@node-c/api-http 1.0.0-alpha8 → 1.0.0-beta0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/common/definitions/common.constants.d.ts +1 -1
- package/dist/common/definitions/common.constants.js +1 -1
- package/dist/common/definitions/common.constants.js.map +1 -1
- package/dist/common/utils/index.d.ts +1 -0
- package/dist/{exceptionFilters → common/utils}/index.js +1 -1
- package/dist/common/utils/index.js.map +1 -0
- package/dist/common/utils/utils.checkRoutes.d.ts +1 -0
- package/dist/common/utils/utils.checkRoutes.js +27 -0
- package/dist/common/utils/utils.checkRoutes.js.map +1 -0
- package/dist/{exceptionFilters/http.exceptionFilters.httpException.js → filters/http.filtes.exception.js} +1 -1
- package/dist/filters/http.filtes.exception.js.map +1 -0
- package/dist/filters/index.d.ts +1 -0
- package/dist/filters/index.js +18 -0
- package/dist/filters/index.js.map +1 -0
- package/dist/guards/http.guards.accessControl.d.ts +2 -0
- package/dist/guards/http.guards.accessControl.js +18 -0
- package/dist/guards/http.guards.accessControl.js.map +1 -0
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/interceptors/{http.interceptors.authorization.d.ts → http.interceptors.accessControl.d.ts} +2 -2
- package/dist/interceptors/{http.interceptors.authorization.js → http.interceptors.accessControl.js} +21 -28
- package/dist/interceptors/http.interceptors.accessControl.js.map +1 -0
- package/dist/interceptors/http.interceptors.error.d.ts +1 -1
- package/dist/interceptors/http.interceptors.error.js +8 -2
- package/dist/interceptors/http.interceptors.error.js.map +1 -1
- package/dist/interceptors/index.d.ts +1 -1
- package/dist/interceptors/index.js +1 -1
- package/dist/middlewares/http.middlewares.authorization.d.ts +14 -0
- package/dist/middlewares/{http.middlewares.authentication.js → http.middlewares.authorization.js} +71 -45
- package/dist/middlewares/http.middlewares.authorization.js.map +1 -0
- package/dist/middlewares/http.middlewares.cors.js +1 -1
- package/dist/middlewares/http.middlewares.cors.js.map +1 -1
- package/dist/middlewares/index.d.ts +1 -1
- package/dist/middlewares/index.js +1 -1
- package/dist/middlewares/index.js.map +1 -1
- package/dist/module/http.api.module.js +18 -7
- package/dist/module/http.api.module.js.map +1 -1
- package/package.json +11 -7
- package/src/common/definitions/common.constants.ts +1 -1
- package/src/common/utils/index.ts +1 -0
- package/src/common/utils/utils.checkRoutes.ts +31 -0
- package/src/{exceptionFilters/http.exceptionFilters.httpException.ts → filters/http.filtes.exception.ts} +0 -5
- package/src/filters/index.ts +1 -0
- package/src/guards/http.guards.accessControl.ts +13 -0
- package/src/index.ts +1 -1
- package/src/interceptors/http.interceptors.accessControl.ts +94 -0
- package/src/interceptors/http.interceptors.error.ts +9 -4
- package/src/interceptors/index.ts +1 -1
- package/src/middlewares/http.middlewares.authorization.ts +153 -0
- package/src/middlewares/http.middlewares.cors.ts +1 -1
- package/src/middlewares/index.ts +1 -1
- package/src/module/http.api.module.ts +20 -6
- package/dist/exceptionFilters/http.exceptionFilters.httpException.js.map +0 -1
- package/dist/exceptionFilters/index.d.ts +0 -1
- package/dist/exceptionFilters/index.js.map +0 -1
- package/dist/interceptors/http.interceptors.authorization.js.map +0 -1
- package/dist/middlewares/http.middlewares.authentication.d.ts +0 -13
- package/dist/middlewares/http.middlewares.authentication.js.map +0 -1
- package/src/exceptionFilters/index.ts +0 -1
- package/src/interceptors/http.interceptors.authorization.ts +0 -82
- package/src/middlewares/http.middlewares.authentication.ts +0 -111
- /package/dist/{exceptionFilters/http.exceptionFilters.httpException.d.ts → filters/http.filtes.exception.d.ts} +0 -0
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export declare enum Constants {
|
|
2
2
|
API_MODULE_AUTHORIZATION_SERVICE = "API_MODULE_AUTHORIZATION_SERVICE",
|
|
3
3
|
API_MODULE_NAME = "API_MODULE_NAME",
|
|
4
|
-
|
|
4
|
+
AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE = "AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE",
|
|
5
5
|
AUTHENTICATION_MIDDLEWARE_USERS_SERVICE = "AUTHENTICATION_MIDDLEWARE_USERS_SERVICE",
|
|
6
6
|
AUTHORIZATION_INTERCEPTOR = "AUTHORIZATION_INTERCEPTOR",
|
|
7
7
|
ERROR_INTERCEPTOR = "ERROR_INTERCEPTOR",
|
|
@@ -5,7 +5,7 @@ var Constants;
|
|
|
5
5
|
(function (Constants) {
|
|
6
6
|
Constants["API_MODULE_AUTHORIZATION_SERVICE"] = "API_MODULE_AUTHORIZATION_SERVICE";
|
|
7
7
|
Constants["API_MODULE_NAME"] = "API_MODULE_NAME";
|
|
8
|
-
Constants["
|
|
8
|
+
Constants["AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE"] = "AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE";
|
|
9
9
|
Constants["AUTHENTICATION_MIDDLEWARE_USERS_SERVICE"] = "AUTHENTICATION_MIDDLEWARE_USERS_SERVICE";
|
|
10
10
|
Constants["AUTHORIZATION_INTERCEPTOR"] = "AUTHORIZATION_INTERCEPTOR";
|
|
11
11
|
Constants["ERROR_INTERCEPTOR"] = "ERROR_INTERCEPTOR";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"common.constants.js","sourceRoot":"","sources":["../../../src/common/definitions/common.constants.ts"],"names":[],"mappings":";;;AAAA,IAAY,SAeX;AAfD,WAAY,SAAS;IAEnB,kFAAqE,CAAA;IAErE,gDAAmC,CAAA;IAEnC,
|
|
1
|
+
{"version":3,"file":"common.constants.js","sourceRoot":"","sources":["../../../src/common/definitions/common.constants.ts"],"names":[],"mappings":";;;AAAA,IAAY,SAeX;AAfD,WAAY,SAAS;IAEnB,kFAAqE,CAAA;IAErE,gDAAmC,CAAA;IAEnC,8GAAiG,CAAA;IAEjG,gGAAmF,CAAA;IAEnF,oEAAuD,CAAA;IAEvD,oDAAuC,CAAA;IAEvC,4DAA+C,CAAA;AACjD,CAAC,EAfW,SAAS,yBAAT,SAAS,QAepB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from './utils.checkRoutes';
|
|
@@ -14,5 +14,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./
|
|
17
|
+
__exportStar(require("./utils.checkRoutes"), exports);
|
|
18
18
|
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/common/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,sDAAoC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function checkRoutes(route: string, routes: string[]): boolean;
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.checkRoutes = checkRoutes;
|
|
4
|
+
function checkRoutes(route, routes) {
|
|
5
|
+
