@node-c/api-http 1.0.0-alpha4

package/dist/middlewares/http.middlewares.cors.js

@@ -0,0 +1,47 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HTTPCORSMiddleware = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@node-c/core");
+const definitions_1 = require("../common/definitions");
+let HTTPCORSMiddleware = class HTTPCORSMiddleware {
+    constructor(configProvider, moduleName) {
+        this.configProvider = configProvider;
+        this.moduleName = moduleName;
+    }
+    use(req, res, next) {
+        const allowedOrigins = this.configProvider.config.api[this.moduleName].allowedOrigins;
+        const origin = req.headers.origin;
+        if (allowedOrigins === null || allowedOrigins === void 0 ? void 0 : allowedOrigins.includes(origin)) {
+            res.set('Access-Control-Allow-Origin', origin);
+        }
+        res.set('Access-Control-Allow-Headers', 'accept,accept-encoding,accept-language,authorization,connection,content-type,host,origin,referer,user-agent');
+        res.set('Access-Control-Expose-Headers', 'Authorization');
+        res.set('Access-Control-Allow-Methods', 'OPTIONS,GET,POST,PUT,PATCH,DELETE');
+        res.set('Access-Control-Allow-Credentials', 'true');
+        if (req.method.toLowerCase() === 'options') {
+            res.status(common_1.HttpStatus.OK).end();
+            return;
+        }
+        next();
+    }
+};
+exports.HTTPCORSMiddleware = HTTPCORSMiddleware;
+exports.HTTPCORSMiddleware = HTTPCORSMiddleware = __decorate([
+    (0, common_1.Injectable)(),
+    __param(1, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
+    __metadata("design:paramtypes", [core_1.ConfigProviderService, String])
+], HTTPCORSMiddleware);
+//# sourceMappingURL=http.middlewares.cors.js.map

package/dist/middlewares/http.middlewares.cors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.middlewares.cors.js","sourceRoot":"","sources":["../../src/middlewares/http.middlewares.cors.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAgF;AAEhF,uCAAuE;AAGvE,uDAAqE;AAG9D,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC7B,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,GAAG,CAAC,GAA+B,EAAE,GAAa,EAAE,IAAkB;QACpE,MAAM,cAAc,GAAI,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAI,CAAC,IAAI,CAAC,UAAU,CAAsB,CAAC,cAAc,CAAC;QAC7G,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAgB,CAAC;QAC5C,IAAI,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;QACjD,CAAC;QACD,GAAG,CAAC,GAAG,CACL,8BAA8B,EAC9B,6GAA6G,CAC9G,CAAC;QACF,GAAG,CAAC,GAAG,CAAC,+BAA+B,EAAE,eAAe,CAAC,CAAC;QAC1D,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,mCAAmC,CAAC,CAAC;QAC7E,GAAG,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;QACpD,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,SAAS,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,mBAAU,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;YAChC,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC;CACF,CAAA;AA5BY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADR,4BAAqB;GAHtC,kBAAkB,CA4B9B"}

package/dist/middlewares/index.d.ts

@@ -0,0 +1,2 @@
+export * from './http.middlewares.authentication';
+export * from './http.middlewares.cors';

package/dist/middlewares/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./http.middlewares.authentication"), exports);
+__exportStar(require("./http.middlewares.cors"), exports);
+//# sourceMappingURL=index.js.map

package/dist/middlewares/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oEAAkD;AAClD,0DAAwC"}

package/dist/module/http.api.module.d.ts

@@ -0,0 +1,13 @@
+import { DynamicModule, MiddlewareConsumer } from '@nestjs/common';
+import { ConfigProviderService } from '@node-c/core';
+import { Response } from 'express';
+import { HTTPAPIModuleOptions } from './http.api.module.definitions';
+import { RequestWithLocals } from '../common/definitions';
+export declare class HTTPAPIModule {
+    protected configProvider: ConfigProviderService;
+    protected moduleName: string;
+    constructor(configProvider: ConfigProviderService, moduleName: string);
+    configure(consumer: MiddlewareConsumer): void;
+    static rawBodyBuffer(req: RequestWithLocals<unknown>, _res: Response, buffer: Buffer): void;
+    static register(options: HTTPAPIModuleOptions): DynamicModule;
+}

