@memberjunction/server 0.9.73 → 0.9.74

package/src/config.ts

@@ -1,76 +1,76 @@
-import env from 'env-var';
-import fs from 'fs';
-import path from 'path';
-import { z } from 'zod';
-
-export const nodeEnv = env.get('NODE_ENV').asString();
-
-export const dbHost = env.get('DB_HOST').required().asString();
-export const dbPort = env.get('DB_PORT').default('1433').asPortNumber();
-export const dbUsername = env.get('DB_USERNAME').required().asString();
-export const dbPassword = env.get('DB_PASSWORD').required().asString();
-export const dbDatabase = env.get('DB_DATABASE').required().asString();
-export const dbInstanceName = env.get('DB_INSTANCE_NAME').asString();
-export const dbTrustServerCertificate = env.get('DB_TRUST_SERVER_CERTIFICATE').asBool();
-
-export const graphqlPort = env.get('PORT').default('4000').asPortNumber();
-export const graphqlRootPath = env.get('ROOT_PATH').default('/').asString();
-
-export const webClientID = env.get('WEB_CLIENT_ID').asString();
-export const tenantID = env.get('TENANT_ID').asString();
-
-export const enableIntrospection = env.get('ENABLE_INTROSPECTION').default('false').asBool();
-export const websiteRunFromPackage = env.get('WEBSITE_RUN_FROM_PACKAGE').asIntPositive();
-export const userEmailMap = env.get('USER_EMAIL_MAP').default('{}').asJsonObject() as Record<string, string>;
-
-export const auth0Domain = env.get('AUTH0_DOMAIN').asString();
-export const auth0WebClientID = env.get('AUTH0_CLIENT_ID').asString();
-export const auth0ClientSecret = env.get('AUTH0_CLIENT_SECRET').asString();
-
-export const mj_core_schema = env.get('MJ_CORE_SCHEMA').asString();
-
-export const configFile = env.get('CONFIG_FILE').asString();
-
-const userHandlingInfoSchema = z.object({
-  autoCreateNewUsers: z.boolean().optional().default(false),
-  newUserAuthorizedDomains: z.array(z.string()).optional().default([]),
-  newUserRoles: z.array(z.string()).optional().default([]),
-  updateCacheWhenNotFound: z.boolean().optional().default(false),
-  updateCacheWhenNotFoundDelay: z.number().optional().default(30000),
-  contextUserForNewUserCreation: z.string().optional().default(''),
-});
-
-const databaseSettingsInfoSchema = z.object({
-  connectionTimeout: z.number(),
-  requestTimeout: z.number(),
-  metadataCacheRefreshInterval: z.number(),
-});
-
-const viewingSystemInfoSchema = z.object({
-  enableSmartFilters: z.boolean().optional(),
-});
-
-
-const configInfoSchema = z.object({
-  userHandling: userHandlingInfoSchema,
-  databaseSettings: databaseSettingsInfoSchema,
-  viewingSystem: viewingSystemInfoSchema.optional(),
-});
-
-export type UserHandlingInfo = z.infer<typeof userHandlingInfoSchema>;
-export type DatabaseSettingsInfo = z.infer<typeof databaseSettingsInfoSchema>;
-export type ViewingSystemSettingsInfo = z.infer<typeof viewingSystemInfoSchema>;
-export type ConfigInfo = z.infer<typeof configInfoSchema>;
-
-export const configInfo: ConfigInfo = loadConfig();
-
-export function loadConfig() {
-  const configPath = configFile ?? path.resolve('config.json');
-
-  if (!fs.existsSync(configPath)) {
-    throw new Error(`Config file ${configPath} does not exist.`);
-  }
-
-  const configData = fs.readFileSync(configPath, 'utf-8');
-  return configInfoSchema.parse(JSON.parse(configData));
-}
+import env from 'env-var';
+import fs from 'fs';
+import path from 'path';
+import { z } from 'zod';
+
+export const nodeEnv = env.get('NODE_ENV').asString();
+
+export const dbHost = env.get('DB_HOST').required().asString();
+export const dbPort = env.get('DB_PORT').default('1433').asPortNumber();
+export const dbUsername = env.get('DB_USERNAME').required().asString();
+export const dbPassword = env.get('DB_PASSWORD').required().asString();
+export const dbDatabase = env.get('DB_DATABASE').required().asString();
+export const dbInstanceName = env.get('DB_INSTANCE_NAME').asString();
+export const dbTrustServerCertificate = env.get('DB_TRUST_SERVER_CERTIFICATE').asBool();
+
+export const graphqlPort = env.get('PORT').default('4000').asPortNumber();
+export const graphqlRootPath = env.get('ROOT_PATH').default('/').asString();
+
+export const webClientID = env.get('WEB_CLIENT_ID').asString();
+export const tenantID = env.get('TENANT_ID').asString();
+
+export const enableIntrospection = env.get('ENABLE_INTROSPECTION').default('false').asBool();
+export const websiteRunFromPackage = env.get('WEBSITE_RUN_FROM_PACKAGE').asIntPositive();
+export const userEmailMap = env.get('USER_EMAIL_MAP').default('{}').asJsonObject() as Record<string, string>;
+
+export const auth0Domain = env.get('AUTH0_DOMAIN').asString();
+export const auth0WebClientID = env.get('AUTH0_CLIENT_ID').asString();
+export const auth0ClientSecret = env.get('AUTH0_CLIENT_SECRET').asString();
+
+export const mj_core_schema = env.get('MJ_CORE_SCHEMA').asString();
+
+export const configFile = env.get('CONFIG_FILE').asString();
+
+const userHandlingInfoSchema = z.object({
+  autoCreateNewUsers: z.boolean().optional().default(false),
+  newUserAuthorizedDomains: z.array(z.string()).optional().default([]),
+  newUserRoles: z.array(z.string()).optional().default([]),
+  updateCacheWhenNotFound: z.boolean().optional().default(false),
+  updateCacheWhenNotFoundDelay: z.number().optional().default(30000),
+  contextUserForNewUserCreation: z.string().optional().default(''),
+});
+
+const databaseSettingsInfoSchema = z.object({
+  connectionTimeout: z.number(),
+  requestTimeout: z.number(),
+  metadataCacheRefreshInterval: z.number(),
+});
+
+const viewingSystemInfoSchema = z.object({
+  enableSmartFilters: z.boolean().optional(),
+});
+
+
+const configInfoSchema = z.object({
+  userHandling: userHandlingInfoSchema,
+  databaseSettings: databaseSettingsInfoSchema,
+  viewingSystem: viewingSystemInfoSchema.optional(),
+});
+
+export type UserHandlingInfo = z.infer<typeof userHandlingInfoSchema>;
+export type DatabaseSettingsInfo = z.infer<typeof databaseSettingsInfoSchema>;
+export type ViewingSystemSettingsInfo = z.infer<typeof viewingSystemInfoSchema>;
+export type ConfigInfo = z.infer<typeof configInfoSchema>;
+
+export const configInfo: ConfigInfo = loadConfig();
+
+export function loadConfig() {
+  const configPath = configFile ?? path.resolve('config.json');
+
+  if (!fs.existsSync(configPath)) {
+    throw new Error(`Config file ${configPath} does not exist.`);
+  }
+
+  const configData = fs.readFileSync(configPath, 'utf-8');
+  return configInfoSchema.parse(JSON.parse(configData));
+}