const splitRoute = route.split('/');
|
|
6
|
+
for (const i in routes) {
|
|
7
|
+
const item = routes[i], splitItem = item.split('/');
|
|
8
|
+
if (item === '*' || route === item) {
|
|
9
|
+
return true;
|
|
10
|
+
}
|
|
11
|
+
if (item.indexOf(':') !== -1 && splitItem.length === splitRoute.length) {
|
|
12
|
+
let valid = true;
|
|
13
|
+
for (const j in splitItem) {
|
|
14
|
+
const innerItem = splitItem[j], routeItem = splitRoute[j];
|
|
15
|
+
if (routeItem !== innerItem && innerItem.indexOf(':') === -1) {
|
|
16
|
+
valid = false;
|
|
17
|
+
break;
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
if (valid) {
|
|
21
|
+
return true;
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
return false;
|
|
26
|
+
}
|
|
27
|
+
//# sourceMappingURL=utils.checkRoutes.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"utils.checkRoutes.js","sourceRoot":"","sources":["../../../src/common/utils/utils.checkRoutes.ts"],"names":[],"mappings":";;AAMA,kCAwBC;AAxBD,SAAgB,WAAW,CAAC,KAAa,EAAE,MAAgB;IACzD,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,EACpB,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,IAAI,KAAK,GAAG,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC;QACd,CAAC;QACD,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,SAAS,CAAC,MAAM,KAAK,UAAU,CAAC,MAAM,EAAE,CAAC;YACvE,IAAI,KAAK,GAAG,IAAI,CAAC;YACjB,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;gBAC1B,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,EAC5B,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC7D,KAAK,GAAG,KAAK,CAAC;oBACd,MAAM;gBACR,CAAC;YACH,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -23,4 +23,4 @@ exports.HttpExceptionFilter = HttpExceptionFilter;
|
|
|
23
23
|
exports.HttpExceptionFilter = HttpExceptionFilter = __decorate([
|
|
24
24
|
(0, common_1.Catch)(common_1.HttpException)
|
|
25
25
|
], HttpExceptionFilter);
|
|
26
|
-
//# sourceMappingURL=http.
|
|
26
|
+
//# sourceMappingURL=http.filtes.exception.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.filtes.exception.js","sourceRoot":"","sources":["../../src/filters/http.filtes.exception.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAAsF;AAK/E,IAAM,mBAAmB,GAAzB,MAAM,mBAAmB;IAC9B,KAAK,CAAC,SAAwB,EAAE,IAAmB;QACjD,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAY,CAAC;QAC7C,MAAM,MAAM,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC;QACrC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC;YAC3B,UAAU,EAAE,MAAM;YAClB,OAAO,EAAE,SAAS,CAAC,OAAO;SAC3B,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AAVY,kDAAmB;8BAAnB,mBAAmB;IAD/B,IAAA,cAAK,EAAC,sBAAa,CAAC;GACR,mBAAmB,CAU/B"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from './http.filtes.exception';
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
14
|
+
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
|
+
};
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
__exportStar(require("./http.filtes.exception"), exports);
|
|
18
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/filters/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,0DAAwC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AccessControlResource = exports.AccessControlContext = void 0;
|
|
4
|
+
const AccessControlContext = (moduleName, resourceContext) => {
|
|
5
|
+
console.log(moduleName, resourceContext);
|
|
6
|
+
return (target, propertyKey) => {
|
|
7
|
+
console.log(target, propertyKey);
|
|
8
|
+
};
|
|
9
|
+
};
|
|
10
|
+
exports.AccessControlContext = AccessControlContext;
|
|
11
|
+
const AccessControlResource = (resource) => {
|
|
12
|
+
console.log(resource);
|
|
13
|
+
return (target, propertyKey) => {
|
|
14
|
+
console.log(target, propertyKey);
|
|
15
|
+
};
|
|
16
|
+
};
|
|
17
|
+
exports.AccessControlResource = AccessControlResource;
|
|
18
|
+
//# sourceMappingURL=http.guards.accessControl.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.guards.accessControl.js","sourceRoot":"","sources":["../../src/guards/http.guards.accessControl.ts"],"names":[],"mappings":";;;AAAO,MAAM,oBAAoB,GAAG,CAAC,UAAkB,EAAE,eAAuB,EAAE,EAAE;IAClF,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;IACzC,OAAO,CAAC,MAAc,EAAE,WAAmB,EAAQ,EAAE;QACnD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACnC,CAAC,CAAC;AACJ,CAAC,CAAC;AALW,QAAA,oBAAoB,wBAK/B;AAEK,MAAM,qBAAqB,GAAG,CAAC,QAAgB,EAAE,EAAE;IACxD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtB,OAAO,CAAC,MAAc,EAAE,WAAmB,EAAQ,EAAE;QACnD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IACnC,CAAC,CAAC;AACJ,CAAC,CAAC;AALW,QAAA,qBAAqB,yBAKhC"}
|
package/dist/index.d.ts
CHANGED
package/dist/index.js
CHANGED
|
@@ -15,7 +15,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./common/definitions"), exports);
|
|
18
|
-
__exportStar(require("./
|
|
18
|
+
__exportStar(require("./filters"), exports);
|
|
19
19
|
__exportStar(require("./interceptors"), exports);
|
|
20
20
|
__exportStar(require("./middlewares"), exports);
|
|
21
21
|
__exportStar(require("./module"), exports);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uDAAqC;AACrC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uDAAqC;AACrC,4CAA0B;AAC1B,iDAA+B;AAC/B,gDAA8B;AAC9B,2CAAyB"}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { CallHandler, ExecutionContext, NestInterceptor } from '@nestjs/common';
|
|
2
2
|
import { ConfigProviderService } from '@node-c/core';
|
|
3
|
-
import { AuthorizationPoint, IAMAuthorizationService,
|
|
3
|
+
import { AuthorizationPoint, IAMAuthorizationService, IAMUserManagerUserWithPermissionsData } from '@node-c/domain-iam';
|
|
4
4
|
import { Observable } from 'rxjs';
|
|
5
|
-
export declare class
|
|
5
|
+
export declare class HTTPAccessControlInterceptor<User extends IAMUserManagerUserWithPermissionsData<unknown, unknown>> implements NestInterceptor {
|
|
6
6
|
protected authorizationService: IAMAuthorizationService<AuthorizationPoint<unknown>>;
|
|
7
7
|
protected configProvider: ConfigProviderService;
|
|
8
8
|
protected moduleName: string;
|
package/dist/interceptors/{http.interceptors.authorization.js → http.interceptors.accessControl.js}
RENAMED
|
@@ -21,13 +21,13 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
21
21
|
});
|
|
22
22
|
};
|
|
23
23
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
|
-
exports.
