAE7B;;;;;;;;;;;;GAYG;AACH,MAAa,cAAc;IAEzB,YAAY,IAAgB;;QAC1B,IAAI,CAAC,GAAG,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,CAAA;QACpB,IAAI,CAAC,IAAI,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,CAAA;QACtB,IAAI,CAAC,IAAI,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,0CAAE,GAAG,CAAC,CAAC,GAAe,EAAE,EAAE,CAAC,IAAI,mBAAQ,CAAC,GAAG,CAAC,CAAC,CAAA;QACnE,IAAI,CAAC,KAAK,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,0CAAE,GAAG,CAAC,CAAC,IAAgB,EAAE,EAAE,CAAC,IAAI,mBAAQ,CAAC,IAAI,CAAC,CAAC,CAAA;QACvE,IAAI,CAAC,KAAK,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,0CAAE,GAAG,CAAC,CAAC,IAAgB,EAAE,EAAE,CAAC,IAAI,uBAAU,CAAC,IAAI,CAAC,CAAC,CAAA;QACzE,IAAI,CAAC,GAAG,GAAG,IAAI,aAAK,CAAC,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,CAAC,CAAA;IACjC,CAAC;CAQF;AAjBD,wCAiBC","sourcesContent":["import {CodeStub} from \"./CodeStub\"\nimport {Annotation} from \"./Annotation\"\nimport {Range} from \"./Range\"\n\n/**\n * Reference range for the measure\n *\n * @export\n * @class ReferenceRange\n *\n * @property {number} low lower bound of the reference range (inclusive)\n * @property {number} high upper bound of the reference range (inclusive)\n * @property {CodeStub[]} tags tags giving additional information about the reference range (e.g. applies to children/adults, male/female, etc.)\n * @property {CodeStub[]} codes codes qualifying the reference range using a codification system (e.g. LOINC)\n * @property {Annotation[]} notes notes giving additional information about the reference range\n * @property {Range} age age range to which the reference range applies\n */\nexport class ReferenceRange {\n\n constructor(json: JSON | any) {\n this.low = json?.low\n this.high = json?.high\n this.tags = json?.tags?.map((tag: JSON | any) => new CodeStub(tag))\n this.codes = json?.codes?.map((code: JSON | any) => new CodeStub(code))\n this.notes = json?.notes?.map((note: JSON | any) => new Annotation(note))\n this.age = new Range(json?.age)\n }\n\n low?: number\n high?: number\n tags?: CodeStub[]\n codes?: CodeStub[]\n notes?: Annotation[]\n age?: Range\n}\n"]}
|
package/icc-api/model/Service.js
CHANGED
|
@@ -1,12 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.Service = void 0;
|
|
4
|
+
const Content_1 = require("./Content");
|
|
4
5
|
/**
|
|
5
6
|
* This entity represents a Service. A Service is created in the course a contact. Services include subjective information provided by the patient, such as complaints, reason for visit, feelings, etc. or objective information like bio-metric measures (blood pressure, temperature, heart beat, etc.), or physical exam description, diagnosis, prescription, integration of lab reports from another healthcare party, action plan, etc. Any action performed by the healthcare party which is relevant for the healthcare element of a patient is considered a service. The services can be linked to healthcare elements or other structuring elements of the medical record
|
|
6
7
|
*/
|
|
7
8
|
class Service {
|
|
8
9
|
constructor(json) {
|
|
9
10
|
Object.assign(this, json);
|
|
11
|
+
if (!!this.content) {
|
|
12
|
+
this.content = Object.fromEntries(Object.entries(this.content).map(([key, value]) => [key, new Content_1.Content(value)]));
|
|
13
|
+
}
|
|
10
14
|
}
|
|
11
15
|
}
|
|
12
16
|
exports.Service = Service;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Service.js","sourceRoot":"","sources":["../../../icc-api/model/Service.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"Service.js","sourceRoot":"","sources":["../../../icc-api/model/Service.ts"],"names":[],"mappings":";;;AAaA,uCAAmC;AAMnC;;GAEG;AACH,MAAa,OAAO;IAClB,YAAY,IAAgB;QAC1B,MAAM,CAAC,MAAM,CACX,IAAe,EACf,IAAI,CACL,CAAA;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE;YAClB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,WAAW,CAC/B,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,IAAI,iBAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAC9E,CAAA;SACF;IACH,CAAC;CAoIF;AAhJD,0BAgJC","sourcesContent":["/**\n * iCure Data Stack API Documentation\n * The iCure Data Stack Application API is the native interface to iCure. This version is obsolete, please use v2.\n *\n * OpenAPI spec version: v1\n *\n *\n * NOTE: This class is auto generated by the swagger code generator program.\n * https://github.com/swagger-api/swagger-codegen.git\n * Do not edit the class manually.\n */\nimport { Annotation } from './Annotation'\nimport { CodeStub } from './CodeStub'\nimport { Content } from './Content'\nimport { Delegation } from './Delegation'\nimport { Identifier } from './Identifier'\nimport { SecurityMetadata } from './SecurityMetadata'\nimport { EntityWithDelegationTypeName } from '../../icc-x-api/utils/EntityWithDelegationTypeName'\n\n/**\n * This entity represents a Service. A Service is created in the course a contact. Services include subjective information provided by the patient, such as complaints, reason for visit, feelings, etc. or objective information like bio-metric measures (blood pressure, temperature, heart beat, etc.), or physical exam description, diagnosis, prescription, integration of lab reports from another healthcare party, action plan, etc. Any action performed by the healthcare party which is relevant for the healthcare element of a patient is considered a service. The services can be linked to healthcare elements or other structuring elements of the medical record\n */\nexport class Service {\n constructor(json: JSON | any) {\n Object.assign(\n this as Service,\n json\n )\n\n if (!!this.content) {\n this.content = Object.fromEntries(\n Object.entries(this.content).map(([key, value]) => [key, new Content(value)])\n )\n }\n }\n\n /**\n * The Id of the Service. We encourage using either a v4 UUID or a HL7 Id.