npm - @openstax/ts-utils - Versions diffs - 1.21.11 → 1.23.0 - Mend

@openstax/ts-utils 1.21.11 → 1.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/dist/cjs/assertions/index.d.ts +85 -0
package/dist/cjs/assertions/index.js +157 -0
package/dist/cjs/aws/ssmService.d.ts +5 -0
package/dist/cjs/aws/ssmService.js +9 -0
package/dist/cjs/config/awsParameterConfig.d.ts +10 -0
package/dist/cjs/config/awsParameterConfig.js +26 -0
package/dist/cjs/config/envConfig.d.ts +24 -0
package/dist/cjs/config/envConfig.js +57 -0
package/dist/cjs/config/index.d.ts +48 -0
package/dist/cjs/config/index.js +35 -0
package/dist/cjs/config/lambdaParameterConfig.d.ts +12 -0
package/dist/cjs/config/lambdaParameterConfig.js +45 -0
package/dist/cjs/config/replaceConfig.d.ts +14 -0
package/dist/cjs/config/replaceConfig.js +22 -0
package/dist/cjs/config/resolveConfigValue.d.ts +5 -0
package/dist/cjs/config/resolveConfigValue.js +12 -0
package/dist/cjs/errors/index.d.ts +77 -0
package/dist/cjs/errors/index.js +109 -0
package/dist/cjs/fetch/fetchStatusRetry.d.ts +7 -0
package/dist/cjs/fetch/fetchStatusRetry.js +16 -0
package/dist/cjs/fetch/index.d.ts +64 -0
package/dist/cjs/fetch/index.js +55 -0
package/dist/cjs/guards/index.d.ts +30 -0
package/dist/cjs/guards/index.js +35 -0
package/dist/cjs/index.d.ts +4 -0
package/dist/cjs/index.js +20 -0
package/dist/cjs/middleware/apiErrorHandler.d.ts +24 -0
package/dist/cjs/middleware/apiErrorHandler.js +41 -0
package/dist/cjs/middleware/apiSlowResponseMiddleware.d.ts +23 -0
package/dist/cjs/middleware/apiSlowResponseMiddleware.js +54 -0
package/dist/cjs/middleware/index.d.ts +47 -0
package/dist/cjs/middleware/index.js +48 -0
package/dist/cjs/middleware/lambdaCorsResponseMiddleware.d.ts +20 -0
package/dist/cjs/middleware/lambdaCorsResponseMiddleware.js +42 -0
package/dist/cjs/middleware/throwNotFoundMiddleware.d.ts +4 -0
package/dist/cjs/middleware/throwNotFoundMiddleware.js +14 -0
package/dist/cjs/misc/hashValue.d.ts +10 -0
package/dist/cjs/misc/hashValue.js +17 -0
package/dist/cjs/misc/helpers.d.ts +124 -0
package/dist/cjs/misc/helpers.js +214 -0
package/dist/cjs/misc/merge.d.ts +21 -0
package/dist/cjs/misc/merge.js +45 -0
package/dist/cjs/misc/partitionSequence.d.ts +35 -0
package/dist/cjs/misc/partitionSequence.js +55 -0
package/dist/cjs/pagination/index.d.ts +91 -0
package/dist/cjs/pagination/index.js +83 -0
package/dist/cjs/routing/helpers.d.ts +57 -0
package/dist/cjs/routing/helpers.js +90 -0
package/dist/cjs/routing/index.d.ts +272 -0
package/dist/cjs/routing/index.js +270 -0
package/dist/cjs/routing/validators/zod.d.ts +4 -0
package/dist/cjs/routing/validators/zod.js +12 -0
package/dist/cjs/services/accountsGateway/index.d.ts +85 -0
package/dist/cjs/services/accountsGateway/index.js +118 -0
package/dist/cjs/services/apiGateway/index.d.ts +63 -0
package/dist/cjs/services/apiGateway/index.js +108 -0
package/dist/cjs/services/authProvider/browser.d.ts +74 -0
package/dist/cjs/services/authProvider/browser.js +154 -0
package/dist/cjs/services/authProvider/decryption.d.ts +19 -0
package/dist/cjs/services/authProvider/decryption.js +61 -0
package/dist/cjs/services/authProvider/index.d.ts +61 -0
package/dist/cjs/services/authProvider/index.js +26 -0
package/dist/cjs/services/authProvider/subrequest.d.ts +16 -0
package/dist/cjs/services/authProvider/subrequest.js +50 -0
package/dist/cjs/services/authProvider/utils/decryptAndVerify.d.ts +29 -0
package/dist/cjs/services/authProvider/utils/decryptAndVerify.js +91 -0
package/dist/cjs/services/authProvider/utils/embeddedAuthProvider.d.ts +26 -0
package/dist/cjs/services/authProvider/utils/embeddedAuthProvider.js +47 -0
package/dist/cjs/services/authProvider/utils/userRoleValidator.d.ts +13 -0
package/dist/cjs/services/authProvider/utils/userRoleValidator.js +37 -0
package/dist/cjs/services/documentStore/dynamoEncoding.d.ts +10 -0
package/dist/cjs/services/documentStore/dynamoEncoding.js +52 -0
package/dist/cjs/services/documentStore/index.d.ts +14 -0
package/dist/cjs/services/documentStore/index.js +2 -0
package/dist/cjs/services/documentStore/unversioned/dynamodb.d.ts +16 -0
package/dist/cjs/services/documentStore/unversioned/dynamodb.js +122 -0
package/dist/cjs/services/documentStore/unversioned/file-system.d.ts +18 -0
package/dist/cjs/services/documentStore/unversioned/file-system.js +121 -0
package/dist/cjs/services/documentStore/unversioned/index.d.ts +2 -0
package/dist/cjs/services/documentStore/unversioned/index.js +2 -0
package/dist/cjs/services/documentStore/versioned/dynamodb.d.ts +22 -0
package/dist/cjs/services/documentStore/versioned/dynamodb.js +135 -0
package/dist/cjs/services/documentStore/versioned/file-system.d.ts +24 -0
package/dist/cjs/services/documentStore/versioned/file-system.js +62 -0
package/dist/cjs/services/documentStore/versioned/index.d.ts +17 -0
package/dist/cjs/services/documentStore/versioned/index.js +2 -0
package/dist/cjs/services/exercisesGateway/index.d.ts +71 -0
package/dist/cjs/services/exercisesGateway/index.js +97 -0
package/dist/cjs/services/fileServer/index.d.ts +17 -0
package/dist/cjs/services/fileServer/index.js +19 -0
package/dist/cjs/services/fileServer/localFileServer.d.ts +13 -0
package/dist/cjs/services/fileServer/localFileServer.js +23 -0
package/dist/cjs/services/fileServer/s3FileServer.d.ts +16 -0
package/dist/cjs/services/fileServer/s3FileServer.js +25 -0
package/dist/cjs/services/launchParams/index.d.ts +2 -0
package/dist/cjs/services/launchParams/index.js +7 -0
package/dist/cjs/services/launchParams/signer.d.ts +27 -0
package/dist/cjs/services/launchParams/signer.js +58 -0
package/dist/cjs/services/launchParams/verifier.d.ts +22 -0
package/dist/cjs/services/launchParams/verifier.js +94 -0
package/dist/cjs/services/logger/console.d.ts +4 -0
package/dist/cjs/services/logger/console.js +12 -0
package/dist/cjs/services/logger/index.d.ts +39 -0
package/dist/cjs/services/logger/index.js +31 -0
package/dist/cjs/services/lrsGateway/addStatementDefaultFields.d.ts +5 -0
package/dist/cjs/services/lrsGateway/addStatementDefaultFields.js +21 -0
package/dist/cjs/services/lrsGateway/attempt-utils.d.ts +70 -0
package/dist/cjs/services/lrsGateway/attempt-utils.js +258 -0
package/dist/cjs/services/lrsGateway/file-system.d.ts +17 -0
package/dist/cjs/services/lrsGateway/file-system.js +140 -0
package/dist/cjs/services/lrsGateway/index.d.ts +125 -0
package/dist/cjs/services/lrsGateway/index.js +138 -0
package/dist/cjs/services/lrsGateway/xapiUtils.d.ts +61 -0
package/dist/cjs/services/lrsGateway/xapiUtils.js +94 -0
package/dist/cjs/services/postgresConnection/index.d.ts +35 -0
package/dist/cjs/services/postgresConnection/index.js +63 -0
package/dist/cjs/services/searchProvider/index.d.ts +31 -0
package/dist/cjs/services/searchProvider/index.js +2 -0
package/dist/cjs/services/searchProvider/memorySearchTheBadWay.d.ts +14 -0
package/dist/cjs/services/searchProvider/memorySearchTheBadWay.js +89 -0
package/dist/cjs/tsconfig.without-specs.cjs.tsbuildinfo +1 -0
package/dist/cjs/types.d.ts +31 -0
package/dist/cjs/types.js +2 -0
package/dist/esm/assertions/index.d.ts +85 -0