|
|
24
|
+
exports.HTTPAccessControlInterceptor = void 0;
|
|
25
25
|
const common_1 = require("@nestjs/common");
|
|
26
26
|
const core_1 = require("@node-c/core");
|
|
27
27
|
const domain_iam_1 = require("@node-c/domain-iam");
|
|
28
|
-
const
|
|
28
|
+
const rxjs_1 = require("rxjs");
|
|
29
29
|
const definitions_1 = require("../common/definitions");
|
|
30
|
-
let
|
|
30
|
+
let HTTPAccessControlInterceptor = class HTTPAccessControlInterceptor {
|
|
31
31
|
constructor(authorizationService, configProvider, moduleName) {
|
|
32
32
|
this.authorizationService = authorizationService;
|
|
33
33
|
this.configProvider = configProvider;
|
|
@@ -46,42 +46,35 @@ let HTTPAuthorizationInterceptor = class HTTPAuthorizationInterceptor {
|
|
|
46
46
|
const { moduleName } = this;
|
|
47
47
|
const controllerName = context.getClass().name;
|
|
48
48
|
const handlerName = context.getHandler().name;
|
|
49
|
-
const authorizationData = yield this.authorizationService.mapAuthorizationPoints(moduleName);
|
|
50
|
-
let controllerData = authorizationData[controllerName];
|
|
51
|
-
if (!controllerData) {
|
|
52
|
-
controllerData = authorizationData.__all;
|
|
53
|
-
}
|
|
54
49
|
const user = locals.user;
|
|
55
|
-
|
|
56
|
-
if (!handlerData) {
|
|
57
|
-
handlerData = controllerData.__all;
|
|
58
|
-
if (!Object.keys(handlerData).length) {
|
|
59
|
-
const { endpointSecurityMode } = this.configProvider.config.api[moduleName];
|
|
60
|
-
if (!endpointSecurityMode || endpointSecurityMode === core_1.EndpointSecurityMode.Strict) {
|
|
61
|
-
console.info(`[${moduleName}][HTTPAuthorizationInterceptor]: No authorization point data for handler ${controllerName}.${handlerName}.`);
|
|
62
|
-
throw new common_1.HttpException('Forbidden', common_1.HttpStatus.FORBIDDEN);
|
|
63
|
-
}
|
|
64
|
-
return next.handle();
|
|
65
|
-
}
|
|
66
|
-
}
|
|
67
|
-
const { hasAccess, inputDataToBeMutated } = domain_iam_1.IAMAuthorizationService.checkAccess(handlerData, { body: req.body, headers: req.headers, params: req.params, query: req.query }, user);
|
|
50
|
+
const { authorizationPoints: usedAuthorizationPoints, errorCode, hasAccess, inputDataToBeMutated } = domain_iam_1.IAMAuthorizationService.checkAccess({ body: req.body, headers: req.headers, params: req.params, query: req.query }, user, { moduleName, resource: handlerName, resourceContext: controllerName });
|
|
68
51
|
if (!hasAccess) {
|
|
69
|
-
console.
|
|
52
|
+
console.error(`[${moduleName}][HTTPAccessControlInterceptor]: No user access to handler ${controllerName}.${handlerName} - ${errorCode}.`);
|
|
70
53
|
throw new common_1.HttpException('Forbidden', common_1.HttpStatus.FORBIDDEN);
|
|
71
54
|
}
|
|
72
55
|
for (const key in inputDataToBeMutated) {
|
|
73
|
-
(0,
|
|
56
|
+
(0, core_1.setNested)(req, key, inputDataToBeMutated[key], { removeNestedFieldEscapeSign: true });
|
|
74
57
|
}
|
|
75
|
-
return next.handle()
|
|
58
|
+
return next.handle().pipe((0, rxjs_1.map)((data) => {
|
|
59
|
+
if (typeof data === 'undefined' || data === null || typeof data !== 'object' || data instanceof Date) {
|
|
60
|
+
return data;
|
|
61
|
+
}
|
|
62
|
+
const actualData = data;
|
|
63
|
+
const { outputDataToBeMutated } = domain_iam_1.IAMAuthorizationService.processOutputData(usedAuthorizationPoints, actualData);
|
|
64
|
+
for (const key in outputDataToBeMutated) {
|
|
65
|
+
(0, core_1.setNested)(actualData, key, outputDataToBeMutated[key]);
|
|
66
|
+
}
|
|
67
|
+
return actualData;
|
|
68
|
+
}));
|
|
76
69
|
});
|
|
77
70
|
}
|
|
78
71
|
};
|
|
79
|
-
exports.
|
|
80
|
-
exports.