\n */\n id?: string\n /**\n * The transactionId is used when a single service had to be split into parts for technical reasons. Several services with the same non null transaction id form one single service\n */\n transactionId?: string\n identifier?: Array<Identifier>\n /**\n * Id of the contact during which the service is provided\n */\n contactId?: string\n /**\n * List of IDs of all sub-contacts that link the service to structural elements. Only used when the Service is emitted outside of its contact\n */\n subContactIds?: Array<string>\n /**\n * List of IDs of all plans of actions (healthcare approaches) as a part of which the Service is provided. Only used when the Service is emitted outside of its contact\n */\n plansOfActionIds?: Array<string>\n /**\n * List of IDs of all healthcare elements for which the service is provided. Only used when the Service is emitted outside of its contact\n */\n healthElementsIds?: Array<string>\n /**\n * List of Ids of all forms linked to the Service. Only used when the Service is emitted outside of its contact.\n */\n formIds?: Array<string>\n /**\n * The secret patient key, encrypted in the patient document, in clear here.\n */\n secretForeignKeys?: Array<string>\n /**\n * The public patient key, encrypted here for separate Crypto Actors.\n */\n cryptedForeignKeys?: { [key: string]: Array<Delegation> }\n /**\n * The delegations giving access to connected healthcare information.\n */\n delegations?: { [key: string]: Array<Delegation> }\n /**\n * The contact secret encryption key used to encrypt the secured properties (like services for example), encrypted for separate Crypto Actors.\n */\n encryptionKeys?: { [key: string]: Array<Delegation> }\n /**\n * Description / Unambiguous qualification (LOINC code) of the type of information contained in the service. Could be a code to qualify temperature, complaint, diagnostic, ...\n */\n label?: string\n dataClassName?: string\n /**\n * Used for sorting services inside an upper object (A contact, a transaction, a FHIR bundle, ...)\n */\n index?: number\n /**\n * Information contained in the service. Content is localized, using ISO language code as key\n */\n content?: { [key: string]: Content }\n encryptedContent?: string\n textIndexes?: { [key: string]: string }\n /**\n * The date (YYYYMMDDhhmmss) when the Service is noted to have started and also closes on the same date\n */\n valueDate?: number\n /**\n * The date (YYYYMMDDhhmmss) of the start of the Service\n */\n openingDate?: number\n /**\n * The date (YYYYMMDDhhmmss) marking the end of the Service\n */\n closingDate?: number\n /**\n * Id of the form used during the Service\n */\n formId?: string\n /**\n * The timestamp (unix epoch in ms) of creation of this entity, will be filled automatically if missing. Not enforced by the application server.\n */\n created?: number\n /**\n * The date (unix epoch in ms) of the latest modification of this entity, will be filled automatically if missing. Not enforced by the application server.\n */\n modified?: number\n /**\n * Soft delete (unix epoch in ms) timestamp of the object.\n */\n endOfLife?: number\n /**\n * The id of the User that has created this entity, will be filled automatically if missing. Not enforced by the application server.\n */\n author?: string\n /**\n * The id of the HealthcareParty that is responsible for this entity, will be filled automatically if missing. Not enforced by the application server.\n */\n responsible?: string\n /**\n * The id of the medical location where this entity was created.\n */\n medicalLocationId?: string\n /**\n * Text, comments on the Service provided\n */\n comment?: string\n status?: number\n /**\n * List of invoicing codes\n */\n invoicingCodes?: Array<string>\n /**\n * Comments - Notes recorded by a HCP about this service\n */\n notes?: Array<Annotation>\n /**\n * Links towards related services (possibly in other contacts)\n */\n qualifiedLinks?: { [key: string]: { [key: string]: string } }\n /**\n * A code is an item from a codification system that qualifies the content of this entity. SNOMED-CT, ICPC-2 or ICD-10 codifications systems can be used for codes\n */\n codes?: Array<CodeStub>\n /**\n * A tag is an item from a codification system that qualifies an entity as being member of a certain class, whatever the value it might have taken. If the tag qualifies the content of a field, it means that whatever the content of the field, the tag will always apply. For example, the label of a field is qualified using a tag. LOINC is a codification system typically used for tags.\n */\n tags?: Array<CodeStub>\n /**\n * The base64 encoded data of this object, formatted as JSON and encrypted in AES using the random master key from encryptionKeys.\n */\n encryptedSelf?: string\n securityMetadata?: SecurityMetadata\n}\n"]}
|
|
@@ -21,7 +21,7 @@ class EnsembleAuthenticationProvider {
|
|
|
21
21
|
this.username = username;
|
|
22
22
|
this.password = password;
|
|
23
23
|
this.jwtTimeout = jwtTimeout;
|
|
24
|
-
this.jwtAuth = jwtAuth !== null && jwtAuth !== void 0 ? jwtAuth : new JwtBridgedAuthService_1.JwtBridgedAuthService(this.authApi, this.username, this.password);
|
|
24
|
+
this.jwtAuth = jwtAuth !== null && jwtAuth !== void 0 ? jwtAuth : new JwtBridgedAuthService_1.JwtBridgedAuthService(this.authApi, this.username, this.password, thirdPartyTokens, undefined);
|
|
25
25
|
this.basicAuth = basicAuth !== null && basicAuth !== void 0 ? basicAuth : new BasicAuthService_1.BasicAuthService(this.username, this.password);
|
|
26
26
|
}
|
|
27
27
|
getIcureTokens() {
|
|
@@ -32,7 +32,7 @@ class EnsembleAuthenticationProvider {
|
|
|
32
32
|
// but it will not use it until the suspension ends
|
|
33
33
|
if (this.jwtAuth.isInErrorState()) {
|
|
34
34
|
