@nestjs-kitchen/authz 2.0.2 → 2.0.3

package/dist/jwt/jwt-authz.module.js

@@ -2,8 +2,6 @@ var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -17,7 +15,15 @@ var __copyProps = (to, from, except, desc) => {
   return to;
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
 var jwt_authz_module_exports = {};
 __export(jwt_authz_module_exports, {
   createJwtAuthzModule: () => createJwtAuthzModule
@@ -34,64 +40,51 @@ var import_jwt_authz = require("./jwt-authz.guard");
 var import_jwt_authz2 = require("./jwt-authz.interface");
 var import_jwt_authz3 = require("./jwt-authz.service");
 var import_jwt_authz4 = require("./jwt-authz.strategy");
-function _ts_decorate(decorators, target, key, desc) {
-  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-  return c > 3 && r && Object.defineProperty(target, key, r), r;
-}
-__name(_ts_decorate, "_ts_decorate");
-function _ts_metadata(k, v) {
-  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-}
-__name(_ts_metadata, "_ts_metadata");
-function _ts_param(paramIndex, decorator) {
-  return function(target, key) {
-    decorator(target, key, paramIndex);
-  };
-}
-__name(_ts_param, "_ts_param");
 const store = {
   globalInited: 0
 };
 const { ConfigurableModuleClass, MODULE_OPTIONS_TOKEN, ASYNC_OPTIONS_TYPE, OPTIONS_TYPE } = new import_common.ConfigurableModuleBuilder({
   moduleName: "JwtAuthModule"
-}).setFactoryMethodName("createJwtAuthzModuleOptions").setExtras({
-  authzProvider: void 0,
-  global: false
-}, (definition, extras) => {
-  const { authzProvider, global } = extras;
-  if (!authzProvider) {
-    throw new import_errors.AuthzError(`InternalError: Missing parameter 'authzProvider' in configuration.`);
-  }
-  const routes = (0, import_utils.normalizedArray)(extras.routes) ?? [];
-  const excludes = (0, import_utils.normalizedArray)(extras.excludes) ?? [];
-  if (!global && !routes.length) {
-    throw new import_errors.AuthzError(`InternalError: Missing parameter 'global' or 'routes' in configuration.`);
-  }
-  if (store.globalInited) {
-    throw new import_errors.AuthzError(`InternalError: Cannot initialize mutiple global modules. Only one global module is allowed.`);
-  }
-  if (global) {
-    store.globalInited += 1;
-  }
-  return (0, import_utils.mergeDynamicModuleConfigs)(definition, {
-    global,
-    providers: [
-      {
-        provide: import_constants.ROUTES_OPTIONS,
-        useValue: {
-          global,
-          excludes,
-          routes
+}).setFactoryMethodName("createJwtAuthzModuleOptions").setExtras(
+  {
+    authzProvider: void 0,
+    global: false
+  },
+  (definition, extras) => {
+    const { authzProvider, global } = extras;
+    if (!authzProvider) {
+      throw new import_errors.AuthzError(`InternalError: Missing parameter 'authzProvider' in configuration.`);
+    }
+    const routes = (0, import_utils.normalizedArray)(extras.routes) ?? [];
+    const excludes = (0, import_utils.normalizedArray)(extras.excludes) ?? [];
+    if (!global && !routes.length) {
+      throw new import_errors.AuthzError(`InternalError: Missing parameter 'global' or 'routes' in configuration.`);
+    }
+    if (store.globalInited) {
+      throw new import_errors.AuthzError(
+        `InternalError: Cannot initialize mutiple global modules. Only one global module is allowed.`
+      );
+    }
+    if (global) {
+      store.globalInited += 1;
+    }
+    return (0, import_utils.mergeDynamicModuleConfigs)(definition, {
+      global,
+      providers: [
+        {
+          provide: import_constants.ROUTES_OPTIONS,
+          useValue: {
+            global,
+            excludes,
+            routes
+          }
         }
