@oneuptime/common 8.0.5239 → 8.0.5285

package/Server/API/ProjectAPI.ts

@@ -25,8 +25,10 @@ export default class ProjectAPI extends BaseAPI<Project, ProjectServiceType> {
   public constructor() {
     super(Project, ProjectService);
 
-    /// This API lists all the projects where user is its team member.
-    /// This API is usually used to show project selector dropdown in the UI
+    /*
+     * This API lists all the projects where user is its team member.
+     * This API is usually used to show project selector dropdown in the UI
+     */
     this.router.post(
       `${new this.entityType()
         .getCrudApiPath()

package/Server/API/ResellerPlanAPI.ts

@@ -30,8 +30,10 @@ export default class ResellerPlanAPI extends BaseAPI<
   public constructor() {
     super(ResellerPlan, ResellerPlanService);
 
-    // Reseller Plan Action API
-    // TODO: Refactor this API and make it partner specific.
+    /*
+     * Reseller Plan Action API
+     * TODO: Refactor this API and make it partner specific.
+     */
     this.router.post(
       `${new this.entityType()
         .getCrudApiPath()

package/Server/API/SlackAPI.ts

@@ -181,29 +181,31 @@ export default class SlackAPI {
         let botUserId: string | undefined = undefined;
         let slackUserAccessToken: string | undefined = undefined;
 
-        // ReponseBody is in this format.
-        //   {
-        //     "ok": true,
-        //     "access_token": "sample-token",
-        //     "token_type": "bot",
-        //     "scope": "commands,incoming-webhook",
-        //     "bot_user_id": "U0KRQLJ9H",
-        //     "app_id": "A0KRD7HC3",
-        //     "team": {
-        //         "name": "Slack Pickleball Team",
-        //         "id": "T9TK3CUKW"
-        //     },
-        //     "enterprise": {
-        //         "name": "slack-pickleball",
-        //         "id": "E12345678"
-        //     },
-        //     "authed_user": {
-        //         "id": "U1234",
-        //         "scope": "chat:write",
-        //         "access_token": "sample-token",
-        //         "token_type": "user"
-        //     }
-        // }
+        /*
+         * ReponseBody is in this format.
+         *   {
+         *     "ok": true,
+         *     "access_token": "sample-token",
+         *     "token_type": "bot",
+         *     "scope": "commands,incoming-webhook",
+         *     "bot_user_id": "U0KRQLJ9H",
+         *     "app_id": "A0KRD7HC3",
+         *     "team": {
+         *         "name": "Slack Pickleball Team",
+         *         "id": "T9TK3CUKW"
+         *     },
+         *     "enterprise": {
+         *         "name": "slack-pickleball",
+         *         "id": "E12345678"
+         *     },
+         *     "authed_user": {
+         *         "id": "U1234",
+         *         "scope": "chat:write",
+         *         "access_token": "sample-token",
+         *         "token_type": "user"
+         *     }
+         * }
+         */
 
         if (responseBody["ok"] !== true) {
           return Response.sendErrorResponse(
@@ -407,31 +409,35 @@ export default class SlackAPI {
           "id_token"
         ] as JSONObject;
 
