@nestjs-kitchen/authz 1.0.0

package/dist/session/index.js

@@ -0,0 +1,27 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var session_exports = {};
+__export(session_exports, {
+  cereateSessionAuthzModule: () => import_session_authz.cereateSessionAuthzModule
+});
+module.exports = __toCommonJS(session_exports);
+var import_session_authz = require("./session-authz.module");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  cereateSessionAuthzModule
+});

package/dist/session/session-authz-als.middleware.d.ts

@@ -0,0 +1,25 @@
+import * as _nestjs_common from '@nestjs/common';
+import { AsyncLocalStorage } from 'node:async_hooks';
+import { Request, Response, NextFunction } from 'express';
+import { CookieOptionsWithSecret } from '../utils/types.js';
+import { SessionAuthzOptions } from './session-authz.interface.js';
+import '@nestjs/common/interfaces';
+import '../authz.provider.js';
+import 'express-session';
+
+interface SessionAlsType<P, U> {
+    user?: U;
+    allowAnonymous?: boolean;
+    guardResult?: boolean;
+    authOptions: SessionAuthzOptions;
+    logIn: (user: P) => Promise<void>;
+    logOut: () => Promise<void>;
+    setCookie: (name: string, value: string, options?: CookieOptionsWithSecret) => void;
+}
+declare const createSessionAuthzAlsMiddleware: ([ALS_PROVIDER, SESSION_AUTHZ_OPTIONS]: [any, any]) => _nestjs_common.Type<Omit<{
+    readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
+    readonly sessionAuthzOptions: SessionAuthzOptions;
+    use(req: Request, res: Response, next: NextFunction): void;
+}, "als" | "sessionAuthzOptions">>;
+
+export { type SessionAlsType, createSessionAuthzAlsMiddleware };

