@naturalcycles/nodejs-lib 12.80.3 → 12.81.0

package/dist/index.d.ts

@@ -72,5 +72,6 @@ export * from './validation/joi/joi.shared.schemas';
 export * from './validation/joi/joi.validation.error';
 export * from './validation/joi/joi.validation.util';
 export * from './script';
+export * from './jwt/jwt.service';
 export type { GlobbyOptions, FastGlobOptions, ValidationErrorItem, AnySchema, Got, AfterResponseHook, BeforeErrorHook, BeforeRequestHook, };
 export { globby, fastGlob, RequestError, TimeoutError, Ajv };

package/dist/index.js

@@ -77,3 +77,4 @@ tslib_1.__exportStar(require("./validation/joi/joi.shared.schemas"), exports);
 tslib_1.__exportStar(require("./validation/joi/joi.validation.error"), exports);
 tslib_1.__exportStar(require("./validation/joi/joi.validation.util"), exports);
 tslib_1.__exportStar(require("./script"), exports);
+tslib_1.__exportStar(require("./jwt/jwt.service"), exports);

package/dist/jwt/jwt.service.d.ts

@@ -0,0 +1,55 @@
+/// <reference types="node" />
+import { AnyObject, ErrorData, JWTString } from '@naturalcycles/js-lib';
+import type { Algorithm, VerifyOptions, JwtHeader, SignOptions } from 'jsonwebtoken';
+import * as jsonwebtoken from 'jsonwebtoken';
+import { AnySchemaTyped } from '../validation/joi/joi.model';
+export { jsonwebtoken };
+export type { Algorithm, VerifyOptions, SignOptions, JwtHeader };
+export interface JWTServiceCfg {
+    /**
+     * Public key is required to Verify incoming tokens.
+     * Optional if you only want to Decode or Sign.
+     */
+    publicKey?: string | Buffer;
+    /**
+     * Private key is required to Sign (create) outgoing tokens.
+     * Optional if you only want to Decode or Verify.
+     */
+    privateKey?: string | Buffer;
+    /**
+     * Recommended: ES256
+     */
+    algorithm: Algorithm;
+    /**
+     * If provided - will be applied to every Sign operation.
+     */
+    signOptions?: SignOptions;
+    /**
+     * If provided - will be applied to every Sign operation.
+     */
+    verifyOptions?: VerifyOptions;
+    /**
+     * If set - errors thrown from this service will be extended
+     * with this errorData (in err.data)
+     */
+    errorData?: ErrorData;
+}
+/**
+ * Wraps popular `jsonwebtoken` library.
+ * You should create one instance of JWTService for each pair of private/public key.
+ *
+ * Generate key pair like this:
+ * openssl ecparam -name secp256k1 -genkey -noout -out key.pem
+ * openssl ec -in key.pem -pubout > key.pub.pem
+ */
+export declare class JWTService {
+    cfg: JWTServiceCfg;
+    constructor(cfg: JWTServiceCfg);
+    sign<T extends AnyObject>(payload: T, schema?: AnySchemaTyped<T>, opt?: SignOptions): JWTString;
+    verify<T extends AnyObject>(token: JWTString, schema?: AnySchemaTyped<T>, opt?: VerifyOptions): T;
+    decode<T extends AnyObject>(token: JWTString, schema?: AnySchemaTyped<T>): {
+        header: JwtHeader;
+        payload: T;
+        signature: string;
+    };
+}

