@naylence/runtime 0.4.2 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/index.cjs +28 -7
- package/dist/browser/index.mjs +28 -7
- package/dist/cjs/naylence/fame/security/auth/authorization-profile-factory.js +24 -6
- package/dist/cjs/version.js +2 -2
- package/dist/esm/naylence/fame/security/auth/authorization-profile-factory.js +23 -5
- package/dist/esm/version.js +2 -2
- package/dist/node/index.cjs +28 -7
- package/dist/node/index.mjs +28 -7
- package/dist/node/node.cjs +28 -7
- package/dist/node/node.mjs +28 -7
- package/dist/types/naylence/fame/security/auth/authorization-profile-factory.d.ts +3 -0
- package/dist/types/version.d.ts +1 -1
- package/package.json +1 -1
package/dist/browser/index.cjs
CHANGED
|
@@ -525,12 +525,12 @@ async function ensureRuntimeFactoriesRegistered(registry = factory.Registry) {
|
|
|
525
525
|
}
|
|
526
526
|
|
|
527
527
|
// This file is auto-generated during build - do not edit manually
|
|
528
|
-
// Generated from package.json version: 0.4.
|
|
528
|
+
// Generated from package.json version: 0.4.3
|
|
529
529
|
/**
|
|
530
530
|
* The package version, injected at build time.
|
|
531
531
|
* @internal
|
|
532
532
|
*/
|
|
533
|
-
const VERSION = '0.4.
|
|
533
|
+
const VERSION = '0.4.3';
|
|
534
534
|
|
|
535
535
|
let initialized = false;
|
|
536
536
|
const runtimePlugin = {
|
|
@@ -21926,6 +21926,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
21926
21926
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
21927
21927
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
21928
21928
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
21929
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
21929
21930
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
21930
21931
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
21931
21932
|
const ENV_VAR_JWT_ALGORITHM$1 = 'FAME_JWT_ALGORITHM';
|
|
@@ -21933,18 +21934,21 @@ const ENV_VAR_JWT_AUDIENCE$2 = 'FAME_JWT_AUDIENCE';
|
|
|
21933
21934
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
21934
21935
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
21935
21936
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
21937
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
21938
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
21936
21939
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
21937
21940
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
21938
21941
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
21939
21942
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
21940
21943
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
21944
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
21945
|
+
type: 'JWKSJWTTokenVerifier',
|
|
21946
|
+
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21947
|
+
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21948
|
+
};
|
|
21941
21949
|
const DEFAULT_PROFILE = {
|
|
21942
21950
|
type: 'DefaultAuthorizer',
|
|
21943
|
-
verifier:
|
|
21944
|
-
type: 'JWKSJWTTokenVerifier',
|
|
21945
|
-
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21946
|
-
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21947
|
-
},
|
|
21951
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21948
21952
|
};
|
|
21949
21953
|
const OAUTH2_PROFILE = {
|
|
21950
21954
|
type: 'OAuth2Authorizer',
|
|
@@ -21989,11 +21993,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
21989
21993
|
const NOOP_PROFILE$2 = {
|
|
21990
21994
|
type: 'NoopAuthorizer',
|
|
21991
21995
|
};
|
|
21996
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
21997
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
21998
|
+
path: factory.Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
21999
|
+
format: factory.Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
22000
|
+
};
|
|
22001
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
22002
|
+
type: 'PolicyAuthorizer',
|
|
22003
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
22004
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
22005
|
+
};
|
|
21992
22006
|
const PROFILE_MAP$5 = {
|
|
21993
22007
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
21994
22008
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
21995
22009
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
21996
22010
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
22011
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
21997
22012
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
21998
22013
|
};
|
|
21999
22014
|
const PROFILE_ALIASES$1 = {
|
|
@@ -22007,6 +22022,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
22007
22022
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22008
22023
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22009
22024
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22025
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22026
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
22027
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22010
22028
|
noop: PROFILE_NAME_NOOP$2,
|
|
22011
22029
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
22012
22030
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -22082,6 +22100,8 @@ function deepClone$4(value) {
|
|
|
22082
22100
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
22083
22101
|
__proto__: null,
|
|
22084
22102
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
22103
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
22104
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
22085
22105
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
22086
22106
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
22087
22107
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -22097,6 +22117,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
22097
22117
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
22098
22118
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22099
22119
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
22120
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22100
22121
|
default: AuthorizationProfileFactory
|
|
22101
22122
|
});
|
|
22102
22123
|
|
package/dist/browser/index.mjs
CHANGED
|
@@ -523,12 +523,12 @@ async function ensureRuntimeFactoriesRegistered(registry = Registry) {
|
|
|
523
523
|
}
|
|
524
524
|
|
|
525
525
|
// This file is auto-generated during build - do not edit manually
|
|
526
|
-
// Generated from package.json version: 0.4.
|
|
526
|
+
// Generated from package.json version: 0.4.3
|
|
527
527
|
/**
|
|
528
528
|
* The package version, injected at build time.
|
|
529
529
|
* @internal
|
|
530
530
|
*/
|
|
531
|
-
const VERSION = '0.4.