-      }
-    ],
-    exports: []
-  });
-}).build();
-const createJwtAuthzModule = /* @__PURE__ */ __name((authzProvider) => {
-  var _a;
+      ],
+      exports: []
+    });
+  }
+).build();
+const createJwtAuthzModule = (authzProvider) => {
   const id = `${import_constants.PREFIX}${(0, import_uid.uid)()}`;
   const JWT_STRATEGY = `${id}_JWT_STRATEGY`;
   const JWT_REFRESH_STRATEGY = `${id}_REFRESH_STRATEGY`;
@@ -100,31 +93,13 @@ const createJwtAuthzModule = /* @__PURE__ */ __name((authzProvider) => {
   const JWT_AUTHZ_OPTIONS = `${id}_JWT_AUTHZ_OPTIONS`;
   const JWT_META_KEY = `${id}_JWT_META_KEY`;
   const JWT_REFRESH_META_KEY = `${id}_REFRESH_META_KEY`;
-  const JwtAuthzService = (0, import_jwt_authz3.createJwtAuthzService)([
-    AUTHZ_PROVIDER,
-    JWT_AUTHZ_OPTIONS,
-    ALS_PROVIDER
-  ]);
-  const JwtAuthzAlsMiddleware = (0, import_jwt_authz_als.createJwtAuthzAlsMiddleware)([
-    ALS_PROVIDER,
-    JWT_AUTHZ_OPTIONS
-  ]);
+  const JwtAuthzService = (0, import_jwt_authz3.createJwtAuthzService)([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]);
+  const JwtAuthzAlsMiddleware = (0, import_jwt_authz_als.createJwtAuthzAlsMiddleware)([ALS_PROVIDER, JWT_AUTHZ_OPTIONS]);
   const als = new import_node_async_hooks.AsyncLocalStorage();
-  const JwtStrategy = (0, import_jwt_authz4.createJwtStrategy)([
-    JWT_STRATEGY,
-    AUTHZ_PROVIDER,
-    ALS_PROVIDER
-  ]);
-  const RefreshStrategy = (0, import_jwt_authz4.createRefreshStrategy)([
-    JWT_REFRESH_STRATEGY,
-    AUTHZ_PROVIDER,
-    ALS_PROVIDER
-  ]);
+  const JwtStrategy = (0, import_jwt_authz4.createJwtStrategy)([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]);
+  const RefreshStrategy = (0, import_jwt_authz4.createRefreshStrategy)([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]);
   let isStrategyInited = false;
-  const RefreshAuthzGuard = (0, import_jwt_authz.createJwtRefreshAuthzGuard)([
-    JWT_REFRESH_STRATEGY,
-    JWT_AUTHZ_OPTIONS
-  ]);
+  const RefreshAuthzGuard = (0, import_jwt_authz.createJwtRefreshAuthzGuard)([JWT_REFRESH_STRATEGY, JWT_AUTHZ_OPTIONS]);
   const JwtAuthzGuard = (0, import_jwt_authz.createJwtAuthzGuard)([
     JWT_STRATEGY,
     AUTHZ_PROVIDER,
@@ -134,25 +109,26 @@ const createJwtAuthzModule = /* @__PURE__ */ __name((authzProvider) => {
     JWT_REFRESH_META_KEY
   ]);
   const Verify = (0, import_utils.createAuthzDecoratorFactory)(JWT_META_KEY);
-  const NoVerify = /* @__PURE__ */ __name(() => {
+  const NoVerify = () => {
     return (0, import_common.SetMetadata)(JWT_META_KEY, {
-      options: {
-        public: true,
-        override: true
-      }
+      options: { public: true, override: true }
     });
-  }, "NoVerify");
-  const Refresh = /* @__PURE__ */ __name(() => {
-    return (0, import_common.applyDecorators)(JwtAuthzGuard.NoVerify(), (0, import_common.SetMetadata)(JWT_REFRESH_META_KEY, true), (0, import_common.UseGuards)(RefreshAuthzGuard));
-  }, "Refresh");
-  const Apply = /* @__PURE__ */ __name((...rest) => {
+  };
+  const Refresh = () => {
+    return (0, import_common.applyDecorators)(
+      JwtAuthzGuard.NoVerify(),
+      (0, import_common.SetMetadata)(JWT_REFRESH_META_KEY, true),
+      (0, import_common.UseGuards)(RefreshAuthzGuard)
+    );
+  };
+  const Apply = (...rest) => {
     return (0, import_common.applyDecorators)(JwtAuthzGuard.Verify(...rest), (0, import_common.UseGuards)(JwtAuthzGuard));
-  }, "Apply");
+  };
   JwtAuthzGuard.Verify = Verify;
   JwtAuthzGuard.NoVerify = NoVerify;
   JwtAuthzGuard.Refresh = Refresh;
   JwtAuthzGuard.Apply = Apply;
-  const getCommonConfigs = /* @__PURE__ */ __name(() => {
+  const getCommonConfigs = () => {