package/dist/session/session-authz-als.middleware.js

@@ -0,0 +1,134 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+var session_authz_als_middleware_exports = {};
+__export(session_authz_als_middleware_exports, {
+  createSessionAuthzAlsMiddleware: () => createSessionAuthzAlsMiddleware
+});
+module.exports = __toCommonJS(session_authz_als_middleware_exports);
+var import_node_async_hooks = require("node:async_hooks");
+var import_common = require("@nestjs/common");
+var import_constants = require("../constants");
+var import_errors = require("../errors");
+var import_utils = require("../utils");
+function _ts_decorate(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate, "_ts_decorate");
+function _ts_metadata(k, v) {
+  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+__name(_ts_metadata, "_ts_metadata");
+function _ts_param(paramIndex, decorator) {
+  return function(target, key) {
+    decorator(target, key, paramIndex);
+  };
+}
+__name(_ts_param, "_ts_param");
+const createSessionAuthzAlsMiddleware = /* @__PURE__ */ __name(([ALS_PROVIDER, SESSION_AUTHZ_OPTIONS]) => {
+  var _a;
+  let SessionAuthzAlsMiddleware = (_a = class {
+    constructor(als, sessionAuthzOptions) {
+      __publicField(this, "als");
+      __publicField(this, "sessionAuthzOptions");
+      this.als = als;
+      this.sessionAuthzOptions = sessionAuthzOptions;
+    }
+    use(req, res, next) {
+      const keepSessionInfo = Boolean(this.sessionAuthzOptions.keepSessionInfo);
+      if (!req.session) {
+        return next(new import_errors.AuthzError("Login sessions require session support. Did you forget to use `express-session` middleware?"));
+      }
+      const prevSession = req.session;
+      const store = {
+        user: void 0,
+        allowAnonymous: void 0,
+        guardResult: void 0,
+        authOptions: this.sessionAuthzOptions,
+        // ref: https://github.com/jaredhanson/passport/blob/217018dbc46dcd4118dd6f2c60c8d97010c587f8/lib/sessionmanager.js#L14
+        logIn: /* @__PURE__ */ __name((user) => {
+          return new Promise((resolve, reject) => {
+            req.session.regenerate(function(err) {
+              if (err) {
+                return reject(err);
+              }
+              if (keepSessionInfo) {
+                (0, import_utils.merge)(req.session, prevSession);
+              }
+              if (!req.session[import_constants.SESSION_PASSPORT_KEY]) {
+                req.session[import_constants.SESSION_PASSPORT_KEY] = {};
+              }
+              req.session[import_constants.SESSION_PASSPORT_KEY].user = user;
+              req.session.save(function(err2) {
+                if (err2) {
+                  return reject(err2);
+                }
+                resolve();
+              });
+            });
+          });
+        }, "logIn"),
+        // ref: https://github.com/jaredhanson/passport/blob/217018dbc46dcd4118dd6f2c60c8d97010c587f8/lib/sessionmanager.js#L57
+        logOut: /* @__PURE__ */ __name(() => {
+          return new Promise((resolve, reject) => {
+            if (req.session[import_constants.SESSION_PASSPORT_KEY]) {
+              delete req.session[import_constants.SESSION_PASSPORT_KEY].user;
+            }
+            req.session.save(function(err) {
+              if (err) {
+                return reject(err);
+              }
+              req.session.regenerate(function(err2) {
+                if (err2) {
+                  return reject(err2);
+                }
+                if (keepSessionInfo) {
+                  (0, import_utils.merge)(req.session, prevSession);
+                }
+                resolve();
+              });
+            });
+          });
+        }, "logOut"),
+        setCookie: (0, import_utils.createSetCookieFn)(req, res)
+      };
+      this.als.run(store, () => {
+        next();
+      });
+    }
+  }, __name(_a, "SessionAuthzAlsMiddleware"), _a);
+  SessionAuthzAlsMiddleware = _ts_decorate([
+    _ts_param(0, (0, import_common.Inject)(ALS_PROVIDER)),
+    _ts_param(1, (0, import_common.Inject)(SESSION_AUTHZ_OPTIONS)),
+    _ts_metadata("design:type", Function),
+    _ts_metadata("design:paramtypes", [
+      typeof import_node_async_hooks.AsyncLocalStorage === "undefined" ? Object : import_node_async_hooks.AsyncLocalStorage,
+      typeof SessionAuthzOptions === "undefined" ? Object : SessionAuthzOptions
+    ])
+  ], SessionAuthzAlsMiddleware);
+  return (0, import_common.mixin)(SessionAuthzAlsMiddleware);
+}, "createSessionAuthzAlsMiddleware");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createSessionAuthzAlsMiddleware
+});

package/dist/session/session-authz.guard.d.ts

@@ -0,0 +1,43 @@
+import * as _nestjs_common from '@nestjs/common';
+import { ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { AsyncLocalStorage } from 'async_hooks';
+import { AuthzProviderClass } from '../authz.provider.js';
+import { AuthzError } from '../errors.js';
+import { SessionAlsType } from './session-authz-als.middleware.js';
+import { SessionAuthzOptions } from './session-authz.interface.js';
+import 'node:async_hooks';
+import 'express';
+import '../utils/types.js';
+import '@nestjs/common/interfaces';
+import 'express-session';
+
+declare const createSessionAuthzGuard: ([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]: [string, any, any, any, any]) => _nestjs_common.Type<Omit<{
+    readonly reflector: Reflector;
+    readonly authzProvider: AuthzProviderClass<unknown, unknown>;
+    readonly sessionAuthzOptions: SessionAuthzOptions;
+    readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
+    getAuthenticateOptions(): {
+        property: string;
+        session: boolean;
+    };
+    /**
+     *
+     * recives err, user, info from JwtStrategy.validate
+     *
+     * will return request.user=null if allowAnonymous=true
+     *
+     * @param _err will always be null
+     * @param user if user is null, then info will be AuthError. if user is defined, then info will be undefined.
+     * @param info AuthzError or undefined
+     * @returns
+     */
+    handleRequest<T>(_err: unknown, user: T, info?: AuthzError): T;
+    canActivate(context: ExecutionContext): Promise<boolean>;
+    logIn<TRequest extends {
+        logIn: Function;
+    } = any>(request: TRequest): Promise<void>;
+    getRequest(context: ExecutionContext): any;
+}, "als" | "reflector" | "authzProvider" | "sessionAuthzOptions">>;
+
+export { createSessionAuthzGuard };

