@openstax/ts-utils 1.15.5 → 1.16.2

package/dist/cjs/middleware/apiSlowResponseMiddleware.js

@@ -35,7 +35,7 @@ const createSlowResponseMiddleware = (config) => {
                     });
                     resolve((0, routing_1.apiTextResponse)(504, '504 Gateway Timeout'));
                 }, timeoutAfter));
-            const requestPromise = response.then(response => {
+            const requestPromise = response.finally(() => {
                 const time = Date.now() - start;
                 if (timeout !== undefined) {
                     clearTimeout(timeout);
@@ -46,7 +46,6 @@ const createSlowResponseMiddleware = (config) => {
                         time,
                     });
                 }
-                return response;
             });
             return timeoutPromise ? Promise.race([timeoutPromise, requestPromise]) : requestPromise;
         });

package/dist/cjs/services/authProvider/browser.js

@@ -133,7 +133,7 @@ const browserAuthProvider = ({ window, configSpace }) => (configProvider) => {
         /**
          * loads current user identity. does not reflect changes in identity after being called the first time.
          */
-        getUser
+        getUser,
     };
 };
 exports.browserAuthProvider = browserAuthProvider;

package/dist/cjs/services/authProvider/decryption.d.ts

@@ -1,5 +1,5 @@
 import type { ConfigProviderForConfig } from '../../config';
-import { CookieAuthProvider } from '.';
+import { AuthProvider, CookieAuthProvider } from '.';
 declare type Config = {
     cookieName: string;
     encryptionPrivateKey: string;
@@ -8,9 +8,12 @@ declare type Config = {
 interface Initializer<C> {
     configSpace?: C;
 }
+export declare type DecryptionAuthProvider = AuthProvider & {
+    getTokenExpiration: (tokenString?: string) => Promise<number | null | undefined>;
+};
 export declare const decryptionAuthProvider: <C extends string = "decryption">(initializer: Initializer<C>) => (configProvider: { [key in C]: {
     cookieName: import("../../config").ConfigValueProvider<string>;
     encryptionPrivateKey: import("../../config").ConfigValueProvider<string>;
     signaturePublicKey: import("../../config").ConfigValueProvider<string>;
-}; }) => CookieAuthProvider;
+}; }) => CookieAuthProvider<DecryptionAuthProvider>;
 export {};

package/dist/cjs/services/authProvider/decryption.js

@@ -21,12 +21,18 @@ const decryptionAuthProvider = (initializer) => (configProvider) => {
             }
             return { headers };
         };
-        const loadUser = async () => {
-            const [token] = (0, _1.getAuthTokenOrCookie)(request, await cookieName());
+        const getPayload = async (tokenString) => {
+            const token = tokenString !== null && tokenString !== void 0 ? tokenString : (0, _1.getAuthTokenOrCookie)(request, await cookieName())[0];
             if (!token) {
                 return undefined;
             }
-            const result = (0, decryptAndVerify_1.decryptAndVerify)(token, await encryptionPrivateKey(), await signaturePublicKey());
+            return (0, decryptAndVerify_1.decryptAndVerify)(token, await encryptionPrivateKey(), await signaturePublicKey());
+        };
+        const loadUser = async () => {
+            const result = await getPayload();
+            if (!result) {
+                return undefined;
+            }
             if ('error' in result && result.error == 'expired token') {
                 throw new errors_1.SessionExpiredError();
             }
@@ -34,12 +40,17 @@ const decryptionAuthProvider = (initializer) => (configProvider) => {
         };
         return {
             getAuthorizedFetchConfig,
+            getTokenExpiration: async (tokenString) => {
+                var _a;
+                const payload = await getPayload(tokenString);
+                return payload ? ((_a = payload.exp) !== null && _a !== void 0 ? _a : null) : undefined;
+            },
             getUser: async () => {
                 if (!user) {
                     user = await loadUser();
                 }
                 return user;
-            }
+            },
         };
     };
 };

package/dist/cjs/services/authProvider/index.d.ts

@@ -45,9 +45,9 @@ export declare type CookieAuthProviderRequest = {
     headers: HttpHeaders;
     queryStringParameters?: QueryParams;
 };
-export declare type CookieAuthProvider = (inputs: {
+export declare type CookieAuthProvider<T extends AuthProvider = AuthProvider> = (inputs: {
     request: CookieAuthProviderRequest;
-}) => AuthProvider;
+}) => T;
 export declare type StubAuthProvider = (user: User | undefined) => AuthProvider;
 export declare const stubAuthProvider: (user?: User | undefined) => AuthProvider;
 export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string, queryKey?: string) => [string, {

package/dist/cjs/services/authProvider/utils/decryptAndVerify.d.ts

@@ -17,11 +17,13 @@ export declare const verifyJws: (jws: string, signaturePublicKey: Buffer | strin
  * @param token the encrypted token
  * @param encryptionPrivateKey the private key used to encrypt the token
  * @param signaturePublicKey the public key used to verify the decrypted token
- * @returns {user: User} (success) or {error: string} (failure)
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
  */
 export declare const decryptAndVerify: (token: string, encryptionPrivateKey: string, signaturePublicKey: string) => {
     user: User;
+    exp: number;
 } | {
     error: string;
+    exp?: number;
 };
 export {};

