@node-c/domain-iam 1.0.0-alpha4 → 1.0.0-alpha40
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/services/authorization/iam.authorization.service.js +46 -38
- package/dist/services/authorization/iam.authorization.service.js.map +1 -1
- package/dist/services/tokenManager/iam.tokenManager.service.js +14 -11
- package/dist/services/tokenManager/iam.tokenManager.service.js.map +1 -1
- package/dist/services/users/iam.users.definitions.d.ts +2 -2
- package/package.json +7 -5
|
@@ -14,8 +14,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
15
|
exports.IAMAuthorizationService = void 0;
|
|
16
16
|
const core_1 = require("@node-c/core");
|
|
17
|
-
const general_tools_1 = require("@ramster/general-tools");
|
|
18
17
|
const immutable_1 = __importDefault(require("immutable"));
|
|
18
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
19
19
|
const ramda_1 = require("ramda");
|
|
20
20
|
class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
21
21
|
constructor(persistanceAuthorizationPointsService, defaultMethods = [core_1.DomainMethod.Find], additionalPersistanceEntityServices) {
|
|
@@ -43,19 +43,19 @@ class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
|
43
43
|
const values = IAMAuthorizationService.matchInputValues(innerMutatedInputData, allowedInputData);
|
|
44
44
|
for (const key in values) {
|
|
45
45
|
innerInputDataToBeMutated[key] = values[key];
|
|
46
|
-
|
|
46
|
+
lodash_1.default.set(innerMutatedInputData, key, values[key]);
|
|
47
47
|
}
|
|
48
48
|
}
|
|
49
49
|
if (forbiddenInputData && Object.keys(forbiddenInputData).length) {
|
|
50
50
|
const values = IAMAuthorizationService.matchInputValues(innerMutatedInputData, forbiddenInputData);
|
|
51
51
|
for (const key in values) {
|
|
52
52
|
innerInputDataToBeMutated[key] = undefined;
|
|
53
|
-
|
|
53
|
+
lodash_1.default.set(innerMutatedInputData, key, undefined);
|
|
54
54
|
}
|
|
55
55
|
}
|
|
56
56
|
if (hasStaticData) {
|
|
57
57
|
for (const fieldName in requiredStaticData) {
|
|
58
|
-
if (!IAMAuthorizationService.testValue((0,
|
|
58
|
+
if (!IAMAuthorizationService.testValue((0, core_1.getNested)({ inputData: innerMutatedInputData, user }, fieldName), requiredStaticData[fieldName])) {
|
|
59
59
|
hasAccess = false;
|
|
60
60
|
break;
|
|
61
61
|
}
|
|
@@ -65,43 +65,49 @@ class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
|
65
65
|
}
|
|
66
66
|
}
|
|
67
67
|
if (userFieldName && inputDataFieldName) {
|
|
68
|
-
const inputFieldValue = (0,
|
|
68
|
+
const inputFieldValue = (0, core_1.getNested)(innerMutatedInputData, inputDataFieldName, {
|
|
69
69
|
removeNestedFieldEscapeSign: true
|
|
70
70
|
});
|
|
71
|
-
const userFieldValue = (0,
|
|
72
|
-
if (typeof userFieldValue === 'undefined'
|
|
71
|
+
const userFieldValue = (0, core_1.getNested)(user, userFieldName);
|
|
72
|
+
if (typeof userFieldValue === 'undefined') {
|
|
73
73
|
hasAccess = false;
|
|
74
74
|
continue;
|
|
75
75
|
}
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
const
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
76
|
+
if (typeof inputFieldValue === 'undefined') {
|
|
77
|
+
innerInputDataToBeMutated[inputDataFieldName] = userFieldValue;
|
|
78
|
+
lodash_1.default.set(innerMutatedInputData, inputDataFieldName, userFieldValue);
|
|
79
|
+
}
|
|
80
|
+
else {
|
|
81
|
+
const allowedValues = [];
|
|
82
|
+
const inputValueIsArray = inputFieldValue instanceof Array;
|
|
83
|
+
const valuesToTest = inputValueIsArray ? inputFieldValue : [inputFieldValue];