package/dist/esm/assertions/index.js +146 -0
package/dist/esm/aws/ssmService.d.ts +5 -0
package/dist/esm/aws/ssmService.js +6 -0
package/dist/esm/config/awsParameterConfig.d.ts +10 -0
package/dist/esm/config/awsParameterConfig.js +22 -0
package/dist/esm/config/envConfig.d.ts +24 -0
package/dist/esm/config/envConfig.js +53 -0
package/dist/esm/config/index.d.ts +48 -0
package/dist/esm/config/index.js +17 -0
package/dist/esm/config/lambdaParameterConfig.d.ts +12 -0
package/dist/esm/config/lambdaParameterConfig.js +38 -0
package/dist/esm/config/replaceConfig.d.ts +14 -0
package/dist/esm/config/replaceConfig.js +18 -0
package/dist/esm/config/resolveConfigValue.d.ts +5 -0
package/dist/esm/config/resolveConfigValue.js +8 -0
package/dist/esm/errors/index.d.ts +77 -0
package/dist/esm/errors/index.js +99 -0
package/dist/esm/fetch/fetchStatusRetry.d.ts +7 -0
package/dist/esm/fetch/fetchStatusRetry.js +12 -0
package/dist/esm/fetch/index.d.ts +64 -0
package/dist/esm/fetch/index.js +46 -0
package/dist/esm/guards/index.d.ts +30 -0
package/dist/esm/guards/index.js +28 -0
package/dist/esm/index.d.ts +4 -0
package/dist/esm/index.js +4 -0
package/dist/esm/middleware/apiErrorHandler.d.ts +24 -0
package/dist/esm/middleware/apiErrorHandler.js +37 -0
package/dist/esm/middleware/apiSlowResponseMiddleware.d.ts +23 -0
package/dist/esm/middleware/apiSlowResponseMiddleware.js +50 -0
package/dist/esm/middleware/index.d.ts +47 -0
package/dist/esm/middleware/index.js +44 -0
package/dist/esm/middleware/lambdaCorsResponseMiddleware.d.ts +20 -0
package/dist/esm/middleware/lambdaCorsResponseMiddleware.js +38 -0
package/dist/esm/middleware/throwNotFoundMiddleware.d.ts +4 -0
package/dist/esm/middleware/throwNotFoundMiddleware.js +10 -0
package/dist/esm/misc/hashValue.d.ts +10 -0
package/dist/esm/misc/hashValue.js +13 -0
package/dist/esm/misc/helpers.d.ts +124 -0
package/dist/esm/misc/helpers.js +199 -0
package/dist/esm/misc/merge.d.ts +21 -0
package/dist/esm/misc/merge.js +40 -0
package/dist/esm/misc/partitionSequence.d.ts +35 -0
package/dist/esm/misc/partitionSequence.js +48 -0
package/dist/esm/pagination/index.d.ts +91 -0
package/dist/esm/pagination/index.js +77 -0
package/dist/esm/routing/helpers.d.ts +57 -0
package/dist/esm/routing/helpers.js +83 -0
package/dist/esm/routing/index.d.ts +272 -0
package/dist/esm/routing/index.js +232 -0
package/dist/esm/routing/validators/zod.d.ts +4 -0
package/dist/esm/routing/validators/zod.js +8 -0
package/dist/esm/services/accountsGateway/index.d.ts +85 -0
package/dist/esm/services/accountsGateway/index.js +111 -0
package/dist/esm/services/apiGateway/index.d.ts +63 -0
package/dist/esm/services/apiGateway/index.js +77 -0
package/dist/esm/services/authProvider/browser.d.ts +74 -0
package/dist/esm/services/authProvider/browser.js +150 -0
package/dist/esm/services/authProvider/decryption.d.ts +19 -0
package/dist/esm/services/authProvider/decryption.js +57 -0
package/dist/esm/services/authProvider/index.d.ts +61 -0
package/dist/esm/services/authProvider/index.js +18 -0
package/dist/esm/services/authProvider/subrequest.d.ts +16 -0
package/dist/esm/services/authProvider/subrequest.js +43 -0
package/dist/esm/services/authProvider/utils/decryptAndVerify.d.ts +29 -0
package/dist/esm/services/authProvider/utils/decryptAndVerify.js +85 -0
package/dist/esm/services/authProvider/utils/embeddedAuthProvider.d.ts +26 -0
package/dist/esm/services/authProvider/utils/embeddedAuthProvider.js +40 -0
package/dist/esm/services/authProvider/utils/userRoleValidator.d.ts +13 -0
package/dist/esm/services/authProvider/utils/userRoleValidator.js +33 -0
package/dist/esm/services/documentStore/dynamoEncoding.d.ts +10 -0
package/dist/esm/services/documentStore/dynamoEncoding.js +45 -0
package/dist/esm/services/documentStore/index.d.ts +14 -0
package/dist/esm/services/documentStore/index.js +1 -0
package/dist/esm/services/documentStore/unversioned/dynamodb.d.ts +16 -0
package/dist/esm/services/documentStore/unversioned/dynamodb.js +118 -0
package/dist/esm/services/documentStore/unversioned/file-system.d.ts +18 -0
package/dist/esm/services/documentStore/unversioned/file-system.js +91 -0
package/dist/esm/services/documentStore/unversioned/index.d.ts +2 -0
package/dist/esm/services/documentStore/unversioned/index.js +1 -0
package/dist/esm/services/documentStore/versioned/dynamodb.d.ts +22 -0
package/dist/esm/services/documentStore/versioned/dynamodb.js +131 -0
package/dist/esm/services/documentStore/versioned/file-system.d.ts +24 -0
package/dist/esm/services/documentStore/versioned/file-system.js +58 -0
package/dist/esm/services/documentStore/versioned/index.d.ts +17 -0
package/dist/esm/services/documentStore/versioned/index.js +1 -0
package/dist/esm/services/exercisesGateway/index.d.ts +71 -0
package/dist/esm/services/exercisesGateway/index.js +70 -0
package/dist/esm/services/fileServer/index.d.ts +17 -0
package/dist/esm/services/fileServer/index.js +13 -0
package/dist/esm/services/fileServer/localFileServer.d.ts +13 -0
package/dist/esm/services/fileServer/localFileServer.js +16 -0
package/dist/esm/services/fileServer/s3FileServer.d.ts +16 -0
package/dist/esm/services/fileServer/s3FileServer.js +21 -0
package/dist/esm/services/launchParams/index.d.ts +2 -0
package/dist/esm/services/launchParams/index.js +2 -0
package/dist/esm/services/launchParams/signer.d.ts +27 -0
package/dist/esm/services/launchParams/signer.js +51 -0
package/dist/esm/services/launchParams/verifier.d.ts +22 -0
package/dist/esm/services/launchParams/verifier.js +67 -0
package/dist/esm/services/logger/console.d.ts +4 -0
package/dist/esm/services/logger/console.js +8 -0
package/dist/esm/services/logger/index.d.ts +39 -0
package/dist/esm/services/logger/index.js +27 -0
package/dist/esm/services/lrsGateway/addStatementDefaultFields.d.ts +5 -0
package/dist/esm/services/lrsGateway/addStatementDefaultFields.js +14 -0
package/dist/esm/services/lrsGateway/attempt-utils.d.ts +70 -0
package/dist/esm/services/lrsGateway/attempt-utils.js +236 -0
package/dist/esm/services/lrsGateway/file-system.d.ts +17 -0
package/dist/esm/services/lrsGateway/file-system.js +110 -0
package/dist/esm/services/lrsGateway/index.d.ts +125 -0
package/dist/esm/services/lrsGateway/index.js +111 -0
package/dist/esm/services/lrsGateway/xapiUtils.d.ts +61 -0
package/dist/esm/services/lrsGateway/xapiUtils.js +84 -0
package/dist/esm/services/postgresConnection/index.d.ts +35 -0
package/dist/esm/services/postgresConnection/index.js +56 -0
package/dist/esm/services/searchProvider/index.d.ts +31 -0
package/dist/esm/services/searchProvider/index.js +1 -0
package/dist/esm/services/searchProvider/memorySearchTheBadWay.d.ts +14 -0
package/dist/esm/services/searchProvider/memorySearchTheBadWay.js +85 -0
package/dist/esm/tsconfig.without-specs.esm.tsbuildinfo +1 -0
package/dist/esm/types.d.ts +31 -0
package/dist/esm/types.js +1 -0
package/package.json +16 -16
package/script/bin/deploy.bash +8 -0
package/script/bin/get-env-param.bash +3 -3
package/script/bin/init-params-script.bash +10 -1
package/script/bin/upload-params.bash +3 -3
package/dist/tsconfig.tsbuildinfo +0 -1