-        // Example of Response Body
-        // {
-        //   "iss": "https://slack.com",
-        //   "sub": "U123ABC456",
-        //   "aud": "25259531569.1115258246291",
-        //   "exp": 1626874955,
-        //   "iat": 1626874655,
-        //   "auth_time": 1626874655,
-        //   "nonce": "abcd",
-        //   "at_hash": "abc...123",
-        //   "https://slack.com/team_id": "T0123ABC456",
-        //   "https://slack.com/user_id": "U123ABC456",
-        //   "email": "alice@example.com",
-        //   "email_verified": true,
-        //   "date_email_verified": 1622128723,
-        //   "locale": "en-US",
-        //   "name": "Alice",
-        //   "given_name": "",
-        //   "family_name": "",
-        //   "https://slack.com/team_image_230": "https://secure.gravatar.com/avatar/bc.png",
-        //   "https://slack.com/team_image_default": true
-        // }
-
-        // check if the team id matches the project id.
-        // get project auth.
+        /*
+         * Example of Response Body
+         * {
+         *   "iss": "https://slack.com",
+         *   "sub": "U123ABC456",
+         *   "aud": "25259531569.1115258246291",
+         *   "exp": 1626874955,
+         *   "iat": 1626874655,
+         *   "auth_time": 1626874655,
+         *   "nonce": "abcd",
+         *   "at_hash": "abc...123",
+         *   "https://slack.com/team_id": "T0123ABC456",
+         *   "https://slack.com/user_id": "U123ABC456",
+         *   "email": "alice@example.com",
+         *   "email_verified": true,
+         *   "date_email_verified": 1622128723,
+         *   "locale": "en-US",
+         *   "name": "Alice",
+         *   "given_name": "",
+         *   "family_name": "",
+         *   "https://slack.com/team_image_230": "https://secure.gravatar.com/avatar/bc.png",
+         *   "https://slack.com/team_image_default": true
+         * }
+         */
+
+        /*
+         * check if the team id matches the project id.
+         * get project auth.
+         */
 
         const projectAuth: WorkspaceProjectAuthToken | null =
           await WorkspaceProjectAuthTokenService.findOneBy({

package/Server/API/StatusPageAPI.ts

@@ -735,9 +735,11 @@ export default class StatusPageAPI extends BaseAPI<
             req: req,
           });
 
-          // get start and end date from request body.
-          // if no end date is provided then it will be current date.
-          // if no start date is provided then it will be 14 days ago from end date.
+          /*
+           * get start and end date from request body.
+           * if no end date is provided then it will be current date.
+           * if no start date is provided then it will be 14 days ago from end date.
+           */
 
           let startDate: Date = OneUptimeDate.getSomeDaysAgo(14);
           let endDate: Date = OneUptimeDate.getCurrentDate();

package/Server/API/UserOnCallLogTimelineAPI.ts

@@ -93,9 +93,11 @@ export default class UserNotificationLogTimelineAPI extends BaseAPI<
       },
     );
 
-    // We have this ack page to show the user a confirmation page before acknowledging the notification.
-    // this is because email clients automatically make a get request to the url in the email and ack the notification automatically which is not what we want.
-    // so we need to create this page for the user to confirm that they want to acknowledge the notification.
+    /*
+     * We have this ack page to show the user a confirmation page before acknowledging the notification.
+     * this is because email clients automatically make a get request to the url in the email and ack the notification automatically which is not what we want.
+     * so we need to create this page for the user to confirm that they want to acknowledge the notification.
+     */
     this.router.get(
       `${new this.entityType()
         .getCrudApiPath()

package/Server/API/{UserTwoFactorAuthAPI.ts → UserTotpAuthAPI.ts}

@@ -1,8 +1,8 @@
 import ObjectID from "../../Types/ObjectID";
 import UserMiddleware from "../Middleware/UserAuthorization";
-import UserTwoFactorAuthService, {
-  Service as UserTwoFactorAuthServiceType,
-} from "../Services/UserTwoFactorAuthService";
+import UserTotpAuthService, {
+  Service as UserTotpAuthServiceType,
+} from "../Services/UserTotpAuthService";
 import {
   ExpressRequest,
   ExpressResponse,
@@ -10,27 +10,27 @@ import {
   OneUptimeRequest,
 } from "../Utils/Express";
 import BaseAPI from "./BaseAPI";
-import UserTwoFactorAuth from "../../Models/DatabaseModels/UserTwoFactorAuth";
+import UserTotpAuth from "../../Models/DatabaseModels/UserTotpAuth";
 import BadDataException from "../../Types/Exception/BadDataException";
-import TwoFactorAuth from "../Utils/TwoFactorAuth";
+import TotpAuth from "../Utils/TotpAuth";
 import Response from "../Utils/Response";
 import User from "../../Models/DatabaseModels/User";
 import UserService from "../Services/UserService";
 