|
|
84
|
+
const valuesToTestAgainst = userFieldValue instanceof Array ? userFieldValue : [userFieldValue];
|
|
85
|
+
valuesToTest.forEach((valueToTest) => {
|
|
86
|
+
const valueToTestVariants = IAMAuthorizationService.getValuesForTesting(valueToTest);
|
|
87
|
+
for (const j in valuesToTestAgainst) {
|
|
88
|
+
const valueToTestAgainst = valuesToTestAgainst[j];
|
|
89
|
+
let matchFound = false;
|
|
90
|
+
for (const k in valueToTestVariants) {
|
|
91
|
+
const variant = valueToTestVariants[k];
|
|
92
|
+
if (valueToTestAgainst === variant) {
|
|
93
|
+
allowedValues.push(variant);
|
|
94
|
+
matchFound = true;
|
|
95
|
+
break;
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
if (matchFound) {
|
|
90
99
|
break;
|
|
91
100
|
}
|
|
92
101
|
}
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
102
|
+
});
|
|
103
|
+
if (!allowedValues.length) {
|
|
104
|
+
hasAccess = false;
|
|
105
|
+
continue;
|
|
106
|
+
}
|
|
107
|
+
if (inputValueIsArray) {
|
|
108
|
+
innerInputDataToBeMutated[inputDataFieldName] = allowedValues;
|
|
109
|
+
lodash_1.default.set(innerMutatedInputData, inputDataFieldName, allowedValues);
|
|
96
110
|
}
|
|
97
|
-
});
|
|
98
|
-
if (!allowedValues.length) {
|
|
99
|
-
hasAccess = false;
|
|
100
|
-
continue;
|
|
101
|
-
}
|
|
102
|
-
if (inputValueIsArray) {
|
|
103
|
-
innerInputDataToBeMutated[inputDataFieldName] = allowedValues;
|
|
104
|
-
(0, general_tools_1.setNested)(mutatedInputData, inputDataFieldName, allowedValues, { removeNestedFieldEscapeSign: true });
|
|
105
111
|
}
|
|
106
112
|
}
|
|
107
113
|
inputDataToBeMutated = (0, ramda_1.mergeDeepRight)(inputDataToBeMutated, innerInputDataToBeMutated);
|
|
@@ -125,10 +131,14 @@ class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
|
125
131
|
}
|
|
126
132
|
mapAuthorizationPoints(moduleName, additionalServicesOptions) {
|
|
127
133
|
return __awaiter(this, void 0, void 0, function* () {
|
|
128
|
-
const { result: { items: apList } } = yield this.find(Object.assign(Object.assign({}, (additionalServicesOptions || {})), {
|
|
134
|
+
const { result: { items: apList } } = yield this.find(Object.assign(Object.assign({}, (additionalServicesOptions || {})), { findAll: true }));
|
|
129
135
|
const authorizationData = { __all: { __all: {} } };
|
|
130
136
|
const moduleGlobalData = authorizationData.__all.__all;
|
|
131
137
|
apList.forEach(item => {
|
|
138
|
+
var _a;
|
|
139
|
+
if (item.moduleNames && !((_a = item.moduleNames) === null || _a === void 0 ? void 0 : _a.includes(moduleName))) {
|
|
140
|
+
return;
|
|
141
|
+
}
|
|
132
142
|
if (!item.controllerNames) {
|
|
133
143
|
moduleGlobalData[item.id] = item;
|
|
134
144
|
return;
|
|
@@ -159,7 +169,7 @@ class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
|
159
169
|
static matchInputValues(input, values) {
|
|
160
170
|
const mutatedInput = immutable_1.default.fromJS(input).toJS();
|
|
161
171
|
for (const fieldName in values) {
|
|
162
|
-
const value = (0,
|
|
172
|
+
const value = (0, core_1.getNested)(input, fieldName);
|
|
163
173
|
const allowedValue = values[fieldName];
|
|
164
174
|
const allowedValues = allowedValue instanceof Array ? allowedValue : [allowedValue];
|
|
165
175
|
let valueIsArray = false;
|
|
@@ -190,12 +200,10 @@ class IAMAuthorizationService extends core_1.DomainEntityService {
|
|
|
190
200
|
}
|
|
191
201
|
});
|
|
192
202
|
if (!valuesToSet.length) {
|
|
193
|
-
|
|
203
|
+