package/dist/esm/services/authProvider/index.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+import type { FetchConfig } from '../../fetch';
+import type { HttpHeaders, QueryParams } from '../../routing';
+import type { Logger } from '../logger';
+export declare type ConsentPreferences = {
+    consent_preferences: {
+        accepted: string[];
+        rejected: string[];
+    };
+};
+export declare type TokenUser = {
+    id: number;
+    name: string;
+    first_name: string;
+    last_name: string;
+    full_name: string;
+    uuid: string;
+    faculty_status: string;
+    is_administrator: boolean;
+} & Partial<ConsentPreferences>;
+export interface ApiUser extends TokenUser {
+    contact_infos: Array<{
+        type: string;
+        value: string;
+        is_verified: boolean;
+        is_guessed_preferred: boolean;
+    }>;
+    applications: Array<{
+        id: number;
+        name: string;
+        roles: string[];
+    }>;
+    external_ids: string[];
+    is_not_gdpr_location: boolean;
+    self_reported_role: string;
+    signed_contract_names: string[];
+    using_openstax: boolean;
+}
+export declare type User = TokenUser | ApiUser;
+export declare type AuthProvider = {
+    getUser: () => Promise<User | undefined>;
+    /**
+     * gets second argument for `fetch` that has authentication token or cookie
+     */
+    getAuthorizedFetchConfig: () => Promise<FetchConfig>;
+};
+export declare type CookieAuthProviderRequest = {
+    cookies?: string[];
+    headers: HttpHeaders;
+    queryStringParameters?: QueryParams;
+};
+export declare type CookieAuthProvider<T extends AuthProvider = AuthProvider> = (inputs: {
+    request: CookieAuthProviderRequest;
+    logger: Logger;
+}) => T;
+export declare type StubAuthProvider = (user: User | undefined) => AuthProvider;
+export declare const stubAuthProvider: (user?: User | undefined) => AuthProvider;
+export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string, queryKey?: string) => [string, {
+    Authorization: string;
+}] | [string, {
+    cookie: string;
+}];

