@loopstack/auth 0.8.1 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/LICENSE +43 -21
- package/dist/auth.module.d.ts +2 -2
- package/dist/auth.module.js +29 -24
- package/dist/auth.module.js.map +1 -1
- package/dist/controllers/auth.controller.d.ts +9 -16
- package/dist/controllers/auth.controller.js +40 -95
- package/dist/controllers/auth.controller.js.map +1 -1
- package/dist/dtos/hub-login-request.dto.d.ts +4 -0
- package/dist/dtos/hub-login-request.dto.js +30 -0
- package/dist/dtos/hub-login-request.dto.js.map +1 -0
- package/dist/dtos/worker-info.dto.d.ts +5 -0
- package/dist/dtos/worker-info.dto.js +42 -0
- package/dist/dtos/worker-info.dto.js.map +1 -0
- package/dist/exceptions/hub.exceptions.d.ts +16 -0
- package/dist/exceptions/hub.exceptions.js +35 -0
- package/dist/exceptions/hub.exceptions.js.map +1 -0
- package/dist/guards/hub-auth.guard.d.ts +4 -0
- package/dist/guards/{dev-auth.guard.js → hub-auth.guard.js} +6 -6
- package/dist/guards/hub-auth.guard.js.map +1 -0
- package/dist/guards/index.d.ts +0 -3
- package/dist/guards/index.js +0 -3
- package/dist/guards/index.js.map +1 -1
- package/dist/guards/jwt-auth.guard.d.ts +5 -3
- package/dist/guards/jwt-auth.guard.js +14 -4
- package/dist/guards/jwt-auth.guard.js.map +1 -1
- package/dist/guards/worker-auth.guard.d.ts +7 -0
- package/dist/{strategies/dev.strategy.js → guards/worker-auth.guard.js} +15 -20
- package/dist/guards/worker-auth.guard.js.map +1 -0
- package/dist/index.d.ts +0 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/interfaces/auth-config.interface.d.ts +3 -13
- package/dist/interfaces/hub-service.interfaces.d.ts +16 -0
- package/dist/interfaces/hub-service.interfaces.js +3 -0
- package/dist/interfaces/hub-service.interfaces.js.map +1 -0
- package/dist/repositories/user.repository.d.ts +0 -1
- package/dist/repositories/user.repository.js +0 -6
- package/dist/repositories/user.repository.js.map +1 -1
- package/dist/services/auth.service.d.ts +7 -11
- package/dist/services/auth.service.js +32 -46
- package/dist/services/auth.service.js.map +1 -1
- package/dist/services/config-validation.service.d.ts +8 -0
- package/dist/services/config-validation.service.js +44 -0
- package/dist/services/config-validation.service.js.map +1 -0
- package/dist/services/hub-audit.service.d.ts +14 -0
- package/dist/services/hub-audit.service.js +47 -0
- package/dist/services/hub-audit.service.js.map +1 -0
- package/dist/services/hub.service.d.ts +20 -0
- package/dist/services/hub.service.js +179 -0
- package/dist/services/hub.service.js.map +1 -0
- package/dist/services/index.d.ts +1 -2
- package/dist/services/index.js +1 -2
- package/dist/services/index.js.map +1 -1
- package/dist/services/token.service.d.ts +10 -6
- package/dist/services/token.service.js +24 -21
- package/dist/services/token.service.js.map +1 -1
- package/dist/strategies/hub.strategy.d.ts +17 -0
- package/dist/strategies/hub.strategy.js +67 -0
- package/dist/strategies/hub.strategy.js.map +1 -0
- package/dist/strategies/index.d.ts +1 -3
- package/dist/strategies/index.js +1 -3
- package/dist/strategies/index.js.map +1 -1
- package/dist/strategies/jwt.strategy.d.ts +1 -1
- package/dist/strategies/jwt.strategy.js +10 -7
- package/dist/strategies/jwt.strategy.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/package.json +12 -11
- package/dist/decorators/current-user.decorator.d.ts +0 -1
- package/dist/decorators/current-user.decorator.js +0 -9
- package/dist/decorators/current-user.decorator.js.map +0 -1
- package/dist/decorators/index.d.ts +0 -3
- package/dist/decorators/index.js +0 -20
- package/dist/decorators/index.js.map +0 -1
- package/dist/decorators/public.decorator.d.ts +0 -1
- package/dist/decorators/public.decorator.js +0 -8
- package/dist/decorators/public.decorator.js.map +0 -1
- package/dist/decorators/roles.decorator.d.ts +0 -1
- package/dist/decorators/roles.decorator.js +0 -8
- package/dist/decorators/roles.decorator.js.map +0 -1
- package/dist/guards/dev-auth.guard.d.ts +0 -4
- package/dist/guards/dev-auth.guard.js.map +0 -1
- package/dist/guards/google-auth.guard.d.ts +0 -5
- package/dist/guards/google-auth.guard.js +0 -23
- package/dist/guards/google-auth.guard.js.map +0 -1
- package/dist/guards/local-auth.guard.d.ts +0 -4
- package/dist/guards/local-auth.guard.js +0 -18
- package/dist/guards/local-auth.guard.js.map +0 -1