package/src/context.ts

@@ -1,106 +1,106 @@
-import { IncomingMessage } from 'http';
-import * as url from 'url';
-import { JwtPayload, VerifyOptions, decode, verify } from 'jsonwebtoken';
-import 'reflect-metadata';
-import { Subject, firstValueFrom } from 'rxjs';
-import { AuthenticationError, AuthorizationError } from 'type-graphql';
-import { DataSource } from 'typeorm';
-import { getSigningKeys, validationOptions, verifyUserRecord } from './auth';
-import { authCache } from './cache';
-import { userEmailMap } from './config';
-import { UserPayload } from './types';
-
-const verifyAsync = async (
-  issuer: string,
-  options: VerifyOptions,
-  token: string
-): Promise<JwtPayload> =>
-  new Promise((resolve, reject) => {
-    verify(token, getSigningKeys(issuer), options, (err, jwt) => {
-      if (jwt && typeof jwt !== 'string' && !err) {
-        const payload = jwt.payload ?? jwt;
-
-        console.log(
-          `Valid token: ${payload.name} (${
-            payload.email ? payload.email : payload.preferred_username
-          })`
-        ); // temporary fix to check preferred_username if email is not present
-        resolve(payload);
-      } else {
-        console.warn('Invalid token');
-        reject(err);
-      }
-    });
-  });
-
-export const getUserPayload = async (
-  bearerToken: string,
-  sessionId = 'default',
-  dataSource: DataSource,
-  requestDomain?: string
-): Promise<UserPayload> => {
-  try {
-    const token = bearerToken.replace('Bearer ', '');
-
-    if (!token) {
-      console.warn('No token to validate');
-      throw new AuthenticationError('Missing token');
-    }
-
-    const payload = decode(token);
-    if (!payload || typeof payload === 'string') {
-      throw new AuthenticationError('Invalid token payload');
-    }
-
-    if (!authCache.has(token)) {
-      const issuer = payload.iss;
-      if (!issuer) {
-        console.warn('No issuer claim on token');
-        throw new AuthenticationError('Missing issuer claim on token');
-      }
-
-      await verifyAsync(issuer, validationOptions[issuer], token);
-      authCache.set(token, true);
-    }
-
-    const email = payload?.email
-      ? userEmailMap[payload?.email] ?? payload?.email
-      : payload?.preferred_username; // temporary fix to check preferred_username if email is not present
-    const fullName = payload?.name;
-    const firstName = payload?.given_name || fullName?.split(' ')[0];
-    const lastName = payload?.family_name || fullName?.split(' ')[1] || fullName?.split(' ')[0];
-    const userRecord = await verifyUserRecord(email, firstName, lastName, requestDomain, dataSource);
-
-    if (!userRecord) {
-      console.error(`User ${email} not found`); 
-      throw new AuthorizationError();
-    }
-    else if (!userRecord.IsActive) {
-      console.error(`User ${email} found but inactive`);
-      throw new AuthorizationError();
-    }
-
-    return { userRecord, email, sessionId };
-  } catch (e) {
-    console.error(e);
-    return {} as UserPayload;
-  }
-};
-
-export const contextFunction =
-  ({ setupComplete$, dataSource }: { setupComplete$: Subject<unknown>; dataSource: DataSource }) =>
-  async ({ req }: { req: IncomingMessage }) => {
-    await firstValueFrom(setupComplete$); // wait for setup to complete before processing the request
-
-    const sessionIdRaw = req.headers['x-session-id'];
-    const requestDomain = url.parse(req.headers.origin || '')
-    const sessionId = sessionIdRaw ? sessionIdRaw.toString() : '';
-    const bearerToken = req.headers.authorization ?? '';
-
-    const userPayload = await getUserPayload(bearerToken, sessionId, dataSource, requestDomain?.hostname ? requestDomain.hostname : undefined);
-
-    // eslint-disable-next-line @typescript-eslint/no-explicit-any
-    console.log((req as any).body?.operationName);
-