|
|
531
|
+
const VERSION = '0.4.3';
|
|
532
532
|
|
|
533
533
|
let initialized = false;
|
|
534
534
|
const runtimePlugin = {
|
|
@@ -21924,6 +21924,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
21924
21924
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
21925
21925
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
21926
21926
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
21927
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
21927
21928
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
21928
21929
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
21929
21930
|
const ENV_VAR_JWT_ALGORITHM$1 = 'FAME_JWT_ALGORITHM';
|
|
@@ -21931,18 +21932,21 @@ const ENV_VAR_JWT_AUDIENCE$2 = 'FAME_JWT_AUDIENCE';
|
|
|
21931
21932
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
21932
21933
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
21933
21934
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
21935
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
21936
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
21934
21937
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
21935
21938
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
21936
21939
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
21937
21940
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
21938
21941
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
21942
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
21943
|
+
type: 'JWKSJWTTokenVerifier',
|
|
21944
|
+
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21945
|
+
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21946
|
+
};
|
|
21939
21947
|
const DEFAULT_PROFILE = {
|
|
21940
21948
|
type: 'DefaultAuthorizer',
|
|
21941
|
-
verifier:
|
|
21942
|
-
type: 'JWKSJWTTokenVerifier',
|
|
21943
|
-
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21944
|
-
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21945
|
-
},
|
|
21949
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21946
21950
|
};
|
|
21947
21951
|
const OAUTH2_PROFILE = {
|
|
21948
21952
|
type: 'OAuth2Authorizer',
|
|
@@ -21987,11 +21991,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
21987
21991
|
const NOOP_PROFILE$2 = {
|
|
21988
21992
|
type: 'NoopAuthorizer',
|
|
21989
21993
|
};
|
|
21994
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
21995
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
21996
|
+
path: Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
21997
|
+
format: Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
21998
|
+
};
|
|
21999
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
22000
|
+
type: 'PolicyAuthorizer',
|
|
22001
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
22002
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
22003
|
+
};
|
|
21990
22004
|
const PROFILE_MAP$5 = {
|
|
21991
22005
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
21992
22006
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
21993
22007
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
21994
22008
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
22009
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
21995
22010
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
21996
22011
|
};
|
|
21997
22012
|
const PROFILE_ALIASES$1 = {
|
|
@@ -22005,6 +22020,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
22005
22020
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22006
22021
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22007
22022
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22023
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22024
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
22025
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22008
22026
|
noop: PROFILE_NAME_NOOP$2,
|
|
22009
22027
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
22010
22028
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -22080,6 +22098,8 @@ function deepClone$4(value) {
|
|
|
22080
22098
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
22081
22099
|
__proto__: null,
|
|
22082
22100
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
22101
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
22102
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
22083
22103
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
22084
22104
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
22085
22105
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -22095,6 +22115,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
22095
22115
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
22096
22116
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
22097
22117
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
22118
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
22098
22119
|
default: AuthorizationProfileFactory
|
|
22099
22120
|
});
|
|
22100
22121
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.AuthorizationProfileFactory = exports.FACTORY_META = exports.ENV_VAR_HMAC_SECRET = exports.ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE = exports.ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER = exports.ENV_VAR_TRUSTED_CLIENT_SCOPE = exports.ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY = exports.ENV_VAR_JWKS_URL = exports.ENV_VAR_JWT_AUDIENCE = exports.ENV_VAR_JWT_ALGORITHM = exports.ENV_VAR_JWT_TRUSTED_ISSUER = exports.PROFILE_NAME_NOOP = exports.PROFILE_NAME_OAUTH2_CALLBACK = exports.PROFILE_NAME_OAUTH2_GATED = exports.PROFILE_NAME_OAUTH2 = exports.PROFILE_NAME_DEFAULT = void 0;
