@lucaapp/service-utils 1.41.0 → 1.42.0

package/dist/lib/api/response.d.ts

@@ -1,66 +1,5 @@
 import { z } from 'zod';
-import { HTTPStatus } from './types/http';
 declare const noContentSchema: z.ZodVoid;
-declare const badRequestErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.BAD_REQUEST>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.BAD_REQUEST;
-}, {
-    message: string;
-    error: HTTPStatus.BAD_REQUEST;
-}>;
-declare const unauthorizedErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.UNAUTHORIZED>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.UNAUTHORIZED;
-}, {
-    message: string;
-    error: HTTPStatus.UNAUTHORIZED;
-}>;
-declare const forbiddenErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.FORBIDDEN>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.FORBIDDEN;
-}, {
-    message: string;
-    error: HTTPStatus.FORBIDDEN;
-}>;
-declare const notFoundErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.NOT_FOUND>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.NOT_FOUND;
-}, {
-    message: string;
-    error: HTTPStatus.NOT_FOUND;
-}>;
-declare const conflictErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.CONFLICT>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.CONFLICT;
-}, {
-    message: string;
-    error: HTTPStatus.CONFLICT;
-}>;
-declare const tooManyRequestsErrorSchema: z.ZodObject<{
-    error: z.ZodLiteral<HTTPStatus.TOO_MANY_REQUESTS>;
-    message: z.ZodString;
-}, "strip", z.ZodTypeAny, {
-    message: string;
-    error: HTTPStatus.TOO_MANY_REQUESTS;
-}, {
-    message: string;
-    error: HTTPStatus.TOO_MANY_REQUESTS;
-}>;
 export declare const okResponse: <T>(schema: z.ZodType<T, z.ZodTypeDef, T>) => {
     status: 200;
     description: string;
@@ -76,34 +15,4 @@ export declare const noContentResponse: () => {
     description: string;
     schema: typeof noContentSchema;
 };
-export declare const badRequestResponse: () => {
-    status: 400;
-    description: string;
-    schema: typeof badRequestErrorSchema;
-};
-export declare const unauthorizedResponse: () => {
-    status: 401;
-    description: string;
-    schema: typeof unauthorizedErrorSchema;
-};
-export declare const forbiddenResponse: () => {
-    status: 403;
-    description: string;
-    schema: typeof forbiddenErrorSchema;
-};
-export declare const notFoundResponse: () => {
-    status: 404;
-    description: string;
-    schema: typeof notFoundErrorSchema;
-};
-export declare const conflictResponse: () => {
-    status: 409;
-    description: string;
-    schema: typeof conflictErrorSchema;
-};
-export declare const tooManyRequestsResponse: () => {
-    status: 429;
-    description: string;
-    schema: typeof tooManyRequestsErrorSchema;
-};
 export {};

package/dist/lib/api/response.js

@@ -1,36 +1,11 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.tooManyRequestsResponse = exports.conflictResponse = exports.notFoundResponse = exports.forbiddenResponse = exports.unauthorizedResponse = exports.badRequestResponse = exports.noContentResponse = exports.createdResponse = exports.okResponse = void 0;
+exports.noContentResponse = exports.createdResponse = exports.okResponse = void 0;
 const zod_to_openapi_1 = require("@asteasolutions/zod-to-openapi");
 const zod_1 = require("zod");
-const http_1 = require("./types/http");
 (0, zod_to_openapi_1.extendZodWithOpenApi)(zod_1.z);
 // response schemas
 const noContentSchema = zod_1.z.void();
-const badRequestErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.BAD_REQUEST),
-    message: zod_1.z.string(),
-});
-const unauthorizedErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.UNAUTHORIZED),
-    message: zod_1.z.string(),
-});
-const forbiddenErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.FORBIDDEN),
-    message: zod_1.z.string(),
-});
-const notFoundErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.NOT_FOUND),
-    message: zod_1.z.string(),
-});
-const conflictErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.CONFLICT),
-    message: zod_1.z.string(),
-});
-const tooManyRequestsErrorSchema = zod_1.z.object({
-    error: zod_1.z.literal(http_1.HTTPStatus.TOO_MANY_REQUESTS),
-    message: zod_1.z.string(),
-});
 // response functions
 const okResponse = (schema) => ({
     status: 200,
@@ -46,43 +21,7 @@ const createdResponse = (schema) => ({
 exports.createdResponse = createdResponse;
 const noContentResponse = () => ({
     status: 204,
-    description: 'No Content',
+    description: 'NO_CONTENT',
     schema: noContentSchema,
 });
 exports.noContentResponse = noContentResponse;
-const badRequestResponse = () => ({
-    status: 400,
-    description: 'Bad Request',
-    schema: badRequestErrorSchema,
-});
-exports.badRequestResponse = badRequestResponse;
-const unauthorizedResponse = () => ({
-    status: 401,
-    description: 'Unauthorized',
-    schema: unauthorizedErrorSchema,
-});
-exports.unauthorizedResponse = unauthorizedResponse;
-const forbiddenResponse = () => ({
-    status: 403,
-    description: 'Forbidden',
-    schema: forbiddenErrorSchema,
-});
-exports.forbiddenResponse = forbiddenResponse;
-const notFoundResponse = () => ({
-    status: 404,
-    description: 'Not Found',
-    schema: notFoundErrorSchema,
-});
-exports.notFoundResponse = notFoundResponse;
-const conflictResponse = () => ({
-    status: 409,
-    description: 'Conflict',
-    schema: conflictErrorSchema,
-});
-exports.conflictResponse = conflictResponse;
-const tooManyRequestsResponse = () => ({
-    status: 429,
-    description: 'Too Many Requests',
-    schema: tooManyRequestsErrorSchema,
-});
-exports.tooManyRequestsResponse = tooManyRequestsResponse;

