npm - @jmlq/auth - Versions diffs - 0.0.1-alpha.24 → 0.0.1-alpha.26 - Mend

@jmlq/auth 0.0.1-alpha.24 → 0.0.1-alpha.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (28) hide show

package/dist/domain/services/helpers/optional-non-empty-string.helper.d.ts CHANGED Viewed

	@@ -1 +1 @@
1	- export declare function ~~optionalNonEmptyString~~(value: unknown): string \| undefined;
1	+ export declare function readNonEmptyString(value: unknown): string \| undefined;

package/dist/domain/services/helpers/optional-non-empty-string.helper.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.optionalNonEmptyString = optionalNonEmptyString;
-function optionalNonEmptyString(value) {
+exports.readNonEmptyString = readNonEmptyString;
+function readNonEmptyString(value) {
     if (typeof value !== "string")
         return undefined;
     const v = value.trim();

package/dist/domain/services/normalize-jwt-payload.service.js CHANGED Viewed

@@ -34,7 +34,7 @@ function normalizeJwtPayload(input) {
     const iat = (0, helpers_1.requireFiniteNumber)(obj.iat, "iat");
     const exp = (0, helpers_1.requireFiniteNumber)(obj.exp, "exp");
     // Optional
-    const iss = (0, helpers_1.optionalNonEmptyString)(obj.iss);
+    const iss = (0, helpers_1.readNonEmptyString)(obj.iss);
     /**
      * Canonical audience rule (core):
      * - string | string[] | undefined

package/dist/index.d.ts CHANGED Viewed

@@ -19,3 +19,4 @@ export * from "./domain/props";
 export * from "./domain/errors";
 export * from "./application/dtos";
 export * from "./application/facades";
+export * from "./shared";

package/dist/index.js CHANGED Viewed

@@ -43,3 +43,4 @@ __exportStar(require("./domain/errors"), exports);
 __exportStar(require("./application/dtos"), exports);
 // Facades (entrypoint recomendado para hosts)
 __exportStar(require("./application/facades"), exports);
+__exportStar(require("./shared"), exports);

package/dist/shared/index.d.ts CHANGED Viewed

	@@ -1 +1,2 @@
1 1	export * from "./utils";
2	+ export * from "./jwt-plugin";

package/dist/shared/index.js CHANGED Viewed

@@ -15,3 +15,4 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./utils"), exports);
+__exportStar(require("./jwt-plugin"), exports);

package/dist/shared/jwt-plugin/create-jwt-id.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * Genera un identificador único para el claim `jti`.
+ * - Usa crypto.randomUUID cuando está disponible.
+ * - Fallback no-crypto para entornos legacy/dev.
+ */
+export declare function createJwtId(): string;

package/dist/shared/jwt-plugin/create-jwt-id.js ADDED Viewed

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createJwtId = createJwtId;
+/**
+ * Obtiene el tiempo actual en segundos Unix.
+ *
+ * @returns Timestamp Unix (segundos).
+ */
+function nowUnixSeconds() {
+    return Math.floor(Date.now() / 1000);
+}
+/**
+ * Genera un identificador único para el claim `jti`.
+ * - Usa crypto.randomUUID cuando está disponible.
+ * - Fallback no-crypto para entornos legacy/dev.
+ */
+function createJwtId() {
+    if (hasCryptoRandomUUID(globalThis)) {
+        return globalThis.crypto.randomUUID();
+    }
+    return `jti_${nowUnixSeconds()}_${Math.random().toString(16).slice(2)}`;
+}
+function hasCryptoRandomUUID(value) {
+    return (typeof value === "object" &&
+        value !== null &&
+        "crypto" in value &&
+        typeof value.crypto === "object" &&
+        typeof value.crypto
+            ?.randomUUID === "function");
+}

package/dist/shared/jwt-plugin/index.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+export * from "./normalize-clock-skew-seconds";
+export * from "./normalize-default-expires-in";
+export * from "./read-expires-in";
+export * from "./read-custom-claims";
+export * from "./resolve-expires-in";
+export * from "./is-retryable-auth-code";
+export * from "./read-session-id";
+export * from "./to-date-from-unix-seconds";
+export * from "./create-jwt-id";

package/dist/shared/jwt-plugin/index.js ADDED Viewed

@@ -0,0 +1,25 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./normalize-clock-skew-seconds"), exports);
+__exportStar(require("./normalize-default-expires-in"), exports);
+__exportStar(require("./read-expires-in"), exports);
+__exportStar(require("./read-custom-claims"), exports);
+__exportStar(require("./resolve-expires-in"), exports);
+__exportStar(require("./is-retryable-auth-code"), exports);
+__exportStar(require("./read-session-id"), exports);
+__exportStar(require("./to-date-from-unix-seconds"), exports);
+__exportStar(require("./create-jwt-id"), exports);