package/dist/esm/services/authProvider/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+import cookie from 'cookie';
+import { tuple } from '../../misc/helpers';
+import { getHeader } from '../../routing/helpers';
+export const stubAuthProvider = (user) => ({
+    getUser: () => Promise.resolve(user),
+    getAuthorizedFetchConfig: () => Promise.resolve(user ? { headers: { Authorization: user.uuid } } : {})
+});
+export const getAuthTokenOrCookie = (request, cookieName, queryKey = 'auth') => {
+    var _a, _b;
+    const authParam = request.queryStringParameters ? request.queryStringParameters[queryKey] : undefined;
+    const authHeader = getHeader(request.headers, 'authorization');
+    const cookieValue = cookie.parse((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
+    return typeof authParam === 'string'
+        ? tuple(authParam, { Authorization: `Bearer ${authParam}` })
+        : authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ')
+            ? tuple(authHeader.slice(7), { Authorization: authHeader })
+            : tuple(cookieValue, { cookie: cookie.serialize(cookieName, cookieValue) });
+};

package/dist/esm/services/authProvider/subrequest.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { ConfigProviderForConfig } from '../../config';
+import { GenericFetch } from '../../fetch';
+import { CookieAuthProvider } from '.';
+declare type Config = {
+    cookieName: string;
+    accountsBase: string;
+};
+interface Initializer<C> {
+    configSpace?: C;
+    fetch: GenericFetch;
+}
+export declare const subrequestAuthProvider: <C extends string = "subrequest">(initializer: Initializer<C>) => (configProvider: { [key in C]: {
+    cookieName: import("../../config").ConfigValueProvider<string>;
+    accountsBase: import("../../config").ConfigValueProvider<string>;
+}; }) => CookieAuthProvider;
+export {};

