@memberjunction/server 3.2.0 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +47 -1
- package/dist/auth/APIKeyScopeAuth.d.ts +51 -0
- package/dist/auth/APIKeyScopeAuth.d.ts.map +1 -0
- package/dist/auth/APIKeyScopeAuth.js +163 -0
- package/dist/auth/APIKeyScopeAuth.js.map +1 -0
- package/dist/auth/index.d.ts +1 -0
- package/dist/auth/index.d.ts.map +1 -1
- package/dist/auth/index.js +1 -0
- package/dist/auth/index.js.map +1 -1
- package/dist/context.d.ts +8 -1
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +44 -7
- package/dist/context.js.map +1 -1
- package/dist/generated/generated.d.ts +252 -2
- package/dist/generated/generated.d.ts.map +1 -1
- package/dist/generated/generated.js +1754 -209
- package/dist/generated/generated.js.map +1 -1
- package/dist/generic/ResolverBase.d.ts +2 -2
- package/dist/generic/ResolverBase.d.ts.map +1 -1
- package/dist/generic/ResolverBase.js +22 -4
- package/dist/generic/ResolverBase.js.map +1 -1
- package/dist/generic/RunViewResolver.d.ts +29 -1
- package/dist/generic/RunViewResolver.d.ts.map +1 -1
- package/dist/generic/RunViewResolver.js +143 -0
- package/dist/generic/RunViewResolver.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/resolvers/APIKeyResolver.d.ts +23 -0
- package/dist/resolvers/APIKeyResolver.d.ts.map +1 -0
- package/dist/resolvers/APIKeyResolver.js +191 -0
- package/dist/resolvers/APIKeyResolver.js.map +1 -0
- package/dist/resolvers/RunAIAgentResolver.js +1 -1
- package/dist/resolvers/RunAIAgentResolver.js.map +1 -1
- package/dist/resolvers/UserResolver.d.ts.map +1 -1
- package/dist/resolvers/UserResolver.js +31 -1
- package/dist/resolvers/UserResolver.js.map +1 -1
- package/dist/types.d.ts +4 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +46 -45
- package/src/auth/APIKeyScopeAuth.ts +366 -0
- package/src/auth/index.ts +1 -0
- package/src/context.ts +91 -9
- package/src/generated/generated.ts +987 -14
- package/src/generic/ResolverBase.ts +38 -5
- package/src/generic/RunViewResolver.ts +132 -5
- package/src/index.ts +2 -0
- package/src/resolvers/APIKeyResolver.ts +234 -0
- package/src/resolvers/RunAIAgentResolver.ts +1 -1
- package/src/resolvers/UserResolver.ts +37 -1
- package/src/types.ts +7 -2
package/README.md
CHANGED
|
@@ -516,7 +516,53 @@ The server supports multiple authentication providers:
|
|
|
516
516
|
|
|
517
517
|
### API Key Authentication
|
|
518
518
|
|
|
519
|
-
The server
|
|
519
|
+
The server supports two types of API key authentication:
|
|
520
|
+
|
|
521
|
+
#### User API Keys (`X-API-Key` header)
|
|
522
|
+
|
|
523
|
+
Per-user API keys that authenticate as a specific user. These follow the `mj_sk_*` format and are created via the EncryptionEngine:
|
|
524
|
+
|
|
525
|
+
```typescript
|
|
526
|
+
import { EncryptionEngine } from '@memberjunction/encryption';
|
|
527
|
+
|
|
528
|
+
// Create a new API key for a user
|
|
529
|
+
const result = await EncryptionEngine.Instance.CreateAPIKey({
|
|
530
|
+
userId: 'user-guid-here',
|
|
531
|
+
label: 'My Integration',
|
|
532
|
+
description: 'API key for external integration',
|
|
533
|
+
expiresAt: new Date('2025-12-31') // Optional
|
|
534
|
+
}, contextUser);
|
|
535
|
+
|
|
536
|
+
if (result.success) {
|
|
537
|
+
console.log('API Key:', result.rawKey); // Save this - cannot be recovered!
|
|
538
|
+
}
|
|
539
|
+
```
|
|
540
|
+
|
|
541
|
+
Usage:
|
|
542
|
+
```bash
|
|
543
|
+
curl -H "X-API-Key: mj_sk_abc123..." https://api.example.com/graphql
|
|
544
|
+
```
|
|
545
|
+
|
|
546
|
+
Features:
|
|
547
|
+
- Authenticates as the specific user who owns the key
|
|
548
|
+
- Supports expiration dates
|
|
549
|
+
- Can be revoked individually
|
|
550
|
+
- Usage is logged for audit purposes
|
|
551
|
+
- `apiKeyId` is included in the request context
|
|
552
|
+
|
|
553
|
+
#### System API Key (`x-mj-api-key` header)
|
|
554
|
+
|
|
555
|
+
A single shared API key for system-level operations, configured via the `MJ_API_KEY` environment variable:
|
|
556
|
+
|
|
557
|
+
```bash
|
|
558
|
+
curl -H "x-mj-api-key: your-system-key" https://api.example.com/graphql
|
|
559
|
+
```
|
|
560
|
+
|
|
561
|
+
Features:
|
|
562
|
+
- Authenticates as the system user
|
|
563
|
+
- Used for server-to-server communication
|
|
564
|
+
- Has elevated privileges for system operations
|
|
565
|
+
- `isSystemUser: true` is set in the request context
|
|
520
566
|
|
|
521
567
|
### Access Control
|
|
522
568
|
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
import { AuthorizationResult } from '@memberjunction/api-keys';
|
|
2
|
+
import { UserInfo } from '@memberjunction/core';
|
|
3
|
+
export type ApplicationName = 'MJAPI' | 'MCPServer' | 'A2AServer' | string;
|
|
4
|
+
export interface ScopeAuthOptions {
|
|
5
|
+
applicationName?: ApplicationName;
|
|
6
|
+
resource?: string;
|
|
7
|
+
throwOnDenied?: boolean;
|
|
8
|
+
}
|
|
9
|
+
export interface ScopeAuthResult {
|
|
10
|
+
Allowed: boolean;
|
|
11
|
+
Reason?: string;
|
|
12
|
+
Checked: boolean;
|
|
13
|
+
EvaluatedRules?: AuthorizationResult['EvaluatedRules'];
|
|
14
|
+
}
|
|
15
|
+
export declare function CheckAPIKeyScope(apiKeyId: string | undefined, scopePath: string, contextUser: UserInfo, options?: ScopeAuthOptions): Promise<ScopeAuthResult>;
|
|
16
|
+
export declare function CheckAPIKeyScopeAndLog(apiKeyId: string | undefined, scopePath: string, contextUser: UserInfo, usageDetails: {
|
|
17
|
+
endpoint: string;
|
|
18
|
+
method: string;
|
|
19
|
+
operationName?: string;
|
|
20
|
+
ipAddress?: string;
|
|
21
|
+
userAgent?: string;
|
|
22
|
+
statusCode?: number;
|
|
23
|
+
responseTimeMs?: number;
|
|
24
|
+
}, options?: ScopeAuthOptions): Promise<ScopeAuthResult & {
