@igxjs/node-components 1.0.16 → 1.0.17

package/components/http-handlers.js

@@ -161,12 +161,13 @@ export const httpHelper = {
    * @returns {string} Formatted string
    */
   format (str, ...args) {
+    let result = str;
     const matched = str.match(/{\d}/ig);
     matched.forEach((element, index) => {
       if(args.length > index)
-        str = str.replace(element, args[index]);
+        result = result.replace(element, args[index]);
     });
-    return str;
+    return result;
   },
 
   /**
@@ -209,4 +210,4 @@ export const httpHelper = {
  */
 export const httpError = (code, message, error, data) => {
   return new CustomError(code, message, error, data);
-};
+};

package/components/jwt.js

@@ -9,31 +9,31 @@ import { jwtDecrypt, EncryptJWT } from 'jose';
 export class JwtManager {
   /** @type {string} JWE algorithm */
   algorithm;
-  
+
   /** @type {string} Encryption method */
   encryption;
-  
+
   /** @type {number} Token expiration time */
   expirationTime;
-  
+
   /** @type {number} Clock tolerance in seconds */
   clockTolerance;
-  
+
   /** @type {string} Hash algorithm for secret derivation */
   secretHashAlgorithm;
-  
+
   /** @type {string|null} Optional JWT issuer claim */
   issuer;
-  
+
   /** @type {string|null} Optional JWT audience claim */
   audience;
-  
+
   /** @type {string|null} Optional JWT subject claim */
   subject;
   /**
    * Create a new JwtManager instance with configurable defaults
    * Constructor options use UPPERCASE naming convention with JWT_ prefix (e.g., JWT_ALGORITHM).
-   * 
+   *
    * @typedef {Object} JwtManagerOptions JwtManager configuration options
    * @property {string} [JWT_ALGORITHM='dir'] JWE algorithm (default: 'dir')
    * @property {string} [JWT_ENCRYPTION='A256GCM'] Encryption method (default: 'A256GCM')
@@ -59,7 +59,7 @@ export class JwtManager {
 
   /**
    * Encrypt method options (camelCase naming convention, uses instance defaults when not provided)
-   * 
+   *
    * @typedef {Object} JwtEncryptOptions Encryption method options
    * @property {string} [algorithm='dir'] JWE algorithm (overrides instance JWT_ALGORITHM)
    * @property {string} [encryption='A256GCM'] Encryption method (overrides instance JWT_ENCRYPTION)
@@ -71,7 +71,7 @@ export class JwtManager {
    */
   /**
    * Generate JWT token for user session
-   * 
+   *
    * @param {import('jose').JWTPayload} data User data payload
    * @param {string} secret Secret key or password for encryption
    * @param {JwtEncryptOptions} [options] Per-call configuration overrides (camelCase naming convention)
@@ -113,7 +113,7 @@ export class JwtManager {
 
   /**
    * Decrypt method options (camelCase naming convention, uses instance defaults when not provided)
-   * 
+   *
    * @typedef {Object} JwtDecryptOptions Decryption method options
    * @property {number} [clockTolerance=30] Clock tolerance in seconds (overrides instance JWT_CLOCK_TOLERANCE)
    * @property {string} [secretHashAlgorithm='SHA-256'] Hash algorithm for secret derivation (overrides instance JWT_SECRET_HASH_ALGORITHM)
@@ -123,7 +123,7 @@ export class JwtManager {
    **/
   /**
    * Decrypt JWT
-   * 
+   *
    * @param {string} token JWT token to decrypt
    * @param {string} secret Secret key or password for decryption
    * @param {JwtDecryptOptions} [options] Per-call configuration overrides (camelCase naming convention)