|
|
3
|
+
exports.AuthorizationProfileFactory = exports.FACTORY_META = exports.ENV_VAR_HMAC_SECRET = exports.ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE = exports.ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER = exports.ENV_VAR_AUTH_POLICY_FORMAT = exports.ENV_VAR_AUTH_POLICY_PATH = exports.ENV_VAR_TRUSTED_CLIENT_SCOPE = exports.ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY = exports.ENV_VAR_JWKS_URL = exports.ENV_VAR_JWT_AUDIENCE = exports.ENV_VAR_JWT_ALGORITHM = exports.ENV_VAR_JWT_TRUSTED_ISSUER = exports.PROFILE_NAME_NOOP = exports.PROFILE_NAME_POLICY_LOCALFILE = exports.PROFILE_NAME_OAUTH2_CALLBACK = exports.PROFILE_NAME_OAUTH2_GATED = exports.PROFILE_NAME_OAUTH2 = exports.PROFILE_NAME_DEFAULT = void 0;
|
|
4
4
|
const factory_1 = require("@naylence/factory");
|
|
5
5
|
const logging_js_1 = require("../../util/logging.js");
|
|
6
6
|
const authorizer_factory_js_1 = require("./authorizer-factory.js");
|
|
@@ -9,6 +9,7 @@ exports.PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
9
9
|
exports.PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
10
10
|
exports.PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
11
11
|
exports.PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
12
|
+
exports.PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
12
13
|
exports.PROFILE_NAME_NOOP = 'noop';
|
|
13
14
|
exports.ENV_VAR_JWT_TRUSTED_ISSUER = 'FAME_JWT_TRUSTED_ISSUER';
|
|
14
15
|
exports.ENV_VAR_JWT_ALGORITHM = 'FAME_JWT_ALGORITHM';
|
|
@@ -16,18 +17,21 @@ exports.ENV_VAR_JWT_AUDIENCE = 'FAME_JWT_AUDIENCE';
|
|
|
16
17
|
exports.ENV_VAR_JWKS_URL = 'FAME_JWKS_URL';
|
|
17
18
|
exports.ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
18
19
|
exports.ENV_VAR_TRUSTED_CLIENT_SCOPE = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
20
|
+
exports.ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
21
|
+
exports.ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
19
22
|
exports.ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
20
23
|
exports.ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
21
24
|
exports.ENV_VAR_HMAC_SECRET = 'FAME_HMAC_SECRET';
|
|
22
25
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
23
26
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
27
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
28
|
+
type: 'JWKSJWTTokenVerifier',
|
|
29
|
+
jwks_url: factory_1.Expressions.env(exports.ENV_VAR_JWKS_URL),
|
|
30
|
+
issuer: factory_1.Expressions.env(exports.ENV_VAR_JWT_TRUSTED_ISSUER),
|
|
31
|
+
};
|
|
24
32
|
const DEFAULT_PROFILE = {
|
|
25
33
|
type: 'DefaultAuthorizer',
|
|
26
|
-
verifier:
|
|
27
|
-
type: 'JWKSJWTTokenVerifier',
|
|
28
|
-
jwks_url: factory_1.Expressions.env(exports.ENV_VAR_JWKS_URL),
|
|
29
|
-
issuer: factory_1.Expressions.env(exports.ENV_VAR_JWT_TRUSTED_ISSUER),
|
|
30
|
-
},
|
|
34
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
31
35
|
};
|
|
32
36
|
const OAUTH2_PROFILE = {
|
|
33
37
|
type: 'OAuth2Authorizer',
|
|
@@ -72,11 +76,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
72
76
|
const NOOP_PROFILE = {
|
|
73
77
|
type: 'NoopAuthorizer',
|
|
74
78
|
};
|
|
79
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
80
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
81
|
+
path: factory_1.Expressions.env(exports.ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
82
|
+
format: factory_1.Expressions.env(exports.ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
83
|
+
};
|
|
84
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
85
|
+
type: 'PolicyAuthorizer',
|
|
86
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
87
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
88
|
+
};
|
|
75
89
|
const PROFILE_MAP = {
|
|
76
90
|
[exports.PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
77
91
|
[exports.PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
78
92
|
[exports.PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
79
93
|
[exports.PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
94
|
+
[exports.PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
80
95
|
[exports.PROFILE_NAME_NOOP]: NOOP_PROFILE,
|
|
81
96
|
};
|
|
82
97
|
const PROFILE_ALIASES = {
|
|
@@ -90,6 +105,9 @@ const PROFILE_ALIASES = {
|
|
|
90
105
|
'oauth2-callback': exports.PROFILE_NAME_OAUTH2_CALLBACK,
|
|
91
106
|
oauth2_callback: exports.PROFILE_NAME_OAUTH2_CALLBACK,
|
|
92
107
|
'reverse-auth': exports.PROFILE_NAME_OAUTH2_CALLBACK,
|
|
108
|
+
policy: exports.PROFILE_NAME_POLICY_LOCALFILE,
|
|
109
|
+
'policy-localfile': exports.PROFILE_NAME_POLICY_LOCALFILE,
|
|
110
|
+
policy_localfile: exports.PROFILE_NAME_POLICY_LOCALFILE,
|
|
93
111
|
noop: exports.PROFILE_NAME_NOOP,
|
|
94
112
|
'no-op': exports.PROFILE_NAME_NOOP,
|
|
95
113
|
no_op: exports.PROFILE_NAME_NOOP,
|
package/dist/cjs/version.js
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
// This file is auto-generated during build - do not edit manually
|
|
3
|
-
// Generated from package.json version: 0.4.
|
|
3
|
+
// Generated from package.json version: 0.4.3
|
|
4
4
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
5
5
|
exports.VERSION = void 0;
|
|
6
6
|
/**
|
|
7
7
|
* The package version, injected at build time.
|
|
8
8
|
* @internal
|
|
9
9
|
*/
|
|
10
|
-
exports.VERSION = '0.4.