|
|
72
|
+
exports.HTTPAccessControlInterceptor = HTTPAccessControlInterceptor;
|
|
73
|
+
exports.HTTPAccessControlInterceptor = HTTPAccessControlInterceptor = __decorate([
|
|
81
74
|
(0, common_1.Injectable)(),
|
|
82
75
|
__param(0, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_AUTHORIZATION_SERVICE)),
|
|
83
76
|
__param(2, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
|
|
84
77
|
__metadata("design:paramtypes", [domain_iam_1.IAMAuthorizationService,
|
|
85
78
|
core_1.ConfigProviderService, String])
|
|
86
|
-
],
|
|
87
|
-
//# sourceMappingURL=http.interceptors.
|
|
79
|
+
], HTTPAccessControlInterceptor);
|
|
80
|
+
//# sourceMappingURL=http.interceptors.accessControl.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.interceptors.accessControl.js","sourceRoot":"","sources":["../../src/interceptors/http.interceptors.accessControl.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAQwB;AAExB,uCAA+E;AAC/E,mDAAwH;AAExH,+BAAuC;AAEvC,uDAAqE;AAM9D,IAAM,4BAA4B,GAAlC,MAAM,4BAA4B;IAGvC,YAGY,oBAA0E,EAE1E,cAAqC,EAGrC,UAAkB;QALlB,yBAAoB,GAApB,oBAAoB,CAAsD;QAE1E,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEE,SAAS,CAAC,OAAyB,EAAE,IAAiB;;YAC1D,MAAM,CAAC,GAAG,CAAC,GAAuC,OAAO,CAAC,OAAO,EAAE,CAAC;YACpE,MAAM,MAAM,GAAG,GAAG,CAAC,MAAO,CAAC;YAC3B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,sBAAa,CAAC,WAAW,EAAE,mBAAU,CAAC,SAAS,CAAC,CAAC;YAC7D,CAAC;iBAAM,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC;YACvB,CAAC;YACD,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;YAC5B,MAAM,cAAc,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;YAC/C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,IAAI,CAAC;YAC9C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAK,CAAC;YAC1B,MAAM,EACJ,mBAAmB,EAAE,uBAAuB,EAC5C,SAAS,EACT,SAAS,EACT,oBAAoB,EACrB,GAAG,oCAAuB,CAAC,WAAW,CACrC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,KAAK,EAAE,EAC9E,IAAI,EACJ,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,cAAc,EAAE,CACvE,CAAC;YACF,IAAI,CAAC,SAAS,EAAE,CAAC;gBAWf,OAAO,CAAC,KAAK,CACX,IAAI,UAAU,8DAA8D,cAAc,IAAI,WAAW,MAAM,SAAS,GAAG,CAC5H,CAAC;gBACF,MAAM,IAAI,sBAAa,CAAC,WAAW,EAAE,mBAAU,CAAC,SAAS,CAAC,CAAC;YAC7D,CAAC;YACD,KAAK,MAAM,GAAG,IAAI,oBAAoB,EAAE,CAAC;gBACvC,IAAA,gBAAS,EAAC,GAAG,EAAE,GAAG,EAAE,oBAAoB,CAAC,GAAG,CAAC,EAAE,EAAE,2BAA2B,EAAE,IAAI,EAAE,CAAC,CAAC;YACxF,CAAC;YACD,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CACvB,IAAA,UAAG,EAAC,CAAC,IAAc,EAAE,EAAE;gBACrB,IAAI,OAAO,IAAI,KAAK,WAAW,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,YAAY,IAAI,EAAE,CAAC;oBACrG,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,UAAU,GAAG,IAAqB,CAAC;gBACzC,MAAM,EAAE,qBAAqB,EAAE,GAAG,oCAAuB,CAAC,iBAAiB,CACzE,uBAAuB,EACvB,UAAU,CACX,CAAC;gBACF,KAAK,MAAM,GAAG,IAAI,qBAAqB,EAAE,CAAC;oBACxC,IAAA,gBAAS,EAAC,UAAU,EAAE,GAAG,EAAE,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC;gBACzD,CAAC;gBACD,OAAO,UAAU,CAAC;YACpB,CAAC,CAAC,CACH,CAAC;QACJ,CAAC;KAAA;CACF,CAAA;AAxEY,oEAA4B;uCAA5B,4BAA4B;IADxC,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,gCAAgC,CAAC,CAAA;IAKlD,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCAHF,oCAAuB;QAE7B,4BAAqB;GARtC,4BAA4B,CAwExC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { CallHandler, ExecutionContext, NestInterceptor } from '@nestjs/common';
|
|
2
2
|
import { Observable } from 'rxjs';
|
|
3
3
|
export declare class HTTPErrorInterceptor implements NestInterceptor {
|
|
4
|
-
intercept(
|
|
4
|
+
intercept(context: ExecutionContext, next: CallHandler): Observable<unknown>;
|
|
5
5
|
}
|
|
@@ -9,10 +9,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
9
9
|
exports.HTTPErrorInterceptor = void 0;
|
|
10
10
|
const common_1 = require("@nestjs/common");
|
|
11
11
|
const core_1 = require("@node-c/core");
|
|
12
|
+
const rxjs_1 = require("rxjs");
|
|
12
13
|
const operators_1 = require("rxjs/operators");
|
|
13
14
|
const common_errors_1 = require("../common/definitions/common.errors");
|
|
14
15
|
let HTTPErrorInterceptor = class HTTPErrorInterceptor {
|
|
15
|
-
intercept(
|
|
16
|
+
intercept(context, next) {
|
|
16
17
|
return next.handle().pipe((0, operators_1.catchError)(error => {
|
|
17
18
|
console.error(error);
|
|
18
19
|
let message = 'An error has occurred.';
|
|
@@ -50,7 +51,12 @@ let HTTPErrorInterceptor = class HTTPErrorInterceptor {
|
|
|
50
51
|
message = error.message;
|
|
51
52
|
}
|
|
52
53
|
}
|
|
53
|
-
|
|
54
|
+
context
|
|
55
|
+
.switchToHttp()
|
|
56
|
+
.getResponse()
|
|
57
|
+
.status(status)
|
|
58
|
+
.json({ error: message instanceof Array ? message.join('\n') : message });
|
|
59
|
+
return new rxjs_1.Observable();
|
|
54
60
|
}));
|
|
55
61
|
}
|
|
56
62
