@onroad/core 4.0.0-alpha.16 → 4.0.0-alpha.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/filters/builtins/JwtFilter.d.ts +6 -3
  2. package/dist/filters/builtins/JwtFilter.d.ts.map +1 -1
  3. package/dist/filters/builtins/JwtFilter.js +25 -3
  4. package/dist/filters/builtins/JwtFilter.js.map +1 -1
  5. package/package.json +1 -1
package/dist/filters/builtins/JwtFilter.d.ts CHANGED
@@ -6,11 +6,14 @@ export interface JwtFilterOptions {
6
6
  /**
7
7
  * Function that receives the raw token and returns the decoded payload.
8
8
  * Throw any error to signal an invalid/expired token.
9
+ *
10
+ * Not needed when running behind teraprox-gateway — the gateway validates
11
+ * the JWT and forwards the decoded payload via `x-decoded-user` header.
9
12
  */
10
- verify: (token: string) => Promise<unknown> | unknown;
13
+ verify?: (token: string) => Promise<unknown> | unknown;
11
14
  /**
12
15
  * Custom function to extract the token from the request.
13
- * Default: reads "Authorization: Bearer <token>"
16
+ * Default: reads "x-app-token" header, then "Authorization: Bearer <token>"
14
17
  */
15
18
  extractToken?: (req: Request) => string | undefined;
16
19
  /**
@@ -21,7 +24,7 @@ export interface JwtFilterOptions {
21
24
  }
22
25
  export declare class JwtFilter extends OnRoadFilter {
23
26
  private readonly options;
24
- constructor(options: JwtFilterOptions);
27
+ constructor(options?: JwtFilterOptions);
25
28
  execute(req: Request, res: Response, chain: FilterChain): Promise<void>;
26
29
  }
27
30
  //# sourceMappingURL=JwtFilter.d.ts.map
package/dist/filters/builtins/JwtFilter.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"JwtFilter.d.ts","sourceRoot":"","sources":["../../../src/filters/builtins/JwtFilter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAChD,OAAO,gCAAgC,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAChD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAEpD,MAAM,WAAW,gBAAgB;IAC/B;;;OAGG;IACH,MAAM,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAA;IACrD;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,CAAA;IACnD;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,qBAAa,SAAU,SAAQ,YAAY;IACzC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAkB;gBAE9B,OAAO,EAAE,gBAAgB;IAK/B,OAAO,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;CAoB9E"}
1
+ {"version":3,"file":"JwtFilter.d.ts","sourceRoot":"","sources":["../../../src/filters/builtins/JwtFilter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAA;AAChD,OAAO,gCAAgC,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAChD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAEpD,MAAM,WAAW,gBAAgB;IAC/B;;;;;;OAMG;IACH,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAA;IACtD;;;OAGG;IACH,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,MAAM,GAAG,SAAS,CAAA;IACnD;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAED,qBAAa,SAAU,SAAQ,YAAY;IACzC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAkB;gBAE9B,OAAO,GAAE,gBAAqB;IAKpC,OAAO,CAAC,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;CA8B9E"}
package/dist/filters/builtins/JwtFilter.js CHANGED
@@ -2,11 +2,21 @@ import "../../types/express-augment.js";
2
2
  import { OnRoadFilter } from "../FilterChain.js";
3
3
  export class JwtFilter extends OnRoadFilter {
4
4
  options;
5
- constructor(options) {
5
+ constructor(options = {}) {
6
6
  super();
7
7
  this.options = options;
8
8
  }
9
9
  async execute(req, res, chain) {
10
+ // 1. Gateway already validated — use forwarded decoded payload directly
11
+ const decodedHeader = req.headers["x-decoded-user"];
12
+ if (typeof decodedHeader === "string" && decodedHeader) {
13
+ try {
14
+ req.decoded = JSON.parse(decodedHeader);
15
+ return await chain.next(req, res);
16
+ }
17
+ catch { /* malformed header — fall through to token extraction */ }
18
+ }
19
+ // 2. Standalone mode — extract and verify token
10
20
  const extract = this.options.extractToken ?? extractBearerToken;
11
21
  const token = extract(req);
12
22
  if (!token) {
@@ -14,11 +24,11 @@ export class JwtFilter extends OnRoadFilter {
14
24
  res.status(401).json({ error: "Unauthorized", message: "Missing authentication token" });
15
25
  return;
16
26
  }
17
- // Anonymous allowed — skip decode, proceed
18
27
  return await chain.next(req, res);
19
28
  }
20
29
  try {
21
- req.decoded = await this.options.verify(token);
30
+ const verifyFn = this.options.verify ?? decodeJwtPayload;
31
+ req.decoded = await verifyFn(token);
22
32
  await chain.next(req, res);
23
33
  }
24
34
  catch {
@@ -35,4 +45,16 @@ function extractBearerToken(req) {
35
45
  return undefined;
36
46
  return auth.slice(7);
37
47
  }
48
+ /**
49
+ * Decodes a JWT payload (base64url) without verifying the signature.