|
|
10
|
+
exports.VERSION = '0.4.3';
|
|
@@ -6,6 +6,7 @@ export const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
6
6
|
export const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
7
7
|
export const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
8
8
|
export const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
9
|
+
export const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
9
10
|
export const PROFILE_NAME_NOOP = 'noop';
|
|
10
11
|
export const ENV_VAR_JWT_TRUSTED_ISSUER = 'FAME_JWT_TRUSTED_ISSUER';
|
|
11
12
|
export const ENV_VAR_JWT_ALGORITHM = 'FAME_JWT_ALGORITHM';
|
|
@@ -13,18 +14,21 @@ export const ENV_VAR_JWT_AUDIENCE = 'FAME_JWT_AUDIENCE';
|
|
|
13
14
|
export const ENV_VAR_JWKS_URL = 'FAME_JWKS_URL';
|
|
14
15
|
export const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
15
16
|
export const ENV_VAR_TRUSTED_CLIENT_SCOPE = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
17
|
+
export const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
18
|
+
export const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
16
19
|
export const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
17
20
|
export const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
18
21
|
export const ENV_VAR_HMAC_SECRET = 'FAME_HMAC_SECRET';
|
|
19
22
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
20
23
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
24
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
25
|
+
type: 'JWKSJWTTokenVerifier',
|
|
26
|
+
jwks_url: Expressions.env(ENV_VAR_JWKS_URL),
|
|
27
|
+
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER),
|
|
28
|
+
};
|
|
21
29
|
const DEFAULT_PROFILE = {
|
|
22
30
|
type: 'DefaultAuthorizer',
|
|
23
|
-
verifier:
|
|
24
|
-
type: 'JWKSJWTTokenVerifier',
|
|
25
|
-
jwks_url: Expressions.env(ENV_VAR_JWKS_URL),
|
|
26
|
-
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER),
|
|
27
|
-
},
|
|
31
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
28
32
|
};
|
|
29
33
|
const OAUTH2_PROFILE = {
|
|
30
34
|
type: 'OAuth2Authorizer',
|
|
@@ -69,11 +73,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
69
73
|
const NOOP_PROFILE = {
|
|
70
74
|
type: 'NoopAuthorizer',
|
|
71
75
|
};
|
|
76
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
77
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
78
|
+
path: Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
79
|
+
format: Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
80
|
+
};
|
|
81
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
82
|
+
type: 'PolicyAuthorizer',
|
|
83
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
84
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
85
|
+
};
|
|
72
86
|
const PROFILE_MAP = {
|
|
73
87
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
74
88
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
75
89
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
76
90
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
91
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
77
92
|
[PROFILE_NAME_NOOP]: NOOP_PROFILE,
|
|
78
93
|
};
|
|
79
94
|
const PROFILE_ALIASES = {
|
|
@@ -87,6 +102,9 @@ const PROFILE_ALIASES = {
|
|
|
87
102
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
88
103
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
89
104
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
105
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
106
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
107
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
90
108
|
noop: PROFILE_NAME_NOOP,
|
|
91
109
|
'no-op': PROFILE_NAME_NOOP,
|
|
92
110
|
no_op: PROFILE_NAME_NOOP,
|
package/dist/esm/version.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
// This file is auto-generated during build - do not edit manually
|
|
2
|
-
// Generated from package.json version: 0.4.
|
|
2
|
+
// Generated from package.json version: 0.4.3
|
|
3
3
|
/**
|
|
4
4
|
* The package version, injected at build time.
|
|
5
5
|
* @internal
|
|
6
6
|
*/
|
|
7
|
-
export const VERSION = '0.4.
|
|
7
|
+
export const VERSION = '0.4.3';
|
package/dist/node/index.cjs
CHANGED
|
@@ -14,12 +14,12 @@ var fastify = require('fastify');
|
|
|
14
14
|
var websocketPlugin = require('@fastify/websocket');
|
|
15
15
|
|
|
16
16
|
// This file is auto-generated during build - do not edit manually
|
|
17
|
-
// Generated from package.json version: 0.4.
|
|
17
|
+
// Generated from package.json version: 0.4.3
|
|
18
18
|
/**
|
|
19
19
|
* The package version, injected at build time.
|
|
20
20
|
* @internal
|
|
21
21
|
*/
|
|
22
|
-
const VERSION = '0.4.
|
|
22
|
+
const VERSION = '0.4.3';
|
|
23
23
|
|
|
24
24
|
/**
|
|
25
25
|
* Fame protocol specific error classes with WebSocket close codes and proper inheritance.