package/dist/session/session-authz.guard.js

@@ -0,0 +1,142 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+var session_authz_guard_exports = {};
+__export(session_authz_guard_exports, {
+  createSessionAuthzGuard: () => createSessionAuthzGuard
+});
+module.exports = __toCommonJS(session_authz_guard_exports);
+var import_common = require("@nestjs/common");
+var import_core = require("@nestjs/core");
+var import_passport = require("@nestjs/passport");
+var import_authz = require("../authz.provider");
+var import_errors = require("../errors");
+var import_utils = require("../utils");
+function _ts_decorate(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate, "_ts_decorate");
+function _ts_metadata(k, v) {
+  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+}
+__name(_ts_metadata, "_ts_metadata");
+function _ts_param(paramIndex, decorator) {
+  return function(target, key) {
+    decorator(target, key, paramIndex);
+  };
+}
+__name(_ts_param, "_ts_param");
+const createSessionAuthzGuard = /* @__PURE__ */ __name(([SESSION_STRATEGY, AUTHZ_PROVIDER, SESSION_AUTHZ_OPTIONS, ALS_PROVIDER, SESSION_META_KEY]) => {
+  var _a;
+  let SessionAuthzGuard = (_a = class extends (0, import_passport.AuthGuard)(SESSION_STRATEGY) {
+    constructor(reflector, authzProvider, sessionAuthzOptions, als) {
+      super();
+      __publicField(this, "reflector");
+      __publicField(this, "authzProvider");
+      __publicField(this, "sessionAuthzOptions");
+      __publicField(this, "als");
+      this.reflector = reflector, this.authzProvider = authzProvider, this.sessionAuthzOptions = sessionAuthzOptions, this.als = als;
+    }
+    getAuthenticateOptions() {
+      return {
+        property: this.sessionAuthzOptions.passportProperty,
+        session: false
+      };
+    }
+    /**
+    *
+    * recives err, user, info from JwtStrategy.validate
+    *
+    * will return request.user=null if allowAnonymous=true
+    *
+    * @param _err will always be null
+    * @param user if user is null, then info will be AuthError. if user is defined, then info will be undefined.
+    * @param info AuthzError or undefined
+    * @returns
+    */
+    handleRequest(_err, user, info) {
+      const store = (0, import_utils.getAlsStore)(this.als);
+      if (info) {
+        if (store.allowAnonymous && info.name === import_errors.AuthzAnonymousError.name) {
+          return user;
+        }
+        store.guardResult = false;
+        throw info;
+      }
+      return user;
+    }
+    async canActivate(context) {
+      const store = (0, import_utils.getAlsStore)(this.als);
+      if ((0, import_utils.isNotFalsy)(store.guardResult)) {
+        return store.guardResult;
+      }
+      const paramsList = (0, import_utils.normalizedArray)(this.reflector.getAll(SESSION_META_KEY, [
+        context.getClass(),
+        context.getHandler()
+      ]));
+      const contextParamsList = (0, import_utils.getContextAuthzMetaParamsList)(paramsList, {
+        defaultOverride: this.sessionAuthzOptions.defaultOverride,
+        skipFalsyMetadata: this.sessionAuthzOptions.skipFalsyMetadata
+      });
+      if (!contextParamsList.length) {
+        return true;
+      }
+      const req = context.switchToHttp().getRequest();
+      store.allowAnonymous = (0, import_utils.getAllowAnonymous)(contextParamsList, {
+        defaultAllowAnonymous: this.sessionAuthzOptions.defaultAllowAnonymous
+      });
+      await super.canActivate(context);
+      if (typeof this.authzProvider.authorize !== "function") {
+        store.guardResult = true;
+        return true;
+      }
+      const user = (0, import_utils.getPassportProperty)(req);
+      if (!user && store.allowAnonymous) {
+        return true;
+      }
+      for (const ele of contextParamsList) {
+        if (!await this.authzProvider.authorize(user, ele.metaData)) {
+          return false;
+        }
+      }
+      return true;
+    }
+  }, __name(_a, "SessionAuthzGuard"), _a);
+  SessionAuthzGuard = _ts_decorate([
+    _ts_param(1, (0, import_common.Inject)(AUTHZ_PROVIDER)),
+    _ts_param(2, (0, import_common.Inject)(SESSION_AUTHZ_OPTIONS)),
+    _ts_param(3, (0, import_common.Inject)(ALS_PROVIDER)),
+    _ts_metadata("design:type", Function),
+    _ts_metadata("design:paramtypes", [
+      typeof import_core.Reflector === "undefined" ? Object : import_core.Reflector,
+      typeof import_authz.AuthzProviderClass === "undefined" ? Object : import_authz.AuthzProviderClass,
+      typeof SessionAuthzOptions === "undefined" ? Object : SessionAuthzOptions,
+      typeof AsyncLocalStorage === "undefined" ? Object : AsyncLocalStorage
+    ])
+  ], SessionAuthzGuard);
+  return (0, import_common.mixin)(SessionAuthzGuard);
+}, "createSessionAuthzGuard");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createSessionAuthzGuard
+});