console.warn('Error state in JWT, I will skip it');
|
|
35
|
-
this.jwtAuth = new JwtBridgedAuthService_1.JwtBridgedAuthService(this.authApi, this.username, this.password);
|
|
35
|
+
this.jwtAuth = new JwtBridgedAuthService_1.JwtBridgedAuthService(this.authApi, this.username, this.password, {}, undefined);
|
|
36
36
|
this.suspensionEnd = new Date(new Date().getTime() + this.jwtTimeout * 1000);
|
|
37
37
|
}
|
|
38
38
|
return !!this.suspensionEnd && new Date() <= this.suspensionEnd
|
|
@@ -64,10 +64,10 @@ class JwtAuthenticationProvider {
|
|
|
64
64
|
this.username = username;
|
|
65
65
|
this.password = password;
|
|
66
66
|
this.icureToken = icureToken;
|
|
67
|
-
const composedAuth = jwtAuth !== null && jwtAuth !== void 0 ? jwtAuth : (
|
|
68
|
-
? new
|
|
69
|
-
:
|
|
70
|
-
? new
|
|
67
|
+
const composedAuth = jwtAuth !== null && jwtAuth !== void 0 ? jwtAuth : (!!username && !!password
|
|
68
|
+
? new JwtBridgedAuthService_1.JwtBridgedAuthService(authApi, username, password, {}, icureToken ? { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken } : undefined)
|
|
69
|
+
: icureToken
|
|
70
|
+
? new JwtAuthService_1.JwtAuthService(authApi, { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken })
|
|
71
71
|
: undefined);
|
|
72
72
|
if (!composedAuth) {
|
|
73
73
|
throw new Error('No authentication method provided');
|
|
@@ -137,7 +137,7 @@ function switchJwtAuth(authApi, jwtAuth, username, password, newGroupId, matches
|
|
|
137
137
|
const switchedJwtInfo = refreshToken ? yield authApi.switchGroup(refreshToken, newGroupId).catch(() => undefined) : undefined;
|
|
138
138
|
const updatedLogin = loginForGroup(newGroupId, matches);
|
|
139
139
|
const switchedJwtAuth = !!username && !!password
|
|
140
|
-
? new JwtBridgedAuthService_1.JwtBridgedAuthService(authApi, updatedLogin, password, (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.token) && (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.refreshToken)
|
|
140
|
+
? new JwtBridgedAuthService_1.JwtBridgedAuthService(authApi, updatedLogin, password, {}, (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.token) && (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.refreshToken)
|
|
141
141
|
? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }
|
|
142
142
|
: undefined)
|
|
143
143
|
: new JwtAuthService_1.JwtAuthService(authApi, (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.token) && (switchedJwtInfo === null || switchedJwtInfo === void 0 ? void 0 : switchedJwtInfo.refreshToken)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthenticationProvider.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthenticationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,+DAA2D;AAC3D,mEAA+D;AAC/D,mDAA+C;AAC/C,yDAAqD;AACrD,qDAAiD;AA0BjD,MAAa,8BAA8B;IAKzC,YACmB,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,aAAqB,IAAI,EAC1C,OAAgD,EAChD,SAA4B,EAC5B,mBAAqD,EAAE;QANtC,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,eAAU,GAAV,UAAU,CAAe;QAK1C,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC/F,IAAI,CAAC,SAAS,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAClF,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAED,cAAc;QACZ,kEAAkE;QAClE,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE;YACjC,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAA;YAClD,IAAI,CAAC,OAAO,GAAG,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;YACpF,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;SAC7E;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,aAAa;YAC7D,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC;YACpE,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IAChF,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,8BAA8B,CACvC,IAAI,CAAC,OAAO,EACZ,UAAU,CAAC,aAAa,EACxB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,UAAU,EACf,UAAU,CAAC,eAAe,EAC1B,IAAI,mCAAgB,CAAC,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAC9D,CAAA;QACH,CAAC;KAAA;CACF;AA/CD,wEA+CC;AAED,MAAa,yBAAyB;IACpC,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAID;;;;;;;OAOG;IACH,YACmB,OAAmB,EACnB,QAAiB,EACjB,QAAiB,EAClC,OAAgD,EAC/B,UAAoD;QAJpD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAS;QACjB,aAAQ,GAAR,QAAQ,CAAS;QAEjB,eAAU,GAAV,UAAU,CAA0C;QAErE,MAAM,YAAY,GAChB,OAAO,aAAP,OAAO,cAAP,OAAO,GACP,CAAC,UAAU;YACT,CAAC,CAAC,IAAI,+BAAc,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,YAAY,EAAE,CAAC;YACjG,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;gBAC1B,CAAC,CAAC,IAAI,6CAAqB,CAAC,OAAO,EAAE,QAAS,EAAE,QAAS,CAAC;gBAC1D,CAAC,CAAC,SAAS,CAAC,CAAA;QAChB,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;SACrD;QACD,IAAI,CAAC,OAAO,GAAG,YAAY,CAAA;IAC7B,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;QACzH,CAAC;KAAA;CACF;AA3CD,8DA2CC;AAED,MAAa,2BAA2B;IACtC,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAED,YAAoB,QAAgB,EAAU,QAAgB;QAA1C,aAAQ,GAAR,QAAQ,CAAQ;QAAU,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAElE,cAAc;QACZ,OAAO,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAC3D,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,2BAA2B,CAAC,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;CACF;AAdD,kEAcC;AAED,MAAa,wBAAwB;IACnC,cAAc;QACZ,OAAO,IAAI,6BAAa,EAAE,CAAA;IAC5B,CAAC;IAED,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,wBAAwB,EAAE,CAAC,CAAA;QACxD,CAAC;KAAA;CACF;AAZD,4DAYC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,OAAyB;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAA;IAChE,IAAI,CAAC,CAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,MAAM,CAAA,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,wBAAwB,CAAC,CAAA;KAC1E;IACD,OAAO,GAAG,OAAO,IAAI,aAAa,CAAC,MAAM,EAAE,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,SAAe,aAAa,CAC1B,OAAmB,EACnB,OAA+C,EAC/C,QAA4B,EAC5B,QAA4B,EAC5B,UAAkB,EAClB,OAAyB;;QAEzB,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,YAAY,CAAA;QACtF,MAAM,eAAe,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpI,MAAM,YAAY,GAAG,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QACvD,MAAM,eAAe,GACnB,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;YACtB,CAAC,CAAC,IAAI,6CAAqB,CACvB,OAAO,EACP,YAAY,EACZ,QAAQ,EACR,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd;YACH,CAAC,CAAC,IAAI,+BAAc,CAChB,OAAO,EACP,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd,CAAA;QACP,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,CAAA;IACzD,CAAC;CAAA","sourcesContent":["import { AuthService } from './AuthService'\nimport { IccAuthApi } from '../../icc-api'\nimport { EnsembleAuthService } from './EnsembleAuthService'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport { JwtAuthService } from './JwtAuthService'\nimport { UserGroup } from '../../icc-api/model/UserGroup'\n\n/**\n * @internal you should not implement this interface yourself.\n */\nexport interface AuthenticationProvider {\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n */\n getAuthService(): AuthService\n\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n * Gives a new authentication provider for the same user and authentication method but for a different iCure group\n * @param newGroupId id of the new group to switch to\n * @param matches the list of groups the user is in, containing also the group-specific id of the user. Note that users with same login username but\n * different password are considered as if they are different users and should not appear in these matches. You can get this list by calling\n * {@link IccUserApi.getMatchingUsers} authenticated.\n * @return a new authentication provider\n */\n switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider>\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined>\n}\n\nexport class EnsembleAuthenticationProvider implements AuthenticationProvider {\n private readonly basicAuth: BasicAuthService\n private jwtAuth: JwtAuthService | JwtBridgedAuthService\n private suspensionEnd: Date | undefined\n\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username: string,\n private readonly password: string,\n private readonly jwtTimeout: number = 3600,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n basicAuth?: BasicAuthService,\n thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {\n this.jwtAuth = jwtAuth ?? new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.basicAuth = basicAuth ?? new BasicAuthService(this.username, this.password)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n getAuthService(): AuthService {\n // If the jwtAuth is in an error state, it instantiates a new one,\n // but it will not use it until the suspension ends\n if (this.jwtAuth.isInErrorState()) {\n console.warn('Error state in JWT, I will skip it')\n this.jwtAuth = new JwtBridgedAuthService(this.authApi, this.username, this.password)\n this.suspensionEnd = new Date(new Date().getTime() + this.jwtTimeout * 1000)\n }\n\n return !!this.suspensionEnd && new Date() <= this.suspensionEnd\n ? new EnsembleAuthService(null, new NoAuthService(), this.basicAuth)\n : new EnsembleAuthService(this.jwtAuth, new NoAuthService(), this.basicAuth)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new EnsembleAuthenticationProvider(\n this.authApi,\n switchInfo.loginForGroup,\n this.password,\n this.jwtTimeout,\n switchInfo.switchedJwtAuth,\n new BasicAuthService(switchInfo.loginForGroup, this.password)\n )\n }\n}\n\nexport class JwtAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n private readonly jwtAuth: JwtAuthService | JwtBridgedAuthService\n\n /**\n * @internal\n * @param authApi\n * @param username\n * @param password\n * @param jwtAuth\n * @param icureToken\n */\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username?: string,\n private readonly password?: string,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n private readonly icureToken?: { token: string; refreshToken: string }\n ) {\n const composedAuth =\n jwtAuth ??\n (icureToken\n ? new JwtAuthService(authApi, { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken })\n : !!username && !!password\n ? new JwtBridgedAuthService(authApi, username!, password!)\n : undefined)\n if (!composedAuth) {\n throw new Error('No authentication method provided')\n }\n this.jwtAuth = composedAuth\n }\n\n getAuthService(): AuthService {\n return this.jwtAuth\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new JwtAuthenticationProvider(this.authApi, switchInfo.loginForGroup, this.password, switchInfo.switchedJwtAuth)\n }\n}\n\nexport class BasicAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n constructor(private username: string, private password: string) {}\n\n getAuthService(): AuthService {\n return new BasicAuthService(this.username, this.password)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new BasicAuthenticationProvider(loginForGroup(newGroupId, matches), this.password))\n }\n}\n\nexport class NoAuthenticationProvider implements AuthenticationProvider {\n getAuthService(): AuthService {\n return new NoAuthService()\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new NoAuthenticationProvider())\n }\n}\n\n/**\n * @internal\n */\nfunction loginForGroup(groupId: string, matches: Array<UserGroup>): string {\n const matchForGroup = matches.find((x) => x.groupId === groupId)\n if (!matchForGroup?.userId) {\n throw new Error(`Can't switch to group ${groupId} for the current user.