npm - @minimaltech/node-infra - Versions diffs - 0.2.27 - Mend

@minimaltech/node-infra 0.2.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (565) hide show

package/dist/components/authenticate/services/oauth2.service.js ADDED Viewed

@@ -0,0 +1,208 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var OAuth2Service_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.OAuth2Service = void 0;
+const applications_1 = require("../../../base/applications");
+const base_service_1 = require("../../../base/base.service");
+const common_1 = require("../../../common");
+const helpers_1 = require("../../../helpers");
+const utilities_1 = require("../../../utilities");
+const core_1 = require("@loopback/core");
+const oauth2_server_1 = require("@node-oauth/oauth2-server");
+const common_2 = require("../common");
+const oauth2_handlers_1 = require("../oauth2-handlers");
+const repositories_1 = require("../repositories");
+let OAuth2Service = OAuth2Service_1 = class OAuth2Service extends base_service_1.BaseService {
+    constructor(application, handler, oauth2ClientRepository) {
+        super({ scope: OAuth2Service_1.name });
+        this.application = application;
+        this.handler = handler;
+        this.oauth2ClientRepository = oauth2ClientRepository;
+    }
+    // --------------------------------------------------------------------------------
+    encryptClientToken(opts) {
+        const { clientId, clientSecret } = opts;
+        const applicationSecret = helpers_1.applicationEnvironment.get(common_1.EnvironmentKeys.APP_ENV_APPLICATION_SECRET);
+        return (0, utilities_1.encrypt)([clientId, clientSecret].join('_'), applicationSecret);
+    }
+    // --------------------------------------------------------------------------------
+    decryptClientToken(opts) {
+        const { token } = opts;
+        const applicationSecret = helpers_1.applicationEnvironment.get(common_1.EnvironmentKeys.APP_ENV_APPLICATION_SECRET);
+        const decrypted = (0, utilities_1.decrypt)(token, applicationSecret, { doThrow: false });
+        const [clientId, clientSecret] = decrypted.split('_');
+        this.logger.debug('[decryptClientToken] Token: %s | ClientId: %s', clientId, token);
+        if (!clientId || !clientSecret) {
+            this.logger.error('[decryptClientToken] Failed to decrypt token: %s', token);
+            throw (0, utilities_1.getError)({ message: 'Failed to decryptClientToken' });
+        }
+        return { clientId, clientSecret };
+    }
+    // --------------------------------------------------------------------------------
+    getOAuth2RequestPath(opts) {
+        const { clientId, clientSecret, redirectUrl } = opts;
+        return new Promise((resolve, reject) => {
+            this.oauth2ClientRepository
+                .findOne({ where: Object.assign({}, opts), fields: ['id', 'endpoints'] })
+                .then(client => {
+                var _a, _b, _c;
+                if (!client) {
+                    throw (0, utilities_1.getError)({
+                        message: `[getOAuth2RequestPath] Client not found!`,
+                    });
+                }
+                if (!((_b = (_a = client === null || client === void 0 ? void 0 : client.endpoints) === null || _a === void 0 ? void 0 : _a.redirectUrls) === null || _b === void 0 ? void 0 : _b.includes(redirectUrl))) {
+                    throw (0, utilities_1.getError)({
+                        message: `[getOAuth2RequestPath] Invalid redirectUrl!`,
+                    });
+                }
+                const basePath = (_c = helpers_1.applicationEnvironment.get(common_1.EnvironmentKeys.APP_ENV_SERVER_BASE_PATH)) !== null && _c !== void 0 ? _c : '';
+                const applicationSecret = helpers_1.applicationEnvironment.get(common_1.EnvironmentKeys.APP_ENV_APPLICATION_SECRET);
+                if (!applicationSecret) {
+                    throw (0, utilities_1.getError)({
+                        message: `[getOAuth2RequestPath] Invalid applicationSecret!`,
+                    });
+                }
+                const urlParam = new URLSearchParams();
+                const requestToken = (0, utilities_1.encrypt)([clientId, clientSecret].join('_'), applicationSecret);
+                urlParam.set('c', encodeURIComponent(requestToken));
+                if (redirectUrl) {
+                    urlParam.set('r', encodeURIComponent(redirectUrl));
+                }
+                resolve({
+                    requestPath: `${basePath}/oauth2/auth?${urlParam.toString()}`,
+                });
+            })
+                .catch(reject);
+        });
+    }
+    // --------------------------------------------------------------------------------
+    generateToken(opts) {
+        const { request, response } = opts;
+        return this.handler.token(new oauth2_server_1.Request(request), new oauth2_server_1.Response(response));
+    }
+    // --------------------------------------------------------------------------------
+    authorize(opts) {
+        const { request, response } = opts;
+        return this.handler.authorize(new oauth2_server_1.Request(request), new oauth2_server_1.Response(response));