package/dist/session/session-authz.interface.d.ts

@@ -0,0 +1,23 @@
+import { SessionOptions } from 'express-session';
+import { AuthzModuleBaseOptions } from '../utils/types.js';
+import '@nestjs/common';
+import '@nestjs/common/interfaces';
+import 'express';
+import '../authz.provider.js';
+
+type SessionAuthzModuleOptions = Partial<AuthzModuleBaseOptions> & {
+    session: SessionOptions & {
+        keepSessionInfo?: boolean;
+    };
+};
+declare const normalizedSessionAuthzModuleOptions: (options?: Partial<SessionAuthzModuleOptions>) => {
+    defaultOverride: boolean;
+    passportProperty: string;
+    skipFalsyMetadata: boolean;
+    defaultAllowAnonymous: boolean;
+    keepSessionInfo: boolean | undefined;
+    session: SessionOptions;
+};
+type SessionAuthzOptions = ReturnType<typeof normalizedSessionAuthzModuleOptions>;
+
+export { type SessionAuthzModuleOptions, type SessionAuthzOptions, normalizedSessionAuthzModuleOptions };

package/dist/session/session-authz.interface.js

@@ -0,0 +1,43 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var session_authz_interface_exports = {};
+__export(session_authz_interface_exports, {
+  normalizedSessionAuthzModuleOptions: () => normalizedSessionAuthzModuleOptions
+});
+module.exports = __toCommonJS(session_authz_interface_exports);
+var import_constants = require("../constants");
+const normalizedSessionAuthzModuleOptions = /* @__PURE__ */ __name((options = {}) => {
+  const { keepSessionInfo, ...sessionOpts } = options.session ?? {};
+  return {
+    defaultOverride: options.defaultOverride || false,
+    passportProperty: options.passportProperty || import_constants.DEFAULT_PASSPORT_PROPERTY_VALUE,
+    skipFalsyMetadata: options.skipFalsyMetadata || false,
+    defaultAllowAnonymous: options.defaultAllowAnonymous || false,
+    keepSessionInfo,
+    session: {
+      resave: false,
+      saveUninitialized: false,
+      ...sessionOpts
+    }
+  };
+}, "normalizedSessionAuthzModuleOptions");
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  normalizedSessionAuthzModuleOptions
+});