package/dist/module/http.api.module.definitions.d.ts

@@ -0,0 +1,14 @@
+import { ModuleMetadata } from '@nestjs/common';
+import { GenericObject } from '@node-c/core';
+export interface HTTPAPIModuleOptions {
+    controllers?: ModuleMetadata['controllers'];
+    exports?: ModuleMetadata['exports'];
+    folderData: GenericObject<unknown>;
+    imports?: {
+        atEnd?: ModuleMetadata['imports'];
+        atStart?: ModuleMetadata['imports'];
+    };
+    moduleClass: unknown;
+    moduleName: string;
+    providers?: ModuleMetadata['providers'];
+}

package/dist/module/http.api.module.definitions.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=http.api.module.definitions.js.map

package/dist/module/http.api.module.definitions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.api.module.definitions.js","sourceRoot":"","sources":["../../src/module/http.api.module.definitions.ts"],"names":[],"mappings":""}

package/dist/module/http.api.module.js

@@ -0,0 +1,82 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var HTTPAPIModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HTTPAPIModule = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@node-c/core");
+const cookie_parser_1 = __importDefault(require("cookie-parser"));
+const express_1 = __importDefault(require("express"));
+const definitions_1 = require("../common/definitions");
+const exceptionFilters_1 = require("../exceptionFilters");
+const interceptors_1 = require("../interceptors");
+const middlewares_1 = require("../middlewares");
+let HTTPAPIModule = HTTPAPIModule_1 = class HTTPAPIModule {
+    constructor(configProvider, moduleName) {
+        this.configProvider = configProvider;
+        this.moduleName = moduleName;
+    }
+    configure(consumer) {
+        consumer.apply(express_1.default.urlencoded({ verify: HTTPAPIModule_1.rawBodyBuffer, extended: true })).forRoutes('*');
+        consumer.apply(express_1.default.json({ verify: HTTPAPIModule_1.rawBodyBuffer })).forRoutes('*');
+        consumer.apply((0, cookie_parser_1.default)()).forRoutes('*');
+        consumer.apply(middlewares_1.HTTPCORSMiddleware).forRoutes('*');
+        consumer.apply(middlewares_1.HTTPAuthenticationMiddleware).forRoutes('*');
+    }
+    static rawBodyBuffer(req, _res, buffer) {
+        if (buffer && buffer.length) {
+            req.rawBody = buffer.toString();
+        }
+    }
+    static register(options) {
+        const { folderData, imports: additionalImports, moduleClass } = options;
+        const { atEnd: importsAtEnd, atStart: importsAtStart } = additionalImports || {};
+        const { controllers, services } = (0, core_1.loadDynamicModules)(folderData);
+        return {
+            module: moduleClass,
+            imports: [...(importsAtStart || []), ...(importsAtEnd || [])],
+            providers: [
+                {
+                    provide: definitions_1.Constants.API_MODULE_NAME,
+                    useValue: options.moduleName
+                },
+                {
+                    provide: definitions_1.Constants.AUTHORIZATION_INTERCEPTOR,
+                    useClass: interceptors_1.HTTPAuthorizationInterceptor
+                },
+                {
+                    provide: definitions_1.Constants.ERROR_INTERCEPTOR,
+                    useClass: interceptors_1.HTTPErrorInterceptor
+                },
+                {
+                    provide: definitions_1.Constants.HTTP_EXCEPTION_FILTER,
+                    useClass: exceptionFilters_1.HttpExceptionFilter
+                },
+                ...(options.providers || []),
+                ...(services || [])
+            ],
+            controllers: [...(controllers || []), ...(options.controllers || [])],
+            exports: [...(services || []), ...(options.exports || [])]
+        };
+    }
+};
+exports.HTTPAPIModule = HTTPAPIModule;
+exports.HTTPAPIModule = HTTPAPIModule = HTTPAPIModule_1 = __decorate([
+    __param(1, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
+    __metadata("design:paramtypes", [core_1.ConfigProviderService, String])
+], HTTPAPIModule);
+//# sourceMappingURL=http.api.module.js.map