+    }
+    // --------------------------------------------------------------------------------
+    doOAuth2(opts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const { context, authServiceKey, signInRequest, redirectUrl } = opts;
+            const authService = this.application.getSync(authServiceKey);
+            const signInRs = yield authService.signIn(signInRequest);
+            const tokenValue = (_a = signInRs === null || signInRs === void 0 ? void 0 : signInRs.token) === null || _a === void 0 ? void 0 : _a.value;
+            if (!tokenValue) {
+                throw (0, utilities_1.getError)({ message: `[auth] Failed to get token value!` });
+            }
+            const authorizationCodeRequest = new oauth2_server_1.Request(context.request);
+            authorizationCodeRequest.body = {
+                client_id: signInRequest.clientId, // eslint-disable-line @typescript-eslint/naming-convention
+                response_type: 'code', // eslint-disable-line @typescript-eslint/naming-convention
+                grant_type: 'authorization_code', // eslint-disable-line @typescript-eslint/naming-convention
+                scope: 'profile',
+                access_token: tokenValue, // eslint-disable-line @typescript-eslint/naming-convention
+                redirect_uri: redirectUrl, // eslint-disable-line @typescript-eslint/naming-convention
+            };
+            const authorizationCodeRs = yield this.authorize({
+                request: authorizationCodeRequest,
+                response: new oauth2_server_1.Response(context.response),
+            });
+            const client = yield this.oauth2ClientRepository.findOne({
+                where: { clientId: signInRequest.clientId },
+                fields: ['id', 'clientId', 'clientSecret'],
+            });
+            const oauth2TokenRequest = new oauth2_server_1.Request(context.request);
+            oauth2TokenRequest.body = {
+                client_id: client.clientId, // eslint-disable-line @typescript-eslint/naming-convention
+                client_secret: client.clientSecret, // eslint-disable-line @typescript-eslint/naming-convention
+                code: authorizationCodeRs.authorizationCode,
+                grant_type: 'authorization_code', // eslint-disable-line @typescript-eslint/naming-convention
+            };
+            if (redirectUrl) {
+                oauth2TokenRequest.body.redirect_uri = redirectUrl;
+            }
+            const oauth2TokenRs = yield this.generateToken({
+                request: oauth2TokenRequest,
+                response: new oauth2_server_1.Response(context.response),
+            });
+            return {
+                redirectUrl: authorizationCodeRs.redirectUri,
+                oauth2TokenRs,
+            };
+        });
+    }
+    // --------------------------------------------------------------------------------
+    doClientCallback(opts) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const { c, accessToken, authorizationCode, accessTokenExpiresAt, client, user } = opts.oauth2Token;
+            if (!client) {
+                this.logger.error('[doClientCallback] Invalid client | Client: %j', client);
+                return;
+            }
+            const callbackUrls = (_a = client === null || client === void 0 ? void 0 : client.callbackUrls) !== null && _a !== void 0 ? _a : [];
+            if (!callbackUrls.length) {
+                this.logger.error('[doClientCallback] No client callbackUrls');
+                return;
+            }
+            const payload = {
+                c,
+                accessToken,
+                authorizationCode,
+                accessTokenExpiresAt,
+                user,
+            };
+            yield Promise.all(callbackUrls.map(callbackUrl => {
+                return new Promise((resolve, reject) => {
+                    fetch(callbackUrl, {
+                        method: 'POST',
+                        body: JSON.stringify(payload),
+                        headers: { ['content-type']: 'application/x-www-form-urlencoded' },
+                    })
+                        .then(rs => {
+                        this.logger.info('[doClientCallback] Successfull to callback | Url: %s', callbackUrl);
+                        resolve(rs);
+                    })
+                        .catch(error => {
+                        this.logger.error('[doClientCallback] Failed to callback | Url: %s | Error: %s', callbackUrl, error);
+                        reject(error);
+                    });
+                });
+            }));
+        });
+    }
+};
+exports.OAuth2Service = OAuth2Service;
+exports.OAuth2Service = OAuth2Service = OAuth2Service_1 = __decorate([
+    __param(0, (0, core_1.inject)(core_1.CoreBindings.APPLICATION_INSTANCE)),
+    __param(1, (0, core_1.inject)(common_2.AuthenticateKeys.OAUTH2_HANDLER)),
+    __param(2, (0, core_1.inject)('repositories.OAuth2ClientRepository')),
+    __metadata("design:paramtypes", [applications_1.BaseApplication,
+        oauth2_handlers_1.OAuth2Handler,
+        repositories_1.OAuth2ClientRepository])
+], OAuth2Service);
+//# sourceMappingURL=oauth2.service.js.map