- package/dist/repositories/auth-provider.repository.d.ts +0 -9
- package/dist/repositories/auth-provider.repository.js +0 -47
- package/dist/repositories/auth-provider.repository.js.map +0 -1
- package/dist/services/oauth.service.d.ts +0 -15
- package/dist/services/oauth.service.js +0 -91
- package/dist/services/oauth.service.js.map +0 -1
- package/dist/services/password.service.d.ts +0 -5
- package/dist/services/password.service.js +0 -25
- package/dist/services/password.service.js.map +0 -1
- package/dist/strategies/dev.strategy.d.ts +0 -9
- package/dist/strategies/dev.strategy.js.map +0 -1
- package/dist/strategies/google.strategy.d.ts +0 -8
- package/dist/strategies/google.strategy.js +0 -51
- package/dist/strategies/google.strategy.js.map +0 -1
- package/dist/strategies/local.strategy.d.ts +0 -8
- package/dist/strategies/local.strategy.js +0 -36
- package/dist/strategies/local.strategy.js.map +0 -1
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var HubService_1;
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
exports.HubService = void 0;
|
|
14
|
+
const common_1 = require("@nestjs/common");
|
|
15
|
+
const axios_1 = require("axios");
|
|
16
|
+
const config_1 = require("@nestjs/config");
|
|
17
|
+
const hub_audit_service_1 = require("./hub-audit.service");
|
|
18
|
+
const hub_exceptions_1 = require("../exceptions/hub.exceptions");
|
|
19
|
+
let HubService = HubService_1 = class HubService {
|
|
20
|
+
configService;
|
|
21
|
+
auditService;
|
|
22
|
+
logger = new common_1.Logger(HubService_1.name);
|
|
23
|
+
axiosInstance;
|
|
24
|
+
config;
|
|
25
|
+
constructor(configService, auditService) {
|
|
26
|
+
this.configService = configService;
|
|
27
|
+
this.auditService = auditService;
|
|
28
|
+
}
|
|
29
|
+
async onModuleInit() {
|
|
30
|
+
await this.initialize();
|
|
31
|
+
}
|
|
32
|
+
async initialize() {
|
|
33
|
+
try {
|
|
34
|
+
this.config = this.loadConfiguration();
|
|
35
|
+
this.validateConfiguration();
|
|
36
|
+
this.axiosInstance = axios_1.default.create({
|
|
37
|
+
timeout: this.config.timeout || 10000,
|
|
38
|
+
headers: {
|
|
39
|
+
'Content-Type': 'application/json',
|
|
40
|
+
'User-Agent': 'HubService/1.0',
|
|
41
|
+
},
|
|
42
|
+
});
|
|
43
|
+
this.setupAxiosInterceptors();
|
|
44
|
+
this.logger.log('Hub service initialized successfully');
|
|
45
|
+
}
|
|
46
|
+
catch (error) {
|
|
47
|
+
this.logger.error('Failed to initialize Hub service:', error);
|
|
48
|
+
throw new hub_exceptions_1.HubConfigurationException('Service initialization failed');
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
loadConfiguration() {
|
|
52
|
+
const authConfig = this.configService.get('auth');
|
|
53
|
+
return {
|
|
54
|
+
authCallback: authConfig?.authCallback,
|
|
55
|
+
clientId: authConfig?.clientId,
|
|
56
|
+
clientSecret: authConfig?.clientSecret,
|
|
57
|
+
timeout: 10000,
|
|
58
|
+
retries: 3,
|
|
59
|
+
};
|
|
60
|
+
}
|
|
61
|
+
validateConfiguration() {
|
|
62
|
+
const required = ['authCallback'];
|
|
63
|
+
const missing = required.filter(field => !this.config[field]);
|
|
64
|
+
if (missing.length > 0) {
|
|
65
|
+
throw new hub_exceptions_1.HubConfigurationException(`Missing required fields: ${missing.join(', ')}`);
|
|
66
|
+
}
|
|
67
|
+
try {
|
|
68
|
+
new URL(this.config.authCallback);
|
|
69
|
+
}
|
|
70
|
+
catch {
|
|
71
|
+
throw new hub_exceptions_1.HubConfigurationException('Invalid authCallback URL format');
|
|
72
|
+
}
|
|
73
|
+
this.logger.log('Configuration validated successfully');
|
|
74
|
+
}
|
|
75
|
+
setupAxiosInterceptors() {
|
|
76
|
+
this.axiosInstance.interceptors.request.use((config) => {
|
|
77
|
+
this.logger.debug(`Making request to: ${config.url}`);
|
|
78
|
+
return config;
|
|
79
|
+
}, (error) => {
|
|
80
|
+
this.logger.error('Request interceptor error:', error);
|
|
81
|
+
return Promise.reject(error);
|
|
82
|
+
});
|
|
83
|
+
this.axiosInstance.interceptors.response.use((response) => {
|
|
84
|
+
this.logger.debug(`Response received: ${response.status}`);
|
|
85
|
+
return response;
|
|
86
|
+
}, (error) => {
|
|
87
|
+
this.logger.error(`Response error: ${error.response?.status} - ${error.message}`);
|
|
88
|
+
return Promise.reject(error);
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
async retryOperation(operation, maxRetries = 3, delay = 1000) {
|
|
92
|
+
let lastError = undefined;
|
|
93
|
+
