npm - @openstax/ts-utils - Versions diffs - 1.34.0 → 1.34.1 - Mend

@openstax/ts-utils 1.34.0 → 1.34.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (503) hide show

package/dist/cjs/services/authProvider/decryption.js ADDED Viewed

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptionAuthProvider = void 0;
+const resolveConfigValue_1 = require("../../config/resolveConfigValue");
+const errors_1 = require("../../errors");
+const guards_1 = require("../../guards");
+const helpers_1 = require("../../misc/helpers");
+const decryptAndVerify_1 = require("./utils/decryptAndVerify");
+const userSubrequest_1 = require("./utils/userSubrequest");
+const _1 = require(".");
+const decryptionAuthProvider = (initializer) => (configProvider) => {
+    const config = configProvider[(0, guards_1.ifDefined)(initializer.configSpace, 'decryption')];
+    const accountsBase = (0, helpers_1.once)(() => (0, resolveConfigValue_1.resolveConfigValue)(config.accountsBase));
+    const cookieName = (0, helpers_1.once)(() => (0, resolveConfigValue_1.resolveConfigValue)(config.cookieName));
+    const encryptionPrivateKey = (0, helpers_1.once)(() => (0, resolveConfigValue_1.resolveConfigValue)(config.encryptionPrivateKey));
+    const signaturePublicKey = (0, helpers_1.once)(() => (0, resolveConfigValue_1.resolveConfigValue)(config.signaturePublicKey));
+    return ({ request, logger }) => {
+        let user;
+        let userData;
+        const getAuthToken = async () => (0, _1.getAuthTokenOrCookie)(request, await cookieName())[0];
+        const getAuthorizedFetchConfig = async () => {
+            const [token, headers] = (0, _1.getAuthTokenOrCookie)(request, await cookieName());
+            if (!token) {
+                return {};
+            }
+            return { headers };
+        };
+        const getDecryptedPayload = async (tokenString) => {
+            const token = tokenString !== null && tokenString !== void 0 ? tokenString : await getAuthToken();
+            if (!token) {
+                return undefined;
+            }
+            return (0, decryptAndVerify_1.decryptAndVerify)(token, await encryptionPrivateKey(), await signaturePublicKey());
+        };
+        const getUser = async () => {
+            if (!user) {
+                const result = await getDecryptedPayload();
+                if (!result) {
+                    return undefined;
+                }
+                if ('error' in result && result.error == 'expired token') {
+                    throw new errors_1.SessionExpiredError();
+                }
+                if ('user' in result) {
+                    logger.setContext({ user: result.user.uuid });
+                    user = result.user;
+                }
+            }
+            return user;
+        };
+        return {
+            getAuthToken,
+            getAuthorizedFetchConfig,
+            getTokenExpiration: async (tokenString) => {
+                var _a;
+                const payload = await getDecryptedPayload(tokenString);
+                return payload ? ((_a = payload.exp) !== null && _a !== void 0 ? _a : null) : undefined;
+            },
+            getUser,
+            loadUserData: async () => {
+                if (!userData) {
+                    const token = await getAuthToken();
+                    if (!token) {
+                        return undefined;
+                    }
+                    userData = await (0, userSubrequest_1.loadUserData)(initializer.fetch, await accountsBase(), await cookieName(), token);
+                }
+                return userData;
+            },
+        };
+    };
+};
+exports.decryptionAuthProvider = decryptionAuthProvider;