package/dist/components/authenticate/services/oauth2.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"oauth2.service.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/oauth2.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAsD;AACtD,sDAAkD;AAClD,qCAA2C;AAC3C,uCAAmD;AACnD,2CAAyD;AACzD,yCAAsD;AAEtD,6DAAqE;AAErE,sCAA0E;AAC1E,wDAAmD;AACnD,kDAAyD;AAEzD,IAAa,aAAa,qBAA1B,MAAa,aAAc,SAAQ,0BAAW;IAC5C,YAEU,WAA4B,EACa,OAAsB,EAE/D,sBAA8C;QAEtD,KAAK,CAAC,EAAE,KAAK,EAAE,eAAa,CAAC,IAAI,EAAE,CAAC,CAAC;QAL7B,gBAAW,GAAX,WAAW,CAAiB;QACa,YAAO,GAAP,OAAO,CAAe;QAE/D,2BAAsB,GAAtB,sBAAsB,CAAwB;IAGxD,CAAC;IAED,mFAAmF;IACnF,kBAAkB,CAAC,IAAgD;QACjE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;QACxC,MAAM,iBAAiB,GAAG,gCAAsB,CAAC,GAAG,CAAS,wBAAe,CAAC,0BAA0B,CAAC,CAAC;QACzG,OAAO,IAAA,mBAAO,EAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,iBAAiB,CAAC,CAAC;IACxE,CAAC;IAED,mFAAmF;IACnF,kBAAkB,CAAC,IAAuB;QACxC,MAAM,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;QACvB,MAAM,iBAAiB,GAAG,gCAAsB,CAAC,GAAG,CAAS,wBAAe,CAAC,0BAA0B,CAAC,CAAC;QAEzG,MAAM,SAAS,GAAG,IAAA,mBAAO,EAAC,KAAK,EAAE,iBAAiB,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QACxE,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;QAEpF,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;YAC7E,MAAM,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;IACpC,CAAC;IAED,mFAAmF;IACnF,oBAAoB,CAAC,IAIpB;QACC,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;QAErD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC,sBAAsB;iBACxB,OAAO,CAAC,EAAE,KAAK,oBAAO,IAAI,CAAE,EAAE,MAAM,EAAE,CAAC,IAAI,EAAE,WAAW,CAAC,EAAE,CAAC;iBAC5D,IAAI,CAAC,MAAM,CAAC,EAAE;;gBACb,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAA,oBAAQ,EAAC;wBACb,OAAO,EAAE,0CAA0C;qBACpD,CAAC,CAAC;gBACL,CAAC;gBAED,IAAI,CAAC,CAAA,MAAA,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,0CAAE,YAAY,0CAAE,QAAQ,CAAC,WAAW,CAAC,CAAA,EAAE,CAAC;oBAC5D,MAAM,IAAA,oBAAQ,EAAC;wBACb,OAAO,EAAE,6CAA6C;qBACvD,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAA,gCAAsB,CAAC,GAAG,CAAS,wBAAe,CAAC,wBAAwB,CAAC,mCAAI,EAAE,CAAC;gBACpG,MAAM,iBAAiB,GAAG,gCAAsB,CAAC,GAAG,CAAS,wBAAe,CAAC,0BAA0B,CAAC,CAAC;gBAEzG,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,MAAM,IAAA,oBAAQ,EAAC;wBACb,OAAO,EAAE,mDAAmD;qBAC7D,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;gBAEvC,MAAM,YAAY,GAAG,IAAA,mBAAO,EAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,iBAAiB,CAAC,CAAC;gBACpF,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,kBAAkB,CAAC,YAAY,CAAC,CAAC,CAAC;gBAEpD,IAAI,WAAW,EAAE,CAAC;oBAChB,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC,CAAC;gBACrD,CAAC;gBAED,OAAO,CAAC;oBACN,WAAW,EAAE,GAAG,QAAQ,gBAAgB,QAAQ,CAAC,QAAQ,EAAE,EAAE;iBAC9D,CAAC,CAAC;YACL,CAAC,CAAC;iBACD,KAAK,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC,CAAC,CAAC;IACL,CAAC;IAED,mFAAmF;IACnF,aAAa,CAAC,IAA8C;QAC1D,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACnC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,uBAAO,CAAC,OAAO,CAAC,EAAE,IAAI,wBAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED,mFAAmF;IACnF,SAAS,CAAC,IAA8C;QACtD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC;QACnC,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,uBAAO,CAAC,OAAO,CAAC,EAAE,IAAI,wBAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,mFAAmF;IAC7E,QAAQ,CAAC