@masterteam/gateway-auth 0.0.12 → 0.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@masterteam/gateway-auth",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.13",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"directory": "../../../dist/masterteam/gateway-auth",
|
|
6
6
|
"linkDirectory": true,
|
|
@@ -14,9 +14,9 @@
|
|
|
14
14
|
"@jsverse/transloco": "^8.3.0",
|
|
15
15
|
"@ngxs/store": "^20.1.0",
|
|
16
16
|
"rxjs": "^7.8.2",
|
|
17
|
-
"@masterteam/brand-display": "^0.0.
|
|
18
|
-
"@masterteam/
|
|
19
|
-
"@masterteam/
|
|
17
|
+
"@masterteam/brand-display": "^0.0.11",
|
|
18
|
+
"@masterteam/icons": "^0.0.15",
|
|
19
|
+
"@masterteam/components": "^0.0.167"
|
|
20
20
|
},
|
|
21
21
|
"repository": {
|
|
22
22
|
"type": "git",
|
|
@@ -211,6 +211,13 @@ declare function withGatewayAuthNgswBypass(url: string): string;
|
|
|
211
211
|
declare function readPersistedGatewayAuthTokens(): GatewayAuthTokens | null;
|
|
212
212
|
declare function mapGatewayUser(user: GatewayUserDetails, tokenData: GatewayMappedTokens, delegations?: unknown[]): GatewayMappedUser;
|
|
213
213
|
declare function hasGatewayTokens(tokens?: Partial<GatewayAuthTokens | GatewayRefreshData> | null): boolean;
|
|
214
|
+
declare const GATEWAY_RATE_LIMIT_STATUS = 429;
|
|
215
|
+
declare const GATEWAY_RATE_LIMIT_ERROR_CODE = "RATE_001";
|
|
216
|
+
interface GatewayRateLimitInfo {
|
|
217
|
+
retryAfterSeconds: number | null;
|
|
218
|
+
message: string;
|
|
219
|
+
}
|
|
220
|
+
declare function extractGatewayRateLimitInfo(error: unknown): GatewayRateLimitInfo | null;
|
|
214
221
|
declare function getGatewayErrorMessage(error: unknown, fallback: string): string;
|
|
215
222
|
declare function normalizeGatewayBase(baseUrl?: string | null): string;
|
|
216
223
|
declare function buildGatewayUrl(gatewayApiBaseUrl: string | undefined | null, path: string): string;
|
|
@@ -249,6 +256,13 @@ type AuthRefreshData = GatewayRefreshData;
|
|
|
249
256
|
type TwoFactorChallenge = GatewayTwoFactorChallenge;
|
|
250
257
|
type SsoProvider = GatewaySsoProvider;
|
|
251
258
|
type Response<T> = GatewayResponse<T>;
|
|
259
|
+
type AuthRateLimitScope = 'login' | 'verifyMfa' | 'resendMfa' | 'ssoExchange';
|
|
260
|
+
interface AuthRateLimit {
|
|
261
|
+
retryUntilMs: number | null;
|
|
262
|
+
totalSeconds: number | null;
|
|
263
|
+
message: string;
|
|
264
|
+
scope: AuthRateLimitScope;
|
|
265
|
+
}
|
|
252
266
|
interface AuthStateModel {
|
|
253
267
|
user: User | null;
|
|
254
268
|
token: string | null;
|
|
@@ -263,6 +277,7 @@ interface AuthStateModel {
|
|
|
263
277
|
twoFactorRequired: boolean;
|
|
264
278
|
pendingMfa: TwoFactorChallenge | null;
|
|
265
279
|
ssoProviders: SsoProvider[];
|
|
280
|
+
rateLimit: AuthRateLimit | null;
|
|
266
281
|
}
|
|
267
282
|
declare const AUTH_STATE_DEFAULTS: AuthStateModel;
|
|
268
283
|
declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null): {