lodash_1.default.set(mutatedInput, fieldName, undefined);
|
|
194
204
|
continue;
|
|
195
205
|
}
|
|
196
|
-
|
|
197
|
-
removeNestedFieldEscapeSign: true
|
|
198
|
-
});
|
|
206
|
+
lodash_1.default.set(mutatedInput, fieldName, valueIsArray ? valuesToSet : valuesToSet[0]);
|
|
199
207
|
}
|
|
200
208
|
return mutatedInput;
|
|
201
209
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.authorization.service.js","sourceRoot":"","sources":["../../../src/services/authorization/iam.authorization.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uCAQsB;AAEtB,
|
|
1
|
+
{"version":3,"file":"iam.authorization.service.js","sourceRoot":"","sources":["../../../src/services/authorization/iam.authorization.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,uCAQsB;AAEtB,0DAAkC;AAClC,oDAAwB;AACxB,iCAAgD;AAQhD,MAAa,uBAKX,SAAQ,0BAKT;IACC,YACY,qCAAmF,EACnF,iBAA2B,CAAC,mBAAY,CAAC,IAAI,CAAC,EAC9C,mCAGT;QAED,KAAK,CAAC,qCAAqC,EAAE,cAAc,EAAE,mCAAmC,CAAC,CAAC;QAPxF,0CAAqC,GAArC,qCAAqC,CAA8C;QACnF,mBAAc,GAAd,cAAc,CAAgC;QAC9C,wCAAmC,GAAnC,mCAAmC,CAG5C;IAGH,CAAC;IAED,MAAM,CAAC,WAAW,CAChB,mBAAsE,EACtE,SAAwB,EACxB,IAAgC;QAKhC,MAAM,gBAAgB,GAAG,mBAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5D,MAAM,mBAAmB,GAAG,IAAI,CAAC,0BAA2B,CAAC;QAC7D,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,oBAAoB,GAAkB,EAAE,CAAC;QAC7C,KAAK,MAAM,IAAI,IAAI,mBAAmB,EAAE,CAAC;YACvC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/B,SAAS;YACX,CAAC;YACD,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,aAAa,EAAE,GAAG,MAAM,CAAC;YAC/G,MAAM,aAAa,GAAG,kBAAkB,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,CAAC;YACnF,MAAM,qBAAqB,GAAG,mBAAS,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,IAAI,EAAE,CAAC;YACxE,MAAM,yBAAyB,GAAkB,EAAE,CAAC;YACpD,SAAS,GAAG,IAAI,CAAC;YACjB,IAAI,gBAAgB,IAAI,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC7D,MAAM,MAAM,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,gBAAgB,CAAC,CAAC;gBACjG,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;oBACzB,yBAAyB,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;oBAC7C,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YACD,IAAI,kBAAkB,IAAI,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,MAAM,EAAE,CAAC;gBACjE,MAAM,MAAM,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,qBAAqB,EAAE,kBAAkB,CAAC,CAAC;gBACnG,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;oBACzB,yBAAyB,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC;oBAC3C,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;YACD,IAAI,aAAa,EAAE,CAAC;gBAClB,KAAK,MAAM,SAAS,IAAI,kBAAkB,EAAE,CAAC;oBAC3C,IACE,CAAC,uBAAuB,CAAC,SAAS,CAChC,IAAA,gBAAS,EAAC,EAAE,SAAS,EAAE,qBAAqB,EAAE,IAAI,EAAE,EAAE,SAAS,CAAC,EAChE,kBAAkB,CAAC,SAAS,CAAC,CAC9B,EACD,CAAC;wBACD,SAAS,GAAG,KAAK,CAAC;wBAClB,MAAM;oBACR,CAAC;gBACH,CAAC;gBACD,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,SAAS;gBACX,CAAC;YACH,CAAC;YACD,IAAI,aAAa,IAAI,kBAAkB,EAAE,CAAC;gBACxC,MAAM,eAAe,GAAG,IAAA,gBAAS,EAAC,qBAAqB,EAAE,kBAAkB,EAAE;oBAC3E,2BAA2B,EAAE,IAAI;iBAClC,CAAC,CAAC;gBACH,MAAM,cAAc,GAAG,IAAA,gBAAS,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC;gBACtD,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE,CAAC;oBAC1C,SAAS,GAAG,KAAK,CAAC;oBAClB,SAAS;gBACX,CAAC;gBACD,IAAI,OAAO,eAAe,KAAK,WAAW,EAAE,CAAC;oBAC3C,yBAAyB,CAAC,kBAAkB,CAAC,GAAG,cAAc,CAAC;oBAC/D,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,kBAAkB,EAAE,cAAc,CAAC,CAAC;gBACpE,CAAC;qBAAM,CAAC;oBACN,MAAM,aAAa,GAAc,EAAE,CAAC;oBACpC,MAAM,iBAAiB,GAAG,eAAe,YAAY,KAAK,CAAC;oBAC3D,MAAM,YAAY,GAAG,iBAAiB,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;oBAC7E,MAAM,mBAAmB,GAAG,cAAc,YAAY,KAAK,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;oBAChG,YAAY,CAAC,OAAO,CAAC,CAAC,WAAoB,EAAE,EAAE;wBAC5C,MAAM,mBAAmB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;wBACrF,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;4BACpC,MAAM,kBAAkB,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;4BAClD,IAAI,UAAU,GAAG,KAAK,CAAC;4BACvB,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;gCACpC,MAAM,OAAO,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;gCACvC,IAAI,kBAAkB,KAAK,OAAO,EAAE,CAAC;oCACnC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oCAC5B,UAAU,GAAG,IAAI,CAAC;oCAClB,MAAM;gCACR,CAAC;4BACH,CAAC;4BACD,IAAI,UAAU,EAAE,CAAC;gCACf,MAAM;4BACR,CAAC;wBACH,CAAC;oBACH,CAAC,CAAC,CAAC;oBACH,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;wBAC1B,SAAS,GAAG,KAAK,CAAC;wBAClB,SAAS;oBACX,CAAC;oBACD,IAAI,iBAAiB,EAAE,CAAC;wBACtB,yBAAyB,CAAC,kBAAkB,CAAC,GAAG,aAAa,CAAC;wBAC9D,gBAAE,CAAC,GAAG,CAAC,qBAAqB,EAAE,kBAAkB,EAAE,aAAa,CAAC,CAAC;oBACnE,CAAC;gBACH,CAAC;YACH,CAAC;YACD,oBAAoB,GAAG,IAAA,sBAAK,EAAC,oBAAoB,EAAE,yBAAyB,CAAC,CAAC;YAC9E,MAAM;QACR,CAAC;QACD,OAAO,EAAE,SAAS,EAAE,oBAAoB,EAAE,CAAC;IAC7C,CAAC;IAED,MAAM,CAAC,mBAAmB,CAAC,WAAoB;QAC7C,MAAM,MAAM,GAAG;YACb,WAAW;YACX,QAAQ,CAAC,WAAqB,EAAE,EAAE,CAAC;YACnC,UAAU,CAAC,WAAqB,CAAC;SAClC,CAAC;QAEF,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;aAAM,IAAI,WAAW,KAAK,OAAO,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEK,sBAAsB,CAC1B,UAAkB,EAClB,yBAAsE;;YAItE,MAAM,EACJ,MAAM,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,EAC1B,GAAG,MAAM,IAAI,CAAC,IAAI,iCACd,CAAC,yBAAyB,IAAI,EAAE,CAAC,KACpC,OAAO,EAAE,IAAI,IACb,CAAC;YACH,MAAM,iBAAiB,GAA+B,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC;YAC/E,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC;YACvD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;;gBACpB,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,WAAW,0CAAE,QAAQ,CAAC,UAAU,CAAC,CAAA,EAAE,CAAC;oBAChE,OAAO;gBACT,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;oBAC1B,gBAAgB,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;oBAC3C,OAAO;gBACT,CAAC;gBACD,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;oBACrC,IAAI,OAAO,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;oBACzC,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,OAAO,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;wBACxB,iBAAiB,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC;oBACvC,CAAC;oBACD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;wBACvB,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;wBACxC,OAAO;oBACT,CAAC;oBACD,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;wBAChC,IAAI,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;wBAC3B,IAAI,CAAC,KAAK,EAAE,CAAC;4BACX,KAAK,GAAG,EAAE,CAAC;4BACX,OAAO,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;wBACzB,CAAC;wBACD,KAAK,CAAC,IAAI,CAAC,EAAY,CAAC,GAAG,IAAI,CAAC;oBAClC,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,OAAO,iBAAiB,CAAC;QAC3B,CAAC;KAAA;IAED,MAAM,CAAC,gBAAgB,CAAC,KAAoB,EAAE,MAAqB;QACjE,MAAM,YAAY,GAAG,mBAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;QACpD,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,IAAA,gBAAS,EAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YAC1C,MAAM,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;YACvC,MAAM,aAAa,GAAG,YAAY,YAAY,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