|
|
@@ -21813,6 +21813,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
21813
21813
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
21814
21814
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
21815
21815
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
21816
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
21816
21817
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
21817
21818
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
21818
21819
|
const ENV_VAR_JWT_ALGORITHM$1 = 'FAME_JWT_ALGORITHM';
|
|
@@ -21820,18 +21821,21 @@ const ENV_VAR_JWT_AUDIENCE$2 = 'FAME_JWT_AUDIENCE';
|
|
|
21820
21821
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
21821
21822
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
21822
21823
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
21824
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
21825
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
21823
21826
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
21824
21827
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
21825
21828
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
21826
21829
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
21827
21830
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
21831
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
21832
|
+
type: 'JWKSJWTTokenVerifier',
|
|
21833
|
+
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21834
|
+
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21835
|
+
};
|
|
21828
21836
|
const DEFAULT_PROFILE = {
|
|
21829
21837
|
type: 'DefaultAuthorizer',
|
|
21830
|
-
verifier:
|
|
21831
|
-
type: 'JWKSJWTTokenVerifier',
|
|
21832
|
-
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21833
|
-
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21834
|
-
},
|
|
21838
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21835
21839
|
};
|
|
21836
21840
|
const OAUTH2_PROFILE = {
|
|
21837
21841
|
type: 'OAuth2Authorizer',
|
|
@@ -21876,11 +21880,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
21876
21880
|
const NOOP_PROFILE$2 = {
|
|
21877
21881
|
type: 'NoopAuthorizer',
|
|
21878
21882
|
};
|
|
21883
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
21884
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
21885
|
+
path: factory.Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
21886
|
+
format: factory.Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
21887
|
+
};
|
|
21888
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
21889
|
+
type: 'PolicyAuthorizer',
|
|
21890
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21891
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
21892
|
+
};
|
|
21879
21893
|
const PROFILE_MAP$5 = {
|
|
21880
21894
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
21881
21895
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
21882
21896
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
21883
21897
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
21898
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
21884
21899
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
21885
21900
|
};
|
|
21886
21901
|
const PROFILE_ALIASES$1 = {
|
|
@@ -21894,6 +21909,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
21894
21909
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21895
21910
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21896
21911
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21912
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21913
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
21914
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21897
21915
|
noop: PROFILE_NAME_NOOP$2,
|
|
21898
21916
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
21899
21917
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -21969,6 +21987,8 @@ function deepClone$4(value) {
|
|
|
21969
21987
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
21970
21988
|
__proto__: null,
|
|
21971
21989
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
21990
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
21991
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
21972
21992
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
21973
21993
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
21974
21994
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -21984,6 +22004,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
21984
22004
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
21985
22005
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21986
22006
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
22007
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21987
22008
|
default: AuthorizationProfileFactory
|
|
21988
22009
|
});
|
|
21989
22010
|
|
package/dist/node/index.mjs
CHANGED
|
@@ -13,12 +13,12 @@ import fastify from 'fastify';
|
|
|
13
13
|
import websocketPlugin from '@fastify/websocket';
|
|
14
14
|
|
|
15
15
|
// This file is auto-generated during build - do not edit manually
|
|
16
|
-
// Generated from package.json version: 0.4.
|
|
16
|
+
// Generated from package.json version: 0.4.3
|
|
17
17
|
/**
|
|
18
18
|
* The package version, injected at build time.
|
|
19
19
|
* @internal
|
|
20
20
|
*/
|
|
21
|
-
const VERSION = '0.4.
|
|
21
|
+
const VERSION = '0.4.3';
|
|
22
22
|
|
|
23
23
|
/**
|
|
24
24
|
* Fame protocol specific error classes with WebSocket close codes and proper inheritance.
|
|
@@ -21812,6 +21812,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
21812
21812
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
21813
21813
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
21814
21814
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
21815
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
21815
21816
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
21816
21817
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
21817
21818
|
const ENV_VAR_JWT_ALGORITHM$1 = 'FAME_JWT_ALGORITHM';
|
|
@@ -21819,18 +21820,21 @@ const ENV_VAR_JWT_AUDIENCE$2 = 'FAME_JWT_AUDIENCE';
|
|
|
21819
21820
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
21820
21821
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
21821
21822
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
21823
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
21824
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
21822
21825
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
21823
21826
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
21824
21827
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
21825
21828
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
21826
21829
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
21830
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
21831
|
+
type: 'JWKSJWTTokenVerifier',
|
|
21832
|
+
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21833
|
+
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21834
|
+
};
|
|
21827
21835
|
const DEFAULT_PROFILE = {
|
|
21828
21836
|
type: 'DefaultAuthorizer',
|
|
21829
|
-
verifier:
|
|
21830
|
-
type: 'JWKSJWTTokenVerifier',
|
|
21831
|
-
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
21832
|
-
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
21833
|
-
},
|
|
21837
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21834
21838
|
};
|
|
21835
21839
|
const OAUTH2_PROFILE = {
|
|
21836
21840
|
type: 'OAuth2Authorizer',
|
|
@@ -21875,11 +21879,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
21875
21879
|
const NOOP_PROFILE$2 = {
|
|
21876
21880
|
type: 'NoopAuthorizer',
|
|
21877
21881
|
};
|
|
21882
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
21883
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
21884
|
+
path: Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
21885
|
+
format: Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
21886
|
+
};
|
|
21887
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
21888
|
+
type: 'PolicyAuthorizer',
|
|
21889
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
21890
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
21891
|
+
};
|
|
21878
21892
|
const PROFILE_MAP$5 = {
|
|
21879
21893
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
21880
21894
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
21881
21895
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
21882
21896
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
21897
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
21883
21898
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
21884
21899
|
};
|
|
21885
21900
|
const PROFILE_ALIASES$1 = {
|
|
@@ -21893,6 +21908,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
21893
21908
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21894
21909
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21895
21910
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21911
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21912
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
21913
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21896
21914
|
noop: PROFILE_NAME_NOOP$2,
|
|
21897
21915
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
21898
21916
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -21968,6 +21986,8 @@ function deepClone$4(value) {
|
|
|
21968
21986
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
21969
21987
|
__proto__: null,
|
|
21970
21988
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
21989
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
21990
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
21971
21991
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
21972
21992
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
21973
21993
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -21983,6 +22003,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
21983
22003
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
21984
22004
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
21985
22005
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
22006
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
21986
22007
|
default: AuthorizationProfileFactory
|
|
21987
22008
|
});
|
|
21988
22009
|
|
package/dist/node/node.cjs
CHANGED
|
@@ -4436,12 +4436,12 @@ async function ensureRuntimeFactoriesRegistered(registry = factory.Registry) {
|
|
|
4436
4436
|
}
|
|
4437
4437
|
|
|
4438
4438
|
// This file is auto-generated during build - do not edit manually
|
|
4439
|
-
// Generated from package.json version: 0.4.