-export default class UserTwoFactorAuthAPI extends BaseAPI<
-  UserTwoFactorAuth,
-  UserTwoFactorAuthServiceType
+export default class UserTotpAuthAPI extends BaseAPI<
+  UserTotpAuth,
+  UserTotpAuthServiceType
 > {
   public constructor() {
-    super(UserTwoFactorAuth, UserTwoFactorAuthService);
+    super(UserTotpAuth, UserTotpAuthService);
 
     this.router.post(
       `${new this.entityType().getCrudApiPath()?.toString()}/validate`,
       UserMiddleware.getUserMiddleware,
       async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
         try {
-          const userTwoFactorAuth: UserTwoFactorAuth | null =
-            await UserTwoFactorAuthService.findOneById({
+          const userTotpAuth: UserTotpAuth | null =
+            await UserTotpAuthService.findOneById({
               id: new ObjectID(req.body["id"]),
               select: {
                 twoFactorSecret: true,
@@ -41,24 +41,24 @@ export default class UserTwoFactorAuthAPI extends BaseAPI<
               },
             });
 
-          if (!userTwoFactorAuth) {
-            throw new BadDataException("Two factor auth not found");
+          if (!userTotpAuth) {
+            throw new BadDataException("TOTP auth not found");
           }
 
           if (
-            userTwoFactorAuth.userId?.toString() !==
+            userTotpAuth.userId?.toString() !==
             (req as OneUptimeRequest).userAuthorization?.userId.toString()
           ) {
             throw new BadDataException("Two factor auth not found");
           }
 
-          if (!userTwoFactorAuth.userId) {
+          if (!userTotpAuth.userId) {
             throw new BadDataException("User not found");
           }
 
           // get user email.
           const user: User | null = await UserService.findOneById({
-            id: userTwoFactorAuth.userId!,
+            id: userTotpAuth.userId!,
             select: {
               email: true,
             },
@@ -75,8 +75,8 @@ export default class UserTwoFactorAuthAPI extends BaseAPI<
             throw new BadDataException("User email not found");
           }
 
-          const isValid: boolean = TwoFactorAuth.verifyToken({
-            secret: userTwoFactorAuth.twoFactorSecret || "",
+          const isValid: boolean = TotpAuth.verifyToken({
+            secret: userTotpAuth.twoFactorSecret || "",
             token: req.body["code"] || "",
             email: user.email!,
           });
@@ -87,8 +87,8 @@ export default class UserTwoFactorAuthAPI extends BaseAPI<
 
           // update this 2fa code as verified
 
-          await UserTwoFactorAuthService.updateOneById({
-            id: userTwoFactorAuth.id!,
+          await UserTotpAuthService.updateOneById({
+            id: userTotpAuth.id!,
             data: {
               isVerified: true,
             },

