@minimaltech/node-infra 0.2.27

package/dist/components/authenticate/repositories/oauth2.repository.js

@@ -0,0 +1,78 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuth2TokenRepository = exports.OAuth2ScopeRepository = exports.OAuth2ClientRepository = void 0;
+const base_datasource_1 = require("../../../base/base.datasource");
+const repositories_1 = require("../../../base/repositories");
+const core_1 = require("@loopback/core");
+const models_1 = require("../models");
+const utilities_1 = require("../../../utilities");
+const repository_1 = require("@loopback/repository");
+const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
+const DS_OAUTH2 = process.env.APP_ENV_APPLICATION_DS_OAUTH2
+    ? process.env.APP_ENV_APPLICATION_DS_OAUTH2
+    : process.env.APP_ENV_APPLICATION_DS_AUTHORIZE;
+let OAuth2ClientRepository = class OAuth2ClientRepository extends repositories_1.TzCrudRepository {
+    constructor(dataSource) {
+        if (!DS_OAUTH2 || (0, isEmpty_1.default)(DS_OAUTH2)) {
+            throw (0, utilities_1.getError)({
+                message: `[AUTHORIZE][DANGER] INVALID DATABASE CONFIGURE | Missing env: DS_AUTHORIZE`,
+            });
+        }
+        super(models_1.OAuth2Client, dataSource);
+    }
+};
+exports.OAuth2ClientRepository = OAuth2ClientRepository;
+exports.OAuth2ClientRepository = OAuth2ClientRepository = __decorate([
+    __param(0, (0, core_1.inject)(`datasources.${DS_OAUTH2}`)),
+    __metadata("design:paramtypes", [base_datasource_1.BaseDataSource])
+], OAuth2ClientRepository);
+let OAuth2ScopeRepository = class OAuth2ScopeRepository extends repositories_1.TzCrudRepository {
+    constructor(dataSource) {
+        if (!DS_OAUTH2 || (0, isEmpty_1.default)(DS_OAUTH2)) {
+            throw (0, utilities_1.getError)({
+                message: `[AUTHORIZE][DANGER] INVALID DATABASE CONFIGURE | Missing env: DS_AUTHORIZE`,
+            });
+        }
+        super(models_1.OAuth2Scope, dataSource);
+    }
+};
+exports.OAuth2ScopeRepository = OAuth2ScopeRepository;
+exports.OAuth2ScopeRepository = OAuth2ScopeRepository = __decorate([
+    __param(0, (0, core_1.inject)(`datasources.${DS_OAUTH2}`)),
+    __metadata("design:paramtypes", [base_datasource_1.BaseDataSource])
+], OAuth2ScopeRepository);
+let OAuth2TokenRepository = class OAuth2TokenRepository extends repositories_1.TzCrudRepository {
+    constructor(dataSource, oauth2ClientRepository) {
+        if (!DS_OAUTH2 || (0, isEmpty_1.default)(DS_OAUTH2)) {
+            throw (0, utilities_1.getError)({
+                message: `[AUTHORIZE][DANGER] INVALID DATABASE CONFIGURE | Missing env: DS_AUTHORIZE`,
+            });
+        }
+        super(models_1.OAuth2Token, dataSource);
+        this.oauth2ClientRepository = oauth2ClientRepository;
+        this.client = this.createBelongsToAccessorFor('client', oauth2ClientRepository);
+        this.registerInclusionResolver('client', this.client.inclusionResolver);
+    }
+};
+exports.OAuth2TokenRepository = OAuth2TokenRepository;
+exports.OAuth2TokenRepository = OAuth2TokenRepository = __decorate([
+    __param(0, (0, core_1.inject)(`datasources.${DS_OAUTH2}`)),
+    __param(1, repository_1.repository.getter('OAuth2ScopeRepository')),
+    __metadata("design:paramtypes", [base_datasource_1.BaseDataSource, Function])
+], OAuth2TokenRepository);
+//# sourceMappingURL=oauth2.repository.js.map

