@mondaydotcomorg/monday-authorization 3.3.0-feat-add-graph-api-routing-support-2d70b30 → 3.3.0-feat-add-graph-api-routing-support-c37c919
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -0
- package/dist/authorization-service.d.ts +4 -0
- package/dist/authorization-service.d.ts.map +1 -1
- package/dist/authorization-service.js +21 -5
- package/dist/clients/graph-api.d.ts +27 -0
- package/dist/clients/graph-api.d.ts.map +1 -0
- package/dist/clients/{graph-api.client.js → graph-api.js} +34 -30
- package/dist/clients/platform-api.d.ts +26 -0
- package/dist/clients/platform-api.d.ts.map +1 -0
- package/dist/clients/{platform-api.client.js → platform-api.js} +19 -13
- package/dist/esm/authorization-service.d.ts +4 -0
- package/dist/esm/authorization-service.d.ts.map +1 -1
- package/dist/esm/authorization-service.mjs +22 -6
- package/dist/esm/clients/graph-api.d.ts +27 -0
- package/dist/esm/clients/graph-api.d.ts.map +1 -0
- package/dist/esm/clients/{graph-api.client.mjs → graph-api.mjs} +34 -30
- package/dist/esm/clients/platform-api.d.ts +26 -0
- package/dist/esm/clients/platform-api.d.ts.map +1 -0
- package/dist/esm/clients/{platform-api.client.mjs → platform-api.mjs} +20 -14
- package/dist/esm/index.d.ts +6 -0
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.mjs +7 -0
- package/dist/esm/metrics-service.d.ts +13 -0
- package/dist/esm/metrics-service.d.ts.map +1 -0
- package/dist/esm/metrics-service.mjs +65 -0
- package/dist/esm/prometheus-service.d.ts +0 -2
- package/dist/esm/prometheus-service.d.ts.map +1 -1
- package/dist/esm/prometheus-service.mjs +4 -50
- package/dist/esm/types/graph-api.types.d.ts +8 -7
- package/dist/esm/types/graph-api.types.d.ts.map +1 -1
- package/dist/index.d.ts +6 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -0
- package/dist/metrics-service.d.ts +13 -0
- package/dist/metrics-service.d.ts.map +1 -0
- package/dist/metrics-service.js +70 -0
- package/dist/prometheus-service.d.ts +0 -2
- package/dist/prometheus-service.d.ts.map +1 -1
- package/dist/prometheus-service.js +3 -51
- package/dist/types/graph-api.types.d.ts +8 -7
- package/dist/types/graph-api.types.d.ts.map +1 -1
- package/package.json +2 -1
- package/dist/clients/graph-api.client.d.ts +0 -24
- package/dist/clients/graph-api.client.d.ts.map +0 -1
- package/dist/clients/platform-api.client.d.ts +0 -31
- package/dist/clients/platform-api.client.d.ts.map +0 -1
- package/dist/esm/clients/graph-api.client.d.ts +0 -24
- package/dist/esm/clients/graph-api.client.d.ts.map +0 -1
- package/dist/esm/clients/platform-api.client.d.ts +0 -31
- package/dist/esm/clients/platform-api.client.d.ts.map +0 -1
|
@@ -2,14 +2,22 @@ import { Api } from '@mondaydotcomorg/trident-backend-api';
|
|
|
2
2
|
import { HttpFetcherError } from '@mondaydotcomorg/monday-fetch-api';
|
|
3
3
|
import { AuthorizationInternalService, logger } from '../authorization-internal-service.mjs';
|
|
4
4
|
import { getAttributionsFromApi } from '../attributions-service.mjs';
|
|
5
|
-
import { toSnakeCase,
|
|
6
|
-
import {
|
|
5
|
+
import { toSnakeCase, toCamelCase } from '../utils/authorization.utils.mjs';
|
|
6
|
+
import { recordAuthorizationError } from '../metrics-service.mjs';
|
|
7
7
|
|
|
8
8
|
const PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH = '/internal_ms/authorization/can_actions_in_scopes';
|
|
9
9
|
/**
|
|
10
10
|
* Client for handling Platform API authorization operations
|
|
11
11
|
*/
|
|
12
|
-
class
|
|
12
|
+
class PlatformApi {
|
|
13
|
+
httpClient;
|
|
14
|
+
constructor() {
|
|
15
|
+
const httpClient = Api.getPart('httpClient');
|
|
16
|
+
if (!httpClient) {
|
|
17
|
+
throw new Error('PlatformApi: http client is not initialized');
|
|
18
|
+
}
|
|
19
|
+
this.httpClient = httpClient;
|
|
20
|
+
}
|
|
13
21
|
/**
|
|
14
22
|
* Builds the request payload for Platform API calls
|
|
15
23
|
*/
|
|
@@ -22,11 +30,10 @@ class PlatformApiClient {
|
|
|
22
30
|
/**
|
|
23
31
|
* Fetches authorization data from the Platform API
|
|
24
32
|
*/
|
|
25
|
-
|
|
33
|
+
async fetchPermissions(profile, internalAuthToken, userId, scopedActionsPayload) {
|
|
26
34
|
const attributionHeaders = getAttributionsFromApi();
|
|
27
|
-
const httpClient = Api.getPart('httpClient');
|
|
28
35
|
try {
|
|
29
|
-
const response = await httpClient.fetch({
|
|
36
|
+
const response = await this.httpClient.fetch({
|
|
30
37
|
url: {
|
|
31
38
|
appName: 'platform',
|
|
32
39
|
path: PLATFORM_CAN_ACTIONS_IN_SCOPES_PATH,
