npm - @nauth-toolkit/core - Versions diffs - 0.1.0 - Mend

@nauth-toolkit/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (778) hide show

package/dist/adapters/database-columns.d.ts +10 -0
package/dist/adapters/database-columns.d.ts.map +1 -0
package/dist/adapters/database-columns.js +85 -0
package/dist/adapters/database-columns.js.map +1 -0
package/dist/adapters/express.adapter.d.ts +41 -0
package/dist/adapters/express.adapter.d.ts.map +1 -0
package/dist/adapters/express.adapter.js +188 -0
package/dist/adapters/express.adapter.js.map +1 -0
package/dist/adapters/fastify.adapter.d.ts +33 -0
package/dist/adapters/fastify.adapter.d.ts.map +1 -0
package/dist/adapters/fastify.adapter.js +223 -0
package/dist/adapters/fastify.adapter.js.map +1 -0
package/dist/adapters/index.d.ts +5 -0
package/dist/adapters/index.d.ts.map +1 -0
package/dist/adapters/index.js +25 -0
package/dist/adapters/index.js.map +1 -0
package/dist/adapters/storage.factory.d.ts +7 -0
package/dist/adapters/storage.factory.d.ts.map +1 -0
package/dist/adapters/storage.factory.js +24 -0
package/dist/adapters/storage.factory.js.map +1 -0
package/dist/bootstrap.d.ts +41 -0
package/dist/bootstrap.d.ts.map +1 -0
package/dist/bootstrap.js +113 -0
package/dist/bootstrap.js.map +1 -0
package/dist/dto/auth-challenge.dto.d.ts +19 -0
package/dist/dto/auth-challenge.dto.d.ts.map +1 -0
package/dist/dto/auth-challenge.dto.js +86 -0
package/dist/dto/auth-challenge.dto.js.map +1 -0
package/dist/dto/auth-response.dto.d.ts +31 -0
package/dist/dto/auth-response.dto.d.ts.map +1 -0
package/dist/dto/auth-response.dto.js +18 -0
package/dist/dto/auth-response.dto.js.map +1 -0
package/dist/dto/challenge-response.dto.d.ts +36 -0
package/dist/dto/challenge-response.dto.d.ts.map +1 -0
package/dist/dto/challenge-response.dto.js +3 -0
package/dist/dto/challenge-response.dto.js.map +1 -0
package/dist/dto/change-password-request.dto.d.ts +5 -0
package/dist/dto/change-password-request.dto.d.ts.map +1 -0
package/dist/dto/change-password-request.dto.js +30 -0
package/dist/dto/change-password-request.dto.js.map +1 -0
package/dist/dto/change-password-response.dto.d.ts +4 -0
package/dist/dto/change-password-response.dto.d.ts.map +1 -0
package/dist/dto/change-password-response.dto.js +8 -0
package/dist/dto/change-password-response.dto.js.map +1 -0
package/dist/dto/change-password.dto.d.ts +5 -0
package/dist/dto/change-password.dto.d.ts.map +1 -0
package/dist/dto/change-password.dto.js +29 -0
package/dist/dto/change-password.dto.js.map +1 -0
package/dist/dto/error-response.dto.d.ts +9 -0
package/dist/dto/error-response.dto.d.ts.map +1 -0
package/dist/dto/error-response.dto.js +59 -0
package/dist/dto/error-response.dto.js.map +1 -0
package/dist/dto/get-available-methods.dto.d.ts +7 -0
package/dist/dto/get-available-methods.dto.d.ts.map +1 -0
package/dist/dto/get-available-methods.dto.js +33 -0
package/dist/dto/get-available-methods.dto.js.map +1 -0
package/dist/dto/get-challenge-data-response.dto.d.ts +4 -0
package/dist/dto/get-challenge-data-response.dto.d.ts.map +1 -0
package/dist/dto/get-challenge-data-response.dto.js +8 -0
package/dist/dto/get-challenge-data-response.dto.js.map +1 -0
package/dist/dto/get-challenge-data.dto.d.ts +8 -0
package/dist/dto/get-challenge-data.dto.d.ts.map +1 -0
package/dist/dto/get-challenge-data.dto.js +40 -0
package/dist/dto/get-challenge-data.dto.js.map +1 -0
package/dist/dto/get-client-info.dto.d.ts +17 -0
package/dist/dto/get-client-info.dto.d.ts.map +1 -0
package/dist/dto/get-client-info.dto.js +20 -0
package/dist/dto/get-client-info.dto.js.map +1 -0
package/dist/dto/get-device-token-response.dto.d.ts +4 -0
package/dist/dto/get-device-token-response.dto.d.ts.map +1 -0
package/dist/dto/get-device-token-response.dto.js +8 -0
package/dist/dto/get-device-token-response.dto.js.map +1 -0
package/dist/dto/get-events-by-type.dto.d.ts +17 -0
package/dist/dto/get-events-by-type.dto.d.ts.map +1 -0
package/dist/dto/get-events-by-type.dto.js +20 -0
package/dist/dto/get-events-by-type.dto.js.map +1 -0
package/dist/dto/get-ip-address-response.dto.d.ts +4 -0
package/dist/dto/get-ip-address-response.dto.d.ts.map +1 -0
package/dist/dto/get-ip-address-response.dto.js +8 -0
package/dist/dto/get-ip-address-response.dto.js.map +1 -0
package/dist/dto/get-mfa-status.dto.d.ts +16 -0
package/dist/dto/get-mfa-status.dto.d.ts.map +1 -0
package/dist/dto/get-mfa-status.dto.js +41 -0
package/dist/dto/get-mfa-status.dto.js.map +1 -0
package/dist/dto/get-risk-assessment-history.dto.d.ts +9 -0
package/dist/dto/get-risk-assessment-history.dto.d.ts.map +1 -0
package/dist/dto/get-risk-assessment-history.dto.js +13 -0
package/dist/dto/get-risk-assessment-history.dto.js.map +1 -0
package/dist/dto/get-session-id-response.dto.d.ts +4 -0
package/dist/dto/get-session-id-response.dto.d.ts.map +1 -0
package/dist/dto/get-session-id-response.dto.js +8 -0
package/dist/dto/get-session-id-response.dto.js.map +1 -0
package/dist/dto/get-setup-data-response.dto.d.ts +4 -0
package/dist/dto/get-setup-data-response.dto.d.ts.map +1 -0
package/dist/dto/get-setup-data-response.dto.js +8 -0
package/dist/dto/get-setup-data-response.dto.js.map +1 -0
package/dist/dto/get-setup-data.dto.d.ts +7 -0
package/dist/dto/get-setup-data.dto.d.ts.map +1 -0
package/dist/dto/get-setup-data.dto.js +43 -0
package/dist/dto/get-setup-data.dto.js.map +1 -0
package/dist/dto/get-suspicious-activity.dto.d.ts +9 -0
package/dist/dto/get-suspicious-activity.dto.d.ts.map +1 -0
package/dist/dto/get-suspicious-activity.dto.js +13 -0
package/dist/dto/get-suspicious-activity.dto.js.map +1 -0
package/dist/dto/get-user-agent-response.dto.d.ts +4 -0
package/dist/dto/get-user-agent-response.dto.d.ts.map +1 -0
package/dist/dto/get-user-agent-response.dto.js +8 -0
package/dist/dto/get-user-agent-response.dto.js.map +1 -0
package/dist/dto/get-user-auth-history.dto.d.ts +20 -0
package/dist/dto/get-user-auth-history.dto.d.ts.map +1 -0
package/dist/dto/get-user-auth-history.dto.js +22 -0
package/dist/dto/get-user-auth-history.dto.js.map +1 -0
package/dist/dto/get-user-by-email.dto.d.ts +5 -0
package/dist/dto/get-user-by-email.dto.d.ts.map +1 -0
package/dist/dto/get-user-by-email.dto.js +36 -0
package/dist/dto/get-user-by-email.dto.js.map +1 -0
package/dist/dto/get-user-by-id.dto.d.ts +4 -0
package/dist/dto/get-user-by-id.dto.d.ts.map +1 -0
package/dist/dto/get-user-by-id.dto.js +29 -0
package/dist/dto/get-user-by-id.dto.js.map +1 -0
package/dist/dto/get-user-devices.dto.d.ts +8 -0
package/dist/dto/get-user-devices.dto.d.ts.map +1 -0
package/dist/dto/get-user-devices.dto.js +33 -0
package/dist/dto/get-user-devices.dto.js.map +1 -0
package/dist/dto/get-user-response.dto.d.ts +2 -0
package/dist/dto/get-user-response.dto.d.ts.map +1 -0
package/dist/dto/get-user-response.dto.js +6 -0
package/dist/dto/get-user-response.dto.js.map +1 -0
package/dist/dto/has-provider.dto.d.ts +7 -0
package/dist/dto/has-provider.dto.d.ts.map +1 -0
package/dist/dto/has-provider.dto.js +38 -0
package/dist/dto/has-provider.dto.js.map +1 -0
package/dist/dto/index.d.ts +51 -0
package/dist/dto/index.d.ts.map +1 -0
package/dist/dto/index.js +67 -0
package/dist/dto/index.js.map +1 -0
package/dist/dto/is-trusted-device-response.dto.d.ts +4 -0
package/dist/dto/is-trusted-device-response.dto.d.ts.map +1 -0
package/dist/dto/is-trusted-device-response.dto.js +8 -0
package/dist/dto/is-trusted-device-response.dto.js.map +1 -0
package/dist/dto/list-providers-response.dto.d.ts +4 -0
package/dist/dto/list-providers-response.dto.d.ts.map +1 -0
package/dist/dto/list-providers-response.dto.js +8 -0
package/dist/dto/list-providers-response.dto.js.map +1 -0
package/dist/dto/login.dto.d.ts +7 -0
package/dist/dto/login.dto.d.ts.map +1 -0
package/dist/dto/login.dto.js +68 -0
package/dist/dto/login.dto.js.map +1 -0
package/dist/dto/logout-all-response.dto.d.ts +4 -0
package/dist/dto/logout-all-response.dto.d.ts.map +1 -0
package/dist/dto/logout-all-response.dto.js +8 -0
package/dist/dto/logout-all-response.dto.js.map +1 -0
package/dist/dto/logout-all.dto.d.ts +5 -0
package/dist/dto/logout-all.dto.d.ts.map +1 -0
package/dist/dto/logout-all.dto.js +42 -0
package/dist/dto/logout-all.dto.js.map +1 -0
package/dist/dto/logout-response.dto.d.ts +4 -0
package/dist/dto/logout-response.dto.d.ts.map +1 -0
package/dist/dto/logout-response.dto.js +8 -0
package/dist/dto/logout-response.dto.js.map +1 -0
package/dist/dto/logout.dto.d.ts +5 -0
package/dist/dto/logout.dto.d.ts.map +1 -0
package/dist/dto/logout.dto.js +36 -0
package/dist/dto/logout.dto.js.map +1 -0
package/dist/dto/refresh-token.dto.d.ts +4 -0
package/dist/dto/refresh-token.dto.d.ts.map +1 -0
package/dist/dto/refresh-token.dto.js +24 -0
package/dist/dto/refresh-token.dto.js.map +1 -0
package/dist/dto/remove-devices.dto.d.ts +9 -0
package/dist/dto/remove-devices.dto.d.ts.map +1 -0
package/dist/dto/remove-devices.dto.js +50 -0
package/dist/dto/remove-devices.dto.js.map +1 -0
package/dist/dto/resend-code-response.dto.d.ts +4 -0
package/dist/dto/resend-code-response.dto.d.ts.map +1 -0
package/dist/dto/resend-code-response.dto.js +8 -0
package/dist/dto/resend-code-response.dto.js.map +1 -0
package/dist/dto/resend-code.dto.d.ts +4 -0
package/dist/dto/resend-code.dto.d.ts.map +1 -0
package/dist/dto/resend-code.dto.js +29 -0
package/dist/dto/resend-code.dto.js.map +1 -0
package/dist/dto/reset-password.dto.d.ts +8 -0
package/dist/dto/reset-password.dto.d.ts.map +1 -0
package/dist/dto/reset-password.dto.js +61 -0
package/dist/dto/reset-password.dto.js.map +1 -0
package/dist/dto/respond-challenge.dto.d.ts +33 -0
package/dist/dto/respond-challenge.dto.d.ts.map +1 -0
package/dist/dto/respond-challenge.dto.js +131 -0
package/dist/dto/respond-challenge.dto.js.map +1 -0
package/dist/dto/set-mfa-exemption.dto.d.ts +12 -0
package/dist/dto/set-mfa-exemption.dto.d.ts.map +1 -0
package/dist/dto/set-mfa-exemption.dto.js +66 -0
package/dist/dto/set-mfa-exemption.dto.js.map +1 -0
package/dist/dto/set-must-change-password-response.dto.d.ts +4 -0
package/dist/dto/set-must-change-password-response.dto.d.ts.map +1 -0
package/dist/dto/set-must-change-password-response.dto.js +8 -0
package/dist/dto/set-must-change-password-response.dto.js.map +1 -0
package/dist/dto/set-must-change-password.dto.d.ts +4 -0
package/dist/dto/set-must-change-password.dto.d.ts.map +1 -0
package/dist/dto/set-must-change-password.dto.js +29 -0
package/dist/dto/set-must-change-password.dto.js.map +1 -0