|
|
25
|
+
LogId?: string;
|
|
26
|
+
}>;
|
|
27
|
+
export declare function RequireScope(scopePath: string, options?: Omit<ScopeAuthOptions, 'resource'>): (ctx: {
|
|
28
|
+
userPayload: {
|
|
29
|
+
apiKeyId?: string;
|
|
30
|
+
userRecord: UserInfo;
|
|
31
|
+
};
|
|
32
|
+
}, resource?: string) => Promise<void>;
|
|
33
|
+
export declare const RequireViewRun: (ctx: {
|
|
34
|
+
userPayload: {
|
|
35
|
+
apiKeyId?: string;
|
|
36
|
+
userRecord: UserInfo;
|
|
37
|
+
};
|
|
38
|
+
}, resource?: string) => Promise<void>;
|
|
39
|
+
export declare const RequireQueryRun: (ctx: {
|
|
40
|
+
userPayload: {
|
|
41
|
+
apiKeyId?: string;
|
|
42
|
+
userRecord: UserInfo;
|
|
43
|
+
};
|
|
44
|
+
}, resource?: string) => Promise<void>;
|
|
45
|
+
export declare const RequireAgentExecute: (ctx: {
|
|
46
|
+
userPayload: {
|
|
47
|
+
apiKeyId?: string;
|
|
48
|
+
userRecord: UserInfo;
|
|
49
|
+
};
|
|
50
|
+
}, resource?: string) => Promise<void>;
|
|
51
|
+
//# sourceMappingURL=APIKeyScopeAuth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"APIKeyScopeAuth.d.ts","sourceRoot":"","sources":["../../src/auth/APIKeyScopeAuth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAmB,mBAAmB,EAAwB,MAAM,0BAA0B,CAAC;AACtG,OAAO,EAAE,QAAQ,EAAW,MAAM,sBAAsB,CAAC;AAMzD,MAAM,MAAM,eAAe,GAAG,OAAO,GAAG,WAAW,GAAG,WAAW,GAAG,MAAM,CAAC;AAK3E,MAAM,WAAW,gBAAgB;IAE7B,eAAe,CAAC,EAAE,eAAe,CAAC;IAElC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,OAAO,CAAC;CAC3B;AAKD,MAAM,WAAW,eAAe;IAE5B,OAAO,EAAE,OAAO,CAAC;IAEjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,OAAO,EAAE,OAAO,CAAC;IAEjB,cAAc,CAAC,EAAE,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;CAC1D;AA+BD,wBAAsB,gBAAgB,CAClC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,QAAQ,EACrB,OAAO,GAAE,gBAAqB,GAC/B,OAAO,CAAC,eAAe,CAAC,CAmG1B;AAeD,wBAAsB,sBAAsB,CACxC,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,QAAQ,EACrB,YAAY,EAAE;IACV,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;CAC3B,EACD,OAAO,GAAE,gBAAqB,GAC/B,OAAO,CAAC,eAAe,GAAG;IAAE,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA8H/C;AAqBD,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,GAAE,IAAI,CAAC,gBAAgB,EAAE,UAAU,CAAM,SACzE;IAAE,WAAW,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,QAAQ,CAAA;KAAE,CAAA;CAAE,aAAa,MAAM,mBAQrG;AAGD,eAAO,MAAM,cAAc,QAXJ;IAAE,WAAW,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,QAAQ,CAAA;KAAE,CAAA;CAAE,aAAa,MAAM,kBAWhD,CAAC;AACvD,eAAO,MAAM,eAAe,QAZL;IAAE,WAAW,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,QAAQ,CAAA;KAAE,CAAA;CAAE,aAAa,MAAM,kBAY9C,CAAC;AACzD,eAAO,MAAM,mBAAmB,QAbT;IAAE,WAAW,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,QAAQ,CAAA;KAAE,CAAA;CAAE,aAAa,MAAM,kBAatC,CAAC"}
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
import { AuthorizationError } from 'type-graphql';
|
|
2
|
+
import { GetAPIKeyEngine } from '@memberjunction/api-keys';
|
|
3
|
+
import { RunView } from '@memberjunction/core';
|
|
4
|
+
export async function CheckAPIKeyScope(apiKeyId, scopePath, contextUser, options = {}) {
|
|
5
|
+
const { applicationName = 'MJAPI', resource = '*', throwOnDenied = true } = options;
|
|
6
|
+
if (!apiKeyId) {
|
|
7
|
+
return {
|
|
8
|
+
Allowed: true,
|
|
9
|
+
Checked: false,
|
|
10
|
+
Reason: 'Not authenticated via API key'
|
|
11
|
+
};
|
|
12
|
+
}
|
|
13
|
+
const engine = GetAPIKeyEngine();
|
|
14
|
+
const rv = new RunView();
|
|
15
|
+
const keyResult = await rv.RunView({
|
|
16
|
+
EntityName: 'MJ: API Keys',
|
|
17
|
+
ExtraFilter: `ID='${apiKeyId}'`,
|
|
18
|
+
ResultType: 'entity_object'
|
|
19
|
+
}, contextUser);
|
|
20
|
+
if (!keyResult.Success || keyResult.Results.length === 0) {
|
|
21
|
+
const result = {
|
|
22
|
+
Allowed: false,
|
|
23
|
+
Checked: true,
|
|
24
|
+
Reason: 'API key not found'
|
|
25
|
+
};
|
|
26
|
+
if (throwOnDenied) {
|
|
27
|
+
throw new AuthorizationError(result.Reason);
|
|
28
|
+
}
|
|
29
|
+
return result;
|
|
30
|
+
}
|
|
31
|
+
const apiKey = keyResult.Results[0];
|
|
32
|
+
const appResult = await rv.RunView({
|
|
33
|
+
EntityName: 'MJ: API Applications',
|
|
34
|
+
ExtraFilter: `Name='${applicationName}'`,
|
|
35
|
+
ResultType: 'entity_object'
|
|
36
|
+
}, contextUser);
|
|
37
|
+
if (!appResult.Success || appResult.Results.length === 0) {
|
|
38
|
+
const result = {
|
|
39
|
+
Allowed: false,
|
|
40
|
+
Checked: true,
|
|
41
|
+
Reason: `Unknown application: ${applicationName}`
|
|
42
|
+
};
|
|
43
|
+
if (throwOnDenied) {
|
|
44
|
+
throw new AuthorizationError(result.Reason);
|
|
45
|
+
}
|
|
46
|
+
return result;
|
|
47
|
+
}
|
|
48
|
+
const app = appResult.Results[0];
|
|
49
|
+
if (!app.IsActive) {
|
|
50
|
+
const result = {
|
|
51
|
+
Allowed: false,
|
|
52
|
+
Checked: true,
|
|
53
|
+
Reason: `Application is not active: ${applicationName}`
|
|
54
|
+
};
|
|
55
|
+
if (throwOnDenied) {
|
|
56
|
+
throw new AuthorizationError(result.Reason);
|
|
57
|
+
}
|
|
58
|
+
return result;
|
|
59
|
+
}
|
|
60
|
+
const request = {
|
|
61
|
+
APIKeyId: apiKeyId,
|
|
62
|
+
UserId: apiKey.UserID,
|
|
63
|
+
ApplicationId: app.ID,
|
|
64
|
+
ScopePath: scopePath,
|
|
65
|
+
Resource: resource
|
|
66
|
+
};
|
|
67
|
+
const scopeEvaluator = engine.GetScopeEvaluator();
|
|
68
|
+
const authResult = await scopeEvaluator.EvaluateAccess(request, contextUser);
|
|
69
|
+
if (!authResult.Allowed && throwOnDenied) {
|
|
70
|
+
const scopeDisplay = resource !== '*' ? `${scopePath} (${resource})` : scopePath;
|
|
71
|
+
throw new AuthorizationError(`API key does not have permission for scope: ${scopeDisplay}. ${authResult.Reason || ''}`);
|
|
72
|
+
}
|
|
73
|
+
return {
|
|
74
|
+
Allowed: authResult.Allowed,
|
|
75
|
