@memberjunction/server 5.39.0 → 5.40.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/index.js +1 -1
- package/dist/auth/index.js.map +1 -1
- package/dist/auth/magicLink/MagicLinkKeys.d.ts +58 -0
- package/dist/auth/magicLink/MagicLinkKeys.d.ts.map +1 -0
- package/dist/auth/magicLink/MagicLinkKeys.js +99 -0
- package/dist/auth/magicLink/MagicLinkKeys.js.map +1 -0
- package/dist/auth/magicLink/MagicLinkRouter.d.ts +33 -0
- package/dist/auth/magicLink/MagicLinkRouter.d.ts.map +1 -0
- package/dist/auth/magicLink/MagicLinkRouter.js +184 -0
- package/dist/auth/magicLink/MagicLinkRouter.js.map +1 -0
- package/dist/auth/magicLink/MagicLinkService.d.ts +123 -0
- package/dist/auth/magicLink/MagicLinkService.d.ts.map +1 -0
- package/dist/auth/magicLink/MagicLinkService.js +605 -0
- package/dist/auth/magicLink/MagicLinkService.js.map +1 -0
- package/dist/auth/magicLink/index.d.ts +6 -0
- package/dist/auth/magicLink/index.d.ts.map +1 -0
- package/dist/auth/magicLink/index.js +6 -0
- package/dist/auth/magicLink/index.js.map +1 -0
- package/dist/auth/magicLink/magicLinkCore.d.ts +82 -0
- package/dist/auth/magicLink/magicLinkCore.d.ts.map +1 -0
- package/dist/auth/magicLink/magicLinkCore.js +164 -0
- package/dist/auth/magicLink/magicLinkCore.js.map +1 -0
- package/dist/auth/magicLink/redeemLanding.d.ts +22 -0
- package/dist/auth/magicLink/redeemLanding.d.ts.map +1 -0
- package/dist/auth/magicLink/redeemLanding.js +61 -0
- package/dist/auth/magicLink/redeemLanding.js.map +1 -0
- package/dist/auth/magicLink/types.d.ts +131 -0
- package/dist/auth/magicLink/types.d.ts.map +1 -0
- package/dist/auth/magicLink/types.js +6 -0
- package/dist/auth/magicLink/types.js.map +1 -0
- package/dist/config.d.ts +411 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +60 -0
- package/dist/config.js.map +1 -1
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +225 -2
- package/dist/context.js.map +1 -1
- package/dist/generated/generated.d.ts +877 -4
- package/dist/generated/generated.d.ts.map +1 -1
- package/dist/generated/generated.js +17779 -12750
- package/dist/generated/generated.js.map +1 -1
- package/dist/generic/ResolverBase.d.ts.map +1 -1
- package/dist/generic/ResolverBase.js +35 -7
- package/dist/generic/ResolverBase.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +25 -0
- package/dist/index.js.map +1 -1
- package/dist/resolvers/CurrentUserContextResolver.d.ts +9 -3
- package/dist/resolvers/CurrentUserContextResolver.d.ts.map +1 -1
- package/dist/resolvers/CurrentUserContextResolver.js +19 -5
- package/dist/resolvers/CurrentUserContextResolver.js.map +1 -1
- package/dist/resolvers/EntityResolver.d.ts.map +1 -1
- package/dist/resolvers/EntityResolver.js +13 -2
- package/dist/resolvers/EntityResolver.js.map +1 -1
- package/dist/resolvers/GenerateSeedTaxonomyResolver.d.ts +28 -0
- package/dist/resolvers/GenerateSeedTaxonomyResolver.d.ts.map +1 -0
- package/dist/resolvers/GenerateSeedTaxonomyResolver.js +100 -0
- package/dist/resolvers/GenerateSeedTaxonomyResolver.js.map +1 -0
- package/dist/resolvers/RunClusterAnalysisResolver.d.ts +74 -0
- package/dist/resolvers/RunClusterAnalysisResolver.d.ts.map +1 -0
- package/dist/resolvers/RunClusterAnalysisResolver.js +243 -0
- package/dist/resolvers/RunClusterAnalysisResolver.js.map +1 -0
- package/dist/resolvers/UserResolver.d.ts +16 -2
- package/dist/resolvers/UserResolver.d.ts.map +1 -1
- package/dist/resolvers/UserResolver.js +45 -2
- package/dist/resolvers/UserResolver.js.map +1 -1
- package/dist/rest/SignatureWebhookHandler.d.ts +19 -0
- package/dist/rest/SignatureWebhookHandler.d.ts.map +1 -0
- package/dist/rest/SignatureWebhookHandler.js +86 -0
- package/dist/rest/SignatureWebhookHandler.js.map +1 -0
- package/package.json +75 -71
- package/src/__tests__/magicLink.test.ts +387 -0
- package/src/auth/index.ts +2 -2
- package/src/auth/magicLink/MagicLinkKeys.ts +122 -0
- package/src/auth/magicLink/MagicLinkRouter.ts +209 -0
- package/src/auth/magicLink/MagicLinkService.ts +724 -0
- package/src/auth/magicLink/index.ts +17 -0
- package/src/auth/magicLink/magicLinkCore.ts +216 -0
- package/src/auth/magicLink/redeemLanding.ts +62 -0
- package/src/auth/magicLink/types.ts +137 -0
- package/src/config.ts +62 -0
- package/src/context.ts +252 -3
- package/src/generated/generated.ts +12302 -8878
- package/src/generic/ResolverBase.ts +35 -7
- package/src/index.ts +28 -0
- package/src/resolvers/CurrentUserContextResolver.ts +21 -5
- package/src/resolvers/EntityResolver.ts +17 -5
- package/src/resolvers/GenerateSeedTaxonomyResolver.ts +90 -0
- package/src/resolvers/RunClusterAnalysisResolver.ts +249 -0
- package/src/resolvers/UserResolver.ts +38 -2
- package/src/rest/SignatureWebhookHandler.ts +103 -0
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Inbound eSignature webhook handler (DocuSign Connect, Adobe events, …).