package/dist/dto/set-preferred-method.dto.d.ts +8 -0
package/dist/dto/set-preferred-method.dto.d.ts.map +1 -0
package/dist/dto/set-preferred-method.dto.js +49 -0
package/dist/dto/set-preferred-method.dto.js.map +1 -0
package/dist/dto/setup-mfa.dto.d.ts +9 -0
package/dist/dto/setup-mfa.dto.d.ts.map +1 -0
package/dist/dto/setup-mfa.dto.js +55 -0
package/dist/dto/setup-mfa.dto.js.map +1 -0
package/dist/dto/signup.dto.d.ts +10 -0
package/dist/dto/signup.dto.d.ts.map +1 -0
package/dist/dto/signup.dto.js +109 -0
package/dist/dto/signup.dto.js.map +1 -0
package/dist/dto/social-auth.dto.d.ts +54 -0
package/dist/dto/social-auth.dto.d.ts.map +1 -0
package/dist/dto/social-auth.dto.js +232 -0
package/dist/dto/social-auth.dto.js.map +1 -0
package/dist/dto/trust-device-response.dto.d.ts +4 -0
package/dist/dto/trust-device-response.dto.d.ts.map +1 -0
package/dist/dto/trust-device-response.dto.js +8 -0
package/dist/dto/trust-device-response.dto.js.map +1 -0
package/dist/dto/trust-device.dto.d.ts +1 -0
package/dist/dto/trust-device.dto.d.ts.map +1 -0
package/dist/dto/trust-device.dto.js +2 -0
package/dist/dto/trust-device.dto.js.map +1 -0
package/dist/dto/update-user-attributes-request.dto.d.ts +5 -0
package/dist/dto/update-user-attributes-request.dto.d.ts.map +1 -0
package/dist/dto/update-user-attributes-request.dto.js +30 -0
package/dist/dto/update-user-attributes-request.dto.js.map +1 -0
package/dist/dto/user-response.dto.d.ts +20 -0
package/dist/dto/user-response.dto.d.ts.map +1 -0
package/dist/dto/user-response.dto.js +42 -0
package/dist/dto/user-response.dto.js.map +1 -0
package/dist/dto/user-update.dto.d.ts +12 -0
package/dist/dto/user-update.dto.d.ts.map +1 -0
package/dist/dto/user-update.dto.js +119 -0
package/dist/dto/user-update.dto.js.map +1 -0
package/dist/dto/verify-email.dto.d.ts +29 -0
package/dist/dto/verify-email.dto.d.ts.map +1 -0
package/dist/dto/verify-email.dto.js +161 -0
package/dist/dto/verify-email.dto.js.map +1 -0
package/dist/dto/verify-mfa-code.dto.d.ts +10 -0
package/dist/dto/verify-mfa-code.dto.d.ts.map +1 -0
package/dist/dto/verify-mfa-code.dto.js +56 -0
package/dist/dto/verify-mfa-code.dto.js.map +1 -0
package/dist/dto/verify-phone-by-sub.dto.d.ts +6 -0
package/dist/dto/verify-phone-by-sub.dto.d.ts.map +1 -0
package/dist/dto/verify-phone-by-sub.dto.js +49 -0
package/dist/dto/verify-phone-by-sub.dto.js.map +1 -0
package/dist/dto/verify-phone.dto.d.ts +24 -0
package/dist/dto/verify-phone.dto.d.ts.map +1 -0
package/dist/dto/verify-phone.dto.js +124 -0
package/dist/dto/verify-phone.dto.js.map +1 -0
package/dist/entities/auth-audit.entity.d.ts +31 -0
package/dist/entities/auth-audit.entity.d.ts.map +1 -0
package/dist/entities/auth-audit.entity.js +33 -0
package/dist/entities/auth-audit.entity.js.map +1 -0
package/dist/entities/challenge-session.entity.d.ts +17 -0
package/dist/entities/challenge-session.entity.d.ts.map +1 -0
package/dist/entities/challenge-session.entity.js +21 -0
package/dist/entities/challenge-session.entity.js.map +1 -0
package/dist/entities/index.d.ts +12 -0
package/dist/entities/index.d.ts.map +1 -0
package/dist/entities/index.js +26 -0
package/dist/entities/index.js.map +1 -0
package/dist/entities/login-attempt.entity.d.ts +13 -0
package/dist/entities/login-attempt.entity.d.ts.map +1 -0
package/dist/entities/login-attempt.entity.js +17 -0
package/dist/entities/login-attempt.entity.js.map +1 -0
package/dist/entities/mfa-device.entity.d.ts +22 -0
package/dist/entities/mfa-device.entity.d.ts.map +1 -0
package/dist/entities/mfa-device.entity.js +25 -0
package/dist/entities/mfa-device.entity.js.map +1 -0
package/dist/entities/rate-limit.entity.d.ts +9 -0
package/dist/entities/rate-limit.entity.d.ts.map +1 -0
package/dist/entities/rate-limit.entity.js +13 -0
package/dist/entities/rate-limit.entity.js.map +1 -0
package/dist/entities/session.entity.d.ts +32 -0
package/dist/entities/session.entity.d.ts.map +1 -0
package/dist/entities/session.entity.js +36 -0
package/dist/entities/session.entity.js.map +1 -0
package/dist/entities/social-account.entity.d.ts +13 -0
package/dist/entities/social-account.entity.d.ts.map +1 -0
package/dist/entities/social-account.entity.js +17 -0
package/dist/entities/social-account.entity.js.map +1 -0
package/dist/entities/storage-lock.entity.d.ts +8 -0
package/dist/entities/storage-lock.entity.d.ts.map +1 -0
package/dist/entities/storage-lock.entity.js +12 -0
package/dist/entities/storage-lock.entity.js.map +1 -0
package/dist/entities/trusted-device.entity.d.ts +17 -0
package/dist/entities/trusted-device.entity.d.ts.map +1 -0
package/dist/entities/trusted-device.entity.js +21 -0
package/dist/entities/trusted-device.entity.js.map +1 -0
package/dist/entities/user.entity.d.ts +41 -0
package/dist/entities/user.entity.d.ts.map +1 -0
package/dist/entities/user.entity.js +45 -0
package/dist/entities/user.entity.js.map +1 -0
package/dist/entities/verification-token.entity.d.ts +19 -0
package/dist/entities/verification-token.entity.d.ts.map +1 -0
package/dist/entities/verification-token.entity.js +29 -0
package/dist/entities/verification-token.entity.js.map +1 -0
package/dist/enums/auth-audit-event-type.enum.d.ts +55 -0
package/dist/enums/auth-audit-event-type.enum.d.ts.map +1 -0
package/dist/enums/auth-audit-event-type.enum.js +59 -0
package/dist/enums/auth-audit-event-type.enum.js.map +1 -0
package/dist/enums/error-codes.enum.d.ts +53 -0
package/dist/enums/error-codes.enum.d.ts.map +1 -0
package/dist/enums/error-codes.enum.js +57 -0
package/dist/enums/error-codes.enum.js.map +1 -0
package/dist/enums/mfa-method.enum.d.ts +11 -0
package/dist/enums/mfa-method.enum.d.ts.map +1 -0
package/dist/enums/mfa-method.enum.js +18 -0
package/dist/enums/mfa-method.enum.js.map +1 -0
package/dist/enums/risk-factor.enum.d.ts +14 -0
package/dist/enums/risk-factor.enum.d.ts.map +1 -0
package/dist/enums/risk-factor.enum.js +18 -0
package/dist/enums/risk-factor.enum.js.map +1 -0
package/dist/exceptions/nauth.exception.d.ts +18 -0
package/dist/exceptions/nauth.exception.d.ts.map +1 -0
package/dist/exceptions/nauth.exception.js +64 -0
package/dist/exceptions/nauth.exception.js.map +1 -0
package/dist/handlers/auth.handler.d.ts +18 -0
package/dist/handlers/auth.handler.d.ts.map +1 -0
package/dist/handlers/auth.handler.js +173 -0
package/dist/handlers/auth.handler.js.map +1 -0
package/dist/handlers/client-info.handler.d.ts +12 -0
package/dist/handlers/client-info.handler.d.ts.map +1 -0
package/dist/handlers/client-info.handler.js +61 -0
package/dist/handlers/client-info.handler.js.map +1 -0
package/dist/handlers/csrf.handler.d.ts +13 -0
package/dist/handlers/csrf.handler.d.ts.map +1 -0
package/dist/handlers/csrf.handler.js +84 -0
package/dist/handlers/csrf.handler.js.map +1 -0
package/dist/handlers/token-delivery.handler.d.ts +12 -0
package/dist/handlers/token-delivery.handler.d.ts.map +1 -0
package/dist/handlers/token-delivery.handler.js +86 -0
package/dist/handlers/token-delivery.handler.js.map +1 -0
package/dist/index.d.ts +27 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +51 -0
package/dist/index.js.map +1 -0
package/dist/interfaces/client-info.interface.d.ts +16 -0
package/dist/interfaces/client-info.interface.d.ts.map +1 -0
package/dist/interfaces/client-info.interface.js +3 -0
package/dist/interfaces/client-info.interface.js.map +1 -0
package/dist/interfaces/config.interface.d.ts +279 -0
package/dist/interfaces/config.interface.d.ts.map +1 -0
package/dist/interfaces/config.interface.js +3 -0
package/dist/interfaces/config.interface.js.map +1 -0
package/dist/interfaces/entities.interface.d.ts +169 -0
package/dist/interfaces/entities.interface.d.ts.map +1 -0
package/dist/interfaces/entities.interface.js +3 -0
package/dist/interfaces/entities.interface.js.map +1 -0
package/dist/interfaces/index.d.ts +11 -0
package/dist/interfaces/index.d.ts.map +1 -0
package/dist/interfaces/index.js +27 -0
package/dist/interfaces/index.js.map +1 -0
package/dist/interfaces/logger.interface.d.ts +43 -0
package/dist/interfaces/logger.interface.d.ts.map +1 -0
package/dist/interfaces/logger.interface.js +12 -0
package/dist/interfaces/logger.interface.js.map +1 -0
package/dist/interfaces/mfa-provider.interface.d.ts +12 -0
package/dist/interfaces/mfa-provider.interface.d.ts.map +1 -0
package/dist/interfaces/mfa-provider.interface.js +3 -0
package/dist/interfaces/mfa-provider.interface.js.map +1 -0
package/dist/interfaces/oauth.interface.d.ts +24 -0
package/dist/interfaces/oauth.interface.d.ts.map +1 -0
package/dist/interfaces/oauth.interface.js +3 -0
package/dist/interfaces/oauth.interface.js.map +1 -0
package/dist/interfaces/provider.interface.d.ts +12 -0
package/dist/interfaces/provider.interface.d.ts.map +1 -0
package/dist/interfaces/provider.interface.js +3 -0
package/dist/interfaces/provider.interface.js.map +1 -0
package/dist/interfaces/social-auth-provider.interface.d.ts +13 -0
package/dist/interfaces/social-auth-provider.interface.d.ts.map +1 -0
package/dist/interfaces/social-auth-provider.interface.js +3 -0
package/dist/interfaces/social-auth-provider.interface.js.map +1 -0
package/dist/interfaces/storage-adapter.interface.d.ts +39 -0
package/dist/interfaces/storage-adapter.interface.d.ts.map +1 -0
package/dist/interfaces/storage-adapter.interface.js +3 -0
package/dist/interfaces/storage-adapter.interface.js.map +1 -0
package/dist/interfaces/template.interface.d.ts +99 -0
package/dist/interfaces/template.interface.d.ts.map +1 -0
package/dist/interfaces/template.interface.js +15 -0
package/dist/interfaces/template.interface.js.map +1 -0
package/dist/interfaces/token-verifier.interface.d.ts +7 -0
package/dist/interfaces/token-verifier.interface.d.ts.map +1 -0
package/dist/interfaces/token-verifier.interface.js +3 -0
package/dist/interfaces/token-verifier.interface.js.map +1 -0
package/dist/internal.d.ts +20 -0
package/dist/internal.d.ts.map +1 -0
package/dist/internal.js +53 -0
package/dist/internal.js.map +1 -0
package/dist/platform/interfaces.d.ts +56 -0
package/dist/platform/interfaces.d.ts.map +1 -0
package/dist/platform/interfaces.js +3 -0
package/dist/platform/interfaces.js.map +1 -0
package/dist/schemas/auth-config.schema.d.ts +3411 -0
package/dist/schemas/auth-config.schema.d.ts.map +1 -0
package/dist/schemas/auth-config.schema.js +428 -0
package/dist/schemas/auth-config.schema.js.map +1 -0
package/dist/services/adaptive-mfa-decision.service.d.ts +39 -0
package/dist/services/adaptive-mfa-decision.service.d.ts.map +1 -0