     const configs = {
       providers: [
         {
@@ -163,37 +139,25 @@ const createJwtAuthzModule = /* @__PURE__ */ __name((authzProvider) => {
           provide: ALS_PROVIDER,
           useValue: als
         },
-        ...!isStrategyInited ? [
-          JwtStrategy,
-          RefreshStrategy
-        ] : [],
+        ...!isStrategyInited ? [JwtStrategy, RefreshStrategy] : [],
         JwtAuthzService
       ],
-      exports: [
-        AUTHZ_PROVIDER,
-        ALS_PROVIDER,
-        JWT_AUTHZ_OPTIONS,
-        JwtAuthzService
-      ]
+      exports: [AUTHZ_PROVIDER, ALS_PROVIDER, JWT_AUTHZ_OPTIONS, JwtAuthzService]
     };
     isStrategyInited = true;
     return configs;
-  }, "getCommonConfigs");
-  let JwtAuthzModule = (_a = class extends ConfigurableModuleClass {
+  };
+  let JwtAuthzModule = class extends ConfigurableModuleClass {
     constructor(routesOpt) {
       super();
-      __publicField(this, "routesOpt");
       this.routesOpt = routesOpt;
     }
     /**
-    * Configures authz module.
-    */
+     * Configures authz module.
+     */
     static register(options) {
       const jwtAuthzOptions = (0, import_jwt_authz2.normalizedJwtAuthzModuleOptions)(options);
-      return (0, import_utils.mergeDynamicModuleConfigs)(super.register({
-        ...options,
-        authzProvider
-      }), getCommonConfigs(), {
+      return (0, import_utils.mergeDynamicModuleConfigs)(super.register({ ...options, authzProvider }), getCommonConfigs(), {
         providers: [
           {
             provide: JWT_AUTHZ_OPTIONS,
@@ -203,105 +167,94 @@ const createJwtAuthzModule = /* @__PURE__ */ __name((authzProvider) => {
       });
     }
     /**
-    * Configures authz module asynchronously.
-    */
+     * Configures authz module asynchronously.
+     */
     static registerAsync(options) {
-      return (0, import_utils.mergeDynamicModuleConfigs)(super.registerAsync({
-        ...options,
-        authzProvider
-      }), getCommonConfigs(), {
+      return (0, import_utils.mergeDynamicModuleConfigs)(super.registerAsync({ ...options, authzProvider }), getCommonConfigs(), {
         providers: [
           {
             provide: JWT_AUTHZ_OPTIONS,
-            useFactory: /* @__PURE__ */ __name((moduleOptions) => {
+            useFactory: (moduleOptions) => {
               const jwtAuthzOptions = (0, import_jwt_authz2.normalizedJwtAuthzModuleOptions)(moduleOptions);
               return jwtAuthzOptions;
-            }, "useFactory"),
-            inject: [
-              MODULE_OPTIONS_TOKEN
-            ]
+            },
+            inject: [MODULE_OPTIONS_TOKEN]
           }
         ]
       });
     }
     configure(consumer) {
-      consumer.apply(JwtAuthzAlsMiddleware).exclude(...this.routesOpt.excludes).forRoutes(...this.routesOpt.global ? [
-        "*"
-      ] : this.routesOpt.routes);
+      consumer.apply(JwtAuthzAlsMiddleware).exclude(...this.routesOpt.excludes).forRoutes(...this.routesOpt.global ? ["*"] : this.routesOpt.routes);
     }
-  }, __name(_a, "JwtAuthzModule"), _a);
-  JwtAuthzModule = _ts_decorate([
+  };
+  JwtAuthzModule = __decorateClass([
     (0, import_common.Module)({}),
-    _ts_param(0, (0, import_common.Inject)(import_constants.ROUTES_OPTIONS)),
-    _ts_metadata("design:type", Function),
-    _ts_metadata("design:paramtypes", [
-      typeof RoutesOptions === "undefined" ? Object : RoutesOptions
-    ])
+    __decorateParam(0, (0, import_common.Inject)(import_constants.ROUTES_OPTIONS))
   ], JwtAuthzModule);
   return {
     /**
-    * A dynamic module used to configure JWT based authentication and authorization features for the application.