|
|
3
|
+
*
|
|
4
|
+
* Unauthenticated by design — external signature providers call this endpoint without an MJ bearer
|
|
5
|
+
* token. Payload authenticity is verified by the provider DRIVER's `ParseWebhookEvent` (HMAC /
|
|
6
|
+
* signature), not by MJ auth. Must be registered BEFORE the unified auth middleware.
|
|
7
|
+
*
|
|
8
|
+
* Endpoint:
|
|
9
|
+
* - POST /esignature/webhook/:driverKey
|
|
10
|
+
*
|
|
11
|
+
* @module @memberjunction/server/rest/SignatureWebhookHandler
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
import express from 'express';
|
|
15
|
+
import BodyParser from 'body-parser';
|
|
16
|
+
import { LogError, LogStatus, UserInfo } from '@memberjunction/core';
|
|
17
|
+
import { UserCache } from '@memberjunction/sqlserver-dataprovider';
|
|
18
|
+
import { SignatureEngine } from '@memberjunction/esignature/server';
|
|
19
|
+
|
|
20
|
+
/**
|
|
21
|
+
* Build an Express router exposing the eSignature webhook. Mount it unauthenticated:
|
|
22
|
+
* `app.use('/esignature', createSignatureWebhookHandler())`.
|
|
23
|
+
*/
|
|
24
|
+
export function createSignatureWebhookHandler(): express.Router {
|
|
25
|
+
const router = express.Router();
|
|
26
|
+
|
|
27
|
+
// Capture the raw body so drivers that HMAC-verify over the exact bytes can do so.
|
|
28
|
+
router.post(
|
|
29
|
+
'/webhook/:driverKey',
|
|
30
|
+
BodyParser.json({ limit: '25mb', verify: captureRawBody }),
|
|
31
|
+
async (req: express.Request, res: express.Response) => {
|
|
32
|
+
await handleWebhook(req, res);
|
|
33
|
+
},
|
|
34
|
+
);
|
|
35
|
+
|
|
36
|
+
return router;
|
|
37
|
+
}
|
|
38
|
+
|
|
39
|
+
/** Stash the raw request bytes on the request for signature verification by the driver. */
|
|
40
|
+
function captureRawBody(req: express.Request, _res: express.Response, buf: Buffer): void {
|
|
41
|
+
(req as RawBodyRequest).rawBody = buf;
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
async function handleWebhook(req: express.Request, res: express.Response): Promise<void> {
|
|
45
|
+
const driverKey = req.params.driverKey;
|
|
46
|
+
if (!driverKey) {
|
|
47
|
+
res.status(400).json({ error: 'Missing driver key in path.' });
|
|
48
|
+
return;
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
const contextUser = getSystemUser();
|
|
52
|
+
if (!contextUser) {
|
|
53
|
+
LogError('[eSignature webhook] No system user available; cannot process webhook.');
|
|
54
|
+
res.status(503).json({ error: 'Server not ready to process webhooks.' });
|
|
55
|
+
return;
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
try {
|
|
59
|
+
await SignatureEngine.Instance.Config(false, contextUser);
|
|
60
|
+
const headers = normalizeHeaders(req.headers);
|
|
61
|
+
const rawBody = (req as RawBodyRequest).rawBody;
|
|
62
|
+
const result = await SignatureEngine.Instance.RecordWebhookEvent(driverKey, req.body, headers, contextUser, rawBody);
|
|
63
|
+
|
|
64
|
+
if (!result.Success) {
|
|
65
|
+
// 202: we received it but couldn't act (e.g. unrecognized payload / no matching envelope).
|
|
66
|
+
// Returning 2xx prevents most providers from aggressively retrying a payload we'll never match.
|
|
67
|
+
LogStatus(`[eSignature webhook] ${driverKey}: not actioned — ${result.ErrorMessage}`);
|
|
68
|
+
res.status(202).json({ received: true, actioned: false, message: result.ErrorMessage });
|
|
69
|
+
return;
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
res.status(200).json({ received: true, actioned: true, status: result.event?.status });
|
|
73
|
+
} catch (e) {
|
|
74
|
+
LogError(`[eSignature webhook] ${driverKey}: ${e instanceof Error ? e.message : String(e)}`);
|
|
75
|
+
res.status(500).json({ error: 'Failed to process webhook.' });
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
/** Flatten Express header values to a simple string map for the driver. */
|
|
80
|
+
function normalizeHeaders(headers: express.Request['headers']): Record<string, string> {
|
|
81
|
+
const out: Record<string, string> = {};
|
|
82
|
+
for (const [key, value] of Object.entries(headers)) {
|
|
83
|
+
if (typeof value === 'string') {
|
|
84
|
+
out[key] = value;
|
|
85
|
+
} else if (Array.isArray(value)) {
|
|
86
|
+
out[key] = value.join(', ');
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
return out;
|
|
90
|
+
}
|
|
91
|
+
|
|
92
|
+
function getSystemUser(): UserInfo | null {
|
|
93
|
+
try {
|
|
94
|
+
return UserCache.Instance.GetSystemUser() ?? null;
|
|
95
|
+
} catch {
|
|
96
|
+
return null;
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
|
|
100
|
+
/** Express request augmented with the captured raw body. */
|
|
101
|
+
interface RawBodyRequest extends express.Request {
|
|
102
|
+
rawBody?: Buffer;
|
|
103
|
+
}
|