package/dist/session/session-authz.module.d.ts

@@ -0,0 +1,71 @@
+import * as _nestjs_core from '@nestjs/core';
+import { AuthzProviderClass } from '../authz.provider.js';
+import { AbstractConstructor, RoutesOptions, AuthzDecoParams, MethodParameters, ApplyDecorators, CookieOptionsWithSecret, AuthzModuleRoutesOptions, AuthzModuleBaseOptions } from '../utils/types.js';
+import { AsyncLocalStorage } from 'node:async_hooks';
+import * as _nestjs_common from '@nestjs/common';
+import { MiddlewareConsumer, DynamicModule, Type } from '@nestjs/common';
+import session from 'express-session';
+import { AuthzError } from '../errors.js';
+import { SessionAlsType } from './session-authz-als.middleware.js';
+import { SessionAuthzOptions, SessionAuthzModuleOptions } from './session-authz.interface.js';
+import '@nestjs/common/interfaces';
+import 'express';
+
+declare const ASYNC_OPTIONS_TYPE: _nestjs_common.ConfigurableModuleAsyncOptions<SessionAuthzModuleOptions, "createSessionAuthzModuleOptions"> & Partial<{
+    authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
+} & AuthzModuleRoutesOptions>;
+declare const OPTIONS_TYPE: Partial<AuthzModuleBaseOptions> & {
+    session: session.SessionOptions & {
+        keepSessionInfo?: boolean;
+    };
+} & Partial<{
+    authzProvider?: Type<AuthzProviderClass<unknown, unknown>>;
+} & AuthzModuleRoutesOptions>;
+declare const cereateSessionAuthzModule: <P, U, T extends AuthzProviderClass<P, U>>(authzProvider: AbstractConstructor<T, P, U>) => {
+    AuthzModule: {
+        new (routesOpt: RoutesOptions, sessionAuthzOptions: SessionAuthzOptions): {
+            [x: string]: any;
+            readonly routesOpt: RoutesOptions;
+            readonly sessionAuthzOptions: SessionAuthzOptions;
+            configure(consumer: MiddlewareConsumer): void;
+        };
+        /**
+         * Note: DO NOT register the same route in multiple session authz modules, or import the same session authz module in the same module multiple times, express-session middleware will not work properly.
+         */
+        register(options: Omit<typeof OPTIONS_TYPE, "authzProvider">): DynamicModule;
+        /**
+         * Note: DO NOT register the same route in multiple session authz modules, express-session middleware will not work properly.
+         */
+        registerAsync(options: typeof ASYNC_OPTIONS_TYPE): DynamicModule;
+    };
+    AuthzGuard: Type<Omit<{
+        readonly reflector: _nestjs_core.Reflector;
+        readonly authzProvider: AuthzProviderClass<unknown, unknown>;
+        readonly sessionAuthzOptions: SessionAuthzOptions;
+        readonly als: AsyncLocalStorage<SessionAlsType<unknown, unknown>>;
+        getAuthenticateOptions(): {
+            property: string;
+            session: boolean;
+        };
+        handleRequest<T_1>(_err: unknown, user: T_1, info?: AuthzError): T_1;
+        canActivate(context: _nestjs_common.ExecutionContext): Promise<boolean>;
+        logIn<TRequest extends {
+            logIn: Function;
+        } = any>(request: TRequest): Promise<void>;
+        getRequest(context: _nestjs_common.ExecutionContext): any;
+    }, "als" | "reflector" | "authzProvider" | "sessionAuthzOptions">> & {
+        Verify: (...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators;
+        NoVerify: () => MethodDecorator & ClassDecorator;
+        Apply: (...rest: Parameters<(...args: AuthzDecoParams<MethodParameters<T, "authorize">[1]>) => ApplyDecorators>) => <TFunction extends Function, Y>(target: TFunction | object, propertyKey?: string | symbol, descriptor?: TypedPropertyDescriptor<Y>) => void;
+    };
+    AuthzService: Type<Omit<{
+        readonly authzProvider: AuthzProviderClass<P, U>;
+        readonly als: AsyncLocalStorage<SessionAlsType<P, U>>;
+        logIn(user: U): Promise<void>;
+        logOut(): Promise<void>;
+        setCookie(name: string, value: string, options?: CookieOptionsWithSecret | undefined): void;
+        getUser(): U | undefined;
+    }, "als" | "authzProvider">>;
+};
+
+export { cereateSessionAuthzModule };