,IAKd;;;YACC,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC;YAErE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAe,cAAc,CAAC,CAAC;YAE3E,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACzD,MAAM,UAAU,GAAG,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,KAAK,0CAAE,KAAK,CAAC;YAC1C,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,MAAM,IAAA,oBAAQ,EAAC,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,wBAAwB,GAAG,IAAI,uBAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,wBAAwB,CAAC,IAAI,GAAG;gBAC9B,SAAS,EAAE,aAAa,CAAC,QAAQ,EAAE,2DAA2D;gBAC9F,aAAa,EAAE,MAAM,EAAE,2DAA2D;gBAClF,UAAU,EAAE,oBAAoB,EAAE,2DAA2D;gBAC7F,KAAK,EAAE,SAAS;gBAChB,YAAY,EAAE,UAAU,EAAE,2DAA2D;gBACrF,YAAY,EAAE,WAAW,EAAE,2DAA2D;aACvF,CAAC;YAEF,MAAM,mBAAmB,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC;gBAC/C,OAAO,EAAE,wBAAwB;gBACjC,QAAQ,EAAE,IAAI,wBAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC;aACzC,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC;gBACvD,KAAK,EAAE,EAAE,QAAQ,EAAE,aAAa,CAAC,QAAQ,EAAE;gBAC3C,MAAM,EAAE,CAAC,IAAI,EAAE,UAAU,EAAE,cAAc,CAAC;aAC3C,CAAC,CAAC;YAEH,MAAM,kBAAkB,GAAG,IAAI,uBAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACxD,kBAAkB,CAAC,IAAI,GAAG;gBACxB,SAAS,EAAE,MAAM,CAAC,QAAQ,EAAE,2DAA2D;gBACvF,aAAa,EAAE,MAAM,CAAC,YAAY,EAAE,2DAA2D;gBAC/F,IAAI,EAAE,mBAAmB,CAAC,iBAAiB;gBAC3C,UAAU,EAAE,oBAAoB,EAAE,2DAA2D;aAC9F,CAAC;YAEF,IAAI,WAAW,EAAE,CAAC;gBAChB,kBAAkB,CAAC,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC;YACrD,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC;gBAC7C,OAAO,EAAE,kBAAkB;gBAC3B,QAAQ,EAAE,IAAI,wBAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC;aACzC,CAAC,CAAC;YAEH,OAAO;gBACL,WAAW,EAAE,mBAAmB,CAAC,WAAW;gBAC5C,aAAa;aACd,CAAC;QACJ,CAAC;KAAA;IAED,mFAAmF;IAC7E,gBAAgB,CAAC,IAAuC;;;YAC5D,MAAM,EAAE,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,WAAW,CAAC;YAEnG,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,EAAE,MAAM,CAAC,CAAC;gBAC5E,OAAO;YACT,CAAC;YAED,MAAM,YAAY,GAAkB,MAAA,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,YAAY,mCAAI,EAAE,CAAC;YAC/D,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBACzB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;gBAC/D,OAAO;YACT,CAAC;YAED,MAAM,OAAO,GAAG;gBACd,CAAC;gBACD,WAAW;gBACX,iBAAiB;gBACjB,oBAAoB;gBACpB,IAAI;aACL,CAAC;YAEF,MAAM,OAAO,CAAC,GAAG,CACf,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;gBAC7B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACrC,KAAK,CAAC,WAAW,EAAE;wBACjB,MAAM,EAAE,MAAM;wBACd,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC;wBAC7B,OAAO,EAAE,EAAE,CAAC,cAAc,CAAC,EAAE,mCAAmC,EAAE;qBACnE,CAAC;yBACC,IAAI,CAAC,EAAE,CAAC,EAAE;wBACT,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sDAAsD,EAAE,WAAW,CAAC,CAAC;wBACtF,OAAO,CAAC,EAAE,CAAC,CAAC;oBACd,CAAC,CAAC;yBACD,KAAK,CAAC,KAAK,CAAC,EAAE;wBACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6DAA6D,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC;wBACrG,MAAM,CAAC,KAAK,CAAC,CAAC;oBAChB,CAAC,CAAC,CAAC;gBACP,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CACH,CAAC;QACJ,CAAC;KAAA;CACF,CAAA;AAxMY,sCAAa;wBAAb,aAAa;IAErB,WAAA,IAAA,aAAM,EAAC,mBAAY,CAAC,oBAAoB,CAAC,CAAA;IAEzC,WAAA,IAAA,aAAM,EAAC,yBAAgB,CAAC,cAAc,CAAC,CAAA;IACvC,WAAA,IAAA,aAAM,EAAC,qCAAqC,CAAC,CAAA;qCAFzB,8BAAe;QACsB,+BAAa;QAEvC,qCAAsB;GAN7C,aAAa,CAwMzB"}

