@node-c/domain-iam 1.0.0-alpha3 → 1.0.0-alpha31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/module/iam.module.js +2 -2
- package/dist/module/iam.module.js.map +1 -1
- package/dist/services/authenticationLocal/iam.authenticationLocal.service.js +17 -7
- package/dist/services/authenticationLocal/iam.authenticationLocal.service.js.map +1 -1
- package/dist/services/authorization/iam.authorization.service.d.ts +7 -5
- package/dist/services/authorization/iam.authorization.service.js +45 -47
- package/dist/services/authorization/iam.authorization.service.js.map +1 -1
- package/dist/services/tokenManager/iam.tokenManager.definitions.d.ts +1 -0
- package/dist/services/tokenManager/iam.tokenManager.definitions.js.map +1 -1
- package/dist/services/tokenManager/iam.tokenManager.service.js +16 -12
- package/dist/services/tokenManager/iam.tokenManager.service.js.map +1 -1
- package/dist/services/users/iam.users.definitions.d.ts +8 -14
- package/dist/services/users/iam.users.definitions.js.map +1 -1
- package/dist/services/users/iam.users.service.d.ts +7 -5
- package/dist/services/users/iam.users.service.js +27 -11
- package/dist/services/users/iam.users.service.js.map +1 -1
- package/package.json +7 -5
|
@@ -7,11 +7,11 @@ class DomainIAMModule {
|
|
|
7
7
|
static register(options) {
|
|
8
8
|
const { folderData, imports: additionalImports, moduleClass } = options;
|
|
9
9
|
const { atEnd: importsAtEnd, atStart: importsAtStart } = additionalImports || {};
|
|
10
|
-
const {
|
|
10
|
+
const { services } = (0, core_1.loadDynamicModules)(folderData);
|
|
11
11
|
return {
|
|
12
12
|
global: true,
|
|
13
13
|
module: moduleClass,
|
|
14
|
-
imports: [...(importsAtStart || []), ...(
|
|
14
|
+
imports: [...(importsAtStart || []), ...(importsAtEnd || [])],
|
|
15
15
|
providers: [
|
|
16
16
|
{
|
|
17
17
|
provide: definitions_1.Constants.DOMAIN_MODULE_NAME,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.module.js","sourceRoot":"","sources":["../../src/module/iam.module.ts"],"names":[],"mappings":";;;AAEA,uCAAkD;AAIlD,uDAAkD;
|
|
1
|
+
{"version":3,"file":"iam.module.js","sourceRoot":"","sources":["../../src/module/iam.module.ts"],"names":[],"mappings":";;;AAEA,uCAAkD;AAIlD,uDAAkD;AAElD,MAAa,eAAe;IAC1B,MAAM,CAAC,QAAQ,CAAC,OAA+B;QAC7C,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,iBAAiB,IAAI,EAAE,CAAC;QACjF,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAA,yBAAkB,EAAC,UAAU,CAAC,CAAC;QACpD,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,WAAsC;YAC9C,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;YAC7D,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,uBAAS,CAAC,kBAAkB;oBACrC,QAAQ,EAAE,OAAO,CAAC,UAAU;iBAC7B;gBACD,GAAG,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC;gBAC5B,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;aACpB;YACD,OAAO,EAAE,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;SAC3D,CAAC;IACJ,CAAC;CACF;AApBD,0CAoBC"}
|
|
@@ -32,13 +32,23 @@ class IAMAuthenticationLocalService extends authentication_1.IAMAuthenticationSe
|
|
|
32
32
|
const userIdentifierField = authData.userIdentifierField || defaultUserIdentifierField;
|
|
33
33
|
const userIdentifierValue = userData[userIdentifierField];
|
|
34
34
|
const userMFAIdentifierField = authData.userMFAIdentifierField || userIdentifierField;
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
35
|
+
let wrongPassword = false;
|
|
36
|
+
if (!userPasswordHMACAlgorithm || !userPasswordSecret || !userPassword) {
|
|
37
|
+
wrongPassword = true;
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
const computedPassword = crypto_1.default
|
|
41
|
+
.createHmac(userPasswordHMACAlgorithm, userPasswordSecret)
|
|
42
|
+
.update(`${authPassword}`)
|
|
43
|
+
.digest('hex')
|
|
44
|
+
.toString();
|
|
45
|
+
if (computedPassword !== userPassword) {
|
|
46
|
+
wrongPassword = true;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
if (wrongPassword) {
|
|
50
|
+
console.info(`[IAMAuthenticationLocalService]: Login attempt failed for user "${userIdentifierValue}" - wrong password.`);
|
|
51
|
+
throw new core_1.ApplicationError('Invalid user identifier or password.');
|
|
42
52
|
}
|
|
43
53
|
if (mfaEnabled) {
|
|
44
54
|
if (!mfaCode || mfaType !== authentication_1.UserMFAKnownType.Local || !persistanceUsersMFAService) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.authenticationLocal.service.js","sourceRoot":"","sources":["../../../src/services/authenticationLocal/iam.authenticationLocal.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAA4B;AAE5B,uCAAqH;AASrH,sDAA+E;AAE/E,MAAa,6BAGX,SAAQ,yCAAkD;IAC1D,YACY,cAAqC,EACrC,UAAkB,EAElB,0BAET;QAED,KAAK,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QAPxB,mBAAc,GAAd,cAAc,CAAuB;QACrC,eAAU,GAAV,UAAU,CAAQ;QAElB,+BAA0B,GAA1B,0BAA0B,CAEnC;IAGH,CAAC;IAEK,gBAAgB,CACpB,QAAiE,EACjE,QAAuC;;YAEvC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,0BAA0B,EAAE,GAAG,IAAI,CAAC;YACxE,MAAM,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,kBAAkB,EAAE,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAChH,UAAU,CACW,CAAC;YACxB,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC;YACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC;YAC9D,MAAM,mBAAmB,GAAG,QAAQ,CAAC,mBAAmB,IAAI,0BAA0B,CAAC;YACvF,MAAM,mBAAmB,GAAG,QAAQ,CAAC,mBAAqD,CAAC,CAAC;YAC5F,MAAM,sBAAsB,GAAG,QAAQ,CAAC,sBAAsB,IAAI,mBAAmB,CAAC;YACtF,
|
|
1
|
+
{"version":3,"file":"iam.authenticationLocal.service.js","sourceRoot":"","sources":["../../../src/services/authenticationLocal/iam.authenticationLocal.