YACpF,IAAI,YAAY,GAAG,KAAK,CAAC;YACzB,IAAI,aAAa,GAAc,EAAE,CAAC;YAClC,MAAM,WAAW,GAAc,EAAE,CAAC;YAClC,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,aAAa,GAAG,KAAK,CAAC;gBACtB,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;iBAAM,CAAC;gBACN,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5B,CAAC;YACD,aAAa,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;gBACnC,MAAM,oBAAoB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,YAAY,CAAC,CAAC;gBACvF,KAAK,MAAM,CAAC,IAAI,oBAAoB,EAAE,CAAC;oBACrC,MAAM,kBAAkB,GAAG,oBAAoB,CAAC,CAAC,CAAC,CAAC;oBACnD,IAAI,WAAW,GAAG,KAAK,CAAC;oBACxB,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;wBAC9B,IAAI,uBAAuB,CAAC,SAAS,CAAC,kBAAkB,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;4BAC5E,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;4BAC/B,WAAW,GAAG,IAAI,CAAC;4BACnB,MAAM;wBACR,CAAC;oBACH,CAAC;oBACD,IAAI,WAAW,EAAE,CAAC;wBAChB,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,CAAC;YACH,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;gBACxB,gBAAE,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC;gBAC3C,SAAS;YACX,CAAC;YACD,gBAAE,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/E,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,CAAC,SAAS,CAAC,WAAoB,EAAE,kBAA2B;QAChE,IACE,OAAO,WAAW,KAAK,QAAQ;YAC/B,OAAO,kBAAkB,KAAK,QAAQ;YACtC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;YACpC,kBAAkB,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,EAChE,CAAC;YACD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,EAAE,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YACzF,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;QACD,MAAM,mBAAmB,GAAG,uBAAuB,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;QACrF,IAAI,QAAQ,GAAG,KAAK,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;YACpC,IAAI,mBAAmB,CAAC,CAAC,CAAC,KAAK,kBAAkB,EAAE,CAAC;gBAClD,QAAQ,GAAG,IAAI,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAtPD,0DAsPC"}
|
|
@@ -52,15 +52,18 @@ var __rest = (this && this.__rest) || function (s, e) {
|
|
|
52
52
|
}
|
|
53
53
|
return t;
|
|
54
54
|
};
|
|
55
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
56
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
57
|
+
};
|
|
55
58
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
56
59
|
exports.IAMTokenManagerService = void 0;
|
|
57
60
|
const core_1 = require("@node-c/core");
|
|
58
|
-
const general_tools_1 = require("@ramster/general-tools");
|
|
59
61
|
const jwt = __importStar(require("jsonwebtoken"));
|
|
62
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
60
63
|
const iam_tokenManager_definitions_1 = require("./iam.tokenManager.definitions");
|
|
61
64
|
class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
62
65
|
constructor(configProvider, moduleName, persistanceEntityService) {
|
|
63
|
-
super(persistanceEntityService, ['create']);
|
|
66
|
+
super(persistanceEntityService, ['create', 'delete']);
|
|
64
67
|
this.configProvider = configProvider;
|
|
65
68
|
this.moduleName = moduleName;
|
|
66
69
|
this.persistanceEntityService = persistanceEntityService;
|
|
@@ -110,11 +113,11 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
110
113
|
const objectToSave = Object.assign(Object.assign({}, tokenData), { token, type });
|
|
111
114
|
if (persist && persistanceEntityService) {
|
|
112
115
|
if (purgeOldFromPersistance && identifierDataField) {
|
|
113
|
-
const identifierValue =
|
|
116
|
+