package/dist/components/authenticate/repositories/oauth2.repository.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth2.repository.js","sourceRoot":"","sources":["../../../../src/components/authenticate/repositories/oauth2.repository.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,4DAAwD;AACxD,sDAAuD;AACvD,yCAAgD;AAChD,sCAAmE;AAGnE,2CAAuC;AACvC,qDAAqE;AACrE,6DAAqC;AAErC,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B;IACzD,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B;IAC3C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC;AAEjD,IAAa,sBAAsB,GAAnC,MAAa,sBAAuB,SAAQ,+BAA8B;IACxE,YAAgD,UAA0B;QACxE,IAAI,CAAC,SAAS,IAAI,IAAA,iBAAO,EAAC,SAAS,CAAC,EAAE,CAAC;YACrC,MAAM,IAAA,oBAAQ,EAAC;gBACb,OAAO,EAAE,4EAA4E;aACtF,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,qBAAY,EAAE,UAAU,CAAC,CAAC;IAClC,CAAC;CACF,CAAA;AAVY,wDAAsB;iCAAtB,sBAAsB;IACpB,WAAA,IAAA,aAAM,EAAC,eAAe,SAAS,EAAE,CAAC,CAAA;qCAAa,gCAAc;GAD/D,sBAAsB,CAUlC;AAED,IAAa,qBAAqB,GAAlC,MAAa,qBAAsB,SAAQ,+BAA6B;IACtE,YAAgD,UAA0B;QACxE,IAAI,CAAC,SAAS,IAAI,IAAA,iBAAO,EAAC,SAAS,CAAC,EAAE,CAAC;YACrC,MAAM,IAAA,oBAAQ,EAAC;gBACb,OAAO,EAAE,4EAA4E;aACtF,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,oBAAW,EAAE,UAAU,CAAC,CAAC;IACjC,CAAC;CACF,CAAA;AAVY,sDAAqB;gCAArB,qBAAqB;IACnB,WAAA,IAAA,aAAM,EAAC,eAAe,SAAS,EAAE,CAAC,CAAA;qCAAa,gCAAc;GAD/D,qBAAqB,CAUjC;AAED,IAAa,qBAAqB,GAAlC,MAAa,qBAAsB,SAAQ,+BAA6B;IAGtE,YACsC,UAA0B,EAEpD,sBAAsD;QAEhE,IAAI,CAAC,SAAS,IAAI,IAAA,iBAAO,EAAC,SAAS,CAAC,EAAE,CAAC;YACrC,MAAM,IAAA,oBAAQ,EAAC;gBACb,OAAO,EAAE,4EAA4E;aACtF,CAAC,CAAC;QACL,CAAC;QAED,KAAK,CAAC,oBAAW,EAAE,UAAU,CAAC,CAAC;QARrB,2BAAsB,GAAtB,sBAAsB,CAAgC;QAUhE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,0BAA0B,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CAAC;QAChF,IAAI,CAAC,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC1E,CAAC;CACF,CAAA;AAnBY,sDAAqB;gCAArB,qBAAqB;IAI7B,WAAA,IAAA,aAAM,EAAC,eAAe,SAAS,EAAE,CAAC,CAAA;IAClC,WAAA,uBAAU,CAAC,MAAM,CAAC,uBAAuB,CAAC,CAAA;qCADK,gCAAc;GAJrD,qBAAqB,CAmBjC"}

package/dist/components/authenticate/services/basic-token.service.d.ts

@@ -0,0 +1,8 @@
+import { BaseService } from '../../../base/base.service';
+export declare class BasicTokenService extends BaseService {
+    constructor();
+    verify(credential: {
+        username: string;
+        password: string;
+    }): Promise<any>;
+}