+
Reason: authResult.Reason,
|
|
76
|
+
Checked: true,
|
|
77
|
+
EvaluatedRules: authResult.EvaluatedRules
|
|
78
|
+
};
|
|
79
|
+
}
|
|
80
|
+
export async function CheckAPIKeyScopeAndLog(apiKeyId, scopePath, contextUser, usageDetails, options = {}) {
|
|
81
|
+
const { applicationName = 'MJAPI', resource = '*', throwOnDenied = true } = options;
|
|
82
|
+
if (!apiKeyId) {
|
|
83
|
+
return {
|
|
84
|
+
Allowed: true,
|
|
85
|
+
Checked: false,
|
|
86
|
+
Reason: 'Not authenticated via API key'
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
const engine = GetAPIKeyEngine();
|
|
90
|
+
const rv = new RunView();
|
|
91
|
+
const keyResult = await rv.RunView({
|
|
92
|
+
EntityName: 'MJ: API Keys',
|
|
93
|
+
ExtraFilter: `ID='${apiKeyId}'`,
|
|
94
|
+
ResultType: 'entity_object'
|
|
95
|
+
}, contextUser);
|
|
96
|
+
if (!keyResult.Success || keyResult.Results.length === 0) {
|
|
97
|
+
const result = {
|
|
98
|
+
Allowed: false,
|
|
99
|
+
Checked: true,
|
|
100
|
+
Reason: 'API key not found'
|
|
101
|
+
};
|
|
102
|
+
if (throwOnDenied) {
|
|
103
|
+
throw new AuthorizationError(result.Reason);
|
|
104
|
+
}
|
|
105
|
+
return result;
|
|
106
|
+
}
|
|
107
|
+
const apiKey = keyResult.Results[0];
|
|
108
|
+
const appResult = await rv.RunView({
|
|
109
|
+
EntityName: 'MJ: API Applications',
|
|
110
|
+
ExtraFilter: `Name='${applicationName}'`,
|
|
111
|
+
ResultType: 'entity_object'
|
|
112
|
+
}, contextUser);
|
|
113
|
+
if (!appResult.Success || appResult.Results.length === 0) {
|
|
114
|
+
const result = {
|
|
115
|
+
Allowed: false,
|
|
116
|
+
Checked: true,
|
|
117
|
+
Reason: `Unknown application: ${applicationName}`
|
|
118
|
+
};
|
|
119
|
+
if (throwOnDenied) {
|
|
120
|
+
throw new AuthorizationError(result.Reason);
|
|
121
|
+
}
|
|
122
|
+
return result;
|
|
123
|
+
}
|
|
124
|
+
const app = appResult.Results[0];
|
|
125
|
+
const request = {
|
|
126
|
+
APIKeyId: apiKeyId,
|
|
127
|
+
UserId: apiKey.UserID,
|
|
128
|
+
ApplicationId: app.ID,
|
|
129
|
+
ScopePath: scopePath,
|
|
130
|
+
Resource: resource
|
|
131
|
+
};
|
|
132
|
+
const scopeEvaluator = engine.GetScopeEvaluator();
|
|
133
|
+
const authResult = await scopeEvaluator.EvaluateAccess(request, contextUser);
|
|
134
|
+
const usageLogger = engine.GetUsageLogger();
|
|
135
|
+
const statusCode = usageDetails.statusCode ?? (authResult.Allowed ? 200 : 403);
|
|
136
|
+
let logId;
|
|
137
|
+
if (authResult.Allowed) {
|
|
138
|
+
logId = (await usageLogger.LogSuccess(apiKeyId, app.ID, usageDetails.endpoint, usageDetails.operationName || null, usageDetails.method, statusCode, usageDetails.responseTimeMs || null, resource, authResult.EvaluatedRules, usageDetails.ipAddress || null, usageDetails.userAgent || null, contextUser)) || undefined;
|
|
139
|
+
}
|
|
140
|
+
else {
|
|
141
|
+
logId = (await usageLogger.LogDenied(apiKeyId, app.ID, usageDetails.endpoint, usageDetails.operationName || null, usageDetails.method, statusCode, usageDetails.responseTimeMs || null, resource, authResult.EvaluatedRules, authResult.Reason, usageDetails.ipAddress || null, usageDetails.userAgent || null, contextUser)) || undefined;
|
|
142
|
+
}
|
|
143
|
+
if (!authResult.Allowed && throwOnDenied) {
|
|
144
|
+
const scopeDisplay = resource !== '*' ? `${scopePath} (${resource})` : scopePath;
|
|
145
|
+
throw new AuthorizationError(`API key does not have permission for scope: ${scopeDisplay}. ${authResult.Reason || ''}`);
|
|
146
|
+
}
|
|
147
|
+
return {
|
|
148
|
+
Allowed: authResult.Allowed,
|
|
149
|
+
Reason: authResult.Reason,
|
|
150
|
+
Checked: true,
|
|
151
|
+
EvaluatedRules: authResult.EvaluatedRules,
|
|
152
|
+
LogId: logId
|
|
153
|
+
};
|
|
154
|
+
}
|
|
155
|
+
export function RequireScope(scopePath, options = {}) {
|
|
156
|
+
return async (ctx, resource) => {
|
|
157
|
+
await CheckAPIKeyScope(ctx.userPayload.apiKeyId, scopePath, ctx.userPayload.userRecord, { ...options, resource });
|
|
158
|
+
};
|
|
159
|
+
}
|
|
160
|
+
export const RequireViewRun = RequireScope('view:run');
|
|
161
|
+
export const RequireQueryRun = RequireScope('query:run');
|
|
162
|
+
export const RequireAgentExecute = RequireScope('agent:execute');
|
|
163
|
+
//# sourceMappingURL=APIKeyScopeAuth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"APIKeyScopeAuth.js","sourceRoot":"","sources":["../../src/auth/APIKeyScopeAuth.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,eAAe,EAA6C,MAAM,0BAA0B,CAAC;AACtG,OAAO,EAAY,OAAO,EAAE,MAAM,sBAAsB,CAAC;AA+DzD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAClC,QAA4B,EAC5B,SAAiB,EACjB,WAAqB,EACrB,UAA4B,EAAE;IAE9B,MAAM,EACF,eAAe,GAAG,OAAO,EACzB,QAAQ,GAAG,GAAG,EACd,aAAa,GAAG,IAAI,EACvB,GAAG,OAAO,CAAC;IAGZ,IAAI,CAAC,QAAQ,EAAE,CAAC;QACZ,OAAO;YACH,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,+BAA+B;SAC1C,CAAC;IACN,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IAGjC,MAAM,EAAE,GAAG,IAAI,OAAO,EAAE,CAAC;IACzB,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAe;QAC7C,UAAU,EAAE,cAAc;QAC1B,WAAW,EAAE,OAAO,QAAQ,GAAG;QAC/B,UAAU,EAAE,eAAe;KAC9B,EAAE,WAAW,CAAC,CAAC;IAEhB,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,MAAM,GAAoB;YAC5B,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,mBAAmB;SAC9B,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAGpC,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAuB;QACrD,UAAU,EAAE,sBAAsB;QAClC,WAAW,EAAE,SAAS,eAAe,GAAG;QACxC,UAAU,EAAE,eAAe;KAC9B,EAAE,WAAW,CAAC,CAAC;IAEhB,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,MAAM,GAAoB;YAC5B,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,wBAAwB,eAAe,EAAE;SACpD,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAEjC,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAChB,MAAM,MAAM,GAAoB;YAC5B,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,8BAA8B,eAAe,EAAE;SAC1D,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;IAGD,MAAM,OAAO,GAAyB;QAClC,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,aAAa,EAAE,GAAG,CAAC,EAAE;QACrB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE,QAAQ;KACrB,CAAC;IAGF,MAAM,cAAc,GAAG,MAAM,CAAC,iBAAiB,EAAE,CAAC;IAClD,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,cAAc,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAE7E,IAAI,CAAC,UAAU,CAAC,OAAO,IAAI,aAAa,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,SAAS,KAAK,QAAQ,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QACjF,MAAM,IAAI,kBAAkB,CACxB,+CAA+C,YAAY,KAAK,UAAU,CAAC,MAAM,IAAI,EAAE,EAAE,CAC5F,CAAC;IACN,CAAC;IAED,OAAO;QACH,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,OAAO,EAAE,IAAI;QACb,cAAc,EAAE,UAAU,CAAC,cAAc;KAC5C,CAAC;AACN,CAAC;AAeD,MAAM,CAAC,KAAK,UAAU,sBAAsB,CACxC,QAA4B,EAC5B,SAAiB,EACjB,WAAqB,EACrB,YAQC,EACD,UAA4B,EAAE;IAE9B,MAAM,EACF,eAAe,GAAG,OAAO,EACzB,QAAQ,GAAG,GAAG,EACd,aAAa,GAAG,IAAI,EACvB,GAAG,OAAO,CAAC;IAGZ,IAAI,CAAC,QAAQ,EAAE,CAAC;QACZ,OAAO;YACH,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,+BAA+B;SAC1C,CAAC;IACN,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;IACjC,MAAM,EAAE,GAAG,IAAI,OAAO,EAAE,CAAC;IAGzB,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAe;QAC7C,UAAU,EAAE,cAAc;QAC1B,WAAW,EAAE,OAAO,QAAQ,GAAG;QAC/B,UAAU,EAAE,eAAe;KAC9B,EAAE,WAAW,CAAC,CAAC;IAEhB,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,MAAM,GAAyC;YACjD,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,mBAAmB;SAC9B,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAGpC,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,OAAO,CAAuB;QACrD,UAAU,EAAE,sBAAsB;QAClC,WAAW,EAAE,SAAS,eAAe,GAAG;QACxC,UAAU,EAAE,eAAe;KAC9B,EAAE,WAAW,CAAC,CAAC;IAEhB,IAAI,CAAC,SAAS,CAAC,OAAO,IAAI,SAAS,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvD,MAAM,MAAM,GAAyC;YACjD,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,wBAAwB,eAAe,EAAE;SACpD,CAAC;QACF,IAAI,aAAa,EAAE,CAAC;YAChB,MAAM,IAAI,kBAAkB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,MAAM,CAAC;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAGjC,MAAM,OAAO,GAAyB;QAClC,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,aAAa,EAAE,GAAG,CAAC,EAAE;QACrB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE,QAAQ;KACrB,CAAC;IAGF,MAAM,cAAc,GAAG,MAAM,CAAC,iBAAiB,EAAE,CAAC;IAClD,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,cAAc,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAG7E,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC;IAC5C,MAAM,UAAU,GAAG,YAAY,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAE/E,IAAI,KAAyB,CAAC;IAC9B,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;QACrB,KAAK,GAAG,CAAC,MAAM,WAAW,CAAC,UAAU,CACjC,QAAQ,EACR,GAAG,CAAC,EAAE,EACN,YAAY,CAAC,QAAQ,EACrB,YAAY,CAAC,aAAa,IAAI,IAAI,EAClC,YAAY,CAAC,MAAM,EACnB,UAAU,EACV,YAAY,CAAC,cAAc,IAAI,IAAI,EACnC,QAAQ,EACR,UAAU,CAAC,cAAc,EACzB,YAAY,CAAC,SAAS,IAAI,IAAI,EAC9B,YAAY,CAAC,SAAS,IAAI,IAAI,EAC9B,WAAW,CACd,CAAC,IAAI,SAAS,CAAC;IACpB,CAAC;SAAM,CAAC;QACJ,KAAK,GAAG,CAAC,MAAM,WAAW,CAAC,SAAS,CAChC,QAAQ,EACR,GAAG,CAAC,EAAE,EACN,YAAY,CAAC,QAAQ,EACrB,YAAY,CAAC,aAAa,IAAI,IAAI,EAClC,YAAY,CAAC,MAAM,EACnB,UAAU,EACV,YAAY,CAAC,cAAc,IAAI,IAAI,EACnC,QAAQ,EACR,UAAU,CAAC,cAAc,EACzB,UAAU,CAAC,MAAM,EACjB,YAAY,CAAC,SAAS,IAAI,IAAI,EAC9B,YAAY,CAAC,SAAS,IAAI,IAAI,EAC9B,WAAW,CACd,CAAC,IAAI,SAAS,CAAC;IACpB,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,OAAO,IAAI,aAAa,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,QAAQ,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,SAAS,KAAK,QAAQ,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC;QACjF,MAAM,IAAI,kBAAkB,CACxB,+CAA+C,YAAY,KAAK,UAAU,CAAC,MAAM,IAAI,EAAE,EAAE,CAC5F,CAAC;IACN,CAAC;IAED,OAAO;QACH,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,OAAO,EAAE,IAAI;QACb,cAAc,EAAE,UAAU,CAAC,cAAc;QACzC,KAAK,EAAE,KAAK;KACf,CAAC;AACN,CAAC;AAqBD,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,UAA8C,EAAE;IAC5F,OAAO,KAAK,EAAE,GAAiE,EAAE,QAAiB,EAAE,EAAE;QAClG,MAAM,gBAAgB,CAClB,GAAG,CAAC,WAAW,CAAC,QAAQ,EACxB,SAAS,EACT,GAAG,CAAC,WAAW,CAAC,UAAU,EAC1B,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,CAC3B,CAAC;IACN,CAAC,CAAC;AACN,CAAC;AAGD,MAAM,CAAC,MAAM,cAAc,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;AACvD,MAAM,CAAC,MAAM,eAAe,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;AACzD,MAAM,CAAC,MAAM,mBAAmB,GAAG,YAAY,CAAC,eAAe,CAAC,CAAC"}
|
package/dist/auth/index.d.ts
CHANGED
|
@@ -4,6 +4,7 @@ import { UserInfo } from '@memberjunction/core';
|
|
|
4
4
|
export { TokenExpiredError } from './tokenExpiredError.js';
|
|
5
5
|
export { IAuthProvider } from './IAuthProvider.js';
|
|
6
6
|
export { AuthProviderFactory } from './AuthProviderFactory.js';
|
|
7
|
+
export * from './APIKeyScopeAuth.js';
|
|
7
8
|
export declare const getValidationOptions: (issuer: string) => {
|
|
8
9
|
audience: string;
|
|
9
10
|
jwksUri: string;
|
package/dist/auth/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAGzE,OAAO,GAAG,MAAM,OAAO,CAAC;AACxB,OAAO,EAAsB,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAOpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,kBAAkB,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAGzE,OAAO,GAAG,MAAM,OAAO,CAAC;AACxB,OAAO,EAAsB,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAOpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,cAAc,sBAAsB,CAAC;AAsCrC,eAAO,MAAM,oBAAoB,WAAY,MAAM,KAAG;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,SAY7F,CAAC;AAMF,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAWlF,CAAC;AAEH,qBAAa,WAAW;IACtB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAKD,eAAO,MAAM,cAAc,WAAY,MAAM,cAAc,SAAS,MAAM,kBAAkB,SAmB3F,CAAC;AAKF,eAAO,MAAM,0BAA0B,YAAa,UAAU,KAAG;IAC/D,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAiC5B,CAAC;AAEF,eAAO,MAAM,aAAa,gBAAuB,IAAI,cAAc,+BAA8B,OAAO,KAAU,QAAQ,QAAQ,CAYjI,CAAC;AAEF,eAAO,MAAM,gBAAgB,WACnB,MAAM,cACF,MAAM,aACP,MAAM,kBACD,MAAM,eACT,IAAI,cAAc,+BACH,OAAO,KAClC,QAAQ,QAAQ,GAAG,SAAS,CAyE9B,CAAC"}