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,oDAA4B;AAE5B,uCAAqH;AASrH,sDAA+E;AAE/E,MAAa,6BAGX,SAAQ,yCAAkD;IAC1D,YACY,cAAqC,EACrC,UAAkB,EAElB,0BAET;QAED,KAAK,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QAPxB,mBAAc,GAAd,cAAc,CAAuB;QACrC,eAAU,GAAV,UAAU,CAAQ;QAElB,+BAA0B,GAA1B,0BAA0B,CAEnC;IAGH,CAAC;IAEK,gBAAgB,CACpB,QAAiE,EACjE,QAAuC;;YAEvC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,0BAA0B,EAAE,GAAG,IAAI,CAAC;YACxE,MAAM,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,kBAAkB,EAAE,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAChH,UAAU,CACW,CAAC;YACxB,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC;YACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC;YAC9D,MAAM,mBAAmB,GAAG,QAAQ,CAAC,mBAAmB,IAAI,0BAA0B,CAAC;YACvF,MAAM,mBAAmB,GAAG,QAAQ,CAAC,mBAAqD,CAAC,CAAC;YAC5F,MAAM,sBAAsB,GAAG,QAAQ,CAAC,sBAAsB,IAAI,mBAAmB,CAAC;YACtF,IAAI,aAAa,GAAG,KAAK,CAAC;YAC1B,IAAI,CAAC,yBAAyB,IAAI,CAAC,kBAAkB,IAAI,CAAC,YAAY,EAAE,CAAC;gBACvE,aAAa,GAAG,IAAI,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,MAAM,gBAAgB,GAAG,gBAAM;qBAC5B,UAAU,CAAC,yBAAyB,EAAE,kBAAkB,CAAC;qBACzD,MAAM,CAAC,GAAG,YAAY,EAAE,CAAC;qBACzB,MAAM,CAAC,KAAK,CAAC;qBACb,QAAQ,EAAE,CAAC;gBACd,IAAI,gBAAgB,KAAK,YAAY,EAAE,CAAC;oBACtC,aAAa,GAAG,IAAI,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CACV,mEAAmE,mBAAmB,qBAAqB,CAC5G,CAAC;gBACF,MAAM,IAAI,uBAAgB,CAAC,sCAAsC,CAAC,CAAC;YACrE,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,iCAAgB,CAAC,KAAK,IAAI,CAAC,0BAA0B,EAAE,CAAC;oBAClF,MAAM,IAAI,uBAAgB,CAAC,mBAAmB,CAAC,CAAC;gBAClD,CAAC;gBACD,MAAM,cAAc,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC;oBAC9D,OAAO,EAAE,EAAE,CAAC,sBAAsB,CAAC,EAAE,mBAAmB,EAAE;iBAC3D,CAAC,CAAC;gBACH,IAAI,CAAC,CAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,CAAA,IAAI,OAAO,MAAK,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,IAAI,CAAA,EAAE,CAAC;oBAC9D,OAAO,CAAC,IAAI,CACV,kEAAkE,mBAAmB,+BAA+B,CACrH,CAAC;oBACF,MAAM,IAAI,uBAAgB,CAAC,mBAAmB,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QACzB,CAAC;KAAA;CACF;AAhED,sEAgEC"}
|
|
@@ -1,16 +1,18 @@
|
|
|
1
|
-
import { GenericObject, PersistanceEntityService } from '@node-c/core';
|
|
1
|
+
import { DomainBaseOptionsForAdditionalServicesFull, DomainEntityService, DomainEntityServiceDefaultData, GenericObject, PersistanceEntityService } from '@node-c/core';
|
|
2
2
|
import { AuthorizationData, AuthorizationUser, AuthorizationPoint as BaseAuthorizationPoint } from './iam.authorization.definitions';
|
|
3
|
-
export declare class IAMAuthorizationService<AuthorizationPoint extends BaseAuthorizationPoint<unknown>> {
|
|
3
|
+
export declare class IAMAuthorizationService<AuthorizationPoint extends BaseAuthorizationPoint<unknown>, Data extends DomainEntityServiceDefaultData<Partial<AuthorizationPoint>> = DomainEntityServiceDefaultData<Partial<AuthorizationPoint>>> extends DomainEntityService<AuthorizationPoint, PersistanceEntityService<AuthorizationPoint>, Data, Record<string, PersistanceEntityService<Partial<AuthorizationPoint>>> | undefined> {
|
|
4
4
|
protected persistanceAuthorizationPointsService: PersistanceEntityService<AuthorizationPoint>;
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
protected defaultMethods: string[];
|
|
6
|
+
protected additionalPersistanceEntityServices?: Record<string, PersistanceEntityService<Partial<AuthorizationPoint>>> | undefined;
|
|
7
|
+
constructor(persistanceAuthorizationPointsService: PersistanceEntityService<AuthorizationPoint>, defaultMethods?: string[], additionalPersistanceEntityServices?: Record<string, PersistanceEntityService<Partial<AuthorizationPoint>>> | undefined);
|
|
8
|
+
static checkAccess(authorizationPoints: {
|
|
7
9
|
[id: number]: BaseAuthorizationPoint<unknown>;
|
|
8
10
|
}, inputData: GenericObject, user: AuthorizationUser<unknown>): {
|
|
9
11
|
hasAccess: boolean;
|
|
10
12
|
inputDataToBeMutated: GenericObject;
|
|
11
13
|
};
|
|
12
14
|
static getValuesForTesting(valueToTest: unknown): unknown[];
|
|
13
|
-
mapAuthorizationPoints(moduleName: string): Promise<AuthorizationData<unknown>>;
|
|
15
|
+
mapAuthorizationPoints(moduleName: string, additionalServicesOptions?: DomainBaseOptionsForAdditionalServicesFull): Promise<AuthorizationData<unknown>>;
|
|
14
16
|
static matchInputValues(input: GenericObject, values: GenericObject): GenericObject;
|
|
15
17
|
static testValue(valueToTest: unknown, valueToTestAgainst: unknown): boolean;
|
|
16
18
|
}
|
|
@@ -14,68 +14,69 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
15
|
exports.IAMAuthorizationService = void 0;
|
|
16
16
|
const core_1 = require("@node-c/core");
|
|
17
|
-
const general_tools_1 = require("@ramster/general-tools");
|
|
18
17
|
const immutable_1 = __importDefault(require("immutable"));
|
|
18
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
19
19
|
const ramda_1 = require("ramda");
|
|
20
|
-
class IAMAuthorizationService {
|
|
21
|
-
constructor(persistanceAuthorizationPointsService) {
|
|
20
|
+
class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
21
|
+
constructor(persistanceAuthorizationPointsService, defaultMethods = [core_1.DomainMethod.Find], additionalPersistanceEntityServices) {
|
|
22
|
+
super(persistanceAuthorizationPointsService, defaultMethods, additionalPersistanceEntityServices);
|
|
22
23
|
this.persistanceAuthorizationPointsService = persistanceAuthorizationPointsService;
|
|
24
|
+
this.defaultMethods = defaultMethods;
|
|
25
|
+
this.additionalPersistanceEntityServices = additionalPersistanceEntityServices;
|
|
23
26
|
}
|
|
24
|
-
static checkAccess(
|
|
27
|
+
static checkAccess(authorizationPoints, inputData, user) {
|
|
28
|
+
const mutatedInputData = immutable_1.default.fromJS(inputData).toJS();
|
|
25
29
|
const userPermissionsData = user.currentAuthorizationPoints;
|
|
26
30
|
let hasAccess = false;
|
|
27
|
-
|
|
28
|
-
const
|
|
29
|
-
|
|
30
|
-
const acpData = userPermissionsData[acpId];
|
|
31
|
-
if (!acpData) {
|
|
31
|
+
let inputDataToBeMutated = {};
|
|
32
|
+
for (const apId in authorizationPoints) {
|
|
33
|
+
if (!userPermissionsData[apId]) {
|
|
32
34
|
continue;
|
|
33
35
|
}
|
|
34
|
-
const
|
|
36
|
+
const apData = authorizationPoints[apId];
|
|
37
|
+
const { allowedInputData, forbiddenInputData, inputDataFieldName, requiredStaticData, userFieldName } = apData;
|
|
35
38
|
const hasStaticData = requiredStaticData && Object.keys(requiredStaticData).length;
|
|
36
39
|
const innerMutatedInputData = immutable_1.default.fromJS(mutatedInputData).toJS();
|
|
37
40
|
const innerInputDataToBeMutated = {};
|
|
41
|
+
hasAccess = true;
|
|
38
42
|
if (allowedInputData && Object.keys(allowedInputData).length) {
|
|
39
43
|
const values = IAMAuthorizationService.matchInputValues(innerMutatedInputData, allowedInputData);
|
|
40
44
|
for (const key in values) {
|
|
41
45
|
innerInputDataToBeMutated[key] = values[key];
|
|
42
|
-
|
|
46
|
+
lodash_1.default.set(innerMutatedInputData, key, values[key]);
|
|
43
47
|
}
|
|
44
48
|
}
|
|
45
49
|
if (forbiddenInputData && Object.keys(forbiddenInputData).length) {
|
|
46
50
|
const values = IAMAuthorizationService.matchInputValues(innerMutatedInputData, forbiddenInputData);
|
|
47
51
|
for (const key in values) {
|
|
48
52
|
innerInputDataToBeMutated[key] = undefined;
|
|
49
|