package/dist/components/authenticate/services/basic-token.service.js

@@ -0,0 +1,42 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BasicTokenService = void 0;
+const base_service_1 = require("../../../base/base.service");
+const rest_1 = require("@loopback/rest");
+class BasicTokenService extends base_service_1.BaseService {
+    constructor() {
+        super({ scope: BasicTokenService.name });
+    }
+    verify(credential) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (!credential) {
+                this.logger.error('verify', 'Missing basic credential for validating request!');
+                throw new rest_1.HttpErrors.Unauthorized('Invalid basic request credential!');
+            }
+            let tokenPayload;
+            try {
+                const { username, password } = credential;
+                const basicCredential = {
+                    identifier: { scheme: 'username', value: username },
+                    credential: { scheme: 'basic', value: password },
+                };
+                tokenPayload = basicCredential;
+            }
+            catch (error) {
+                throw new rest_1.HttpErrors.Unauthorized(`Error verifying token : ${error.message}`);
+            }
+            return tokenPayload;
+        });
+    }
+}
+exports.BasicTokenService = BasicTokenService;
+//# sourceMappingURL=basic-token.service.js.map

package/dist/components/authenticate/services/basic-token.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic-token.service.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/basic-token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,sDAAkD;AAClD,yCAA4C;AAE5C,MAAa,iBAAkB,SAAQ,0BAAW;IAChD;QACE,KAAK,CAAC,EAAE,KAAK,EAAE,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC;IAC3C,CAAC;IAEK,MAAM,CAAC,UAAkD;;YAC7D,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,kDAAkD,CAAC,CAAC;gBAChF,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,mCAAmC,CAAC,CAAC;YACzE,CAAC;YAED,IAAI,YAAY,CAAC;YACjB,IAAI,CAAC;gBACH,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;gBAC1C,MAAM,eAAe,GAAG;oBACtB,UAAU,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE;oBACnD,UAAU,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE;iBACjD,CAAC;gBAEF,YAAY,GAAG,eAAe,CAAC;YACjC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,2BAA2B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAChF,CAAC;YAED,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;CACF;AA1BD,8CA0BC"}

package/dist/components/authenticate/services/basic.strategy.d.ts

@@ -0,0 +1,13 @@
+import { AuthenticationStrategy } from '@loopback/authentication';
+import { Request } from '@loopback/rest';
+import { BasicTokenService } from './basic-token.service';
+export declare class BasicAuthenticationStrategy implements AuthenticationStrategy {
+    private service;
+    name: string;
+    constructor(service: BasicTokenService);
+    extractCredentials(request: Request): {
+        username: string;
+        password: string;
+    };
+    authenticate(request: Request): Promise<any>;
+}

package/dist/components/authenticate/services/basic.strategy.js

@@ -0,0 +1,64 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BasicAuthenticationStrategy = void 0;
+const core_1 = require("@loopback/core");
+const rest_1 = require("@loopback/rest");
+const common_1 = require("../common");
+const basic_token_service_1 = require("./basic-token.service");
+let BasicAuthenticationStrategy = class BasicAuthenticationStrategy {
+    constructor(service) {
+        this.service = service;
+        this.name = common_1.Authentication.TYPE_BASIC;
+    }
+    extractCredentials(request) {
+        if (!request.headers.authorization) {
+            throw new rest_1.HttpErrors.Unauthorized(`Authorization header not found.`);
+        }
+        const authHeaderValue = request.headers.authorization;
+        if (!authHeaderValue.startsWith('Basic')) {
+            throw new rest_1.HttpErrors.Unauthorized(`Authorization header is not of type 'Basic'.`);
+        }
+        const parts = authHeaderValue.split(' ');
+        if (parts.length !== 2) {
+            throw new rest_1.HttpErrors.Unauthorized('Invalid basic authentication header');
+        }
+        const token = parts[1];
+        const credential = Buffer.from(token, 'base64').toString();
+        const [username, password] = (credential === null || credential === void 0 ? void 0 : credential.split(':')) || [];
+        return { username, password };
+    }
+    authenticate(request) {
+        return __awaiter(this, void 0, void 0, function* () {
+            const credential = this.extractCredentials(request);
+            const rs = yield this.service.verify(credential);
+            return rs;
+        });
+    }
+};
+exports.BasicAuthenticationStrategy = BasicAuthenticationStrategy;
+exports.BasicAuthenticationStrategy = BasicAuthenticationStrategy = __decorate([
+    __param(0, (0, core_1.inject)('services.BasicTokenService')),
+    __metadata("design:paramtypes", [basic_token_service_1.BasicTokenService])
+], BasicAuthenticationStrategy);
+//# sourceMappingURL=basic.strategy.js.map