`)\n }\n return `${groupId}/${matchForGroup.userId}`\n}\n\n/**\n * @internal\n * Creates a jwtAuth from an existing one in order to switch group\n */\nasync function switchJwtAuth(\n authApi: IccAuthApi,\n jwtAuth: JwtAuthService | JwtBridgedAuthService,\n username: string | undefined,\n password: string | undefined,\n newGroupId: string,\n matches: Array<UserGroup>\n): Promise<{ loginForGroup: string; switchedJwtAuth: JwtAuthService | JwtBridgedAuthService }> {\n const refreshToken = jwtAuth.isInErrorState() ? undefined : await jwtAuth.refreshToken\n const switchedJwtInfo = refreshToken ? await authApi.switchGroup(refreshToken, newGroupId).catch(() => undefined as any) : undefined\n const updatedLogin = loginForGroup(newGroupId, matches)\n const switchedJwtAuth =\n !!username && !!password\n ? new JwtBridgedAuthService(\n authApi,\n updatedLogin,\n password,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n : new JwtAuthService(\n authApi,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n return { loginForGroup: updatedLogin, switchedJwtAuth }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"AuthenticationProvider.js","sourceRoot":"","sources":["../../../icc-x-api/auth/AuthenticationProvider.ts"],"names":[],"mappings":";;;;;;;;;;;;AAEA,+DAA2D;AAC3D,mEAA+D;AAC/D,mDAA+C;AAC/C,yDAAqD;AACrD,qDAAiD;AA0BjD,MAAa,8BAA8B;IAKzC,YACmB,OAAmB,EACnB,QAAgB,EAChB,QAAgB,EAChB,aAAqB,IAAI,EAC1C,OAAgD,EAChD,SAA4B,EAC5B,mBAAqD,EAAE;QANtC,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,eAAU,GAAV,UAAU,CAAe;QAK1C,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,gBAAgB,EAAE,SAAS,CAAC,CAAA;QAC5H,IAAI,CAAC,SAAS,GAAG,SAAS,aAAT,SAAS,cAAT,SAAS,GAAI,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAClF,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAED,cAAc;QACZ,kEAAkE;QAClE,mDAAmD;QACnD,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE;YACjC,OAAO,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAA;YAClD,IAAI,CAAC,OAAO,GAAG,IAAI,6CAAqB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,EAAE,EAAE,SAAS,CAAC,CAAA;YACnG,IAAI,CAAC,aAAa,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,CAAA;SAC7E;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,aAAa;YAC7D,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC;YACpE,CAAC,CAAC,IAAI,yCAAmB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,6BAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;IAChF,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,8BAA8B,CACvC,IAAI,CAAC,OAAO,EACZ,UAAU,CAAC,aAAa,EACxB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,UAAU,EACf,UAAU,CAAC,eAAe,EAC1B,IAAI,mCAAgB,CAAC,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,CAAC,CAC9D,CAAA;QACH,CAAC;KAAA;CACF;AA/CD,wEA+CC;AAED,MAAa,yBAAyB;IACpC,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAA;IACtC,CAAC;IAID;;;;;;;OAOG;IACH,YACmB,OAAmB,EACnB,QAAiB,EACjB,QAAiB,EAClC,OAAgD,EAC/B,UAAoD;QAJpD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAS;QACjB,aAAQ,GAAR,QAAQ,CAAS;QAEjB,eAAU,GAAV,UAAU,CAA0C;QAErE,MAAM,YAAY,GAChB,OAAO,aAAP,OAAO,cAAP,OAAO,GACP,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;YACvB,CAAC,CAAC,IAAI,6CAAqB,CACvB,OAAO,EACP,QAAS,EACT,QAAS,EACT,EAAE,EACF,UAAU,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,SAAS,CAC5F;YACH,CAAC,CAAC,UAAU;gBACZ,CAAC,CAAC,IAAI,+BAAc,CAAC,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,YAAY,EAAE,CAAC;gBACjG,CAAC,CAAC,SAAS,CAAC,CAAA;QAChB,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAA;SACrD;QACD,IAAI,CAAC,OAAO,GAAG,YAAY,CAAA;IAC7B,CAAC;IAED,cAAc;QACZ,OAAO,IAAI,CAAC,OAAO,CAAA;IACrB,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAA;YACrH,OAAO,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,aAAa,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,eAAe,CAAC,CAAA;QACzH,CAAC;KAAA;CACF;AAjDD,8DAiDC;AAED,MAAa,2BAA2B;IACtC,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAED,YAAoB,QAAgB,EAAU,QAAgB;QAA1C,aAAQ,GAAR,QAAQ,CAAQ;QAAU,aAAQ,GAAR,QAAQ,CAAQ;IAAG,CAAC;IAElE,cAAc;QACZ,OAAO,IAAI,mCAAgB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAA;IAC3D,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,2BAA2B,CAAC,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;QAC5G,CAAC;KAAA;CACF;AAdD,kEAcC;AAED,MAAa,wBAAwB;IACnC,cAAc;QACZ,OAAO,IAAI,6BAAa,EAAE,CAAA;IAC5B,CAAC;IAED,cAAc;QACZ,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;IAChD,CAAC;IAEK,WAAW,CAAC,UAAkB,EAAE,OAAyB;;YAC7D,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,wBAAwB,EAAE,CAAC,CAAA;QACxD,CAAC;KAAA;CACF;AAZD,4DAYC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,OAAyB;IAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAA;IAChE,IAAI,CAAC,CAAA,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,MAAM,CAAA,EAAE;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,wBAAwB,CAAC,CAAA;KAC1E;IACD,OAAO,GAAG,OAAO,IAAI,aAAa,CAAC,MAAM,EAAE,CAAA;AAC7C,CAAC;AAED;;;GAGG;AACH,SAAe,aAAa,CAC1B,OAAmB,EACnB,OAA+C,EAC/C,QAA4B,EAC5B,QAA4B,EAC5B,UAAkB,EAClB,OAAyB;;QAEzB,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,YAAY,CAAA;QACtF,MAAM,eAAe,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,OAAO,CAAC,WAAW,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAgB,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpI,MAAM,YAAY,GAAG,aAAa,CAAC,UAAU,EAAE,OAAO,CAAC,CAAA;QACvD,MAAM,eAAe,GACnB,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ;YACtB,CAAC,CAAC,IAAI,6CAAqB,CACvB,OAAO,EACP,YAAY,EACZ,QAAQ,EACR,EAAE,EACF,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd;YACH,CAAC,CAAC,IAAI,+BAAc,CAChB,OAAO,EACP,CAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,KAAK,MAAI,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,YAAY,CAAA;gBACrD,CAAC,CAAC,EAAE,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,UAAU,EAAE,eAAe,CAAC,YAAY,EAAE;gBAC9E,CAAC,CAAC,SAAS,CACd,CAAA;QACP,OAAO,EAAE,aAAa,EAAE,YAAY,EAAE,eAAe,EAAE,CAAA;IACzD,CAAC;CAAA","sourcesContent":["import { AuthService } from './AuthService'\nimport { IccAuthApi } from '../../icc-api'\nimport { EnsembleAuthService } from './EnsembleAuthService'\nimport { JwtBridgedAuthService } from './JwtBridgedAuthService'\nimport { NoAuthService } from './NoAuthService'\nimport { BasicAuthService } from './BasicAuthService'\nimport { JwtAuthService } from './JwtAuthService'\nimport { UserGroup } from '../../icc-api/model/UserGroup'\n\n/**\n * @internal you should not implement this interface yourself.