for (let attempt = 1; attempt <= maxRetries; attempt++) {
|
|
94
|
+
try {
|
|
95
|
+
return await operation();
|
|
96
|
+
}
|
|
97
|
+
catch (error) {
|
|
98
|
+
lastError = error;
|
|
99
|
+
if (error instanceof axios_1.AxiosError && error.response?.status && error.response?.status >= 400 && error.response?.status < 500) {
|
|
100
|
+
throw error;
|
|
101
|
+
}
|
|
102
|
+
if (attempt < maxRetries) {
|
|
103
|
+
this.logger.warn(`Attempt ${attempt} failed, retrying in ${delay}ms: ${error.message}`);
|
|
104
|
+
await new Promise(resolve => setTimeout(resolve, delay * attempt));
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
throw lastError;
|
|
109
|
+
}
|
|
110
|
+
async exchangeCodeForUserInfo(code, context) {
|
|
111
|
+
const requestContext = {
|
|
112
|
+
correlationId: context?.correlationId || 'no-correlation-id',
|
|
113
|
+
requestId: context?.requestId,
|
|
114
|
+
userId: context?.userId,
|
|
115
|
+
clientIp: context?.clientIp,
|
|
116
|
+
userAgent: context?.userAgent,
|
|
117
|
+
};
|
|
118
|
+
const startTime = Date.now();
|
|
119
|
+
this.logger.log(`[${requestContext.correlationId}] Exchanging authorization code for user info`);
|
|
120
|
+
try {
|
|
121
|
+
const result = await this.retryOperation(async () => {
|
|
122
|
+
const response = await this.axiosInstance.post(this.config.authCallback, {
|
|
123
|
+
code,
|
|
124
|
+
clientId: this.config.clientId,
|
|
125
|
+
}, {
|
|
126
|
+
headers: {
|
|
127
|
+
'Authorization': `Bearer ${this.config.clientSecret}`,
|
|
128
|
+
'X-Correlation-ID': requestContext.correlationId,
|
|
129
|
+
'X-Request-ID': requestContext.requestId || requestContext.correlationId,
|
|
130
|
+
},
|
|
131
|
+
});
|
|
132
|
+
return response.data;
|
|
133
|
+
}, this.config.retries);
|
|
134
|
+
const responseTime = Date.now() - startTime;
|
|
135
|
+
await this.auditService.logCodeExchange(requestContext, true, responseTime);
|
|
136
|
+
this.logger.log(`[${requestContext.correlationId}] Code exchange successful in ${responseTime}ms`);
|
|
137
|
+
return result;
|
|
138
|
+
}
|
|
139
|
+
catch (error) {
|
|
140
|
+
const responseTime = Date.now() - startTime;
|
|
141
|
+
let thrownError;
|
|
142
|
+
if (error instanceof axios_1.AxiosError) {
|
|
143
|
+
const status = error.response?.status;
|
|
144
|
+
if (status === 400) {
|
|
145
|
+
thrownError = new hub_exceptions_1.InvalidAuthCodeException();
|
|
146
|
+
}
|
|
147
|
+
else if (status === 401) {
|
|
148
|
+
thrownError = new hub_exceptions_1.HubAuthenticationException();
|
|
149
|
+
}
|
|
150
|
+
else if (error.code === 'ECONNABORTED') {
|
|
151
|
+
thrownError = new hub_exceptions_1.HubTimeoutException();
|
|
152
|
+
}
|
|
153
|
+
else if (status && status >= 500) {
|
|
154
|
+
thrownError = new hub_exceptions_1.HubServiceUnavailableException();
|
|
155
|
+
}
|
|
156
|
+
else {
|
|
157
|
+
thrownError = new common_1.BadRequestException('Failed to validate authorization code');
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
else {
|
|
161
|
+
this.logger.error(`[${requestContext.correlationId}] Unexpected error during code exchange:`, error);
|
|
162
|
+
thrownError = new common_1.BadGatewayException('Hub service communication error');
|
|
163
|
+
}
|
|
164
|
+
await this.auditService.logCodeExchange(requestContext, false, responseTime, thrownError.message, {
|
|
165
|
+
errorType: error.constructor.name,
|
|
166
|
+
statusCode: error instanceof axios_1.AxiosError ? error.response?.status : undefined
|
|
167
|
+
});
|
|
168
|
+
this.logger.error(`[${requestContext.correlationId}] Code exchange failed in ${responseTime}ms: ${thrownError.message}`);
|
|
169
|
+
throw thrownError;
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
};
|
|
173
|
+
exports.HubService = HubService;
|
|
174
|
+
exports.HubService = HubService = HubService_1 = __decorate([
|
|
175
|
+
(0, common_1.Injectable)(),
|
|
176
|
+
__metadata("design:paramtypes", [config_1.ConfigService,
|
|
177
|
+
hub_audit_service_1.HubAuditService])
|
|
178
|
+
], HubService);
|
|
179
|
+