package/components/logger.js

@@ -2,20 +2,20 @@
  * Logger utility for node-components
  * Provides configurable logging with enable/disable functionality
  * Uses singleton pattern to manage logger instances per component
- * 
+ *
  * @example
  * import { Logger } from './logger.js';
- * 
+ *
  * // Recommended: Get logger instance (singleton pattern)
  * const logger = Logger.getInstance('ComponentName');
- * 
+ *
  * // With explicit enable/disable
  * const logger = Logger.getInstance('ComponentName', true);  // Always enabled
  * const logger = Logger.getInstance('ComponentName', false); // Always disabled
- * 
+ *
  * // Backward compatibility: Constructor still works
  * const logger = new Logger('ComponentName');
- * 
+ *
  * // Use logger
  * logger.info('Operation completed');
  * logger.error('Error occurred', error);
@@ -23,10 +23,10 @@
 export class Logger {
   /** @type {Map<string, Logger>} */
   static #instances = new Map();
-  
+
   /** @type {boolean} - Global flag to enable/disable colors */
   static #colorsEnabled = true;
-  
+
   /** ANSI color codes for different log levels */
   static #colors = {
     reset: '\x1b[0m',
@@ -35,7 +35,7 @@ export class Logger {
     yellow: '\x1b[33m',  // warn - yellow
     red: '\x1b[31m',     // error - red
   };
-  
+
   /** @type {boolean} */
   #enabled;
   /** @type {string} */
@@ -51,11 +51,11 @@ export class Logger {
    */
   static getInstance(componentName, enableLogging) {
     const key = `${componentName}:${enableLogging ?? 'default'}`;
-    
+
     if (!Logger.#instances.has(key)) {
       Logger.#instances.set(key, new Logger(componentName, enableLogging));
     }
-    
+
     return Logger.#instances.get(key);
   }
 
@@ -90,20 +90,20 @@ export class Logger {
     // Otherwise, default to enabled in development, disabled in production
     this.#enabled = enableLogging ?? (process.env.NODE_ENV !== 'production');
     this.#prefix = `[${componentName}]`;
-    
+
     // Determine if colors should be used:
     // - Colors are globally enabled
     // - Output is a terminal (TTY)
     // - NO_COLOR environment variable is not set
-    this.#useColors = Logger.#colorsEnabled && 
-                     process.stdout.isTTY && 
+    this.#useColors = Logger.#colorsEnabled &&
+                     process.stdout.isTTY &&
                      !process.env.NO_COLOR;
-    
+
     // Assign methods based on enabled flag to eliminate runtime checks
     // This improves performance by avoiding conditional checks on every log call
     if (this.#enabled) {
       const colors = Logger.#colors;
-      
+
       if (this.#useColors) {
         // Logging enabled with colors: colorize the prefix
         this.debug = (...args) => console.debug(colors.dim + this.#prefix + colors.reset, ...args);
@@ -128,4 +128,4 @@ export class Logger {
       this.log = () => {};
     }
   }
-}
+}

package/components/redis.js

@@ -100,4 +100,4 @@ export class RedisManager {
     await this.#client.quit();
     this.#logger.info('### REDIS DISCONNECTED ###');
   }
-}
+}

package/components/router.js

@@ -1,22 +1,22 @@
 /**
  * FlexRouter for expressjs
- * 
+ *
  * @example
  * import { Router } from 'express';
  * import { FlexRouter } from '../models/router.js';
  * import { authenticate } from '../middlewares/common.js';
- * 
+ *
  * export const publicRouter = Router();
  * export const privateRouter = Router();
- * 
+ *
  * publicRouter.get('/health', (req, res) => {
  *  res.send('OK');
  * });
- * 
+ *
  * privateRouter.get('/', (req, res) => {
  *  res.send('Hello World!');
  * });
- * 
+ *
  * export const routers = [
  *  new FlexRouter('/api/v1/protected', privateRouter, [authenticate]),
  *  new FlexRouter('/api/v1/public', healthRouter),