package/dist/components/authenticate/services/basic.strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"basic.strategy.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/basic.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AACA,yCAAwC;AACxC,yCAAqD;AACrD,sCAA2C;AAC3C,+DAA0D;AAE1D,IAAa,2BAA2B,GAAxC,MAAa,2BAA2B;IAGtC,YAAkD,OAAkC;QAA1B,YAAO,GAAP,OAAO,CAAmB;QAFpF,SAAI,GAAG,uBAAc,CAAC,UAAU,CAAC;IAEsD,CAAC;IAExF,kBAAkB,CAAC,OAAgB;QACjC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YACnC,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,iCAAiC,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAEtD,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;QACpF,CAAC;QAED,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,qCAAqC,CAAC,CAAC;QAC3E,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3D,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAA,UAAU,aAAV,UAAU,uBAAV,UAAU,CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC;QAC1D,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;IAChC,CAAC;IAEK,YAAY,CAAC,OAAgB;;YACjC,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YACjD,OAAO,EAAE,CAAC;QACZ,CAAC;KAAA;CACF,CAAA;AAhCY,kEAA2B;sCAA3B,2BAA2B;IAGzB,WAAA,IAAA,aAAM,EAAC,4BAA4B,CAAC,CAAA;qCAAkB,uCAAiB;GAHzE,2BAA2B,CAgCvC"}

package/dist/components/authenticate/services/index.d.ts

@@ -0,0 +1,6 @@
+export * from './basic.strategy';
+export * from './basic-token.service';
+export * from './jwt.strategy';
+export * from './jwt-token.service';
+export * from './oauth2.strategy';
+export * from './oauth2.service';

package/dist/components/authenticate/services/index.js

@@ -0,0 +1,23 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./basic.strategy"), exports);
+__exportStar(require("./basic-token.service"), exports);
+__exportStar(require("./jwt.strategy"), exports);
+__exportStar(require("./jwt-token.service"), exports);
+__exportStar(require("./oauth2.strategy"), exports);
+__exportStar(require("./oauth2.service"), exports);
+//# sourceMappingURL=index.js.map

package/dist/components/authenticate/services/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mDAAiC;AACjC,wDAAsC;AAEtC,iDAA+B;AAC/B,sDAAoC;AAEpC,oDAAkC;AAClC,mDAAiC"}

package/dist/components/authenticate/services/jwt-token.service.d.ts

@@ -0,0 +1,23 @@
+import { BaseService } from '../../../base/base.service';
+import { IJWTTokenPayload } from '../common';
+export declare class JWTTokenService extends BaseService {
+    private applicationSecret;
+    private jwtSecret;
+    private jwtExpiresIn;
+    constructor(applicationSecret: string, jwtSecret: string, jwtExpiresIn: string);
+    extractCredentials(request: {
+        headers: any;
+    }): {
+        type: string;
+        token: string;
+    };
+    encryptPayload(payload: IJWTTokenPayload): {
+        [x: string]: string;
+    };
+    decryptPayload(decodedToken: any): IJWTTokenPayload;
+    verify(opts: {
+        type: string;
+        token: string;
+    }): IJWTTokenPayload;
+    generate(payload: IJWTTokenPayload): string;
+}