//# sourceMappingURL=hub.service.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hub.service.js","sourceRoot":"","sources":["../../src/services/hub.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAA4G;AAC5G,iCAAwE;AAExE,2CAA+C;AAE/C,2DAAsD;AACtD,iEAIsC;AAG/B,IAAM,UAAU,kBAAhB,MAAM,UAAU;IAMF;IACA;IANF,MAAM,GAAG,IAAI,eAAM,CAAC,YAAU,CAAC,IAAI,CAAC,CAAC;IAC9C,aAAa,CAAgB;IAC7B,MAAM,CAAY;IAE1B,YACmB,aAA4B,EAC5B,YAA6B;QAD7B,kBAAa,GAAb,aAAa,CAAe;QAC5B,iBAAY,GAAZ,YAAY,CAAiB;IAC7C,CAAC;IAEJ,KAAK,CAAC,YAAY;QAChB,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvC,IAAI,CAAC,qBAAqB,EAAE,CAAC;YAE7B,IAAI,CAAC,aAAa,GAAG,eAAK,CAAC,MAAM,CAAC;gBAChC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,KAAK;gBACrC,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,YAAY,EAAE,gBAAgB;iBAC/B;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAE9B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAC9D,MAAM,IAAI,0CAAyB,CAAC,+BAA+B,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAEO,iBAAiB;QACvB,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAElD,OAAO;YACL,YAAY,EAAE,UAAU,EAAE,YAAY;YACtC,QAAQ,EAAE,UAAU,EAAE,QAAQ;YAC9B,YAAY,EAAE,UAAU,EAAE,YAAY;YACtC,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,CAAC;SACX,CAAC;IACJ,CAAC;IAEO,qBAAqB;QAC3B,MAAM,QAAQ,GAAG,CAAC,cAAc,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAE9D,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,0CAAyB,CAAC,4BAA4B,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACxF,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,0CAAyB,CAAC,iCAAiC,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IAEO,sBAAsB;QAC5B,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CACzC,CAAC,MAAM,EAAE,EAAE;YACT,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YACtD,OAAO,MAAM,CAAC;QAChB,CAAC,EACD,CAAC,KAAK,EAAE,EAAE;YACR,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YACvD,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC,CACF,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAC1C,CAAC,QAAQ,EAAE,EAAE;YACX,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC3D,OAAO,QAAQ,CAAC;QAClB,CAAC,EACD,CAAC,KAAK,EAAE,EAAE;YACR,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,KAAK,CAAC,QAAQ,EAAE,MAAM,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAClF,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC,CACF,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,SAA2B,EAC3B,aAAqB,CAAC,EACtB,QAAgB,IAAI;QAEpB,IAAI,SAAS,GAAsB,SAAS,CAAC;QAE7C,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,UAAU,EAAE,OAAO,EAAE,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,OAAO,MAAM,SAAS,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAK,CAAC;gBAGlB,IAAI,KAAK,YAAY,kBAAU,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,IAAI,GAAG,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,GAAG,GAAG,EAAE,CAAC;oBAC3H,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,OAAO,GAAG,UAAU,EAAE,CAAC;oBACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,OAAO,wBAAwB,KAAK,OAAO,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;oBACxF,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC;gBACrE,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,CAAE;IACnB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAC3B,IAAY,EACZ,OAAwB;QAExB,MAAM,cAAc,GAAmB;YACrC,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,mBAAmB;YAC5D,SAAS,EAAE,OAAO,EAAE,SAAS;YAC7B,MAAM,EAAE,OAAO,EAAE,MAAM;YACvB,QAAQ,EAAE,OAAO,EAAE,QAAQ;YAC3B,SAAS,EAAE,OAAO,EAAE,SAAS;SAC9B,CAAC;QAEF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC,MAAM,CAAC,GAAG,CACb,IAAI,cAAc,CAAC,aAAa,+CAA+C,CAChF,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,EAAE;gBAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAK5C,IAAI,CAAC,MAAM,CAAC,YAAY,EACxB;oBACE,IAAI;oBACJ,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;iBAC/B,EACD;oBACE,OAAO,EAAE;wBACP,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;wBACrD,kBAAkB,EAAE,cAAc,CAAC,aAAa;wBAChD,cAAc,EAAE,cAAc,CAAC,SAAS,IAAI,cAAc,CAAC,aAAa;qBACzE;iBACF,CACF,CAAC;gBAEF,OAAO,QAAQ,CAAC,IAAI,CAAC;YACvB,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAExB,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAE5C,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,CACrC,cAAc,EACd,IAAI,EACJ,YAAY,CACb,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,GAAG,CACb,IAAI,cAAc,CAAC,aAAa,iCAAiC,YAAY,IAAI,CAClF,CAAC;YAEF,OAAO,MAAM,CAAC;QAEhB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAE5C,IAAI,WAAkB,CAAC;YAEvB,IAAI,KAAK,YAAY,kBAAU,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;gBAEtC,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;oBACnB,WAAW,GAAG,IAAI,yCAAwB,EAAE,CAAC;gBAC/C,CAAC;qBAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;oBAC1B,WAAW,GAAG,IAAI,2CAA0B,EAAE,CAAC;gBACjD,CAAC;qBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;oBACzC,WAAW,GAAG,IAAI,oCAAmB,EAAE,CAAC;gBAC1C,CAAC;qBAAM,IAAI,MAAM,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;oBACnC,WAAW,GAAG,IAAI,+CAA8B,EAAE,CAAC;gBACrD,CAAC;qBAAM,CAAC;oBACN,WAAW,GAAG,IAAI,4BAAmB,CAAC,uCAAuC,CAAC,CAAC;gBACjF,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,IAAI,cAAc,CAAC,aAAa,0CAA0C,EAC1E,KAAK,CACN,CAAC;gBACF,WAAW,GAAG,IAAI,4BAAmB,CAAC,iCAAiC,CAAC,CAAC;YAC3E,CAAC;YAED,MAAM,IAAI,CAAC,YAAY,CAAC,eAAe,CACrC,cAAc,EACd,KAAK,EACL,YAAY,EACZ,WAAW,CAAC,OAAO,EACnB;gBACE,SAAS,EAAE,KAAK,CAAC,WAAW,CAAC,IAAI;gBACjC,UAAU,EAAE,KAAK,YAAY,kBAAU,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,SAAS;aAC7E,CACF,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,IAAI,cAAc,CAAC,aAAa,6BAA6B,YAAY,OAAO,WAAW,CAAC,OAAO,EAAE,CACtG,CAAC;YAEF,MAAM,WAAW,CAAC;QACpB,CAAC;IACH,CAAC;CACF,CAAA;AA1NY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;qCAOuB,sBAAa;QACd,mCAAe;GAPrC,UAAU,CA0NtB"}
|
package/dist/services/index.d.ts
CHANGED
package/dist/services/index.js
CHANGED
|
@@ -15,7 +15,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./auth.service"), exports);
|
|
18
|
-
__exportStar(require("./password.service"), exports);
|
|
19
18
|
__exportStar(require("./token.service"), exports);
|
|
20
|
-
__exportStar(require("./
|
|
19
|
+
__exportStar(require("./hub.service"), exports);
|
|
21
20
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,kDAA+B;AAC/B,gDAA6B"}
|
|
@@ -1,29 +1,33 @@
|
|
|
1
1
|
import { JwtService } from '@nestjs/jwt';
|
|
2
|
-
import {
|
|
2
|
+
import { JwtPayloadInterface } from '@loopstack/shared';
|
|
3
|
+
import { ConfigService } from '@nestjs/config';
|
|
3
4
|
export declare class TokenService {
|
|
4
|
-
private
|
|
5
|
+
private readonly configService;
|
|
5
6
|
private jwtService;
|
|
6
|
-
constructor(
|
|
7
|
+
constructor(configService: ConfigService, jwtService: JwtService);
|
|
7
8
|
private getExpiresIn;
|
|
8
9
|
private getRefreshExpiresIn;
|
|
10
|
+
getCookieName(suffix: string): string;
|
|
9
11
|
createAccessTokenCookieOptions(): {
|
|
10
|
-
domain:
|
|
12
|
+
domain: any;
|
|
11
13
|
httpOnly: boolean;
|
|
12
14
|
secure: boolean;
|
|
13
15
|
sameSite: string;
|
|
14
16
|
maxAge: number;
|
|
15
17
|
};
|
|
16
18
|
createRefreshTokenCookieOptions(): {
|
|
17
|
-
domain:
|
|
19
|
+
domain: any;
|
|
18
20
|
httpOnly: boolean;
|
|
19
21
|
secure: boolean;
|
|
20
22
|
sameSite: string;
|
|
21
23
|
maxAge: number;
|
|
22
24
|
};
|
|
23
|
-
|
|
25
|
+
private getRefreshSecret;
|
|
26
|
+
generateTokens(payload: JwtPayloadInterface): Promise<{
|
|
24
27
|
accessToken: string;
|
|
25
28
|
refreshToken: string;
|
|
26
29
|
expiresIn: number;
|
|
27
30
|
}>;
|
|
28
31
|
private getExpiresInSeconds;
|
|
32
|
+
verifyRefreshToken(refreshToken: string): any;
|
|
29
33
|
}
|
|
@@ -8,30 +8,30 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
8
8
|
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
9
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
10
|
};
|
|
11
|
-
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
-
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
-
};
|
|
14
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
12
|
exports.TokenService = void 0;
|
|
16
13
|
const common_1 = require("@nestjs/common");
|
|
17
14
|
const jwt_1 = require("@nestjs/jwt");
|
|
18
|
-
const
|
|
15
|
+
const config_1 = require("@nestjs/config");
|
|
19
16
|
let TokenService = class TokenService {
|
|
20
|
-
|
|
17
|
+
configService;
|
|
21
18
|
jwtService;
|
|
22
|
-
constructor(
|
|
23
|
-
this.
|
|
19
|
+
constructor(configService, jwtService) {
|
|
20
|
+
this.configService = configService;
|
|
24
21
|
this.jwtService = jwtService;
|
|
25
22
|
}
|
|
26
23
|
getExpiresIn() {
|
|
27
|
-
return this.getExpiresInSeconds(this.
|
|
24
|
+
return this.getExpiresInSeconds(this.configService.get('auth.jwt.expiresIn') || '1h');
|
|
28
25
|
}
|
|
29
26
|
getRefreshExpiresIn() {
|
|
30
|
-
return this.getExpiresInSeconds(this.
|
|
27
|
+
return this.getExpiresInSeconds(this.configService.get('auth.jwt.refreshExpiresIn') || '7h');
|
|
28
|
+
}
|
|
29
|
+
getCookieName(suffix) {
|
|
30
|
+
return `${this.configService.get('auth.clientId')}-${suffix}`;
|
|
31
31
|
}
|
|
32
32
|
createAccessTokenCookieOptions() {
|
|
33
33
|
return {
|
|
34
|
-
domain: this.