-
|
|
53
|
+
lodash_1.default.set(innerMutatedInputData, key, undefined);
|
|
50
54
|
}
|
|
51
55
|
}
|
|
52
56
|
if (hasStaticData) {
|
|
53
57
|
for (const fieldName in requiredStaticData) {
|
|
54
|
-
if (!IAMAuthorizationService.testValue(
|
|
58
|
+
if (!IAMAuthorizationService.testValue(lodash_1.default.get({ inputData: innerMutatedInputData, user }, fieldName), requiredStaticData[fieldName])) {
|
|
55
59
|
hasAccess = false;
|
|
56
60
|
break;
|
|
57
61
|
}
|
|
58
|
-
if (!hasAccess) {
|
|
59
|
-
hasAccess = true;
|
|
60
|
-
}
|
|
61
62
|
}
|
|
62
|
-
if (hasAccess) {
|
|
63
|
-
hasAccess = false;
|
|
64
|
-
}
|
|
65
|
-
else {
|
|
63
|
+
if (!hasAccess) {
|
|
66
64
|
continue;
|
|
67
65
|
}
|
|
68
66
|
}
|
|
69
|
-
if (userFieldName) {
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
}
|
|
73
|
-
const userFieldValue =
|
|
67
|
+
if (userFieldName && inputDataFieldName) {
|
|
68
|
+
const inputFieldValue = lodash_1.default.get(innerMutatedInputData, inputDataFieldName, {
|
|
69
|
+
removeNestedFieldEscapeSign: true
|
|
70
|
+
});
|
|
71
|
+
const userFieldValue = lodash_1.default.get(user, userFieldName);
|
|
74
72
|
if (typeof userFieldValue === 'undefined' || typeof inputFieldValue === 'undefined') {
|
|
73
|
+
hasAccess = false;
|
|
75
74
|
continue;
|
|
76
75
|
}
|
|
77
|
-
const inputValueIsArray = inputFieldValue instanceof Array, valuesToTest = inputValueIsArray ? inputFieldValue : [inputFieldValue], valuesToTestAgainst = userFieldValue instanceof Array ? userFieldValue : [userFieldValue];
|
|
78
76
|
const allowedValues = [];
|
|
77
|
+
const inputValueIsArray = inputFieldValue instanceof Array;
|
|
78
|
+
const valuesToTest = inputValueIsArray ? inputFieldValue : [inputFieldValue];
|
|
79
|
+
const valuesToTestAgainst = userFieldValue instanceof Array ? userFieldValue : [userFieldValue];
|
|
79
80
|
valuesToTest.forEach((valueToTest) => {
|
|
80
81
|
const valueToTestVariants = IAMAuthorizationService.getValuesForTesting(valueToTest);
|
|
81
82
|
for (const j in valuesToTestAgainst) {
|
|
@@ -95,16 +96,16 @@ class IAMAuthorizationService {
|
|
|
95
96
|
}
|
|
96
97
|
});
|
|
97
98
|
if (!allowedValues.length) {
|
|
99
|
+
hasAccess = false;
|
|
98
100
|
continue;
|
|
99
101
|
}
|
|
100
102
|
if (inputValueIsArray) {
|
|
101
103
|
innerInputDataToBeMutated[inputDataFieldName] = allowedValues;
|
|
102
|
-
|
|
104
|
+
lodash_1.default.set(mutatedInputData, inputDataFieldName, allowedValues);
|
|
103
105
|
}
|
|
104
|
-
hasAccess = true;
|
|
105
|
-
(0, ramda_1.mergeDeepRight)(innerInputDataToBeMutated, innerInputDataToBeMutated);
|
|
106
|
-
break;
|
|
107
106
|
}
|
|
107
|
+
inputDataToBeMutated = (0, ramda_1.mergeDeepRight)(inputDataToBeMutated, innerInputDataToBeMutated);
|
|
108
|
+
break;
|
|
108
109
|
}
|
|
109
110
|
return { hasAccess, inputDataToBeMutated };
|
|
110
111
|
}
|
|
@@ -122,15 +123,12 @@ class IAMAuthorizationService {
|
|
|
122
123
|
}
|
|
123
124
|
return values;
|
|
124
125
|
}
|
|
125
|
-
mapAuthorizationPoints(moduleName) {
|
|
126
|
+
mapAuthorizationPoints(moduleName, additionalServicesOptions) {
|
|
126
127
|
return __awaiter(this, void 0, void 0, function* () {
|
|
127
|
-
const { items:
|
|
128
|
-
filters: { moduleNames: { [core_1.PersistanceSelectOperator.Contains]: moduleName } },
|
|
129
|
-
findAll: true
|
|
130
|
-
});
|
|
128
|
+
const { result: { items: apList } } = yield this.find(Object.assign(Object.assign({}, (additionalServicesOptions || {})), { filters: { moduleNames: { [core_1.PersistanceSelectOperator.Contains]: moduleName } }, findAll: true }));
|
|
131
129
|
const authorizationData = { __all: { __all: {} } };
|
|
132
130
|
const moduleGlobalData = authorizationData.__all.__all;
|
|
133
|
-
|
|
131
|
+
apList.forEach(item => {
|
|
134
132
|
if (!item.controllerNames) {
|
|
135
133
|
moduleGlobalData[item.id] = item;
|
|
136
134
|
return;
|
|
@@ -161,7 +159,7 @@ class IAMAuthorizationService {
|
|
|
161
159
|
static matchInputValues(input, values) {
|
|
162
160
|
const mutatedInput = immutable_1.default.fromJS(input).toJS();
|
|
163
161
|
for (const fieldName in values) {
|
|
164
|
-
const value =
|
|
162
|
+
const value = lodash_1.default.get(input, fieldName);
|
|
165
163
|
const allowedValue = values[fieldName];
|
|
166
164
|
const allowedValues = allowedValue instanceof Array ? allowedValue : [allowedValue];
|
|
167
165
|
let valueIsArray = false;
|
|
@@ -192,30 +190,30 @@ class IAMAuthorizationService {
|
|
|
192
190
|
}
|
|
193
191
|
});
|
|
194
192
|
if (!valuesToSet.length) {
|
|
195
|
-
|
|
193
|
+
lodash_1.default.set(mutatedInput, fieldName, undefined);
|
|
196
194
|
continue;
|
|
197
195
|
}
|
|
198
|
-
|
|
199
|
-
removeNestedFieldEscapeSign: true
|
|
200
|
-
});
|
|
196
|
+
lodash_1.default.set(mutatedInput, fieldName, valueIsArray ? valuesToSet : valuesToSet[0]);
|
|
201
197
|
}
|
|
202
198
|
return mutatedInput;
|
|
203
199
|
}
|
|
204
200
|
static testValue(valueToTest, valueToTestAgainst) {
|
|
205
201
|
if (typeof valueToTest === 'string' &&
|
|
206
202
|
typeof valueToTestAgainst === 'string' &&
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
const regex = new RegExp(
|
|
210
|
-
return regex.test(
|
|
203
|
+
valueToTestAgainst.charAt(0) === '/' &&
|
|
204
|
+
valueToTestAgainst.charAt(valueToTestAgainst.length - 1) === '/') {
|
|
205
|
+
const regex = new RegExp(valueToTestAgainst.substring(1, valueToTestAgainst.length - 2));
|
|
206
|
+
return regex.test(valueToTest);
|
|
211
207
|
}
|
|
212
208
|
const possibleValidValues = IAMAuthorizationService.getValuesForTesting(valueToTest);
|
|
209
|
+
let hasMatch = false;
|
|
213
210
|
for (const i in possibleValidValues) {
|
|
214
211
|
if (possibleValidValues[i] === valueToTestAgainst) {
|
|
215
|
-
|
|
212
|
+
hasMatch = true;
|
|
213
|
+
break;
|
|
216
214
|
}
|
|
217
215
|
}
|
|
218
|
-
return
|
|
216
|
+
return hasMatch;
|
|
219
217
|
}
|
|
220
218
|
}
|
|
221
219
|