|
|
@@ -49,8 +56,7 @@ class PlatformApiClient {
|
|
|
49
56
|
if (err instanceof HttpFetcherError) {
|
|
50
57
|
AuthorizationInternalService.throwOnHttpError(err.status, 'canActionInScopeMultiple');
|
|
51
58
|
if (scopedActionsPayload.length > 0) {
|
|
52
|
-
|
|
53
|
-
incrementAuthorizationError(resourceType, scopedActionsPayload[0].action, err.status, 'platform');
|
|
59
|
+
recordAuthorizationError('platform', err.status);
|
|
54
60
|
}
|
|
55
61
|
}
|
|
56
62
|
throw err;
|
|
@@ -61,8 +67,8 @@ class PlatformApiClient {
|
|
|
61
67
|
*/
|
|
62
68
|
static mapResponse(response) {
|
|
63
69
|
if (!response) {
|
|
64
|
-
logger.error({ tag: 'platform-api
|
|
65
|
-
throw new Error('
|
|
70
|
+
logger.error({ tag: 'platform-api', response }, 'PlatformApi: missing response');
|
|
71
|
+
throw new Error('PlatformApi: missing response');
|
|
66
72
|
}
|
|
67
73
|
return response.result.map(responseObject => {
|
|
68
74
|
const { scopedAction, permit } = responseObject;
|
|
@@ -77,11 +83,11 @@ class PlatformApiClient {
|
|
|
77
83
|
/**
|
|
78
84
|
* Performs a complete authorization check using the Platform API
|
|
79
85
|
*/
|
|
80
|
-
|
|
81
|
-
const scopedActionsPayload =
|
|
86
|
+
async checkPermissions(profile, internalAuthToken, userId, scopedActions) {
|
|
87
|
+
const scopedActionsPayload = PlatformApi.buildRequestPayload(scopedActions);
|
|
82
88
|
const platformResponse = await this.fetchPermissions(profile, internalAuthToken, userId, scopedActionsPayload);
|
|
83
|
-
return
|
|
89
|
+
return PlatformApi.mapResponse(platformResponse);
|
|
84
90
|
}
|
|
85
91
|
}
|
|
86
92
|
|
|
87
|
-
export {
|
|
93
|
+
export { PlatformApi };
|
package/dist/esm/index.d.ts
CHANGED
|
@@ -5,6 +5,12 @@ export interface InitOptions {
|
|
|
5
5
|
mondayFetchOptions?: MondayFetchOptions;
|
|
6
6
|
redisClient?: any;
|
|
7
7
|
grantedFeatureRedisExpirationInSeconds?: number;
|
|
8
|
+
metrics?: {
|
|
9
|
+
serviceName?: string;
|
|
10
|
+
host?: string;
|
|
11
|
+
port?: number;
|
|
12
|
+
disabled?: boolean;
|
|
13
|
+
};
|
|
8
14
|
}
|
|
9
15
|
export declare function init(options?: InitOptions): Promise<void>;
|
|
10
16
|
export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware, } from './authorization-middleware';
|
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAInE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE;QACR,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC;CACH;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBAqBnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAErH,OAAO,EAAE,OAAO,EAAE,CAAC"}
|
package/dist/esm/index.mjs
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { setPrometheus } from './prometheus-service.mjs';
|
|
2
2
|
import { setRequestFetchOptions, setRedisClient, setIgniteClient } from './authorization-service.mjs';
|
|
3
3
|
export { AuthorizationService } from './authorization-service.mjs';
|
|
4
|
+
import { initializeMetrics } from './metrics-service.mjs';
|
|
4
5
|
import * as testKit_index from './testKit/index.mjs';
|
|
5
6
|
export { testKit_index as TestKit };
|
|
6
7
|
export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware } from './authorization-middleware.mjs';
|
|
@@ -12,6 +13,12 @@ async function init(options = {}) {
|
|
|
12
13
|
if (options.prometheus) {
|
|
13
14
|
setPrometheus(options.prometheus);
|
|
14
15
|
}
|
|
16
|
+
initializeMetrics({
|
|
17
|
+
serviceName: options.metrics?.serviceName ?? process.env.APP_NAME ?? 'authorization-sdk',
|
|
18
|
+
host: options.metrics?.host,
|
|
19
|
+
port: options.metrics?.port,
|
|
20
|
+
disabled: options.metrics?.disabled,
|
|
21
|
+
});
|
|
15
22
|
if (options.mondayFetchOptions) {
|
|
16
23
|
setRequestFetchOptions(options.mondayFetchOptions);
|
|
17
24
|
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
type ApiType = 'platform' | 'graph';
|
|
2
|
+
interface InitializeMetricsOptions {
|
|
3
|
+
serviceName: string;
|
|
4
|
+
host?: string;
|
|
5
|
+
port?: number;
|
|
6
|
+
disabled?: boolean;
|
|
7
|
+
}
|
|
8
|
+
export declare function initializeMetrics(options: InitializeMetricsOptions): void;
|
|
9
|
+
export declare function recordAuthorizationTiming(apiType: ApiType, duration: number): void;
|
|
10
|
+
export declare function recordAuthorizationSuccess(apiType: ApiType): void;
|
|
11
|
+
export declare function recordAuthorizationError(apiType: ApiType, statusCode: number): void;
|
|
12
|
+
export {};
|
|
13
|
+
