@nodii/grpc-interceptors 0.4.8 → 0.5.1

package/dist/interceptors/enrich-auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"enrich-auth.d.ts","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,gBAAgB,EAGhB,gBAAgB,EACjB,MAAM,UAAU,CAAC;AA6ClB,wBAAgB,iBAAiB,CAC/B,MAAM,GAAE,gBAAqB,GAC5B,gBAAgB,CA6ClB"}
+{"version":3,"file":"enrich-auth.d.ts","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EACV,gBAAgB,EAGhB,gBAAgB,EACjB,MAAM,UAAU,CAAC;AA6ClB,wBAAgB,iBAAiB,CAC/B,MAAM,GAAE,gBAAqB,GAC5B,gBAAgB,CA8DlB"}

package/dist/interceptors/enrich-auth.js

@@ -57,7 +57,20 @@ export function enrichAuthContext(config = {}) {
             const tenantFromProto = readProtoField(call.request, tenantField);
             const tenantFromUserActor = call.auth?.userActor?.tenant_id;
             const tenantFromServiceActor = call.auth?.serviceActor?.tenant_id;
-            const tenant_id = tenantFromProto ?? tenantFromUserActor ?? tenantFromServiceActor;
+            // The authenticated actor's tenant is authoritative. A caller-controlled
+            // proto tenant_id MUST NOT override it: requestContext.tenant_id flows
+            // into `SET app.tenant_id` (tenantContext), so a proto override would
+            // scope RLS to an attacker-chosen tenant (08-rls § "resolved tenant_id,
+            // never JWT/caller-derived"). Proto may only supply the tenant when no
+            // authenticated actor tenant exists; a proto tenant that contradicts the
+            // actor tenant is a cross-tenant attempt → fail closed.
+            const tenantFromActor = tenantFromUserActor ?? tenantFromServiceActor;
+            if (tenantFromActor !== undefined &&
+                tenantFromProto !== undefined &&
+                tenantFromProto !== tenantFromActor) {
+                throw new GrpcStatusError("PERMISSION_DENIED", "cross_tenant_binding_rejected");
+            }
+            const tenant_id = tenantFromActor ?? tenantFromProto;
             const intent_id = readMetadata(call, "x-nodii-intent-id");
             const actor_type_raw = readMetadata(call, "x-nodii-actor-type");
             const actor_type = actor_type_raw === "user" ||