package/dist/cjs/services/authProvider/utils/decryptAndVerify.js

@@ -62,7 +62,7 @@ exports.verifyJws = verifyJws;
  * @param token the encrypted token
  * @param encryptionPrivateKey the private key used to encrypt the token
  * @param signaturePublicKey the public key used to verify the decrypted token
- * @returns {user: User} (success) or {error: string} (failure)
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
  */
 const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey) => {
     const timestamp = Math.floor(Date.now() / 1000);
@@ -84,8 +84,8 @@ const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey) => {
         return { error: 'invalid token' };
     }
     if (payload.exp < timestamp - clockTolerance) {
-        return { error: 'expired token' };
+        return { error: 'expired token', exp: payload.exp };
     }
-    return { user: payload.sub };
+    return { user: payload.sub, exp: payload.exp };
 };
 exports.decryptAndVerify = decryptAndVerify;

package/dist/cjs/services/documentStore/unversioned/file-system.js

@@ -80,7 +80,7 @@ const fileSystemUnversionedDocumentStore = (initializer) => () => (configProvide
             await mkTableDir;
             const data = await load(filename);
             if (!data) {
-                throw new Error(`Item with ${hashKey.toString()} "${id}" does not exist`);
+                throw new errors_1.NotFoundError(`Item with ${hashKey.toString()} "${id}" does not exist`);
             }
             const newValue = typeof data[attribute] === 'number' ? data[attribute] + 1 : 1;
             const newItem = { ...data, [hashKey]: id, [attribute]: newValue };

package/dist/cjs/services/launchParams/signer.d.ts

@@ -21,7 +21,7 @@ export declare const createLaunchSigner: <C extends string = "launch">({ configS
     jwks: () => Promise<{
         keys: JWK.RawKey[];
     }>;
-    sign: (subject: string) => Promise<string>;
+    sign: (subject: string, maxExpiresIn?: string | number | null | undefined) => Promise<string>;
 };
 export declare type LaunchSigner = ReturnType<ReturnType<typeof createLaunchSigner>>;
 export {};

package/dist/cjs/services/launchParams/signer.js

@@ -5,6 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createLaunchSigner = void 0;
 const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
+const ms_1 = __importDefault(require("ms"));
 const node_jose_1 = require("node-jose");
 const __1 = require("../..");
 const config_1 = require("../../config");
@@ -33,9 +34,17 @@ const createLaunchSigner = ({ configSpace }) => (configProvider) => {
         return keystore;
     });
     const jwks = async () => (await getKeyStore()).toJSON(false);
-    const sign = async (subject) => {
-        const alg = await getAlg();
+    const getExpiresInWithMax = async (maxExpiresIn) => {
         const expiresIn = await getExpiresIn();
+        const maxExpiresInSeconds = typeof maxExpiresIn === 'number' ? maxExpiresIn :
+            typeof maxExpiresIn === 'string' ? Math.floor((0, ms_1.default)(maxExpiresIn) / 1000) :
+                undefined;
+        return maxExpiresInSeconds ? Math.min(Math.floor((0, ms_1.default)(expiresIn) / 1000), maxExpiresInSeconds) : expiresIn;
+    };
+    const sign = async (subject, maxExpiresIn) => {
+        const alg = await getAlg();
+        // expiresIn can be a number of seconds or a string like '1h' or '1d'
+        const expiresIn = await getExpiresInWithMax(maxExpiresIn);
         const iss = await getIss();
         const header = { alg, iss };
         return jsonwebtoken_1.default.sign({}, await getPrivateKey(), { algorithm: alg, expiresIn, header, issuer: iss, subject });

package/dist/cjs/services/launchParams/verifier.d.ts

@@ -1,3 +1,4 @@
+import jwt from 'jsonwebtoken';
 import type { JWK } from 'node-jose';
 import { ConfigProviderForConfig } from '../../config';
 declare type Config = {
@@ -15,7 +16,7 @@ interface Initializer<C> {
 export declare const createLaunchVerifier: <C extends string = "launch">({ configSpace, fetcher }: Initializer<C>) => (configProvider: { [key in C]: {
     trustedDomain: import("../../config").ConfigValueProvider<string>;
 }; }) => {
-    verify: (token: string) => Promise<string>;
+    verify: <T = undefined>(...[token, validator]: T extends undefined ? [string] : [string, (input: any) => T]) => Promise<T extends undefined ? jwt.JwtPayload : T>;
 };
 export declare type LaunchVerifier = ReturnType<ReturnType<typeof createLaunchVerifier>>;
 export {};

package/dist/cjs/services/launchParams/verifier.js

@@ -60,7 +60,7 @@ const createLaunchVerifier = ({ configSpace, fetcher }) => (configProvider) => {
             callback(error);
         }
     };
-    const verify = (token) => new Promise((resolve, reject) => jsonwebtoken_1.default.verify(token, getKey, {}, (err, payload) => {
+    const verify = (...[token, validator]) => new Promise((resolve, reject) => jsonwebtoken_1.default.verify(token, getKey, {}, (err, payload) => {
         if (err && err instanceof jsonwebtoken_1.TokenExpiredError) {
             reject(new errors_1.SessionExpiredError());
         }
@@ -74,7 +74,19 @@ const createLaunchVerifier = ({ configSpace, fetcher }) => (configProvider) => {
             reject(new Error('JWT payload missing sub claim'));
         }
         else {
-            resolve(payload.sub);
+            // we are migrating away from json encoding all the parameters into the `sub` claim
+            // and into using separate claims for each parameter. in transition, we check if the sub
+            // is json and return it if it is. this is still a breaking change when using this
+            // utility because applications no longer need to independently json parse the result
+            // starting now.
+            const parsed = payload;
+            try {
+                const jsonSubContents = JSON.parse(payload.sub);
+                Object.assign(parsed, jsonSubContents);
+            }
+            catch (e) { } // eslint-disable-line no-empty
+            // conditional return types are annoying
+            resolve((validator ? validator(parsed) : parsed));
         }
     }));
     return { verify };