package/dist/components/authenticate/services/oauth2.strategy.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import { BaseNetworkRequest } from '../../../helpers';
+import { Context } from '@loopback/core';
+import { Request } from '@loopback/rest';
+declare class AuthProviderNetworkRequest extends BaseNetworkRequest {
+}
+export declare const defineOAuth2Strategy: (opts: {
+    name: string;
+    baseURL: string;
+    authPath?: string;
+}) => {
+    new (): {
+        name: string;
+        authProvider: AuthProviderNetworkRequest;
+        authPath: string;
+        authenticate(request: Request): Promise<any>;
+    };
+};
+export declare const registerOAuth2Strategy: (context: Context, options: {
+    strategyName: string;
+    authenticateUrl: string;
+    authenticatePath?: string;
+}) => void;
+export {};

package/dist/components/authenticate/services/oauth2.strategy.js ADDED Viewed

@@ -0,0 +1,69 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.registerOAuth2Strategy = exports.defineOAuth2Strategy = void 0;
+const helpers_1 = require("../../../helpers");
+const utilities_1 = require("../../../utilities");
+const authentication_1 = require("@loopback/authentication");
+const security_1 = require("@loopback/security");
+const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
+class AuthProviderNetworkRequest extends helpers_1.BaseNetworkRequest {
+}
+const defineOAuth2Strategy = (opts) => {
+    class Strategy {
+        constructor() {
+            var _a;
+            this.name = opts.name;
+            const baseURL = opts.baseURL;
+            if (!baseURL || (0, isEmpty_1.default)(baseURL)) {
+                throw (0, utilities_1.getError)({
+                    message: `[RemoteAuthenticationStrategy][DANGER] INVALID baseURL | Missing env: APP_ENV_REMOTE_AUTH_SERVER_URL`,
+                });
+            }
+            this.authPath = (_a = opts.authPath) !== null && _a !== void 0 ? _a : '/auth/who-am-i';
+            this.authProvider = new AuthProviderNetworkRequest({
+                name: AuthProviderNetworkRequest.name,
+                scope: `${Strategy.name}_${opts.name}`,
+                networkOptions: { baseURL },
+            });
+        }
+        authenticate(request) {
+            return __awaiter(this, void 0, void 0, function* () {
+                var _a, _b, _c;
+                const networkService = this.authProvider.getNetworkService();
+                const rs = yield networkService.send({
+                    url: this.authProvider.getRequestUrl({ paths: [this.authPath] }),
+                    headers: { Authorization: request.headers['authorization'] },
+                });
+                if ((_a = rs === null || rs === void 0 ? void 0 : rs.data) === null || _a === void 0 ? void 0 : _a.error) {
+                    throw (0, utilities_1.getError)(rs.data.error);
+                }
+                return Object.assign(Object.assign({}, rs === null || rs === void 0 ? void 0 : rs.data), { [security_1.securityId]: (_c = (_b = rs === null || rs === void 0 ? void 0 : rs.data) === null || _b === void 0 ? void 0 : _b.userId) === null || _c === void 0 ? void 0 : _c.toString() });
+            });
+        }
+    }
+    return Strategy;
+};
+exports.defineOAuth2Strategy = defineOAuth2Strategy;
+const registerOAuth2Strategy = (context, options) => {
+    var _a;
+    const remoteOAuth2Strategy = (0, exports.defineOAuth2Strategy)({
+        name: options.strategyName,
+        baseURL: options.authenticateUrl,
+        authPath: (_a = options.authenticatePath) !== null && _a !== void 0 ? _a : '/auth/who-am-i',
+    });
+    (0, authentication_1.registerAuthenticationStrategy)(context, remoteOAuth2Strategy);
+};
+exports.registerOAuth2Strategy = registerOAuth2Strategy;
+//# sourceMappingURL=oauth2.strategy.js.map