|
package/dist/auth/index.js
CHANGED
|
@@ -7,6 +7,7 @@ import { AuthProviderFactory } from './AuthProviderFactory.js';
|
|
|
7
7
|
import { initializeAuthProviders } from './initializeProviders.js';
|
|
8
8
|
export { TokenExpiredError } from './tokenExpiredError.js';
|
|
9
9
|
export { AuthProviderFactory } from './AuthProviderFactory.js';
|
|
10
|
+
export * from './APIKeyScopeAuth.js';
|
|
10
11
|
class MissingAuthError extends Error {
|
|
11
12
|
constructor() {
|
|
12
13
|
super('No authentication providers configured. Please configure at least one auth provider in mj.config.cjs');
|
package/dist/auth/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAEnE,OAAO,EAAE,QAAQ,EAAY,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAElD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AAEnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AAEnE,OAAO,EAAE,QAAQ,EAAY,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAElD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AAEnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,cAAc,sBAAsB,CAAC;AAIrC,MAAM,gBAAiB,SAAQ,KAAK;IAClC;QACE,KAAK,CAAC,sGAAsG,CAAC,CAAC;QAC9G,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;IACjC,CAAC;CACF;AAED,MAAM,gBAAgB,GAAG,KAAK,EAAE,UAA+B,EAAE,EAAE;IACjE,MAAM,SAAS,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IACrC,MAAM,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IACnC,MAAM,OAAO,GAAW,OAAO,GAAG,SAAS,CAAC;IAI5C,MAAM,KAAK,GAAG,UAAU,CAAC,YAAY,CAAC,4BAA4B;QAChE,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,4BAA4B,GAAG,KAAK;YAC5D,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,4BAA4B;YACtD,CAAC,CAAC,KAAK;QACT,CAAC,CAAC,CAAC,CAAC;IACN,IAAI,OAAO,GAAG,KAAK;QAAE,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC;IAE1F,MAAM,SAAS,GAAW,IAAI,CAAC,GAAG,EAAE,CAAC;IACrC,MAAM,YAAY,GAAW,SAAS,GAAG,SAAS,CAAC;IAEnD,OAAO,CAAC,GAAG,CACT,2BAA2B,OAAO,6BAA6B,YAAY,yBAAyB,KAAK,sEAAsE,CAChL,CAAC;AACJ,CAAC,CAAC;AAMF,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,MAAc,EAAqD,EAAE;IACxG,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,OAAO,EAAE,QAAQ,CAAC,OAAO;KAC1B,CAAC;AACJ,CAAC,CAAC;AAMF,MAAM,CAAC,MAAM,iBAAiB,GAA0D,IAAI,KAAK,CAAC,EAAE,EAAE;IACpG,GAAG,EAAE,CAAC,MAAM,EAAE,IAAY,EAAE,EAAE;QAC5B,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACpC,CAAC;IACD,GAAG,EAAE,CAAC,MAAM,EAAE,IAAY,EAAE,EAAE;QAC5B,OAAO,oBAAoB,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC;IAClD,CAAC;IACD,OAAO,EAAE,GAAG,EAAE;QACZ,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,CAAC;QAClD,OAAO,OAAO,CAAC,eAAe,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACtD,CAAC;CACF,CAAC,CAAC;AAEH,MAAM,OAAO,WAAW;IACtB,GAAG,CAAU;IACb,GAAG,CAAU;IACb,GAAG,CAAU;IACb,GAAG,CAAU;IACb,GAAG,CAAU;IACb,IAAI,CAAU;IACd,GAAG,CAAU;IACb,KAAK,CAAU;IACf,GAAG,CAAU;IACb,kBAAkB,CAAU;IAC5B,EAAE,CAAU;IACZ,GAAG,CAAU;IACb,GAAG,CAAU;IACb,GAAG,CAAU;IACb,GAAG,CAAU;IACb,KAAK,CAAU;IACf,UAAU,CAAU;IACpB,WAAW,CAAU;CAEtB;AAKD,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,MAAc,EAAE,EAAE,CAAC,CAAC,MAAiB,EAAE,EAAsB,EAAE,EAAE;IAC9F,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,CAAC;IAGlD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;QAC5B,uBAAuB,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QAEd,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC;YAC5B,MAAM,IAAI,gBAAgB,EAAE,CAAC;QAC/B,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,gDAAgD,MAAM,EAAE,CAAC,CAAC;IAC5E,CAAC;IAED,QAAQ,CAAC,aAAa,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACrC,CAAC,CAAC;AAKF,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,OAAmB,EAM5D,EAAE;IACF,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAE3B,IAAI,CAAC,MAAM,EAAE,CAAC;QAEZ,MAAM,iBAAiB,GAAG,OAAO,CAAC,kBAAwC,CAAC;QAC3E,OAAO;YACL,KAAK,EAAE,OAAO,CAAC,KAA2B,IAAI,iBAAiB;YAC/D,SAAS,EAAE,OAAO,CAAC,UAAgC;YACnD,QAAQ,EAAE,OAAO,CAAC,WAAiC;YACnD,QAAQ,EAAE,OAAO,CAAC,IAA0B;YAC5C,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QAEd,MAAM,QAAQ,GAAG,OAAO,CAAC,IAA0B,CAAC;QACpD,MAAM,iBAAiB,GAAG,OAAO,CAAC,kBAAwC,CAAC;QAC3E,OAAO;YACL,KAAK,EAAE,OAAO,CAAC,KAA2B,IAAI,iBAAiB;YAC/D,SAAS,EAAE,OAAO,CAAC,UAAgC,IAAI,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC9E,QAAQ,EAAE,OAAO,CAAC,WAAiC,IAAI,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACzG,QAAQ;YACR,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAAE,UAA+B,EAAE,6BAAsC,IAAI,EAAqB,EAAE;IACpI,MAAM,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;IACtD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,IAAI,UAAU,IAAI,0BAA0B,EAAE,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,+EAA+E,CAAC,CAAC;YAE9F,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;YACnC,OAAO,aAAa,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,mBAAmB,SAAS,CAAC,QAAQ,CAAC,cAAc,yBAAyB,CAAC,CAAC;IACjG,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,EACnC,KAAc,EACd,SAAkB,EAClB,QAAiB,EACjB,aAAsB,EACtB,UAA+B,EAC/B,6BAAsC,IAAI,EACX,EAAE;IACjC,IAAI,CAAC,KAAK;QAAE,OAAO,SAAS,CAAC;IAE7B,IAAI,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7C,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAGtC,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC,EAAE,uBAAuB,CAAC,CAAC;YAC1E,OAAO,KAAK,CAAC;QACf,CAAC;;YAAM,OAAO,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,IACE,UAAU,CAAC,YAAY,CAAC,kBAAkB;YAC1C