exports.IAMAuthorizationService = IAMAuthorizationService;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.authorization.service.js","sourceRoot":"","sources":["../../../src/services/authorization/iam.authorization.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"iam.authorization.service.js","sourceRoot":"","sources":["../../../src/services/authorization/iam.authorization.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uCAQsB;AAEtB,0DAAkC;AAClC,oDAAwB;AACxB,iCAAgD;AAQhD,MAAa,uBAKX,SAAQ,0BAKT;IACC,YACY,qCAAmF,EACnF,iBAA2B,CAAC,mBAAY,CAAC,IAAI,CAAC,EAC9C,mCAGT;QAED,KAAK,CAAC,qCAAqC,EAAE,cAAc,EAAE,mCAAmC,CAAC,CAAC;QAPxF,0CAAqC,GAArC,qCAAqC,CAA8C;QACnF,mBAAc,GAAd,cAAc,CAAgC;QAC9C,wCAAmC,GAAnC,mCAAmC,CAG5C;IAGH,CAAC;IAED,MAAM,CAAC,WAAW,CAChB,mBAAsE,EACtE,SAAwB,EACxB,IAAgC;QAKhC,MAAM,gBAAgB,GAAG,mBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5D,MAAM,mBAAmB,GAAG,IAAI,CAAC,0BAA2B,CAAC;QAC7D,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,oBAAoB,GAAkB,EAAE,CAAC;QAC7C,KAAK,MAAM,IAAI,IAAI,mBAAmB,EAAE,CAAC;YACvC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/B,SAAS;YACX,CAAC;YACD,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC;YAC/G,MAAM,aAAa,GAAG,kBAAkB,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;YACnF,MAAM,qBAAqB,GAAG,mBAAS,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,IAAI,EAAE,CAAC;YACxE,MAAM,yBAAyB,GAAkB,EAAE,CAAC;YACpD,SAAS,GAAG,IAAI,CAAC;YACjB,IAAI,gBAAgB,IAAI,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC7D,MAAM,MAAM,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,gBAAgB,CAAC,CAAC;gBACjG,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;oBACzB,yBAAyB,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC7C,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YACD,IAAI,kBAAkB,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,EAAE,CAAC;gBACjE,MAAM,MAAM,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,kBAAkB,CAAC,CAAC;gBACnG,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;oBACzB,yBAAyB,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC;oBAC3C,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;YACD,IAAI,aAAa,EAAE,CAAC;gBAClB,KAAK,MAAM,SAAS,IAAI,kBAAkB,EAAE,CAAC;oBAC3C,IACE,CAAC,uBAAuB,CAAC,SAAS,CAChC,gBAAE,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,qBAAqB,EAAE,IAAI,EAAE,EAAE,SAAS,CAAC,EAC7D,kBAAkB,CAAC,SAAS,CAAC,CAC9B,EACD,CAAC;wBACD,SAAS,GAAG,KAAK,CAAC;wBAClB,MAAM;oBACR,CAAC;gBACH,CAAC;gBACD,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,aAAa,IAAI,kBAAkB,EAAE,CAAC;gBACxC,MAAM,eAAe,GAAG,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,kBAAkB,EAAE;oBACxE,2BAA2B,EAAE,IAAI;iBAClC,CAAC,CAAC;gBACH,MAAM,cAAc,GAAG,gBAAE,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBACnD,IAAI,OAAO,cAAc,KAAK,WAAW,IAAI,OAAO,eAAe,KAAK,WAAW,EAAE,CAAC;oBACpF,SAAS,GAAG,KAAK,CAAC;oBAClB,SAAS;gBACX,CAAC;gBACD,MAAM,aAAa,GAAc,EAAE,CAAC;gBACpC,MAAM,iBAAiB,GAAG,eAAe,YAAY,KAAK,CAAC;gBAC3D,MAAM,YAAY,GAAG,iBAAiB,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;gBAC7E,MAAM,mBAAmB,GAAG,cAAc,YAAY,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;gBAChG,YAAY,CAAC,OAAO,CAAC,CAAC,WAAoB,EAAE,EAAE;oBAC5C,MAAM,mBAAmB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;oBACrF,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;wBACpC,MAAM,kBAAkB,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;wBAClD,IAAI,UAAU,GAAG,KAAK,CAAC;wBACvB,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;4BACpC,MAAM,OAAO,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;4BACvC,IAAI,kBAAkB,KAAK,OAAO,EAAE,CAAC;gCACnC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gCAC5B,UAAU,GAAG,IAAI,CAAC;gCAClB,MAAM;4BACR,CAAC;wBACH,CAAC;wBACD,IAAI,UAAU,EAAE,CAAC;4BACf,MAAM;wBACR,CAAC;oBACH,CAAC;gBACH,CAAC,CAAC,CAAC;gBACH,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;oBAC1B,SAAS,GAAG,KAAK,CAAC;oBAClB,SAAS;gBACX,CAAC;gBACD,IAAI,iBAAiB,EAAE,CAAC;oBACtB,yBAAyB,CAAC,kBAAkB,CAAC,GAAG,aAAa,CAAC;oBAC9D,gBAAE,CAAC,GAAG,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YACD,oBAAoB,GAAG,IAAA,sBAAK,EAAC,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;YAC9E,MAAM;QACR,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,CAAC;IAC7C,CAAC;IAED,MAAM,CAAC,mBAAmB,CAAC,WAAoB;QAC7C,MAAM,MAAM,GAAG;YACb,WAAW;YACX,QAAQ,CAAC,WAAqB,EAAE,EAAE,CAAC;YACnC,UAAU,CAAC,WAAqB,CAAC;SAClC,CAAC;QAEF,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;aAAM,IAAI,WAAW,KAAK,OAAO,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEK,sBAAsB,CAC1B,UAAkB,EAClB,yBAAsE;;YAEtE,MAAM,EACJ,MAAM,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,EAC1B,GAAG,MAAM,IAAI,CAAC,IAAI,iCACd,CAAC,yBAAyB,IAAI,EAAE,CAAC,KACpC,OAAO,EAAE,EAAE,WAAW,EAAE,EAAE,CAAC,gCAAyB,CAAC,QAAQ,CAAC,EAAE,UAAU,EAAE,EAAE,EAC9E,OAAO,EAAE,IAAI,IACb,CAAC;YACH,MAAM,iBAAiB,GAA+B,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC;YAC/E,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC;YACvD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;gBACpB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;oBAC1B,gBAAgB,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;oBAC3C,OAAO;gBACT,CAAC;gBACD,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;oBACrC,IAAI,OAAO,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;oBACzC,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,OAAO,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;wBACxB,iBAAiB,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;oBACvC,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;wBACvB,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;wBACxC,OAAO;oBACT,CAAC;oBACD,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;wBAChC,IAAI,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;wBAC3B,IAAI,CAAC,KAAK,EAAE,CAAC;4BACX,KAAK,GAAG,EAAE,CAAC;4BACX,OAAO,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;wBACzB,CAAC;wBACD,KAAK,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;oBAClC,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,OAAO,iBAAiB,CAAC;QAC3B,CAAC;KAAA;IAED,MAAM,CAAC,gBAAgB,CAAC,KAAoB,EAAE,MAAqB;QACjE,MAAM,YAAY,GAAG,mBAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;QACpD,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,gBAAE,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YACvC,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,aAAa,GAAG,YAAY,YAAY,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YACpF,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,aAAa,GAAc,EAAE,CAAC;YAClC,MAAM,WAAW,GAAc,EAAE,CAAC;YAClC,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,aAAa,GAAG,KAAK,CAAC;gBACtB,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;YACD,aAAa,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;gBACnC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;gBACvF,KAAK,MAAM,CAAC,IAAI,oBAAoB,EAAE,CAAC;oBACrC,MAAM,kBAAkB,GAAG,oBAAoB,CAAC,CAAC,CAAC,CAAC;oBACnD,IAAI,WAAW,GAAG,KAAK,