package/dist/lib/api/send.d.ts

@@ -1,4 +1,3 @@
-import { HTTPStatus } from './types/http';
 export declare const ok: <T>(body: T) => {
     status: 200;
     body: T;
@@ -11,45 +10,3 @@ export declare const noContent: () => {
     status: 204;
     body: void;
 };
-export declare const badRequest: (message?: string) => {
-    status: 400;
-    body: {
-        error: HTTPStatus.BAD_REQUEST;
-        message: string;
-    };
-};
-export declare const unauthorized: (message?: string) => {
-    status: 401;
-    body: {
-        error: HTTPStatus.UNAUTHORIZED;
-        message: string;
-    };
-};
-export declare const forbidden: (message?: string) => {
-    status: 403;
-    body: {
-        error: HTTPStatus.FORBIDDEN;
-        message: string;
-    };
-};
-export declare const notFound: (message?: string) => {
-    status: 404;
-    body: {
-        error: HTTPStatus.NOT_FOUND;
-        message: string;
-    };
-};
-export declare const conflict: (message?: string) => {
-    status: 409;
-    body: {
-        error: HTTPStatus.CONFLICT;
-        message: string;
-    };
-};
-export declare const tooManyRequests: (message?: string) => {
-    status: 429;
-    body: {
-        error: HTTPStatus.TOO_MANY_REQUESTS;
-        message: string;
-    };
-};

package/dist/lib/api/send.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.tooManyRequests = exports.conflict = exports.notFound = exports.forbidden = exports.unauthorized = exports.badRequest = exports.noContent = exports.created = exports.ok = void 0;
-const http_1 = require("./types/http");
+exports.noContent = exports.created = exports.ok = void 0;
 const ok = (body) => ({
     status: 200,
     body,
@@ -17,51 +16,3 @@ const noContent = () => ({
     body: undefined,
 });
 exports.noContent = noContent;
-const badRequest = (message) => ({
-    status: 400,
-    body: {
-        error: http_1.HTTPStatus.BAD_REQUEST,
-        message: message || 'Bad request',
-    },
-});
-exports.badRequest = badRequest;
-const unauthorized = (message) => ({
-    status: 401,
-    body: {
-        error: http_1.HTTPStatus.UNAUTHORIZED,
-        message: message || 'Unauthorized',
-    },
-});
-exports.unauthorized = unauthorized;
-const forbidden = (message) => ({
-    status: 403,
-    body: {
-        error: http_1.HTTPStatus.FORBIDDEN,
-        message: message || 'Forbidden',
-    },
-});
-exports.forbidden = forbidden;
-const notFound = (message) => ({
-    status: 404,
-    body: {
-        error: http_1.HTTPStatus.NOT_FOUND,
-        message: message || 'Not found',
-    },
-});
-exports.notFound = notFound;
-const conflict = (message) => ({
-    status: 409,
-    body: {
-        error: http_1.HTTPStatus.CONFLICT,
-        message: message || 'Conflict',
-    },
-});
-exports.conflict = conflict;
-const tooManyRequests = (message) => ({
-    status: 429,
-    body: {
-        error: http_1.HTTPStatus.TOO_MANY_REQUESTS,
-        message: message || 'Too many requests',
-    },
-});
-exports.tooManyRequests = tooManyRequests;