package/dist/services/adaptive-mfa-decision.service.js +223 -0
package/dist/services/adaptive-mfa-decision.service.js.map +1 -0
package/dist/services/auth-audit.service.d.ts +44 -0
package/dist/services/auth-audit.service.d.ts.map +1 -0
package/dist/services/auth-audit.service.js +241 -0
package/dist/services/auth-audit.service.js.map +1 -0
package/dist/services/auth-challenge-helper.service.d.ts +48 -0
package/dist/services/auth-challenge-helper.service.d.ts.map +1 -0
package/dist/services/auth-challenge-helper.service.js +425 -0
package/dist/services/auth-challenge-helper.service.js.map +1 -0
package/dist/services/auth-flow-context-builder.service.d.ts +31 -0
package/dist/services/auth-flow-context-builder.service.d.ts.map +1 -0
package/dist/services/auth-flow-context-builder.service.js +253 -0
package/dist/services/auth-flow-context-builder.service.js.map +1 -0
package/dist/services/auth-flow-rules.d.ts +18 -0
package/dist/services/auth-flow-rules.d.ts.map +1 -0
package/dist/services/auth-flow-rules.js +55 -0
package/dist/services/auth-flow-rules.js.map +1 -0
package/dist/services/auth-flow-state-definitions.d.ts +5 -0
package/dist/services/auth-flow-state-definitions.d.ts.map +1 -0
package/dist/services/auth-flow-state-definitions.js +87 -0
package/dist/services/auth-flow-state-definitions.js.map +1 -0
package/dist/services/auth-flow-state-machine.service.d.ts +17 -0
package/dist/services/auth-flow-state-machine.service.d.ts.map +1 -0
package/dist/services/auth-flow-state-machine.service.js +91 -0
package/dist/services/auth-flow-state-machine.service.js.map +1 -0
package/dist/services/auth-flow-state-machine.types.d.ts +55 -0
package/dist/services/auth-flow-state-machine.types.d.ts.map +1 -0
package/dist/services/auth-flow-state-machine.types.js +16 -0
package/dist/services/auth-flow-state-machine.types.js.map +1 -0
package/dist/services/auth.service.d.ts +87 -0
package/dist/services/auth.service.d.ts.map +1 -0
package/dist/services/auth.service.js +2356 -0
package/dist/services/auth.service.js.map +1 -0
package/dist/services/challenge.service.d.ts +32 -0
package/dist/services/challenge.service.d.ts.map +1 -0
package/dist/services/challenge.service.js +293 -0
package/dist/services/challenge.service.js.map +1 -0
package/dist/services/client-info.service.d.ts +20 -0
package/dist/services/client-info.service.d.ts.map +1 -0
package/dist/services/client-info.service.js +202 -0
package/dist/services/client-info.service.js.map +1 -0
package/dist/services/csrf.service.d.ts +13 -0
package/dist/services/csrf.service.d.ts.map +1 -0
package/dist/services/csrf.service.js +67 -0
package/dist/services/csrf.service.js.map +1 -0
package/dist/services/email-verification.service.d.ts +30 -0
package/dist/services/email-verification.service.d.ts.map +1 -0
package/dist/services/email-verification.service.js +373 -0
package/dist/services/email-verification.service.js.map +1 -0
package/dist/services/geo-location.service.d.ts +85 -0
package/dist/services/geo-location.service.d.ts.map +1 -0
package/dist/services/geo-location.service.js +338 -0
package/dist/services/geo-location.service.js.map +1 -0
package/dist/services/index.d.ts +14 -0
package/dist/services/index.d.ts.map +1 -0
package/dist/services/index.js +30 -0
package/dist/services/index.js.map +1 -0
package/dist/services/jwt.service.d.ts +62 -0
package/dist/services/jwt.service.d.ts.map +1 -0
package/dist/services/jwt.service.js +261 -0
package/dist/services/jwt.service.js.map +1 -0
package/dist/services/mfa-base.service.d.ts +37 -0
package/dist/services/mfa-base.service.d.ts.map +1 -0
package/dist/services/mfa-base.service.js +297 -0
package/dist/services/mfa-base.service.js.map +1 -0
package/dist/services/mfa.service.d.ts +35 -0
package/dist/services/mfa.service.d.ts.map +1 -0
package/dist/services/mfa.service.js +449 -0
package/dist/services/mfa.service.js.map +1 -0
package/dist/services/password.service.d.ts +19 -0
package/dist/services/password.service.d.ts.map +1 -0
package/dist/services/password.service.js +150 -0
package/dist/services/password.service.js.map +1 -0
package/dist/services/phone-verification.service.d.ts +32 -0
package/dist/services/phone-verification.service.d.ts.map +1 -0
package/dist/services/phone-verification.service.js +474 -0
package/dist/services/phone-verification.service.js.map +1 -0
package/dist/services/risk-detection.service.d.ts +30 -0
package/dist/services/risk-detection.service.d.ts.map +1 -0
package/dist/services/risk-detection.service.js +518 -0
package/dist/services/risk-detection.service.js.map +1 -0
package/dist/services/risk-scoring.service.d.ts +12 -0
package/dist/services/risk-scoring.service.d.ts.map +1 -0
package/dist/services/risk-scoring.service.js +44 -0
package/dist/services/risk-scoring.service.js.map +1 -0
package/dist/services/session.service.d.ts +64 -0
package/dist/services/session.service.d.ts.map +1 -0
package/dist/services/session.service.js +455 -0
package/dist/services/session.service.js.map +1 -0
package/dist/services/social-auth-base.service.d.ts +57 -0
package/dist/services/social-auth-base.service.d.ts.map +1 -0
package/dist/services/social-auth-base.service.js +340 -0
package/dist/services/social-auth-base.service.js.map +1 -0
package/dist/services/social-auth.service.d.ts +31 -0
package/dist/services/social-auth.service.d.ts.map +1 -0
package/dist/services/social-auth.service.js +172 -0
package/dist/services/social-auth.service.js.map +1 -0
package/dist/services/social-provider-registry.service.d.ts +9 -0
package/dist/services/social-provider-registry.service.d.ts.map +1 -0
package/dist/services/social-provider-registry.service.js +30 -0
package/dist/services/social-provider-registry.service.js.map +1 -0
package/dist/services/trusted-device.service.d.ts +29 -0
package/dist/services/trusted-device.service.d.ts.map +1 -0
package/dist/services/trusted-device.service.js +190 -0
package/dist/services/trusted-device.service.js.map +1 -0
package/dist/storage/account-lockout-storage.service.d.ts +16 -0
package/dist/storage/account-lockout-storage.service.d.ts.map +1 -0
package/dist/storage/account-lockout-storage.service.js +50 -0
package/dist/storage/account-lockout-storage.service.js.map +1 -0
package/dist/storage/index.d.ts +4 -0
package/dist/storage/index.d.ts.map +1 -0
package/dist/storage/index.js +20 -0
package/dist/storage/index.js.map +1 -0
package/dist/storage/memory-storage.adapter.d.ts +33 -0
package/dist/storage/memory-storage.adapter.d.ts.map +1 -0
package/dist/storage/memory-storage.adapter.js +195 -0
package/dist/storage/memory-storage.adapter.js.map +1 -0
package/dist/storage/rate-limit-storage.service.d.ts +11 -0
package/dist/storage/rate-limit-storage.service.d.ts.map +1 -0
package/dist/storage/rate-limit-storage.service.js +33 -0
package/dist/storage/rate-limit-storage.service.js.map +1 -0
package/dist/templates/html-template.engine.d.ts +16 -0
package/dist/templates/html-template.engine.d.ts.map +1 -0
package/dist/templates/html-template.engine.js +502 -0
package/dist/templates/html-template.engine.js.map +1 -0
package/dist/templates/index.d.ts +2 -0
package/dist/templates/index.d.ts.map +1 -0
package/dist/templates/index.js +18 -0
package/dist/templates/index.js.map +1 -0
package/dist/utils/common-passwords.d.ts +4 -0
package/dist/utils/common-passwords.d.ts.map +1 -0
package/dist/utils/common-passwords.js +108 -0
package/dist/utils/common-passwords.js.map +1 -0
package/dist/utils/context-storage.d.ts +13 -0
package/dist/utils/context-storage.d.ts.map +1 -0
package/dist/utils/context-storage.js +54 -0
package/dist/utils/context-storage.js.map +1 -0
package/dist/utils/cookie-names.util.d.ts +7 -0
package/dist/utils/cookie-names.util.d.ts.map +1 -0
package/dist/utils/cookie-names.util.js +30 -0
package/dist/utils/cookie-names.util.js.map +1 -0
package/dist/utils/cookies.util.d.ts +12 -0
package/dist/utils/cookies.util.d.ts.map +1 -0
package/dist/utils/cookies.util.js +48 -0
package/dist/utils/cookies.util.js.map +1 -0
package/dist/utils/index.d.ts +8 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +24 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/ip-extractor.d.ts +12 -0
package/dist/utils/ip-extractor.d.ts.map +1 -0
package/dist/utils/ip-extractor.js +88 -0
package/dist/utils/ip-extractor.js.map +1 -0
package/dist/utils/nauth-logger.d.ts +20 -0
package/dist/utils/nauth-logger.d.ts.map +1 -0
package/dist/utils/nauth-logger.js +129 -0
package/dist/utils/nauth-logger.js.map +1 -0
package/dist/utils/pii-redactor.d.ts +16 -0
package/dist/utils/pii-redactor.d.ts.map +1 -0
package/dist/utils/pii-redactor.js +147 -0
package/dist/utils/pii-redactor.js.map +1 -0
package/dist/utils/setup/get-repositories.d.ts +16 -0
package/dist/utils/setup/get-repositories.d.ts.map +1 -0
package/dist/utils/setup/get-repositories.js +36 -0
package/dist/utils/setup/get-repositories.js.map +1 -0
package/dist/utils/setup/init-services.d.ts +41 -0
package/dist/utils/setup/init-services.d.ts.map +1 -0
package/dist/utils/setup/init-services.js +107 -0
package/dist/utils/setup/init-services.js.map +1 -0
package/dist/utils/setup/init-social.d.ts +13 -0
package/dist/utils/setup/init-social.d.ts.map +1 -0
package/dist/utils/setup/init-social.js +77 -0
package/dist/utils/setup/init-social.js.map +1 -0
package/dist/utils/setup/init-storage.d.ts +4 -0
package/dist/utils/setup/init-storage.d.ts.map +1 -0
package/dist/utils/setup/init-storage.js +79 -0
package/dist/utils/setup/init-storage.js.map +1 -0
package/dist/utils/setup/register-mfa.d.ts +5 -0
package/dist/utils/setup/register-mfa.d.ts.map +1 -0
package/dist/utils/setup/register-mfa.js +85 -0
package/dist/utils/setup/register-mfa.js.map +1 -0
package/dist/utils/setup/run-nauth-migrations.d.ts +5 -0
package/dist/utils/setup/run-nauth-migrations.d.ts.map +1 -0
package/dist/utils/setup/run-nauth-migrations.js +67 -0
package/dist/utils/setup/run-nauth-migrations.js.map +1 -0
package/dist/utils/token-delivery-policy.d.ts +6 -0
package/dist/utils/token-delivery-policy.d.ts.map +1 -0
package/dist/utils/token-delivery-policy.js +15 -0
package/dist/utils/token-delivery-policy.js.map +1 -0
package/dist/validators/template.validator.d.ts +7 -0
package/dist/validators/template.validator.d.ts.map +1 -0
package/dist/validators/template.validator.js +95 -0
package/dist/validators/template.validator.js.map +1 -0
package/jest.config.js +15 -0
package/jest.setup.ts +6 -0
package/package.json +73 -0