//# sourceMappingURL=metrics-service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metrics-service.d.ts","sourceRoot":"","sources":["../../src/metrics-service.ts"],"names":[],"mappings":"AAGA,KAAK,OAAO,GAAG,UAAU,GAAG,OAAO,CAAC;AAEpC,UAAU,wBAAwB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAID,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,wBAAwB,GAAG,IAAI,CA4BzE;AAED,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAUlF;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAUjE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAUnF"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import { Metric } from '@mondaydotcomorg/monday-observability-kit';
|
|
2
|
+
import { logger } from './authorization-internal-service.mjs';
|
|
3
|
+
|
|
4
|
+
let initialized = false;
|
|
5
|
+
function initializeMetrics(options) {
|
|
6
|
+
if (initialized) {
|
|
7
|
+
return;
|
|
8
|
+
}
|
|
9
|
+
const { serviceName } = options;
|
|
10
|
+
if (!serviceName) {
|
|
11
|
+
logger.warn({ tag: 'metrics-service' }, 'Metrics initialization skipped: serviceName is missing');
|
|
12
|
+
return;
|
|
13
|
+
}
|
|
14
|
+
const resolvedHost = options.host ?? process.env.DOGSTATSD_HOST ?? 'localhost';
|
|
15
|
+
const envPort = process.env.DOGSTATSD_PORT ? Number(process.env.DOGSTATSD_PORT) : undefined;
|
|
16
|
+
const resolvedPort = options.port ?? (Number.isFinite(envPort ?? NaN) ? envPort : undefined) ?? 8125;
|
|
17
|
+
const resolvedDisabled = options.disabled ?? ['test', 'development'].includes((process.env.NODE_ENV ?? '').toLowerCase());
|
|
18
|
+
try {
|
|
19
|
+
Metric.initialize({
|
|
20
|
+
serviceName,
|
|
21
|
+
host: resolvedHost,
|
|
22
|
+
port: resolvedPort,
|
|
23
|
+
disabled: resolvedDisabled,
|
|
24
|
+
});
|
|
25
|
+
initialized = true;
|
|
26
|
+
}
|
|
27
|
+
catch (error) {
|
|
28
|
+
logger.warn({ tag: 'metrics-service', error }, 'Failed to initialize metrics');
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
function recordAuthorizationTiming(apiType, duration) {
|
|
32
|
+
if (!initialized) {
|
|
33
|
+
return;
|
|
34
|
+
}
|
|
35
|
+
try {
|
|
36
|
+
Metric.distribution(`authorization.authorizationCheck.${apiType}.duration`, duration);
|
|
37
|
+
}
|
|
38
|
+
catch (error) {
|
|
39
|
+
logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization timing');
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
function recordAuthorizationSuccess(apiType) {
|
|
43
|
+
if (!initialized) {
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
46
|
+
try {
|
|
47
|
+
Metric.increment(`authorization.authorizationCheck.${apiType}.success`);
|
|
48
|
+
}
|
|
49
|
+
catch (error) {
|
|
50
|
+
logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization success');
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
function recordAuthorizationError(apiType, statusCode) {
|
|
54
|
+
if (!initialized) {
|
|
55
|
+
return;
|
|
56
|
+
}
|
|
57
|
+
try {
|
|
58
|
+
Metric.increment(`authorization.authorizationCheck.${apiType}.error.${statusCode}`);
|
|
59
|
+
}
|
|
60
|
+
catch (error) {
|
|
61
|
+
logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization error');
|
|
62
|
+
}
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
export { initializeMetrics, recordAuthorizationError, recordAuthorizationSuccess, recordAuthorizationTiming };
|
|
@@ -7,6 +7,4 @@ export declare const METRICS: {
|
|
|
7
7
|
export declare function setPrometheus(customPrometheus: any): void;
|
|
8
8
|
export declare function getMetricsManager(): any;
|
|
9
9
|
export declare function sendAuthorizationCheckResponseTimeMetric(resourceType: string, action: Action, isAuthorized: boolean, responseStatus: number, time: number, apiType?: 'platform' | 'graph'): void;
|
|
10
|
-
export declare function incrementAuthorizationSuccess(resourceType: string, action: Action, apiType: 'platform' | 'graph'): void;
|
|
11
|
-
export declare function incrementAuthorizationError(resourceType: string, action: Action, statusCode: number, apiType: 'platform' | 'graph'): void;
|
|
12
10
|
//# sourceMappingURL=prometheus-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAKzC,eAAO,MAAM,OAAO;;;;CAInB,CAAC;AAQF,wBAAgB,aAAa,CAAC,gBAAgB,KAAA,QAmB7C;AAED,wBAAgB,iBAAiB,QAEhC;AAED,wBAAgB,wCAAwC,CACtD,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,OAAO,EACrB,cAAc,EAAE,MAAM,EACtB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,UAAU,GAAG,OAAoB,QAW3C"}
|
|
@@ -1,7 +1,5 @@
|
|
|
1
1
|
let prometheus = null;
|
|