package/components/session.js

@@ -28,15 +28,15 @@ export const SessionMode = {
  * Session configuration options
  */
 export class SessionConfig {
-  /** 
+  /**
    * @type {string} Authentication mode for protected routes
    * - Supported values: SessionMode.SESSION | SessionMode.TOKEN
    * @default SessionMode.SESSION
    */
   SESSION_MODE;
-  /** 
+  /**
    * @type {string} Identity Provider microservice endpoint URL
-   * 
+   *
    * This is a fully customized, independent microservice that provides SSO authentication.
    * The endpoint serves multiple applications and provides the following APIs:
    * - GET /auth/providers - List supported identity providers
@@ -44,7 +44,7 @@ export class SessionConfig {
    * - POST /auth/verify - Verify JWT token validity
    * - GET /auth/callback/:idp - Validate authentication and return user data
    * - POST /auth/refresh - Refresh access tokens
-   * 
+   *
    * @example
    * SSO_ENDPOINT_URL: 'https://idp.example.com/open/api/v1'
    */
@@ -67,19 +67,19 @@ export class SessionConfig {
   SESSION_COOKIE_PATH;
   /** @type {string} Session secret */
   SESSION_SECRET;
-  /** 
-   * @type {string} 
+  /**
+   * @type {string}
    * @default 'ibmid:'
    */
   SESSION_PREFIX;
-  /** 
+  /**
    * @type {string} Session key
    * - In the `SessionMode.SESSION` mode, this is the key used to store the user in the session.
    * - In the `SessionMode.TOKEN` mode, this is the key of localStorage where the user is stored.
    * @default 'session_token'
    */
   SESSION_KEY;
-  /** 
+  /**
    * @type {string} Session expiry key
    * - In the `SessionMode.TOKEN` mode, this is the key of localStorage where the session expiry timestamp is stored.
    * @default 'session_expires_at'
@@ -141,26 +141,33 @@ export class SessionManager {
   #htmlTemplate = null;
 
   /**
-   * Create a new session manager
-   * @param {SessionConfig} config Session configuration
-   * @throws {TypeError} If config is not an object
-   * @throws {Error} If required configuration fields are missing
+   * Validate config is an object
+   * @param {SessionConfig} config
+   * @throws {TypeError}
    */
-  constructor(config) {
-    // Validate config is an object
+  #validateConfigType(config) {
     if (!config || typeof config !== 'object') {
       throw new TypeError('SessionManager configuration must be an object');
     }
+  }
 
-    // Validate required fields based on SESSION_MODE
-    const mode = config.SESSION_MODE || SessionMode.SESSION;
-    
-    // SESSION_SECRET is always required for both modes
+  /**
+   * Validate required configuration fields
+   * @param {SessionConfig} config
+   * @throws {Error}
+   */
+  #validateRequiredFields(config) {
     if (!config.SESSION_SECRET) {
       throw new Error('SESSION_SECRET is required for SessionManager');
     }
+  }
 
-    // Validate SSO configuration if SSO endpoints are used
+  /**
+   * Validate SSO configuration
+   * @param {SessionConfig} config
+   * @throws {Error}
+   */
+  #validateSsoConfig(config) {
     if (config.SSO_ENDPOINT_URL) {
       if (!config.SSO_CLIENT_ID) {
         throw new Error('SSO_CLIENT_ID is required when SSO_ENDPOINT_URL is provided');
@@ -169,9 +176,15 @@ export class SessionManager {
         throw new Error('SSO_CLIENT_SECRET is required when SSO_ENDPOINT_URL is provided');
       }
     }
+  }
 
-    // Validate TOKEN mode specific requirements
-    if (mode === SessionMode.TOKEN) {
+  /**
+   * Validate TOKEN mode requirements
+   * @param {SessionConfig} config
+   * @throws {Error}
+   */
+  #validateTokenMode(config) {
+    if (config.SESSION_MODE === SessionMode.TOKEN) {
       if (!config.SSO_SUCCESS_URL) {
         throw new Error('SSO_SUCCESS_URL is required for TOKEN authentication mode');
       }
@@ -179,11 +192,16 @@ export class SessionManager {
         throw new Error('SSO_FAILURE_URL is required for TOKEN authentication mode');
       }
     }
+  }
 