package/src/adapters/database-columns.ts +165 -0
package/src/adapters/express.adapter.ts +385 -0
package/src/adapters/fastify.adapter.ts +416 -0
package/src/adapters/index.ts +16 -0
package/src/adapters/storage.factory.ts +143 -0
package/src/bootstrap.ts +374 -0
package/src/dto/auth-challenge.dto.ts +231 -0
package/src/dto/auth-response.dto.ts +253 -0
package/src/dto/challenge-response.dto.ts +234 -0
package/src/dto/change-password-request.dto.ts +50 -0
package/src/dto/change-password-response.dto.ts +29 -0
package/src/dto/change-password.dto.ts +57 -0
package/src/dto/error-response.dto.ts +136 -0
package/src/dto/get-available-methods.dto.ts +55 -0
package/src/dto/get-challenge-data-response.dto.ts +28 -0
package/src/dto/get-challenge-data.dto.ts +69 -0
package/src/dto/get-client-info.dto.ts +104 -0
package/src/dto/get-device-token-response.dto.ts +25 -0
package/src/dto/get-events-by-type.dto.ts +76 -0
package/src/dto/get-ip-address-response.dto.ts +24 -0
package/src/dto/get-mfa-status.dto.ts +94 -0
package/src/dto/get-risk-assessment-history.dto.ts +39 -0
package/src/dto/get-session-id-response.dto.ts +25 -0
package/src/dto/get-setup-data-response.dto.ts +31 -0
package/src/dto/get-setup-data.dto.ts +75 -0
package/src/dto/get-suspicious-activity.dto.ts +42 -0
package/src/dto/get-user-agent-response.dto.ts +23 -0
package/src/dto/get-user-auth-history.dto.ts +95 -0
package/src/dto/get-user-by-email.dto.ts +61 -0
package/src/dto/get-user-by-id.dto.ts +46 -0
package/src/dto/get-user-devices.dto.ts +53 -0
package/src/dto/get-user-response.dto.ts +17 -0
package/src/dto/has-provider.dto.ts +56 -0
package/src/dto/index.ts +57 -0
package/src/dto/is-trusted-device-response.dto.ts +34 -0
package/src/dto/list-providers-response.dto.ts +23 -0
package/src/dto/login.dto.ts +95 -0
package/src/dto/logout-all-response.dto.ts +24 -0
package/src/dto/logout-all.dto.ts +65 -0
package/src/dto/logout-response.dto.ts +25 -0
package/src/dto/logout.dto.ts +64 -0
package/src/dto/refresh-token.dto.ts +36 -0
package/src/dto/remove-devices.dto.ts +85 -0
package/src/dto/resend-code-response.dto.ts +32 -0
package/src/dto/resend-code.dto.ts +51 -0
package/src/dto/reset-password.dto.ts +115 -0
package/src/dto/respond-challenge.dto.ts +272 -0
package/src/dto/set-mfa-exemption.dto.ts +112 -0
package/src/dto/set-must-change-password-response.dto.ts +27 -0
package/src/dto/set-must-change-password.dto.ts +46 -0
package/src/dto/set-preferred-method.dto.ts +80 -0
package/src/dto/setup-mfa.dto.ts +98 -0
package/src/dto/signup.dto.ts +174 -0
package/src/dto/social-auth.dto.ts +422 -0
package/src/dto/trust-device-response.dto.ts +30 -0
package/src/dto/trust-device.dto.ts +9 -0
package/src/dto/update-user-attributes-request.dto.ts +51 -0
package/src/dto/user-response.dto.ts +138 -0
package/src/dto/user-update.dto.ts +222 -0
package/src/dto/verify-email.dto.ts +313 -0
package/src/dto/verify-mfa-code.dto.ts +103 -0
package/src/dto/verify-phone-by-sub.dto.ts +78 -0
package/src/dto/verify-phone.dto.ts +245 -0
package/src/entities/auth-audit.entity.ts +232 -0
package/src/entities/challenge-session.entity.ts +116 -0
package/src/entities/index.ts +29 -0
package/src/entities/login-attempt.entity.ts +64 -0
package/src/entities/mfa-device.entity.ts +151 -0
package/src/entities/rate-limit.entity.ts +44 -0
package/src/entities/session.entity.ts +180 -0
package/src/entities/social-account.entity.ts +96 -0
package/src/entities/storage-lock.entity.ts +39 -0
package/src/entities/trusted-device.entity.ts +112 -0
package/src/entities/user.entity.ts +243 -0
package/src/entities/verification-token.entity.ts +141 -0
package/src/enums/auth-audit-event-type.enum.ts +360 -0
package/src/enums/error-codes.enum.ts +420 -0
package/src/enums/mfa-method.enum.ts +97 -0
package/src/enums/risk-factor.enum.ts +111 -0
package/src/exceptions/nauth.exception.ts +231 -0
package/src/handlers/auth.handler.ts +260 -0
package/src/handlers/client-info.handler.ts +101 -0
package/src/handlers/csrf.handler.ts +156 -0
package/src/handlers/token-delivery.handler.ts +118 -0
package/src/index.ts +118 -0
package/src/interfaces/client-info.interface.ts +85 -0
package/src/interfaces/config.interface.ts +2135 -0
package/src/interfaces/entities.interface.ts +226 -0
package/src/interfaces/index.ts +15 -0
package/src/interfaces/logger.interface.ts +283 -0
package/src/interfaces/mfa-provider.interface.ts +154 -0
package/src/interfaces/oauth.interface.ts +148 -0
package/src/interfaces/provider.interface.ts +47 -0
package/src/interfaces/social-auth-provider.interface.ts +131 -0
package/src/interfaces/storage-adapter.interface.ts +82 -0
package/src/interfaces/template.interface.ts +510 -0
package/src/interfaces/token-verifier.interface.ts +110 -0
package/src/internal.ts +178 -0
package/src/platform/interfaces.ts +299 -0
package/src/schemas/auth-config.schema.ts +646 -0
package/src/services/adaptive-mfa-decision.service.spec.ts +1058 -0
package/src/services/adaptive-mfa-decision.service.ts +457 -0
package/src/services/auth-audit.service.spec.ts +675 -0
package/src/services/auth-audit.service.ts +558 -0
package/src/services/auth-challenge-helper.service.spec.ts +3227 -0
package/src/services/auth-challenge-helper.service.ts +825 -0
package/src/services/auth-flow-context-builder.service.ts +520 -0
package/src/services/auth-flow-rules.ts +202 -0
package/src/services/auth-flow-state-definitions.ts +190 -0
package/src/services/auth-flow-state-machine.service.ts +207 -0
package/src/services/auth-flow-state-machine.types.ts +316 -0
package/src/services/auth.service.spec.ts +4195 -0
package/src/services/auth.service.ts +3727 -0
package/src/services/challenge.service.spec.ts +1363 -0
package/src/services/challenge.service.ts +696 -0
package/src/services/client-info.service.spec.ts +572 -0
package/src/services/client-info.service.ts +374 -0
package/src/services/csrf.service.ts +54 -0
package/src/services/email-verification.service.spec.ts +1229 -0
package/src/services/email-verification.service.ts +578 -0
package/src/services/geo-location.service.spec.ts +603 -0
package/src/services/geo-location.service.ts +599 -0
package/src/services/index.ts +13 -0
package/src/services/jwt.service.spec.ts +882 -0
package/src/services/jwt.service.ts +621 -0
package/src/services/mfa-base.service.spec.ts +246 -0
package/src/services/mfa-base.service.ts +611 -0
package/src/services/mfa.service.spec.ts +693 -0
package/src/services/mfa.service.ts +960 -0
package/src/services/password.service.spec.ts +166 -0
package/src/services/password.service.ts +309 -0
package/src/services/phone-verification.service.spec.ts +1120 -0
package/src/services/phone-verification.service.ts +751 -0
package/src/services/risk-detection.service.spec.ts +1292 -0
package/src/services/risk-detection.service.ts +1012 -0
package/src/services/risk-scoring.service.spec.ts +204 -0
package/src/services/risk-scoring.service.ts +131 -0
package/src/services/session.service.spec.ts +1293 -0
package/src/services/session.service.ts +803 -0
package/src/services/social-account.service.spec.ts +725 -0
package/src/services/social-auth-base.service.spec.ts +418 -0
package/src/services/social-auth-base.service.ts +581 -0
package/src/services/social-auth.service.spec.ts +238 -0
package/src/services/social-auth.service.ts +436 -0
package/src/services/social-provider-registry.service.spec.ts +238 -0
package/src/services/social-provider-registry.service.ts +122 -0
package/src/services/trusted-device.service.spec.ts +505 -0
package/src/services/trusted-device.service.ts +339 -0
package/src/storage/account-lockout-storage.service.spec.ts +310 -0
package/src/storage/account-lockout-storage.service.ts +89 -0
package/src/storage/index.ts +3 -0
package/src/storage/memory-storage.adapter.ts +443 -0
package/src/storage/rate-limit-storage.service.spec.ts +247 -0
package/src/storage/rate-limit-storage.service.ts +38 -0
package/src/templates/html-template.engine.spec.ts +161 -0
package/src/templates/html-template.engine.ts +688 -0
package/src/templates/index.ts +7 -0
package/src/utils/common-passwords.spec.ts +230 -0
package/src/utils/common-passwords.ts +170 -0
package/src/utils/context-storage.ts +188 -0
package/src/utils/cookie-names.util.ts +67 -0
package/src/utils/cookies.util.ts +94 -0
package/src/utils/index.ts +12 -0
package/src/utils/ip-extractor.spec.ts +330 -0
package/src/utils/ip-extractor.ts +220 -0
package/src/utils/nauth-logger.spec.ts +388 -0
package/src/utils/nauth-logger.ts +215 -0
package/src/utils/pii-redactor.spec.ts +130 -0
package/src/utils/pii-redactor.ts +288 -0
package/src/utils/setup/get-repositories.ts +140 -0
package/src/utils/setup/init-services.ts +422 -0
package/src/utils/setup/init-social.ts +189 -0
package/src/utils/setup/init-storage.ts +94 -0
package/src/utils/setup/register-mfa.ts +165 -0
package/src/utils/setup/run-nauth-migrations.ts +61 -0
package/src/utils/token-delivery-policy.ts +38 -0
package/src/validators/template.validator.ts +219 -0
package/tsconfig.json +37 -0
package/tsconfig.lint.json +6 -0

package/dist/services/mfa.service.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { Repository } from 'typeorm';
+import { BaseMFADevice, BaseUser } from '../entities';
+import { IMFAProviderService } from '../interfaces/mfa-provider.interface';
+import { ChallengeService } from './challenge.service';
+import { NAuthConfig } from '../interfaces/config.interface';
+import { NAuthLogger } from '../utils/nauth-logger';
+import { InternalAuthAuditService as AuthAuditService } from './auth-audit.service';
+import { ClientInfoService } from './client-info.service';
+import { GetAvailableMethodsDTO, GetAvailableMethodsResponseDTO, GetChallengeDataDTO, GetChallengeDataResponseDTO, GetMFAStatusDTO, GetMFAStatusResponseDTO, GetSetupDataDTO, GetSetupDataResponseDTO, GetUserDevicesDTO, GetUserDevicesResponseDTO, HasProviderDTO, HasProviderResponseDTO, ListProvidersResponseDTO, RemoveDevicesDTO, RemoveDevicesResponseDTO, SetMFAExemptionDTO, SetMFAExemptionResponseDTO, SetPreferredMethodDTO, SetPreferredMethodResponseDTO, SetupMFADTO, SetupMFAResponseDTO, VerifyMFACodeDTO, VerifyMFACodeResponseDTO } from '../dto';
+export declare class MFAService {
+    private readonly mfaDeviceRepository;
+    private readonly userRepository;
+    private readonly challengeService?;
+    private readonly config?;
+    private readonly logger?;
+    private readonly auditService?;
+    private readonly clientInfoService?;