2
2
|
let authorizationCheckResponseTimeMetric = null;
|
|
3
|
-
let authorizationSuccessMetric = null;
|
|
4
|
-
let authorizationErrorMetric = null;
|
|
5
3
|
const METRICS = {
|
|
6
4
|
AUTHORIZATION_CHECK: 'authorization_check',
|
|
7
5
|
AUTHORIZATION_CHECKS_PER_REQUEST: 'authorization_checks_per_request',
|
|
@@ -16,16 +14,14 @@ function setPrometheus(customPrometheus) {
|
|
|
16
14
|
prometheus = customPrometheus;
|
|
17
15
|
if (!prometheus) {
|
|
18
16
|
authorizationCheckResponseTimeMetric = null;
|
|
19
|
-
authorizationSuccessMetric = null;
|
|
20
|
-
authorizationErrorMetric = null;
|
|
21
17
|
return;
|
|
22
18
|
}
|
|
23
19
|
const { METRICS_TYPES } = prometheus;
|
|
24
20
|
const metricsManager = getMetricsManager();
|
|
25
|
-
if (metricsManager) {
|
|
26
|
-
|
|
27
|
-
initializeAdditionalMetrics();
|
|
21
|
+
if (!metricsManager) {
|
|
22
|
+
return;
|
|
28
23
|
}
|
|
24
|
+
authorizationCheckResponseTimeMetric = metricsManager.addMetric(METRICS_TYPES.SUMMARY, authorizationCheckResponseTimeMetricConfig.name, authorizationCheckResponseTimeMetricConfig.labels, authorizationCheckResponseTimeMetricConfig.description);
|
|
29
25
|
}
|
|
30
26
|
function getMetricsManager() {
|
|
31
27
|
return prometheus?.metricsManager;
|
|
@@ -42,47 +38,5 @@ function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthor
|
|
|
42
38
|
// ignore
|
|
43
39
|
}
|
|
44
40
|
}
|
|
45
|
-
const authorizationSuccessMetricConfig = {
|
|
46
|
-
name: 'authorization_success_total',
|
|
47
|
-
labels: ['resourceType', 'action', 'apiType'],
|
|
48
|
-
description: 'Total number of successful authorization checks',
|
|
49
|
-
};
|
|
50
|
-
const authorizationErrorMetricConfig = {
|
|
51
|
-
name: 'authorization_error_total',
|
|
52
|
-
labels: ['resourceType', 'action', 'statusCode', 'apiType'],
|
|
53
|
-
description: 'Total number of authorization errors',
|
|
54
|
-
};
|
|
55
|
-
function incrementAuthorizationSuccess(resourceType, action, apiType) {
|
|
56
|
-
try {
|
|
57
|
-
if (authorizationSuccessMetric) {
|
|
58
|
-
authorizationSuccessMetric.labels(resourceType, action, apiType).inc();
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
catch (e) {
|
|
62
|
-
// ignore
|
|
63
|
-
}
|
|
64
|
-
}
|
|
65
|
-
function incrementAuthorizationError(resourceType, action, statusCode, apiType) {
|
|
66
|
-
try {
|
|
67
|
-
if (authorizationErrorMetric) {
|
|
68
|
-
authorizationErrorMetric.labels(resourceType, action, statusCode, apiType).inc();
|
|
69
|
-
}
|
|
70
|
-
}
|
|
71
|
-
catch (e) {
|
|
72
|
-
// ignore
|
|
73
|
-
}
|
|
74
|
-
}
|
|
75
|
-
// Initialize additional metrics when prometheus is set
|
|
76
|
-
function initializeAdditionalMetrics() {
|
|
77
|
-
if (!prometheus) {
|
|
78
|
-
return;
|
|
79
|
-
}
|
|
80
|
-
const { METRICS_TYPES } = prometheus;
|
|
81
|
-
const metricsManager = getMetricsManager();
|
|
82
|
-
if (metricsManager) {
|
|
83
|
-
authorizationSuccessMetric = metricsManager.addMetric(METRICS_TYPES.COUNTER, authorizationSuccessMetricConfig.name, authorizationSuccessMetricConfig.labels, authorizationSuccessMetricConfig.description);
|
|
84
|
-
authorizationErrorMetric = metricsManager.addMetric(METRICS_TYPES.COUNTER, authorizationErrorMetricConfig.name, authorizationErrorMetricConfig.labels, authorizationErrorMetricConfig.description);
|
|
85
|
-
}
|
|
86
|
-
}
|
|
87
41
|
|
|
88
|
-
export { METRICS, getMetricsManager,
|
|
42
|
+
export { METRICS, getMetricsManager, sendAuthorizationCheckResponseTimeMetric, setPrometheus };
|
|
@@ -2,14 +2,15 @@ export type ResourceType = string;
|
|
|
2
2
|
export type ResourceId = number;
|
|
3
3
|
export type ActionName = string;
|
|
4
4
|
export type GraphIsAllowedDto = Record<ResourceType, Record<ResourceId, ActionName[]>>;
|
|
5
|
-
export
|
|
5
|
+
export interface GraphPermissionReason {
|
|
6
|
+
key: string;
|
|
7
|
+
additionalOptions?: Record<string, string>;
|
|
8
|
+
technicalReason?: number;
|
|
9
|
+
}
|
|
10
|
+
export interface GraphPermissionResult {
|
|
6
11
|
can: boolean;
|
|
7
|
-
reason
|
|
8
|
-
|
|
9
|
-
additionalOptions?: Record<string, string>;
|
|
10
|
-
technicalReason?: number;
|
|
11
|
-
};
|
|
12
|
-
};
|
|
12
|
+
reason?: GraphPermissionReason;
|
|
13
|
+
}
|
|
13
14
|
export type GraphPermissionResults = Record<ActionName, GraphPermissionResult>;
|
|
14
15
|
export type GraphIsAllowedResponse = Record<ResourceType, Record<string, GraphPermissionResults>>;
|
|
15
16
|