|
|
34
|
+
domain: this.configService.get('auth.jwt.cookieDomain') ?? undefined,
|
|
35
35
|
httpOnly: true,
|
|
36
36
|
secure: process.env.NODE_ENV === 'production',
|
|
37
37
|
sameSite: 'lax',
|
|
@@ -40,24 +40,22 @@ let TokenService = class TokenService {
|
|
|
40
40
|
}
|
|
41
41
|
createRefreshTokenCookieOptions() {
|
|
42
42
|
return {
|
|
43
|
-
domain: this.
|
|
43
|
+
domain: this.configService.get('auth.jwt.cookieDomain') ?? undefined,
|
|
44
44
|
httpOnly: true,
|
|
45
45
|
secure: process.env.NODE_ENV === 'production',
|
|
46
46
|
sameSite: 'lax',
|
|
47
47
|
maxAge: this.getRefreshExpiresIn() * 1000,
|
|
48
48
|
};
|
|
49
49
|
}
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
roles: user.roles?.map(role => typeof role === 'string' ? role : role.name) || [],
|
|
55
|
-
};
|
|
50
|
+
getRefreshSecret() {
|
|
51
|
+
return this.configService.get('auth.jwt.refreshSecret') ?? this.configService.get('auth.jwt.secret');
|
|
52
|
+
}
|
|
53
|
+
async generateTokens(payload) {
|
|
56
54
|
const [accessToken, refreshToken] = await Promise.all([
|
|
57
55
|
this.jwtService.signAsync(payload),
|
|
58
56
|
this.jwtService.signAsync(payload, {
|
|
59
|
-
secret: this.
|
|
60
|
-
expiresIn: this.
|
|
57
|
+
secret: this.getRefreshSecret(),
|
|
58
|
+
expiresIn: this.getRefreshExpiresIn(),
|
|
61
59
|
}),
|
|
62
60
|
]);
|
|
63
61
|
return {
|
|
@@ -77,11 +75,16 @@ let TokenService = class TokenService {
|
|
|
77
75
|
default: return 3600;
|
|
78
76
|
}
|
|
79
77
|
}
|
|
78
|
+
verifyRefreshToken(refreshToken) {
|
|
79
|
+
return this.jwtService.verify(refreshToken, {
|
|
80
|
+
secret: this.getRefreshSecret(),
|
|
81
|
+
});
|
|
82
|
+
}
|
|
80
83
|
};
|
|
81
84
|
exports.TokenService = TokenService;
|
|
82
85
|
exports.TokenService = TokenService = __decorate([
|
|
83
86
|
(0, common_1.Injectable)(),
|
|
84
|
-
|
|
85
|
-
|
|
87
|
+
__metadata("design:paramtypes", [config_1.ConfigService,
|
|
88
|
+
jwt_1.JwtService])
|
|
86
89
|
], TokenService);
|
|
87
90
|
//# sourceMappingURL=token.service.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token.service.js","sourceRoot":"","sources":["../../src/services/token.service.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"token.service.js","sourceRoot":"","sources":["../../src/services/token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA4C;AAC5C,qCAAyC;AAEzC,2CAA+C;AAGxC,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEJ;IACT;IAFV,YACmB,aAA4B,EACrC,UAAsB;QADb,kBAAa,GAAb,aAAa,CAAe;QACrC,eAAU,GAAV,UAAU,CAAY;IAC7B,CAAC;IAEI,YAAY;QAClB,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,IAAI,CAAC,CAAC;IACxF,CAAC;IAEO,mBAAmB;QACzB,OAAO,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,2BAA2B,CAAC,IAAI,IAAI,CAAC,CAAC;IAC/F,CAAC;IAED,aAAa,CAAC,MAAc;QAC1B,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,MAAM,EAAE,CAAC;IAChE,CAAC;IAED,8BAA8B;QAC5B,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,SAAS;YACpE,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,IAAI,CAAC,YAAY,EAAE,GAAG,IAAI;SACnC,CAAA;IACH,CAAC;IAED,+BAA+B;QAC7B,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,SAAS;YACpE,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;YAC7C,QAAQ,EAAE,KAAK;YACf,MAAM,EAAE,IAAI,CAAC,mBAAmB,EAAE,GAAG,IAAI;SAC1C,CAAA;IACH,CAAC;IAEO,gBAAgB;QACtB,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,wBAAwB,CAAC,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAS,iBAAiB,CAAC,CAAC;IACvH,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAA4B;QAC/C,MAAM,CAAC,WAAW,EAAE,YAAY,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACpD,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC;YAClC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,EAAE;gBACjC,MAAM,EAAE,IAAI,CAAC,gBAAgB,EAAE;gBAC/B,SAAS,EAAE,IAAI,CAAC,mBAAmB,EAAE;aACtC,CAAC;SACH,CAAC,CAAC;QAEH,OAAO;YACL,WAAW;YACX,YAAY;YACZ,SAAS,EAAE,IAAI,CAAC,YAAY,EAAE;SAC/B,CAAC;IACJ,CAAC;IAEO,mBAAmB,CAAC,SAAiB;QAC3C,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,QAAQ,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAE/C,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,IAAI,CAAC;YAC9B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,KAAK,CAAC;YAC/B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,GAAG,EAAE,CAAC;YAC5B,KAAK,GAAG,CAAC,CAAC,OAAO,KAAK,CAAC;YACvB,OAAO,CAAC,CAAC,OAAO,IAAI,CAAC;QACvB,CAAC;IACH,CAAC;IAED,kBAAkB,CAAC,YAAoB;QACrC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,EAAE;YAC1C,MAAM,EAAE,IAAI,CAAC,gBAAgB,EAAE;SAChC,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AA5EY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,mBAAU,GAAE;qCAGuB,sBAAa;QACzB,gBAAU;GAHrB,YAAY,CA4ExB"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import { Strategy } from 'passport-custom';