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;wBAC9B,IAAI,uBAAuB,CAAC,SAAS,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;4BAC5E,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;4BAC/B,WAAW,GAAG,IAAI,CAAC;4BACnB,MAAM;wBACR,CAAC;oBACH,CAAC;oBACD,IAAI,WAAW,EAAE,CAAC;wBAChB,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;gBACxB,gBAAE,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;gBAC3C,SAAS;YACX,CAAC;YACD,gBAAE,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/E,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,WAAoB,EAAE,kBAA2B;QAChE,IACE,OAAO,WAAW,KAAK,QAAQ;YAC/B,OAAO,kBAAkB,KAAK,QAAQ;YACtC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;YACpC,kBAAkB,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,EAChE,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,EAAE,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,mBAAmB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QACrF,IAAI,QAAQ,GAAG,KAAK,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;YACpC,IAAI,mBAAmB,CAAC,CAAC,CAAC,KAAK,kBAAkB,EAAE,CAAC;gBAClD,QAAQ,GAAG,IAAI,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AA7OD,0DA6OC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.tokenManager.definitions.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.definitions.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"iam.tokenManager.definitions.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.definitions.ts"],"names":[],"mappings":";;;AAyBA,IAAY,SAKX;AALD,WAAY,SAAS;IAEnB,8BAAiB,CAAA;IAEjB,gCAAmB,CAAA;AACrB,CAAC,EALW,SAAS,yBAAT,SAAS,QAKpB"}
|
|
@@ -52,15 +52,18 @@ var __rest = (this && this.__rest) || function (s, e) {
|
|
|
52
52
|
}
|
|
53
53
|
return t;
|
|
54
54
|
};
|
|
55
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
56
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
57
|
+
};
|
|
55
58
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
56
59
|
exports.IAMTokenManagerService = void 0;
|
|
57
60
|
const core_1 = require("@node-c/core");
|
|
58
|
-
const general_tools_1 = require("@ramster/general-tools");
|
|
59
61
|
const jwt = __importStar(require("jsonwebtoken"));
|
|
62
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
60
63
|
const iam_tokenManager_definitions_1 = require("./iam.tokenManager.definitions");
|
|
61
64
|
class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
62
65
|
constructor(configProvider, moduleName, persistanceEntityService) {
|
|
63
|
-
super(persistanceEntityService,
|
|
66
|
+
super(persistanceEntityService, ['create']);
|
|
64
67
|
this.configProvider = configProvider;
|
|
65
68
|
this.moduleName = moduleName;
|
|
66
69
|
this.persistanceEntityService = persistanceEntityService;
|
|
@@ -86,6 +89,7 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
86
89
|
}
|
|
87
90
|
}
|
|
88
91
|
else if (type === iam_tokenManager_definitions_1.TokenType.Refresh) {
|
|
92
|
+
secret = moduleConfig.jwtRefreshSecret;
|
|
89
93
|
if (expiresInMinutes) {
|
|
90
94
|
signOptions.expiresIn = expiresInMinutes * 60;
|
|
91
95
|
}
|
|
@@ -109,14 +113,14 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
109
113
|
const objectToSave = Object.assign(Object.assign({}, tokenData), { token, type });
|
|
110
114
|
if (persist && persistanceEntityService) {
|
|
111
115
|
if (purgeOldFromPersistance && identifierDataField) {
|
|
112
|
-
const identifierValue =
|
|
116
|
+
const identifierValue = lodash_1.default.get(data, identifierDataField);
|
|
113
117
|
if (typeof identifierValue !== 'undefined' && typeof identifierValue !== 'object') {
|
|
114
118
|
yield persistanceEntityService.delete({
|
|
115
|
-
filters: { [identifierDataField]: identifierValue }
|
|
116
|
-
});
|
|
119
|
+
filters: { [identifierDataField]: identifierValue, type }
|
|
120
|
+
}, { requirePrimaryKeys: false });
|
|
117
121
|
}
|
|
118
122
|
}
|
|
119
|
-
yield _super.create.call(this, objectToSave);
|
|
123
|
+
yield _super.create.call(this, objectToSave, { ttl: signOptions.expiresIn });
|
|
120
124
|
}
|
|
121
125
|
return { result: objectToSave };
|
|
122
126
|
});
|
|
@@ -127,7 +131,7 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
127
131
|
const moduleConfig = configProvider.config.domain[moduleName];
|
|
128
132
|
const { deleteFromStoreIfExpired, identifierDataField, newTokenExpiresInMinutes, persistNewToken, purgeStoreOnRenew, refreshToken, refreshTokenAccessTokenIdentifierDataField } = options || {};
|
|
129
133
|
const { content, error } = yield this.verify(token, moduleConfig.jwtAccessSecret);
|
|
130
|
-
let forceRenew =
|
|
134
|
+
let forceRenew = false;
|
|
131
135
|
let newToken;
|
|
132
136
|
if (error) {
|
|
133
137
|
let errorToThrow;
|
|
@@ -142,23 +146,23 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
142
146
|
errorToThrow = new core_1.ApplicationError('Empty refresh token.');
|
|
143
147
|
}
|
|
144
148
|
else {
|
|
145
|
-
const refreshTokenCheckValue =
|
|
149
|
+
const refreshTokenCheckValue = lodash_1.default.get(content.data, refreshTokenAccessTokenIdentifierDataField);
|
|
146
150
|
if (refreshTokenCheckValue !== refreshToken) {
|
|
147
151
|
errorToThrow = new core_1.ApplicationError('Mismatched refresh token.');
|
|
148
152
|
}
|
|
149
153
|
else {
|
|
150
|
-
forceRenew =
|
|
154
|
+
forceRenew = true;
|
|
151
155
|
throwError = false;
|
|
152
156
|
}
|
|
153
157
|
}
|
|
154
158
|
}
|
|
155
159
|
else {
|
|
156
160
|
if (deleteFromStoreIfExpired) {
|
|
157
|
-
const identifierValue =
|
|
161
|
+
const identifierValue = lodash_1.default.get(content.data, identifierDataField);
|
|
158
162
|
if (typeof identifierValue !== 'undefined' && typeof identifierValue !== 'object') {
|
|
159
163
|
yield persistanceEntityService.delete({
|
|
160
|
-
filters: { [identifierDataField]: identifierValue }
|
|
161
|
-
});
|
|
164
|
+
filters: { [identifierDataField]: identifierValue, type: iam_tokenManager_definitions_1.TokenType.Access }
|
|
165
|
+
}, { requirePrimaryKeys: false });
|
|
162
166
|
}
|
|
163
167
|
}
|
|
164
168
|
