@omen.foundation/node-microservice-runtime 0.1.63 → 0.1.64
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.cjs +97 -0
- package/dist/collector-manager.cjs +910 -0
- package/dist/decorators.cjs +181 -0
- package/dist/dependency.cjs +165 -0
- package/dist/dev.cjs +34 -0
- package/dist/discovery.cjs +79 -0
- package/dist/docs.cjs +206 -0
- package/dist/env.cjs +125 -0
- package/dist/errors.cjs +58 -0
- package/dist/federation.cjs +356 -0
- package/dist/index.cjs +66 -0
- package/dist/inventory.cjs +361 -0
- package/dist/logger.cjs +480 -0
- package/dist/logger.d.ts.map +1 -1
- package/dist/logger.js +16 -32
- package/dist/logger.js.map +1 -1
- package/dist/message.cjs +19 -0
- package/dist/requester.cjs +100 -0
- package/dist/routing.cjs +39 -0
- package/dist/runtime.cjs +791 -0
- package/dist/services.cjs +346 -0
- package/dist/storage.cjs +147 -0
- package/dist/types.cjs +2 -0
- package/dist/utils/urls.cjs +55 -0
- package/dist/websocket.cjs +142 -0
- package/package.json +1 -1
- package/src/logger.ts +15 -34
package/dist/auth.cjs
ADDED
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AuthManager = void 0;
|
|
4
|
+
const node_crypto_1 = require("node:crypto");
|
|
5
|
+
const node_url_1 = require("node:url");
|
|
6
|
+
const errors_js_1 = require("./errors.js");
|
|
7
|
+
class AuthManager {
|
|
8
|
+
constructor(env, requester) {
|
|
9
|
+
this.env = env;
|
|
10
|
+
this.requester = requester;
|
|
11
|
+
}
|
|
12
|
+
async authenticate() {
|
|
13
|
+
if (this.env.secret) {
|
|
14
|
+
await this.authenticateWithRealmSecret();
|
|
15
|
+
return;
|
|
16
|
+
}
|
|
17
|
+
if (this.env.refreshToken) {
|
|
18
|
+
await this.authenticateWithRefreshToken();
|
|
19
|
+
return;
|
|
20
|
+
}
|
|
21
|
+
throw new errors_js_1.AuthenticationError('Neither SECRET nor REFRESH_TOKEN is configured.');
|
|
22
|
+
}
|
|
23
|
+
async authenticateWithRealmSecret() {
|
|
24
|
+
var _a, _b;
|
|
25
|
+
const nonce = await this.requester.request('get', 'gateway/nonce');
|
|
26
|
+
if (!(nonce === null || nonce === void 0 ? void 0 : nonce.nonce)) {
|
|
27
|
+
throw new errors_js_1.AuthenticationError('Gateway did not provide a nonce for authentication.');
|
|
28
|
+
}
|
|
29
|
+
const signature = this.calculateRealmSignature((_a = this.env.secret) !== null && _a !== void 0 ? _a : '', nonce.nonce);
|
|
30
|
+
const body = {
|
|
31
|
+
cid: this.env.cid,
|
|
32
|
+
pid: this.env.pid,
|
|
33
|
+
signature,
|
|
34
|
+
};
|
|
35
|
+
const response = await this.requester.request('post', 'gateway/auth', body);
|
|
36
|
+
if (!response || response.result !== 'ok') {
|
|
37
|
+
throw new errors_js_1.AuthenticationError(`Realm secret authentication failed with result=${(_b = response === null || response === void 0 ? void 0 : response.result) !== null && _b !== void 0 ? _b : 'unknown'}.`);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
async authenticateWithRefreshToken() {
|
|
41
|
+
var _a;
|
|
42
|
+
const accessToken = await this.exchangeRefreshToken();
|
|
43
|
+
const body = {
|
|
44
|
+
cid: this.env.cid,
|
|
45
|
+
pid: this.env.pid,
|
|
46
|
+
token: accessToken,
|
|
47
|
+
};
|
|
48
|
+
const response = await this.requester.request('post', 'gateway/auth', body);
|
|
49
|
+
if (!response || response.result !== 'ok') {
|
|
50
|
+
throw new errors_js_1.AuthenticationError(`Refresh-token authentication failed with result=${(_a = response === null || response === void 0 ? void 0 : response.result) !== null && _a !== void 0 ? _a : 'unknown'}.`);
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
calculateRealmSignature(secret, nonce) {
|
|
54
|
+
const hash = (0, node_crypto_1.createHash)('md5');
|
|
55
|
+
hash.update(secret + nonce, 'utf8');
|
|
56
|
+
return hash.digest('base64');
|
|
57
|
+
}
|
|
58
|
+
async exchangeRefreshToken() {
|
|
59
|
+
var _a;
|
|
60
|
+
if (!this.env.refreshToken) {
|
|
61
|
+
throw new errors_js_1.AuthenticationError('REFRESH_TOKEN missing.');
|
|
62
|
+
}
|
|
63
|
+
const baseUrl = this.hostToHttpUrl();
|
|
64
|
+
const tokenUrl = new node_url_1.URL('/basic/auth/token', baseUrl).toString();
|
|
65
|
+
const response = await fetch(tokenUrl, {
|
|
66
|
+
method: 'POST',
|
|
67
|
+
headers: {
|
|
68
|
+
'Content-Type': 'application/json',
|
|
69
|
+
Accept: 'application/json',
|
|
70
|
+
'beam-scope': `${this.env.cid}.${this.env.pid}`,
|
|
71
|
+
},
|
|
72
|
+
body: JSON.stringify({
|
|
73
|
+
grant_type: 'refresh_token',
|
|
74
|
+
refresh_token: this.env.refreshToken,
|
|
75
|
+
}),
|
|
76
|
+
});
|
|
77
|
+
if (!response.ok) {
|
|
78
|
+
throw new errors_js_1.AuthenticationError(`Failed to retrieve access token. status=${response.status}`);
|
|
79
|
+
}
|
|
80
|
+
const payload = (await response.json());
|
|
81
|
+
if (!payload.access_token) {
|
|
82
|
+
throw new errors_js_1.AuthenticationError(`Refresh-token exchange failed: ${(_a = payload.error) !== null && _a !== void 0 ? _a : 'unknown error'}`);
|
|
83
|
+
}
|
|
84
|
+
return payload.access_token;
|
|
85
|
+
}
|
|
86
|
+
hostToHttpUrl() {
|
|
87
|
+
const host = this.env.host.replace(/\/socket$/, '');
|
|
88
|
+
if (host.startsWith('wss://')) {
|
|
89
|
+
return `https://${host.substring('wss://'.length)}`;
|
|
90
|
+
}
|
|
91
|
+
if (host.startsWith('ws://')) {
|
|
92
|
+
return `http://${host.substring('ws://'.length)}`;
|
|
93
|
+
}
|
|
94
|
+
return host;
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
exports.AuthManager = AuthManager;
|