|
|
2
|
+
import { HubService } from '../services';
|
|
3
|
+
import { Request } from 'express';
|
|
4
|
+
import { UserRepository } from '../repositories';
|
|
5
|
+
import { ConfigService } from '@nestjs/config';
|
|
6
|
+
declare const HubStrategy_base: new () => Strategy & {
|
|
7
|
+
validate(...args: any[]): unknown;
|
|
8
|
+
};
|
|
9
|
+
export declare class HubStrategy extends HubStrategy_base {
|
|
10
|
+
private readonly configService;
|
|
11
|
+
private readonly hubService;
|
|
12
|
+
private readonly userRepository;
|
|
13
|
+
private readonly logger;
|
|
14
|
+
constructor(configService: ConfigService, hubService: HubService, userRepository: UserRepository);
|
|
15
|
+
validate(req: Request): Promise<any>;
|
|
16
|
+
}
|
|
17
|
+
export {};
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
var HubStrategy_1;
|
|
12
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
13
|
+
exports.HubStrategy = void 0;
|
|
14
|
+
const common_1 = require("@nestjs/common");
|
|
15
|
+
const passport_1 = require("@nestjs/passport");
|
|
16
|
+
const passport_custom_1 = require("passport-custom");
|
|
17
|
+
const services_1 = require("../services");
|
|
18
|
+
const repositories_1 = require("../repositories");
|
|
19
|
+
const config_1 = require("@nestjs/config");
|
|
20
|
+
let HubStrategy = HubStrategy_1 = class HubStrategy extends (0, passport_1.PassportStrategy)(passport_custom_1.Strategy, 'hub') {
|
|
21
|
+
configService;
|
|
22
|
+
hubService;
|
|
23
|
+
userRepository;
|
|
24
|
+
logger = new common_1.Logger(HubStrategy_1.name);
|
|
25
|
+
constructor(configService, hubService, userRepository) {
|
|
26
|
+
super();
|
|
27
|
+
this.configService = configService;
|
|
28
|
+
this.hubService = hubService;
|
|
29
|
+
this.userRepository = userRepository;
|
|
30
|
+
}
|
|
31
|
+
async validate(req) {
|
|
32
|
+
try {
|
|
33
|
+
const { code, grantType } = req.body;
|
|
34
|
+
this.logger.log('Validating SSO token exchange request');
|
|
35
|
+
if (!code || grantType !== 'authorization_code') {
|
|
36
|
+
throw new common_1.UnauthorizedException('Invalid grant type or missing code');
|
|
37
|
+
}
|
|
38
|
+
const validateCodeResponse = await this.hubService.exchangeCodeForUserInfo(code);
|
|
39
|
+
if (!validateCodeResponse.data?.id) {
|
|
40
|
+
throw new common_1.UnauthorizedException('Code exchange failed');
|
|
41
|
+
}
|
|
42
|
+
const existingUser = await this.userRepository.findById(validateCodeResponse.data?.id);
|
|
43
|
+
if (existingUser) {
|
|
44
|
+
return existingUser;
|
|
45
|
+
}
|
|
46
|
+
const user = await this.userRepository.create({
|
|
47
|
+
id: validateCodeResponse.data?.id,
|
|
48
|
+
isActive: true,
|
|
49
|
+
roles: [],
|
|
50
|
+
});
|
|
51
|
+
this.logger.log(`SSO validation successful for user ${user.id}`);
|
|
52
|
+
return user;
|
|
53
|
+
}
|
|
54
|
+
catch (error) {
|
|
55
|
+
this.logger.error('SSO validation failed:', error);
|
|
56
|
+
throw new common_1.UnauthorizedException('SSO authentication failed');
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
};
|
|
60
|
+
exports.HubStrategy = HubStrategy;
|
|
61
|
+
exports.HubStrategy = HubStrategy = HubStrategy_1 = __decorate([
|
|
62
|
+
(0, common_1.Injectable)(),
|
|
63
|
+
__metadata("design:paramtypes", [config_1.ConfigService,
|
|
64
|
+
services_1.HubService,
|
|
65
|
+
repositories_1.UserRepository])
|
|
66
|
+
], HubStrategy);
|
|
67
|
+