,SAAS;YACT,QAAQ;YACR,CAAC,aAAa,IAAI,UAAU,CAAC,YAAY,CAAC,iCAAiC,KAAK,KAAK,CAAC,EACtF,CAAC;YAED,IAAI,iBAAiB,GACnB,UAAU,CAAC,YAAY,CAAC,iCAAiC;gBACzD,KAAK,CAAC;YACR,IAAI,CAAC,iBAAiB,IAAI,aAAa,EAAE,CAAC;gBAExC,iBAAiB,GAAG,UAAU,CAAC,YAAY,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;oBAEpF,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;oBAC9G,OAAO,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;gBACzD,CAAC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,iBAAiB,EAAE,CAAC;gBAEtB,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,yDAAyD,CAAC,CAAC;gBACrF,MAAM,cAAc,GAAgB,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAc,WAAW,CAAC,CAAC;gBAC5G,MAAM,OAAO,GAAsB,MAAM,cAAc,CAAC,aAAa,CAAC,SAAS,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;gBAClG,IAAI,OAAO,EAAE,CAAC;oBAGZ,MAAM,EAAE,GAAa,IAAI,QAAQ,EAAE,CAAC;oBAEpC,MAAM,QAAQ,GAA2F,OAAO,CAAC,MAAM,EAAE,CAAC;oBAE1H,QAAQ,CAAC,SAAS,GAAG,UAAU,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;wBACrE,MAAM,QAAQ,GAAyB,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;wBAC7E,MAAM,MAAM,GAAW,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBAEnD,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;oBACjE,CAAC,CAAC,CAAC;oBAEH,IAAI,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;oBACjD,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACpC,OAAO,CAAC,IAAI,CAAC,mBAAmB,KAAK,wBAAwB,CAAC,CAAC;gBACjE,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,IAAI,CACV,QAAQ,KAAK,wCAAwC,aAAa,uNAAuN,CAC1R,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI,IAAI,UAAU,CAAC,YAAY,CAAC,uBAAuB,IAAI,UAAU,IAAI,0BAA0B,EAAE,CAAC;YAEzG,OAAO,CAAC,IAAI,CAAC,QAAQ,KAAK,oEAAoE,CAAC,CAAC;YAEhG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAEnC,OAAO,gBAAgB,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAGF,uBAAuB,EAAE,CAAC"}
|
package/dist/context.d.ts
CHANGED
|
@@ -5,7 +5,14 @@ import { Subject } from 'rxjs';
|
|
|
5
5
|
import sql from 'mssql';
|
|
6
6
|
import { DataSourceInfo, UserPayload } from './types.js';
|
|
7
7
|
import { SQLServerDataProvider } from '@memberjunction/sqlserver-dataprovider';
|
|
8
|
-
export
|
|
8
|
+
export interface RequestContext {
|
|
9
|
+
endpoint: string;
|
|
10
|
+
method: string;
|
|
11
|
+
operationName?: string;
|
|
12
|
+
ipAddress?: string;
|
|
13
|
+
userAgent?: string;
|
|
14
|
+
}
|
|
15
|
+
export declare const getUserPayload: (bearerToken: string, sessionId: string, dataSources: DataSourceInfo[], requestDomain?: string, systemApiKey?: string, userApiKey?: string, requestContext?: RequestContext) => Promise<UserPayload>;
|
|
9
16
|
export declare const contextFunction: ({ setupComplete$, dataSource, dataSources }: {
|
|
10
17
|
setupComplete$: Subject<unknown>;
|
|
11
18
|
dataSource: sql.ConnectionPool;
|
package/dist/context.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAkB,MAAM,MAAM,CAAC;AAE/C,OAAO,GAAG,MAAM,OAAO,CAAC;AAIxB,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAKzD,OAAO,EAAE,qBAAqB,
|
|
1
|
+
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":";AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,MAAM,CAAC;AAGvC,OAAO,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAkB,MAAM,MAAM,CAAC;AAE/C,OAAO,GAAG,MAAM,OAAO,CAAC;AAIxB,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAKzD,OAAO,EAAE,qBAAqB,EAA0C,MAAM,wCAAwC,CAAC;AAgCvH,MAAM,WAAW,cAAc;IAE7B,QAAQ,EAAE,MAAM,CAAC;IAEjB,MAAM,EAAE,MAAM,CAAC;IAEf,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,eAAO,MAAM,cAAc,gBACZ,MAAM,kCAEN,cAAc,EAAE,kBACb,MAAM,iBACP,MAAM,eACR,MAAM,mBACF,cAAc,KAC9B,QAAQ,WAAW,CAkIrB,CAAC;AAEF,eAAO,MAAM,eAAe,gDACoB;IAAE,cAAc,EAAE,QAAQ,OAAO,CAAC,CAAC;IAAC,UAAU,EAAE,IAAI,cAAc,CAAC;IAAC,WAAW,EAAE,cAAc,EAAE,CAAA;CAAE,eACjI;IAAE,GAAG,EAAE,eAAe,CAAA;CAAE;;;;;;;;EAoFvC,CAAC"}
|
package/dist/context.js
CHANGED
|
@@ -7,9 +7,10 @@ import { getSigningKeys, getSystemUser, getValidationOptions, verifyUserRecord,
|
|
|
7
7
|
import { authCache } from './cache.js';
|
|
8
8
|
import { userEmailMap, apiKey, mj_core_schema } from './config.js';
|
|
9
9
|
import { GetReadOnlyDataSource, GetReadWriteDataSource } from './util.js';
|
|
10
|
-
import { SQLServerDataProvider, SQLServerProviderConfigData } from '@memberjunction/sqlserver-dataprovider';
|
|
10
|
+
import { SQLServerDataProvider, SQLServerProviderConfigData, UserCache } from '@memberjunction/sqlserver-dataprovider';
|
|
11
11
|
import { AuthProviderFactory } from './auth/AuthProviderFactory.js';
|
|
12
12
|
import { Metadata } from '@memberjunction/core';
|
|
13
|
+
import { GetAPIKeyEngine } from '@memberjunction/api-keys';
|
|
13
14
|
const verifyAsync = async (issuer, token) => new Promise((resolve, reject) => {
|
|
14
15
|
const options = getValidationOptions(issuer);
|
|
15
16
|
if (!options) {
|
|
@@ -29,12 +30,39 @@ const verifyAsync = async (issuer, token) => new Promise((resolve, reject) => {
|
|
|
29
30
|
}
|
|
30
31
|
});
|
|
31
32
|
});
|
|
32
|
-
export const getUserPayload = async (bearerToken, sessionId = 'default', dataSources, requestDomain,
|
|
33
|
+
export const getUserPayload = async (bearerToken, sessionId = 'default', dataSources, requestDomain, systemApiKey, userApiKey, requestContext) => {
|
|
33
34
|
try {
|
|
34
35
|
const readOnlyDataSource = GetReadOnlyDataSource(dataSources, { allowFallbackToReadWrite: true });
|
|
35
36
|
const readWriteDataSource = GetReadWriteDataSource(dataSources);
|
|
36
|
-
if (
|
|
37
|
-
|
|
37
|
+
if (userApiKey && userApiKey !== String(undefined)) {
|
|
38
|
+
const systemUser = await getSystemUser(readOnlyDataSource);
|
|
39
|
+
const apiKeyEngine = GetAPIKeyEngine();
|
|
40
|
+
const validationResult = await apiKeyEngine.ValidateAPIKey({
|
|
41
|
+