const identifierValue = lodash_1.default.get(data, identifierDataField);
|
|
114
117
|
if (typeof identifierValue !== 'undefined' && typeof identifierValue !== 'object') {
|
|
115
118
|
yield persistanceEntityService.delete({
|
|
116
|
-
filters: { [identifierDataField]: identifierValue }
|
|
117
|
-
});
|
|
119
|
+
filters: { [identifierDataField]: identifierValue, type }
|
|
120
|
+
}, { requirePrimaryKeys: false });
|
|
118
121
|
}
|
|
119
122
|
}
|
|
120
123
|
yield _super.create.call(this, objectToSave, { ttl: signOptions.expiresIn });
|
|
@@ -128,7 +131,7 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
128
131
|
const moduleConfig = configProvider.config.domain[moduleName];
|
|
129
132
|
const { deleteFromStoreIfExpired, identifierDataField, newTokenExpiresInMinutes, persistNewToken, purgeStoreOnRenew, refreshToken, refreshTokenAccessTokenIdentifierDataField } = options || {};
|
|
130
133
|
const { content, error } = yield this.verify(token, moduleConfig.jwtAccessSecret);
|
|
131
|
-
let forceRenew =
|
|
134
|
+
let forceRenew = false;
|
|
132
135
|
let newToken;
|
|
133
136
|
if (error) {
|
|
134
137
|
let errorToThrow;
|
|
@@ -143,23 +146,23 @@ class IAMTokenManagerService extends core_1.DomainEntityService {
|
|
|
143
146
|
errorToThrow = new core_1.ApplicationError('Empty refresh token.');
|
|
144
147
|
}
|
|
145
148
|
else {
|
|
146
|
-
const refreshTokenCheckValue =
|
|
149
|
+
const refreshTokenCheckValue = lodash_1.default.get(content.data, refreshTokenAccessTokenIdentifierDataField);
|
|
147
150
|
if (refreshTokenCheckValue !== refreshToken) {
|
|
148
151
|
errorToThrow = new core_1.ApplicationError('Mismatched refresh token.');
|
|
149
152
|
}
|
|
150
153
|
else {
|
|
151
|
-
forceRenew =
|
|
154
|
+
forceRenew = true;
|
|
152
155
|
throwError = false;
|
|
153
156
|
}
|
|
154
157
|
}
|
|
155
158
|
}
|
|
156
159
|
else {
|
|
157
160
|
if (deleteFromStoreIfExpired) {
|
|
158
|
-
const identifierValue =
|
|
161
|
+
const identifierValue = lodash_1.default.get(content.data, identifierDataField);
|
|
159
162
|
if (typeof identifierValue !== 'undefined' && typeof identifierValue !== 'object') {
|
|
160
163
|
yield persistanceEntityService.delete({
|
|
161
|
-
filters: { [identifierDataField]: identifierValue }
|
|
162
|
-
});
|
|
164
|
+
filters: { [identifierDataField]: identifierValue, type: iam_tokenManager_definitions_1.TokenType.Access }
|
|
165
|
+
}, { requirePrimaryKeys: false });
|
|
163
166
|
}
|
|
164
167
|
}
|
|
165
168
|
errorToThrow = new core_1.ApplicationError('Expired access token.');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"iam.tokenManager.service.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.service.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"iam.tokenManager.service.js","sourceRoot":"","sources":["../../../src/services/tokenManager/iam.tokenManager.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCASsB;AAEtB,kDAAoC;AACpC,oDAAwB;AAExB,iFAQwC;AAGxC,MAAa,sBAAyD,SAAQ,0BAG7E;IACC,YAEY,cAAqC,EAErC,UAAkB,EAElB,wBAAkF;QAE5F,KAAK,CAAC,wBAAyB,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;QAN7C,mBAAc,GAAd,cAAc,CAAuB;QAErC,eAAU,GAAV,UAAU,CAAQ;QAElB,6BAAwB,GAAxB,wBAAwB,CAA0D;IAG9F,CAAC;IAEK,MAAM,CACV,IAA+C,EAC/C,OAAkC;;;;;YAElC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC;YACtE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAuB,CAAC;YACpF,MAAM,EAAE,IAAI,KAAmB,IAAI,EAAlB,SAAS,UAAK,IAAI,EAA7B,QAAsB,CAAO,CAAC;YACpC,MAAM,