errorToThrow = new core_1.ApplicationError('Expired access token.');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.tokenManager.service.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.service.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"iam.tokenManager.service.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCASsB;AAEtB,kDAAoC;AACpC,oDAAwB;AAExB,iFAQwC;AAGxC,MAAa,sBAAyD,SAAQ,0BAG7E;IACC,YAEY,cAAqC,EAErC,UAAkB,EAElB,wBAAkF;QAE5F,KAAK,CAAC,wBAAyB,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QANnC,mBAAc,GAAd,cAAc,CAAuB;QAErC,eAAU,GAAV,UAAU,CAAQ;QAElB,6BAAwB,GAAxB,wBAAwB,CAA0D;IAG9F,CAAC;IAEK,MAAM,CACV,IAA+C,EAC/C,OAAkC;;;;;YAElC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC;YACtE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAuB,CAAC;YACpF,MAAM,EAAE,IAAI,KAAmB,IAAI,EAAlB,SAAS,UAAK,IAAI,EAA7B,QAAsB,CAAO,CAAC;YACpC,MAAM,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,OAAO,EAAE,uBAAuB,EAAE,GAAG,OAAO,CAAC;YAC5F,MAAM,WAAW,GAAG,EAAqB,CAAC;YAC1C,IAAI,MAAc,CAAC;YAEnB,IAAI,IAAI,KAAK,wCAAS,CAAC,MAAM,EAAE,CAAC;gBAC9B,MAAM,GAAG,YAAY,CAAC,eAAe,CAAC;gBACtC,IAAI,gBAAgB,EAAE,CAAC;oBACrB,WAAW,CAAC,SAAS,GAAG,gBAAgB,GAAG,EAAE,CAAC;gBAChD,CAAC;qBAAM,IAAI,YAAY,CAAC,8BAA8B,EAAE,CAAC;oBACvD,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC,8BAA8B,GAAG,EAAE,CAAC;gBAC3E,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,KAAK,wCAAS,CAAC,OAAO,EAAE,CAAC;gBACtC,MAAM,GAAG,YAAY,CAAC,gBAAgB,CAAC;gBACvC,IAAI,gBAAgB,EAAE,CAAC;oBACrB,WAAW,CAAC,SAAS,GAAG,gBAAgB,GAAG,EAAE,CAAC;gBAChD,CAAC;qBAAM,IAAI,YAAY,CAAC,+BAA+B,EAAE,CAAC;oBACxD,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC,+BAA+B,GAAG,EAAE,CAAC;gBAC5E,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,uBAAgB,CAAC,gDAAgD,IAAI,IAAI,CAAC,CAAC;YACvF,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC1D,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;oBACrD,IAAI,GAAG,EAAE,CAAC;wBACR,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACnB,MAAM,CAAC,IAAI,uBAAgB,CAAC,uBAAuB,CAAC,CAAC,CAAC;wBACtD,OAAO;oBACT,CAAC;oBACD,OAAO,CAAC,KAAe,CAAC,CAAC;gBAC3B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,MAAM,YAAY,GAAG,gCAAK,SAAS,KAAE,KAAK,EAAE,IAAI,GAAoC,CAAC;YAGrF,IAAI,OAAO,IAAI,wBAAwB,EAAE,CAAC;gBACxC,IAAI,uBAAuB,IAAI,mBAAmB,EAAE,CAAC;oBACnD,MAAM,eAAe,GAAG,gBAAE,CAAC,GAAG,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;oBAC1D,IAAI,OAAO,eAAe,KAAK,WAAW,IAAI,OAAO,eAAe,KAAK,QAAQ,EAAE,CAAC;wBAClF,MAAM,wBAAwB,CAAC,MAAM,CACnC;4BACE,OAAO,EAAE,EAAE,CAAC,mBAAmB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE;yBAC1D,EACD,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAC9B,CAAC;oBACJ,CAAC;gBACH,CAAC;gBACD,MAAM,OAAM,MAAM,YAAC,YAAY,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,SAAS,EAAyB,CAAC,CAAC;YAC1F,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;QAClC,CAAC;KAAA;IAEK,iBAAiB,CACrB,KAAa,EACb,OAAkC;;YAElC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC;YACtE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAuB,CAAC;YACpF,MAAM,EACJ,wBAAwB,EACxB,mBAAmB,EACnB,wBAAwB,EACxB,eAAe,EACf,iBAAiB,EACjB,YAAY,EACZ,0CAA0C,EAC3C,GAAG,OAAO,IAAI,EAAE,CAAC;YAElB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,eAAe,CAAC,CAAC;YAClF,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,IAAI,QAA4B,CAAC;YAEjC,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,YAA+B,CAAC;gBACpC,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,KAAK,KAAK,eAAe,IAAI,mBAAmB,KAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAA,IAAI,wBAAwB,EAAE,CAAC;oBAClG,IAAI,YAAY,IAAI,0CAA0C,EAAE,CAAC;wBAC/D,MAAM,EAAE,OAAO,EAAE,mBAAmB,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAClF,YAAY,EACZ,YAAY,CAAC,gBAAgB,CAC9B,CAAC;wBACF,IAAI,iBAAiB,EAAE,CAAC;4BACtB,YAAY,GAAG,iBAA0B,CAAC;wBAC5C,CAAC;wBACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;4BACzB,YAAY,GAAG,IAAI,uBAAgB,CAAC,sBAAsB,CAAC,CAAC;wBAC9D,CAAC;6BAAM,CAAC;4BACN,MAAM,sBAAsB,GAAG,gBAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,0CAA0C,CAAC,CAAC;4BAChG,IAAI,sBAAsB,KAAK,YAAY,EAAE,CAAC;gCAC5C,YAAY,GAAG,IAAI,uBAAgB,CAAC,2BAA2B,CAAC,CAAC;4BACnE,CAAC;iCAAM,CAAC;gCACN,UAAU,GAAG,IAAI,CAAC;gCAClB,UAAU,GAAG,KAAK,CAAC;4BACrB,CAAC;wBACH,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,IAAI,wBAAwB,EAAE,CAAC;4BAC7B,MAAM,eAAe,GAAG,gBAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;4BAClE,IAAI,OAAO,eAAe,KAAK,WAAW,IAAI,OAAO,eAAe,KAAK,QAAQ,EAAE,CAAC;gCAClF,MAAM,wBAAwB,CAAC,MAAM,CACnC;oCACE,OAAO,EAAE,EAAE,CAAC,mBAAmB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,wCAAS,CAAC,MAAM,EAAE;iCAC5E,EACD,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAC9B,CAAC;4BACJ,CAAC;wBACH,CAAC;wBACD,YAAY,GAAG,IAAI,uBAAgB,CAAC,uBAAuB,CAAC,CAAC;oBAC/D,CAAC;gBACH,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,YAAY,IAAI,KAAK,CAAC;gBAC9B,CAAC;YACH,CAAC;YAED,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,KAAI,UAAU,EAAE,CAAC;gBAChC,MAAM,SAAS,mCAAwD,OAAO,CAAC,IAAI,KAAE,IAAI,EAAE,wCAAS,CAAC,MAAM,GAAE,CAAC;gBAC9G,IAAI,YAAY,IAAI,0CAA0C,EAAE,CAAC;oBAC/D,SAAS,CAAC,0CAA0C,CAAC,GAAG,YAAY,CAAC;gBACvE,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAsD,EAAE;oBAC3F,gBAAgB,EAAE,wBAAwB;oBAC1C,mBAAmB;oBACnB,OAAO,EAAE,eAAe;oBACxB,uBAAuB,EAAE,iBAAiB;iBAC3C,CAAC,CAAC;gBACH,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC;YAC1B,CAAC;YACD,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;QAC/B,CAAC;KAAA;IAEe,MAAM,CACpB,KAAa,EACb,MAAc;;YAEd,MAAM,IAAI,GAAG,MAAM,IAAI,OAAO,CAAwE,OAAO,CAAC,EAAE;gBAC9G,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;oBACzC,IAAI,GAAG,EAAE,CAAC;wBACR,OAAO,CAAC,EAAE,OAAO,EAAE,OAAiD,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;oBACtF,CAAC;oBACD,OAAO,CAAC,EAAE,OAAO,EAAE,OAAiD,EAAE,CAAC,CAAC;gBAC1E,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;CACF;AAtKD,wDAsKC"}
|
|
@@ -1,32 +1,26 @@
|
|
|
1
|
-
import { GenericObject } from '@node-c/core';
|
|
1
|
+
import { DomainFindOnePrivateOptions, GenericObject } from '@node-c/core';
|
|
2
2
|
import { UserAuthType, UserMFAType } from '../authentication';
|
|
3
3
|
import { AuthorizationPoint } from '../authorization';
|
|
4
|
-
export interface CreateAccessTokenLocalAuthData {
|
|
5
|
-
mfaCode?: string;
|
|
6
|
-
password: string;
|
|
7
|
-
}
|
|
8
4
|
export interface CreateAccessTokenOptions<AuthData = unknown> {
|
|
9
5
|
auth: {
|
|
10
|
-
type: UserAuthType;
|
|
11
6
|
mfaType?: UserMFAType;
|
|
7
|
+
type: UserAuthType;
|
|
12
8
|
} & AuthData;
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
9
|
+
filters: GenericObject;
|
|
10
|
+
mainFilterField: string;
|
|
11
|
+
rememberUser?: boolean;
|
|
16
12
|
}
|
|
17
13
|
export interface CreateAccessTokenReturnData<UserData> {
|
|
18
14
|
accessToken: string;
|
|
19
15
|
refreshToken: string;
|
|
20
16
|
user: UserData;
|
|
21
17
|
}
|
|
22
|
-
export interface GetUserWithPermissionsDataOptions {