package/dist/jwt/jwt.service.js

@@ -0,0 +1,68 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JWTService = exports.jsonwebtoken = void 0;
+const js_lib_1 = require("@naturalcycles/js-lib");
+const jsonwebtoken = require("jsonwebtoken");
+exports.jsonwebtoken = jsonwebtoken;
+const joi_shared_schemas_1 = require("../validation/joi/joi.shared.schemas");
+const joi_validation_util_1 = require("../validation/joi/joi.validation.util");
+// todo: define JWTError and list possible options
+/**
+ * Wraps popular `jsonwebtoken` library.
+ * You should create one instance of JWTService for each pair of private/public key.
+ *
+ * Generate key pair like this:
+ * openssl ecparam -name secp256k1 -genkey -noout -out key.pem
+ * openssl ec -in key.pem -pubout > key.pub.pem
+ */
+class JWTService {
+    constructor(cfg) {
+        this.cfg = cfg;
+    }
+    sign(payload, schema, opt = {}) {
+        (0, js_lib_1._assert)(this.cfg.privateKey, 'JWTService: privateKey is required to be able to verify, but not provided');
+        if (schema) {
+            (0, joi_validation_util_1.validate)(payload, schema);
+        }
+        return jsonwebtoken.sign(payload, this.cfg.privateKey, {
+            algorithm: this.cfg.algorithm,
+            noTimestamp: true,
+            ...this.cfg.signOptions,
+            ...opt,
+        });
+    }
+    verify(token, schema, opt = {}) {
+        (0, js_lib_1._assert)(this.cfg.publicKey, 'JWTService: publicKey is required to be able to verify, but not provided');
+        try {
+            const data = jsonwebtoken.verify(token, this.cfg.publicKey, {
+                algorithms: [this.cfg.algorithm],
+                ...this.cfg.verifyOptions,
+                ...opt,
+            });
+            if (schema) {
+                (0, joi_validation_util_1.validate)(data, schema);
+            }
+            return data;
+        }
+        catch (err) {
+            if (this.cfg.errorData) {
+                (0, js_lib_1._typeCast)(err);
+                (0, js_lib_1._errorDataAppend)(err, {
+                    ...this.cfg.errorData,
+                });
+            }
+            throw err;
+        }
+    }
+    decode(token, schema) {
+        const data = jsonwebtoken.decode(token, {
+            complete: true,
+        });
+        (0, js_lib_1._assert)(data, 'invalid token, decoded value is null', {
+            ...this.cfg.errorData,
+        });
+        (0, joi_validation_util_1.validate)(data.payload, schema || joi_shared_schemas_1.anyObjectSchema);
+        return data;
+    }
+}
+exports.JWTService = JWTService;

package/dist/log/debug.d.ts

@@ -1,10 +1,10 @@
 export interface IDebug {
     (namespace: string): IDebugger;
-    coerce: (val: any) => any;
-    disable: () => string;
-    enable: (namespaces: string) => void;
-    enabled: (namespaces: string) => boolean;
-    log: (...args: any[]) => any;
+    coerce(val: any): any;
+    disable(): string;
+    enable(namespaces: string): void;
+    enabled(namespaces: string): boolean;
+    log(...args: any[]): any;
     names: RegExp[];
     skips: RegExp[];
     formatters: DebugFormatters;
@@ -16,8 +16,8 @@ export interface IDebugger {
     (...args: any[]): void;
     color: string;
     enabled: boolean;
-    log: (...args: any[]) => any;
+    log(...args: any[]): any;
     namespace: string;
-    destroy: () => boolean;
+    destroy(): boolean;
 }
 export declare const Debug: IDebug;

package/dist/stream/transform/transformLogProgress.d.ts

@@ -75,7 +75,7 @@ export interface TransformLogProgressOptions<IN = any> extends TransformOptions
      *
      * chunk is undefined for "final" stats, otherwise is defined.
      */
-    extra?: (chunk: IN | undefined, index: number) => AnyObject;
+    extra?(chunk: IN | undefined, index: number): AnyObject;
     /**
      * If specified - will multiply the counter by this number.
      * Useful e.g when using `transformBuffer({ batchSize: 500 })`, so

package/dist/stream/transform/transformMap.d.ts

@@ -29,7 +29,7 @@ export interface TransformMapOptions<IN = any, OUT = IN> {
      * If defined - will be called on every error happening in the stream.
      * Called BEFORE observable will emit error (unless skipErrors is set to true).
      */
-    onError?: (err: Error, input: IN) => any;
+    onError?(err: Error, input: IN): any;
     /**
      * Progress metric
      *

package/dist/stream/transform/transformMapSync.d.ts

@@ -27,7 +27,7 @@ export interface TransformMapSyncOptions<IN = any, OUT = IN> {
      * If defined - will be called on every error happening in the stream.
      * Called BEFORE observable will emit error (unless skipErrors is set to true).
      */
-    onError?: (err: Error, input: IN) => any;
+    onError?(err: Error, input: IN): any;
     /**
      * Progress metric
      *