package/dist/shared/jwt-plugin/is-retryable-auth-code.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import type { AuthErrorCode } from "../../domain/errors";
+/**
+ * Determina si un error del core (por código) es "retryable".
+ *
+ * Responsabilidad única:
+ * - Decidir reintento SOLO por `code` (sin jose, sin message, sin heurísticas).
+ */
+export declare function isRetryableAuthCode(code: AuthErrorCode): boolean;

package/dist/shared/jwt-plugin/is-retryable-auth-code.js ADDED Viewed

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isRetryableAuthCode = isRetryableAuthCode;
+/**
+ * Determina si un error del core (por código) es "retryable".
+ *
+ * Responsabilidad única:
+ * - Decidir reintento SOLO por `code` (sin jose, sin message, sin heurísticas).
+ */
+function isRetryableAuthCode(code) {
+    return (code === "SIGNATURE_INVALID" ||
+        code === "ALGORITHM_UNSUPPORTED" ||
+        code === "KEY_MISMATCH" ||
+        code === "KEY_NOT_FOUND");
+}

package/dist/shared/jwt-plugin/normalize-clock-skew-seconds.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Normaliza clockSkewSeconds (en segundos).
+ *
+ * Responsabilidad única:
+ * - Aceptar únicamente números válidos
+ * - Convertir a entero (floor)
+ * - Asegurar >= 0
+ *
+ * Reglas:
+ * - no number / NaN => undefined
+ * - < 0 => 0
+ * - >== 0 => floor(value)
+ */
+export declare function normalizeClockSkewSeconds(value: number | undefined): number | undefined;

package/dist/shared/jwt-plugin/normalize-clock-skew-seconds.js ADDED Viewed

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeClockSkewSeconds = normalizeClockSkewSeconds;
+/**
+ * Normaliza clockSkewSeconds (en segundos).
+ *
+ * Responsabilidad única:
+ * - Aceptar únicamente números válidos
+ * - Convertir a entero (floor)
+ * - Asegurar >= 0
+ *
+ * Reglas:
+ * - no number / NaN => undefined
+ * - < 0 => 0
+ * - >== 0 => floor(value)
+ */
+function normalizeClockSkewSeconds(value) {
+    if (typeof value !== "number" || Number.isNaN(value))
+        return undefined;
+    if (value < 0)
+        return 0;
+    return Math.floor(value);
+}

package/dist/shared/jwt-plugin/normalize-default-expires-in.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Normaliza defaults de expiración usados por plugins JWT.
+ *
+ * Responsabilidad única:
+ * - Aceptar un shape compatible con { accessToken?, refreshToken? }
+ * - Trim de strings
+ * - Vacío => omitido
+ * - Si queda vacío => undefined
+ *
+ * Importante:
+ * - No depende de types de plugins para evitar acoplamiento.
+ */
+export declare function normalizeDefaultExpiresIn<T extends {
+    accessToken?: string;
+    refreshToken?: string;
+}>(value: T | undefined): T | undefined;

package/dist/shared/jwt-plugin/normalize-default-expires-in.js ADDED Viewed

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.normalizeDefaultExpiresIn = normalizeDefaultExpiresIn;
+/**
+ * Normaliza defaults de expiración usados por plugins JWT.
+ *
+ * Responsabilidad única:
+ * - Aceptar un shape compatible con { accessToken?, refreshToken? }
+ * - Trim de strings
+ * - Vacío => omitido
+ * - Si queda vacío => undefined
+ *
+ * Importante:
+ * - No depende de types de plugins para evitar acoplamiento.
+ */
+function normalizeDefaultExpiresIn(value) {
+    if (!value)
+        return undefined;
+    const out = {};
+    const accessToken = normalizeOptionalNonEmptyString(value.accessToken);
+    if (accessToken)
+        out.accessToken = accessToken;
+    const refreshToken = normalizeOptionalNonEmptyString(value.refreshToken);
+    if (refreshToken)
+        out.refreshToken = refreshToken;
+    return Object.keys(out).length > 0 ? out : undefined;
+}
+/**
+ * Helper local (mínimo) para evitar dependencia circular en exports del core.
+ */
+function normalizeOptionalNonEmptyString(value) {
+    if (typeof value !== "string")
+        return undefined;
+    const v = value.trim();
+    return v.length > 0 ? v : undefined;
+}

package/dist/shared/jwt-plugin/read-custom-claims.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Lee `customClaims` desde unknown.
+ *
+ * Responsabilidad única:
+ * - Aceptar únicamente un objeto plano serializable (Record<string, unknown>)
+ *
+ * Reglas:
+ * - undefined/null => undefined
+ * - arrays => undefined
+ * - objetos => Record<string, unknown>
+ */
+export declare function readCustomClaims(value: unknown): Record<string, unknown> | undefined;

package/dist/shared/jwt-plugin/read-custom-claims.js ADDED Viewed

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readCustomClaims = readCustomClaims;
+/**
+ * Lee `customClaims` desde unknown.
+ *
+ * Responsabilidad única:
+ * - Aceptar únicamente un objeto plano serializable (Record<string, unknown>)
+ *
+ * Reglas:
+ * - undefined/null => undefined
+ * - arrays => undefined
+ * - objetos => Record<string, unknown>
+ */
+function readCustomClaims(value) {
+    if (!value || typeof value !== "object")
+        return undefined;
+    if (Array.isArray(value))
+        return undefined;
+    return value;
+}