package/dist/components/authenticate/services/jwt-token.service.js

@@ -0,0 +1,154 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var JWTTokenService_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JWTTokenService = void 0;
+const base_service_1 = require("../../../base/base.service");
+const utilities_1 = require("../../../utilities");
+const authentication_jwt_1 = require("@loopback/authentication-jwt");
+const core_1 = require("@loopback/core");
+const rest_1 = require("@loopback/rest");
+const security_1 = require("@loopback/security");
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const common_1 = require("../common");
+let JWTTokenService = JWTTokenService_1 = class JWTTokenService extends base_service_1.BaseService {
+    constructor(applicationSecret, jwtSecret, jwtExpiresIn) {
+        super({ scope: JWTTokenService_1.name });
+        this.applicationSecret = applicationSecret;
+        this.jwtSecret = jwtSecret;
+        this.jwtExpiresIn = jwtExpiresIn;
+    }
+    // --------------------------------------------------------------------------------------
+    extractCredentials(request) {
+        if (!request.headers.authorization) {
+            throw (0, utilities_1.getError)({
+                statusCode: 401,
+                message: 'Unauthorized user! Missing authorization header',
+            });
+        }
+        const authHeaderValue = request.headers.authorization;
+        if (!authHeaderValue.startsWith(common_1.Authentication.TYPE_BEARER)) {
+            throw (0, utilities_1.getError)({
+                statusCode: 401,
+                message: 'Unauthorized user! Invalid schema of request token!',
+            });
+        }
+        const parts = authHeaderValue.split(' ');
+        if (parts.length !== 2) {
+            throw new rest_1.HttpErrors.Unauthorized(`Authorization header value has too many parts. It must follow the pattern: 'Bearer xx.yy.zz' where xx.yy.zz is a valid JWT token.`);
+        }
+        return { type: parts[0], token: parts[1] };
+    }
+    // --------------------------------------------------------------------------------------
+    encryptPayload(payload) {
+        const userKey = (0, utilities_1.encrypt)('userId', this.applicationSecret);
+        const rolesKey = (0, utilities_1.encrypt)('roles', this.applicationSecret);
+        const clientIdKey = (0, utilities_1.encrypt)('clientId', this.applicationSecret);
+        const { userId, roles, clientId = 'NA' } = payload;
+        return {
+            [userKey]: (0, utilities_1.encrypt)(userId.toString(), this.applicationSecret),
+            [rolesKey]: (0, utilities_1.encrypt)(JSON.stringify(roles.map(el => `${el.id}|${el.identifier}|${el.priority}`)), this.applicationSecret),
+            [clientIdKey]: (0, utilities_1.encrypt)(clientId, this.applicationSecret),
+        };
+    }
+    // --------------------------------------------------------------------------------------
+    decryptPayload(decodedToken) {
+        const rs = {};
+        const jwtFields = new Set(['iat', 'exp']);
+        for (const encodedAttr in decodedToken) {
+            if (jwtFields.has(encodedAttr)) {
+                rs[encodedAttr] = decodedToken[encodedAttr];
+                continue;
+            }