|
|
@@ -274,6 +289,7 @@ declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null)
|
|
|
274
289
|
twoFactorRequired: boolean;
|
|
275
290
|
pendingMfa: null;
|
|
276
291
|
ssoProviders: never[];
|
|
292
|
+
rateLimit: AuthRateLimit | null;
|
|
277
293
|
user: User | null;
|
|
278
294
|
token: string | null;
|
|
279
295
|
refreshToken: string | null;
|
|
@@ -374,11 +390,20 @@ declare class ClearError {
|
|
|
374
390
|
declare class ClearPendingMfa {
|
|
375
391
|
static readonly type = "[Auth] Clear Pending MFA";
|
|
376
392
|
}
|
|
393
|
+
declare class SetRateLimit {
|
|
394
|
+
lock: AuthRateLimit;
|
|
395
|
+
static readonly type = "[Auth] Set Rate Limit";
|
|
396
|
+
constructor(lock: AuthRateLimit);
|
|
397
|
+
}
|
|
398
|
+
declare class ClearRateLimit {
|
|
399
|
+
static readonly type = "[Auth] Clear Rate Limit";
|
|
400
|
+
}
|
|
377
401
|
|
|
378
402
|
declare class GatewayAuthState {
|
|
379
403
|
private readonly http;
|
|
380
404
|
private readonly options;
|
|
381
405
|
private readonly router;
|
|
406
|
+
private readonly modalService;
|
|
382
407
|
private readonly ssoSession;
|
|
383
408
|
static user(state: AuthStateModel): User | null;
|
|
384
409
|
static loading(state: AuthStateModel): boolean;
|
|
@@ -393,6 +418,7 @@ declare class GatewayAuthState {
|
|
|
393
418
|
static twoFactorRequired(state: AuthStateModel): boolean;
|
|
394
419
|
static pendingMfa(state: AuthStateModel): GatewayTwoFactorChallenge | null;
|
|
395
420
|
static ssoProviders(state: AuthStateModel): SsoProvider[];
|
|
421
|
+
static rateLimit(state: AuthStateModel): AuthRateLimit | null;
|
|
396
422
|
static isAdmin(state: AuthStateModel): boolean;
|
|
397
423
|
static userDetails(state: AuthStateModel): _masterteam_gateway_auth.GatewayUserDetails | null;
|
|
398
424
|
login(ctx: StateContext<AuthStateModel>, action: Login): Observable<unknown>;
|
|
@@ -408,6 +434,10 @@ declare class GatewayAuthState {
|
|
|
408
434
|
updateTokens(ctx: StateContext<AuthStateModel>, action: UpdateTokens): void;
|
|
409
435
|
clearError(ctx: StateContext<AuthStateModel>): void;
|
|
410
436
|
clearPendingMfa(ctx: StateContext<AuthStateModel>): void;
|
|
437
|
+
setRateLimit(ctx: StateContext<AuthStateModel>, action: SetRateLimit): void;
|
|
438
|
+
clearRateLimit(ctx: StateContext<AuthStateModel>): void;
|
|
439
|
+
private isRateLimitActive;
|
|
440
|
+
private handleRateLimit;
|
|
411
441
|
private handleLoginResponse;
|
|
412
442
|
private get deviceToken();
|
|
413
443
|
private gatewayUrl;
|
|
@@ -435,6 +465,7 @@ declare class GatewayAuthFacade {
|
|
|
435
465
|
readonly twoFactorRequired: _angular_core.Signal<boolean>;
|
|
436
466
|
readonly pendingMfa: _angular_core.Signal<_masterteam_gateway_auth.GatewayTwoFactorChallenge | null>;
|
|
437
467
|
readonly ssoProviders: _angular_core.Signal<_masterteam_gateway_auth.GatewaySsoProvider[]>;
|
|
468
|
+