package/dist/esm/services/authProvider/subrequest.js ADDED Viewed

@@ -0,0 +1,43 @@
+import cookie from 'cookie';
+import { once } from '../..';
+import { resolveConfigValue } from '../../config';
+import { ifDefined } from '../../guards';
+import { getAuthTokenOrCookie } from '.';
+export const subrequestAuthProvider = (initializer) => (configProvider) => {
+    const config = configProvider[ifDefined(initializer.configSpace, 'subrequest')];
+    const cookieName = once(() => resolveConfigValue(config.cookieName));
+    const accountsBase = once(() => resolveConfigValue(config.accountsBase));
+    return ({ request, logger }) => {
+        let user;
+        const getAuthorizedFetchConfig = async () => {
+            const [token, headers] = getAuthTokenOrCookie(request, await cookieName());
+            if (!token) {
+                return {};
+            }
+            return { headers };
+        };
+        const loadUser = async () => {
+            const resolvedCookieName = await cookieName();
+            const [token] = getAuthTokenOrCookie(request, resolvedCookieName);
+            if (!token) {
+                return undefined;
+            }
+            const headers = { cookie: cookie.serialize(resolvedCookieName, token) };
+            const user = await initializer.fetch((await accountsBase()).replace(/\/+$/, '') + '/api/user', { headers })
+                .then(response => response.json());
+            if (user) {
+                logger.setContext({ user: user.uuid });
+            }
+            return user;
+        };
+        return {
+            getAuthorizedFetchConfig,
+            getUser: async () => {
+                if (!user) {
+                    user = await loadUser();
+                }
+                return user;
+            }
+        };
+    };
+};

package/dist/esm/services/authProvider/utils/decryptAndVerify.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+/// <reference types="node" />
+import type { User } from '..';
+export declare const decryptJwe: (jwe: string, encryptionPrivateKey: Buffer | string) => string | undefined;
+declare type MaybeAccountsSSOToken = {
+    iss?: string;
+    sub?: User | string;
+    aud?: string;
+    exp?: number;
+    nbf?: number;
+    iat?: number;
+    jti?: string;
+};
+export declare const verifyJws: (jws: string, signaturePublicKey: Buffer | string) => MaybeAccountsSSOToken | undefined;
+/**
+ * Decrypts and verifies a SSO cookie.
+ *
+ * @param token the encrypted token
+ * @param encryptionPrivateKey the private key used to encrypt the token
+ * @param signaturePublicKey the public key used to verify the decrypted token
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
+ */
+export declare const decryptAndVerify: (token: string, encryptionPrivateKey: string, signaturePublicKey: string) => {
+    user: User;
+    exp: number;
+} | {
+    error: string;
+    exp?: number;
+};
+export {};

package/dist/esm/services/authProvider/utils/decryptAndVerify.js ADDED Viewed

@@ -0,0 +1,85 @@
+import { createDecipheriv, verify } from 'crypto';
+import { isPlainObject } from '../../../guards';
+export const decryptJwe = (jwe, encryptionPrivateKey) => {
+    const jweParts = jwe.split('.', 6);
+    if (jweParts.length !== 5 || jweParts[1]) {
+        return undefined;
+    } // Invalid/unsupported JWE
+    const header = JSON.parse(Buffer.from(jweParts[0], 'base64url').toString());
+    if (header.alg !== 'dir' || header.enc !== 'A256GCM') {
+        // Unsupported signature/encryption algorithm
+        return undefined;
+    }
+    const aad = Buffer.from(jweParts[0]);
+    const iv = Buffer.from(jweParts[2], 'base64url');
+    const cipherText = Buffer.from(jweParts[3], 'base64url');
+    const authTag = Buffer.from(jweParts[4], 'base64url');
+    // Verify token signature and decrypt
+    const decipher = createDecipheriv('aes-256-gcm', encryptionPrivateKey, iv, { authTagLength: 16 });
+    decipher.setAAD(aad, { plaintextLength: cipherText.length });
+    try {
+        decipher.setAuthTag(authTag);
+        return `${decipher.update(cipherText)}${decipher.final()}`;
+    }
+    catch (error) {
+        // Invalid cipherText or authTag
+        return undefined;
+    }
+};
+const issuer = 'OpenStax Accounts';
+const audience = 'OpenStax';
+const clockTolerance = 300; // 5 minutes
+export const verifyJws = (jws, signaturePublicKey) => {
+    const jwsParts = jws.split('.', 4);
+    if (jwsParts.length !== 3) {
+        return undefined;
+    } // Invalid JWS
+    const header = JSON.parse(Buffer.from(jwsParts[0], 'base64url').toString());
+    if (header.alg !== 'RS256' || header.typ !== 'JWT') {
+        return undefined;
+    } // Unsupported JWS
+    const signedContent = Buffer.from(`${jwsParts[0]}.${jwsParts[1]}`);
+    const signature = Buffer.from(jwsParts[2], 'base64url');
+    if (!verify('RSA-SHA256', signedContent, signaturePublicKey, signature)) {
+        return undefined;
+    }
+    const payload = Buffer.from(jwsParts[1], 'base64url').toString();
+    try {
+        return JSON.parse(payload);
+    }
+    catch (error) {
+        return undefined;
+    }
+};
+/**
+ * Decrypts and verifies a SSO cookie.
+ *
+ * @param token the encrypted token
+ * @param encryptionPrivateKey the private key used to encrypt the token
+ * @param signaturePublicKey the public key used to verify the decrypted token
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
+ */
+export const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey) => {
+    const timestamp = Math.floor(Date.now() / 1000);
+    const jws = decryptJwe(token, encryptionPrivateKey);
+    if (!jws) {
+        return { error: 'invalid token' };
+    }
+    const payload = verifyJws(jws, signaturePublicKey);
+    // Ensure payload contains all the claims we expect
+    // Normally "sub" would be a string but Accounts uses an object for it instead
+    if (!isPlainObject(payload) ||
+        !isPlainObject(payload.sub) || !payload.sub.uuid ||
+        payload.iss !== issuer ||
+        payload.aud !== audience ||
+        !payload.exp ||
+        !payload.nbf || payload.nbf > timestamp + clockTolerance ||
+        !payload.iat || payload.iat > timestamp + clockTolerance ||
+        !payload.jti) {
+        return { error: 'invalid token' };
+    }
+    if (payload.exp < timestamp - clockTolerance) {
+        return { error: 'expired token', exp: payload.exp };
+    }
+    return { user: payload.sub, exp: payload.exp };
+};