-    *
-    * This module can be configured using 2 static methods:
-    *
-    * - `register`
-    * - `registerAsync`
-    *
-    * ### Usage
-    *
-    * ```typescript
-    * ⁣@Module({
-    *   imports: [
-    *     // Import and configure JWT strategy
-    *     AuthzModule.register({
-    *       jwt: {
-    *         jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-    *         secret: '1234567890',
-    *         algorithm: 'HS256'
-    *       },
-    *       // Enable refresh token handling
-    *       refresh: {
-    *         jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-    *         secret: '0987654321',
-    *         algorithm: 'HS256'
-    *       },
-    *       // Apply strategy to specific controllers.
-    *       routes: [BusinessController]
-    *     })
-    *   ],
-    *   controllers: [BusinessController]
-    * })
-    * export class BusinessModule {}
-    * ```
-    */
+     * A dynamic module used to configure JWT based authentication and authorization features for the application.
+     *
+     * This module can be configured using 2 static methods:
+     *
+     * - `register`
+     * - `registerAsync`
+     *
+     * ### Usage
+     *
+     * ```typescript
+     * ⁣@Module({
+     *   imports: [
+     *     // Import and configure JWT strategy
+     *     AuthzModule.register({
+     *       jwt: {
+     *         jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+     *         secret: '1234567890',
+     *         algorithm: 'HS256'
+     *       },
+     *       // Enable refresh token handling
+     *       refresh: {
+     *         jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
+     *         secret: '0987654321',
+     *         algorithm: 'HS256'
+     *       },
+     *       // Apply strategy to specific controllers.
+     *       routes: [BusinessController]
+     *     })
+     *   ],
+     *   controllers: [BusinessController]
+     * })
+     * export class BusinessModule {}
+     * ```
+     */
     AuthzModule: JwtAuthzModule,
     /**
-    * A custom guard that applies authentication to controllers.
-    *
-    * This guard also provides 4 utility decorators to apply and modify authorization:
-    *
-    * - `@AuthzGuard.Verify`: Used to verify the user's authorization for specific meta data.
-    * - `@AuthzGuard.NoVerify`: Used to `skip` authentication & authorization checks for specific routes.
-    * - `@AuthzGuard.Apply`: A simplified version of `@UseGuards(AuthzGuard)` and `@AuthzGuard.Verify`, combining both for convenience.
-    * - `@AuthzGuard.Refresh`: Used to ensure that only using refresh token for authentication on specific routes, for refreshing JWT tokens.
-    *
-    * ### Usage:
-    *
-    * ```typescript
-    * ⁣@UseGuards(AuthzGuard)
-    * ⁣@Controller(/⁣/ ...)
-    * export class BusinessController {
-    *   // ...
-    * }
-    * ```
-    */
+     * A custom guard that applies authentication to controllers.
+     *
+     * This guard also provides 4 utility decorators to apply and modify authorization:
+     *
+     * - `@AuthzGuard.Verify`: Used to verify the user's authorization for specific meta data.
+     * - `@AuthzGuard.NoVerify`: Used to `skip` authentication & authorization checks for specific routes.
+     * - `@AuthzGuard.Apply`: A simplified version of `@UseGuards(AuthzGuard)` and `@AuthzGuard.Verify`, combining both for convenience.
+     * - `@AuthzGuard.Refresh`: Used to ensure that only using refresh token for authentication on specific routes, for refreshing JWT tokens.
+     *
+     * ### Usage:
+     *
+     * ```typescript
+     * ⁣@UseGuards(AuthzGuard)
+     * ⁣@Controller(/⁣/ ...)
+     * export class BusinessController {
+     *   // ...
+     * }
+     * ```
+     */
     AuthzGuard: JwtAuthzGuard,
     /**
-    * A custom servcie to provide methods to handle authentication and authorization.
-    */
+     * A custom servcie to provide methods to handle authentication and authorization.
+     */
     AuthzService: JwtAuthzService
   };
-}, "createJwtAuthzModule");
+};
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   createJwtAuthzModule

package/dist/jwt/jwt-authz.service.js

@@ -4,8 +4,6 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
-var __name = (target, value) => __defProp(target, "name", { value, configurable: true });
 var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
@@ -27,48 +25,35 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
   mod
 ));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result) __defProp(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
 var jwt_authz_service_exports = {};
 __export(jwt_authz_service_exports, {
   createJwtAuthzService: () => createJwtAuthzService
 });
 module.exports = __toCommonJS(jwt_authz_service_exports);
-var import_node_async_hooks = require("node:async_hooks");
 var import_common = require("@nestjs/common");
 var import_jsonwebtoken = __toESM(require("jsonwebtoken"));
-var import_authz = require("../authz.provider");
 var import_constants = require("../constants");
 var import_errors = require("../errors");
 var import_utils = require("../utils");
-function _ts_decorate(decorators, target, key, desc) {
-  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-  return c > 3 && r && Object.defineProperty(target, key, r), r;
-}
-__name(_ts_decorate, "_ts_decorate");
-function _ts_metadata(k, v) {
-  if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-}
-__name(_ts_metadata, "_ts_metadata");
-function _ts_param(paramIndex, decorator) {
-  return function(target, key) {
-    decorator(target, key, paramIndex);
-  };
-}
-__name(_ts_param, "_ts_param");
-const createJwtAuthzService = /* @__PURE__ */ __name(([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]) => {
-  var _a;
-  let JwtAuthzService = (_a = class {
+const createJwtAuthzService = ([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]) => {
+  let JwtAuthzService = class {
     constructor(authzProvider, jwtAuthzOptions, als) {
-      __publicField(this, "authzProvider");
-      __publicField(this, "jwtAuthzOptions");
-      __publicField(this, "als");
       this.authzProvider = authzProvider;
       this.jwtAuthzOptions = jwtAuthzOptions;
       this.als = als;
       if (typeof this.authzProvider.createPayload !== "function") {
-        throw new import_errors.AuthzError(`InternalError: Method 'createPayload' from abstract class 'AuthzProvider' must be implemented.`);
+        throw new import_errors.AuthzError(
+          `InternalError: Method 'createPayload' from abstract class 'AuthzProvider' must be implemented.`
+        );
       }
       if (!jwtAuthzOptions.jwt?.sign) {
         throw new import_errors.AuthzError(`InternalError: Missing JWT sign options.`);
@@ -78,20 +63,24 @@ const createJwtAuthzService = /* @__PURE__ */ __name(([AUTHZ_PROVIDER, JWT_AUTHZ
       }
     }
     /**
-    * Creates a JWT token with a payload generated by AuthzProviderClass.createPayload(). Optionally, includes a refresh token if configured.
-    *
-    * @param user - User entity
-    * @returns
-    * - `token` : The generated JWT access token.
-    * - `refresh` (optional): The generated refresh token, if enabled.
-    */
+     * Creates a JWT token with a payload generated by AuthzProviderClass.createPayload(). Optionally, includes a refresh token if configured.
+     *
+     * @param user - User entity
+     * @returns
+     * - `token` : The generated JWT access token.
+     * - `refresh` (optional): The generated refresh token, if enabled.