|
|
4439
|
+
// Generated from package.json version: 0.4.3
|
|
4440
4440
|
/**
|
|
4441
4441
|
* The package version, injected at build time.
|
|
4442
4442
|
* @internal
|
|
4443
4443
|
*/
|
|
4444
|
-
const VERSION = '0.4.
|
|
4444
|
+
const VERSION = '0.4.3';
|
|
4445
4445
|
|
|
4446
4446
|
let initialized = false;
|
|
4447
4447
|
const runtimePlugin = {
|
|
@@ -23018,6 +23018,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
23018
23018
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
23019
23019
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
23020
23020
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
23021
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
23021
23022
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
23022
23023
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
23023
23024
|
const ENV_VAR_JWT_ALGORITHM$3 = 'FAME_JWT_ALGORITHM';
|
|
@@ -23025,18 +23026,21 @@ const ENV_VAR_JWT_AUDIENCE$3 = 'FAME_JWT_AUDIENCE';
|
|
|
23025
23026
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
23026
23027
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
23027
23028
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
23029
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
23030
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
23028
23031
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
23029
23032
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
23030
23033
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
23031
23034
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
23032
23035
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
23036
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
23037
|
+
type: 'JWKSJWTTokenVerifier',
|
|
23038
|
+
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
23039
|
+
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
23040
|
+
};
|
|
23033
23041
|
const DEFAULT_PROFILE = {
|
|
23034
23042
|
type: 'DefaultAuthorizer',
|
|
23035
|
-
verifier:
|
|
23036
|
-
type: 'JWKSJWTTokenVerifier',
|
|
23037
|
-
jwks_url: factory.Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
23038
|
-
issuer: factory.Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
23039
|
-
},
|
|
23043
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
23040
23044
|
};
|
|
23041
23045
|
const OAUTH2_PROFILE = {
|
|
23042
23046
|
type: 'OAuth2Authorizer',
|
|
@@ -23081,11 +23085,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
23081
23085
|
const NOOP_PROFILE$2 = {
|
|
23082
23086
|
type: 'NoopAuthorizer',
|
|
23083
23087
|
};
|
|
23088
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
23089
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
23090
|
+
path: factory.Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
23091
|
+
format: factory.Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
23092
|
+
};
|
|
23093
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
23094
|
+
type: 'PolicyAuthorizer',
|
|
23095
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
23096
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
23097
|
+
};
|
|
23084
23098
|
const PROFILE_MAP$5 = {
|
|
23085
23099
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
23086
23100
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
23087
23101
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
23088
23102
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
23103
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
23089
23104
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
23090
23105
|
};
|
|
23091
23106
|
const PROFILE_ALIASES$1 = {
|
|
@@ -23099,6 +23114,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
23099
23114
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23100
23115
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23101
23116
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23117
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23118
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
23119
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23102
23120
|
noop: PROFILE_NAME_NOOP$2,
|
|
23103
23121
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
23104
23122
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -23174,6 +23192,8 @@ function deepClone$4(value) {
|
|
|
23174
23192
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
23175
23193
|
__proto__: null,
|
|
23176
23194
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
23195
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
23196
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
23177
23197
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
23178
23198
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
23179
23199
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -23189,6 +23209,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
23189
23209
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
23190
23210
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23191
23211
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
23212
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23192
23213
|
default: AuthorizationProfileFactory
|
|
23193
23214
|
});
|
|
23194
23215
|
|
package/dist/node/node.mjs
CHANGED
|
@@ -4435,12 +4435,12 @@ async function ensureRuntimeFactoriesRegistered(registry = Registry) {
|
|
|
4435
4435
|
}
|
|
4436
4436
|
|
|
4437
4437
|
// This file is auto-generated during build - do not edit manually
|
|
4438
|
-
// Generated from package.json version: 0.4.
|
|
4438
|
+
// Generated from package.json version: 0.4.3
|
|
4439
4439
|
/**
|
|
4440
4440
|
* The package version, injected at build time.
|
|
4441
4441
|
* @internal
|
|
4442
4442
|
*/
|
|
4443
|
-
const VERSION = '0.4.