package/dist/validation/joi/joi.validation.util.js

@@ -106,7 +106,7 @@ function createError(value, err, objectName) {
     const tokens = [];
     const objectId = (0, js_lib_1._isObject)(value) ? value['id'] : undefined;
     if (objectId || objectName) {
-        objectName = objectName || value?.constructor?.name;
+        objectName ||= value?.constructor?.name;
         tokens.push('Invalid ' + [objectName, objectId].filter(Boolean).join('.'));
     }
     const annotation = err.annotate(stripColors);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@naturalcycles/nodejs-lib",
-  "version": "12.80.3",
+  "version": "12.81.0",
   "scripts": {
     "prepare": "husky install",
     "docs-serve": "vuepress dev docs",
@@ -15,6 +15,7 @@
   },
   "dependencies": {
     "@naturalcycles/js-lib": "^14.0.0",
+    "@types/jsonwebtoken": "^8.5.9",
     "@types/through2-concurrent": "^2.0.0",
     "ajv": "^8.6.2",
     "ajv-formats": "^2.1.0",
@@ -31,6 +32,7 @@
     "globby": "^11.0.0",
     "got": "^11.0.1",
     "joi": "17.4.2",
+    "jsonwebtoken": "^8.5.1",
     "lru-cache": "^7.4.0",
     "move-file": "^2.0.0",
     "through2-concurrent": "^2.0.0",

package/src/index.ts

@@ -72,6 +72,7 @@ export * from './validation/joi/joi.shared.schemas'
 export * from './validation/joi/joi.validation.error'
 export * from './validation/joi/joi.validation.util'
 export * from './script'
+export * from './jwt/jwt.service'
 
 export type {
   GlobbyOptions,

package/src/jwt/jwt.service.ts

@@ -0,0 +1,143 @@
+import {
+  _assert,
+  _errorDataAppend,
+  _typeCast,
+  AnyObject,
+  ErrorData,
+  JWTString,
+} from '@naturalcycles/js-lib'
+import type { Algorithm, VerifyOptions, JwtHeader, SignOptions } from 'jsonwebtoken'
+import * as jsonwebtoken from 'jsonwebtoken'
+import { AnySchemaTyped } from '../validation/joi/joi.model'
+import { anyObjectSchema } from '../validation/joi/joi.shared.schemas'
+import { validate } from '../validation/joi/joi.validation.util'
+export { jsonwebtoken }
+export type { Algorithm, VerifyOptions, SignOptions, JwtHeader }
+
+export interface JWTServiceCfg {
+  /**
+   * Public key is required to Verify incoming tokens.
+   * Optional if you only want to Decode or Sign.
+   */
+  publicKey?: string | Buffer
+  /**
+   * Private key is required to Sign (create) outgoing tokens.
+   * Optional if you only want to Decode or Verify.
+   */
+  privateKey?: string | Buffer
+
+  /**
+   * Recommended: ES256
+   */
+  algorithm: Algorithm
+
+  /**
+   * If provided - will be applied to every Sign operation.
+   */
+  signOptions?: SignOptions
+
+  /**
+   * If provided - will be applied to every Sign operation.
+   */
+  verifyOptions?: VerifyOptions
+
+  /**
+   * If set - errors thrown from this service will be extended
+   * with this errorData (in err.data)
+   */
+  errorData?: ErrorData
+}
+
+// todo: define JWTError and list possible options
+
+/**
+ * Wraps popular `jsonwebtoken` library.
+ * You should create one instance of JWTService for each pair of private/public key.
+ *
+ * Generate key pair like this:
+ * openssl ecparam -name secp256k1 -genkey -noout -out key.pem
+ * openssl ec -in key.pem -pubout > key.pub.pem
+ */
+export class JWTService {
+  constructor(public cfg: JWTServiceCfg) {}
+
+  sign<T extends AnyObject>(
+    payload: T,
+    schema?: AnySchemaTyped<T>,
+    opt: SignOptions = {},
+  ): JWTString {
+    _assert(
+      this.cfg.privateKey,
+      'JWTService: privateKey is required to be able to verify, but not provided',
+    )
+
+    if (schema) {
+      validate(payload, schema)
+    }
+
+    return jsonwebtoken.sign(payload, this.cfg.privateKey, {
+      algorithm: this.cfg.algorithm,
+      noTimestamp: true,
+      ...this.cfg.signOptions,
+      ...opt,
+    })
+  }
+
+  verify<T extends AnyObject>(
+    token: JWTString,
+    schema?: AnySchemaTyped<T>,
+    opt: VerifyOptions = {},
+  ): T {
+    _assert(
+      this.cfg.publicKey,
+      'JWTService: publicKey is required to be able to verify, but not provided',
+    )
+
+    try {
+      const data = jsonwebtoken.verify(token, this.cfg.publicKey, {
+        algorithms: [this.cfg.algorithm],
+        ...this.cfg.verifyOptions,
+        ...opt,
+      }) as T
+
+      if (schema) {
+        validate(data, schema)
+      }
+
+      return data
+    } catch (err) {
+      if (this.cfg.errorData) {
+        _typeCast<Error>(err)
+        _errorDataAppend(err, {
+          ...this.cfg.errorData,
+        })
+      }
+      throw err
+    }
+  }
+
+  decode<T extends AnyObject>(
+    token: JWTString,
+    schema?: AnySchemaTyped<T>,
+  ): {
+    header: JwtHeader
+    payload: T
+    signature: string
+  } {
+    const data = jsonwebtoken.decode(token, {
+      complete: true,
+    }) as {
+      header: JwtHeader
+      payload: T
+      signature: string
+    } | null
+
+    _assert(data, 'invalid token, decoded value is null', {
+      ...this.cfg.errorData,
+    })
+
+    validate(data.payload, schema || anyObjectSchema)
+
+    return data
+  }
+}