readonly rateLimit: _angular_core.Signal<_masterteam_gateway_auth.AuthRateLimit | null>;
|
|
438
469
|
readonly isAdmin: _angular_core.Signal<boolean>;
|
|
439
470
|
readonly userDetails: _angular_core.Signal<_masterteam_gateway_auth.GatewayUserDetails | null>;
|
|
440
471
|
readonly hasError: _angular_core.Signal<boolean>;
|
|
@@ -455,6 +486,7 @@ declare class GatewayAuthFacade {
|
|
|
455
486
|
updateTokens(tokens: AuthTokens): void;
|
|
456
487
|
clearError(): void;
|
|
457
488
|
clearPendingMfa(): void;
|
|
489
|
+
clearRateLimit(): void;
|
|
458
490
|
hasRole(role: string): boolean;
|
|
459
491
|
hasGroup(group: string): boolean;
|
|
460
492
|
isTokenExpired(): boolean;
|
|
@@ -480,6 +512,13 @@ declare class GatewayLoginPage implements OnInit {
|
|
|
480
512
|
readonly error: _angular_core.Signal<string | null>;
|
|
481
513
|
readonly passwordVisible: _angular_core.WritableSignal<boolean>;
|
|
482
514
|
readonly selectedLanguage: _angular_core.WritableSignal<string>;
|
|
515
|
+
private readonly nowMs;
|
|
516
|
+
readonly rateLimit: _angular_core.Signal<_masterteam_gateway_auth.AuthRateLimit | null>;
|
|
517
|
+
readonly rateLimitSecondsLeft: _angular_core.Signal<number | null>;
|
|
518
|
+
readonly rateLimitProgress: _angular_core.Signal<number>;
|
|
519
|
+
readonly rateLimitCountdownLabel: _angular_core.Signal<string>;
|
|
520
|
+
readonly isRateLimited: _angular_core.Signal<boolean>;
|
|
521
|
+
readonly submitDisabled: _angular_core.Signal<boolean>;
|
|
483
522
|
private readonly loginOptions;
|
|
484
523
|
private readonly defaultDisplayData;
|
|
485
524
|
private readonly loginData;
|
|
@@ -567,5 +606,5 @@ declare class GatewaySsoButtons implements OnInit {
|
|
|
567
606
|
static ɵcmp: _angular_core.ɵɵComponentDeclaration<GatewaySsoButtons, "mt-gateway-sso-buttons", never, { "dividerLabel": { "alias": "dividerLabel"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
|
|
568
607
|
}
|
|
569
608
|
|
|
570
|
-
export { AUTH_STATE_DEFAULTS, ClearError, ClearPendingMfa, ExchangeSsoCode, GATEWAY_AUTH_ACCESS_TOKEN_REFRESH_SKEW_MS, GATEWAY_AUTH_DEVICE_TOKEN, GATEWAY_AUTH_DEVICE_TOKEN_STORAGE_KEY, GATEWAY_AUTH_ENDPOINTS, GATEWAY_AUTH_NGSW_BYPASS_PARAM, GATEWAY_AUTH_OPTIONS, GATEWAY_AUTH_RETRY_CONTEXT, GatewayAuthFacade, GatewayAuthState, GatewayLoginPage, GatewayMfa, GatewaySsoButtons, GatewaySsoCallback, GatewaySsoSession, LoadSsoProviders, Login, LoginFailure, LoginSuccess, Logout, ResendMfa, StartSso, UpdateTokens, UpdateUserData, VerifyMfa, buildGatewayUrl, buildSsoStartUrl, createSecureClientState, gatewayAuthInterceptor, getGatewayErrorMessage, hasGatewayTokens, isExpired, isGatewayAuthRequestUrl, mapGatewayTokens, mapGatewayUser, normalizeGatewayBase, readPersistedGatewayAuthTokens, resolveAccessTokenRefreshSkewMs, resolveApiDateValue, resolveGatewayAuthPath, resolveGatewayDeviceToken, sanitizePersistedAuthState, withGatewayAuthNgswBypass };
|
|
571
|
-