package/Server/API/UserWebAuthnAPI.ts

@@ -0,0 +1,103 @@
+import ObjectID from "../../Types/ObjectID";
+import UserMiddleware from "../Middleware/UserAuthorization";
+import UserWebAuthnService, {
+  Service as UserWebAuthnServiceType,
+} from "../Services/UserWebAuthnService";
+import {
+  ExpressRequest,
+  ExpressResponse,
+  NextFunction,
+  OneUptimeRequest,
+} from "../Utils/Express";
+import BaseAPI from "./BaseAPI";
+import UserWebAuthn from "../../Models/DatabaseModels/UserWebAuthn";
+import BadDataException from "../../Types/Exception/BadDataException";
+import Response from "../Utils/Response";
+import { JSONObject } from "../../Types/JSON";
+import CommonAPI from "./CommonAPI";
+import DatabaseCommonInteractionProps from "../../Types/BaseDatabase/DatabaseCommonInteractionProps";
+
+export default class UserWebAuthnAPI extends BaseAPI<
+  UserWebAuthn,
+  UserWebAuthnServiceType
+> {
+  public constructor() {
+    super(UserWebAuthn, UserWebAuthnService);
+
+    this.router.post(
+      `${new this.entityType().getCrudApiPath()?.toString()}/generate-registration-options`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          const userId: ObjectID = (req as OneUptimeRequest).userAuthorization!
+            .userId;
+
+          const result: { options: any; challenge: string } =
+            await UserWebAuthnService.generateRegistrationOptions({
+              userId: userId,
+            });
+
+          return Response.sendJsonObjectResponse(req, res, result);
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
+
+    this.router.post(
+      `${new this.entityType().getCrudApiPath()?.toString()}/verify-registration`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          const data: JSONObject = req.body;
+
+          const databaseProps: DatabaseCommonInteractionProps =
+            await CommonAPI.getDatabaseCommonInteractionProps(req);
+
+          const expectedChallenge: string = data["challenge"] as string;
+          const credential: any = data["credential"];
+          const name: string = data["name"] as string;
+
+          await UserWebAuthnService.verifyRegistration({
+            challenge: expectedChallenge,
+            credential: credential,
+            name: name,
+            props: databaseProps,
+          });
+
+          return Response.sendEmptySuccessResponse(req, res);
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
+
+    this.router.post(
+      `${new this.entityType().getCrudApiPath()?.toString()}/generate-authentication-options`,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          const data: JSONObject = req.body["data"] as JSONObject;
+
+          if (!data) {
+            throw new BadDataException("Data is required");
+          }
+
+          const email: string | undefined = data["email"] as string | undefined;
+
+          if (!email) {
+            throw new BadDataException("Email is required");
+          }
+
+          const result: { options: any; challenge: string; userId: string } =
+            await UserWebAuthnService.generateAuthenticationOptions({
+              email: email,
+            });
+
+          return Response.sendJsonObjectResponse(req, res, result);
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
+  }
+}

package/Server/EnvironmentConfig.ts

@@ -340,6 +340,12 @@ export const SlackAppClientSecret: string | null =
 export const SlackAppSigningSecret: string | null =
   process.env["SLACK_APP_SIGNING_SECRET"] || null;
 
+// Microsoft Teams Configuration
+export const MicrosoftTeamsAppClientId: string | null =
+  process.env["MICROSOFT_TEAMS_APP_CLIENT_ID"] || null;
+export const MicrosoftTeamsAppClientSecret: string | null =
+  process.env["MICROSOFT_TEAMS_APP_CLIENT_SECRET"] || null;
+
 // VAPID Configuration for Web Push Notifications
 export const VapidPublicKey: string | undefined =
   process.env["VAPID_PUBLIC_KEY"] || undefined;

package/Server/Infrastructure/Postgres/SchemaMigrations/1753131488925-AddEnableCustomSubscriberEmailNotificationFooterText.ts

@@ -11,8 +11,10 @@ export class AddEnableCustomSubscriberEmailNotificationFooterText1753131488925
       `ALTER TABLE "StatusPage" ADD "enableCustomSubscriberEmailNotificationFooterText" boolean NOT NULL DEFAULT false`,
     );
 
-    // Data migration: Set existing status pages to have enableCustomSubscriberEmailNotificationFooterText = true
-    // This ensures backward compatibility for existing status pages that already have custom footer text
+    /*
+     * Data migration: Set existing status pages to have enableCustomSubscriberEmailNotificationFooterText = true
+     * This ensures backward compatibility for existing status pages that already have custom footer text
+     */
     await queryRunner.query(
       `UPDATE "StatusPage" SET "enableCustomSubscriberEmailNotificationFooterText" = true WHERE "subscriberEmailNotificationFooterText" IS NOT NULL AND "subscriberEmailNotificationFooterText" != ''`,
     );

package/Server/Infrastructure/Postgres/SchemaMigrations/1759175457008-MigrationName.ts