//# sourceMappingURL=hub.strategy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"hub.strategy.js","sourceRoot":"","sources":["../../src/strategies/hub.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAAA,2CAA2E;AAC3E,+CAAoD;AACpD,qDAA2C;AAC3C,0CAAyC;AAEzC,kDAAiD;AACjD,2CAA+C;AAGxC,IAAM,WAAW,mBAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,0BAAQ,EAAE,KAAK,CAAC;IAI7C;IACA;IACA;IALF,MAAM,GAAG,IAAI,eAAM,CAAC,aAAW,CAAC,IAAI,CAAC,CAAC;IAEvD,YACmB,aAA4B,EAC5B,UAAsB,EACtB,cAA8B;QAE/C,KAAK,EAAE,CAAC;QAJS,kBAAa,GAAb,aAAa,CAAe;QAC5B,eAAU,GAAV,UAAU,CAAY;QACtB,mBAAc,GAAd,cAAc,CAAgB;IAGjD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,GAAY;QACzB,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC;YAErC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;YAEzD,IAAI,CAAC,IAAI,IAAI,SAAS,KAAK,oBAAoB,EAAE,CAAC;gBAChD,MAAM,IAAI,8BAAqB,CAAC,oCAAoC,CAAC,CAAC;YACxE,CAAC;YAED,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAC;YACjF,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC;gBACnC,MAAM,IAAI,8BAAqB,CAAC,sBAAsB,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,oBAAoB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACvF,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,YAAY,CAAC;YACtB,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC;gBAC5C,EAAE,EAAE,oBAAoB,CAAC,IAAI,EAAE,EAAE;gBACjC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,EAAE;aACV,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,sCAAsC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAEjE,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACnD,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;CACF,CAAA;AA7CY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;qCAKuB,sBAAa;QAChB,qBAAU;QACN,6BAAc;GANtC,WAAW,CA6CvB"}
|
package/dist/strategies/index.js
CHANGED
|
@@ -15,7 +15,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./jwt.strategy"), exports);
|
|
18
|
-
__exportStar(require("./
|
|
19
|
-
__exportStar(require("./google.strategy"), exports);
|
|
20
|
-
__exportStar(require("./dev.strategy"), exports);
|
|
18
|
+
__exportStar(require("./hub.strategy"), exports);
|
|
21
19
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/strategies/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/strategies/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,iDAA8B;AAC9B,iDAA8B"}
|
|
@@ -20,25 +20,28 @@ const common_1 = require("@nestjs/common");
|
|
|
20
20
|
const constants_1 = require("../constants");
|
|
21
21
|
let JwtStrategy = JwtStrategy_1 = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_jwt_1.Strategy) {
|
|
22
22
|
constructor(config) {
|
|
23
|
+
const cookieName = `${config.clientId}-access`;
|
|
23
24
|
super({
|
|
24
25
|
jwtFromRequest: passport_jwt_1.ExtractJwt.fromExtractors([
|
|
25
|
-
JwtStrategy_1.extractJWTFromCookie,
|
|
26
|
+
JwtStrategy_1.extractJWTFromCookie(cookieName),
|
|
26
27
|
passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
27
28
|
]),
|
|
28
29
|
ignoreExpiration: false,
|
|
29
30
|
secretOrKey: config.jwt?.secret,
|
|
30
31
|
});
|
|
31
32
|
}
|
|
32
|
-
static extractJWTFromCookie(
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
33
|
+
static extractJWTFromCookie(cookieName) {
|
|
34
|
+
return (req) => {
|
|
35
|
+
if (req.cookies && req.cookies[cookieName]) {
|
|
36
|
+
return req.cookies[cookieName];
|
|
37
|
+
}
|
|
38
|
+
return null;
|
|
39
|
+
};
|
|
37
40
|
}
|
|
38
41
|
async validate(payload) {
|
|
39
42
|
return {
|
|
40
43
|
userId: payload.sub,
|
|
41
|
-
|
|
44
|
+
workerId: payload.workerId,
|
|
42
45
|
roles: payload.roles,
|
|
43
46
|
};
|
|
44
47
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../src/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAAoD;AACpD,+CAAoD;AACpD,2CAAoD;AAGpD,4CAA2C;AAIpC,IAAM,WAAW,mBAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IACzD,
|
|
1
|
+
{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../src/strategies/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,+CAAoD;AACpD,+CAAoD;AACpD,2CAAoD;AAGpD,4CAA2C;AAIpC,IAAM,WAAW,mBAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IACzD,YACuB,MAAkB;QAEvC,MAAM,UAAU,GAAG,GAAG,MAAM,CAAC,QAAQ,SAAS,CAAC;QAC/C,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,cAAc,CAAC;gBACxC,aAAW,CAAC,oBAAoB,CAAC,UAAU,CAAC;gBAC5C,yBAAU,CAAC,2BAA2B,EAAE;aACzC,CAAC;YACF,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,MAAM,CAAC,GAAG,EAAE,MAAM;SAChC,CAAC,CAAC;IACL,CAAC;IAEO,MAAM,CAAC,oBAAoB,CAAC,UAAkB;QACpD,OAAO,CAAC,GAAY,EAAiB,EAAE;YACrC,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAA;IACH,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAA4B;QACzC,OAAO;YACL,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;IACJ,CAAC;CACF,CAAA;AA/BY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAGR,WAAA,IAAA,eAAM,EAAC,uBAAW,CAAC,CAAA;;GAFX,WAAW,CA+BvB"}
|