package/dist/lib/serviceIdentity/serviceIdentity.d.ts

@@ -26,33 +26,7 @@ declare class ServiceIdentity {
     }>;
     getIdentityJWKS: () => Promise<JWKS>;
     requireServiceIdentity: (service: string) => RequestHandler;
-    requireServiceIdentityV3: (service: string) => import("../api/types/middleware").Middleware<({
-        status: 401;
-        description: string;
-        schema: z.ZodObject<{
-            error: z.ZodLiteral<import("../api/types/http").HTTPStatus.UNAUTHORIZED>;
-            message: z.ZodString;
-        }, "strip", z.ZodTypeAny, {
-            message: string;
-            error: import("../api/types/http").HTTPStatus.UNAUTHORIZED;
-        }, {
-            message: string;
-            error: import("../api/types/http").HTTPStatus.UNAUTHORIZED;
-        }>;
-    } | {
-        status: 403;
-        description: string;
-        schema: z.ZodObject<{
-            error: z.ZodLiteral<import("../api/types/http").HTTPStatus.FORBIDDEN>;
-            message: z.ZodString;
-        }, "strip", z.ZodTypeAny, {
-            message: string;
-            error: import("../api/types/http").HTTPStatus.FORBIDDEN;
-        }, {
-            message: string;
-            error: import("../api/types/http").HTTPStatus.FORBIDDEN;
-        }>;
-    })[], undefined, undefined, undefined, z.ZodObject<{
+    requireServiceIdentityV3: (service: string) => import("../api/types/middleware").Middleware<never[], undefined, undefined, undefined, z.ZodObject<{
         'x-identity': z.ZodEffects<z.ZodString, string, string>;
     }, "strip", z.ZodTypeAny, {
         "x-identity": string;

package/dist/lib/serviceIdentity/serviceIdentity.js

@@ -42,6 +42,19 @@ const JWT_ALLOWED_ALGORITHMS = [JWT_ALGORITHM];
 const JWT_NBF = '0s';
 const JWT_EXP = '1m';
 const JWT_CLOCK_TOLERANCE = moment_1.default.duration(1, 'minute').asSeconds();
+var ServiceIdentityErrorType;
+(function (ServiceIdentityErrorType) {
+    ServiceIdentityErrorType["NO_JWT_PROVIDED"] = "SERVICE_IDENTITY_NO_JWT_PROVIDED";
+    ServiceIdentityErrorType["URL_MISMATCH"] = "SERVICE_IDENTITY_URL_MISMATCH";
+    ServiceIdentityErrorType["METHOD_MISMATCH"] = "SERVICE_IDENTITY_METHOD_MISMATCH";
+})(ServiceIdentityErrorType || (ServiceIdentityErrorType = {}));
+class ServiceIdentityError extends Error {
+    constructor(type, message, meta) {
+        super(message);
+        this.type = type;
+        this.meta = meta;
+    }
+}
 class ServiceIdentity {
     constructor(identityName, identityKid, identityPrivateKey, identityPublicKey, debug = false) {
         this.jwksCache = {};
@@ -133,19 +146,24 @@ class ServiceIdentity {
                 }),
                 context: zod_1.z.object({ payload: zod_1.z.any() }),
             },
-            responses: [(0, api_1.unauthorizedResponse)(), (0, api_1.forbiddenResponse)()],
+            responses: [],
+            errors: {
+                [ServiceIdentityErrorType.NO_JWT_PROVIDED]: 401,
+                [ServiceIdentityErrorType.METHOD_MISMATCH]: 403,
+                [ServiceIdentityErrorType.URL_MISMATCH]: 403,
+            },
         }, async (request, respond, next) => {
             const { headers, originalUrl, method } = request;
             const jwt = headers[JWT_HEADER_NAME];
             if (typeof jwt !== 'string') {
-                return respond((0, api_1.unauthorized)());
+                throw new ServiceIdentityError(ServiceIdentityErrorType.NO_JWT_PROVIDED);
             }
             const { payload } = await jose.jwtVerify(jwt, this.getRemoteJWKS(service), this.getJwtVerifyOptions(service));
             if (request.originalUrl !== payload.url) {
-                return respond((0, api_1.forbidden)(`${originalUrl} !== ${payload.url}`));
+                throw new ServiceIdentityError(ServiceIdentityErrorType.URL_MISMATCH, `${originalUrl} !== ${payload.url}`);
             }
             if (method !== payload.method) {
-                return respond((0, api_1.forbidden)(`${method} !== ${payload.method}`));
+                throw new ServiceIdentityError(ServiceIdentityErrorType.METHOD_MISMATCH, `${method} !== ${payload.method}`);
             }
             return next({ payload: payload.data });
         });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lucaapp/service-utils",
-  "version": "1.41.0",
+  "version": "1.42.0",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [