@nestjs-kitchen/authz 2.0.3 → 2.0.5

package/dist/jwt/jwt-authz.service.js

@@ -1,150 +1,119 @@
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
-  for (var i = decorators.length - 1, decorator; i >= 0; i--)
-    if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
-  return result;
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
 };
-var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
-var jwt_authz_service_exports = {};
-__export(jwt_authz_service_exports, {
-  createJwtAuthzService: () => createJwtAuthzService
-});
-module.exports = __toCommonJS(jwt_authz_service_exports);
-var import_common = require("@nestjs/common");
-var import_jsonwebtoken = __toESM(require("jsonwebtoken"));
-var import_constants = require("../constants");
-var import_errors = require("../errors");
-var import_utils = require("../utils");
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createJwtAuthzService = void 0;
+const node_async_hooks_1 = require("node:async_hooks");
+const common_1 = require("@nestjs/common");
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const authz_provider_1 = require("../authz.provider");
+const constants_1 = require("../constants");
+const errors_1 = require("../errors");
+const utils_1 = require("../utils");
 const createJwtAuthzService = ([AUTHZ_PROVIDER, JWT_AUTHZ_OPTIONS, ALS_PROVIDER]) => {
-  let JwtAuthzService = class {
-    constructor(authzProvider, jwtAuthzOptions, als) {
-      this.authzProvider = authzProvider;
-      this.jwtAuthzOptions = jwtAuthzOptions;
-      this.als = als;
-      if (typeof this.authzProvider.createPayload !== "function") {
-        throw new import_errors.AuthzError(
-          `InternalError: Method 'createPayload' from abstract class 'AuthzProvider' must be implemented.`
-        );
-      }
-      if (!jwtAuthzOptions.jwt?.sign) {
-        throw new import_errors.AuthzError(`InternalError: Missing JWT sign options.`);
-      }
-      if (this.jwtAuthzOptions.refresh && !this.jwtAuthzOptions.refresh.sign) {
-        throw new import_errors.AuthzError(`InternalError: Missing Refresh sign options.`);
-      }
-    }
-    /**
-     * Creates a JWT token with a payload generated by AuthzProviderClass.createPayload(). Optionally, includes a refresh token if configured.
-     *
-     * @param user - User entity
-     * @returns
-     * - `token` : The generated JWT access token.
-     * - `refresh` (optional): The generated refresh token, if enabled.
-     */
-    async logIn(user) {
-      const payload = await this.authzProvider.createPayload(user);
-      const token = import_jsonwebtoken.default.sign(payload, this.jwtAuthzOptions.jwt.secretOrPrivateKey, this.jwtAuthzOptions.jwt.sign);
-      if (this.jwtAuthzOptions.refresh) {
-        const refresh = import_jsonwebtoken.default.sign(
-          {
-            data: (0, import_utils.encodeMsgpackrString)(payload)
-          },
-          this.jwtAuthzOptions.refresh.secretOrPrivateKey,
-          this.jwtAuthzOptions.refresh.sign
-        );
-        return {
-          token,
-          refresh
-        };
-      }
-      return {
-        token
-      };
-    }
-    /**
-     * Refreshes the JWT token for the provided user. If no user is provided, it attempts to retrieve the
-     * current user and generate a new token.
-     *
-     * @param [user] - User entity
-     * @returns
-     */
-    async refresh(user) {
-      if (!this.jwtAuthzOptions.refresh) {
-        console.warn(`'refresh' method can only be called when configured in module options.`);
-        return void 0;
-      }
-      let userParams = user;
-      if (!user) {
-        const store = (0, import_utils.getAlsStore)(this.als);
-        if (store.jwtVerifiedBy !== import_constants.JwtValidationType.REFRESH) {
-          throw new import_errors.AuthzError(
-            `InvocationError: Calling 'refresh' method without user parameter can only be called under @Refresh().`
-          );
+    let JwtAuthzService = class JwtAuthzService {
+        constructor(authzProvider, jwtAuthzOptions, als) {
+            this.authzProvider = authzProvider;
+            this.jwtAuthzOptions = jwtAuthzOptions;
+            this.als = als;
+            if (typeof this.authzProvider.createPayload !== 'function') {
+                throw new errors_1.AuthzError(`InternalError: Method 'createPayload' from abstract class 'AuthzProvider' must be implemented.`);
+            }
+            if (!jwtAuthzOptions.jwt?.sign) {
+                throw new errors_1.AuthzError(`InternalError: Missing JWT sign options.`);
+            }
+            if (this.jwtAuthzOptions.refresh && !this.jwtAuthzOptions.refresh.sign) {
+                throw new errors_1.AuthzError(`InternalError: Missing Refresh sign options.`);
+            }
+        }
+        /**
+         * Creates a JWT token with a payload generated by AuthzProviderClass.createPayload(). Optionally, includes a refresh token if configured.
+         *
+         * @param user - User entity
+         * @returns
+         * - `token` : The generated JWT access token.
+         * - `refresh` (optional): The generated refresh token, if enabled.
+         */
+        async logIn(user) {
+            const payload = (await this.authzProvider.createPayload(user));
+            const token = jsonwebtoken_1.default.sign(payload, this.jwtAuthzOptions.jwt.secretOrPrivateKey, this.jwtAuthzOptions.jwt.sign);
+            if (this.jwtAuthzOptions.refresh) {
+                const refresh = jsonwebtoken_1.default.sign({
+                    data: (0, utils_1.encodeMsgpackrString)(payload)
+                }, this.jwtAuthzOptions.refresh.secretOrPrivateKey, this.jwtAuthzOptions.refresh.sign);
+                return {
+                    token,
+                    refresh
+                };
+            }
+            return {
+                token
+            };
+        }
+        /**
+         * Refreshes the JWT token for the provided user. If no user is provided, it attempts to retrieve the
+         * current user and generate a new token.
+         *
+         * @param [user] - User entity
+         * @returns
+         */
+        async refresh(user) {
+            if (!this.jwtAuthzOptions.refresh) {
+                console.warn(`'refresh' method can only be called when configured in module options.`);
+                return undefined;
+            }
+            let userParams = user;
+            if (!user) {
+                const store = (0, utils_1.getAlsStore)(this.als);
+                if (store.jwtVerifiedBy !== constants_1.JwtValidationType.REFRESH) {
+                    throw new errors_1.AuthzError(`InvocationError: Calling 'refresh' method without user parameter can only be called under @Refresh().`);
+                }
+                userParams = store.user;
+            }
+            if (!userParams) {
+                throw new errors_1.AuthzError(`ParameterError: User data is undefined.`);
+            }
+            const payload = (await this.authzProvider.createPayload(userParams));
+            const token = jsonwebtoken_1.default.sign(payload, this.jwtAuthzOptions.jwt.secretOrPrivateKey, this.jwtAuthzOptions.jwt.sign);
+            return {
+                token
+            };
+        }
+        /**
+         * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
+         */
+        setCookie(...rest) {
+            const store = (0, utils_1.getAlsStore)(this.als);
+            store.setCookie(...rest);
+        }
+        /**
+         * Retrieves the current user associated with the request, if available.
+         */
+        getUser() {
+            const store = (0, utils_1.getAlsStore)(this.als);
+            const user = store.user;
+            return user;
         }
-        userParams = store.user;
-      }
-      if (!userParams) {
-        throw new import_errors.AuthzError(`ParameterError: User data is undefined.`);
-      }
-      const payload = await this.authzProvider.createPayload(userParams);
-      const token = import_jsonwebtoken.default.sign(payload, this.jwtAuthzOptions.jwt.secretOrPrivateKey, this.jwtAuthzOptions.jwt.sign);
-      return {
-        token
-      };
-    }
-    /**
-     * Sets a secure HTTP cookie with the given name, value, and optional cookie options.
-     */
-    setCookie(...rest) {
-      const store = (0, import_utils.getAlsStore)(this.als);
-      store.setCookie(...rest);
-    }
-    /**
-     * Retrieves the current user associated with the request, if available.
-     */
-    getUser() {
-      const store = (0, import_utils.getAlsStore)(this.als);
-      const user = store.user;
-      return user;
-    }
-  };
-  JwtAuthzService = __decorateClass([
-    __decorateParam(0, (0, import_common.Inject)(AUTHZ_PROVIDER)),
-    __decorateParam(1, (0, import_common.Inject)(JWT_AUTHZ_OPTIONS)),
-    __decorateParam(2, (0, import_common.Inject)(ALS_PROVIDER))
-  ], JwtAuthzService);
-  return (0, import_common.mixin)(JwtAuthzService);
+    };
+    JwtAuthzService = __decorate([
+        __param(0, (0, common_1.Inject)(AUTHZ_PROVIDER)),
+        __param(1, (0, common_1.Inject)(JWT_AUTHZ_OPTIONS)),
+        __param(2, (0, common_1.Inject)(ALS_PROVIDER)),
+        __metadata("design:paramtypes", [authz_provider_1.AuthzProviderClass, Object, node_async_hooks_1.AsyncLocalStorage])
+    ], JwtAuthzService);
+    return (0, common_1.mixin)(JwtAuthzService);
 };
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  createJwtAuthzService
-});
+exports.createJwtAuthzService = createJwtAuthzService;

package/dist/jwt/jwt-authz.strategy.d.ts

@@ -1,28 +1,16 @@
-import * as _nestjs_common from '@nestjs/common';
 import { AsyncLocalStorage } from 'node:async_hooks';
-import { Request } from 'express';
-import { AuthzProviderClass } from '../authz.provider.js';
-import { JwtAlsType } from './jwt-authz-als.middleware.js';
-import '../constants.js';
-import '../utils/types.js';
-import '@nestjs/common/interfaces';
-import './jwt-authz.interface.js';
-import 'crypto';
-import 'jsonwebtoken';
-import './extract-jwt.js';
-import 'cookie';
-
-declare const createJwtStrategy: ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => _nestjs_common.Type<Omit<{
+import type { Request } from 'express';
+import { AuthzProviderClass } from '../authz.provider';
+import type { JwtAlsType } from './jwt-authz-als.middleware';
+export declare const createJwtStrategy: ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => import("@nestjs/common").Type<Omit<{
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
     validate(req: Request): Promise<{}>;
     authenticate(req: Request, options?: any): any;
 }, "als" | "authzProvider">>;
-declare const createRefreshStrategy: ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => _nestjs_common.Type<Omit<{
+export declare const createRefreshStrategy: ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]: [string, any, any]) => import("@nestjs/common").Type<Omit<{
     readonly authzProvider: AuthzProviderClass<unknown, unknown>;
     readonly als: AsyncLocalStorage<JwtAlsType<unknown>>;
     validate(req: Request): Promise<{}>;
     authenticate(req: Request, options?: any): any;
 }, "als" | "authzProvider">>;
-
-export { createJwtStrategy, createRefreshStrategy };

package/dist/jwt/jwt-authz.strategy.js

@@ -1,157 +1,134 @@
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
 };
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var __decorateClass = (decorators, target, key, kind) => {
-  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
-  for (var i = decorators.length - 1, decorator; i >= 0; i--)
-    if (decorator = decorators[i])
-      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
-  if (kind && result) __defProp(target, key, result);
-  return result;
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
 };
-var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
-var jwt_authz_strategy_exports = {};
-__export(jwt_authz_strategy_exports, {
-  createJwtStrategy: () => createJwtStrategy,
-  createRefreshStrategy: () => createRefreshStrategy
-});
-module.exports = __toCommonJS(jwt_authz_strategy_exports);
-var import_common = require("@nestjs/common");
-var import_passport = require("@nestjs/passport");
-var import_jsonwebtoken = __toESM(require("jsonwebtoken"));
-var import_passport_custom = require("passport-custom");
-var import_constants = require("../constants");
-var import_errors = require("../errors");
-var import_utils = require("../utils");
-var import_extract_jwt = require("./extract-jwt");
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createRefreshStrategy = exports.createJwtStrategy = void 0;
+const node_async_hooks_1 = require("node:async_hooks");
+const common_1 = require("@nestjs/common");
+const passport_1 = require("@nestjs/passport");
+const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const passport_custom_1 = require("passport-custom");
+const authz_provider_1 = require("../authz.provider");
+const constants_1 = require("../constants");
+const errors_1 = require("../errors");
+const utils_1 = require("../utils");
+const extract_jwt_1 = require("./extract-jwt");
 const createJwtStrategy = ([JWT_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]) => {
-  let JwtStrategy = class extends (0, import_passport.PassportStrategy)(import_passport_custom.Strategy, JWT_STRATEGY) {
-    constructor(authzProvider, als) {
-      super();
-      this.authzProvider = authzProvider;
-      this.als = als;
-      if (typeof this.authzProvider.authenticate !== "function") {
-        throw new import_errors.AuthzError(
-          `InternalError: Method 'authenticate' from abstract class 'AuthzProvider' must be implemented.`
-        );
-      }
-    }
-    async validate(req) {
-      const store = (0, import_utils.getAlsStore)(this.als);
-      const authOptions = store.authOptions;
-      if (!authOptions.jwt.verify) {
-        return [null, new import_errors.AuthzError(`InternalError: Refresh verify options must be implemented.`)];
-      }
-      const extractor = import_extract_jwt.ExtractJwt.fromExtractors(authOptions.jwt.jwtFromRequest);
-      req[import_constants.PASSPORT_PROPERTY] = authOptions.passportProperty;
-      const token = extractor(req);
-      if (!token) {
-        return [null, new import_errors.AuthzAnonymousError("AnonymousError: Cannnot find token.")];
-      }
-      let user = void 0;
-      try {
-        const payload = import_jsonwebtoken.default.verify(token, authOptions.jwt.secretOrPublicKey, authOptions.jwt.verify);
-        user = await this.authzProvider.authenticate(payload);
-      } catch (error) {
-        return [
-          null,
-          error instanceof Error ? new import_errors.AuthzVerificationError(`${error.name}: ${error.message}`, error) : new import_errors.AuthzVerificationError(`${error}`)
-        ];
-      }
-      store.user = user;
-      store.jwtVerifiedBy = import_constants.JwtValidationType.JWT;
-      if (!user) {
-        return [null, new import_errors.AuthzAnonymousError("AnonymousError: Cannnot find user.")];
-      }
-      return user;
-    }
-  };
-  JwtStrategy = __decorateClass([
-    __decorateParam(0, (0, import_common.Inject)(AUTHZ_PROVIDER)),
-    __decorateParam(1, (0, import_common.Inject)(ALS_PROVIDER))
-  ], JwtStrategy);
-  return (0, import_common.mixin)(JwtStrategy);
+    let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(passport_custom_1.Strategy, JWT_STRATEGY) {
+        constructor(authzProvider, als) {
+            super();
+            this.authzProvider = authzProvider;
+            this.als = als;
+            if (typeof this.authzProvider.authenticate !== 'function') {
+                throw new errors_1.AuthzError(`InternalError: Method 'authenticate' from abstract class 'AuthzProvider' must be implemented.`);
+            }
+        }
+        async validate(req) {
+            const store = (0, utils_1.getAlsStore)(this.als);
+            const authOptions = store.authOptions;
+            if (!authOptions.jwt.verify) {
+                return [null, new errors_1.AuthzError(`InternalError: Refresh verify options must be implemented.`)];
+            }
+            const extractor = extract_jwt_1.ExtractJwt.fromExtractors(authOptions.jwt.jwtFromRequest);
+            req[constants_1.PASSPORT_PROPERTY] = authOptions.passportProperty;
+            const token = extractor(req);
+            if (!token) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find token.')];
+            }
+            let user = undefined;
+            try {
+                const payload = jsonwebtoken_1.default.verify(token, authOptions.jwt.secretOrPublicKey, authOptions.jwt.verify);
+                user = await this.authzProvider.authenticate(payload, req);
+            }
+            catch (error) {
+                return [
+                    null,
+                    error instanceof Error
+                        ? new errors_1.AuthzVerificationError(`${error.name}: ${error.message}`, error)
+                        : new errors_1.AuthzVerificationError(`${error}`)
+                ];
+            }
+            store.user = user;
+            store.jwtVerifiedBy = constants_1.JwtValidationType.JWT;
+            if (!user) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find user.')];
+            }
+            return user;
+        }
+    };
+    JwtStrategy = __decorate([
+        __param(0, (0, common_1.Inject)(AUTHZ_PROVIDER)),
+        __param(1, (0, common_1.Inject)(ALS_PROVIDER)),
+        __metadata("design:paramtypes", [authz_provider_1.AuthzProviderClass,
+            node_async_hooks_1.AsyncLocalStorage])
+    ], JwtStrategy);
+    return (0, common_1.mixin)(JwtStrategy);
 };
+exports.createJwtStrategy = createJwtStrategy;
 const createRefreshStrategy = ([JWT_REFRESH_STRATEGY, AUTHZ_PROVIDER, ALS_PROVIDER]) => {
-  let RefreshStrategy = class extends (0, import_passport.PassportStrategy)(import_passport_custom.Strategy, JWT_REFRESH_STRATEGY) {
-    constructor(authzProvider, als) {
-      super();
-      this.authzProvider = authzProvider;
-      this.als = als;
-      if (typeof this.authzProvider.authenticate !== "function") {
-        throw new import_errors.AuthzError(
-          `InternalError: Method 'authenticate' from abstract class 'AuthzProvider' must be implemented.`
-        );
-      }
-    }
-    async validate(req) {
-      const store = (0, import_utils.getAlsStore)(this.als);
-      const authOptions = store.authOptions;