export type { ApiDateValue, AuthLoginData, AuthRefreshData, AuthStateModel, AuthTokens, BuildSsoStartUrlOptions, GatewayApiDateValue, GatewayAuthHookResult, GatewayAuthOptions, GatewayAuthTokens, GatewayDeviceTokenOption, GatewayExternalTokenExchangeRequest, GatewayLoginLanguageOption, GatewayLoginPageOptions, GatewayLoginRequest, GatewayLoginResponse, GatewayLogoutRequest, GatewayMappedTokens, GatewayMappedUser, GatewayNafathStartData, GatewayNafathStartRequest, GatewayNafathStatusData, GatewayNafathStatusRequest, GatewayPlatform, GatewayRefreshData, GatewayRefreshRequest, GatewayResendMfaRequest, GatewayResponse, GatewaySsoExchangeRequest, GatewaySsoFlow, GatewaySsoProtocol, GatewaySsoProvider, GatewaySsoProvidersData, GatewayTwoFactorChallenge, GatewayUserDetails, GatewayVerifyMfaRequest, LoginRequest, Response, SsoProvider, TwoFactorChallenge, User, UserDetails };
|
|
609
|
+
export { AUTH_STATE_DEFAULTS, ClearError, ClearPendingMfa, ClearRateLimit, ExchangeSsoCode, GATEWAY_AUTH_ACCESS_TOKEN_REFRESH_SKEW_MS, GATEWAY_AUTH_DEVICE_TOKEN, GATEWAY_AUTH_DEVICE_TOKEN_STORAGE_KEY, GATEWAY_AUTH_ENDPOINTS, GATEWAY_AUTH_NGSW_BYPASS_PARAM, GATEWAY_AUTH_OPTIONS, GATEWAY_AUTH_RETRY_CONTEXT, GATEWAY_RATE_LIMIT_ERROR_CODE, GATEWAY_RATE_LIMIT_STATUS, GatewayAuthFacade, GatewayAuthState, GatewayLoginPage, GatewayMfa, GatewaySsoButtons, GatewaySsoCallback, GatewaySsoSession, LoadSsoProviders, Login, LoginFailure, LoginSuccess, Logout, ResendMfa, SetRateLimit, StartSso, UpdateTokens, UpdateUserData, VerifyMfa, buildGatewayUrl, buildSsoStartUrl, createSecureClientState, extractGatewayRateLimitInfo, gatewayAuthInterceptor, getGatewayErrorMessage, hasGatewayTokens, isExpired, isGatewayAuthRequestUrl, mapGatewayTokens, mapGatewayUser, normalizeGatewayBase, readPersistedGatewayAuthTokens, resolveAccessTokenRefreshSkewMs, resolveApiDateValue, resolveGatewayAuthPath, resolveGatewayDeviceToken, sanitizePersistedAuthState, withGatewayAuthNgswBypass };
|
|
610
|
+
export type { ApiDateValue, AuthLoginData, AuthRateLimit, AuthRateLimitScope, AuthRefreshData, AuthStateModel, AuthTokens, BuildSsoStartUrlOptions, GatewayApiDateValue, GatewayAuthHookResult, GatewayAuthOptions, GatewayAuthTokens, GatewayDeviceTokenOption, GatewayExternalTokenExchangeRequest, GatewayLoginLanguageOption, GatewayLoginPageOptions, GatewayLoginRequest, GatewayLoginResponse, GatewayLogoutRequest, GatewayMappedTokens, GatewayMappedUser, GatewayNafathStartData, GatewayNafathStartRequest, GatewayNafathStatusData, GatewayNafathStatusRequest, GatewayPlatform, GatewayRateLimitInfo, GatewayRefreshData, GatewayRefreshRequest, GatewayResendMfaRequest, GatewayResponse, GatewaySsoExchangeRequest, GatewaySsoFlow, GatewaySsoProtocol, GatewaySsoProvider, GatewaySsoProvidersData, GatewayTwoFactorChallenge, GatewayUserDetails, GatewayVerifyMfaRequest, LoginRequest, Response, SsoProvider, TwoFactorChallenge, User, UserDetails };
|