package/dist/module/http.api.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.api.module.js","sourceRoot":"","sources":["../../src/module/http.api.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA2F;AAE3F,uCAAyE;AAEzE,kEAAyC;AACzC,sDAA4C;AAI5C,uDAAqE;AACrE,0DAA0D;AAC1D,kDAAqF;AACrF,gDAAkF;AAElF,IAAa,aAAa,qBAA1B,MAAa,aAAa;IACxB,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,SAAS,CAAC,QAA4B;QACpC,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,UAAU,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC3G,QAAQ,CAAC,KAAK,CAAC,iBAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,eAAa,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACrF,QAAQ,CAAC,KAAK,CAAC,IAAA,uBAAY,GAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC9C,QAAQ,CAAC,KAAK,CAAC,gCAAkB,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAClD,QAAQ,CAAC,KAAK,CAAC,0CAA4B,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,CAAC,aAAa,CAAC,GAA+B,EAAE,IAAc,EAAE,MAAc;QAClF,IAAI,MAAM,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAC5B,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QAClC,CAAC;IACH,CAAC;IAED,MAAM,CAAC,QAAQ,CAAC,OAA6B;QAC3C,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,iBAAiB,IAAI,EAAE,CAAC;QACjF,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,IAAA,yBAAkB,EAAC,UAAU,CAAC,CAAC;QACjE,OAAO;YACL,MAAM,EAAE,WAAsC;YAC9C,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;YAC7D,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,uBAAS,CAAC,eAAe;oBAClC,QAAQ,EAAE,OAAO,CAAC,UAAU;iBAC7B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,yBAAyB;oBAC5C,QAAQ,EAAE,2CAA4B;iBACvC;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,iBAAiB;oBACpC,QAAQ,EAAE,mCAAoB;iBAC/B;gBACD;oBACE,OAAO,EAAE,uBAAS,CAAC,qBAAqB;oBACxC,QAAQ,EAAE,sCAAmB;iBAC9B;gBACD,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;gBAC5B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;aACpB;YACD,WAAW,EAAE,CAAC,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,CAAC,CAA6C;YACjH,OAAO,EAAE,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;SAC3D,CAAC;IACJ,CAAC;CACF,CAAA;AAtDY,sCAAa;wBAAb,aAAa;IAIrB,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADR,4BAAqB;GAHtC,aAAa,CAsDzB"}

package/dist/module/index.d.ts

@@ -0,0 +1,2 @@
+export * from './http.api.module';
+export * from './http.api.module.definitions';

package/dist/module/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./http.api.module"), exports);
+__exportStar(require("./http.api.module.definitions"), exports);
+//# sourceMappingURL=index.js.map

package/dist/module/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/module/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,oDAAkC;AAClC,gEAA8C"}

package/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "@node-c/api-http",
+  "version": "1.0.0-alpha4",
+  "license": "MIT",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "check-types": "tsc -p tsconfig.build.json --noEmit",
+    "dev": "tsc -p tsconfig.build.json --watch",
+    "publish-package": "rm -rf dist/* && rm -f *.tsbuildinfo && npm run build && npm publish --access public",
+    "test": "vitest --config src/vitest.config.ts",
+    "test:coverage": "vitest --config src/vitest.config.ts --coverage"
+  },
+  "dependencies": {
+    "@nestjs/common": "^10.4.12",
+    "@ramster/general-tools": "^2.3.0",
+    "cookie-parser": "^1.4.7",
+    "express": "^4.21.2",
+    "rxjs": "^7.8.1"
+  },
+  "devDependencies": {
+    "@types/cookie-parser": "^1.4.8",
+    "@types/express": "^5.0.0"
+  },
+  "peerDependencies": {
+    "@node-c/core": "^1.0.0-alpha4",
+    "@node-c/domain-iam": "^1.0.0-alpha4"
+  }
+}

package/src/common/definitions/common.constants.ts

@@ -0,0 +1,16 @@
+export enum Constants {
+  // eslint-disable-next-line no-unused-vars
+  API_MODULE_AUTHORIZATION_SERVICE = 'API_MODULE_AUTHORIZATION_SERVICE',
+  // eslint-disable-next-line no-unused-vars
+  API_MODULE_NAME = 'API_MODULE_NAME',
+  // eslint-disable-next-line no-unused-vars
+  AUTHENTICATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE = 'AUTHENTICATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE',
+  // eslint-disable-next-line no-unused-vars
+  AUTHENTICATION_MIDDLEWARE_USERS_SERVICE = 'AUTHENTICATION_MIDDLEWARE_USERS_SERVICE',
+  // eslint-disable-next-line no-unused-vars
+  AUTHORIZATION_INTERCEPTOR = 'AUTHORIZATION_INTERCEPTOR',
+  // eslint-disable-next-line no-unused-vars
+  ERROR_INTERCEPTOR = 'ERROR_INTERCEPTOR',
+  // eslint-disable-next-line no-unused-vars
+  HTTP_EXCEPTION_FILTER = 'HTTP_EXCEPTION_FILTER'
+}