-    return { dataSource, userPayload };
-  };
+import { IncomingMessage } from 'http';
+import * as url from 'url';
+import { JwtPayload, VerifyOptions, decode, verify } from 'jsonwebtoken';
+import 'reflect-metadata';
+import { Subject, firstValueFrom } from 'rxjs';
+import { AuthenticationError, AuthorizationError } from 'type-graphql';
+import { DataSource } from 'typeorm';
+import { getSigningKeys, validationOptions, verifyUserRecord } from './auth';
+import { authCache } from './cache';
+import { userEmailMap } from './config';
+import { UserPayload } from './types';
+
+const verifyAsync = async (
+  issuer: string,
+  options: VerifyOptions,
+  token: string
+): Promise<JwtPayload> =>
+  new Promise((resolve, reject) => {
+    verify(token, getSigningKeys(issuer), options, (err, jwt) => {
+      if (jwt && typeof jwt !== 'string' && !err) {
+        const payload = jwt.payload ?? jwt;
+
+        console.log(
+          `Valid token: ${payload.name} (${
+            payload.email ? payload.email : payload.preferred_username
+          })`
+        ); // temporary fix to check preferred_username if email is not present
+        resolve(payload);
+      } else {
+        console.warn('Invalid token');
+        reject(err);
+      }
+    });
+  });
+
+export const getUserPayload = async (
+  bearerToken: string,
+  sessionId = 'default',
+  dataSource: DataSource,
+  requestDomain?: string
+): Promise<UserPayload> => {
+  try {
+    const token = bearerToken.replace('Bearer ', '');
+
+    if (!token) {
+      console.warn('No token to validate');
+      throw new AuthenticationError('Missing token');
+    }
+
+    const payload = decode(token);
+    if (!payload || typeof payload === 'string') {
+      throw new AuthenticationError('Invalid token payload');
+    }
+
+    if (!authCache.has(token)) {
+      const issuer = payload.iss;
+      if (!issuer) {
+        console.warn('No issuer claim on token');
+        throw new AuthenticationError('Missing issuer claim on token');
+      }
+
+      await verifyAsync(issuer, validationOptions[issuer], token);
+      authCache.set(token, true);
+    }
+
+    const email = payload?.email
+      ? userEmailMap[payload?.email] ?? payload?.email
+      : payload?.preferred_username; // temporary fix to check preferred_username if email is not present
+    const fullName = payload?.name;
+    const firstName = payload?.given_name || fullName?.split(' ')[0];
+    const lastName = payload?.family_name || fullName?.split(' ')[1] || fullName?.split(' ')[0];
+    const userRecord = await verifyUserRecord(email, firstName, lastName, requestDomain, dataSource);
+
+    if (!userRecord) {
+      console.error(`User ${email} not found`); 
+      throw new AuthorizationError();
+    }
+    else if (!userRecord.IsActive) {
+      console.error(`User ${email} found but inactive`);
+      throw new AuthorizationError();
+    }
+
+    return { userRecord, email, sessionId };
+  } catch (e) {
+    console.error(e);
+    return {} as UserPayload;
+  }
+};
+
+export const contextFunction =
+  ({ setupComplete$, dataSource }: { setupComplete$: Subject<unknown>; dataSource: DataSource }) =>
+  async ({ req }: { req: IncomingMessage }) => {
+    await firstValueFrom(setupComplete$); // wait for setup to complete before processing the request
+
+    const sessionIdRaw = req.headers['x-session-id'];
+    const requestDomain = url.parse(req.headers.origin || '')
+    const sessionId = sessionIdRaw ? sessionIdRaw.toString() : '';
+    const bearerToken = req.headers.authorization ?? '';
+
+    const userPayload = await getUserPayload(bearerToken, sessionId, dataSource, requestDomain?.hostname ? requestDomain.hostname : undefined);
+
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    console.log((req as any).body?.operationName);
+
+    return { dataSource, userPayload };
+  };