+    private readonly providers;
+    constructor(mfaDeviceRepository: Repository<BaseMFADevice>, userRepository: Repository<BaseUser>, challengeService?: ChallengeService | undefined, config?: NAuthConfig | undefined, logger?: NAuthLogger | undefined, auditService?: AuthAuditService | undefined, clientInfoService?: ClientInfoService | undefined);
+    registerProvider(provider: IMFAProviderService): void;
+    getProvider(methodName: string): IMFAProviderService;
+    hasProvider(dto: HasProviderDTO): HasProviderResponseDTO;
+    listProviders(): ListProvidersResponseDTO;
+    getAvailableMethods(dto: GetAvailableMethodsDTO): Promise<GetAvailableMethodsResponseDTO>;
+    verifyCode(dto: VerifyMFACodeDTO): Promise<VerifyMFACodeResponseDTO>;
+    setup(dto: SetupMFADTO): Promise<SetupMFAResponseDTO>;
+    getUserDevices(dto: GetUserDevicesDTO): Promise<GetUserDevicesResponseDTO>;
+    getMFAStatus(dto: GetMFAStatusDTO): Promise<GetMFAStatusResponseDTO>;
+    removeDevices(dto: RemoveDevicesDTO): Promise<RemoveDevicesResponseDTO>;
+    setPreferredMethod(dto: SetPreferredMethodDTO): Promise<SetPreferredMethodResponseDTO>;
+    setMFAExemption(dto: SetMFAExemptionDTO): Promise<SetMFAExemptionResponseDTO>;
+    getSetupData(dto: GetSetupDataDTO): Promise<GetSetupDataResponseDTO>;
+    getChallengeData(dto: GetChallengeDataDTO): Promise<GetChallengeDataResponseDTO>;
+}
+//# sourceMappingURL=mfa.service.d.ts.map

package/dist/services/mfa.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mfa.service.d.ts","sourceRoot":"","sources":["../../src/services/mfa.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sCAAsC,CAAC;AAI3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAEvD,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,wBAAwB,IAAI,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAEpF,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,mBAAmB,EACnB,2BAA2B,EAC3B,eAAe,EACf,uBAAuB,EACvB,eAAe,EACf,uBAAuB,EACvB,iBAAiB,EACjB,yBAAyB,EACzB,cAAc,EACd,sBAAsB,EACtB,wBAAwB,EACxB,gBAAgB,EAChB,wBAAwB,EACxB,kBAAkB,EAClB,0BAA0B,EAC1B,qBAAqB,EACrB,6BAA6B,EAC7B,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACzB,MAAM,QAAQ,CAAC;AA+BhB,qBAAa,UAAU;IAInB,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IACxB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IACxB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;IATrC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAA0C;gBAGjD,mBAAmB,EAAE,UAAU,CAAC,aAAa,CAAC,EAC9C,cAAc,EAAE,UAAU,CAAC,QAAQ,CAAC,EACpC,gBAAgB,CAAC,EAAE,gBAAgB,YAAA,EACnC,MAAM,CAAC,EAAE,WAAW,YAAA,EACpB,MAAM,CAAC,EAAE,WAAW,YAAA,EACpB,YAAY,CAAC,EAAE,gBAAgB,YAAA,EAC/B,iBAAiB,CAAC,EAAE,iBAAiB,YAAA;IAkBxD,gBAAgB,CAAC,QAAQ,EAAE,mBAAmB,GAAG,IAAI;IAqBrD,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,mBAAmB;IAyBpD,WAAW,CAAC,GAAG,EAAE,cAAc,GAAG,sBAAsB;IAgBxD,aAAa,IAAI,wBAAwB;IAyBnC,mBAAmB,CAAC,GAAG,EAAE,sBAAsB,GAAG,OAAO,CAAC,8BAA8B,CAAC;IAkDzF,UAAU,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA4CpE,KAAK,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,mBAAmB,CAAC;IA2BrD,cAAc,CAAC,GAAG,EAAE,iBAAiB,GAAG,OAAO,CAAC,yBAAyB,CAAC;IA0C1E,YAAY,CAAC,GAAG,EAAE,eAAe,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAuFpE,aAAa,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA+LvE,kBAAkB,CAAC,GAAG,EAAE,qBAAqB,GAAG,OAAO,CAAC,6BAA6B,CAAC;IAmHtF,eAAe,CAAC,GAAG,EAAE,kBAAkB,GAAG,OAAO,CAAC,0BAA0B,CAAC;IA2G7E,YAAY,CAAC,GAAG,EAAE,eAAe,GAAG,OAAO,CAAC,uBAAuB,CAAC;IA2DpE,gBAAgB,CAAC,GAAG,EAAE,mBAAmB,GAAG,OAAO,CAAC,2BAA2B,CAAC;CAqDvF"}

package/dist/services/mfa.service.js ADDED Viewed

@@ -0,0 +1,449 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MFAService = void 0;
+const nauth_exception_1 = require("../exceptions/nauth.exception");
+const error_codes_enum_1 = require("../enums/error-codes.enum");
+const mfa_method_enum_1 = require("../enums/mfa-method.enum");
+const auth_challenge_dto_1 = require("../dto/auth-challenge.dto");
+const auth_audit_event_type_enum_1 = require("../enums/auth-audit-event-type.enum");
+class MFAService {
+    mfaDeviceRepository;
+    userRepository;
+    challengeService;
+    config;
+    logger;
+    auditService;
+    clientInfoService;
+    providers = new Map();
+    constructor(mfaDeviceRepository, userRepository, challengeService, config, logger, auditService, clientInfoService) {
+        this.mfaDeviceRepository = mfaDeviceRepository;
+        this.userRepository = userRepository;
+        this.challengeService = challengeService;
+        this.config = config;
+        this.logger = logger;
+        this.auditService = auditService;
+        this.clientInfoService = clientInfoService;
+    }
+    registerProvider(provider) {
+        const name = provider.methodName;
+        if (this.providers.has(name)) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `MFA provider '${name}' is already registered`);
+        }
+        this.providers.set(name, provider);
+    }
+    getProvider(methodName) {
+        const provider = this.providers.get(methodName);
+        if (!provider) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `MFA provider '${methodName}' is not registered. Import the provider module (e.g., TOTPMFAModule) and ensure it's properly configured.`);
+        }
+        return provider;
+    }
+    hasProvider(dto) {
+        return {
+            hasProvider: this.providers.has(dto.methodName),
+        };
+    }
+    listProviders() {
+        return {
+            providers: Array.from(this.providers.keys()),
+        };
+    }
+    async getAvailableMethods(dto) {
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.sub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const available = [];
+        for (const [methodName, provider] of this.providers.entries()) {
+            if (!provider.isMethodAllowed()) {
+                continue;
+            }
+            available.push(methodName);
+        }
+        return {
+            availableMethods: available,
+        };
+    }
+    async verifyCode(dto) {
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.sub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const user = userEntity;
+        if (dto.methodName === mfa_method_enum_1.MFAMethod.BACKUP) {
+            const firstProvider = Array.from(this.providers.values())[0];
+            if (firstProvider && 'verifyBackupCode' in firstProvider) {
+                const providerWithBackup = firstProvider;
+                const isValid = await providerWithBackup.verifyBackupCode(user, dto.code);
+                return { valid: isValid };
+            }
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Backup code verification not available');
+        }
+        const provider = this.getProvider(dto.methodName);
+        const isValid = await provider.verify(user, dto.code, dto.deviceId);
+        return { valid: isValid };
+    }
+    async setup(dto) {
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.sub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const user = userEntity;
+        const provider = this.getProvider(dto.methodName);
+        const setupData = await provider.setup(user, dto.setupData);
+        return {
+            setupData: setupData,
+        };
+    }
+    async getUserDevices(dto) {
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.sub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const devices = await this.mfaDeviceRepository.find({
+            where: { userId: userEntity.id, isActive: true },
+            order: { createdAt: 'DESC' },
+        });
+        return {
+            devices: devices,
+        };
+    }
+    async getMFAStatus(dto) {
+        const userEntity = await this.userRepository.findOne({
+            select: [
+                'id',
+                'mfaEnabled',
+                'backupCodes',
+                'preferredMfaMethod',
+                'mfaExempt',
+                'mfaExemptReason',
+                'mfaExemptGrantedAt',
+            ],
+            where: { sub: dto.sub },
+        });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const enabled = userEntity.mfaEnabled || false;
+        const availableMethodsResult = await this.getAvailableMethods({ sub: dto.sub });
+        const finalAvailableMethods = [...availableMethodsResult.availableMethods];
+        if (this.config?.mfa?.backup?.enabled) {
+            if (!finalAvailableMethods.includes(mfa_method_enum_1.MFAMethod.BACKUP)) {
+                finalAvailableMethods.push(mfa_method_enum_1.MFAMethod.BACKUP);
+            }
+        }
+        const devicesResult = await this.getUserDevices({ sub: dto.sub });
+        const configuredMethods = [
+            ...new Set(devicesResult.devices.filter((d) => d.isActive).map((d) => d.type)),
+        ];
+        const required = enabled && configuredMethods.length > 0;
+        const hasBackupCodes = !!userEntity.backupCodes && userEntity.backupCodes.length > 0;
+        return {
+            enabled,
+            required,
+            configuredMethods,
+            availableMethods: finalAvailableMethods,
+            hasBackupCodes,
+            preferredMethod: userEntity.preferredMfaMethod,
+            mfaExempt: userEntity.mfaExempt || false,
+            mfaExemptReason: userEntity.mfaExemptReason || null,
+            mfaExemptGrantedAt: userEntity.mfaExemptGrantedAt || null,
+        };
+    }
+    async removeDevices(dto) {
+        const validMethods = [mfa_method_enum_1.MFAMethod.TOTP, mfa_method_enum_1.MFAMethod.SMS, mfa_method_enum_1.MFAMethod.EMAIL, mfa_method_enum_1.MFAMethod.PASSKEY];
+        const normalizedMethod = dto.methodType.toLowerCase();
+        if (!validMethods.includes(normalizedMethod)) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `Invalid MFA method: ${dto.methodType}. Valid methods are: ${validMethods.join(', ')}`);
+        }
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.userSub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User entity not found');
+        }
+        const userId = userEntity.id;
+        if (!userId) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'User entity missing internal ID');
+        }
+        const user = userEntity;
+        const preferredMethod = userEntity.preferredMfaMethod;
+        const isPreferredMethod = preferredMethod === normalizedMethod;
+        const devicesResult = await this.getUserDevices({ sub: dto.userSub });