package/src/log/debug.ts

@@ -1,11 +1,11 @@
 // Types based on @types/debug
 export interface IDebug {
   (namespace: string): IDebugger
-  coerce: (val: any) => any
-  disable: () => string
-  enable: (namespaces: string) => void
-  enabled: (namespaces: string) => boolean
-  log: (...args: any[]) => any
+  coerce(val: any): any
+  disable(): string
+  enable(namespaces: string): void
+  enabled(namespaces: string): boolean
+  log(...args: any[]): any
 
   names: RegExp[]
   skips: RegExp[]
@@ -23,9 +23,9 @@ export interface IDebugger {
 
   color: string
   enabled: boolean
-  log: (...args: any[]) => any
+  log(...args: any[]): any
   namespace: string
-  destroy: () => boolean
+  destroy(): boolean
   // extend: (namespace: string, delimiter?: string) => IDebugger
 }
 

package/src/stream/transform/transformLogProgress.ts

@@ -100,7 +100,7 @@ export interface TransformLogProgressOptions<IN = any> extends TransformOptions
    *
    * chunk is undefined for "final" stats, otherwise is defined.
    */
-  extra?: (chunk: IN | undefined, index: number) => AnyObject
+  extra?(chunk: IN | undefined, index: number): AnyObject
 
   /**
    * If specified - will multiply the counter by this number.

package/src/stream/transform/transformMap.ts

@@ -48,7 +48,7 @@ export interface TransformMapOptions<IN = any, OUT = IN> {
    * If defined - will be called on every error happening in the stream.
    * Called BEFORE observable will emit error (unless skipErrors is set to true).
    */
-  onError?: (err: Error, input: IN) => any
+  onError?(err: Error, input: IN): any
 
   /**
    * Progress metric

package/src/stream/transform/transformMapSync.ts

@@ -43,7 +43,7 @@ export interface TransformMapSyncOptions<IN = any, OUT = IN> {
    * If defined - will be called on every error happening in the stream.
    * Called BEFORE observable will emit error (unless skipErrors is set to true).
    */
-  onError?: (err: Error, input: IN) => any
+  onError?(err: Error, input: IN): any
 
   /**
    * Progress metric

package/src/validation/joi/joi.validation.util.ts

@@ -139,7 +139,7 @@ function createError(value: any, err: ValidationError, objectName?: string): Joi
   const objectId = _isObject(value) ? (value['id'] as string) : undefined
 
   if (objectId || objectName) {
-    objectName = objectName || value?.constructor?.name
+    objectName ||= value?.constructor?.name
 
     tokens.push('Invalid ' + [objectName, objectId].filter(Boolean).join('.'))
   }