package/dist/esm/services/authProvider/utils/embeddedAuthProvider.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import { User } from '..';
+import { Window } from '../browser';
+export declare type UserData = {
+    user?: User;
+    token: string | null;
+};
+declare type UserDataLoader = () => Promise<UserData>;
+export declare enum PostMessageTypes {
+    ReceiveUser = "receive-user",
+    RequestUser = "request-user"
+}
+export declare const embeddedAuthProvider: (getUserData: UserDataLoader, { authQuery, window }: {
+    authQuery?: {
+        key: string;
+        value: string | null;
+    } | undefined;
+    window: Window;
+}) => {
+    embeddedQueryKey: string;
+    embeddedQueryValue: string;
+    getAuthorizedEmbedUrl: (urlString: string, extraParams?: {
+        [key: string]: string;
+    } | undefined) => string;
+    unmount: () => void;
+};
+export {};

package/dist/esm/services/authProvider/utils/embeddedAuthProvider.js ADDED Viewed

@@ -0,0 +1,40 @@
+import queryString from 'query-string';
+export var PostMessageTypes;
+(function (PostMessageTypes) {
+    PostMessageTypes["ReceiveUser"] = "receive-user";
+    PostMessageTypes["RequestUser"] = "request-user";
+})(PostMessageTypes || (PostMessageTypes = {}));
+export const embeddedAuthProvider = (getUserData, { authQuery, window }) => {
+    const trustedEmbeds = new Set();
+    const embeddedQueryKey = 'embedded';
+    const embeddedQueryValue = 'true';
+    const messageHandler = event => {
+        if (event.data.type === PostMessageTypes.RequestUser && trustedEmbeds.has(event.origin)) {
+            getUserData().then(data => {
+                event.source.postMessage({ type: PostMessageTypes.ReceiveUser, userData: data }, event.origin);
+            });
+        }
+    };
+    window.addEventListener('message', messageHandler);
+    const getAuthorizedEmbedUrl = (urlString, extraParams) => {
+        const url = new URL(urlString);
+        trustedEmbeds.add(url.origin);
+        const params = queryString.parse(url.search);
+        url.search = queryString.stringify({
+            ...params,
+            ...extraParams,
+            ...(authQuery && authQuery.value ? { [authQuery.key]: authQuery.value } : { auth: 'embedded' }),
+            [embeddedQueryKey]: embeddedQueryValue,
+            subcontent: 'true',
+        });
+        return url.href;
+    };
+    return {
+        embeddedQueryKey,
+        embeddedQueryValue,
+        getAuthorizedEmbedUrl,
+        unmount: () => {
+            window.removeEventListener('message', messageHandler);
+        }
+    };
+};

package/dist/esm/services/authProvider/utils/userRoleValidator.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { AuthProvider } from '..';
+import { AssertionFailed } from '../../../assertions';
+import { ConfigProviderForConfig } from '../../../config';
+declare type Config = {
+    application: string;
+};
+export declare const createUserRoleValidator: (auth: AuthProvider, config: ConfigProviderForConfig<Config>) => {
+    getUserRoles: () => Promise<string[]>;
+    userHasRole: (role: string[]) => Promise<boolean>;
+    assertUserRole: (role: string[], fail?: AssertionFailed) => Promise<void>;
+};
+export declare type UserRoleValidator = ReturnType<typeof createUserRoleValidator>;
+export {};

package/dist/esm/services/authProvider/utils/userRoleValidator.js ADDED Viewed

@@ -0,0 +1,33 @@
+import { doThrow } from '../../../assertions';
+import { resolveConfigValue } from '../../../config/resolveConfigValue';
+import { UnauthorizedError } from '../../../errors';
+import { once } from '../../../misc/helpers';
+export const createUserRoleValidator = (auth, config) => {
+    const application = once(() => resolveConfigValue(config.application));
+    const getUserRoles = async () => {
+        var _a;
+        const user = await auth.getUser();
+        const appName = await application();
+        if (!user || !('applications' in user)) {
+            return [];
+        }
+        return ((_a = user.applications.find(a => a.name === appName)) === null || _a === void 0 ? void 0 : _a.roles) || [];
+    };
+    const userHasRole = async (role) => {
+        const roles = await getUserRoles();
+        if (!roles.some(r => role.includes(r))) {
+            return false;
+        }
+        return true;
+    };
+    const assertUserRole = async (role, fail = new UnauthorizedError()) => {
+        if (!await userHasRole(role)) {
+            return doThrow(fail);
+        }
+    };
+    return {
+        getUserRoles,
+        userHasRole,
+        assertUserRole
+    };
+};