+        const activeDevices = devicesResult.devices.filter((d) => d.isActive);
+        const devicesToRemove = activeDevices.filter((d) => d.type.toLowerCase() === normalizedMethod);
+        if (devicesToRemove.length === 0) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `No active ${normalizedMethod} MFA devices found for this user`);
+        }
+        let deletedCount = 0;
+        for (const device of devicesToRemove) {
+            const result = await this.mfaDeviceRepository.delete(device.id);
+            deletedCount += result.affected || 0;
+        }
+        const remainingDevicesResult = await this.getUserDevices({ sub: dto.userSub });
+        const remainingActiveDevices = remainingDevicesResult.devices.filter((d) => d.isActive);
+        let mfaDisabled = false;
+        if (remainingActiveDevices.length === 0) {
+            userEntity.mfaEnabled = false;
+            userEntity.mfaMethods = [];
+            userEntity.preferredMfaMethod = null;
+            await this.userRepository.save(userEntity);
+            mfaDisabled = true;
+            if (this.auditService && this.clientInfoService) {
+                try {
+                    await this.auditService?.recordEvent({
+                        userId: user.id,
+                        eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_DISABLED,
+                        eventStatus: 'INFO',
+                        reason: 'all_devices_removed',
+                        description: 'MFA disabled - all devices removed',
+                        metadata: {
+                            removedMethod: normalizedMethod,
+                            deletedCount,
+                        },
+                    });
+                }
+                catch (auditError) {
+                    const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
+                    this.logger?.error?.(`Failed to record MFA_DISABLED audit event: ${errorMessage}`, {
+                        error: auditError,
+                        userId: user.id,
+                    });
+                }
+            }
+            if (this.challengeService && this.config?.mfa?.enabled) {
+                const enforcement = this.config.mfa.enforcement || 'OPTIONAL';
+                if (enforcement === 'REQUIRED' || enforcement === 'ADAPTIVE') {
+                    const user = userEntity;
+                    try {
+                        await this.challengeService.createChallengeSession(user, auth_challenge_dto_1.AuthChallenge.MFA_SETUP_REQUIRED, {
+                            allowedMethods: this.config.mfa.allowedMethods || [],
+                            requiresSetup: true,
+                        });
+                        this.logger?.log?.(`Created MFA_SETUP_REQUIRED challenge for user ${user.sub} after MFA removal`);
+                    }
+                    catch (error) {
+                        this.logger?.warn?.(`Failed to create MFA_SETUP_REQUIRED challenge after MFA removal: ${error}`);
+                    }
+                }
+            }
+        }
+        else {
+            const remainingMethods = [...new Set(remainingActiveDevices.map((d) => d.type))];
+            userEntity.mfaMethods = remainingMethods;
+            if (isPreferredMethod) {
+                const newPreferredMethod = remainingActiveDevices[0].type;
+                userEntity.preferredMfaMethod = newPreferredMethod;
+                await this.userRepository.save(userEntity);
+                if (remainingActiveDevices[0].id) {
+                    await this.mfaDeviceRepository.update({ id: remainingActiveDevices[0].id }, { isPrimary: true });
+                }
+                for (let i = 1; i < remainingActiveDevices.length; i++) {
+                    if (remainingActiveDevices[i].id) {
+                        await this.mfaDeviceRepository.update({ id: remainingActiveDevices[i].id }, { isPrimary: false });
+                    }
+                }
+                this.logger?.log?.(`Updated preferred MFA method to ${newPreferredMethod} after removing ${normalizedMethod}`);
+            }
+            else {
+                await this.userRepository.save(userEntity);
+            }
+        }
+        if (deletedCount > 0 && this.auditService && this.clientInfoService) {
+            try {
+                const user = userEntity;
+                await this.auditService?.recordEvent({
+                    userId: user.id,
+                    eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_DEVICE_REMOVED,
+                    eventStatus: 'INFO',
+                    metadata: {
+                        method: normalizedMethod,
+                        deletedCount,
+                        remainingDevices: remainingActiveDevices.length,
+                        mfaDisabled,
+                    },
+                });
+            }
+            catch (auditError) {
+                const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
+                this.logger?.error?.(`Failed to record MFA_DEVICE_REMOVED audit event: ${errorMessage}`, {
+                    error: auditError,
+                    userId: user.id,
+                    method: normalizedMethod,
+                });
+            }
+        }
+        return { deletedCount, mfaDisabled };
+    }
+    async setPreferredMethod(dto) {
+        const validMethods = [mfa_method_enum_1.MFAMethod.TOTP, mfa_method_enum_1.MFAMethod.SMS, mfa_method_enum_1.MFAMethod.EMAIL, mfa_method_enum_1.MFAMethod.PASSKEY];
+        const normalizedMethod = dto.methodType.toLowerCase();
+        if (!validMethods.includes(normalizedMethod)) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `Invalid MFA method: ${dto.methodType}. Valid methods are: ${validMethods.join(', ')}`);
+        }
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.userSub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const userId = userEntity.id;
+        if (!userId) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'User entity missing internal ID');
+        }
+        const user = userEntity;
+        const devicesResult = await this.getUserDevices({ sub: dto.userSub });
+        const preferredDevice = devicesResult.devices.find((d) => d.type.toLowerCase() === normalizedMethod && d.isActive);
+        if (!preferredDevice) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `MFA method '${normalizedMethod}' is not configured for this user`);
+        }
+        await this.userRepository.update({ id: userId }, {
+            preferredMfaMethod: normalizedMethod,
+        });
+        const activeDevices = devicesResult.devices.filter((d) => d.isActive);
+        for (const device of activeDevices) {
+            await this.mfaDeviceRepository.update({ id: device.id }, { isPrimary: device.id === preferredDevice.id });
+        }
+        this.logger?.log?.(`Device ${preferredDevice.id} set as primary for user ${dto.userSub}`);
+        if (this.auditService && this.clientInfoService) {
+            try {
+                const previousMethod = userEntity.preferredMfaMethod;
+                await this.auditService?.recordEvent({
+                    userId: user.id,
+                    eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_PREFERRED_METHOD_UPDATED,
+                    eventStatus: 'INFO',
+                    metadata: {
+                        previousMethod: previousMethod || null,
+                        newMethod: normalizedMethod,
+                        deviceId: preferredDevice.id,
+                    },
+                });
+            }
+            catch (auditError) {
+                const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
+                this.logger?.error?.(`Failed to record MFA_PREFERRED_METHOD_UPDATED audit event: ${errorMessage}`, {
+                    error: auditError,
+                    userId: user.id,
+                    method: normalizedMethod,
+                });
+            }
+        }
+        return {
+            message: 'Preferred method updated',
+        };
+    }
+    async setMFAExemption(dto) {
+        const userEntity = await this.userRepository.findOne({ where: { sub: dto.userSub } });
+        if (!userEntity) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found');
+        }
+        const user = userEntity;
+        const updateFields = {
+            mfaExempt: dto.exempt,
+            mfaExemptReason: dto.reason || null,
+            mfaExemptGrantedAt: dto.exempt ? new Date() : null,
+            mfaExemptGrantedBy: dto.exempt ? dto.grantedBy || null : null,
+        };
+        if (!dto.exempt && userEntity.mfaExempt === true && !userEntity.mfaEnabled) {
+            this.logger?.warn?.(`MFA exemption revoked for user ${dto.userSub} - MFA setup will be required on next login`);
+        }
+        await this.userRepository.update(userEntity.id, updateFields);
+        this.logger?.log?.(`MFA exemption ${dto.exempt ? 'granted' : 'revoked'} for user ${dto.userSub}`, {
+            userSub: dto.userSub,
+            exempt: dto.exempt,
+            reason: dto.reason || 'No reason provided',
+            grantedBy: dto.grantedBy || 'System',
+            timestamp: new Date().toISOString(),
+        });
+        if (this.auditService && this.clientInfoService) {
+            try {
+                await this.auditService.recordEvent({
+                    userId: user.id,
+                    eventType: dto.exempt ? auth_audit_event_type_enum_1.AuthAuditEventType.MFA_EXEMPTION_GRANTED : auth_audit_event_type_enum_1.AuthAuditEventType.MFA_EXEMPTION_REVOKED,
+                    eventStatus: 'INFO',
+                    performedBy: dto.grantedBy || null,
+                    reason: dto.reason || null,
+                    metadata: {
+                        previousExemptStatus: userEntity.mfaExempt,
+                        newExemptStatus: dto.exempt,
+                    },
+                });
+            }
+            catch (auditError) {
+                const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
+                this.logger?.error?.(`Failed to record MFA exemption audit event: ${errorMessage}`, {
+                    error: auditError,
+                    userId: user.id,
+                });
+            }
+        }
+        const exemptionData = await this.userRepository.findOne({