package/src/common/definitions/common.definitions.ts

@@ -0,0 +1,10 @@
+import { Request } from 'express';
+
+export interface RequestWithLocals<User> extends Request {
+  locals?: {
+    isAnonymous?: boolean;
+    user?: User;
+    [fieldName: string]: unknown;
+  };
+  rawBody?: string;
+}

package/src/common/definitions/common.errors.ts

@@ -0,0 +1,13 @@
+import { GenericObject } from '@node-c/core';
+
+export class ServerError implements Error {
+  data: { statusCode: number } | GenericObject;
+  message: string;
+  name: string;
+
+  constructor(message: string, data?: GenericObject) {
+    this.message = message;
+    this.name = 'ServerError';
+    this.data = data || {};
+  }
+}

package/src/common/definitions/index.ts

@@ -0,0 +1,2 @@
+export * from './common.constants';
+export * from './common.definitions';

package/src/exceptionFilters/http.exceptionFilters.httpException.ts

@@ -0,0 +1,21 @@
+import { ArgumentsHost, Catch, ExceptionFilter, HttpException } from '@nestjs/common';
+import { Response } from 'express';
+
+// The purpose of the class is to handle HttpExceptions that are not caught by the HTTPErrorInterceptor.
+@Catch(HttpException)
+export class HttpExceptionFilter implements ExceptionFilter {
+  catch(exception: HttpException, host: ArgumentsHost): void {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse<Response>();
+    const status = exception.getStatus();
+    // else if (error instanceof BadRequestException) {
+    //   const { statusCode, message: errorText } = error.getResponse() as unknown
+    //   status = statusCode
+    //   message = errorText || message
+    // }
+    response.status(status).json({
+      statusCode: status,
+      message: exception.message
+    });
+  }
+}

package/src/exceptionFilters/index.ts

@@ -0,0 +1 @@
+export * from './http.exceptionFilters.httpException';

package/src/index.ts

@@ -0,0 +1,5 @@
+export * from './common/definitions';
+export * from './exceptionFilters';
+export * from './interceptors';
+export * from './middlewares';
+export * from './module';

package/src/interceptors/http.interceptors.authorization.ts

@@ -0,0 +1,82 @@
+import {
+  CallHandler,
+  ExecutionContext,
+  HttpException,
+  HttpStatus,
+  Inject,
+  Injectable,
+  NestInterceptor
+} from '@nestjs/common';
+
+import { ConfigProviderService, EndpointSecurityMode } from '@node-c/core';
+import { AuthorizationPoint, IAMAuthorizationService, UserWithPermissionsData } from '@node-c/domain-iam';
+
+import { setNested } from '@ramster/general-tools';
+import { Observable } from 'rxjs';
+
+import { Constants, RequestWithLocals } from '../common/definitions';
+
+@Injectable()
+export class HTTPAuthorizationInterceptor<User extends UserWithPermissionsData<unknown, unknown>>
+  implements NestInterceptor
+{
+  constructor(
+    @Inject(Constants.API_MODULE_AUTHORIZATION_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected authorizationService: IAMAuthorizationService<AuthorizationPoint<unknown>>,
+    // eslint-disable-next-line no-unused-vars
+    protected configProvider: ConfigProviderService,
+    @Inject(Constants.API_MODULE_NAME)
+    // eslint-disable-next-line no-unused-vars
+    protected moduleName: string
+  ) {}
+
+  async intercept(context: ExecutionContext, next: CallHandler): Promise<Observable<unknown>> {
+    const [req]: [RequestWithLocals<User>, unknown] = context.getArgs();
+    const locals = req.locals!;
+    if (!locals) {
+      throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
+    } else if (locals.isAnonymous) {
+      return next.handle();
+    }
+    const { moduleName } = this;
+    const controllerName = context.getClass().name;
+    const handlerName = context.getHandler().name;
+    // TODO: cache this in-memory
+    const authorizationData = await this.authorizationService.mapAuthorizationPoints(moduleName);
+    let controllerData = authorizationData![controllerName];
+    if (!controllerData) {
+      controllerData = authorizationData.__all;
+    }
+    const user = locals.user!; // we'll always have this, otherwise the system has not been configured properly
+    let handlerData = controllerData[handlerName];
+    if (!handlerData) {
+      handlerData = controllerData.__all;
+      if (!Object.keys(handlerData).length) {
+        const { endpointSecurityMode } = this.configProvider.config.api[moduleName];
+        if (!endpointSecurityMode || endpointSecurityMode === EndpointSecurityMode.Strict) {
+          console.info(
+            `[${moduleName}][HTTPAuthorizationInterceptor]: No authorization point data for handler ${controllerName}.${handlerName}.`
+          );
+          throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
+        }
+        return next.handle();
+      }
+    }
+    const { hasAccess, inputDataToBeMutated } = IAMAuthorizationService.checkAccess(
+      handlerData,
+      { body: req.body, headers: req.headers, params: req.params, query: req.query },
+      user
+    );
+    if (!hasAccess) {
+      console.info(
+        `[${moduleName}][HTTPAuthorizationInterceptor]: No user access to handler ${controllerName}.${handlerName}.`
+      );
+      throw new HttpException('Forbidden', HttpStatus.FORBIDDEN);
+    }
+    for (const key in inputDataToBeMutated) {
+      setNested(req, key, inputDataToBeMutated[key]);
+    }
+    return next.handle();
+  }
+}