package/dist/components/authenticate/services/oauth2.strategy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"oauth2.strategy.js","sourceRoot":"","sources":["../../../../src/components/authenticate/services/oauth2.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uCAA+C;AAC/C,2CAAuC;AACvC,6DAAkG;AAGlG,iDAAgD;AAChD,6DAAqC;AAErC,MAAM,0BAA2B,SAAQ,4BAAkB;CAAG;AAEvD,MAAM,oBAAoB,GAAG,CAAC,IAA0D,EAAE,EAAE;IACjG,MAAM,QAAQ;QAMZ;;YALA,SAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YAMf,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;YAC7B,IAAI,CAAC,OAAO,IAAI,IAAA,iBAAO,EAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,MAAM,IAAA,oBAAQ,EAAC;oBACb,OAAO,EAAE,sGAAsG;iBAChH,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,QAAQ,GAAG,MAAA,IAAI,CAAC,QAAQ,mCAAI,gBAAgB,CAAC;YAElD,IAAI,CAAC,YAAY,GAAG,IAAI,0BAA0B,CAAC;gBACjD,IAAI,EAAE,0BAA0B,CAAC,IAAI;gBACrC,KAAK,EAAE,GAAG,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,EAAE;gBACtC,cAAc,EAAE,EAAE,OAAO,EAAE;aAC5B,CAAC,CAAC;QACL,CAAC;QAEK,YAAY,CAAC,OAAgB;;;gBACjC,MAAM,cAAc,GAAG,IAAI,CAAC,YAAY,CAAC,iBAAiB,EAAE,CAAC;gBAC7D,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC;oBACnC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAChE,OAAO,EAAE,EAAE,aAAa,EAAE,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE;iBAC7D,CAAC,CAAC;gBAEH,IAAI,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,0CAAE,KAAK,EAAE,CAAC;oBACpB,MAAM,IAAA,oBAAQ,EAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAChC,CAAC;gBAED,uCAAY,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,KAAE,CAAC,qBAAU,CAAC,EAAE,MAAA,MAAA,EAAE,aAAF,EAAE,uBAAF,EAAE,CAAE,IAAI,0CAAE,MAAM,0CAAE,QAAQ,EAAE,IAAG;YACrE,CAAC;SAAA;KACF;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAxCW,QAAA,oBAAoB,wBAwC/B;AAEK,MAAM,sBAAsB,GAAG,CACpC,OAAgB,EAChB,OAIC,EACD,EAAE;;IACF,MAAM,oBAAoB,GAAG,IAAA,4BAAoB,EAAC;QAChD,IAAI,EAAE,OAAO,CAAC,YAAY;QAC1B,OAAO,EAAE,OAAO,CAAC,eAAe;QAChC,QAAQ,EAAE,MAAA,OAAO,CAAC,gBAAgB,mCAAI,gBAAgB;KACvD,CAAC,CAAC;IACH,IAAA,+CAA8B,EAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC;AAChE,CAAC,CAAC;AAdW,QAAA,sBAAsB,0BAcjC"}

package/dist/components/authenticate/views/fragments/footer.ejs ADDED Viewed

File without changes

package/dist/components/authenticate/views/fragments/head.ejs ADDED Viewed

@@ -0,0 +1,26 @@
+<title>MINIMALTECH - Minimal Technology</title>
+<link rel="icon" href="https://minimaltek.com/favicon.ico">
+<style>
+  html {
+    color-scheme: dark;
+  }
+  body {
+    width: 95vw;
+    height: 95vh;
+    margin: 0;
+    display: flex;
+    flex-direction: column;
+    flex: 1;
+    justify-content: center;
+    align-items: center;
+  }
+  #message {
+  }
+  #token {
+    font-style: italic;
+  }
+</style>

package/dist/components/authenticate/views/fragments/header.ejs ADDED Viewed

File without changes

package/dist/components/authenticate/views/pages/auth.ejs ADDED Viewed

@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <%- include('../fragments/head'); %>
+  </head>
+  <body class="container">
+    <header>
+      <%- include('../fragments/header'); %>
+    </header>
+    <main>
+      <div id="container">
+        <h1>
+          <%- payload.title %>
+        </h1>
+        <br />
+        <span id="message">
+          <%- message %>
+        </span>
+        <br />
+        <br />
+        <% if (payload.c) { %>
+          <form method="post" action=<%- payload.action %>>
+            <p>
+            <label for="username">Username:</label>
+            <input type="text" name="username" />
+            </p>
+            <p>
+            <label for="password">Password:</label>
+            <input type="password" name="password" />
+            </p>
+            <input type="hidden" name="token" value=<%- payload.c %>>
+            <input type="hidden" name="redirectUrl" value=<%- payload.r %>>
+            <p>
+            <input type="submit" value="Login">
+            </p>
+          </form>
+        <% } %>
+        <br />
+        <hr />
+        <p id="token">
+          Token: <%- payload.c %>
+        </p>
+      </div>
+    </main>
+    <footer>
+      <%- include('../fragments/footer'); %>
+    </footer>
+  </body>
+</html>

package/dist/components/authenticate/views/pages/error.ejs ADDED Viewed

@@ -0,0 +1,21 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <%- include('../fragments/head'); %>
+</head>
+<body class="container">
+<header>
+  <%- include('../fragments/header'); %>
+</header>
+<main>
+  <%- message %>
+</main>
+<footer>
+  <%- include('../fragments/footer'); %>
+</footer>
+</body>
+</html>