RawKey: userApiKey,
|
|
42
|
+
ApplicationName: 'MJAPI',
|
|
43
|
+
Endpoint: requestContext?.endpoint ?? '/api',
|
|
44
|
+
Method: requestContext?.method ?? 'POST',
|
|
45
|
+
Operation: requestContext?.operationName ?? null,
|
|
46
|
+
StatusCode: 200,
|
|
47
|
+
ResponseTimeMs: undefined,
|
|
48
|
+
IPAddress: requestContext?.ipAddress ?? null,
|
|
49
|
+
UserAgent: requestContext?.userAgent ?? null,
|
|
50
|
+
}, systemUser);
|
|
51
|
+
if (validationResult.IsValid && validationResult.User) {
|
|
52
|
+
const cachedUser = UserCache.Instance.Users.find(u => u.ID === validationResult.User.ID);
|
|
53
|
+
const userRecord = cachedUser || validationResult.User;
|
|
54
|
+
return {
|
|
55
|
+
userRecord,
|
|
56
|
+
email: userRecord.Email,
|
|
57
|
+
sessionId,
|
|
58
|
+
apiKeyId: validationResult.APIKeyId,
|
|
59
|
+
apiKeyHash: validationResult.APIKeyHash,
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
throw new AuthenticationError('Invalid API key');
|
|
63
|
+
}
|
|
64
|
+
if (systemApiKey && systemApiKey != String(undefined)) {
|
|
65
|
+
if (systemApiKey === apiKey) {
|
|
38
66
|
const systemUser = await getSystemUser(readOnlyDataSource);
|
|
39
67
|
return {
|
|
40
68
|
userRecord: systemUser,
|
|
@@ -44,7 +72,7 @@ export const getUserPayload = async (bearerToken, sessionId = 'default', dataSou
|
|
|
44
72
|
apiKey,
|
|
45
73
|
};
|
|
46
74
|
}
|
|
47
|
-
throw new AuthenticationError('Invalid API key
|
|
75
|
+
throw new AuthenticationError('Invalid system API key');
|
|
48
76
|
}
|
|
49
77
|
const token = bearerToken.replace('Bearer ', '');
|
|
50
78
|
if (!token) {
|
|
@@ -101,13 +129,22 @@ export const contextFunction = ({ setupComplete$, dataSource, dataSources }) =>
|
|
|
101
129
|
const requestDomain = url.parse(req.headers.origin || '');
|
|
102
130
|
const sessionId = sessionIdRaw ? sessionIdRaw.toString() : '';
|
|
103
131
|
const bearerToken = req.headers.authorization ?? '';
|
|
104
|
-
const
|
|
132
|
+
const systemApiKey = String(req.headers['x-mj-api-key']);
|
|
133
|
+
const userApiKey = String(req.headers['x-api-key']);
|
|
105
134
|
const reqAny = req;
|
|
106
135
|
const operationName = reqAny.body?.operationName;
|
|
107
136
|
if (operationName !== 'IntrospectionQuery') {
|
|
108
137
|
console.log({ operationName, variables: reqAny.body?.variables || undefined });
|
|
109
138
|
}
|
|
110
|
-
const
|
|
139
|
+
const expressReq = req;
|
|
140
|
+
const requestContext = {
|
|
141
|
+
endpoint: expressReq.path || expressReq.url || '/api',
|
|
142
|
+
method: expressReq.method || 'POST',
|
|
143
|
+
operationName: operationName,
|
|
144
|
+
ipAddress: expressReq.ip || expressReq.socket?.remoteAddress || undefined,
|
|
145
|
+
userAgent: req.headers['user-agent'],
|
|
146
|
+
};
|
|
147
|
+
const userPayload = await getUserPayload(bearerToken, sessionId, dataSources, requestDomain?.hostname ? requestDomain.hostname : undefined, systemApiKey, userApiKey, requestContext);
|
|
111
148
|
if (Metadata.Provider.Entities.length === 0) {
|
|
112
149
|
console.warn('WARNING: No entities found in global/shared metadata, this can often be due to the use of **global** Metadata/RunView/DB Providers in a multi-user environment. Check your code to make sure you are using the providers passed to you in AppContext by MJServer and not calling new Metadata() new RunView() new RunQuery() and similar patterns as those are unstable at times in multi-user server environments!!!');
|
|
113
150
|
}
|
package/dist/context.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAC3B,OAAO,EAAE,OAAO,IAAI,GAAG,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,kBAAkB,CAAC;AAC1B,OAAO,EAAW,cAAc,EAAE,MAAM,MAAM,CAAC;AAC/C,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAEvE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACvJ,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEnE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAI1E,OAAO,EAAE,qBAAqB,EAAE,2BAA2B,EAAE,MAAM,wCAAwC,CAAC;
|
|
1
|
+
{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAC3B,OAAO,EAAE,OAAO,IAAI,GAAG,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,kBAAkB,CAAC;AAC1B,OAAO,EAAW,cAAc,EAAE,MAAM,MAAM,CAAC;AAC/C,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAEvE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,0BAA0B,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACvJ,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAEnE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAC;AAI1E,OAAO,EAAE,qBAAqB,EAAE,2BAA2B,EAAE,SAAS,EAAE,MAAM,wCAAwC,CAAC;AACvH,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AACpE,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D,MAAM,WAAW,GAAG,KAAK,EAAE,MAAc,EAAE,KAAa,EAA2B,EAAE,CACnF,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;IAC9B,MAAM,OAAO,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,KAAK,CAAC,0CAA0C,MAAM,EAAE,CAAC,CAAC,CAAC;QACtE,OAAO;IACT,CAAC;IAED,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,cAAc,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAC9D,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,GAAG,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC;YAGnC,MAAM,QAAQ,GAAG,0BAA0B,CAAC,OAAO,CAAC,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,gBAAgB,QAAQ,CAAC,QAAQ,IAAI,SAAS,KAAK,QAAQ,CAAC,KAAK,IAAI,QAAQ,CAAC,iBAAiB,IAAI,SAAS,GAAG,CAAC,CAAC;YAC7H,OAAO,CAAC,OAAO,CAAC,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC9B,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAkBL,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EACjC,WAAmB,EACnB,SAAS,GAAG,SAAS,EACrB,WAA6B,EAC7B,aAAsB,EACtB,YAAqB,EACrB,UAAmB,EACnB,cAA+B,EACT,EAAE;IACxB,IAAI,CAAC;QACH,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