package/dist/cjs/services/authProvider/index.d.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import type { FetchConfig } from '../../fetch';
+import type { HttpHeaders, QueryParams } from '../../routing';
+import type { Logger } from '../logger';
+export type ConsentPreferences = {
+    consent_preferences: {
+        accepted: string[];
+        rejected: string[];
+    };
+};
+export type TokenUser = {
+    id: number;
+    name: string;
+    uuid: string;
+    faculty_status: string;
+    is_admin: boolean;
+};
+export type ApiUser = TokenUser & {
+    first_name: string;
+    last_name: string;
+    full_name: string;
+    contact_infos: Array<{
+        type: string;
+        value: string;
+        is_verified: boolean;
+        is_guessed_preferred: boolean;
+    }>;
+    applications: Array<{
+        id: number;
+        name: string;
+        roles: string[];
+    }>;
+    external_ids: string[];
+    is_not_gdpr_location: boolean;
+    self_reported_role: string;
+    signed_contract_names: string[];
+    using_openstax: boolean;
+} & Partial<ConsentPreferences>;
+export type User = TokenUser | ApiUser;
+export type AuthProvider = {
+    getAuthToken: () => Promise<string | null>;
+    getUser: () => Promise<User | undefined>;
+    /**
+     * gets second argument for `fetch` that has authentication token or cookie
+     */
+    getAuthorizedFetchConfig: () => Promise<FetchConfig>;
+    loadUserData: () => Promise<ApiUser | undefined>;
+};
+export type CookieAuthProviderRequest = {
+    cookies?: string[];
+    headers: HttpHeaders;
+    queryStringParameters?: QueryParams;
+};
+export type CookieAuthProvider<T extends AuthProvider = AuthProvider> = (inputs: {
+    request: CookieAuthProviderRequest;
+    logger: Logger;
+}) => T;
+export type StubAuthProvider = (user: User | undefined) => AuthProvider;
+export declare const stubAuthProvider: (user?: User) => AuthProvider;
+export declare const getAuthTokenOrCookie: (request: CookieAuthProviderRequest, cookieName: string, queryKey?: string) => [string, {
+    Authorization: string;
+}] | [string, {
+    cookie: string;
+}] | [null, {}];

package/dist/cjs/services/authProvider/index.js ADDED Viewed

@@ -0,0 +1,34 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAuthTokenOrCookie = exports.stubAuthProvider = void 0;
+const cookie_1 = __importDefault(require("cookie"));
+const helpers_1 = require("../../misc/helpers");
+const helpers_2 = require("../../routing/helpers");
+const stubAuthProvider = (user) => {
+    const getUser = () => Promise.resolve(user);
+    return {
+        getAuthToken: () => Promise.resolve('authToken'),
+        getUser,
+        getAuthorizedFetchConfig: () => Promise.resolve(user ? { headers: { Authorization: user.uuid } } : {}),
+        // This is not technically correct, but most tests won't care
+        loadUserData: getUser
+    };
+};
+exports.stubAuthProvider = stubAuthProvider;
+const getAuthTokenOrCookie = (request, cookieName, queryKey = 'auth') => {
+    var _a, _b;
+    const authParam = request.queryStringParameters ? request.queryStringParameters[queryKey] : undefined;
+    const authHeader = (0, helpers_2.getHeader)(request.headers, 'authorization');
+    const cookieValue = cookie_1.default.parse((_b = (_a = request.cookies) === null || _a === void 0 ? void 0 : _a.join('; ')) !== null && _b !== void 0 ? _b : '')[cookieName];
+    return typeof authParam === 'string'
+        ? (0, helpers_1.tuple)(authParam, { Authorization: `Bearer ${authParam}` })
+        : authHeader && authHeader.length >= 8 && authHeader.startsWith('Bearer ')
+            ? (0, helpers_1.tuple)(authHeader.slice(7), { Authorization: authHeader })
+            : cookieValue
+                ? (0, helpers_1.tuple)(cookieValue, { cookie: cookie_1.default.serialize(cookieName, cookieValue) })
+                : (0, helpers_1.tuple)(null, {});
+};
+exports.getAuthTokenOrCookie = getAuthTokenOrCookie;

package/dist/cjs/services/authProvider/subrequest.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { ConfigProviderForConfig } from '../../config';
+import { GenericFetch } from '../../fetch';
+import { CookieAuthProvider } from '.';
+type Config = {
+    accountsBase: string;
+    cookieName: string;
+};
+interface Initializer<C> {
+    configSpace?: C;
+    fetch: GenericFetch;
+}
+export declare const subrequestAuthProvider: <C extends string = "subrequest">(initializer: Initializer<C>) => (configProvider: { [_key in C]: ConfigProviderForConfig<Config>; }) => CookieAuthProvider;
+export {};