package/dist/interceptors/enrich-auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"enrich-auth.js","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,EAAE;AACF,yEAAyE;AACzE,oEAAoE;AACpE,wEAAwE;AACxE,yDAAyD;AAQzD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEzC,SAAS,YAAY,CAAC,IAAe,EAAE,GAAW;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,YAAY,UAAU,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,CAAC,IAAI,CAAC,KAAmB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,cAAc,CAAC,GAAY,EAAE,KAAa;IACjD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IACtD,MAAM,CAAC,GAAG,GAA8B,CAAC;IACzC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACnB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAC,CAAC;IACpD,2BAA2B;IAC3B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QACpB,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QACpB,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;IACzD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB;IAC/B,oEAAoE;IACpE,4DAA4D;IAC5D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CACxE,EAAE,CACH,CAAC;IACF,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;AAC7G,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,SAA2B,EAAE;IAE7B,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,oBAAoB,CAAC;IAC/D,MAAM,sBAAsB,GAAG,MAAM,CAAC,sBAAsB,IAAI,EAAE,CAAC;IACnE,MAAM,iBAAiB,GACrB,MAAM,CAAC,iBAAiB,IAAI,wBAAwB,CAAC;IAEvD,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAClE,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC;YAC5D,MAAM,sBAAsB,GAAG,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS,CAAC;YAClE,MAAM,SAAS,GACb,eAAe,IAAI,mBAAmB,IAAI,sBAAsB,CAAC;YAEnE,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,YAAY,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;YAChE,MAAM,UAAU,GACd,cAAc,KAAK,MAAM;gBACzB,cAAc,KAAK,OAAO;gBAC1B,cAAc,KAAK,QAAQ;gBACzB,CAAC,CAAC,cAAc;gBAChB,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,QAAQ,GAAG,sBAAsB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;YAC5D,IAAI,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,eAAe,CACvB,qBAAqB,EACrB,yBAAyB,CAC1B,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;YAC7B,IAAI,CAAC,cAAc,GAAG;gBACpB,GAAG,IAAI,CAAC,cAAc;gBACtB,SAAS;gBACT,SAAS;gBACT,UAAU;gBACV,cAAc,EACZ,IAAI,CAAC,cAAc,EAAE,cAAc,IAAI,iBAAiB,EAAE;aAC7D,CAAC;YACF,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YAEjB,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}
+{"version":3,"file":"enrich-auth.js","sourceRoot":"","sources":["../../src/interceptors/enrich-auth.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,EAAE;AACF,yEAAyE;AACzE,oEAAoE;AACpE,wEAAwE;AACxE,yDAAyD;AAQzD,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,MAAM,oBAAoB,GAAG,WAAW,CAAC;AAEzC,SAAS,YAAY,CAAC,IAAe,EAAE,GAAW;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC;IACvC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,YAAY,UAAU,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC;QAC5D,IAAI,CAAC;YACH,OAAO,MAAM,CAAC,IAAI,CAAC,KAAmB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC3D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,cAAc,CAAC,GAAY,EAAE,KAAa;IACjD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IACtD,MAAM,CAAC,GAAG,GAA8B,CAAC;IACzC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACnB,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,CAAC,CAAC;IACpD,2BAA2B;IAC3B,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QACpB,MAAM,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QACpB,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,EAAE,CAAC;IACzD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,wBAAwB;IAC/B,oEAAoE;IACpE,4DAA4D;IAC5D,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;QAAE,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CACxE,EAAE,CACH,CAAC;IACF,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;AAC7G,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,SAA2B,EAAE;IAE7B,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,oBAAoB,CAAC;IAC/D,MAAM,sBAAsB,GAAG,MAAM,CAAC,sBAAsB,IAAI,EAAE,CAAC;IACnE,MAAM,iBAAiB,GACrB,MAAM,CAAC,iBAAiB,IAAI,wBAAwB,CAAC;IAEvD,OAAO,CAAC,UAAkB,EAAE,OAAqB,EAAgB,EAAE;QACjE,OAAO,KAAK,EAAE,IAAe,EAAoB,EAAE;YACjD,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAClE,MAAM,mBAAmB,GAAG,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC;YAC5D,MAAM,sBAAsB,GAAG,IAAI,CAAC,IAAI,EAAE,YAAY,EAAE,SAAS,CAAC;YAClE,yEAAyE;YACzE,uEAAuE;YACvE,sEAAsE;YACtE,wEAAwE;YACxE,uEAAuE;YACvE,yEAAyE;YACzE,wDAAwD;YACxD,MAAM,eAAe,GAAG,mBAAmB,IAAI,sBAAsB,CAAC;YACtE,IACE,eAAe,KAAK,SAAS;gBAC7B,eAAe,KAAK,SAAS;gBAC7B,eAAe,KAAK,eAAe,EACnC,CAAC;gBACD,MAAM,IAAI,eAAe,CACvB,mBAAmB,EACnB,+BAA+B,CAChC,CAAC;YACJ,CAAC;YACD,MAAM,SAAS,GAAG,eAAe,IAAI,eAAe,CAAC;YAErD,MAAM,SAAS,GAAG,YAAY,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,YAAY,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;YAChE,MAAM,UAAU,GACd,cAAc,KAAK,MAAM;gBACzB,cAAc,KAAK,OAAO;gBAC1B,cAAc,KAAK,QAAQ;gBACzB,CAAC,CAAC,cAAc;gBAChB,CAAC,CAAC,SAAS,CAAC;YAEhB,MAAM,QAAQ,GAAG,sBAAsB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC;YAC5D,IAAI,QAAQ,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3B,MAAM,IAAI,eAAe,CACvB,qBAAqB,EACrB,yBAAyB,CAC1B,CAAC;YACJ,CAAC;YAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;YAC7B,IAAI,CAAC,cAAc,GAAG;gBACpB,GAAG,IAAI,CAAC,cAAc;gBACtB,SAAS;gBACT,SAAS;gBACT,UAAU;gBACV,cAAc,EACZ,IAAI,CAAC,cAAc,EAAE,cAAc,IAAI,iBAAiB,EAAE;aAC7D,CAAC;YACF,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YAEjB,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nodii/grpc-interceptors",
-  "version": "0.4.8",
+  "version": "0.5.1",
   "description": "Substrate gRPC interceptor library for the Nodii microservice stack — 8 cross-cutting interceptors (logging, audit, enrichAuthContext, tenantContext, auditContext, deadlineGuard, cancellationGuard, errorMap) + re-export façade over @nodii/grpc-auth/saga/idempotency + locked-order createStandardServerStack factory. Spec: planning hub docKey=grpc-interceptors.",
   "license": "MIT",
   "type": "module",
@@ -23,21 +23,25 @@
     "typecheck": "tsc --noEmit",
     "test": "bun test"
   },
-  "dependencies": {
-    "@nodii/grpc-auth": "0.5.1",
-    "@nodii/idempotency": "0.4.0",
-    "@nodii/saga": "0.5.3",
-    "@nodii/telemetry": "0.5.2"
-  },
   "devDependencies": {
-    "@nodii/audit-chain": "0.4.2",
+    "@nodii/audit-chain": "0.8.0",
     "ioredis": "^5.4.0",
     "postgres": "^3.4.0",
-    "typescript": "^5.9.3"
+    "typescript": "^5.9.3",
+    "@nodii/grpc-auth": "0.9.0",
+    "@nodii/idempotency": "0.6.0",
+    "@nodii/saga": "0.6.0",
+    "@nodii/telemetry": "0.9.0"
   },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/cognion-nucleus/nodii-libs.git",
     "directory": "ts/grpc-interceptors"
+  },
+  "peerDependencies": {
+    "@nodii/grpc-auth": ">=0.5.1 <1.0.0",
+    "@nodii/idempotency": ">=0.4.0 <1.0.0",
+    "@nodii/saga": ">=0.5.3 <1.0.0",
+    "@nodii/telemetry": ">=0.5.2 <1.0.0"
   }
 }