+            const attr = (0, utilities_1.decrypt)(encodedAttr, this.applicationSecret);
+            const decryptedValue = (0, utilities_1.decrypt)(decodedToken[encodedAttr], this.applicationSecret);
+            switch (attr) {
+                case 'userId': {
+                    rs.userId = parseInt(decryptedValue);
+                    rs[security_1.securityId] = rs.userId.toString();
+                    break;
+                }
+                case 'clientId': {
+                    rs.clientId = decryptedValue;
+                    break;
+                }
+                case 'roles': {
+                    rs.roles = JSON.parse(decryptedValue).map(el => {
+                        const [id, identifier, priority] = el.split('|');
+                        return { id, identifier, priority };
+                    });
+                    break;
+                }
+                default: {
+                    rs[encodedAttr] = decodedToken[encodedAttr];
+                    break;
+                }
+            }
+        }
+        return rs;
+    }
+    // --------------------------------------------------------------------------------------
+    verify(opts) {
+        const { token } = opts;
+        if (!token) {
+            this.logger.error('[verify] Missing token for validating request!');
+            throw new rest_1.HttpErrors.Unauthorized('Invalid request token!');
+        }
+        let decodedToken;
+        try {
+            decodedToken = jsonwebtoken_1.default.verify(token, this.jwtSecret);
+        }
+        catch (error) {
+            throw new rest_1.HttpErrors.Unauthorized(`Error verifying token : ${error.message}`);
+        }
+        try {
+            return this.decryptPayload(decodedToken);
+        }
+        catch (error) {
+            this.logger.error('[verify] Failed to decode token | Error: %s', error);
+            throw (0, utilities_1.getError)({
+                statusCode: 401,
+                message: 'Invalid token signature | Failed to decode token!',
+            });
+        }
+    }
+    // --------------------------------------------------------------------------------------
+    generate(payload) {
+        if (!payload) {
+            throw new rest_1.HttpErrors.Unauthorized('Error generating token : userProfile is null');
+        }
+        let token;
+        try {
+            token = jsonwebtoken_1.default.sign(this.encryptPayload(payload), this.jwtSecret, {
+                expiresIn: Number(this.jwtExpiresIn),
+            });
+        }
+        catch (error) {
+            throw new rest_1.HttpErrors.Unauthorized(`Error encoding token : ${error}`);
+        }
+        return token;
+    }
+};
+exports.JWTTokenService = JWTTokenService;
+exports.JWTTokenService = JWTTokenService = JWTTokenService_1 = __decorate([
+    (0, core_1.injectable)({ scope: core_1.BindingScope.SINGLETON }),
+    __param(0, (0, core_1.inject)(common_1.AuthenticateKeys.APPLICATION_SECRET)),
+    __param(1, (0, core_1.inject)(authentication_jwt_1.TokenServiceBindings.TOKEN_SECRET)),
+    __param(2, (0, core_1.inject)(authentication_jwt_1.TokenServiceBindings.TOKEN_EXPIRES_IN)),
+    __metadata("design:paramtypes", [String, String, String])
+], JWTTokenService);
+//# sourceMappingURL=jwt-token.service.js.map