+            where: { id: userEntity.id },
+            select: ['mfaExempt', 'mfaExemptReason', 'mfaExemptGrantedAt'],
+        });
+        if (!exemptionData) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.NOT_FOUND, 'User not found after update');
+        }
+        return {
+            mfaExempt: exemptionData.mfaExempt || false,
+            mfaExemptReason: exemptionData.mfaExemptReason || null,
+            mfaExemptGrantedAt: exemptionData.mfaExemptGrantedAt || null,
+        };
+    }
+    async getSetupData(dto) {
+        if (!this.challengeService) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'Challenge service is not available');
+        }
+        this.logger?.debug?.(`Getting MFA setup data: session=${dto.session}, method=${dto.method}`);
+        const challengeSession = await this.challengeService.validateSession(dto.session);
+        if (challengeSession.challengeName !== auth_challenge_dto_1.AuthChallenge.MFA_SETUP_REQUIRED) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `Cannot get setup data: expected MFA_SETUP_REQUIRED challenge, got ${challengeSession.challengeName}`);
+        }
+        const user = challengeSession.user;
+        if (!user) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Challenge session has no associated user');
+        }
+        const setupDataWithSession = {
+            ...(dto.setupData || {}),
+            challengeSessionId: challengeSession.id,
+        };
+        this.logger?.debug?.(`Passing challengeSessionId=${challengeSession.id} to ${dto.method} provider for MFA setup`);
+        const provider = this.getProvider(dto.method);
+        const result = await provider.setup(user, setupDataWithSession);
+        this.logger?.debug?.(`MFA setup data generated: method=${dto.method}, user=${user.sub}`);
+        return {
+            setupData: result,
+        };
+    }
+    async getChallengeData(dto) {
+        if (!this.challengeService) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'Challenge service is not available');
+        }
+        this.logger?.debug?.(`Getting MFA challenge data: session=${dto.session}, method=${dto.method}`);
+        const challengeSession = await this.challengeService.validateSession(dto.session);
+        if (challengeSession.challengeName !== auth_challenge_dto_1.AuthChallenge.MFA_REQUIRED) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `Cannot get challenge data: expected MFA_REQUIRED challenge, got ${challengeSession.challengeName}`);
+        }
+        const user = challengeSession.user;
+        if (!user) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Challenge session has no associated user');
+        }
+        const provider = this.getProvider(dto.method);
+        if (!provider.sendChallenge) {
+            throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, `MFA method '${dto.method}' does not support challenge data generation`);
+        }
+        const challengeData = await provider.sendChallenge(user);
+        if (dto.method === 'passkey') {
+            const passkeyOptions = challengeData;
+            const passkeyChallenge = passkeyOptions.options?.challenge;
+            if (passkeyChallenge) {
+                await this.challengeService.updateMetadata(dto.session, {
+                    passkeyChallenge,
+                });
+                this.logger?.debug?.(`Passkey challenge stored in session metadata: user=${user.sub}`);
+            }
+        }
+        this.logger?.debug?.(`MFA challenge data generated: method=${dto.method}, user=${user.sub}`);
+        return {
+            challengeData: challengeData,
+        };
+    }
+}
+exports.MFAService = MFAService;
+//# sourceMappingURL=mfa.service.js.map

package/dist/services/mfa.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mfa.service.js","sourceRoot":"","sources":["../../src/services/mfa.service.ts"],"names":[],"mappings":";;;AAIA,mEAA+D;AAC/D,gEAA0D;AAC1D,8DAAsE;AAEtE,kEAA0D;AAI1D,oFAAyE;AAyDzE,MAAa,UAAU;IAIF;IACA;IACA;IACA;IACA;IACA;IACA;IATF,SAAS,GAAG,IAAI,GAAG,EAA+B,CAAC;IAEpE,YACmB,mBAA8C,EAC9C,cAAoC,EACpC,gBAAmC,EACnC,MAAoB,EACpB,MAAoB,EACpB,YAA+B,EAC/B,iBAAqC;QANrC,wBAAmB,GAAnB,mBAAmB,CAA2B;QAC9C,mBAAc,GAAd,cAAc,CAAsB;QACpC,qBAAgB,GAAhB,gBAAgB,CAAmB;QACnC,WAAM,GAAN,MAAM,CAAc;QACpB,WAAM,GAAN,MAAM,CAAc;QACpB,iBAAY,GAAZ,YAAY,CAAmB;QAC/B,sBAAiB,GAAjB,iBAAiB,CAAoB;IACrD,CAAC;IAiBJ,gBAAgB,CAAC,QAA6B;QAC5C,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC;QACjC,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,iBAAiB,IAAI,yBAAyB,CAAC,CAAC;QAC5G,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACrC,CAAC;IAeD,WAAW,CAAC,UAAkB;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,iBAAiB,UAAU,4GAA4G,CACxI,CAAC;QACJ,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAgBD,WAAW,CAAC,GAAmB;QAC7B,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC;SAChD,CAAC;IACJ,CAAC;IAYD,aAAa;QACX,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;SAC7C,CAAC;IACJ,CAAC;IAqBD,KAAK,CAAC,mBAAmB,CAAC,GAA2B;QAEnD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,SAAS,GAAa,EAAE,CAAC;QAE/B,KAAK,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;YAE9D,IAAI,CAAC,QAAQ,CAAC,eAAe,EAAE,EAAE,CAAC;gBAChC,SAAS;YACX,CAAC;YAGD,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7B,CAAC;QAED,OAAO;YACL,gBAAgB,EAAE,SAAS;SAC5B,CAAC;IACJ,CAAC;IA4BD,KAAK,CAAC,UAAU,CAAC,GAAqB;QAEpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QACD,MAAM,IAAI,GAAG,UAA8B,CAAC;QAG5C,IAAI,GAAG,CAAC,UAAU,KAAK,2BAAS,CAAC,MAAM,EAAE,CAAC;YAGxC,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7D,IAAI,aAAa,IAAI,kBAAkB,IAAI,aAAa,EAAE,CAAC;gBACzD,MAAM,kBAAkB,GAAG,aAE1B,CAAC;gBACF,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,CAAC,IAAc,CAAC,CAAC;gBACpF,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;YAC5B,CAAC;YACD,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,wCAAwC,CAAC,CAAC;QACtG,CAAC;QAGD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;QACpE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC5B,CAAC;IAiBD,KAAK,CAAC,KAAK,CAAC,GAAgB;QAE1B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QACD,MAAM,IAAI,GAAG,UAA8B,CAAC;QAE5C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QAClD,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5D,OAAO;YACL,SAAS,EAAE,SAAoC;SAChD,CAAC;IACJ,CAAC;IAcD,KAAK,CAAC,cAAc,CAAC,GAAsB;QAEzC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAClD,KAAK,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE;YAChD,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE;SACF,CAAC,CAAC;QAE9B,OAAO;YACL,OAAO,EAAE,OAAkC;SAC5C,CAAC;IACJ,CAAC;IA0BD,KAAK,CAAC,YAAY,CAAC,GAAoB;QAGrC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACnD,MAAM,EAAE;gBACN,IAAI;gBACJ,YAAY;gBACZ,aAAa;gBACb,oBAAoB;gBACpB,WAAW;gBACX,iBAAiB;gBACjB,oBAAoB;aACrB;YACD,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE;SACxB,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,UAAU,IAAI,KAAK,CAAC;QAG/C,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QAGhF,MAAM,qBAAqB,GAAG,CAAC,GAAG,sBAAsB,CAAC,gBAAgB,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YACtC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,2BAAS,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtD,qBAAqB,CAAC,IAAI,CAAC,2BAAS,CAAC,MAAM,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAGD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QAClE,MAAM,iBAAiB,GAAG;YACxB,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;SAC1D,CAAC;QAGvB,MAAM,QAAQ,GAAG,OAAO,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;QAGzD,MAAM,cAAc,GAAG,CAAC,CAAC,UAAU,CAAC,WAAW,IAAI,UAAU,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;QAErF,OAAO;YACL,OAAO;YACP,QAAQ;YACR,iBAAiB;YACjB,gBAAgB,EAAE,qBAAqB;YACvC,cAAc;YACd,eAAe,EAAE,UAAU,CAAC,kBAAiD;YAC7E,SAAS,EAAE,UAAU,CAAC,SAAS,IAAI,KAAK;YACxC,eAAe,EAAE,UAAU,CAAC,eAAe,IAAI,IAAI;YACnD,kBAAkB,EAAE,UAAU,CAAC,kBAAkB,IAAI,IAAI;SAC1D,CAAC;IACJ,CAAC;IA+BD,KAAK,CAAC,aAAa,CAAC,GAAqB;QAEvC,MAAM,YAAY,GAAG,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,CAAC;QACzF,MAAM,gBAAgB,GAAG,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;QACtD,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,gBAA6B,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,uBAAuB,GAAG,CAAC,UAAU,wBAAwB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACvF,CAAC;QACJ,CAAC;QAGD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACtF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,uBAAuB,CAAC,CAAC;QAC7E,CAAC;QAED,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,iCAAiC,CAAC,CAAC;QAC5F,CAAC;QAGD,MAAM,IAAI,GAAG,UAA8B,CAAC;QAE5C,MAAM,eAAe,GAAG,UAAU,CAAC,kBAAkB,CAAC;QACtD,MAAM,iBAAiB,GAAG,eAAe,KAAK,gBAAgB,CAAC;QAG/D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACtE,MAAM,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAGtE,MAAM,eAAe,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,gBAAgB,CAAC,CAAC;QAE/F,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,aAAa,gBAAgB,kCAAkC,CAChE,CAAC;QACJ,CAAC;QAGD,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAChE,YAAY,IAAI,MAAM,CAAC,QAAQ,IAAI,CAAC,CAAC;QACvC,CAAC;QAGD,MAAM,sBAAsB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/E,MAAM,sBAAsB,GAAG,sBAAsB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACxF,IAAI,WAAW,GAAG,KAAK,CAAC;QAGxB,IAAI,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxC,UAAU,CAAC,UAAU,GAAG,KAAK,CAAC;YAC9B,UAAU,CAAC,UAAU,GAAG,EAAE,CAAC;YAC3B,UAAU,CAAC,kBAAkB,GAAG,IAAI,CAAC;YACrC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC3C,WAAW,GAAG,IAAI,CAAC;YAKnB,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAChD,IAAI,CAAC;oBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;wBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,SAAS,EAAE,+CAAkB,CAAC,YAAY;wBAC1C,WAAW,EAAE,MAAM;wBACnB,MAAM,EAAE,qBAAqB;wBAC7B,WAAW,EAAE,oCAAoC;wBAEjD,QAAQ,EAAE;4BACR,aAAa,EAAE,gBAAgB;4BAC/B,YAAY;yBACb;qBACF,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,UAAU,EAAE,CAAC;oBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;oBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,8CAA8C,YAAY,EAAE,EAAE;wBACjF,KAAK,EAAE,UAAU;wBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;qBAChB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAGD,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;gBACvD,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,UAAU,CAAC;gBAC9D,IAAI,WAAW,KAAK,UAAU,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