\n */\nexport interface AuthenticationProvider {\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n */\n getAuthService(): AuthService\n\n /**\n * @internal this method is meant for internal use only and may be changed without notice\n * Gives a new authentication provider for the same user and authentication method but for a different iCure group\n * @param newGroupId id of the new group to switch to\n * @param matches the list of groups the user is in, containing also the group-specific id of the user. Note that users with same login username but\n * different password are considered as if they are different users and should not appear in these matches. You can get this list by calling\n * {@link IccUserApi.getMatchingUsers} authenticated.\n * @return a new authentication provider\n */\n switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider>\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined>\n}\n\nexport class EnsembleAuthenticationProvider implements AuthenticationProvider {\n private readonly basicAuth: BasicAuthService\n private jwtAuth: JwtAuthService | JwtBridgedAuthService\n private suspensionEnd: Date | undefined\n\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username: string,\n private readonly password: string,\n private readonly jwtTimeout: number = 3600,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n basicAuth?: BasicAuthService,\n thirdPartyTokens: { [thirdParty: string]: string } = {}\n ) {\n this.jwtAuth = jwtAuth ?? new JwtBridgedAuthService(this.authApi, this.username, this.password, thirdPartyTokens, undefined)\n this.basicAuth = basicAuth ?? new BasicAuthService(this.username, this.password)\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n getAuthService(): AuthService {\n // If the jwtAuth is in an error state, it instantiates a new one,\n // but it will not use it until the suspension ends\n if (this.jwtAuth.isInErrorState()) {\n console.warn('Error state in JWT, I will skip it')\n this.jwtAuth = new JwtBridgedAuthService(this.authApi, this.username, this.password, {}, undefined)\n this.suspensionEnd = new Date(new Date().getTime() + this.jwtTimeout * 1000)\n }\n\n return !!this.suspensionEnd && new Date() <= this.suspensionEnd\n ? new EnsembleAuthService(null, new NoAuthService(), this.basicAuth)\n : new EnsembleAuthService(this.jwtAuth, new NoAuthService(), this.basicAuth)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new EnsembleAuthenticationProvider(\n this.authApi,\n switchInfo.loginForGroup,\n this.password,\n this.jwtTimeout,\n switchInfo.switchedJwtAuth,\n new BasicAuthService(switchInfo.loginForGroup, this.password)\n )\n }\n}\n\nexport class JwtAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.jwtAuth.getIcureTokens()\n }\n\n private readonly jwtAuth: JwtAuthService | JwtBridgedAuthService\n\n /**\n * @internal\n * @param authApi\n * @param username\n * @param password\n * @param jwtAuth\n * @param icureToken\n */\n constructor(\n private readonly authApi: IccAuthApi,\n private readonly username?: string,\n private readonly password?: string,\n jwtAuth?: JwtAuthService | JwtBridgedAuthService,\n private readonly icureToken?: { token: string; refreshToken: string }\n ) {\n const composedAuth =\n jwtAuth ??\n (!!username && !!password\n ? new JwtBridgedAuthService(\n authApi,\n username!,\n password!,\n {},\n icureToken ? { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken } : undefined\n )\n : icureToken\n ? new JwtAuthService(authApi, { authJwt: icureToken.token, refreshJwt: icureToken.refreshToken })\n : undefined)\n if (!composedAuth) {\n throw new Error('No authentication method provided')\n }\n this.jwtAuth = composedAuth\n }\n\n getAuthService(): AuthService {\n return this.jwtAuth\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n const switchInfo = await switchJwtAuth(this.authApi, this.jwtAuth, this.username, this.password, newGroupId, matches)\n return new JwtAuthenticationProvider(this.authApi, switchInfo.loginForGroup, this.password, switchInfo.switchedJwtAuth)\n }\n}\n\nexport class BasicAuthenticationProvider implements AuthenticationProvider {\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n constructor(private username: string, private password: string) {}\n\n getAuthService(): AuthService {\n return new BasicAuthService(this.username, this.password)\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new BasicAuthenticationProvider(loginForGroup(newGroupId, matches), this.password))\n }\n}\n\nexport class NoAuthenticationProvider implements AuthenticationProvider {\n getAuthService(): AuthService {\n return new NoAuthService()\n }\n\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return Promise.resolve() as Promise<undefined>\n }\n\n async switchGroup(newGroupId: string, matches: Array<UserGroup>): Promise<AuthenticationProvider> {\n return Promise.resolve(new NoAuthenticationProvider())\n }\n}\n\n/**\n * @internal\n */\nfunction loginForGroup(groupId: string, matches: Array<UserGroup>): string {\n const matchForGroup = matches.find((x) => x.groupId === groupId)\n if (!matchForGroup?.userId) {\n throw new Error(`Can't switch to group ${groupId} for the current user.