package/dist/shared/jwt-plugin/read-expires-in.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Lee `expiresIn` desde unknown.
+ *
+ * Responsabilidad única:
+ * - Normalizar un valor desconocido a `string | undefined`
+ *
+ * Reglas:
+ * - no string => undefined
+ * - string vacío => undefined
+ * - string con espacios => trim()
+ */
+export declare function readExpiresIn(value: unknown): string | undefined;

package/dist/shared/jwt-plugin/read-expires-in.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readExpiresIn = readExpiresIn;
+/**
+ * Lee `expiresIn` desde unknown.
+ *
+ * Responsabilidad única:
+ * - Normalizar un valor desconocido a `string | undefined`
+ *
+ * Reglas:
+ * - no string => undefined
+ * - string vacío => undefined
+ * - string con espacios => trim()
+ */
+function readExpiresIn(value) {
+    if (typeof value !== "string")
+        return undefined;
+    const trimmed = value.trim();
+    return trimmed.length > 0 ? trimmed : undefined;
+}

package/dist/shared/jwt-plugin/read-session-id.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Lee y valida `sessionId`.
+ *
+ * Regla de dominio:
+ * - sessionId es obligatorio para soporte multi-sesión
+ *
+ * NOTA:
+ * - NO lanza Error genérico
+ * - La decisión del error final se delega al core
+ */
+export declare function readSessionId(value: unknown): string | undefined;

package/dist/shared/jwt-plugin/read-session-id.js ADDED Viewed

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readSessionId = readSessionId;
+const helpers_1 = require("../../domain/services/helpers");
+/**
+ * Lee y valida `sessionId`.
+ *
+ * Regla de dominio:
+ * - sessionId es obligatorio para soporte multi-sesión
+ *
+ * NOTA:
+ * - NO lanza Error genérico
+ * - La decisión del error final se delega al core
+ */
+function readSessionId(value) {
+    return (0, helpers_1.readNonEmptyString)(value);
+}

package/dist/shared/jwt-plugin/resolve-expires-in.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Resuelve `expiresIn` para generación de tokens (regla canónica para plugins).
+ *
+ * Responsabilidad única:
+ * - Aplicar precedencia:
+ *   1) expiresIn provisto por props
+ *   2) defaultExpiresIn del plugin por tokenKind
+ * - Si ninguno existe: lanzar InvalidJwtPayloadError (error canónico del core)
+ */
+export declare function resolveExpiresIn(args: {
+    expiresInFromProps?: string;
+    defaultExpiresIn?: string;
+    operation: "generateAccessToken" | "generateRefreshToken";
+}): string;

package/dist/shared/jwt-plugin/resolve-expires-in.js ADDED Viewed

@@ -0,0 +1,31 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveExpiresIn = resolveExpiresIn;
+const errors_1 = require("../../domain/errors");
+/**
+ * Resuelve `expiresIn` para generación de tokens (regla canónica para plugins).
+ *
+ * Responsabilidad única:
+ * - Aplicar precedencia:
+ *   1) expiresIn provisto por props
+ *   2) defaultExpiresIn del plugin por tokenKind
+ * - Si ninguno existe: lanzar InvalidJwtPayloadError (error canónico del core)
+ */
+function resolveExpiresIn(args) {
+    const fromProps = normalizeOptionalNonEmptyString(args.expiresInFromProps);
+    if (fromProps)
+        return fromProps;
+    const fromDefault = normalizeOptionalNonEmptyString(args.defaultExpiresIn);
+    if (fromDefault)
+        return fromDefault;
+    throw new errors_1.InvalidJwtPayloadError("expiresIn is required", {
+        field: "expiresIn",
+        operation: args.operation,
+    });
+}
+function normalizeOptionalNonEmptyString(value) {
+    if (typeof value !== "string")
+        return undefined;
+    const v = value.trim();
+    return v.length > 0 ? v : undefined;
+}

package/dist/shared/jwt-plugin/to-date-from-unix-seconds.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Convierte segundos Unix a Date.
+ *
+ * @param expSeconds `exp` en segundos Unix.
+ * @returns Date correspondiente.
+ */
+export declare function toDateFromUnixSeconds(expSeconds: number): Date;

package/dist/shared/jwt-plugin/to-date-from-unix-seconds.js ADDED Viewed

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.toDateFromUnixSeconds = toDateFromUnixSeconds;
+/**
+ * Convierte segundos Unix a Date.
+ *
+ * @param expSeconds `exp` en segundos Unix.
+ * @returns Date correspondiente.
+ */
+function toDateFromUnixSeconds(expSeconds) {
+    return new Date(expSeconds * 1000);
+}

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@jmlq/auth",
   "description": "JWT authentication package with clean architecture",
-  "version": "0.0.1-alpha.24",
+  "version": "0.0.1-alpha.26",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "scripts": {