package/dist/components/authorize/adapters/adapter-builder.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { BaseDataSource } from '../../../base/base.datasource';
+import { FilteredAdapter } from 'casbin';
+import { TCasbinAdapter } from '../common';
+export declare class CasbinAdapterBuilder {
+    private static instance;
+    private constructor();
+    static getInstance(): CasbinAdapterBuilder;
+    build(opts: {
+        type: TCasbinAdapter;
+        dataSource: BaseDataSource;
+    }): FilteredAdapter;
+}

package/dist/components/authorize/adapters/adapter-builder.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CasbinAdapterBuilder = void 0;
+const utilities_1 = require("../../../utilities");
+const common_1 = require("../common");
+const casbin_postgres_adapter_helper_1 = require("./casbin-postgres-adapter.helper");
+const casbin_redis_adapter_helper_1 = require("./casbin-redis-adapter.helper");
+class CasbinAdapterBuilder {
+    constructor() { }
+    static getInstance() {
+        if (!this.instance) {
+            this.instance = new CasbinAdapterBuilder();
+        }
+        return this.instance;
+    }
+    build(opts) {
+        const { type, dataSource } = opts;
+        switch (type) {
+            case common_1.CasbinAdapterTypes.POSTGRES: {
+                return new casbin_postgres_adapter_helper_1.CasbinPostgresAdapter(dataSource);
+            }
+            case common_1.CasbinAdapterTypes.REDIS: {
+                return new casbin_redis_adapter_helper_1.CasbinRedisAdapter(dataSource);
+            }
+            default: {
+                throw (0, utilities_1.getError)({
+                    message: `[CasbinAdapterBuilder][build] Invalid type to build casbin adapter | type: ${type}`,
+                });
+            }
+        }
+    }
+}
+exports.CasbinAdapterBuilder = CasbinAdapterBuilder;
+//# sourceMappingURL=adapter-builder.js.map

package/dist/components/authorize/adapters/adapter-builder.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"adapter-builder.js","sourceRoot":"","sources":["../../../../src/components/authorize/adapters/adapter-builder.ts"],"names":[],"mappings":";;;AACA,2CAAuC;AAEvC,sCAA+D;AAC/D,qFAAyE;AACzE,+EAAmE;AAEnE,MAAa,oBAAoB;IAG/B,gBAAuB,CAAC;IAExB,MAAM,CAAC,WAAW;QAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC,QAAQ,GAAG,IAAI,oBAAoB,EAAE,CAAC;QAC7C,CAAC;QAED,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,IAA0D;QAC9D,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAElC,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,2BAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC;gBACjC,OAAO,IAAI,sDAAqB,CAAC,UAAU,CAAC,CAAC;YAC/C,CAAC;YACD,KAAK,2BAAkB,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC9B,OAAO,IAAI,gDAAkB,CAAC,UAAU,CAAC,CAAC;YAC5C,CAAC;YACD,OAAO,CAAC,CAAC,CAAC;gBACR,MAAM,IAAA,oBAAQ,EAAC;oBACb,OAAO,EAAE,8EAA8E,IAAI,EAAE;iBAC9F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;CACF;AA9BD,oDA8BC"}

package/dist/components/authorize/adapters/base.adapter.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { BaseDataSource } from '../../../base';
+import { ApplicationLogger } from '../../../helpers';
+import { FilteredAdapter, Model } from 'casbin';
+export declare abstract class AbstractCasbinAdapter implements FilteredAdapter {
+    protected logger: ApplicationLogger;
+    protected datasource: BaseDataSource;
+    constructor(opts: {
+        scope: string;
+        datasource: BaseDataSource;
+    });
+    abstract loadFilteredPolicy(model: Model, filter: any): Promise<void>;
+    isFiltered(): boolean;
+    loadPolicy(_: Model): Promise<void>;
+    savePolicy(model: Model): Promise<boolean>;
+    addPolicy(sec: string, ptype: string, rule: string[]): Promise<void>;
+    removePolicy(sec: string, ptype: string, rule: string[]): Promise<void>;
+    removeFilteredPolicy(sec: string, ptype: string, fieldIndex: number, ...fieldValues: string[]): Promise<void>;
+}