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.interceptors.error.js","sourceRoot":"","sources":["../../src/interceptors/http.interceptors.error.ts"],"names":[],"mappings":";;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"http.interceptors.error.js","sourceRoot":"","sources":["../../src/interceptors/http.interceptors.error.ts"],"names":[],"mappings":";;;;;;;;;AAAA,2CAA4F;AAE5F,uCAAgD;AAEhD,+BAAkC;AAClC,8CAA4C;AAE5C,uEAAkE;AAG3D,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAC/B,SAAS,CAAC,OAAyB,EAAE,IAAiB;QACpD,OAAO,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,CACvB,IAAA,sBAAU,EAAC,KAAK,CAAC,EAAE;YACjB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,IAAI,OAAO,GAAsB,wBAAwB,CAAC;YAC1D,IAAI,MAAM,GAAG,GAAG,CAAC;YACjB,IAAI,KAAK,YAAY,uBAAgB,IAAI,KAAK,YAAY,2BAAW,EAAE,CAAC;gBACtE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;oBAClB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;gBAC1B,CAAC;gBACD,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;oBACf,IAAI,WAAW,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;wBAC9B,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,SAAmB,CAAC;oBAC1C,CAAC;yBAAM,IAAI,YAAY,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;wBACtC,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,UAAoB,CAAC;oBAC3C,CAAC;yBAAM,CAAC;wBACN,MAAM,GAAG,GAAG,CAAC;oBACf,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,GAAG,CAAC;gBACf,CAAC;YACH,CAAC;iBAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC1B,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;gBAC3B,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;oBACxB,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;gBAC/B,CAAC;gBACD,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACrB,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;gBAC7B,CAAC;YACH,CAAC;iBAAM,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAClC,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;oBAClB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;gBAC1B,CAAC;YACH,CAAC;YACD,OAAO;iBACJ,YAAY,EAAE;iBACd,WAAW,EAAE;iBACb,MAAM,CAAC,MAAM,CAAC;iBACd,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5E,OAAO,IAAI,iBAAU,EAAE,CAAC;QAC1B,CAAC,CAAC,CACH,CAAC;IACJ,CAAC;CACF,CAAA;AA5CY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;GACA,oBAAoB,CA4ChC"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from './http.interceptors.
|
|
1
|
+
export * from './http.interceptors.accessControl';
|
|
2
2
|
export * from './http.interceptors.error';
|
|
@@ -14,6 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./http.interceptors.
|
|
17
|
+
__exportStar(require("./http.interceptors.accessControl"), exports);
|
|
18
18
|
__exportStar(require("./http.interceptors.error"), exports);
|
|
19
19
|
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { NestMiddleware } from '@nestjs/common';
|
|
2
|
+
import { ConfigProviderService } from '@node-c/core';
|
|
3
|
+
import { AuthorizationPoint, IAMAuthorizationService, IAMTokenManagerService, IAMUserManagerService, IAMUserManagerUserTokenEnityFields } from '@node-c/domain-iam';
|
|
4
|
+
import { NextFunction, Response } from 'express';
|
|
5
|
+
import { RequestWithLocals } from '../common/definitions';
|
|
6
|
+
export declare class HTTPAuthorizationMiddleware<User extends object> implements NestMiddleware {
|
|
7
|
+
protected configProvider: ConfigProviderService;
|
|
8
|
+
protected moduleName: string;
|
|
9
|
+
protected authorizationService: IAMAuthorizationService<AuthorizationPoint<unknown>>;
|
|
10
|
+
protected tokenManager?: IAMTokenManagerService<IAMUserManagerUserTokenEnityFields> | undefined;
|
|
11
|
+
protected usersService?: IAMUserManagerService<User> | undefined;
|
|
12
|
+
constructor(configProvider: ConfigProviderService, moduleName: string, authorizationService: IAMAuthorizationService<AuthorizationPoint<unknown>>, tokenManager?: IAMTokenManagerService<IAMUserManagerUserTokenEnityFields> | undefined, usersService?: IAMUserManagerService<User> | undefined);
|
|
13
|
+
use(req: RequestWithLocals<unknown>, res: Response, next: NextFunction): void;
|
|
14
|
+
}
|
package/dist/middlewares/{http.middlewares.authentication.js → http.middlewares.authorization.js}
RENAMED
|
@@ -21,23 +21,26 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
21
21
|
});
|
|
22
22
|
};
|
|
23
23
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
24
|
-
exports.
|
|
24
|
+
exports.HTTPAuthorizationMiddleware = void 0;
|
|
25
25
|
const common_1 = require("@nestjs/common");
|
|
26
26
|
const core_1 = require("@node-c/core");
|
|
27
27
|
const domain_iam_1 = require("@node-c/domain-iam");
|
|
28
|
-
const general_tools_1 = require("@ramster/general-tools");
|
|
29
28
|
const definitions_1 = require("../common/definitions");
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
const utils_1 = require("../common/utils");
|
|
30
|
+
let HTTPAuthorizationMiddleware = class HTTPAuthorizationMiddleware {
|
|
31
|
+
constructor(configProvider, moduleName, authorizationService, tokenManager, usersService) {
|
|
32
32
|
this.configProvider = configProvider;
|
|
33
33
|
this.moduleName = moduleName;
|
|
34
|
+
this.authorizationService = authorizationService;
|
|
34
35
|
this.tokenManager = tokenManager;
|
|
35
36
|
this.usersService = usersService;
|
|
36
37
|
}
|
|
37
38
|
use(req, res, next) {
|
|
38
39
|
(() => __awaiter(this, void 0, void 0, function* () {
|
|
39
|
-
var _a;
|
|
40
|
-
const
|
|
40
|
+
var _a, _b, _c, _d, _e;
|
|
41
|
+
const moduleConfig = this.configProvider.config.api[this.moduleName];
|
|
42
|
+
const { anonymousAccessRoutes } = moduleConfig;
|
|
43
|
+
const requestMethod = req.method.toLowerCase();
|
|
41
44
|
if (!req.locals) {
|
|
42
45
|
req.locals = {};
|
|
43
46
|
}
|
|