50
+ * Fallback for standalone mode when no verify function is provided.
51
+ */
52
+ function decodeJwtPayload(token) {
53
+ const parts = token.split(".");
54
+ if (parts.length !== 3)
55
+ throw new Error("Invalid JWT structure");
56
+ const payload = parts[1];
57
+ const json = Buffer.from(payload, "base64url").toString("utf-8");
58
+ return JSON.parse(json);
59
+ }
38
60
  //# sourceMappingURL=JwtFilter.js.map
package/dist/filters/builtins/JwtFilter.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"JwtFilter.js","sourceRoot":"","sources":["../../../src/filters/builtins/JwtFilter.ts"],"names":[],"mappings":"AACA,OAAO,gCAAgC,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAqBhD,MAAM,OAAO,SAAU,SAAQ,YAAY;IACxB,OAAO,CAAkB;IAE1C,YAAY,OAAyB;QACnC,KAAK,EAAE,CAAA;QACP,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,KAAkB;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,kBAAkB,CAAA;QAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAA;QAE1B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC,CAAA;gBACxF,OAAM;YACR,CAAC;YACD,2CAA2C;YAC3C,OAAO,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QACnC,CAAC;QAED,IAAI,CAAC;YACH,GAAG,CAAC,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;YAC9C,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAA;QACtF,CAAC;IACH,CAAC;CACF;AAED,SAAS,kBAAkB,CAAC,GAAY;IACtC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IACzC,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAA;IAE7C,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IACzC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAA;IAC7E,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACtB,CAAC"}
1
+ {"version":3,"file":"JwtFilter.js","sourceRoot":"","sources":["../../../src/filters/builtins/JwtFilter.ts"],"names":[],"mappings":"AACA,OAAO,gCAAgC,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAA;AAwBhD,MAAM,OAAO,SAAU,SAAQ,YAAY;IACxB,OAAO,CAAkB;IAE1C,YAAY,UAA4B,EAAE;QACxC,KAAK,EAAE,CAAA;QACP,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,KAAkB;QAC3D,wEAAwE;QACxE,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;QACnD,IAAI,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,EAAE,CAAC;YACvD,IAAI,CAAC;gBACH,GAAG,CAAC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;gBACvC,OAAO,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;YACnC,CAAC;YAAC,MAAM,CAAC,CAAC,yDAAyD,CAAC,CAAC;QACvE,CAAC;QAED,gDAAgD;QAChD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,kBAAkB,CAAA;QAC/D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,CAAA;QAE1B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACpC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC,CAAA;gBACxF,OAAM;YACR,CAAC;YACD,OAAO,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QACnC,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,gBAAgB,CAAA;YACxD,GAAG,CAAC,OAAO,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAA;YACnC,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAA;QACtF,CAAC;IACH,CAAC;CACF;AAED,SAAS,kBAAkB,CAAC,GAAY;IACtC,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;IACzC,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,MAAM,CAAA;IAE7C,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAA;IACzC,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,SAAS,CAAA;IAC7E,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;AACtB,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,KAAa;IACrC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;IAChE,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAE,CAAA;IACzB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;IAChE,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAA;AACpD,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@onroad/core",
3
- "version": "4.0.0-alpha.16",
3
+ "version": "4.0.0-alpha.17",
4
4
  "description": "TypeScript backend framework — DI Container, Filter Chain, EventBus, Provider Pattern",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",