package/src/interceptors/http.interceptors.error.ts

@@ -0,0 +1,50 @@
+import { CallHandler, ExecutionContext, HttpException, Injectable, NestInterceptor } from '@nestjs/common';
+
+import { ApplicationError } from '@node-c/core';
+
+import { Observable } from 'rxjs';
+import { catchError } from 'rxjs/operators';
+
+import { ServerError } from '../common/definitions/common.errors';
+
+@Injectable()
+export class HTTPErrorInterceptor implements NestInterceptor {
+  intercept(_context: ExecutionContext, next: CallHandler): Observable<unknown> {
+    return next.handle().pipe(
+      catchError(error => {
+        console.error(error);
+        let message = 'An error has occurred.';
+        let status = 500;
+        if (error instanceof ApplicationError || error instanceof ServerError) {
+          if (error.message) {
+            message = error.message;
+          }
+          if (error.data) {
+            if ('errorCode' in error.data) {
+              status = error.data.errorCode as number;
+            } else if ('statusCode' in error.data) {
+              status = error.data.statusCode as number;
+            } else {
+              status = 400;
+            }
+          } else {
+            status = 400;
+          }
+        } else if (error.response) {
+          const { response } = error;
+          if (response.statusCode) {
+            status = response.statusCode;
+          }
+          if (response.message) {
+            message = response.message;
+          }
+        } else if (error instanceof Error) {
+          if (error.message) {
+            message = error.message;
+          }
+        }
+        throw new HttpException({ message, statusCode: status }, status);
+      })
+    );
+  }
+}

package/src/interceptors/index.ts

@@ -0,0 +1,2 @@
+export * from './http.interceptors.authorization';
+export * from './http.interceptors.error';