@@ -45,8 +48,8 @@ let HTTPAuthenticationMiddleware = class HTTPAuthenticationMiddleware {
|
|
|
45
48
|
const originalUrl = req.originalUrl.split('?')[0];
|
|
46
49
|
let isAnonymous = false;
|
|
47
50
|
for (const route in anonymousAccessRoutes) {
|
|
48
|
-
if ((0,
|
|
49
|
-
anonymousAccessRoutes[route].find(method => method ===
|
|
51
|
+
if ((0, utils_1.checkRoutes)(originalUrl, [route]) &&
|
|
52
|
+
anonymousAccessRoutes[route].find(method => method === requestMethod)) {
|
|
50
53
|
isAnonymous = true;
|
|
51
54
|
break;
|
|
52
55
|
}
|
|
@@ -58,11 +61,42 @@ let HTTPAuthenticationMiddleware = class HTTPAuthenticationMiddleware {
|
|
|
58
61
|
}
|
|
59
62
|
}
|
|
60
63
|
const { tokenManager, usersService } = this;
|
|
64
|
+
const hasApiKey = !!((_a = req.headers.authorization) === null || _a === void 0 ? void 0 : _a.match(/^ApiKey\s/));
|
|
65
|
+
if (hasApiKey) {
|
|
66
|
+
const [apiKeyFromHeader, requestSignature] = ((_c = (_b = req.headers.authorization) === null || _b === void 0 ? void 0 : _b.replace(/^ApiKey\s/, '')) === null || _c === void 0 ? void 0 : _c.split(' ')) || [];
|
|
67
|
+
let signatureContent = '';
|
|
68
|
+
if (requestMethod === 'get' && req.query && Object.keys(req.query).length) {
|
|
69
|
+
signatureContent = JSON.stringify(req.query);
|
|
70
|
+
}
|
|
71
|
+
else if ((requestMethod === 'delete' ||
|
|
72
|
+
requestMethod === 'patch' ||
|
|
73
|
+
requestMethod === 'post' ||
|
|
74
|
+
requestMethod === 'put') &&
|
|
75
|
+
req.body &&
|
|
76
|
+
Object.keys(req.body).length) {
|
|
77
|
+
signatureContent = JSON.stringify(req.body);
|
|
78
|
+
}
|
|
79
|
+
else {
|
|
80
|
+
signatureContent = req.originalUrl.split('?')[0];
|
|
81
|
+
}
|
|
82
|
+
const { valid } = yield this.authorizationService.authorizeApiKey({
|
|
83
|
+
apiKey: apiKeyFromHeader,
|
|
84
|
+
signature: requestSignature,
|
|
85
|
+
signatureContent
|
|
86
|
+
}, { config: moduleConfig });
|
|
87
|
+
if (!valid) {
|
|
88
|
+
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
89
|
+
}
|
|
90
|
+
next();
|
|
91
|
+
return;
|
|
92
|
+
}
|
|
93
|
+
else if (!tokenManager) {
|
|
94
|
+
console.error('Missing api key in the configuration and no tokenManager set up.');
|
|
95
|
+
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
96
|
+
}
|
|
61
97
|
let tokens = [];
|
|
62
98
|
let authToken = req.headers.authorization;
|
|
63
|
-
let authTokenIsNew = false;
|
|
64
99
|
let refreshToken;
|
|
65
|
-
let tokenContent;
|
|
66
100
|
let useCookie = false;
|
|
67
101
|
if (typeof authToken === 'string' && authToken.length && authToken.match(/^Bearer\s/)) {
|
|
68
102
|
tokens = authToken.split(' ');
|
|
@@ -75,40 +109,30 @@ let HTTPAuthenticationMiddleware = class HTTPAuthenticationMiddleware {
|
|
|
75
109
|
authToken = req.cookies['sid'];
|
|
76
110
|
useCookie = true;
|
|
77
111
|
}
|
|
78
|
-
|
|
79
|
-
|
|
112
|
+
const { newAuthToken, tokenContent, valid } = yield this.authorizationService.authorizeBearer({ authToken, refreshToken }, { identifierDataField: usersService ? 'userId' : undefined });
|
|
113
|
+
if (!valid) {
|
|
80
114
|
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
81
115
|
}
|
|
82
|
-
|
|
83
|
-
const
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
116
|
+
if (usersService) {
|
|
117
|
+
const userId = (_d = tokenContent === null || tokenContent === void 0 ? void 0 : tokenContent.data) === null || _d === void 0 ? void 0 : _d.userId;
|
|
118
|
+
if (!userId) {
|
|
119
|
+
console.error('Missing userId in the tokenContent data.');
|
|
120
|
+
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
121
|
+
}
|
|
122
|
+
const user = (_e = tokenContent === null || tokenContent === void 0 ? void 0 : tokenContent.data) === null || _e === void 0 ? void 0 : _e.user;
|
|
123
|
+
if (user) {
|
|
124
|
+
req.locals.user = user;
|
|
125
|
+
}
|
|
126
|
+
else {
|
|
127
|
+
req.locals.user = yield usersService.getUserWithPermissionsData({ filters: { id: userId } });
|
|
94
128
|
}
|
|
95
129
|
}
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
99
|
-
}
|
|
100
|
-
if (authTokenIsNew) {
|
|
101
|
-
res.setHeader('Authorization', `Bearer ${authToken}${refreshToken ? ` ${refreshToken}` : ''}`);
|
|
130
|
+
if (newAuthToken) {
|
|
131
|
+
res.setHeader('Authorization', `Bearer ${newAuthToken}${refreshToken ? ` ${refreshToken}` : ''}`);
|
|
102
132
|
if (useCookie) {
|
|
103
|
-
res.cookie('sid',
|
|
133
|
+
res.cookie('sid', newAuthToken);
|
|
104
134
|
}
|
|
105
135
|
}
|
|
106
|
-
const userId = (_a = tokenContent === null || tokenContent === void 0 ? void 0 : tokenContent.data) === null || _a === void 0 ? void 0 : _a.userId;
|
|
107
|
-
if (!userId) {
|
|
108
|
-
console.error('Missing userId in the tokenContent data.');
|
|
109
|
-
throw new common_1.HttpException('Unauthorized', common_1.HttpStatus.UNAUTHORIZED);
|
|
110
|
-
}
|
|
111
|
-
req.locals.user = yield usersService.getUserWithPermissionsData({ filters: { id: userId } });
|
|
112
136
|
next();
|
|
113
137
|
}))().then(() => true, err => {
|
|
114
138
|
console.error(err);
|
|
@@ -116,13 +140,15 @@ let HTTPAuthenticationMiddleware = class HTTPAuthenticationMiddleware {
|
|
|
116
140
|
});
|
|
117
141
|
}
|
|
118
142
|
};
|
|
119
|
-
exports.