|
|
18
|
+
export interface GetUserWithPermissionsDataOptions extends DomainFindOnePrivateOptions {
|
|
23
19
|
keepPassword?: boolean;
|
|
24
20
|
}
|
|
25
|
-
export type
|
|
21
|
+
export type UserWithPermissionsData<UserData, AuthorizationPointId> = {
|
|
26
22
|
currentAuthorizationPoints: GenericObject<AuthorizationPoint<AuthorizationPointId>>;
|
|
27
|
-
|
|
28
|
-
password?: string;
|
|
29
|
-
} & UserIdentifierData;
|
|
23
|
+
} & UserData;
|
|
30
24
|
export interface UserTokenEnityFields<UserId = unknown> {
|
|
31
25
|
refreshToken?: string;
|
|
32
26
|
userId: UserId;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.users.definitions.js","sourceRoot":"","sources":["../../../src/services/users/iam.users.definitions.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"iam.users.definitions.js","sourceRoot":"","sources":["../../../src/services/users/iam.users.definitions.ts"],"names":[],"mappings":";;;AAkCA,IAAY,uBAGX;AAHD,WAAY,uBAAuB;IAEjC,+CAAoB,CAAA;AACtB,CAAC,EAHW,uBAAuB,uCAAvB,uBAAuB,QAGlC"}
|
|
@@ -1,14 +1,16 @@
|
|
|
1
|
-
import { ConfigProviderService, DomainEntityService, PersistanceEntityService, PersistanceFindOneOptions } from '@node-c/core';
|
|
2
|
-
import {
|
|
1
|
+
import { ConfigProviderService, DomainEntityService, DomainEntityServiceDefaultData, PersistanceEntityService, PersistanceFindOneOptions } from '@node-c/core';
|
|
2
|
+
import { CreateAccessTokenOptions, CreateAccessTokenReturnData, GetUserWithPermissionsDataOptions, UserTokenEnityFields, UserWithPermissionsData } from './iam.users.definitions';
|
|
3
3
|
import { IAMAuthenticationService, UserAuthType } from '../authentication';
|
|
4
4
|
import { IAMTokenManagerService } from '../tokenManager';
|
|
5
|
-
export declare class IAMUsersService<User extends
|
|
5
|
+
export declare class IAMUsersService<User extends object, Data extends DomainEntityServiceDefaultData<Partial<User>> = DomainEntityServiceDefaultData<Partial<User>>> extends DomainEntityService<User, PersistanceEntityService<User>, Data, Record<string, PersistanceEntityService<Partial<User>>> | undefined> {
|
|
6
6
|
protected configProvider: ConfigProviderService;
|
|
7
7
|
protected moduleName: string;
|
|
8
8
|
protected persistanceUsersService: PersistanceEntityService<User>;
|
|
9
9
|
protected tokenManager: IAMTokenManagerService<UserTokenEnityFields>;
|
|
10
10
|
protected userAuthServices: Record<UserAuthType, IAMAuthenticationService<User>>;
|
|
11
|
-
|
|
11
|
+
protected defaultMethods: string[];
|
|
12
|
+
protected additionalPersistanceEntityServices?: Record<string, PersistanceEntityService<Partial<User>>> | undefined;
|
|
13
|
+
constructor(configProvider: ConfigProviderService, moduleName: string, persistanceUsersService: PersistanceEntityService<User>, tokenManager: IAMTokenManagerService<UserTokenEnityFields>, userAuthServices: Record<UserAuthType, IAMAuthenticationService<User>>, defaultMethods?: string[], additionalPersistanceEntityServices?: Record<string, PersistanceEntityService<Partial<User>>> | undefined);
|
|
12
14
|
createAccessToken(options: CreateAccessTokenOptions): Promise<CreateAccessTokenReturnData<User>>;
|
|
13
|
-
getUserWithPermissionsData(_options: PersistanceFindOneOptions, _privateOptions?: GetUserWithPermissionsDataOptions): Promise<User | null>;
|
|
15
|
+
getUserWithPermissionsData(_options: PersistanceFindOneOptions, _privateOptions?: GetUserWithPermissionsDataOptions): Promise<UserWithPermissionsData<User, unknown> | null>;
|
|
14
16
|
}
|
|
@@ -25,45 +25,61 @@ const core_1 = require("@node-c/core");
|
|
|
25
25
|
const iam_users_definitions_1 = require("./iam.users.definitions");
|
|
26
26
|
const tokenManager_1 = require("../tokenManager");
|
|
27
27
|
class IAMUsersService extends core_1.DomainEntityService {
|
|
28
|
-
constructor(configProvider, moduleName, persistanceUsersService, tokenManager, userAuthServices
|
|
29
|
-
|
|
28
|
+
constructor(configProvider, moduleName, persistanceUsersService, tokenManager, userAuthServices, defaultMethods = [
|
|
29
|
+
core_1.DomainMethod.BulkCreate,
|
|
30
|
+
core_1.DomainMethod.Create,
|
|
31
|
+
core_1.DomainMethod.Delete,
|
|
32
|
+
core_1.DomainMethod.Find,
|
|
33
|
+
core_1.DomainMethod.FindOne,
|
|
34
|
+
core_1.DomainMethod.Update
|
|
35
|
+
], additionalPersistanceEntityServices) {
|
|
36
|
+
super(persistanceUsersService, defaultMethods, additionalPersistanceEntityServices);
|
|
30
37
|
this.configProvider = configProvider;
|
|
31
38
|
this.moduleName = moduleName;
|
|
32
39
|
this.persistanceUsersService = persistanceUsersService;
|
|
33
40
|
this.tokenManager = tokenManager;
|
|
34
41
|
this.userAuthServices = userAuthServices;
|
|
42
|
+
this.defaultMethods = defaultMethods;
|
|
43
|
+
this.additionalPersistanceEntityServices = additionalPersistanceEntityServices;
|
|
35
44
|
}
|
|
36
45
|
createAccessToken(options) {
|
|
37
46
|
return __awaiter(this, void 0, void 0, function* () {
|
|
38
47
|
const { configProvider, moduleName } = this;
|
|
39
48
|
const { accessTokenExpiryTimeInMinutes, defaultUserIdentifierField, refreshTokenExpiryTimeInMinutes } = configProvider.config.domain[moduleName];
|
|
40
|
-
const _a = options.auth, { type: authType } = _a, authData = __rest(_a, ["type"]), {
|
|
41
|
-
|
|
42
|
-
|
|
49
|
+
const _a = options.auth, { type: authType } = _a, authData = __rest(_a, ["type"]), { filters, mainFilterField, rememberUser } = options;
|
|
50
|
+
const mainFilterValue = filters[mainFilterField];
|
|
51
|
+
console.info(`[Domain.${moduleName}.Users]: Login attempt for ${mainFilterField} ${mainFilterValue}...`);
|
|
52
|
+
if (!Object.keys(filters).length) {
|
|
53
|
+
console.info(`[Domain.${moduleName}.Users]: No filters provided.`);
|
|
54
|
+
throw new core_1.ApplicationError('Invalid user identifier or password.');
|
|
55
|
+
}
|
|
56
|
+
const user = yield this.getUserWithPermissionsData({ filters }, { keepPassword: true });
|
|
43
57
|
if (!user) {
|
|
44
|
-
console.info(`[Domain.${moduleName}.Users]: Login attempt failed for
|
|
45
|
-
throw new core_1.ApplicationError('Invalid
|
|
58
|
+
console.info(`[Domain.${moduleName}.Users]: Login attempt failed for ${mainFilterField} ${mainFilterValue} - user not found.`);
|
|
59
|
+
throw new core_1.ApplicationError('Invalid user identifier or password.');
|
|
46
60
|
}
|
|
47
61
|
const authService = this.userAuthServices[authType];