@@ -0,0 +1,27 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class MigrationName1759175457008 implements MigrationInterface {
+  public name = "MigrationName1759175457008";
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `CREATE TABLE "UserWebAuthn" ("_id" uuid NOT NULL DEFAULT uuid_generate_v4(), "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "deletedAt" TIMESTAMP WITH TIME ZONE, "version" integer NOT NULL, "name" character varying(100) NOT NULL, "credentialId" text NOT NULL, "publicKey" text NOT NULL, "counter" text NOT NULL, "transports" text, "isVerified" boolean NOT NULL DEFAULT false, "deletedByUserId" uuid, "userId" uuid, CONSTRAINT "UQ_ed9d287cb27cc360b9c3a4542e9" UNIQUE ("credentialId"), CONSTRAINT "PK_76a58e093d632ac5a9036bfac57" PRIMARY KEY ("_id"))`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "UserWebAuthn" ADD CONSTRAINT "FK_e14966d27e4991f5f53ef54cad5" FOREIGN KEY ("deletedByUserId") REFERENCES "User"("_id") ON DELETE SET NULL ON UPDATE NO ACTION`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "UserWebAuthn" ADD CONSTRAINT "FK_e7a7d2869a90899c5f76ec997c0" FOREIGN KEY ("userId") REFERENCES "User"("_id") ON DELETE CASCADE ON UPDATE NO ACTION`,
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "UserWebAuthn" DROP CONSTRAINT "FK_e7a7d2869a90899c5f76ec997c0"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "UserWebAuthn" DROP CONSTRAINT "FK_e14966d27e4991f5f53ef54cad5"`,
+    );
+    await queryRunner.query(`DROP TABLE "UserWebAuthn"`);
+  }
+}

package/Server/Infrastructure/Postgres/SchemaMigrations/1759232954703-MigrationName.ts

@@ -0,0 +1,25 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class MigrationName1759232954703 implements MigrationInterface {
+  public name = "MigrationName1759232954703";
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "User" DROP COLUMN "twoFactorSecretCode"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "User" DROP COLUMN "twoFactorAuthUrl"`,
+    );
+    await queryRunner.query(`ALTER TABLE "User" DROP COLUMN "backupCodes"`);
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(`ALTER TABLE "User" ADD "backupCodes" text`);
+    await queryRunner.query(
+      `ALTER TABLE "User" ADD "twoFactorAuthUrl" character varying(100)`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "User" ADD "twoFactorSecretCode" character varying(100)`,
+    );
+  }
+}

package/Server/Infrastructure/Postgres/SchemaMigrations/1759234532998-MigrationName.ts

@@ -0,0 +1,15 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class RenameUserTwoFactorAuthToUserTotpAuth1759234532998
+  implements MigrationInterface
+{
+  public name = "RenameUserTwoFactorAuthToUserTotpAuth1759234532998";
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.renameTable("UserTwoFactorAuth", "UserTotpAuth");
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.renameTable("UserTotpAuth", "UserTwoFactorAuth");
+  }
+}

package/Server/Infrastructure/Postgres/SchemaMigrations/Index.ts

@@ -171,6 +171,9 @@ import { MigrationName1758313975491 } from "./1758313975491-MigrationName";
 import { MigrationName1758626094132 } from "./1758626094132-MigrationName";
 import { MigrationName1758629540993 } from "./1758629540993-MigrationName";
 import { MigrationName1758798730753 } from "./1758798730753-MigrationName";
+import { MigrationName1759175457008 } from "./1759175457008-MigrationName";
+import { MigrationName1759232954703 } from "./1759232954703-MigrationName";
+import { RenameUserTwoFactorAuthToUserTotpAuth1759234532998 } from "./1759234532998-MigrationName";
 