package/dist/components/authenticate/services/jwt-token.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt-token.service.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/jwt-token.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,sDAAkD;AAClD,2CAAyD;AACzD,qEAAoE;AACpE,yCAAkE;AAClE,yCAA4C;AAC5C,iDAAgD;AAChD,gEAA+B;AAE/B,sCAA+E;AAGxE,IAAM,eAAe,uBAArB,MAAM,eAAgB,SAAQ,0BAAW;IAC9C,YAEU,iBAAyB,EACkB,SAAiB,EACb,YAAoB;QAE3E,KAAK,CAAC,EAAE,KAAK,EAAE,iBAAe,CAAC,IAAI,EAAE,CAAC,CAAC;QAJ/B,sBAAiB,GAAjB,iBAAiB,CAAQ;QACkB,cAAS,GAAT,SAAS,CAAQ;QACb,iBAAY,GAAZ,YAAY,CAAQ;IAG7E,CAAC;IAED,yFAAyF;IACzF,kBAAkB,CAAC,OAAyB;QAC1C,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YACnC,MAAM,IAAA,oBAAQ,EAAC;gBACb,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE,iDAAiD;aAC3D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,eAAe,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACtD,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,uBAAc,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5D,MAAM,IAAA,oBAAQ,EAAC;gBACb,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE,qDAAqD;aAC/D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACzC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,iBAAU,CAAC,YAAY,CAC/B,mIAAmI,CACpI,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7C,CAAC;IAED,yFAAyF;IACzF,cAAc,CAAC,OAAyB;QACtC,MAAM,OAAO,GAAG,IAAA,mBAAO,EAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAE1D,MAAM,QAAQ,GAAG,IAAA,mBAAO,EAAC,OAAO,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAC1D,MAAM,WAAW,GAAG,IAAA,mBAAO,EAAC,UAAU,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;QAEhE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,GAAG,IAAI,EAAE,GAAG,OAAO,CAAC;QAEnD,OAAO;YACL,CAAC,OAAO,CAAC,EAAE,IAAA,mBAAO,EAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC;YAC7D,CAAC,QAAQ,CAAC,EAAE,IAAA,mBAAO,EACjB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC,QAAQ,EAAE,CAAC,CAAC,EAC3E,IAAI,CAAC,iBAAiB,CACvB;YACD,CAAC,WAAW,CAAC,EAAE,IAAA,mBAAO,EAAC,QAAQ,EAAE,IAAI,CAAC,iBAAiB,CAAC;SACzD,CAAC;IACJ,CAAC;IAED,yFAAyF;IACzF,cAAc,CAAC,YAAiB;QAC9B,MAAM,EAAE,GAAQ,EAAE,CAAC;QAEnB,MAAM,SAAS,GAAG,IAAI,GAAG,CAAS,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAElD,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;YACvC,IAAI,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,EAAE,CAAC,WAAW,CAAC,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;gBAC5C,SAAS;YACX,CAAC;YAED,MAAM,IAAI,GAAG,IAAA,mBAAO,EAAC,WAAW,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,IAAA,mBAAO,EAAC,YAAY,CAAC,WAAW,CAAC,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;YAElF,QAAQ,IAAI,EAAE,CAAC;gBACb,KAAK,QAAQ,CAAC,CAAC,CAAC;oBACd,EAAE,CAAC,MAAM,GAAG,QAAQ,CAAC,cAAc,CAAC,CAAC;oBACrC,EAAE,CAAC,qBAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACtC,MAAM;gBACR,CAAC;gBACD,KAAK,UAAU,CAAC,CAAC,CAAC;oBAChB,EAAE,CAAC,QAAQ,GAAG,cAAc,CAAC;oBAC7B,MAAM;gBACR,CAAC;gBACD,KAAK,OAAO,CAAC,CAAC,CAAC;oBACb,EAAE,CAAC,KAAK,GAAI,IAAI,CAAC,KAAK,CAAC,cAAc,CAAc,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE;wBAC3D,MAAM,CAAC,EAAE,EAAE,UAAU,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACjD,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC;oBACtC,CAAC,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;gBACD,OAAO,CAAC,CAAC,CAAC;oBACR,EAAE,CAAC,WAAW,CAAC,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;oBAC5C,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,yFAAyF;IACzF,MAAM,CAAC,IAAqC;QAC1C,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACvB,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACpE,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,wBAAwB,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,YAAY,CAAC;QACjB,IAAI,CAAC;YACH,YAAY,GAAG,sBAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,2BAA2B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;YACxE,MAAM,IAAA,oBAAQ,EAAC;gBACb,UAAU,EAAE,GAAG;gBACf,OAAO,EAAE,mDAAmD;aAC7D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,yFAAyF;IACzF,QAAQ,CAAC,OAAyB;QAChC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,8CAA8C,CAAC,CAAC;QACpF,CAAC;QAED,IAAI,KAAa,CAAC;QAClB,IAAI,CAAC;YACH,KAAK,GAAG,sBAAG,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,SAAS,EAAE;gBAC7D,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC;aACrC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,iBAAU,CAAC,YAAY,CAAC,0BAA0B,KAAK,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF,CAAA;AA7IY,0CAAe;0BAAf,eAAe;IAD3B,IAAA,iBAAU,EAAC,EAAE,KAAK,EAAE,mBAAY,CAAC,SAAS,EAAE,CAAC;IAGzC,WAAA,IAAA,aAAM,EAAC,yBAAgB,CAAC,kBAAkB,CAAC,CAAA;IAE3C,WAAA,IAAA,aAAM,EAAC,yCAAoB,CAAC,YAAY,CAAC,CAAA;IACzC,WAAA,IAAA,aAAM,EAAC,yCAAoB,CAAC,gBAAgB,CAAC,CAAA;;GALrC,eAAe,CA6I3B"}