-      if (!authOptions.refresh.verify) {
-        return [null, new import_errors.AuthzError(`InternalError: Refresh verify options must be implemented.`)];
-      }
-      const extractor = import_extract_jwt.ExtractJwt.fromExtractors(authOptions.refresh.jwtFromRequest);
-      req[import_constants.PASSPORT_PROPERTY] = authOptions.passportProperty;
-      const token = extractor(req);
-      if (!token) {
-        return [null, new import_errors.AuthzAnonymousError("AnonymousError: Cannnot find token.")];
-      }
-      let user = void 0;
-      try {
-        const payload = import_jsonwebtoken.default.verify(
-          token,
-          authOptions.refresh.secretOrPublicKey,
-          authOptions.refresh.verify
-        );
-        const decodePayload = (0, import_utils.decodeMsgpackrString)(payload.data);
-        user = await this.authzProvider.authenticate(decodePayload);
-      } catch (error) {
-        return [
-          null,
-          error instanceof Error ? new import_errors.AuthzVerificationError(`${error.name}: ${error.message}`, error) : new import_errors.AuthzVerificationError(`${error}`)
-        ];
-      }
-      store.user = user;
-      store.jwtVerifiedBy = import_constants.JwtValidationType.REFRESH;
-      if (!user) {
-        return [null, new import_errors.AuthzAnonymousError("AnonymousError: Cannnot find user.")];
-      }
-      return user;
-    }
-  };
-  RefreshStrategy = __decorateClass([
-    (0, import_common.Injectable)(),
-    __decorateParam(0, (0, import_common.Inject)(AUTHZ_PROVIDER)),
-    __decorateParam(1, (0, import_common.Inject)(ALS_PROVIDER))
-  ], RefreshStrategy);
-  return (0, import_common.mixin)(RefreshStrategy);
+    let RefreshStrategy = class RefreshStrategy extends (0, passport_1.PassportStrategy)(passport_custom_1.Strategy, JWT_REFRESH_STRATEGY) {
+        constructor(authzProvider, als) {
+            super();
+            this.authzProvider = authzProvider;
+            this.als = als;
+            if (typeof this.authzProvider.authenticate !== 'function') {
+                throw new errors_1.AuthzError(`InternalError: Method 'authenticate' from abstract class 'AuthzProvider' must be implemented.`);
+            }
+        }
+        async validate(req) {
+            const store = (0, utils_1.getAlsStore)(this.als);
+            const authOptions = store.authOptions;
+            if (!authOptions.refresh.verify) {
+                return [null, new errors_1.AuthzError(`InternalError: Refresh verify options must be implemented.`)];
+            }
+            const extractor = extract_jwt_1.ExtractJwt.fromExtractors(authOptions.refresh.jwtFromRequest);
+            req[constants_1.PASSPORT_PROPERTY] = authOptions.passportProperty;
+            const token = extractor(req);
+            if (!token) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find token.')];
+            }
+            let user = undefined;
+            try {
+                const payload = jsonwebtoken_1.default.verify(token, authOptions.refresh.secretOrPublicKey, authOptions.refresh.verify);
+                const decodePayload = (0, utils_1.decodeMsgpackrString)(payload.data);
+                user = await this.authzProvider.authenticate(decodePayload, req);
+            }
+            catch (error) {
+                return [
+                    null,
+                    error instanceof Error
+                        ? new errors_1.AuthzVerificationError(`${error.name}: ${error.message}`, error)
+                        : new errors_1.AuthzVerificationError(`${error}`)
+                ];
+            }
+            store.user = user;
+            store.jwtVerifiedBy = constants_1.JwtValidationType.REFRESH;
+            if (!user) {
+                return [null, new errors_1.AuthzAnonymousError('AnonymousError: Cannnot find user.')];
+            }
+            return user;
+        }
+    };
+    RefreshStrategy = __decorate([
+        (0, common_1.Injectable)(),
+        __param(0, (0, common_1.Inject)(AUTHZ_PROVIDER)),
+        __param(1, (0, common_1.Inject)(ALS_PROVIDER)),
+        __metadata("design:paramtypes", [authz_provider_1.AuthzProviderClass,
+            node_async_hooks_1.AsyncLocalStorage])
+    ], RefreshStrategy);
+    return (0, common_1.mixin)(RefreshStrategy);
 };
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  createJwtStrategy,
-  createRefreshStrategy
-});
+exports.createRefreshStrategy = createRefreshStrategy;

package/dist/session/index.d.ts

@@ -1,12 +1 @@
-export { cereateSessionAuthzModule } from './session-authz.module.js';
-import '@nestjs/core';
-import './session-authz.interface.js';
-import 'express-session';
-import '../utils/types.js';
-import '@nestjs/common';
-import '@nestjs/common/interfaces';
-import 'express';
-import '../authz.provider.js';
-import 'node:async_hooks';
-import '../errors.js';
-import './session-authz-als.middleware.js';
+export { cereateSessionAuthzModule } from './session-authz.module';