@kaapi/oauth2-auth-design 0.0.13 → 0.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/lib/cli.d.ts +13 -0
  2. package/lib/cli.js +181 -0
  3. package/lib/cli.js.map +1 -0
  4. package/package.json +8 -3
package/lib/cli.d.ts ADDED
@@ -0,0 +1,13 @@
1
+ import { FileGenerator, FileGeneratorType, Question } from '@kaapi/cli/definitions';
2
+ export declare class OAuth2FileGenerator implements FileGenerator {
3
+ #private;
4
+ get type(): FileGeneratorType;
5
+ get name(): 'oauth2-generator';
6
+ get description(): string;
7
+ get options(): Record<string, string>;
8
+ init(options: Record<string, unknown>): void;
9
+ isValid(): boolean;
10
+ getFileContent(): string;
11
+ getQuestions(): Question[];
12
+ getFilename(): string;
13
+ }
package/lib/cli.js ADDED
@@ -0,0 +1,181 @@
1
+ "use strict";
2
+ var _OAuth2FileGenerator_values;
3
+ Object.defineProperty(exports, "__esModule", { value: true });
4
+ exports.OAuth2FileGenerator = void 0;
5
+ const tslib_1 = require("tslib");
6
+ const definitions_1 = require("@kaapi/cli/definitions");
7
+ const utils_1 = require("@kaapi/cli/utils");
8
+ class OAuth2FileGenerator {
9
+ constructor() {
10
+ _OAuth2FileGenerator_values.set(this, {
11
+ name: ''
12
+ });
13
+ }
14
+ get type() {
15
+ return 'auth-design';
16
+ }
17
+ get name() {
18
+ return 'oauth2-generator';
19
+ }
20
+ get description() {
21
+ return 'Creates an auth design based on OAuth2 specifications.';
22
+ }
23
+ get options() {
24
+ return {
25
+ name: 'The name of the design'
26
+ };
27
+ }
28
+ init(options) {
29
+ if (typeof options['name'] == 'string') {
30
+ tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name = (0, utils_1.camelCase)(options['name']);
31
+ }
32
+ }
33
+ isValid() {
34
+ return !!tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name;
35
+ }
36
+ getFileContent() {
37
+ return `import Boom from '@hapi/boom'
38
+ import {
39
+ OAuth2ACAuthorizationRoute,
40
+ OAuth2RefreshTokenHandler,
41
+ OAuth2RefreshTokenRoute,
42
+ OAuth2ACTokenRoute,
43
+ OpenIDAuthDesign,
44
+ OpenIDJWKSRoute,
45
+ OAuth2TokenResponse,
46
+ BearerToken
47
+ } from '@kaapi/oauth2-auth-design';
48
+
49
+ const tokenType = new BearerToken()
50
+
51
+ export const ${tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name} = new OpenIDAuthDesign(
52
+ {
53
+ strategyName: '${(0, utils_1.kebabCase)(tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name)}',
54
+ openidConfiguration: {
55
+ ...tokenType.configuration
56
+ },
57
+ jwksStore: undefined,
58
+ jwksRoute: new OpenIDJWKSRoute('/openid/jwks'),
59
+ authorizationRoute: OAuth2ACAuthorizationRoute.buildDefault<object, { Payload: { user: string, pass: string } }>()
60
+ .setPath('/oauth2/authorize')
61
+ .setEmailField('email')
62
+ .setPasswordField('password')
63
+ .generateCode(async ({ clientId, codeChallenge, scope, nonce }, { payload: { user, pass } }) => {
64
+ // validate and generate code
65
+ if (user == 'janed@example.com' && pass == '1234') {
66