package/src/directives/Public.ts

@@ -1,42 +1,42 @@
-import { FieldMapper, MapperKind, getDirective, mapSchema } from '@graphql-tools/utils';
-import { GraphQLFieldResolver, defaultFieldResolver } from 'graphql';
-import { AuthorizationError, Directive } from 'type-graphql';
-import { AppContext, DirectiveBuilder } from '../types';
-
-const DIRECTIVE_NAME = 'Public';
-
-export function Public(): PropertyDecorator & MethodDecorator & ClassDecorator;
-export function Public(): PropertyDecorator | MethodDecorator | ClassDecorator {
-  return (targetOrPrototype, propertyKey, descriptor) =>
-    Directive(`@${DIRECTIVE_NAME}`)(targetOrPrototype, propertyKey, descriptor);
-}
-
-export const publicDirective: DirectiveBuilder = {
-  typeDefs: `directive @${DIRECTIVE_NAME} on FIELD_DEFINITION`,
-  transformer: (schema) => {
-    const fieldMapper: FieldMapper = (fieldConfig) => {
-      const directive = getDirective(schema, fieldConfig, DIRECTIVE_NAME)?.[0];
-      if (directive) {
-        return fieldConfig;
-      } else {
-        // `@Public` directive not present, so will require auth
-        const { resolve = defaultFieldResolver } = fieldConfig;
-        const directiveResolver: GraphQLFieldResolver<unknown, AppContext> = async (
-          source,
-          args,
-          context,
-          info
-        ) => {
-          // eslint-disable-next-line
-          if (!context?.userPayload?.userRecord?.IsActive) {
-            throw new AuthorizationError();
-          }
-          return await resolve(source, args, context, info);
-        };
-
-        return { ...fieldConfig, resolve: directiveResolver };
-      }
-    };
-    return mapSchema(schema, { [MapperKind.OBJECT_FIELD]: fieldMapper });
-  },
-};
+import { FieldMapper, MapperKind, getDirective, mapSchema } from '@graphql-tools/utils';
+import { GraphQLFieldResolver, defaultFieldResolver } from 'graphql';
+import { AuthorizationError, Directive } from 'type-graphql';
+import { AppContext, DirectiveBuilder } from '../types';
+
+const DIRECTIVE_NAME = 'Public';
+
+export function Public(): PropertyDecorator & MethodDecorator & ClassDecorator;
+export function Public(): PropertyDecorator | MethodDecorator | ClassDecorator {
+  return (targetOrPrototype, propertyKey, descriptor) =>
+    Directive(`@${DIRECTIVE_NAME}`)(targetOrPrototype, propertyKey, descriptor);
+}
+
+export const publicDirective: DirectiveBuilder = {
+  typeDefs: `directive @${DIRECTIVE_NAME} on FIELD_DEFINITION`,
+  transformer: (schema) => {
+    const fieldMapper: FieldMapper = (fieldConfig) => {
+      const directive = getDirective(schema, fieldConfig, DIRECTIVE_NAME)?.[0];
+      if (directive) {
+        return fieldConfig;
+      } else {
+        // `@Public` directive not present, so will require auth
+        const { resolve = defaultFieldResolver } = fieldConfig;
+        const directiveResolver: GraphQLFieldResolver<unknown, AppContext> = async (
+          source,
+          args,
+          context,
+          info
+        ) => {
+          // eslint-disable-next-line
+          if (!context?.userPayload?.userRecord?.IsActive) {
+            throw new AuthorizationError();
+          }
+          return await resolve(source, args, context, info);
+        };
+
+        return { ...fieldConfig, resolve: directiveResolver };
+      }
+    };
+    return mapSchema(schema, { [MapperKind.OBJECT_FIELD]: fieldMapper });
+  },
+};

package/src/directives/index.ts

@@ -1 +1 @@
-export * from './Public';
+export * from './Public';