package/dist/components/authenticate/services/jwt.strategy.d.ts

@@ -0,0 +1,9 @@
+import { AuthenticationStrategy } from '@loopback/authentication';
+import { Request } from '@loopback/rest';
+import { JWTTokenService } from './jwt-token.service';
+export declare class JWTAuthenticationStrategy implements AuthenticationStrategy {
+    private service;
+    name: string;
+    constructor(service: JWTTokenService);
+    authenticate(request: Request): Promise<import("../common").IJWTTokenPayload>;
+}

package/dist/components/authenticate/services/jwt.strategy.js

@@ -0,0 +1,34 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JWTAuthenticationStrategy = void 0;
+const core_1 = require("@loopback/core");
+const jwt_token_service_1 = require("./jwt-token.service");
+const common_1 = require("../common");
+let JWTAuthenticationStrategy = class JWTAuthenticationStrategy {
+    constructor(service) {
+        this.service = service;
+        this.name = common_1.Authentication.STRATEGY_JWT;
+    }
+    authenticate(request) {
+        const token = this.service.extractCredentials(request);
+        return Promise.resolve(this.service.verify(token));
+    }
+};
+exports.JWTAuthenticationStrategy = JWTAuthenticationStrategy;
+exports.JWTAuthenticationStrategy = JWTAuthenticationStrategy = __decorate([
+    __param(0, (0, core_1.inject)('services.JWTTokenService')),
+    __metadata("design:paramtypes", [jwt_token_service_1.JWTTokenService])
+], JWTAuthenticationStrategy);
+//# sourceMappingURL=jwt.strategy.js.map

package/dist/components/authenticate/services/jwt.strategy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"jwt.strategy.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/jwt.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AACA,yCAAwC;AAExC,2DAAsD;AACtD,sCAA2C;AAE3C,IAAa,yBAAyB,GAAtC,MAAa,yBAAyB;IAGpC,YAAgD,OAAgC;QAAxB,YAAO,GAAP,OAAO,CAAiB;QAFhF,SAAI,GAAG,uBAAc,CAAC,YAAY,CAAC;IAEgD,CAAC;IAEpF,YAAY,CAAC,OAAgB;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;QACvD,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IACrD,CAAC;CACF,CAAA;AATY,8DAAyB;oCAAzB,yBAAyB;IAGvB,WAAA,IAAA,aAAM,EAAC,0BAA0B,CAAC,CAAA;qCAAkB,mCAAe;GAHrE,yBAAyB,CASrC"}

package/dist/components/authenticate/services/oauth2.service.d.ts

@@ -0,0 +1,51 @@
+import { BaseApplication } from '../../../base/applications';
+import { BaseService } from '../../../base/base.service';
+import { RequestContext } from '@loopback/rest';
+import { Request, Response, Token } from '@node-oauth/oauth2-server';
+import { SignInRequest } from '../common';
+import { OAuth2Handler } from '../oauth2-handlers';
+import { OAuth2ClientRepository } from '../repositories';
+export declare class OAuth2Service extends BaseService {
+    private application;
+    private handler;
+    private oauth2ClientRepository;
+    constructor(application: BaseApplication, handler: OAuth2Handler, oauth2ClientRepository: OAuth2ClientRepository);
+    encryptClientToken(opts: {
+        clientId: string;
+        clientSecret: string;
+    }): string;
+    decryptClientToken(opts: {
+        token: string;
+    }): {
+        clientId: string;
+        clientSecret: string;
+    };
+    getOAuth2RequestPath(opts: {
+        clientId: string;
+        clientSecret: string;
+        redirectUrl: string;
+    }): Promise<{
+        requestPath: string;
+    }>;
+    generateToken(opts: {
+        request: Request;
+        response: Response;
+    }): Promise<Token>;
+    authorize(opts: {
+        request: Request;
+        response: Response;
+    }): Promise<import("@node-oauth/oauth2-server").AuthorizationCode>;
+    doOAuth2(opts: {
+        context: Pick<RequestContext, 'request' | 'response'>;
+        authServiceKey: string;
+        signInRequest: SignInRequest;
+        redirectUrl?: string;
+    }): Promise<{
+        redirectUrl: string;
+        oauth2TokenRs: Token;
+    }>;
+    doClientCallback(opts: {
+        c: string;
+        oauth2Token: Token;
+    }): Promise<void>;
+}