 export default [
   InitialMigration,
@@ -346,4 +349,7 @@ export default [
   MigrationName1758626094132,
   MigrationName1758629540993,
   MigrationName1758798730753,
+  MigrationName1759175457008,
+  MigrationName1759232954703,
+  RenameUserTwoFactorAuthToUserTotpAuth1759234532998,
 ];

package/Server/Infrastructure/Queue.ts

@@ -93,8 +93,10 @@ export default class Queue {
         removeOnComplete: { count: 500 }, // keep last 1000 completed jobs
         removeOnFail: { count: 100 }, // keep last 500 failed jobs
       },
-      // Optionally cap the event stream length (supported in BullMQ >= v5)
-      // This helps prevent the :events stream from growing indefinitely
+      /*
+       * Optionally cap the event stream length (supported in BullMQ >= v5)
+       * This helps prevent the :events stream from growing indefinitely
+       */
       streams: {
         events: { maxLen: 1000 },
       },

package/Server/Infrastructure/SocketIO.ts

@@ -26,8 +26,10 @@ export default abstract class IO {
       );
     }
 
-    // const pubClient: ClientType = Redis.getClient()!.duplicate();
-    // const subClient: ClientType = Redis.getClient()!.duplicate();
+    /*
+     * const pubClient: ClientType = Redis.getClient()!.duplicate();
+     * const subClient: ClientType = Redis.getClient()!.duplicate();
+     */
 
     // this.socketServer.adapter(createAdapter(pubClient, subClient));
   }

package/Server/Middleware/ProjectAuthorization.ts

@@ -107,9 +107,11 @@ export default class ProjectMiddleware {
 
           if (apiKeyModel) {
             (req as OneUptimeRequest).userType = UserType.API;
-            // TODO: Add API key permissions.
-            // (req as OneUptimeRequest).permissions =
-            //     apiKeyModel.permissions || [];
+            /*
+             * TODO: Add API key permissions.
+             * (req as OneUptimeRequest).permissions =
+             *     apiKeyModel.permissions || [];
+             */
             (req as OneUptimeRequest).userGlobalAccessPermission =
               await APIKeyAccessPermission.getDefaultApiGlobalPermission(
                 tenantId,

package/Server/Middleware/SlackAuthorization.ts

@@ -53,8 +53,8 @@ export default class SlackAuthorization {
     // check if the signature is valid
     if (
       !crypto.timingSafeEqual(
-        Buffer.from(signature),
-        Buffer.from(slackSignature),
+        Buffer.from(signature) as Uint8Array,
+        Buffer.from(slackSignature) as Uint8Array,
       )
     ) {
       logger.error("Slack Signature Verification Failed.");

package/Server/Middleware/TelemetryIngest.ts

@@ -44,8 +44,10 @@ export default class TelemetryIngest {
         logger.error("Missing header: x-oneuptime-token");
 
         if (isOpenTelemetryAPI) {
-          // then accept the response and return success.
-          // do not return error because it causes Otel to retry the request.
+          /*
+           * then accept the response and return success.
+           * do not return error because it causes Otel to retry the request.
+           */
           return Response.sendEmptySuccessResponse(req, res);
         }
 
@@ -71,8 +73,10 @@ export default class TelemetryIngest {
         logger.error("Invalid service token: " + oneuptimeToken);
 
         if (isOpenTelemetryAPI) {
-          // then accept the response and return success.
-          // do not return error because it causes Otel to retry the request.
+          /*
+           * then accept the response and return success.
+           * do not return error because it causes Otel to retry the request.
+           */
           return Response.sendEmptySuccessResponse(req, res);
         }
 
@@ -89,8 +93,10 @@ export default class TelemetryIngest {
         );
 
         if (isOpenTelemetryAPI) {
-          // then accept the response and return success.
-          // do not return error because it causes Otel to retry the request.
+          /*
+           * then accept the response and return success.
+           * do not return error because it causes Otel to retry the request.
+           */
           return Response.sendEmptySuccessResponse(req, res);
         }