package/dist/components/authorize/adapters/base.adapter.js ADDED Viewed

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AbstractCasbinAdapter = void 0;
+const helpers_1 = require("../../../helpers");
+const common_1 = require("../common");
+// -----------------------------------------------------------------------------------------
+class AbstractCasbinAdapter {
+    constructor(opts) {
+        const { scope, datasource } = opts;
+        this.logger = helpers_1.LoggerFactory.getLogger([scope]);
+        this.datasource = datasource;
+    }
+    // -----------------------------------------------------------------------------------------
+    isFiltered() {
+        return true;
+    }
+    // -----------------------------------------------------------------------------------------
+    loadPolicy(_) {
+        return Promise.resolve();
+    }
+    // -----------------------------------------------------------------------------------------
+    savePolicy(model) {
+        this.logger.info('[savePolicy] Ignore save policy method with options: ', {
+            model,
+        });
+        return Promise.resolve(true);
+    }
+    // -----------------------------------------------------------------------------------------
+    addPolicy(sec, ptype, rule) {
+        this.logger.info('[addPolicy] Ignore add policy method with options: ', {
+            sec,
+            ptype,
+            rule,
+        });
+        return Promise.resolve();
+    }
+    // -----------------------------------------------------------------------------------------
+    removePolicy(sec, ptype, rule) {
+        this.logger.info('[removePolicy] Ignore remove policy method with options: ', { sec, ptype, rule });
+        return Promise.resolve();
+    }
+    // -----------------------------------------------------------------------------------------
+    removeFilteredPolicy(sec, ptype, fieldIndex, ...fieldValues) {
+        switch (ptype) {
+            case common_1.EnforcerDefinitions.PREFIX_USER: {
+                // Remove user policy
+                break;
+            }
+            case common_1.EnforcerDefinitions.PREFIX_ROLE: {
+                // Remove role policy
+                break;
+            }
+            default: {
+                break;
+            }
+        }
+        this.logger.info('[removeFilteredPolicy] Ignore remove filtered policy method with options: ', {
+            sec,
+            ptype,
+            fieldIndex,
+            fieldValues,
+        });
+        return Promise.resolve();
+    }
+}
+exports.AbstractCasbinAdapter = AbstractCasbinAdapter;
+//# sourceMappingURL=base.adapter.js.map

package/dist/components/authorize/adapters/base.adapter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"base.adapter.js","sourceRoot":"","sources":["../../../../src/components/authorize/adapters/base.adapter.ts"],"names":[],"mappings":";;;AACA,uCAA6D;AAE7D,sCAAgD;AAEhD,4FAA4F;AAC5F,MAAsB,qBAAqB;IAIzC,YAAY,IAAmD;QAC7D,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;QAEnC,IAAI,CAAC,MAAM,GAAG,uBAAa,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;QAC/C,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAID,4FAA4F;IAC5F,UAAU;QACR,OAAO,IAAI,CAAC;IACd,CAAC;IAED,4FAA4F;IAC5F,UAAU,CAAC,CAAQ;QACjB,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,4FAA4F;IAC5F,UAAU,CAAC,KAAY;QACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uDAAuD,EAAE;YACxE,KAAK;SACN,CAAC,CAAC;QACH,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;IAED,4FAA4F;IAC5F,SAAS,CAAC,GAAW,EAAE,KAAa,EAAE,IAAc;QAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qDAAqD,EAAE;YACtE,GAAG;YACH,KAAK;YACL,IAAI;SACL,CAAC,CAAC;QACH,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,4FAA4F;IAC5F,YAAY,CAAC,GAAW,EAAE,KAAa,EAAE,IAAc;QACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2DAA2D,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpG,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,4FAA4F;IAC5F,oBAAoB,CAAC,GAAW,EAAE,KAAa,EAAE,UAAkB,EAAE,GAAG,WAAqB;QAC3F,QAAQ,KAAK,EAAE,CAAC;YACd,KAAK,4BAAmB,CAAC,WAAW,CAAC,CAAC,CAAC;gBACrC,qBAAqB;gBACrB,MAAM;YACR,CAAC;YACD,KAAK,4BAAmB,CAAC,WAAW,CAAC,CAAC,CAAC;gBACrC,qBAAqB;gBACrB,MAAM;YACR,CAAC;YACD,OAAO,CAAC,CAAC,CAAC;gBACR,MAAM;YACR,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4EAA4E,EAAE;YAC7F,GAAG;YACH,KAAK;YACL,UAAU;YACV,WAAW;SACZ,CAAC,CAAC;QACH,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;CACF;AAvED,sDAuEC"}

package/dist/components/authorize/adapters/casbin-postgres-adapter.helper.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { BaseDataSource } from '../../../base/base.datasource';
+import { Model } from 'casbin';
+import { IEnforcerFilterValue } from '../common';
+import { AbstractCasbinAdapter } from './base.adapter';
+export declare class CasbinPostgresAdapter extends AbstractCasbinAdapter {
+    constructor(datasource: BaseDataSource);
+    generateGroupLine(rule: {
+        userId: number;
+        roleId: number;
+    }): string;
+    loadFilteredPolicy(model: Model, filter: IEnforcerFilterValue): Promise<void>;
+}