-    this.#config = {
-      // Session Mode
+  /**
+   * Build configuration object
+   * @param {SessionConfig} config
+   * @returns {object}
+   */
+  #buildConfig(config) {
+    return {
       SESSION_MODE: config.SESSION_MODE || SessionMode.SESSION,
-      // Session - SESSION_AGE is now in seconds (default: 64800 = 18 hours)
       SESSION_AGE: config.SESSION_AGE || 64800,
       SESSION_COOKIE_PATH: config.SESSION_COOKIE_PATH || '/',
       SESSION_SECRET: config.SESSION_SECRET,
@@ -191,18 +209,13 @@ export class SessionManager {
       SESSION_KEY: config.SESSION_KEY || 'session_token',
       SESSION_EXPIRY_KEY: config.SESSION_EXPIRY_KEY || 'session_expires_at',
       TOKEN_STORAGE_TEMPLATE_PATH: config.TOKEN_STORAGE_TEMPLATE_PATH,
-
-      // Identity Provider
       SSO_ENDPOINT_URL: config.SSO_ENDPOINT_URL,
       SSO_CLIENT_ID: config.SSO_CLIENT_ID,
       SSO_CLIENT_SECRET: config.SSO_CLIENT_SECRET,
       SSO_SUCCESS_URL: config.SSO_SUCCESS_URL,
       SSO_FAILURE_URL: config.SSO_FAILURE_URL,
-      // Redis
       REDIS_URL: config.REDIS_URL,
       REDIS_CERT_PATH: config.REDIS_CERT_PATH,
-
-      // JWT Manager
       JWT_ALGORITHM: config.JWT_ALGORITHM || 'dir',
       JWT_ENCRYPTION: config.JWT_ENCRYPTION || 'A256GCM',
       JWT_CLOCK_TOLERANCE: config.JWT_CLOCK_TOLERANCE ?? 30,
@@ -213,6 +226,20 @@ export class SessionManager {
     };
   }
 
+  /**
+   * Create a new session manager
+   * @param {SessionConfig} config Session configuration
+   * @throws {TypeError} If config is not an object
+   * @throws {Error} If required configuration fields are missing
+   */
+  constructor(config) {
+    this.#validateConfigType(config);
+    this.#validateRequiredFields(config);
+    this.#validateSsoConfig(config);
+    this.#validateTokenMode(config);
+    this.#config = this.#buildConfig(config);
+  }
+
   /**
    * Check if the email has a session refresh lock
    * @param {string} email Email address
@@ -462,7 +489,7 @@ export class SessionManager {
         return next(new CustomError(httpCodes.UNAUTHORIZED, 'Token expired'));
       }
 
-      return next(error instanceof CustomError ? error : 
+      return next(error instanceof CustomError ? error :
         new CustomError(httpCodes.UNAUTHORIZED, 'Token verification failed'));
     }
   }
@@ -515,7 +542,7 @@ export class SessionManager {
 