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,OAAO,EAAE,uBAAuB,EAAE,GAAG,OAAO,CAAC;YAC5F,MAAM,WAAW,GAAG,EAAqB,CAAC;YAC1C,IAAI,MAAc,CAAC;YAEnB,IAAI,IAAI,KAAK,wCAAS,CAAC,MAAM,EAAE,CAAC;gBAC9B,MAAM,GAAG,YAAY,CAAC,eAAe,CAAC;gBACtC,IAAI,gBAAgB,EAAE,CAAC;oBACrB,WAAW,CAAC,SAAS,GAAG,gBAAgB,GAAG,EAAE,CAAC;gBAChD,CAAC;qBAAM,IAAI,YAAY,CAAC,8BAA8B,EAAE,CAAC;oBACvD,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC,8BAA8B,GAAG,EAAE,CAAC;gBAC3E,CAAC;YACH,CAAC;iBAAM,IAAI,IAAI,KAAK,wCAAS,CAAC,OAAO,EAAE,CAAC;gBACtC,MAAM,GAAG,YAAY,CAAC,gBAAgB,CAAC;gBACvC,IAAI,gBAAgB,EAAE,CAAC;oBACrB,WAAW,CAAC,SAAS,GAAG,gBAAgB,GAAG,EAAE,CAAC;gBAChD,CAAC;qBAAM,IAAI,YAAY,CAAC,+BAA+B,EAAE,CAAC;oBACxD,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC,+BAA+B,GAAG,EAAE,CAAC;gBAC5E,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,uBAAgB,CAAC,gDAAgD,IAAI,IAAI,CAAC,CAAC;YACvF,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC1D,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;oBACrD,IAAI,GAAG,EAAE,CAAC;wBACR,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACnB,MAAM,CAAC,IAAI,uBAAgB,CAAC,uBAAuB,CAAC,CAAC,CAAC;wBACtD,OAAO;oBACT,CAAC;oBACD,OAAO,CAAC,KAAe,CAAC,CAAC;gBAC3B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,MAAM,YAAY,GAAG,gCAAK,SAAS,KAAE,KAAK,EAAE,IAAI,GAAoC,CAAC;YAGrF,IAAI,OAAO,IAAI,wBAAwB,EAAE,CAAC;gBACxC,IAAI,uBAAuB,IAAI,mBAAmB,EAAE,CAAC;oBACnD,MAAM,eAAe,GAAG,gBAAE,CAAC,GAAG,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;oBAC1D,IAAI,OAAO,eAAe,KAAK,WAAW,IAAI,OAAO,eAAe,KAAK,QAAQ,EAAE,CAAC;wBAClF,MAAM,wBAAwB,CAAC,MAAM,CACnC;4BACE,OAAO,EAAE,EAAE,CAAC,mBAAmB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE;yBAC1D,EACD,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAC9B,CAAC;oBACJ,CAAC;gBACH,CAAC;gBACD,MAAM,OAAM,MAAM,YAAC,YAAY,EAAE,EAAE,GAAG,EAAE,WAAW,CAAC,SAAS,EAAyB,CAAC,CAAC;YAC1F,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;QAClC,CAAC;KAAA;IAEK,iBAAiB,CACrB,KAAa,EACb,OAAkC;;YAElC,MAAM,EAAE,cAAc,EAAE,UAAU,EAAE,wBAAwB,EAAE,GAAG,IAAI,CAAC;YACtE,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAuB,CAAC;YACpF,MAAM,EACJ,wBAAwB,EACxB,mBAAmB,EACnB,wBAAwB,EACxB,eAAe,EACf,iBAAiB,EACjB,YAAY,EACZ,0CAA0C,EAC3C,GAAG,OAAO,IAAI,EAAE,CAAC;YAElB,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,eAAe,CAAC,CAAC;YAClF,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,IAAI,QAA4B,CAAC;YAEjC,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,YAA+B,CAAC;gBACpC,IAAI,UAAU,GAAG,IAAI,CAAC;gBACtB,IAAI,KAAK,KAAK,eAAe,IAAI,mBAAmB,KAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAA,IAAI,wBAAwB,EAAE,CAAC;oBAClG,IAAI,YAAY,IAAI,0CAA0C,EAAE,CAAC;wBAC/D,MAAM,EAAE,OAAO,EAAE,mBAAmB,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAClF,YAAY,EACZ,YAAY,CAAC,gBAAgB,CAC9B,CAAC;wBACF,IAAI,iBAAiB,EAAE,CAAC;4BACtB,YAAY,GAAG,iBAA0B,CAAC;wBAC5C,CAAC;wBACD,IAAI,CAAC,mBAAmB,EAAE,CAAC;4BACzB,YAAY,GAAG,IAAI,uBAAgB,CAAC,sBAAsB,CAAC,CAAC;wBAC9D,CAAC;6BAAM,CAAC;4BACN,MAAM,sBAAsB,GAAG,gBAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,0CAA0C,CAAC,CAAC;4BAChG,IAAI,sBAAsB,KAAK,YAAY,EAAE,CAAC;gCAC5C,YAAY,GAAG,IAAI,uBAAgB,CAAC,2BAA2B,CAAC,CAAC;4BACnE,CAAC;iCAAM,CAAC;gCACN,UAAU,GAAG,IAAI,CAAC;gCAClB,UAAU,GAAG,KAAK,CAAC;4BACrB,CAAC;wBACH,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,IAAI,wBAAwB,EAAE,CAAC;4BAC7B,MAAM,eAAe,GAAG,gBAAE,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;4BAClE,IAAI,OAAO,eAAe,KAAK,WAAW,IAAI,OAAO,eAAe,KAAK,QAAQ,EAAE,CAAC;gCAClF,MAAM,wBAAwB,CAAC,MAAM,CACnC;oCACE,OAAO,EAAE,EAAE,CAAC,mBAAmB,