//# sourceMappingURL=graph-api.types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graph-api.types.d.ts","sourceRoot":"","sources":["../../../src/types/graph-api.types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAClC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAChC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAEhC,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AAEvF,MAAM,
|
|
1
|
+
{"version":3,"file":"graph-api.types.d.ts","sourceRoot":"","sources":["../../../src/types/graph-api.types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAClC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAChC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAEhC,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AAEvF,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,MAAM,CAAC;IACZ,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC3C,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,qBAAqB,CAAC;CAChC;AAGD,MAAM,MAAM,sBAAsB,GAAG,MAAM,CAAC,UAAU,EAAE,qBAAqB,CAAC,CAAC;AAI/E,MAAM,MAAM,sBAAsB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -5,6 +5,12 @@ export interface InitOptions {
|
|
|
5
5
|
mondayFetchOptions?: MondayFetchOptions;
|
|
6
6
|
redisClient?: any;
|
|
7
7
|
grantedFeatureRedisExpirationInSeconds?: number;
|
|
8
|
+
metrics?: {
|
|
9
|
+
serviceName?: string;
|
|
10
|
+
host?: string;
|
|
11
|
+
port?: number;
|
|
12
|
+
disabled?: boolean;
|
|
13
|
+
};
|
|
8
14
|
}
|
|
9
15
|
export declare function init(options?: InitOptions): Promise<void>;
|
|
10
16
|
export { authorizationCheckMiddleware, getAuthorizationMiddleware, skipAuthorizationMiddleware, } from './authorization-middleware';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AAInE,OAAO,KAAK,OAAO,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,WAAW,CAAC,EAAE,GAAG,CAAC;IAClB,sCAAsC,CAAC,EAAE,MAAM,CAAC;IAChD,OAAO,CAAC,EAAE;QACR,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC;CACH;AAED,wBAAsB,IAAI,CAAC,OAAO,GAAE,WAAgB,iBAqBnD;AAED,OAAO,EACL,4BAA4B,EAC5B,0BAA0B,EAC1B,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAClF,OAAO,EAAE,8BAA8B,EAAE,MAAM,oCAAoC,CAAC;AACpF,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC5G,OAAO,EACL,WAAW,EACX,YAAY,EACZ,0BAA0B,EAC1B,kBAAkB,GACnB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAErH,OAAO,EAAE,OAAO,EAAE,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -2,6 +2,7 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
|
|
|
2
2
|
|
|
3
3
|
const prometheusService = require('./prometheus-service.js');
|
|
4
4
|
const authorizationService = require('./authorization-service.js');
|
|
5
|
+
const metricsService = require('./metrics-service.js');
|
|
5
6
|
const testKit_index = require('./testKit/index.js');
|
|
6
7
|
const authorizationMiddleware = require('./authorization-middleware.js');
|
|
7
8
|
const authorizationAttributesService = require('./authorization-attributes-service.js');
|
|
@@ -12,6 +13,12 @@ async function init(options = {}) {
|
|
|
12
13
|
if (options.prometheus) {
|
|
13
14
|
prometheusService.setPrometheus(options.prometheus);
|
|
14
15
|
}
|
|
16
|
+
metricsService.initializeMetrics({
|
|
17
|
+
serviceName: options.metrics?.serviceName ?? process.env.APP_NAME ?? 'authorization-sdk',
|
|
18
|
+
host: options.metrics?.host,
|
|
19
|
+
port: options.metrics?.port,
|
|
20
|
+
disabled: options.metrics?.disabled,
|
|
21
|
+
});
|
|
15
22
|
if (options.mondayFetchOptions) {
|
|
16
23
|
authorizationService.setRequestFetchOptions(options.mondayFetchOptions);
|
|
17
24
|
}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
type ApiType = 'platform' | 'graph';
|
|
2
|
+
interface InitializeMetricsOptions {
|
|
3
|
+
serviceName: string;
|
|
4
|
+
host?: string;
|
|
5
|
+
port?: number;
|
|
6
|
+
disabled?: boolean;
|
|
7
|
+
}
|
|
8
|
+
export declare function initializeMetrics(options: InitializeMetricsOptions): void;
|
|
9
|
+
export declare function recordAuthorizationTiming(apiType: ApiType, duration: number): void;
|
|
10
|
+
export declare function recordAuthorizationSuccess(apiType: ApiType): void;
|
|
11
|
+
export declare function recordAuthorizationError(apiType: ApiType, statusCode: number): void;
|
|
12
|
+
export {};
|
|
13
|
+
//# sourceMappingURL=metrics-service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"metrics-service.d.ts","sourceRoot":"","sources":["../src/metrics-service.ts"],"names":[],"mappings":"AAGA,KAAK,OAAO,GAAG,UAAU,GAAG,OAAO,CAAC;AAEpC,UAAU,wBAAwB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAID,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,wBAAwB,GAAG,IAAI,CA4BzE;AAED,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAUlF;AAED,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAUjE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI,CAUnF"}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
|
|
2
|
+
|
|
3
|
+
const mondayObservabilityKit = require('@mondaydotcomorg/monday-observability-kit');
|
|
4
|
+
const authorizationInternalService = require('./authorization-internal-service.js');
|
|
5
|
+
|
|
6
|
+
let initialized = false;
|
|
7
|
+
function initializeMetrics(options) {
|
|
8
|
+
if (initialized) {
|
|
9
|
+
return;
|
|
10
|
+
}
|
|
11
|
+
const { serviceName } = options;
|
|
12
|
+
if (!serviceName) {
|
|
13
|
+
authorizationInternalService.logger.warn({ tag: 'metrics-service' }, 'Metrics initialization skipped: serviceName is missing');
|
|
14
|
+
return;
|
|
15
|
+
}
|
|
16
|
+
const resolvedHost = options.host ?? process.env.DOGSTATSD_HOST ?? 'localhost';
|
|
17
|
+
const envPort = process.env.DOGSTATSD_PORT ? Number(process.env.DOGSTATSD_PORT) : undefined;
|
|
18
|
+
const resolvedPort = options.port ?? (Number.isFinite(envPort ?? NaN) ? envPort : undefined) ?? 8125;
|
|
19
|
+
const resolvedDisabled = options.disabled ?? ['test', 'development'].includes((process.env.NODE_ENV ?? '').toLowerCase());
|
|
20
|
+
try {
|
|
21
|
+
mondayObservabilityKit.Metric.initialize({
|
|
22
|
+
serviceName,
|
|
23
|
+
host: resolvedHost,
|
|
24
|
+
port: resolvedPort,
|
|
25
|
+
disabled: resolvedDisabled,
|
|
26
|
+
});
|
|
27
|
+
initialized = true;
|
|
28
|
+
}
|
|
29
|
+
catch (error) {
|
|
30
|
+
authorizationInternalService.logger.warn({ tag: 'metrics-service', error }, 'Failed to initialize metrics');
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
function recordAuthorizationTiming(apiType, duration) {
|
|
34
|
+
if (!initialized) {
|
|
35
|
+
return;
|
|
36
|
+
}
|
|
37
|
+
try {
|
|
38
|
+
mondayObservabilityKit.Metric.distribution(`authorization.authorizationCheck.${apiType}.duration`, duration);
|
|
39
|
+
}
|
|
40
|
+
catch (error) {
|
|
41
|
+
authorizationInternalService.logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization timing');
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
function recordAuthorizationSuccess(apiType) {
|
|
45
|
+
if (!initialized) {
|
|
46
|
+
return;
|
|
47
|
+
}
|
|
48
|
+
try {
|
|
49
|
+
mondayObservabilityKit.Metric.increment(`authorization.authorizationCheck.${apiType}.success`);
|
|
50
|
+
}
|
|
51
|
+
catch (error) {
|
|
52
|
+
authorizationInternalService.logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization success');
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
function recordAuthorizationError(apiType, statusCode) {
|
|
56
|
+
if (!initialized) {
|
|
57
|
+
return;
|
|
58
|
+
}
|
|
59
|
+
try {
|
|
60
|
+
mondayObservabilityKit.Metric.increment(`authorization.authorizationCheck.${apiType}.error.${statusCode}`);
|
|
61
|
+
}
|
|
62
|
+
catch (error) {
|
|
63
|
+
authorizationInternalService.logger.warn({ tag: 'metrics-service', error }, 'Failed to record authorization error');
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
exports.initializeMetrics = initializeMetrics;
|
|
68
|
+
exports.recordAuthorizationError = recordAuthorizationError;
|
|
69
|
+
exports.recordAuthorizationSuccess = recordAuthorizationSuccess;
|
|
70
|
+
exports.recordAuthorizationTiming = recordAuthorizationTiming;
|
|
@@ -7,6 +7,4 @@ export declare const METRICS: {
|
|
|
7
7
|
export declare function setPrometheus(customPrometheus: any): void;
|
|
8
8
|
export declare function getMetricsManager(): any;
|
|
9
9
|
export declare function sendAuthorizationCheckResponseTimeMetric(resourceType: string, action: Action, isAuthorized: boolean, responseStatus: number, time: number, apiType?: 'platform' | 'graph'): void;
|
|
10
|
-
export declare function incrementAuthorizationSuccess(resourceType: string, action: Action, apiType: 'platform' | 'graph'): void;
|
|
11
|
-
export declare function incrementAuthorizationError(resourceType: string, action: Action, statusCode: number, apiType: 'platform' | 'graph'): void;
|
|
12
10
|