+ return JSON.stringify({ clientId, codeChallenge, scope, nonce, user: '248289761001' })
67
+ }
68
+
69
+ return null
70
+ }),
71
+ tokenRoute: OAuth2ACTokenRoute.buildDefault()
72
+ .setPath('/oauth2/token')
73
+ .generateToken(async ({ clientId, clientSecret, code, codeVerifier, redirectUri, ttl, createIDToken }, _req) => {
74
+
75
+ if (!clientSecret && !codeVerifier) {
76
+ return { error: 'invalid_request', error_description: 'Token Request was missing the \\'client_secret\\' parameter.' }
77
+ }
78
+ try {
79
+ //#region @TODO: validation + token
80
+ const accessToken = 'generated_access_token'
81
+ const refreshToken = 'generated_refresh_token'
82
+ const scope: string[] = ['openid']
83
+ return new OAuth2TokenResponse({ access_token: accessToken })
84
+ .setExpiresIn(ttl)
85
+ .setRefreshToken(refreshToken)
86
+ .setScope(scope)
87
+ .setIDToken(
88
+ await createIDToken?.({
89
+ sub: '248289761001',
90
+ name: 'Jane Doe',
91
+ given_name: 'Jane',
92
+ family_name: 'Doe',
93
+ preferred_username: 'janed',
94
+ email: 'janed@example.com',
95
+ email_verified: true,
96
+ picture: 'https://example.com/janed.jpg'
97
+ })
98
+ )
99
+ .setTokenType(tokenType)
100
+ //#endregion @TODO: validation + token
101
+ } catch (err) {
102
+ console.error(err)
103
+ }
104
+
105
+ return null
106
+ }),
107
+ refreshTokenRoute: new OAuth2RefreshTokenRoute(
108
+ '/oauth2/token',
109
+ (async ({ clientId, clientSecret, refreshToken, scope, ttl }, _req, h) => {
110
+
111
+ //#region @TODO: validation + refresh token
112
+
113
+ //#endregion @TODO: validation + refresh token
114
+
115
+ return h.response({ error: 'invalid_token' }).code(400)
116
+ }) as OAuth2RefreshTokenHandler,
117
+ ),
118
+ options: {
119
+ async validate(req, token, h) {
120
+ if (token) {
121
+ //#region @TODO: validation
122
+ if (token != 'generated_access_token') {
123
+ return {}
124
+ }
125
+ //#endregion @TODO: validation
126
+
127
+ // authorized to go further
128
+ return {
129
+ isValid: !!token,
130
+ credentials: {
131
+ user: {
132
+ sub: '248289761001',
133
+ name: 'Jane Doe',
134
+ given_name: 'Jane',
135
+ }
136
+ }
137
+ }
138
+ }
139
+
140
+ return h.unauthenticated(Boom.unauthorized('unauthorized', 'Bearer'))
141
+ },
142
+ }
143
+ }
144
+ )
145
+ .setDescription('This API uses OAuth 2 with the authentication code grant flow. [More info](https://oauth.net/2/grant-types/authorization-code/)')
146
+ .setScopes({
147
+ profile: 'Access to your profile information',
148
+ email: 'Access to your email address',
149
+ offline_access: 'Access to your data when you are not connected'
150
+ })
151
+ .setTokenType(tokenType)
152
+ .setTokenTTL(36000)
153
+ .clientSecretBasicAuthenticationMethod()
154
+ .clientSecretPostAuthenticationMethod() // to debug (used in SwaggerUI)
155
+ //.withoutPkce() // to remove 'none'
156
+ `;
157
+ }
158
+ getQuestions() {
159
+ const r = [];
160
+ if (!tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name) {
161
+ r.push({
162
+ type: definitions_1.QuestionType.text,
163
+ options: {
164