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,wCAAS,CAAC,MAAM,EAAE;iCAC5E,EACD,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAC9B,CAAC;4BACJ,CAAC;wBACH,CAAC;wBACD,YAAY,GAAG,IAAI,uBAAgB,CAAC,uBAAuB,CAAC,CAAC;oBAC/D,CAAC;gBACH,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,MAAM,YAAY,IAAI,KAAK,CAAC;gBAC9B,CAAC;YACH,CAAC;YAED,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,KAAI,UAAU,EAAE,CAAC;gBAChC,MAAM,SAAS,mCAAwD,OAAO,CAAC,IAAI,KAAE,IAAI,EAAE,wCAAS,CAAC,MAAM,GAAE,CAAC;gBAC9G,IAAI,YAAY,IAAI,0CAA0C,EAAE,CAAC;oBAC/D,SAAS,CAAC,0CAA0C,CAAC,GAAG,YAAY,CAAC;gBACvE,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAsD,EAAE;oBAC3F,gBAAgB,EAAE,wBAAwB;oBAC1C,mBAAmB;oBACnB,OAAO,EAAE,eAAe;oBACxB,uBAAuB,EAAE,iBAAiB;iBAC3C,CAAC,CAAC;gBACH,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC;YAC1B,CAAC;YACD,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;QAC/B,CAAC;KAAA;IAEe,MAAM,CACpB,KAAa,EACb,MAAc;;YAEd,MAAM,IAAI,GAAG,MAAM,IAAI,OAAO,CAAwE,OAAO,CAAC,EAAE;gBAC9G,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;oBACzC,IAAI,GAAG,EAAE,CAAC;wBACR,OAAO,CAAC,EAAE,OAAO,EAAE,OAAiD,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;oBACtF,CAAC;oBACD,OAAO,CAAC,EAAE,OAAO,EAAE,OAAiD,EAAE,CAAC,CAAC;gBAC1E,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;CACF;AAtKD,wDAsKC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { GenericObject } from '@node-c/core';
|
|
1
|
+
import { DomainFindOnePrivateOptions, GenericObject } from '@node-c/core';
|
|
2
2
|
import { UserAuthType, UserMFAType } from '../authentication';
|
|
3
3
|
import { AuthorizationPoint } from '../authorization';
|
|
4
4
|
export interface CreateAccessTokenOptions<AuthData = unknown> {
|
|
@@ -15,7 +15,7 @@ export interface CreateAccessTokenReturnData<UserData> {
|
|
|
15
15
|
refreshToken: string;
|
|
16
16
|
user: UserData;
|
|
17
17
|
}
|
|
18
|
-
export interface GetUserWithPermissionsDataOptions {
|
|
18
|
+
export interface GetUserWithPermissionsDataOptions extends DomainFindOnePrivateOptions {
|
|
19
19
|
keepPassword?: boolean;
|
|
20
20
|
}
|
|
21
21
|
export type UserWithPermissionsData<UserData, AuthorizationPointId> = {
|
package/package.json
CHANGED
|
@@ -1,25 +1,27 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@node-c/domain-iam",
|
|
3
|
-
"version": "1.0.0-
|
|
3
|
+
"version": "1.0.0-alpha40",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"scripts": {
|
|
7
7
|
"build": "tsc -p tsconfig.build.json",
|
|
8
|
+
"build:clean": "rm -rf dist/* && rm -f *.tsbuildinfo && npm run build",
|
|
8
9
|
"check-types": "tsc -p tsconfig.build.json --noEmit",
|
|
9
10
|
"dev": "tsc -p tsconfig.build.json --watch",
|
|
10
|
-
"publish-package": "
|
|
11
|
+
"publish-package": "npm run build:clean && npm publish --access public",
|
|
11
12
|
"test": "vitest --config src/vitest.config.ts",
|
|
12
13
|
"test:coverage": "vitest --config src/vitest.config.ts --coverage"
|
|
13
14
|
},
|
|
14
15
|
"dependencies": {
|
|
15
16
|
"@nestjs/common": "^10.4.12",
|
|
16
|
-
"@node-c/core": "^1.0.0-
|
|
17
|
-
"@ramster/general-tools": "^2.3.0",
|
|
17
|
+
"@node-c/core": "^1.0.0-alpha40",
|
|
18
18
|
"immutable": "^5.0.3",
|
|
19
19
|
"jsonwebtoken": "^9.0.2",
|
|
20
|
+
"lodash": "^4.17.21",
|
|
20
21
|
"ramda": "^0.30.1"
|
|
21
22
|
},
|
|
22
23
|
"devDependencies": {
|
|
23
|
-
"@types/jsonwebtoken": "^9.0.8"
|
|
24
|
+
"@types/jsonwebtoken": "^9.0.8",
|
|
25
|
+
"@types/lodash": "^4.17.19"
|
|
24
26
|
}
|
|
25
27
|
}
|