//# sourceMappingURL=prometheus-service.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"prometheus-service.d.ts","sourceRoot":"","sources":["../src/prometheus-service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAKzC,eAAO,MAAM,OAAO;;;;CAInB,CAAC;AAQF,wBAAgB,aAAa,CAAC,gBAAgB,KAAA,QAmB7C;AAED,wBAAgB,iBAAiB,QAEhC;AAED,wBAAgB,wCAAwC,CACtD,YAAY,EAAE,MAAM,EACpB,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,OAAO,EACrB,cAAc,EAAE,MAAM,EACtB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,UAAU,GAAG,OAAoB,QAW3C"}
|
|
@@ -2,8 +2,6 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
|
|
|
2
2
|
|
|
3
3
|
let prometheus = null;
|
|
4
4
|
let authorizationCheckResponseTimeMetric = null;
|
|
5
|
-
let authorizationSuccessMetric = null;
|
|
6
|
-
let authorizationErrorMetric = null;
|
|
7
5
|
const METRICS = {
|
|
8
6
|
AUTHORIZATION_CHECK: 'authorization_check',
|
|
9
7
|
AUTHORIZATION_CHECKS_PER_REQUEST: 'authorization_checks_per_request',
|
|
@@ -18,16 +16,14 @@ function setPrometheus(customPrometheus) {
|
|
|
18
16
|
prometheus = customPrometheus;
|
|
19
17
|
if (!prometheus) {
|
|
20
18
|
authorizationCheckResponseTimeMetric = null;
|
|
21
|
-
authorizationSuccessMetric = null;
|
|
22
|
-
authorizationErrorMetric = null;
|
|
23
19
|
return;
|
|
24
20
|
}
|
|
25
21
|
const { METRICS_TYPES } = prometheus;
|
|
26
22
|
const metricsManager = getMetricsManager();
|
|
27
|
-
if (metricsManager) {
|
|
28
|
-
|
|
29
|
-
initializeAdditionalMetrics();
|
|
23
|
+
if (!metricsManager) {
|
|
24
|
+
return;
|
|
30
25
|
}
|
|
26
|
+
authorizationCheckResponseTimeMetric = metricsManager.addMetric(METRICS_TYPES.SUMMARY, authorizationCheckResponseTimeMetricConfig.name, authorizationCheckResponseTimeMetricConfig.labels, authorizationCheckResponseTimeMetricConfig.description);
|
|
31
27
|
}
|
|
32
28
|
function getMetricsManager() {
|
|
33
29
|
return prometheus?.metricsManager;
|
|
@@ -44,52 +40,8 @@ function sendAuthorizationCheckResponseTimeMetric(resourceType, action, isAuthor
|
|
|
44
40
|
// ignore
|
|
45
41
|
}
|
|
46
42
|
}
|
|
47
|
-
const authorizationSuccessMetricConfig = {
|
|
48
|
-
name: 'authorization_success_total',
|
|
49
|
-
labels: ['resourceType', 'action', 'apiType'],
|
|
50
|
-
description: 'Total number of successful authorization checks',
|
|
51
|
-
};
|
|
52
|
-
const authorizationErrorMetricConfig = {
|
|
53
|
-
name: 'authorization_error_total',
|
|
54
|
-
labels: ['resourceType', 'action', 'statusCode', 'apiType'],
|
|
55
|
-
description: 'Total number of authorization errors',
|
|
56
|
-
};
|
|
57
|
-
function incrementAuthorizationSuccess(resourceType, action, apiType) {
|
|
58
|
-
try {
|
|
59
|
-
if (authorizationSuccessMetric) {
|
|
60
|
-
authorizationSuccessMetric.labels(resourceType, action, apiType).inc();
|
|
61
|
-
}
|
|
62
|
-
}
|
|
63
|
-
catch (e) {
|
|
64
|
-
// ignore
|
|
65
|
-
}
|
|
66
|
-
}
|
|
67
|
-
function incrementAuthorizationError(resourceType, action, statusCode, apiType) {
|
|
68
|
-
try {
|
|
69
|
-
if (authorizationErrorMetric) {
|
|
70
|
-
authorizationErrorMetric.labels(resourceType, action, statusCode, apiType).inc();
|
|
71
|
-
}
|
|
72
|
-
}
|
|
73
|
-
catch (e) {
|
|
74
|
-
// ignore
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
// Initialize additional metrics when prometheus is set
|
|
78
|
-
function initializeAdditionalMetrics() {
|
|
79
|
-
if (!prometheus) {
|
|
80
|
-
return;
|
|
81
|
-
}
|
|
82
|
-
const { METRICS_TYPES } = prometheus;
|
|
83
|
-
const metricsManager = getMetricsManager();
|
|
84
|
-
if (metricsManager) {
|
|
85
|
-
authorizationSuccessMetric = metricsManager.addMetric(METRICS_TYPES.COUNTER, authorizationSuccessMetricConfig.name, authorizationSuccessMetricConfig.labels, authorizationSuccessMetricConfig.description);
|
|
86
|
-
authorizationErrorMetric = metricsManager.addMetric(METRICS_TYPES.COUNTER, authorizationErrorMetricConfig.name, authorizationErrorMetricConfig.labels, authorizationErrorMetricConfig.description);
|
|
87
|
-
}
|
|
88
|
-
}
|
|
89
43
|
|
|
90
44
|
exports.METRICS = METRICS;
|
|
91
45
|
exports.getMetricsManager = getMetricsManager;
|
|
92
|
-
exports.incrementAuthorizationError = incrementAuthorizationError;
|
|
93
|
-
exports.incrementAuthorizationSuccess = incrementAuthorizationSuccess;
|
|
94
46
|
exports.sendAuthorizationCheckResponseTimeMetric = sendAuthorizationCheckResponseTimeMetric;
|
|
95
47
|
exports.setPrometheus = setPrometheus;
|
|
@@ -2,14 +2,15 @@ export type ResourceType = string;
|
|
|
2
2
|
export type ResourceId = number;
|
|
3
3
|
export type ActionName = string;
|
|
4
4
|
export type GraphIsAllowedDto = Record<ResourceType, Record<ResourceId, ActionName[]>>;
|
|
5
|
-
export
|
|