+     */
     async logIn(user) {
       const payload = await this.authzProvider.createPayload(user);
       const token = import_jsonwebtoken.default.sign(payload, this.jwtAuthzOptions.jwt.secretOrPrivateKey, this.jwtAuthzOptions.jwt.sign);
       if (this.jwtAuthzOptions.refresh) {
-        const refresh = import_jsonwebtoken.default.sign({
-          data: (0, import_utils.encodeMsgpackrString)(payload)
-        }, this.jwtAuthzOptions.refresh.secretOrPrivateKey, this.jwtAuthzOptions.refresh.sign);
+        const refresh = import_jsonwebtoken.default.sign(
+          {
+            data: (0, import_utils.encodeMsgpackrString)(payload)
+          },
+          this.jwtAuthzOptions.refresh.secretOrPrivateKey,
+          this.jwtAuthzOptions.refresh.sign
+        );
         return {
           token,
           refresh
@@ -102,12 +91,12 @@ const createJwtAuthzService = /* @__PURE__ */ __name(([AUTHZ_PROVIDER, JWT_AUTHZ
       };
     }
     /**
-    * Refreshes the JWT token for the provided user. If no user is provided, it attempts to retrieve the
-    * current user and generate a new token.
-    *
-    * @param [user] - User entity
-    * @returns
-    */
+     * Refreshes the JWT token for the provided user. If no user is provided, it attempts to retrieve the
+     * current user and generate a new token.
+     *
+     * @param [user] - User entity
+     * @returns
+     */
     async refresh(user) {
       if (!this.jwtAuthzOptions.refresh) {
         console.warn(`'refresh' method can only be called when configured in module options.`);
@@ -117,7 +106,9 @@ const createJwtAuthzService = /* @__PURE__ */ __name(([AUTHZ_PROVIDER, JWT_AUTHZ
       if (!user) {
         const store = (0, import_utils.getAlsStore)(this.als);
         if (store.jwtVerifiedBy !== import_constants.JwtValidationType.REFRESH) {
-          throw new import_errors.AuthzError(`InvocationError: Calling 'refresh' method without user parameter can only be called under @Refresh().`);
+          throw new import_errors.AuthzError(
+            `InvocationError: Calling 'refresh' method without user parameter can only be called under @Refresh().`
+          );
         }
         userParams = store.user;
       }
@@ -131,34 +122,28 @@ const createJwtAuthzService = /* @__PURE__ */ __name(([AUTHZ_PROVIDER, JWT_AUTHZ
       };
     }
     /**
-    * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
-    */
+     * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
+     */
     setCookie(...rest) {
       const store = (0, import_utils.getAlsStore)(this.als);
       store.setCookie(...rest);
     }
     /**
-    * Retrieves the current user associated with the request, if available.
-    */
+     * Retrieves the current user associated with the request, if available.
+     */
     getUser() {
       const store = (0, import_utils.getAlsStore)(this.als);
       const user = store.user;
       return user;
     }
-  }, __name(_a, "JwtAuthzService"), _a);
-  JwtAuthzService = _ts_decorate([
-    _ts_param(0, (0, import_common.Inject)(AUTHZ_PROVIDER)),
-    _ts_param(1, (0, import_common.Inject)(JWT_AUTHZ_OPTIONS)),
-    _ts_param(2, (0, import_common.Inject)(ALS_PROVIDER)),
-    _ts_metadata("design:type", Function),
-    _ts_metadata("design:paramtypes", [
-      typeof import_authz.AuthzProviderClass === "undefined" ? Object : import_authz.AuthzProviderClass,
-      typeof JwtAuthzOptions === "undefined" ? Object : JwtAuthzOptions,
-      typeof import_node_async_hooks.AsyncLocalStorage === "undefined" ? Object : import_node_async_hooks.AsyncLocalStorage
-    ])
+  };
+  JwtAuthzService = __decorateClass([
+    __decorateParam(0, (0, import_common.Inject)(AUTHZ_PROVIDER)),
+    __decorateParam(1, (0, import_common.Inject)(JWT_AUTHZ_OPTIONS)),
+    __decorateParam(2, (0, import_common.Inject)(ALS_PROVIDER))
   ], JwtAuthzService);
   return (0, import_common.mixin)(JwtAuthzService);
-}, "createJwtAuthzService");
+};
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   createJwtAuthzService