package/dist/esm/services/documentStore/dynamoEncoding.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { AttributeValue } from '@aws-sdk/client-dynamodb';
+import { DocumentBaseType, DocumentBaseValueTypes } from '.';
+export declare const encodeDynamoAttribute: (value: DocumentBaseValueTypes) => AttributeValue;
+export declare const encodeDynamoDocument: (base: DocumentBaseType) => {
+    [k: string]: AttributeValue;
+};
+export declare const decodeDynamoAttribute: (value: AttributeValue) => DocumentBaseValueTypes;
+export declare const decodeDynamoDocument: <T extends DocumentBaseType>(document: {
+    [key: string]: AttributeValue;
+}) => T;

package/dist/esm/services/documentStore/dynamoEncoding.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { isPlainObject } from '../../guards';
+export const encodeDynamoAttribute = (value) => {
+    if (typeof value === 'string') {
+        return { S: value };
+    }
+    if (typeof value === 'number') {
+        return { N: value.toString() };
+    }
+    if (typeof value === 'boolean') {
+        return { BOOL: value };
+    }
+    if (value === null) {
+        return { NULL: true };
+    }
+    if (value instanceof Array) {
+        return { L: value.map(encodeDynamoAttribute) };
+    }
+    if (isPlainObject(value)) {
+        return { M: encodeDynamoDocument(value) };
+    }
+    throw new Error(`unknown attribute type ${typeof value} with value ${value}.`);
+};
+export const encodeDynamoDocument = (base) => Object.fromEntries(Object.entries(base).map(([key, value]) => ([key, encodeDynamoAttribute(value)])));
+export const decodeDynamoAttribute = (value) => {
+    if (value.S !== undefined) {
+        return value.S;
+    }
+    if (value.N !== undefined) {
+        return parseFloat(value.N);
+    }
+    if (value.BOOL !== undefined) {
+        return value.BOOL;
+    }
+    if (value.NULL !== undefined) {
+        return null;
+    }
+    if (value.L !== undefined) {
+        return value.L.map(decodeDynamoAttribute);
+    }
+    if (value.M !== undefined) {
+        return decodeDynamoDocument(value.M);
+    }
+    throw new Error(`unknown attribute type: ${JSON.stringify(value)}.`);
+};
+export const decodeDynamoDocument = (document) => Object.fromEntries(Object.entries(document).map(([key, value]) => ([key, decodeDynamoAttribute(value)])));

package/dist/esm/services/documentStore/index.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+export declare type Config = {
+    tableName: string;
+};
+export declare type DocumentBaseMapType = {
+    [key: string]: DocumentBaseValueTypes;
+};
+export declare type DocumentBaseListType = DocumentBaseValueTypes[];
+export declare type DocumentBaseValueTypes = number | boolean | string | null | DocumentBaseMapType | DocumentBaseListType;
+export declare type DocumentBaseType = {
+    [key: string]: DocumentBaseValueTypes;
+};
+export declare type TDocument<T> = {
+    [k in keyof T]: DocumentBaseValueTypes;
+};

package/dist/esm/services/documentStore/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/esm/services/documentStore/unversioned/dynamodb.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { Config, TDocument } from '..';
+import { ConfigProviderForConfig } from '../../../config';
+interface Initializer<C> {
+    configSpace?: C;
+}
+export declare const dynamoUnversionedDocumentStore: <C extends string = "dynamodb">(initializer?: Initializer<C> | undefined) => <T extends TDocument<T>>() => (configProvider: { [key in C]: {
+    tableName: import("../../../config").ConfigValueProvider<string>;
+}; }) => <K extends keyof T>(_: {}, hashKey: K) => {
+    loadAllDocumentsTheBadWay: () => Promise<T[]>;
+    batchGetItem: (ids: T[K][]) => Promise<T[]>;
+    getItem: (id: T[K]) => Promise<T | undefined>;
+    incrementItemAttribute: (id: T[K], attribute: keyof T) => Promise<number>;
+    patchItem: (item: Partial<T>) => Promise<T>;
+    putItem: (item: T) => Promise<T>;
+};
+export {};