5
|
+
export interface GraphPermissionReason {
|
|
6
|
+
key: string;
|
|
7
|
+
additionalOptions?: Record<string, string>;
|
|
8
|
+
technicalReason?: number;
|
|
9
|
+
}
|
|
10
|
+
export interface GraphPermissionResult {
|
|
6
11
|
can: boolean;
|
|
7
|
-
reason
|
|
8
|
-
|
|
9
|
-
additionalOptions?: Record<string, string>;
|
|
10
|
-
technicalReason?: number;
|
|
11
|
-
};
|
|
12
|
-
};
|
|
12
|
+
reason?: GraphPermissionReason;
|
|
13
|
+
}
|
|
13
14
|
export type GraphPermissionResults = Record<ActionName, GraphPermissionResult>;
|
|
14
15
|
export type GraphIsAllowedResponse = Record<ResourceType, Record<string, GraphPermissionResults>>;
|
|
15
16
|
//# sourceMappingURL=graph-api.types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graph-api.types.d.ts","sourceRoot":"","sources":["../../src/types/graph-api.types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAClC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAChC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAEhC,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AAEvF,MAAM,
|
|
1
|
+
{"version":3,"file":"graph-api.types.d.ts","sourceRoot":"","sources":["../../src/types/graph-api.types.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC;AAClC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAChC,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC;AAEhC,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;AAEvF,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,MAAM,CAAC;IACZ,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC3C,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,qBAAqB,CAAC;CAChC;AAGD,MAAM,MAAM,sBAAsB,GAAG,MAAM,CAAC,UAAU,EAAE,qBAAqB,CAAC,CAAC;AAI/E,MAAM,MAAM,sBAAsB,GAAG,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mondaydotcomorg/monday-authorization",
|
|
3
|
-
"version": "3.3.0-feat-add-graph-api-routing-support-
|
|
3
|
+
"version": "3.3.0-feat-add-graph-api-routing-support-c37c919",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"license": "BSD-3-Clause",
|
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
"@mondaydotcomorg/monday-fetch-api": "^1.0.2",
|
|
26
26
|
"@mondaydotcomorg/monday-jwt": "^3.0.14",
|
|
27
27
|
"@mondaydotcomorg/monday-logger": "^4.0.11",
|
|
28
|
+
"@mondaydotcomorg/monday-observability-kit": "^1.5.3",
|
|
28
29
|
"@mondaydotcomorg/monday-sns": "^1.2.1",
|
|
29
30
|
"@mondaydotcomorg/trident-backend-api": "^0.24.3",
|
|
30
31
|
"lodash": "^4.17.21",
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { ScopedAction, ScopedActionResponseObject } from '../types/scoped-actions-contracts';
|
|
2
|
-
import { GraphIsAllowedDto, GraphIsAllowedResponse } from '../types/graph-api.types';
|
|
3
|
-
/**
|
|
4
|
-
* Client for handling Graph API authorization operations
|
|
5
|
-
*/
|
|
6
|
-
export declare class GraphApiClient {
|
|
7
|
-
/**
|
|
8
|
-
* Builds the request body for Graph API calls
|
|
9
|
-
*/
|
|
10
|
-
static buildRequestBody(scopedActions: ScopedAction[]): GraphIsAllowedDto;
|
|
11
|
-
/**
|
|
12
|
-
* Fetches authorization data from the Graph API
|
|
13
|
-
*/
|
|
14
|
-
static fetchPermissions(internalAuthToken: string, scopedActions: ScopedAction[]): Promise<GraphIsAllowedResponse>;
|
|
15
|
-
/**
|
|
16
|
-
* Maps Graph API response to the expected format
|
|
17
|
-
*/
|
|
18
|
-
static mapResponse(scopedActions: ScopedAction[], graphResponse: GraphIsAllowedResponse): ScopedActionResponseObject[];
|
|
19
|
-
/**
|
|
20
|
-
* Performs a complete authorization check using the Graph API
|
|
21
|
-
*/
|
|
22
|
-
static checkPermissions(internalAuthToken: string, scopedActions: ScopedAction[]): Promise<ScopedActionResponseObject[]>;
|
|
23
|
-
}
|
|
24
|
-
//# sourceMappingURL=graph-api.client.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"graph-api.client.d.ts","sourceRoot":"","sources":["../../src/clients/graph-api.client.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,YAAY,EACZ,0BAA0B,EAG3B,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EAIvB,MAAM,0BAA0B,CAAC;AAMlC;;GAEG;AACH,qBAAa,cAAc;IACzB;;OAEG;IACH,MAAM,CAAC,gBAAgB,CAAC,aAAa,EAAE,YAAY,EAAE,GAAG,iBAAiB;IAyBzE;;OAEG;WACU,gBAAgB,CAC3B,iBAAiB,EAAE,MAAM,EACzB,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,sBAAsB,CAAC;IA2ClC;;OAEG;IACH,MAAM,CAAC,WAAW,CAChB,aAAa,EAAE,YAAY,EAAE,EAC7B,aAAa,EAAE,sBAAsB,GACpC,0BAA0B,EAAE;IAsC/B;;OAEG;WACU,gBAAgB,CAC3B,iBAAiB,EAAE,MAAM,EACzB,aAAa,EAAE,YAAY,EAAE,GAC5B,OAAO,CAAC,0BAA0B,EAAE,CAAC;CAIzC"}
|