       // Call SSO refresh endpoint
       const response = await this.#idpRequest.post(idpRefreshUrl, {
-        idp: user?.attributes?.idp, 
+        idp: user?.attributes?.idp,
         refresh_token: user?.attributes?.refresh_token
       }, {
         headers: {
@@ -622,7 +649,7 @@ export class SessionManager {
       if (isRedirect) {
         return res.redirect(this.#config.SSO_SUCCESS_URL);
       }
-      return res.json({ 
+      return res.json({
         message: 'All tokens logged out successfully',
         tokensRemoved: keys.length,
         redirect_url: this.#config.SSO_SUCCESS_URL
@@ -632,7 +659,7 @@ export class SessionManager {
       if (isRedirect) {
         return res.redirect(this.#config.SSO_FAILURE_URL);
       }
-      return res.status(httpCodes.SYSTEM_FAILURE).json({ 
+      return res.status(httpCodes.SYSTEM_FAILURE).json({
         error: 'Logout all failed',
         redirect_url: this.#config.SSO_FAILURE_URL
       });
@@ -671,7 +698,7 @@ export class SessionManager {
       if (isRedirect) {
         return res.redirect(this.#config.SSO_SUCCESS_URL);
       }
-      return res.json({ 
+      return res.json({
         message: 'Logout successful',
         redirect_url: this.#config.SSO_SUCCESS_URL
       });
@@ -681,7 +708,7 @@ export class SessionManager {
       if (isRedirect) {
         return res.redirect(this.#config.SSO_FAILURE_URL);
       }
-      return res.status(httpCodes.SYSTEM_FAILURE).json({ 
+      return res.status(httpCodes.SYSTEM_FAILURE).json({
         error: 'Logout failed',
         redirect_url: this.#config.SSO_FAILURE_URL
       });
@@ -776,9 +803,9 @@ export class SessionManager {
    * Resource protection based on configured SESSION_MODE
    * - SESSION mode: Verifies user exists in session store and is authorized (checks req.session data)
    * - TOKEN mode: Validates JWT token from Authorization header (lightweight validation)
-   * 
+   *
    * Note: This method verifies authentication only. Use requireUser() after this to populate req.user.
-   * 
+   *
    * @param {string} [errorRedirectUrl=''] Redirect URL on authentication failure
    * @returns {import('@types/express').RequestHandler} Returns express Request Handler
    * @example
@@ -786,9 +813,9 @@ export class SessionManager {
    * app.get('/api/check', session.authenticate(), (req, res) => {
    *   res.json({ authenticated: true });
    * });
-   * 
+   *
    * // Option 2: Verify authentication AND load user data into req.user
-   * app.get('/api/profile', 
+   * app.get('/api/profile',
    *   session.authenticate(),   // Verifies session/token
    *   session.requireUser(),     // Loads user data into req.user
    *   (req, res) => {
@@ -852,7 +879,7 @@ export class SessionManager {
     }
     throw new CustomError(httpCodes.BAD_REQUEST, 'Invalid JWT payload');
     };
-  
+
     /**
      * Render HTML template for token storage
      * @param {string} token JWT token
@@ -870,7 +897,7 @@ export class SessionManager {
         .replaceAll('{{SSO_SUCCESS_URL}}', sucessRedirectUrl)
         .replaceAll('{{SSO_FAILURE_URL}}', this.#config.SSO_FAILURE_URL);
     }
-  
+
     /**
      * SSO callback for successful login
      * @param {(user: object) => object} initUser Initialize user object function
@@ -882,7 +909,7 @@ export class SessionManager {
         if (!jwt) {
           return next(new CustomError(httpCodes.BAD_REQUEST, 'Missing `jwt` in query parameters'));
         }
-  
+
         try {
           // Decrypt JWT from Identity Adapter
           const { payload } = await this.#jwtManager.decrypt(jwt, this.#config.SSO_CLIENT_SECRET);
@@ -890,10 +917,10 @@ export class SessionManager {
           if (!payload?.user) {
             throw new CustomError(httpCodes.BAD_REQUEST, 'Invalid JWT payload');
           }
-  
+
           /** @type {string} */
           const callbackRedirectUrl = payload.redirect_url || this.#config.SSO_SUCCESS_URL;
-  
+
           // Token mode: Generate token and return HTML page
           if (this.getSessionMode() === SessionMode.TOKEN) {
             /** @type {import('../index.js').SessionUser} */
@@ -986,8 +1013,8 @@ export class SessionManager {
           if (isRedirect) {
             return res.redirect(this.#config.SSO_FAILURE_URL);
           }
-          return res.status(httpCodes.AUTHORIZATION_FAILED).send({ 
-            redirect_url: this.#config.SSO_FAILURE_URL 
+          return res.status(httpCodes.AUTHORIZATION_FAILED).send({
+            redirect_url: this.#config.SSO_FAILURE_URL
           });
         }
         if (isRedirect) {

package/index.js

@@ -3,4 +3,4 @@ export { httpCodes, httpMessages, httpErrorHandler, httpNotFoundHandler, CustomE
 export { RedisManager } from './components/redis.js';
 export { FlexRouter } from './components/router.js';
 export { JwtManager } from './components/jwt.js';
-export { Logger } from './components/logger.js';
+export { Logger } from './components/logger.js';

package/package.json

@@ -1,11 +1,13 @@
 {
   "name": "@igxjs/node-components",
-  "version": "1.0.16",
+  "version": "1.0.17",
   "description": "Node components for igxjs",
   "main": "index.js",
   "type": "module",
   "scripts": {
-    "test": "mocha tests/**/*.test.js --timeout 5000"
+    "test": "mocha tests/**/*.test.js --timeout 5000",
+    "lint": "eslint .",
+    "lint:fix": "eslint . --fix"
   },
   "repository": {
     "type": "git",
@@ -33,7 +35,10 @@
     "memorystore": "^1.6.7"
   },
   "devDependencies": {
+    "@eslint/js": "^10.0.1",
     "chai": "^6.2.2",
+    "eslint": "^10.1.0",
+    "globals": "^17.4.0",
     "mocha": "^12.0.0-beta-10",
     "sinon": "^21.0.3",
     "supertest": "^7.0.0"
@@ -54,7 +59,8 @@
     "README.md"
   ],
   "publishConfig": {
-    "access": "public"
+    "access": "public",
+    "registry": "https://npm.pkg.github.com"
   },
   "types": "./index.d.ts"
 }