package/src/middlewares/http.middlewares.authentication.ts

@@ -0,0 +1,111 @@
+import { HttpException, HttpStatus, Inject, Injectable, NestMiddleware } from '@nestjs/common';
+
+import { AppConfigAPIHTTP, ConfigProviderService } from '@node-c/core';
+import { DecodedTokenContent, IAMTokenManagerService, IAMUsersService, UserTokenEnityFields } from '@node-c/domain-iam';
+
+import { checkRoutes } from '@ramster/general-tools';
+
+import { NextFunction, Response } from 'express';
+
+import { Constants, RequestWithLocals } from '../common/definitions';
+
+@Injectable()
+export class HTTPAuthenticationMiddleware<User extends object> implements NestMiddleware {
+  constructor(
+    // eslint-disable-next-line no-unused-vars
+    protected configProvider: ConfigProviderService,
+    @Inject(Constants.API_MODULE_NAME)
+    // eslint-disable-next-line no-unused-vars
+    protected moduleName: string,
+    @Inject(Constants.AUTHENTICATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected tokenManager: IAMTokenManagerService<UserTokenEnityFields>,
+    @Inject(Constants.AUTHENTICATION_MIDDLEWARE_USERS_SERVICE)
+    // eslint-disable-next-line no-unused-vars
+    protected usersService: IAMUsersService<User>
+  ) {}
+
+  use(req: RequestWithLocals<unknown>, res: Response, next: NextFunction): void {
+    (async () => {
+      const { anonymousAccessRoutes } = this.configProvider.config.api![this.moduleName] as AppConfigAPIHTTP;
+      if (!req.locals) {
+        req.locals = {};
+      }
+      if (anonymousAccessRoutes && Object.keys(anonymousAccessRoutes).length) {
+        const originalUrl = req.originalUrl.split('?')[0];
+        let isAnonymous = false;
+        for (const route in anonymousAccessRoutes) {
+          if (
+            checkRoutes(originalUrl, [route]) &&
+            anonymousAccessRoutes[route].find(method => method === req.method.toLowerCase())
+          ) {
+            isAnonymous = true;
+            break;
+          }
+        }
+        if (isAnonymous) {
+          req.locals.isAnonymous = true;
+          next();
+          return;
+        }
+      }
+      const { tokenManager, usersService } = this;
+      let tokens: string[] = [];
+      let authToken = req.headers.authorization;
+      let authTokenIsNew = false;
+      let refreshToken: string | undefined;
+      let tokenContent: DecodedTokenContent<UserTokenEnityFields> | undefined;
+      let useCookie = false;
+      if (typeof authToken === 'string' && authToken.length && authToken.match(/^Bearer\s/)) {
+        tokens = authToken.split(' ');
+        if (tokens.length) {
+          authToken = tokens[1];
+          refreshToken = tokens[2];
+        }
+      } else {
+        authToken = req.cookies['sid'];
+        useCookie = true;
+      }
+      if (!authToken) {
+        console.error('Missing auth token.');
+        throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+      }
+      try {
+        const tokenRes = await tokenManager.verifyAccessToken(authToken, {
+          deleteFromStoreIfExpired: true,
+          identifierDataField: 'userId',
+          persistNewToken: true,
+          purgeStoreOnRenew: true,
+          refreshToken,
+          refreshTokenAccessTokenIdentifierDataField: 'accessToken'
+        });
+        tokenContent = tokenRes.content!;
+        if (tokenRes.newToken) {
+          authTokenIsNew = true;
+        }
+      } catch (e) {
+        console.error('Failed to parse the access or refresh token:', e);
+        throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+      }
+      if (authTokenIsNew) {
+        res.setHeader('Authorization', `Bearer ${authToken}${refreshToken ? ` ${refreshToken}` : ''}`);
+        if (useCookie) {
+          res.cookie('sid', authToken);
+        }
+      }
+      const userId = tokenContent?.data?.userId;
+      if (!userId) {
+        console.error('Missing userId in the tokenContent data.');
+        throw new HttpException('Unauthorized', HttpStatus.UNAUTHORIZED);
+      }
+      req.locals!.user = await usersService.getUserWithPermissionsData({ filters: { id: userId } });
+      next();
+    })().then(
+      () => true,
+      err => {
+        console.error(err);
+        res.status((err && err.status) || HttpStatus.INTERNAL_SERVER_ERROR).end();
+      }
+    );
+  }
+}

package/src/middlewares/http.middlewares.cors.ts

@@ -0,0 +1,37 @@
+import { HttpStatus, Inject, Injectable, NestMiddleware } from '@nestjs/common';
+
+import { AppConfigAPIHTTP, ConfigProviderService } from '@node-c/core';
+import { NextFunction, Response } from 'express';
+
+import { Constants, RequestWithLocals } from '../common/definitions';
+
+@Injectable()
+export class HTTPCORSMiddleware implements NestMiddleware {
+  constructor(
+    // eslint-disable-next-line no-unused-vars
+    protected configProvider: ConfigProviderService,
+    @Inject(Constants.API_MODULE_NAME)
+    // eslint-disable-next-line no-unused-vars
+    protected moduleName: string
+  ) {}
+
+  use(req: RequestWithLocals<unknown>, res: Response, next: NextFunction): void {
+    const allowedOrigins = (this.configProvider.config.api![this.moduleName] as AppConfigAPIHTTP).allowedOrigins;
+    const origin = req.headers.origin as string;
+    if (allowedOrigins?.includes(origin)) {
+      res.set('Access-Control-Allow-Origin', origin);
+    }
+    res.set(
+      'Access-Control-Allow-Headers',
+      'accept,accept-encoding,accept-language,authorization,connection,content-type,host,origin,referer,user-agent'
+    );
+    res.set('Access-Control-Expose-Headers', 'Authorization');
+    res.set('Access-Control-Allow-Methods', 'OPTIONS,GET,POST,PUT,PATCH,DELETE');
+    res.set('Access-Control-Allow-Credentials', 'true');
+    if (req.method.toLowerCase() === 'options') {
+      res.status(HttpStatus.OK).end();
+      return;
+    }
+    next();
+  }
+}

package/src/middlewares/index.ts

@@ -0,0 +1,2 @@
+export * from './http.middlewares.authentication';
+export * from './http.middlewares.cors';