|
|
120
|
-
exports.
|
|
143
|
+
exports.HTTPAuthorizationMiddleware = HTTPAuthorizationMiddleware;
|
|
144
|
+
exports.HTTPAuthorizationMiddleware = HTTPAuthorizationMiddleware = __decorate([
|
|
121
145
|
(0, common_1.Injectable)(),
|
|
122
146
|
__param(1, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_NAME)),
|
|
123
|
-
__param(2, (0, common_1.Inject)(definitions_1.Constants.
|
|
124
|
-
__param(3, (0, common_1.Inject)(definitions_1.Constants.
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
147
|
+
__param(2, (0, common_1.Inject)(definitions_1.Constants.API_MODULE_AUTHORIZATION_SERVICE)),
|
|
148
|
+
__param(3, (0, common_1.Inject)(definitions_1.Constants.AUTHORIZATION_MIDDLEWARE_TOKEN_MANAGER_SERVICE)),
|
|
149
|
+
__param(4, (0, common_1.Inject)(definitions_1.Constants.AUTHENTICATION_MIDDLEWARE_USERS_SERVICE)),
|
|
150
|
+
__metadata("design:paramtypes", [core_1.ConfigProviderService, String, domain_iam_1.IAMAuthorizationService,
|
|
151
|
+
domain_iam_1.IAMTokenManagerService,
|
|
152
|
+
domain_iam_1.IAMUserManagerService])
|
|
153
|
+
], HTTPAuthorizationMiddleware);
|
|
154
|
+
//# sourceMappingURL=http.middlewares.authorization.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"http.middlewares.authorization.js","sourceRoot":"","sources":["../../src/middlewares/http.middlewares.authorization.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAA+F;AAE/F,uCAAuE;AACvE,mDAM4B;AAI5B,uDAAqE;AACrE,2CAA8C;AAMvC,IAAM,2BAA2B,GAAjC,MAAM,2BAA2B;IACtC,YAEY,cAAqC,EAGrC,UAAkB,EAGlB,oBAA0E,EAG1E,YAAyE,EAGzE,YAA0C;QAZ1C,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;QAGlB,yBAAoB,GAApB,oBAAoB,CAAsD;QAG1E,iBAAY,GAAZ,YAAY,CAA6D;QAGzE,iBAAY,GAAZ,YAAY,CAA8B;IACnD,CAAC;IAEJ,GAAG,CAAC,GAA+B,EAAE,GAAa,EAAE,IAAkB;QACpE,CAAC,GAAS,EAAE;;YACV,MAAM,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAI,CAAC,IAAI,CAAC,UAAU,CAAqB,CAAC;YAC1F,MAAM,EAAE,qBAAqB,EAAE,GAAG,YAAY,CAAC;YAC/C,MAAM,aAAa,GAAG,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC/C,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;gBAChB,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;YAClB,CAAC;YACD,IAAI,qBAAqB,IAAI,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,MAAM,EAAE,CAAC;gBACvE,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAClD,IAAI,WAAW,GAAG,KAAK,CAAC;gBACxB,KAAK,MAAM,KAAK,IAAI,qBAAqB,EAAE,CAAC;oBAC1C,IACE,IAAA,mBAAW,EAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC;wBACjC,qBAAqB,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,KAAK,aAAa,CAAC,EACrE,CAAC;wBACD,WAAW,GAAG,IAAI,CAAC;wBACnB,MAAM;oBACR,CAAC;gBACH,CAAC;gBACD,IAAI,WAAW,EAAE,CAAC;oBAChB,GAAG,CAAC,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC;oBAC9B,IAAI,EAAE,CAAC;oBACP,OAAO;gBACT,CAAC;YACH,CAAC;YACD,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,SAAS,GAAG,CAAC,CAAC,CAAA,MAAA,GAAG,CAAC,OAAO,CAAC,aAAa,0CAAE,KAAK,CAAC,WAAW,CAAC,CAAA,CAAC;YAClE,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,GACxC,CAAA,MAAA,MAAA,GAAG,CAAC,OAAO,CAAC,aAAa,0CAAE,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC;gBACxE,IAAI,gBAAgB,GAAG,EAAE,CAAC;gBAC1B,IAAI,aAAa,KAAK,KAAK,IAAI,GAAG,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;oBAC1E,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBAC/C,CAAC;qBAAM,IACL,CAAC,aAAa,KAAK,QAAQ;oBACzB,aAAa,KAAK,OAAO;oBACzB,aAAa,KAAK,MAAM;oBACxB,aAAa,KAAK,KAAK,CAAC;oBAC1B,GAAG,CAAC,IAAI;oBACR,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,MAAM,EAC5B,CAAC;oBACD,gBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC9C,CAAC;qBAAM,CAAC;oBACN,gBAAgB,GAAG,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACnD,CAAC;gBACD,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAC/D;oBACE,MAAM,EAAE,gBAAgB;oBACxB,SAAS,EAAE,gBAAgB;oBAC3B,gBAAgB;iBACjB,EACD,EAAE,MAAM,EAAE,YAAY,EAAE,CACzB,CAAC;gBACF,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,sBAAa,CAAC,cAAc,EAAE,mBAAU,CAAC,YAAY,CAAC,CAAC;gBACnE,CAAC;gBACD,IAAI,EAAE,CAAC;gBACP,OAAO;YACT,CAAC;iBAAM,IAAI,CAAC,YAAY,EAAE,CAAC;gBACzB,OAAO,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;gBAClF,MAAM,IAAI,sBAAa,CAAC,cAAc,EAAE,mBAAU,CAAC,YAAY,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,MAAM,GAAa,EAAE,CAAC;YAC1B,IAAI,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;YAC1C,IAAI,YAAgC,CAAC;YACrC,IAAI,SAAS,GAAG,KAAK,CAAC;YACtB,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;gBACtF,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBAClB,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;oBACtB,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;gBAC3B,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC/B,SAAS,GAAG,IAAI,CAAC;YACnB,CAAC;YACD,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,KAAK,EAAE,GACzC,MAAM,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAC7C,EAAE,SAAS,EAAE,YAAY,EAAE,EAC3B,EAAE,mBAAmB,EAAE,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,EAAE,CAC7D,CAAC;YACJ,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