+ message: 'The name of the auth design?',
165
+ defaultValue: 'oauth2AuthDesign',
166
+ placeholder: 'oauth2AuthDesign'
167
+ },
168
+ setValue: (pluginName) => {
169
+ tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name = (0, utils_1.camelCase)(pluginName);
170
+ }
171
+ });
172
+ }
173
+ return r;
174
+ }
175
+ getFilename() {
176
+ return (0, utils_1.kebabCase)(`${tslib_1.__classPrivateFieldGet(this, _OAuth2FileGenerator_values, "f").name}`) + '.ts';
177
+ }
178
+ }
179
+ exports.OAuth2FileGenerator = OAuth2FileGenerator;
180
+ _OAuth2FileGenerator_values = new WeakMap();
181
+ //# sourceMappingURL=cli.js.map
package/lib/cli.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;;;AAAA,wDAAiG;AACjG,4CAAuD;AAEvD,MAAa,mBAAmB;IAAhC;QAoBI,sCAAU;YACN,IAAI,EAAE,EAAE;SACX,EAAA;IA8JL,CAAC;IAlLG,IAAI,IAAI;QACJ,OAAO,aAAa,CAAA;IACxB,CAAC;IAED,IAAI,IAAI;QACJ,OAAO,kBAAkB,CAAA;IAC7B,CAAC;IAED,IAAI,WAAW;QACX,OAAO,wDAAwD,CAAA;IACnE,CAAC;IAED,IAAI,OAAO;QACP,OAAO;YACH,IAAI,EAAE,wBAAwB;SACjC,CAAA;IACL,CAAC;IAMD,IAAI,CAAC,OAAgC;QACjC,IAAI,OAAO,OAAO,CAAC,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACrC,+BAAA,IAAI,mCAAQ,CAAC,IAAI,GAAG,IAAA,iBAAS,EAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAA;QAClD,CAAC;IACL,CAAC;IAED,OAAO;QACH,OAAO,CAAC,CAAC,+BAAA,IAAI,mCAAQ,CAAC,IAAI,CAAA;IAC9B,CAAC;IAED,cAAc;QACV,OAAO;;;;;;;;;;;;;;eAcA,+BAAA,IAAI,mCAAQ,CAAC,IAAI;;yBAEP,IAAA,iBAAS,EAAC,+BAAA,IAAI,mCAAQ,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAuGpD,CAAA;IACG,CAAC;IAED,YAAY;QACR,MAAM,CAAC,GAAe,EAAE,CAAA;QAExB,IAAI,CAAC,+BAAA,IAAI,mCAAQ,CAAC,IAAI,EAAE,CAAC;YACrB,CAAC,CAAC,IAAI,CAAC;gBACH,IAAI,EAAE,0BAAY,CAAC,IAAI;gBACvB,OAAO,EAAE;oBACL,OAAO,EAAE,8BAA8B;oBACvC,YAAY,EAAE,kBAAkB;oBAChC,WAAW,EAAE,kBAAkB;iBAClC;gBACD,QAAQ,EAAE,CAAC,UAAU,EAAE,EAAE;oBACrB,+BAAA,IAAI,mCAAQ,CAAC,IAAI,GAAG,IAAA,iBAAS,EAAC,UAAU,CAAC,CAAA;gBAC7C,CAAC;aACJ,CAAC,CAAA;QACN,CAAC;QAED,OAAO,CAAC,CAAA;IACZ,CAAC;IAED,WAAW;QACP,OAAO,IAAA,iBAAS,EAAC,GAAG,+BAAA,IAAI,mCAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,KAAK,CAAA;IACpD,CAAC;CACJ;AApLD,kDAoLC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kaapi/oauth2-auth-design",
3
- "version": "0.0.13",
3
+ "version": "0.0.14",
4
4
  "private": false,
5
5
  "description": "OAuth2 auth design for kaapi",
6
6
  "main": "lib/index.js",
@@ -8,6 +8,10 @@
8
8
  ".": {
9
9
  "types": "./lib/index.d.ts",
10
10
  "default": "./lib/index.js"
11
+ },
12
+ "./cli": {
13
+ "types": "./lib/cli.d.ts",
14
+ "default": "./lib/cli.js"
11
15
  }
12
16
  },
13
17
  "author": "demingongo",
@@ -22,12 +26,13 @@
22
26
  "@hapi/hoek": "^11.0.7",
23
27
  "@novice1/api-doc-generator": "^1.0.2",
24
28
  "html-entities": "^2.6.0",
25
- "jose": "^6.0.12",
29
+ "jose": "^6.0.13",
26
30
  "jsonwebtoken": "^9.0.2",
27
31
  "jwk-to-pem": "^2.0.7",
28
32
  "node-jose": "^2.2.0",
29
33
  "tslib": "^2.8.1",
30
- "@kaapi/kaapi": "^0.0.13"
34
+ "@kaapi/cli": "^0.0.14",
35
+ "@kaapi/kaapi": "^0.0.14"
31
36
  },
32
37
  "devDependencies": {
33
38
  "@types/jsonwebtoken": "^9.0.10",