|
|
4443
|
+
const VERSION = '0.4.3';
|
|
4444
4444
|
|
|
4445
4445
|
let initialized = false;
|
|
4446
4446
|
const runtimePlugin = {
|
|
@@ -23017,6 +23017,7 @@ const PROFILE_NAME_DEFAULT = 'jwt';
|
|
|
23017
23017
|
const PROFILE_NAME_OAUTH2 = 'oauth2';
|
|
23018
23018
|
const PROFILE_NAME_OAUTH2_GATED = 'oauth2-gated';
|
|
23019
23019
|
const PROFILE_NAME_OAUTH2_CALLBACK = 'oauth2-callback';
|
|
23020
|
+
const PROFILE_NAME_POLICY_LOCALFILE = 'policy-localfile';
|
|
23020
23021
|
const PROFILE_NAME_NOOP$2 = 'noop';
|
|
23021
23022
|
const ENV_VAR_JWT_TRUSTED_ISSUER$1 = 'FAME_JWT_TRUSTED_ISSUER';
|
|
23022
23023
|
const ENV_VAR_JWT_ALGORITHM$3 = 'FAME_JWT_ALGORITHM';
|
|
@@ -23024,18 +23025,21 @@ const ENV_VAR_JWT_AUDIENCE$3 = 'FAME_JWT_AUDIENCE';
|
|
|
23024
23025
|
const ENV_VAR_JWKS_URL$1 = 'FAME_JWKS_URL';
|
|
23025
23026
|
const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1 = 'FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY';
|
|
23026
23027
|
const ENV_VAR_TRUSTED_CLIENT_SCOPE$1 = 'FAME_TRUSTED_CLIENT_SCOPE';
|
|
23028
|
+
const ENV_VAR_AUTH_POLICY_PATH = 'FAME_AUTH_POLICY_PATH';
|
|
23029
|
+
const ENV_VAR_AUTH_POLICY_FORMAT = 'FAME_AUTH_POLICY_FORMAT';
|
|
23027
23030
|
const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER$1 = 'FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER';
|
|
23028
23031
|
const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE$1 = 'FAME_JWT_REVERSE_AUTH_AUDIENCE';
|
|
23029
23032
|
const ENV_VAR_HMAC_SECRET$1 = 'FAME_HMAC_SECRET';
|
|
23030
23033
|
const DEFAULT_REVERSE_AUTH_ISSUER = 'reverse-auth.naylence.ai';
|
|
23031
23034
|
const DEFAULT_REVERSE_AUTH_AUDIENCE = 'dev.naylence.ai';
|
|
23035
|
+
const DEFAULT_VERIFIER_CONFIG = {
|
|
23036
|
+
type: 'JWKSJWTTokenVerifier',
|
|
23037
|
+
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
23038
|
+
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
23039
|
+
};
|
|
23032
23040
|
const DEFAULT_PROFILE = {
|
|
23033
23041
|
type: 'DefaultAuthorizer',
|
|
23034
|
-
verifier:
|
|
23035
|
-
type: 'JWKSJWTTokenVerifier',
|
|
23036
|
-
jwks_url: Expressions.env(ENV_VAR_JWKS_URL$1),
|
|
23037
|
-
issuer: Expressions.env(ENV_VAR_JWT_TRUSTED_ISSUER$1),
|
|
23038
|
-
},
|
|
23042
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
23039
23043
|
};
|
|
23040
23044
|
const OAUTH2_PROFILE = {
|
|
23041
23045
|
type: 'OAuth2Authorizer',
|
|
@@ -23080,11 +23084,22 @@ const OAUTH2_CALLBACK_PROFILE = {
|
|
|
23080
23084
|
const NOOP_PROFILE$2 = {
|
|
23081
23085
|
type: 'NoopAuthorizer',
|
|
23082
23086
|
};
|
|
23087
|
+
const DEFAULT_POLICY_SOURCE = {
|
|
23088
|
+
type: 'LocalFileAuthorizationPolicySource',
|
|
23089
|
+
path: Expressions.env(ENV_VAR_AUTH_POLICY_PATH, './auth-policy.yaml'),
|
|
23090
|
+
format: Expressions.env(ENV_VAR_AUTH_POLICY_FORMAT, 'auto'),
|
|
23091
|
+
};
|
|
23092
|
+
const POLICY_LOCALFILE_PROFILE = {
|
|
23093
|
+
type: 'PolicyAuthorizer',
|
|
23094
|
+
verifier: DEFAULT_VERIFIER_CONFIG,
|
|
23095
|
+
policySource: DEFAULT_POLICY_SOURCE,
|
|
23096
|
+
};
|
|
23083
23097
|
const PROFILE_MAP$5 = {
|
|
23084
23098
|
[PROFILE_NAME_DEFAULT]: DEFAULT_PROFILE,
|
|
23085
23099
|
[PROFILE_NAME_OAUTH2]: OAUTH2_PROFILE,
|
|
23086
23100
|
[PROFILE_NAME_OAUTH2_GATED]: OAUTH2_GATED_PROFILE,
|
|
23087
23101
|
[PROFILE_NAME_OAUTH2_CALLBACK]: OAUTH2_CALLBACK_PROFILE,
|
|
23102
|
+
[PROFILE_NAME_POLICY_LOCALFILE]: POLICY_LOCALFILE_PROFILE,