,sBAAa,CAAC,cAAc,EAAE,mBAAU,CAAC,YAAY,CAAC,CAAC;YACnE,CAAC;YACD,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,MAAM,GAAG,MAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI,0CAAE,MAAM,CAAC;gBAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;oBAC1D,MAAM,IAAI,sBAAa,CAAC,cAAc,EAAE,mBAAU,CAAC,YAAY,CAAC,CAAC;gBACnE,CAAC;gBAED,MAAM,IAAI,GAAG,MAAA,YAAY,aAAZ,YAAY,uBAAZ,YAAY,CAAE,IAAI,0CAAE,IAAI,CAAC;gBACtC,IAAI,IAAI,EAAE,CAAC;oBACT,GAAG,CAAC,MAAO,CAAC,IAAI,GAAG,IAAI,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,MAAO,CAAC,IAAI,GAAG,MAAM,YAAY,CAAC,0BAA0B,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;gBAChG,CAAC;YACH,CAAC;YACD,IAAI,YAAY,EAAE,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,YAAY,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAClG,IAAI,SAAS,EAAE,CAAC;oBACd,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;YACD,IAAI,EAAE,CAAC;QACT,CAAC,CAAA,CAAC,EAAE,CAAC,IAAI,CACP,GAAG,EAAE,CAAC,IAAI,EACV,GAAG,CAAC,EAAE;YACJ,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnB,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,mBAAU,CAAC,qBAAqB,CAAC,CAAC,GAAG,EAAE,CAAC;QAC5E,CAAC,CACF,CAAC;IACJ,CAAC;CACF,CAAA;AApIY,kEAA2B;sCAA3B,2BAA2B;IADvC,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;IAGjC,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,gCAAgC,CAAC,CAAA;IAGlD,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,8CAA8C,CAAC,CAAA;IAGhE,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,uCAAuC,CAAC,CAAA;qCAVhC,4BAAqB,UAMf,oCAAuB;QAG9B,mCAAsB;QAGtB,kCAAqB;GAfrC,2BAA2B,CAoIvC"}
|
|
@@ -28,9 +28,9 @@ let HTTPCORSMiddleware = class HTTPCORSMiddleware {
|
|
|
28
28
|
res.set('Access-Control-Allow-Origin', origin);
|
|
29
29
|
}
|
|
30
30
|
res.set('Access-Control-Allow-Headers', 'accept,accept-encoding,accept-language,authorization,connection,content-type,host,origin,referer,user-agent');
|
|
31
|
-
res.set('Access-Control-Expose-Headers', 'Authorization');
|
|
32
31
|
res.set('Access-Control-Allow-Methods', 'OPTIONS,GET,POST,PUT,PATCH,DELETE');
|
|
33
32
|
res.set('Access-Control-Allow-Credentials', 'true');
|
|
33
|
+
res.set('Access-Control-Expose-Headers', 'Authorization');
|
|
34
34
|
if (req.method.toLowerCase() === 'options') {
|
|
35
35
|
res.status(common_1.HttpStatus.OK).end();
|
|
36
36
|
return;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.middlewares.cors.js","sourceRoot":"","sources":["../../src/middlewares/http.middlewares.cors.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAgF;AAEhF,uCAAuE;AAGvE,uDAAqE;AAG9D,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC7B,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,GAAG,CAAC,GAA+B,EAAE,GAAa,EAAE,IAAkB;QACpE,MAAM,cAAc,GAAI,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAI,CAAC,IAAI,CAAC,UAAU,CAAsB,CAAC,cAAc,CAAC;QAC7G,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAgB,CAAC;QAC5C,IAAI,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;QACjD,CAAC;QACD,GAAG,CAAC,GAAG,CACL,8BAA8B,EAC9B,6GAA6G,CAC9G,CAAC;QACF,GAAG,CAAC,GAAG,CAAC
|
|
1
|
+
{"version":3,"file":"http.middlewares.cors.js","sourceRoot":"","sources":["../../src/middlewares/http.middlewares.cors.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2CAAgF;AAEhF,uCAAuE;AAGvE,uDAAqE;AAG9D,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC7B,YAEY,cAAqC,EAGrC,UAAkB;QAHlB,mBAAc,GAAd,cAAc,CAAuB;QAGrC,eAAU,GAAV,UAAU,CAAQ;IAC3B,CAAC;IAEJ,GAAG,CAAC,GAA+B,EAAE,GAAa,EAAE,IAAkB;QACpE,MAAM,cAAc,GAAI,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAI,CAAC,IAAI,CAAC,UAAU,CAAsB,CAAC,cAAc,CAAC;QAC7G,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,MAAgB,CAAC;QAC5C,IAAI,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,GAAG,CAAC,GAAG,CAAC,6BAA6B,EAAE,MAAM,CAAC,CAAC;QACjD,CAAC;QACD,GAAG,CAAC,GAAG,CACL,8BAA8B,EAC9B,6GAA6G,CAC9G,CAAC;QACF,GAAG,CAAC,GAAG,CAAC,8BAA8B,EAAE,mCAAmC,CAAC,CAAC;QAC7E,GAAG,CAAC,GAAG,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;QACpD,GAAG,CAAC,GAAG,CAAC,+BAA+B,EAAE,eAAe,CAAC,CAAC;QAC1D,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,SAAS,EAAE,CAAC;YAC3C,GAAG,CAAC,MAAM,CAAC,mBAAU,CAAC,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;YAChC,OAAO;QACT,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC;CACF,CAAA;AA5BY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,uBAAS,CAAC,eAAe,CAAC,CAAA;qCADR,4BAAqB;GAHtC,kBAAkB,CA4B9B"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export * from './http.middlewares.
|
|
1
|
+
export * from './http.middlewares.authorization';
|
|
2
2
|
export * from './http.middlewares.cors';
|
|
@@ -14,6 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
__exportStar(require("./http.middlewares.
|
|
17
|
+
__exportStar(require("./http.middlewares.authorization"), exports);
|
|
18
18
|
__exportStar(require("./http.middlewares.cors"), exports);
|
|
19
19
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,mEAAiD;AACjD,0DAAwC"}
|