,WAAW,EAAE,EAAE,wBAAwB,EAAE,IAAI,EAAE,CAAC,CAAC;QAClG,MAAM,mBAAmB,GAAG,sBAAsB,CAAC,WAAW,CAAC,CAAC;QAIhE,IAAI,UAAU,IAAI,UAAU,KAAK,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YAEnD,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;YACvC,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,cAAc,CACxD;gBACE,MAAM,EAAE,UAAU;gBAClB,eAAe,EAAE,OAAO;gBACxB,QAAQ,EAAE,cAAc,EAAE,QAAQ,IAAI,MAAM;gBAC5C,MAAM,EAAE,cAAc,EAAE,MAAM,IAAI,MAAM;gBACxC,SAAS,EAAE,cAAc,EAAE,aAAa,IAAI,IAAI;gBAChD,UAAU,EAAE,GAAG;gBACf,cAAc,EAAE,SAAS;gBACzB,SAAS,EAAE,cAAc,EAAE,SAAS,IAAI,IAAI;gBAC5C,SAAS,EAAE,cAAc,EAAE,SAAS,IAAI,IAAI;aAC7C,EACD,UAAU,CACX,CAAC;YAEF,IAAI,gBAAgB,CAAC,OAAO,IAAI,gBAAgB,CAAC,IAAI,EAAE,CAAC;gBAGtD,MAAM,UAAU,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAC9C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,gBAAgB,CAAC,IAAI,CAAC,EAAE,CACvC,CAAC;gBAGF,MAAM,UAAU,GAAG,UAAU,IAAI,gBAAgB,CAAC,IAAI,CAAC;gBAEvD,OAAO;oBACL,UAAU;oBACV,KAAK,EAAE,UAAU,CAAC,KAAK;oBACvB,SAAS;oBACT,QAAQ,EAAE,gBAAgB,CAAC,QAAQ;oBACnC,UAAU,EAAE,gBAAgB,CAAC,UAAU;iBACxC,CAAC;YACJ,CAAC;YAGD,MAAM,IAAI,mBAAmB,CAAC,iBAAiB,CAAC,CAAC;QACnD,CAAC;QAID,IAAI,YAAY,IAAI,YAAY,IAAI,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;YACtD,IAAI,YAAY,KAAK,MAAM,EAAE,CAAC;gBAC5B,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,CAAC;gBAC3D,OAAO;oBACL,UAAU,EAAE,UAAU;oBACtB,KAAK,EAAE,UAAU,CAAC,KAAK;oBACvB,SAAS;oBACT,YAAY,EAAE,IAAI;oBAClB,MAAM;iBACP,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,mBAAmB,CAAC,wBAAwB,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAEjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACrC,MAAM,IAAI,mBAAmB,CAAC,eAAe,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAClC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC5C,MAAM,IAAI,mBAAmB,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACvD,IAAI,UAAU,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAEvC,OAAO,CAAC,IAAI,CAAC,oBAAoB,UAAU,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC;YACrF,MAAM,IAAI,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;YAC3B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;gBACzC,MAAM,IAAI,mBAAmB,CAAC,+BAA+B,CAAC,CAAC;YACjE,CAAC;YAGD,MAAM,OAAO,GAAG,mBAAmB,CAAC,WAAW,EAAE,CAAC;YAClD,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,CAAC,IAAI,CAAC,uBAAuB,MAAM,EAAE,CAAC,CAAC;gBAC9C,MAAM,IAAI,mBAAmB,CAAC,wCAAwC,MAAM,EAAE,CAAC,CAAC;YAClF,CAAC;YAED,MAAM,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YACjC,SAAS,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAC7B,CAAC;QAGD,MAAM,QAAQ,GAAG,0BAA0B,CAAC,OAAO,CAAC,CAAC;QACrD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QAErH,MAAM,UAAU,GAAG,MAAM,gBAAgB,CACvC,KAAK,EACL,QAAQ,CAAC,SAAS,EAClB,QAAQ,CAAC,QAAQ,EACjB,aAAa,EACb,mBAAmB,CACpB,CAAC;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC;YACzC,MAAM,IAAI,kBAAkB,EAAE,CAAC;QACjC,CAAC;aAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YAChC,OAAO,CAAC,KAAK,CAAC,QAAQ,KAAK,qBAAqB,CAAC,CAAC;YAClD,MAAM,IAAI,kBAAkB,EAAE,CAAC;QACjC,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,SAAS,EAAE,CAAC;IAC5D,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACrB,IAAI,KAAK,YAAY,iBAAiB,EAAE,CAAC;YACvC,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,mBAAmB,CAAC,6BAA6B,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAC1B,CAAC,EAAE,cAAc,EAAE,UAAU,EAAE,WAAW,EAAuG,EAAE,EAAE,CACrJ,KAAK,EAAE,EAAE,GAAG,EAA4B,EAAE,EAAE;IAC1C,MAAM,cAAc,CAAC,cAAc,CAAC,CAAC;IAGrC,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IACjD,MAAM,aAAa,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9D,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC;IAKpD,MAAM,YAAY,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;IACzD,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;IAGpD,MAAM,MAAM,GAAG,GAAU,CAAC;IAC1B,MAAM,aAAa,GAAuB,MAAM,CAAC,IAAI,EAAE,aAAa,CAAC;IACrE,IAAI,aAAa,KAAK,oBAAoB,EAAE,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,CAAC,IAAI,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC,CAAC;IACjF,CAAC;IAID,MAAM,UAAU,GAAG,GAAgB,CAAC;IACpC,MAAM,cAAc,GAAmB;QACrC,QAAQ,EAAE,UAAU,CAAC,IAAI,IAAI,UAAU,CAAC,GAAG,IAAI,MAAM;QACrD,MAAM,EAAE,UAAU,CAAC,MAAM,IAAI,MAAM;QACnC,aAAa,EAAE,aAAa;QAC5B,SAAS,EAAE,UAAU,CAAC,EAAE,IAAI,UAAU,CAAC,MAAM,EAAE,aAAa,IAAI,SAAS;QACzE,SAAS,EAAE,GAAG,CAAC,OAAO,CAAC,YAAY,CAAuB;KAC3D,CAAC;IAEF,MAAM,WAAW,GAAG,MAAM,cAAc,CACtC,WAAW,EACX,SAAS,EACT,WAAW,EACX,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,EAC5D,YAAY,EACZ,UAAU,EACV,cAAc,CACf,CAAC;IAEF,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAG,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,uZAAuZ,CAAC,CAAC;IACxa,CAAC;IAGD,MAAM,MAAM,GAAG,IAAI,2BAA2B,CAAC,UAAU,EAAE,cAAc,EAAE,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;IAC3G,MAAM,CAAC,GAAG,IAAI,qBAAqB,EAAE,CAAC;IACtC,MAAM,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAEvB,IAAI,EAAE,GAAG,IAAI,CAAC;IACd,IAAI,CAAC;QACH,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,WAAW,EAAE,EAAE,wBAAwB,EAAE,KAAK,EAAE,CAAC,CAAC;QACnG,IAAI,kBAAkB,EAAE,CAAC;YACvB,EAAE,GAAG,IAAI,qBAAqB,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,IAAI,2BAA2B,CAAC,kBAAkB,EAAE,cAAc,EAAE,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;YACpH,MAAM,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,EAAE,CAAC;IAEX,CAAC;IAED,MAAM,SAAS,GAAG,CAAC;YACjB,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,YAA0C;SACjD,CAAC,CAAC;IACH,IAAI,EAAE,EAAE,CAAC;QACP,SAAS,CAAC,IAAI,CAAC;YACb,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,WAAyC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,MAAM,aAAa,GAAG;QACpB,UAAU;QACV,WAAW;QACX,WAAW,EAAE,WAAW;QACxB,SAAS;KACV,CAAC;IAEF,OAAO,aAAa,CAAC;AACvB,CAAC,CAAC"}
|