`)\n }\n return `${groupId}/${matchForGroup.userId}`\n}\n\n/**\n * @internal\n * Creates a jwtAuth from an existing one in order to switch group\n */\nasync function switchJwtAuth(\n authApi: IccAuthApi,\n jwtAuth: JwtAuthService | JwtBridgedAuthService,\n username: string | undefined,\n password: string | undefined,\n newGroupId: string,\n matches: Array<UserGroup>\n): Promise<{ loginForGroup: string; switchedJwtAuth: JwtAuthService | JwtBridgedAuthService }> {\n const refreshToken = jwtAuth.isInErrorState() ? undefined : await jwtAuth.refreshToken\n const switchedJwtInfo = refreshToken ? await authApi.switchGroup(refreshToken, newGroupId).catch(() => undefined as any) : undefined\n const updatedLogin = loginForGroup(newGroupId, matches)\n const switchedJwtAuth =\n !!username && !!password\n ? new JwtBridgedAuthService(\n authApi,\n updatedLogin,\n password,\n {},\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n : new JwtAuthService(\n authApi,\n switchedJwtInfo?.token && switchedJwtInfo?.refreshToken\n ? { authJwt: switchedJwtInfo.token, refreshJwt: switchedJwtInfo.refreshToken }\n : undefined\n )\n return { loginForGroup: updatedLogin, switchedJwtAuth }\n}\n"]}
|
|
@@ -12,9 +12,12 @@ export declare class JwtBridgedAuthService implements AuthService {
|
|
|
12
12
|
private thirdPartyTokens;
|
|
13
13
|
private _error;
|
|
14
14
|
private _currentPromise;
|
|
15
|
-
constructor(authApi: IccAuthApi, username: string | undefined, password: string | undefined, thirdPartyTokens
|
|
15
|
+
constructor(authApi: IccAuthApi, username: string | undefined, password: string | undefined, thirdPartyTokens: {
|
|
16
16
|
[thirdParty: string]: string;
|
|
17
|
-
}
|
|
17
|
+
}, initialJwt: {
|
|
18
|
+
authJwt: string;
|
|
19
|
+
refreshJwt: string;
|
|
20
|
+
} | undefined);
|
|
18
21
|
get refreshToken(): Promise<string | undefined>;
|
|
19
22
|
getIcureTokens(): Promise<{
|
|
20
23
|
token: string;
|
|
@@ -18,7 +18,7 @@ var XHRError = XHR_1.XHR.XHRError;
|
|
|
18
18
|
* Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired
|
|
19
19
|
*/
|
|
20
20
|
class JwtBridgedAuthService {
|
|
21
|
-
constructor(authApi, username, password, thirdPartyTokens = {}) {
|
|
21
|
+
constructor(authApi, username, password, thirdPartyTokens = {}, initialJwt) {
|
|
22
22
|
this.authApi = authApi;
|
|
23
23
|
this.username = username;
|
|
24
24
|
this.password = password;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAA4B,EAC5B,QAA4B,EAC5B,mBAAqD,EAAE;
|
|
1
|
+
{"version":3,"file":"JwtBridgedAuthService.js","sourceRoot":"","sources":["../../../icc-x-api/auth/JwtBridgedAuthService.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,+CAA2C;AAE3C,2EAAuE;AAEvE,oCAA8B;AAE9B,IAAO,QAAQ,GAAG,SAAG,CAAC,QAAQ,CAAA;AAE9B;;GAEG;AACH,MAAa,qBAAqB;IAIhC,YACU,OAAmB,EACnB,QAA4B,EAC5B,QAA4B,EAC5B,mBAAqD,EAAE,EAC/D,UAA+D;QAJvD,YAAO,GAAP,OAAO,CAAY;QACnB,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,aAAQ,GAAR,QAAQ,CAAoB;QAC5B,qBAAgB,GAAhB,gBAAgB,CAAuC;QAPzD,WAAM,GAAiB,IAAI,CAAA;QAC3B,oBAAe,GAAuD,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;IAQ9F,CAAC;IAEJ,IAAI,YAAY;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAiB,CAAC,CAAA;IAC9D,CAAC;IACD,cAAc;QACZ,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAQ,EAAE,YAAY,EAAE,UAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IACnJ,CAAC;IAEK,MAAM;;YACV,OAAO,IAAI,CAAC,eAAe;iBACxB,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,EAAE;oBACpD,+CAA+C;oBAC/C,6CAA6C;oBAE7C,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,aAAa,EAAE,EAAE;wBAC7E,6BAA6B;wBAC7B,iCAAiC;wBACjC,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE;4BAC1B,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAA;yBACnF;wBAED,OAAO,aAAa,CAAA;oBACtB,CAAC,CAAC,CAAA;iBACH;qBAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE;oBACxB,MAAM,IAAI,CAAC,MAAM,CAAA;iBAClB;gBACD,OAAO,IAAI,CAAC,eAAe,CAAA;YAC7B,CAAC,CAAC;iBACD,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;gBACpB,OAAO,OAAO,CAAA;YAChB,CAAC,CAAC,CAAA;QACN,CAAC;KAAA;IAEK,cAAc;;YAClB,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;gBACpC,OAAO,CAAC,IAAI,SAAG,CAAC,MAAM,CAAC,eAAe,EAAE,UAAU,OAAO,EAAE,CAAC,CAAC,CAAA;YAC/D,CAAC,CAAC,CAAA;QACJ,CAAC;KAAA;IAEa,eAAe,CAAC,UAA8B;;YAC1D,gEAAgE;YAChE,yBAAyB;YACzB,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE;gBAC1D,OAAO,IAAI,CAAC,kBAAkB,EAAE,CAAA;aACjC;iBAAM;gBACL,OAAO,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;oBAClF,OAAO,EAAE,eAAe,CAAC,KAAK;oBAC9B,UAAU,EAAE,UAAU;iBACvB,CAAC,CAAC,CAAA;aACJ;QACH,CAAC;KAAA;IAEa,kBAAkB;;YAC9B,IAAI,YAAgD,CAAA;YACpD,IAAI,UAAgC,CAAA;YACpC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE;gBAClC,IAAI;oBACF,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CACrC,IAAI,mCAAgB,CAAC;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;qBACxB,CAAC,CACH,CAAA;iBACF;gBAAC,OAAO,CAAC,EAAE;oBACV,UAAU,GAAG,CAAa,CAAA;iBAC3B;aACF;YACD,IAAI,CAAC,YAAY,EAAE;gBACjB,YAAY,GAAG,MAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAiC,CAAC,MAAM,CAAC,CAAO,GAAG,EAAE,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE;oBACpI,MAAM,IAAI,GAAG,MAAM,GAAG,CAAA;oBACtB,OAAO,CACL,IAAI,aAAJ,IAAI,cAAJ,IAAI,GACJ,CAAC,KAAK;wBACJ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnE,IAAI,CAAC,UAAU,EAAE;gCACf,UAAU,GAAG,CAAa,CAAA;6BAC3B;4BACD,OAAO,OAAO,CAAC,OAAO,EAAwB,CAAA;wBAChD,CAAC,CAAC;wBACJ,CAAC,CAAC,SAAS,CAAC,CACf,CAAA;gBACH,CAAC,CAAA,EAAE,OAAO,CAAC,OAAO,EAAiD,CAAC,CAAA;aACrE;YAED,IAAI,CAAC,YAAY,EAAE;gBACjB,IAAI,UAAU;oBAAE,MAAM,UAAU,CAAA;gBAChC,MAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,eAAe,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,OAAO,EAAE,CAAC,CAAA;aAC5E;YAED,OAAO;gBACL,OAAO,EAAE,YAAY,CAAC,KAAK;gBAC3B,UAAU,EAAE,YAAY,CAAC,YAAY;aACtC,CAAA;QACH,CAAC;KAAA;IAEO,sBAAsB,CAAC,GAAW;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC5B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE;YACtB,OAAO,IAAI,CAAA;SACZ;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC5C,mGAAmG;QACnG,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,KAAK,CAAA;IACpF,CAAC;IAEO,aAAa,CAAC,aAAqB;QACzC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,WAAG,EAAC,aAAa,CAAC,CAAC,CAAA;IACvC,CAAC;IAED,gBAAgB,CAAC,KAAY;QAC3B,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,cAAc;QACZ,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAA;IACtB,CAAC;CACF;AAhID,sDAgIC","sourcesContent":["import { AuthService } from './AuthService'\nimport { XHR } from '../../icc-api/api/XHR'\nimport { IccAuthApi, OAuthThirdParty } from '../../icc-api'\nimport { LoginCredentials } from '../../icc-api/model/LoginCredentials'\nimport Header = XHR.Header\nimport { a2b } from '../utils'\nimport { AuthenticationResponse } from '../../icc-api/model/AuthenticationResponse'\nimport XHRError = XHR.XHRError\n\n/**\n * Differs from JwtAuthService in that it can create new refresh tokens if the old one is expired\n */\nexport class JwtBridgedAuthService implements AuthService {\n private _error: Error | null = null\n private _currentPromise: Promise<{ authJwt?: string; refreshJwt?: string }> = Promise.resolve({})\n\n constructor(\n private authApi: IccAuthApi,\n private username: string | undefined,\n private password: string | undefined,\n private thirdPartyTokens: { [thirdParty: string]: string } = {},\n initialJwt: { authJwt: string; refreshJwt: string } | undefined\n ) {}\n\n get refreshToken(): Promise<string | undefined> {\n return this._currentPromise.then((x) => x.refreshJwt as any)\n }\n getIcureTokens(): Promise<{ token: string; refreshToken: string } | undefined> {\n return this.getAuthHeaders().then(() => this._currentPromise.then(({ authJwt, refreshJwt }) => ({ token: authJwt!, refreshToken: refreshJwt! })))\n }\n\n async getJWT(): Promise<string | undefined> {\n return this._currentPromise\n .then(({ authJwt, refreshJwt }) => {\n if (!authJwt || this._isJwtInvalidOrExpired(authJwt)) {\n // If it does not have the JWT, tries to get it\n // If the JWT is expired, tries to refresh it\n\n this._currentPromise = this._refreshAuthJwt(refreshJwt).then((updatedTokens) => {\n // If here the token is null,\n // it goes in a suspension status\n if (!updatedTokens.authJwt) {\n throw new Error('Your iCure back-end version does not support JWT authentication')\n }\n\n return updatedTokens\n })\n } else if (!!this._error) {\n throw this._error\n }\n return this._currentPromise\n })\n .then(({ authJwt }) => {\n return authJwt\n })\n }\n\n async getAuthHeaders(): Promise<Array<Header>> {\n return this.getJWT().then((authJwt) => {\n return [new XHR.Header('Authorization', `Bearer ${authJwt}`)]\n })\n }\n\n private async _refreshAuthJwt(refreshJwt: string | undefined): Promise<{ authJwt?: string; refreshJwt?: string }> {\n // If I do not have a refresh JWT or the refresh JWT is expired,\n // I have to log in again\n if (!refreshJwt || this._isJwtInvalidOrExpired(refreshJwt)) {\n return this._loginAndGetTokens()\n } else {\n return this.authApi.refreshAuthenticationJWT(refreshJwt).then((refreshResponse) => ({\n authJwt: refreshResponse.token,\n refreshJwt: refreshJwt,\n }))\n }\n }\n\n private async _loginAndGetTokens(): Promise<{ authJwt?: string; refreshJwt?: string }> {\n let authResponse: AuthenticationResponse | undefined\n let firstError: XHRError | undefined\n if (this.username && this.password) {\n try {\n authResponse = await this.authApi.login(\n new LoginCredentials({\n username: this.username,\n password: this.password,\n })\n )\n } catch (e) {\n firstError = e as XHRError\n }\n }\n if (!authResponse) {\n authResponse = await (Object.entries(this.thirdPartyTokens) as [OAuthThirdParty, string][]).reduce(async (acc, [thirdParty, token]) => {\n const prev = await acc\n return (\n prev ??\n (token\n ? this.authApi.loginWithThirdPartyToken(thirdParty, token).catch((e) => {\n if (!firstError) {\n firstError = e as XHRError\n }\n return Promise.resolve() as Promise<undefined>\n })\n : undefined)\n )\n }, Promise.resolve() as Promise<AuthenticationResponse | undefined>)\n }\n\n if (!authResponse) {\n if (firstError) throw firstError\n throw new XHRError('', 'Unknown error', 401, 'Unauthorized', new Headers())\n }\n\n return {\n authJwt: authResponse.token,\n refreshJwt: authResponse.refreshToken,\n }\n }\n\n private _isJwtInvalidOrExpired(jwt: string): boolean {\n const parts = jwt.split('.')\n if (parts.length !== 3) {\n return true\n }\n const payload = this._base64Decode(parts[1])\n // Using the 'exp' string is safe to use as it is part of the JWT RFC and cannot be modified by us.\n return !('exp' in payload) || payload['exp'] * 1000 < new Date().getTime() - 10000\n }\n\n private _base64Decode(encodedString: string): any {\n return JSON.parse(a2b(encodedString))\n }\n\n invalidateHeader(error: Error): void {\n this._error = error\n }\n\n isInErrorState(): boolean {\n return !!this._error\n }\n}\n"]}
|
|
@@ -187,7 +187,7 @@ class ExtendedApisUtilsImpl {
|
|
|
187
187
|
}
|
|
188
188
|
if (Object.keys(currentRequests).length > 0) {
|
|
189
189
|
const existingDelegationMembersDetails = yield this.secDelMetadataDecryptor.getDelegationMemberDetails(entityWithType);
|
|
190
|
-
const accessibleMembers = new Set(this.useParentKeys ? yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds() : yield this.dataOwnerApi.getCurrentDataOwnerId());
|
|
190
|
+
const accessibleMembers = new Set(this.useParentKeys ? yield this.dataOwnerApi.getCurrentDataOwnerHierarchyIds() : [yield this.dataOwnerApi.getCurrentDataOwnerId()]);
|
|
191
191
|
const potentialParentDelegations = Object.entries(existingDelegationMembersDetails).flatMap(([k, members]) => {
|
|
192
192
|
if ((!!members.delegate && accessibleMembers.has(members.delegate)) || (!!members.delegator && accessibleMembers.has(members.delegator))) {
|
|
193
193
|
return [k];
|