|
|
48
62
|
if (!authService) {
|
|
49
63
|
throw new core_1.ApplicationError('Invalid auth type.');
|
|
50
64
|
}
|
|
51
65
|
yield authService.authenticateUser(user, Object.assign(Object.assign({}, authData), { userIdentifierField: defaultUserIdentifierField }));
|
|
52
|
-
|
|
66
|
+
if ('password' in user) {
|
|
67
|
+
delete user.password;
|
|
68
|
+
}
|
|
53
69
|
const userIdentifierValue = user[defaultUserIdentifierField];
|
|
54
70
|
const { result: { token: refreshToken } } = yield this.tokenManager.create({ type: tokenManager_1.TokenType.Refresh, [iam_users_definitions_1.UserTokenUserIdentifier.FieldName]: userIdentifierValue }, {
|
|
55
|
-
expiresInMinutes: refreshTokenExpiryTimeInMinutes,
|
|
71
|
+
expiresInMinutes: rememberUser ? undefined : refreshTokenExpiryTimeInMinutes,
|
|
56
72
|
identifierDataField: iam_users_definitions_1.UserTokenUserIdentifier.FieldName,
|
|
57
73
|
persist: true,
|
|
58
74
|
purgeOldFromPersistance: true
|
|
59
75
|
});
|
|
60
76
|
const { result: { token: accessToken } } = yield this.tokenManager.create({ refreshToken, type: tokenManager_1.TokenType.Access, [iam_users_definitions_1.UserTokenUserIdentifier.FieldName]: userIdentifierValue }, {
|
|
61
|
-
expiresInMinutes:
|
|
77
|
+
expiresInMinutes: accessTokenExpiryTimeInMinutes,
|
|
62
78
|
identifierDataField: iam_users_definitions_1.UserTokenUserIdentifier.FieldName,
|
|
63
79
|
persist: true,
|
|
64
80
|
purgeOldFromPersistance: true
|
|
65
81
|
});
|
|
66
|
-
console.info(`[Domain.${moduleName}.Users]: Login attempt successful for
|
|
82
|
+
console.info(`[Domain.${moduleName}.Users]: Login attempt successful for ${mainFilterField} ${mainFilterValue}.`);
|
|
67
83
|
return { accessToken, refreshToken, user };
|
|
68
84
|
});
|
|
69
85
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.users.service.js","sourceRoot":"","sources":["../../../src/services/users/iam.users.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,
|
|
1
|
+
{"version":3,"file":"iam.users.service.js","sourceRoot":"","sources":["../../../src/services/users/iam.users.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAAA,uCASsB;AAEtB,mEAOiC;AAGjC,kDAAoE;AAMpE,MAAa,eAGX,SAAQ,0BAKT;IACC,YAEY,cAAqC,EAErC,UAAkB,EAElB,uBAAuD,EAEvD,YAA0D,EAE1D,gBAAsE,EACtE,iBAA2B;QACnC,mBAAY,CAAC,UAAU;QACvB,mBAAY,CAAC,MAAM;QACnB,mBAAY,CAAC,MAAM;QACnB,mBAAY,CAAC,IAAI;QACjB,mBAAY,CAAC,OAAO;QACpB,mBAAY,CAAC,MAAM;KACpB,EACS,mCAA6F;QAEvG,KAAK,CAAC,uBAAuB,EAAE,cAAc,EAAE,mCAAmC,CAAC,CAAC;QAnB1E,mBAAc,GAAd,cAAc,CAAuB;QAErC,eAAU,GAAV,UAAU,CAAQ;QAElB,4BAAuB,GAAvB,uBAAuB,CAAgC;QAEvD,iBAAY,GAAZ,YAAY,CAA8C;QAE1D,qBAAgB,GAAhB,gBAAgB,CAAsD;QACtE,mBAAc,GAAd,cAAc,CAOvB;QACS,wCAAmC,GAAnC,mCAAmC,CAA0D;IAGzG,CAAC;IAEK,iBAAiB,CAAC,OAAiC;;YACvD,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;YAC5C,MAAM,EAAE,8BAA8B,EAAE,0BAA0B,EAAE,+BAA+B,EAAE,GACnG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAuB,CAAC;YACjE,MACE,KAIE,OAAO,KAJ4B,EAArC,EAAQ,IAAI,EAAE,QAAQ,OAAe,EAAV,QAAQ,cAA7B,QAA+B,CAAF,EAD/B,EAEJ,OAAO,EACP,eAAe,EACf,YAAY,KACV,OAAO,CAAC;YACZ,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;YACjD,OAAO,CAAC,IAAI,CAAC,WAAW,UAAU,8BAA8B,eAAe,IAAI,eAAe,KAAK,CAAC,CAAC;YACzG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;gBACjC,OAAO,CAAC,IAAI,CAAC,WAAW,UAAU,+BAA+B,CAAC,CAAC;gBACnE,MAAM,IAAI,uBAAgB,CAAC,sCAAsC,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,0BAA0B,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;YACxF,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CACV,WAAW,UAAU,qCAAqC,eAAe,IAAI,eAAe,oBAAoB,CACjH,CAAC;gBACF,MAAM,IAAI,uBAAgB,CAAC,sCAAsC,CAAC,CAAC;YACrE,CAAC;YACD,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YACpD,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,MAAM,IAAI,uBAAgB,CAAC,oBAAoB,CAAC,CAAC;YACnD,CAAC;YACD,MAAM,WAAW,CAAC,gBAAgB,CAAC,IAAI,kCAAO,QAAQ,KAAE,mBAAmB,EAAE,0BAA0B,IAAG,CAAC;YAC3G,IAAI,UAAU,IAAI,IAAI,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC,QAAQ,CAAC;YACvB,CAAC;YACD,MAAM,mBAAmB,GAAG,IAAI,CAAC,0BAAwC,CAAC,CAAC;YAC3E,MAAM,EACJ,MAAM,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,EAChC,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAChC,EAAE,IAAI,EAAE,wBAAS,CAAC,OAAO,EAAE,CAAC,+CAAuB,CAAC,SAAS,CAAC,EAAE,mBAAmB,EAAE,EACrF;gBACE,gBAAgB,EAAE,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,+BAA+B;gBAC5E,mBAAmB,EAAE,+CAAuB,CAAC,SAAS;gBACtD,OAAO,EAAE,IAAI;gBACb,uBAAuB,EAAE,IAAI;aAC9B,CACF,CAAC;YACF,MAAM,EACJ,MAAM,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,EAC/B,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,CAChC,EAAE,YAAY,EAAE,IAAI,EAAE,wBAAS,CAAC,MAAM,EAAE,CAAC,+CAAuB,CAAC,SAAS,CAAC,EAAE,mBAAmB,EAAE,EAClG;gBACE,gBAAgB,EAAE,8BAA8B;gBAChD,mBAAmB,EAAE,+CAAuB,CAAC,SAAS;gBACtD,OAAO,EAAE,IAAI;gBACb,uBAAuB,EAAE,IAAI;aAC9B,CACF,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,WAAW,UAAU,yCAAyC,eAAe,IAAI,eAAe,GAAG,CAAC,CAAC;YAClH,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;QAC7C,CAAC;KAAA;IAEK,0BAA0B,CAE9B,QAAmC,EAEnC,eAAmD;;YAEnD,MAAM,IAAI,uBAAgB,CAAC,UAAU,IAAI,CAAC,UAAU,8DAA8D,CAAC,CAAC;QACtH,CAAC;KAAA;CACF;AAnGD,0CAmGC"}
|
package/package.json
CHANGED
|
@@ -1,25 +1,27 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@node-c/domain-iam",
|
|
3
|
-
"version": "1.0.0-
|
|
3
|
+
"version": "1.0.0-alpha31",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"scripts": {
|
|
7
7
|
"build": "tsc -p tsconfig.build.json",
|
|
8
|
+
"build:clean": "rm -rf dist/* && rm -f *.tsbuildinfo && npm run build",
|
|
8
9
|
"check-types": "tsc -p tsconfig.build.json --noEmit",
|
|
9
10
|
"dev": "tsc -p tsconfig.build.json --watch",
|
|
10
|
-
"publish-package": "
|
|
11
|
+
"publish-package": "npm run build:clean && npm publish --access public",
|
|
11
12
|
"test": "vitest --config src/vitest.config.ts",
|
|
12
13
|
"test:coverage": "vitest --config src/vitest.config.ts --coverage"
|
|
13
14
|
},
|
|
14
15
|
"dependencies": {
|
|
15
16
|
"@nestjs/common": "^10.4.12",
|
|
16
|
-
"@node-c/core": "^1.0.0-
|
|
17
|
-
"@ramster/general-tools": "^2.3.0",
|
|
17
|
+
"@node-c/core": "^1.0.0-alpha31",
|
|
18
18
|
"immutable": "^5.0.3",
|
|
19
19
|
"jsonwebtoken": "^9.0.2",
|
|
20
|
+
"lodash": "^4.17.21",
|
|
20
21
|
"ramda": "^0.30.1"
|
|
21
22
|
},
|
|
22
23
|
"devDependencies": {
|
|
23
|
-
"@types/jsonwebtoken": "^9.0.8"
|
|
24
|
+
"@types/jsonwebtoken": "^9.0.8",
|
|
25
|
+
"@types/lodash": "^4.17.19"
|
|
24
26
|
}
|
|
25
27
|
}
|