package/dist/esm/services/documentStore/unversioned/dynamodb.js ADDED Viewed

@@ -0,0 +1,118 @@
+import { BatchGetItemCommand, DynamoDB, GetItemCommand, PutItemCommand, ScanCommand, UpdateItemCommand } from '@aws-sdk/client-dynamodb';
+import { once } from '../../..';
+import { resolveConfigValue } from '../../../config';
+import { NotFoundError } from '../../../errors';
+import { ifDefined } from '../../../guards';
+import { decodeDynamoDocument, encodeDynamoAttribute, encodeDynamoDocument } from '../dynamoEncoding';
+const dynamodb = once(() => new DynamoDB({ apiVersion: '2012-08-10' }));
+export const dynamoUnversionedDocumentStore = (initializer) => () => (configProvider) => (_, hashKey) => {
+    const options = ifDefined(initializer, {});
+    const tableName = once(() => resolveConfigValue(configProvider[ifDefined(options.configSpace, 'dynamodb')].tableName));
+    return {
+        loadAllDocumentsTheBadWay: async () => {
+            const loadAllResults = async (ExclusiveStartKey) => {
+                var _a, _b;
+                const cmd = new ScanCommand({ TableName: await tableName(), ExclusiveStartKey });
+                const result = await dynamodb().send(cmd);
+                const resultItems = (_b = (_a = result.Items) === null || _a === void 0 ? void 0 : _a.map((item) => decodeDynamoDocument(item))) !== null && _b !== void 0 ? _b : [];
+                if (result.LastEvaluatedKey) {
+                    return [...resultItems, ...await loadAllResults(result.LastEvaluatedKey)];
+                }
+                return resultItems;
+            };
+            return loadAllResults();
+        },
+        batchGetItem: async (ids) => {
+            const table = await tableName();
+            const key = hashKey.toString();
+            const getBatches = async (requestItems) => {
+                const cmd = new BatchGetItemCommand({
+                    RequestItems: requestItems !== null && requestItems !== void 0 ? requestItems : { [table]: { Keys: ids.map((id) => ({ [key]: encodeDynamoAttribute(id) })) } },
+                });
+                const response = await dynamodb().send(cmd);
+                const currentResponses = response.Responses ?
+                    response.Responses[table].map(response => decodeDynamoDocument(response)) : [];
+                return currentResponses.concat(response.UnprocessedKeys ? await getBatches(response.UnprocessedKeys) : []);
+            };
+            return getBatches();
+        },
+        getItem: async (id) => {
+            const cmd = new GetItemCommand({
+                Key: { [hashKey.toString()]: encodeDynamoAttribute(id) },
+                TableName: await tableName(),
+            });
+            return dynamodb().send(cmd).then(result => result.Item ? decodeDynamoDocument(result.Item) : undefined);
+        },
+        /* atomically increments the given item attribute by 1 */
+        incrementItemAttribute: async (id, attribute) => {
+            const key = hashKey.toString();
+            const field = attribute.toString();
+            const cmd = new UpdateItemCommand({
+                Key: { [key]: encodeDynamoAttribute(id) },
+                TableName: await tableName(),
+                UpdateExpression: 'ADD #f :one',
+                ConditionExpression: 'attribute_exists(#k)',
+                ExpressionAttributeNames: { '#k': hashKey.toString(), '#f': field },
+                ExpressionAttributeValues: { ':one': { N: '1' } },
+                ReturnValues: 'UPDATED_NEW',
+            });
+            return dynamodb().send(cmd).then((item) => {
+                var _a;
+                const result = (_a = item.Attributes) === null || _a === void 0 ? void 0 : _a[field]['N'];
+                if (!result) {
+                    throw new NotFoundError(`Item with ${key} "${id}" does not exist`);
+                }
+                return parseFloat(result);
+            }).catch((error) => {
+                throw error.name === 'ConditionalCheckFailedException' ?
+                    new NotFoundError(`Item with ${key} "${id}" does not exist`) : error;
+            });
+        },
+        /* replaces only specified attributes with the given data */
+        patchItem: async (item) => {
+            const id = item[hashKey];
+            const key = hashKey.toString();
+            if (!id) {
+                throw new Error(`Key attribute "${key}" is required for patchItem`);
+            }
+            const entries = Object.entries(item).filter(([field]) => field !== key);
+            if (entries.length === 0) {
+                throw new Error('No attributes to update');
+            }
+            const updates = [];
+            const expressionAttributeNames = { '#k': key };
+            const expressionAttributeValues = {};
+            entries.forEach(([field, value], index) => {
+                updates.push(`#f${index} = :f${index}`);
+                expressionAttributeNames[`#f${index}`] = field;
+                expressionAttributeValues[`:f${index}`] = encodeDynamoAttribute(value);
+            });
+            const cmd = new UpdateItemCommand({
+                Key: { [key]: encodeDynamoAttribute(id) },
+                TableName: await tableName(),
+                UpdateExpression: `SET ${updates.join(', ')}`,
+                ConditionExpression: 'attribute_exists(#k)',
+                ExpressionAttributeNames: expressionAttributeNames,
+                ExpressionAttributeValues: expressionAttributeValues,
+                ReturnValues: 'ALL_NEW',
+            });
+            return dynamodb().send(cmd).then((item) => {
+                if (!item.Attributes) {
+                    throw new NotFoundError(`Item with ${key} "${id}" does not exist`);
+                }
+                return decodeDynamoDocument(item.Attributes);
+            }).catch((error) => {
+                throw error.name === 'ConditionalCheckFailedException' ?
+                    new NotFoundError(`Item with ${key} "${id}" does not exist`) : error;
+            });
+        },
+        /* replaces the entire document with the given data */
+        putItem: async (item) => {
+            const cmd = new PutItemCommand({
+                TableName: await tableName(),
+                Item: encodeDynamoDocument(item),
+            });
+            return dynamodb().send(cmd).then(() => item);
+        },
+    };
+};

package/dist/esm/services/documentStore/unversioned/file-system.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { Config, TDocument } from '..';
+import { ConfigProviderForConfig } from '../../../config';
+interface Initializer<C> {
+    dataDir: string;
+    fs?: Pick<typeof import('fs'), 'mkdir' | 'readdir' | 'readFile' | 'writeFile'>;
+    configSpace?: C;
+}
+export declare const fileSystemUnversionedDocumentStore: <C extends string = "fileSystem">(initializer: Initializer<C>) => <T extends TDocument<T>>() => (configProvider: { [key in C]: {
+    tableName: import("../../../config").ConfigValueProvider<string>;
+}; }) => <K extends keyof T>(_: {}, hashKey: K) => {
+    loadAllDocumentsTheBadWay: () => Promise<T[]>;
+    batchGetItem: (ids: T[K][]) => Promise<Exclude<Awaited<T>, undefined>[]>;
+    getItem: (id: T[K]) => Promise<T | undefined>;
+    incrementItemAttribute: (id: T[K], attribute: keyof T) => Promise<number>;
+    patchItem: (item: Partial<T>) => Promise<T>;
+    putItem: (item: T) => Promise<T>;
+};
+export {};