|
|
23088
23103
|
[PROFILE_NAME_NOOP$2]: NOOP_PROFILE$2,
|
|
23089
23104
|
};
|
|
23090
23105
|
const PROFILE_ALIASES$1 = {
|
|
@@ -23098,6 +23113,9 @@ const PROFILE_ALIASES$1 = {
|
|
|
23098
23113
|
'oauth2-callback': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23099
23114
|
oauth2_callback: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23100
23115
|
'reverse-auth': PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23116
|
+
policy: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23117
|
+
'policy-localfile': PROFILE_NAME_POLICY_LOCALFILE,
|
|
23118
|
+
policy_localfile: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23101
23119
|
noop: PROFILE_NAME_NOOP$2,
|
|
23102
23120
|
'no-op': PROFILE_NAME_NOOP$2,
|
|
23103
23121
|
no_op: PROFILE_NAME_NOOP$2,
|
|
@@ -23173,6 +23191,8 @@ function deepClone$4(value) {
|
|
|
23173
23191
|
var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
23174
23192
|
__proto__: null,
|
|
23175
23193
|
AuthorizationProfileFactory: AuthorizationProfileFactory,
|
|
23194
|
+
ENV_VAR_AUTH_POLICY_FORMAT: ENV_VAR_AUTH_POLICY_FORMAT,
|
|
23195
|
+
ENV_VAR_AUTH_POLICY_PATH: ENV_VAR_AUTH_POLICY_PATH,
|
|
23176
23196
|
ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY: ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY$1,
|
|
23177
23197
|
ENV_VAR_HMAC_SECRET: ENV_VAR_HMAC_SECRET$1,
|
|
23178
23198
|
ENV_VAR_JWKS_URL: ENV_VAR_JWKS_URL$1,
|
|
@@ -23188,6 +23208,7 @@ var authorizationProfileFactory = /*#__PURE__*/Object.freeze({
|
|
|
23188
23208
|
PROFILE_NAME_OAUTH2: PROFILE_NAME_OAUTH2,
|
|
23189
23209
|
PROFILE_NAME_OAUTH2_CALLBACK: PROFILE_NAME_OAUTH2_CALLBACK,
|
|
23190
23210
|
PROFILE_NAME_OAUTH2_GATED: PROFILE_NAME_OAUTH2_GATED,
|
|
23211
|
+
PROFILE_NAME_POLICY_LOCALFILE: PROFILE_NAME_POLICY_LOCALFILE,
|
|
23191
23212
|
default: AuthorizationProfileFactory
|
|
23192
23213
|
});
|
|
23193
23214
|
|
|
@@ -8,6 +8,7 @@ export declare const PROFILE_NAME_DEFAULT = "jwt";
|
|
|
8
8
|
export declare const PROFILE_NAME_OAUTH2 = "oauth2";
|
|
9
9
|
export declare const PROFILE_NAME_OAUTH2_GATED = "oauth2-gated";
|
|
10
10
|
export declare const PROFILE_NAME_OAUTH2_CALLBACK = "oauth2-callback";
|
|
11
|
+
export declare const PROFILE_NAME_POLICY_LOCALFILE = "policy-localfile";
|
|
11
12
|
export declare const PROFILE_NAME_NOOP = "noop";
|
|
12
13
|
export declare const ENV_VAR_JWT_TRUSTED_ISSUER = "FAME_JWT_TRUSTED_ISSUER";
|
|
13
14
|
export declare const ENV_VAR_JWT_ALGORITHM = "FAME_JWT_ALGORITHM";
|
|
@@ -15,6 +16,8 @@ export declare const ENV_VAR_JWT_AUDIENCE = "FAME_JWT_AUDIENCE";
|
|
|
15
16
|
export declare const ENV_VAR_JWKS_URL = "FAME_JWKS_URL";
|
|
16
17
|
export declare const ENV_VAR_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY = "FAME_ENFORCE_TOKEN_SUBJECT_NODE_IDENTITY";
|
|
17
18
|
export declare const ENV_VAR_TRUSTED_CLIENT_SCOPE = "FAME_TRUSTED_CLIENT_SCOPE";
|
|
19
|
+
export declare const ENV_VAR_AUTH_POLICY_PATH = "FAME_AUTH_POLICY_PATH";
|
|
20
|
+
export declare const ENV_VAR_AUTH_POLICY_FORMAT = "FAME_AUTH_POLICY_FORMAT";
|
|
18
21
|
export declare const ENV_VAR_JWT_REVERSE_AUTH_TRUSTED_ISSUER = "FAME_JWT_REVERSE_AUTH_TRUSTED_ISSUER";
|
|
19
22
|
export declare const ENV_VAR_JWT_REVERSE_AUTH_AUDIENCE = "FAME_JWT_REVERSE_AUTH_AUDIENCE";
|
|
20
23
|
export declare const ENV_VAR_HMAC_SECRET = "FAME_HMAC_SECRET";
|
package/dist/types/version.d.ts
CHANGED