;oBAC7D,MAAM,IAAI,GAAG,UAA8B,CAAC;oBAC5C,IAAI,CAAC;wBAEH,MAAM,IAAI,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,IAAI,EAAE,kCAAa,CAAC,kBAAkB,EAAE;4BACzF,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE;4BACpD,aAAa,EAAE,IAAI;yBACpB,CAAC,CAAC;wBACH,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,iDAAiD,IAAI,CAAC,GAAG,oBAAoB,CAAC,CAAC;oBACpG,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBAEf,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,oEAAoE,KAAK,EAAE,CAAC,CAAC;oBACnG,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YAEN,MAAM,gBAAgB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACjF,UAAU,CAAC,UAAU,GAAG,gBAAgB,CAAC;YAGzC,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,kBAAkB,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,UAAU,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;gBACnD,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAG3C,IAAI,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;oBACjC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBACnG,CAAC;gBAGD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,sBAAsB,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACvD,IAAI,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;wBACjC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;oBACpG,CAAC;gBACH,CAAC;gBAED,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,mCAAmC,kBAAkB,mBAAmB,gBAAgB,EAAE,CAAC,CAAC;YACjH,CAAC;iBAAM,CAAC;gBAEN,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAKD,IAAI,YAAY,GAAG,CAAC,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACpE,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,UAA8B,CAAC;gBAC5C,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,kBAAkB;oBAChD,WAAW,EAAE,MAAM;oBACnB,QAAQ,EAAE;wBACR,MAAM,EAAE,gBAAgB;wBACxB,YAAY;wBACZ,gBAAgB,EAAE,sBAAsB,CAAC,MAAM;wBAC/C,WAAW;qBACZ;iBAEF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,oDAAoD,YAAY,EAAE,EAAE;oBACvF,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,MAAM,EAAE,gBAAgB;iBACzB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,CAAC;IACvC,CAAC;IAwBD,KAAK,CAAC,kBAAkB,CAAC,GAA0B;QAEjD,MAAM,YAAY,GAAG,CAAC,2BAAS,CAAC,IAAI,EAAE,2BAAS,CAAC,GAAG,EAAE,2BAAS,CAAC,KAAK,EAAE,2BAAS,CAAC,OAAO,CAAC,CAAC;QACzF,MAAM,gBAAgB,GAAG,GAAG,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;QACtD,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,gBAA6B,CAAC,EAAE,CAAC;YAC1D,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,uBAAuB,GAAG,CAAC,UAAU,wBAAwB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACvF,CAAC;QACJ,CAAC;QAGD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACtF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,MAAM,GAAG,UAAU,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,iCAAiC,CAAC,CAAC;QAC5F,CAAC;QAGD,MAAM,IAAI,GAAG,UAA8B,CAAC;QAG5C,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAEtE,MAAM,eAAe,GAAG,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,gBAAgB,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC;QAEnH,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,eAAe,gBAAgB,mCAAmC,CACnE,CAAC;QACJ,CAAC;QAGD,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAC9B,EAAE,EAAE,EAAE,MAAM,EAAE,EACd;YACE,kBAAkB,EAAE,gBAAmC;SACxD,CACF,CAAC;QAGF,MAAM,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACtE,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;YACnC,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,KAAK,eAAe,CAAC,EAAE,EAAE,CAAC,CAAC;QAC5G,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,UAAU,eAAe,CAAC,EAAE,4BAA4B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAK1F,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,cAAc,GAAG,UAAU,CAAC,kBAAkB,CAAC;gBACrD,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,4BAA4B;oBAC1D,WAAW,EAAE,MAAM;oBACnB,QAAQ,EAAE;wBAER,cAAc,EAAE,cAAc,IAAI,IAAI;wBACtC,SAAS,EAAE,gBAAgB;wBAC3B,QAAQ,EAAE,eAAe,CAAC,EAAE;qBAC7B;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,8DAA8D,YAAY,EAAE,EAAE;oBACjG,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,MAAM,EAAE,gBAAgB;iBACzB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,0BAA0B;SACpC,CAAC;IACJ,CAAC;IA+BD,KAAK,CAAC,eAAe,CAAC,GAAuB;QAE3C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,GAAG,EAAE,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACtF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,IAAI,GAAG,UAA8B,CAAC;QAG5C,MAAM,YAAY,GAA4B;YAC5C,SAAS,EAAE,GAAG,CAAC,MAAM;YACrB,eAAe,EAAE,GAAG,CAAC,MAAM,IAAI,IAAI;YACnC,kBAAkB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI;YAClD,kBAAkB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI;SAC9D,CAAC;QAIF,IAAI,CAAC,GAAG,CAAC,MAAM,IAAI,UAAU,CAAC,SAAS,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YAC3E,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,kCAAkC,GAAG,CAAC,OAAO,6CAA6C,CAAC,CAAC;QAClH,CAAC;QAGD,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;QAG9D,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,iBAAiB,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,aAAa,GAAG,CAAC,OAAO,EAAE,EAAE;YAChG,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,oBAAoB;YAC1C,SAAS,EAAE,GAAG,CAAC,SAAS,IAAI,QAAQ;YACpC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QAKH,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;oBAClC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,+CAAkB,CAAC,qBAAqB,CAAC,CAAC,CAAC,+CAAkB,CAAC,qBAAqB;oBAC3G,WAAW,EAAE,MAAM;oBACnB,WAAW,EAAE,GAAG,CAAC,SAAS,IAAI,IAAI;oBAElC,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,IAAI;oBAC1B,QAAQ,EAAE;wBACR,oBAAoB,EAAE,UAAU,CAAC,SAAS;wBAC1C,eAAe,EAAE,GAAG,CAAC,MAAM;qBAC5B;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,+CAA+C,YAAY,EAAE,EAAE;oBAClF,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAGD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YACtD,KAAK,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE;YAC5B,MAAM,EAAE,CAAC,WAAW,EAAE,iBAAiB,EAAE,oBAAoB,CAAC;SAC/D,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,6BAA6B,CAAC,CAAC;QACnF,CAAC;QAED,OAAO;YACL,SAAS,EAAE,aAAa,CAAC,SAAS,IAAI,KAAK;YAC3C,eAAe,EAAE,aAAa,CAAC,eAAe,IAAI,IAAI;YACtD,kBAAkB,EAAE,aAAa,CAAC,kBAAkB,IAAI,IAAI;SAC7D,CAAC;IACJ,CAAC;IA8BD,KAAK,CAAC,YAAY,CAAC,GAAoB;QACrC,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,oCAAoC,CAAC,CAAC;QAC/F,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,mCAAmC,GAAG,CAAC,OAAO,YAAY,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAG7F,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAElF,IAAI,gBAAgB,CAAC,aAAa,KAAK,kCAAa,CAAC,kBAAkB,EAAE,CAAC;YACxE,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,qEAAqE,gBAAgB,CAAC,aAAa,EAAE,CACtG,CAAC;QACJ,CAAC;QAGD,MAAM,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC;QACnC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,0CAA0C,CAAC,CAAC;QACxG,CAAC;QAID,MAAM,oBAAoB,GAAG;YAC3B,GAAG,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC;YACxB,kBAAkB,EAAE,gBAAgB,CAAC,EAAE;SACxC,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,8BAA8B,gBAAgB,CAAC,EAAE,OAAO,GAAG,CAAC,MAAM,yBAAyB,CAAC,CAAC;QAClH,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;QAEhE,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,oCAAoC,GAAG,CAAC,MAAM,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAEzF,OAAO;YACL,SAAS,EAAE,MAAiC;SAC7C,CAAC;IACJ,CAAC;IAqBD,KAAK,CAAC,gBAAgB,CAAC,GAAwB;QAC7C,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,oCAAoC,CAAC,CAAC;QAC/F,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,uCAAuC,GAAG,CAAC,OAAO,YAAY,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC;QAGjG,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAElF,IAAI,gBAAgB,CAAC,aAAa,KAAK,kCAAa,CAAC,YAAY,EAAE,CAAC;YAClE,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,mEAAmE,gBAAgB,CAAC,aAAa,EAAE,CACpG,CAAC;QACJ,CAAC;QAGD,MAAM,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC;QACnC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,0CAA0C,CAAC,CAAC;QACxG,CAAC;QAGD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAE9C,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,iBAAiB,EAC/B,eAAe,GAAG,CAAC,MAAM,8CAA8C,CACxE,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QAGzD,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,cAAc,GAAG,aAAmD,CAAC;YAC3E,MAAM,gBAAgB,GAAG,cAAc,CAAC,OAAO,EAAE,SAAS,CAAC;YAC3D,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE;oBACtD,gBAAgB;iBACjB,CAAC,CAAC;gBACH,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,sDAAsD,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;YACzF,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,wCAAwC,GAAG,CAAC,MAAM,UAAU,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAE7F,OAAO;YACL,aAAa,EAAE,aAAwC;SACxD,CAAC;IACJ,CAAC;CACF;AA13BD,gCA03BC"}

package/dist/services/password.service.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { PasswordConfig } from '../interfaces/config.interface';
+export interface PasswordValidationResult {
+    valid: boolean;
+    errors: string[];
+}
+export declare class PasswordService {
+    private readonly config;
+    private readonly commonPasswords;
+    constructor(passwordConfig?: PasswordConfig);
+    hashPassword(password: string): Promise<string>;
+    verifyPassword(password: string, hash: string): Promise<boolean>;
+    validatePassword(password: string, userInfo?: {
+        email?: string;
+        username?: string;
+    }): Promise<PasswordValidationResult>;
+    isPasswordInHistory(password: string, passwordHistory: string[]): Promise<boolean>;
+    addToHistory(currentHistory: string[], newHash: string): string[];
+}
+//# sourceMappingURL=password.service.d.ts.map

package/dist/services/password.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"password.service.d.ts","sourceRoot":"","sources":["../../src/services/password.service.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAQhE,MAAM,WAAW,wBAAwB;IAEvC,KAAK,EAAE,OAAO,CAAC;IAGf,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAiDD,qBAAa,eAAe;IAE1B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA2B;IAGlD,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAc;gBAElC,cAAc,CAAC,EAAE,cAAc;IA0CrC,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA2B/C,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwChE,gBAAgB,CACpB,QAAQ,EAAE,MAAM,EAChB,QAAQ,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAC/C,OAAO,CAAC,wBAAwB,CAAC;IAwF9B,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IA2BxF,YAAY,CAAC,cAAc,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE;CAUlE"}