package/dist/cjs/services/authProvider/subrequest.js ADDED Viewed

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.subrequestAuthProvider = void 0;
+const __1 = require("../..");
+const config_1 = require("../../config");
+const guards_1 = require("../../guards");
+const userSubrequest_1 = require("./utils/userSubrequest");
+const _1 = require(".");
+const subrequestAuthProvider = (initializer) => (configProvider) => {
+    const config = configProvider[(0, guards_1.ifDefined)(initializer.configSpace, 'subrequest')];
+    const cookieName = (0, __1.once)(() => (0, config_1.resolveConfigValue)(config.cookieName));
+    const accountsBase = (0, __1.once)(() => (0, config_1.resolveConfigValue)(config.accountsBase));
+    return ({ request, logger }) => {
+        let user;
+        const getAuthToken = async () => (0, _1.getAuthTokenOrCookie)(request, await cookieName())[0];
+        const getAuthorizedFetchConfig = async () => {
+            const [token, headers] = (0, _1.getAuthTokenOrCookie)(request, await cookieName());
+            if (!token) {
+                return {};
+            }
+            return { headers };
+        };
+        const loadUser = async () => {
+            const resolvedCookieName = await cookieName();
+            const [token] = (0, _1.getAuthTokenOrCookie)(request, resolvedCookieName);
+            if (!token) {
+                return undefined;
+            }
+            const user = await (0, userSubrequest_1.loadUserData)(initializer.fetch, await accountsBase(), resolvedCookieName, token);
+            if (user) {
+                logger.setContext({ user: user.uuid });
+            }
+            return user;
+        };
+        const getUser = async () => {
+            if (!user) {
+                user = await loadUser();
+            }
+            return user;
+        };
+        return {
+            getAuthToken,
+            getAuthorizedFetchConfig,
+            getUser,
+            loadUserData: getUser
+        };
+    };
+};
+exports.subrequestAuthProvider = subrequestAuthProvider;

package/dist/cjs/services/authProvider/utils/decryptAndVerify.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import type { User } from '..';
+export declare const decryptJwe: (jwe: string, encryptionPrivateKey: Buffer | string) => string | undefined;
+type MaybeAccountsSSOToken = {
+    iss?: string;
+    sub?: User | string;
+    aud?: string;
+    exp?: number;
+    nbf?: number;
+    iat?: number;
+    jti?: string;
+};
+export declare const verifyJws: (jws: string, signaturePublicKey: Buffer | string) => MaybeAccountsSSOToken | undefined;
+/**
+ * Decrypts and verifies a SSO cookie.
+ *
+ * @param token the encrypted token
+ * @param encryptionPrivateKey the private key used to encrypt the token
+ * @param signaturePublicKey the public key used to verify the decrypted token
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
+ */
+export declare const decryptAndVerify: (token: string, encryptionPrivateKey: string, signaturePublicKey: string) => {
+    user: User;
+    exp: number;
+} | {
+    error: string;
+    exp?: number;
+};
+export {};

package/dist/cjs/services/authProvider/utils/decryptAndVerify.js ADDED Viewed

@@ -0,0 +1,91 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decryptAndVerify = exports.verifyJws = exports.decryptJwe = void 0;
+const crypto_1 = require("crypto");
+const guards_1 = require("../../../guards");
+const decryptJwe = (jwe, encryptionPrivateKey) => {
+    const jweParts = jwe.split('.', 6);
+    if (jweParts.length !== 5 || jweParts[1]) {
+        return undefined;
+    } // Invalid/unsupported JWE
+    const header = JSON.parse(Buffer.from(jweParts[0], 'base64url').toString());
+    if (header.alg !== 'dir' || header.enc !== 'A256GCM') {
+        // Unsupported signature/encryption algorithm
+        return undefined;
+    }
+    const aad = Buffer.from(jweParts[0]);
+    const iv = Buffer.from(jweParts[2], 'base64url');
+    const cipherText = Buffer.from(jweParts[3], 'base64url');
+    const authTag = Buffer.from(jweParts[4], 'base64url');
+    // Verify token signature and decrypt
+    const decipher = (0, crypto_1.createDecipheriv)('aes-256-gcm', encryptionPrivateKey, iv, { authTagLength: 16 });
+    decipher.setAAD(aad, { plaintextLength: cipherText.length });
+    try {
+        decipher.setAuthTag(authTag);
+        return `${decipher.update(cipherText)}${decipher.final()}`;
+    }
+    catch (error) {
+        // Invalid cipherText or authTag
+        return undefined;
+    }
+};
+exports.decryptJwe = decryptJwe;
+const issuer = 'OpenStax Accounts';
+const audience = 'OpenStax';
+const clockTolerance = 300; // 5 minutes
+const verifyJws = (jws, signaturePublicKey) => {
+    const jwsParts = jws.split('.', 4);
+    if (jwsParts.length !== 3) {
+        return undefined;
+    } // Invalid JWS
+    const header = JSON.parse(Buffer.from(jwsParts[0], 'base64url').toString());
+    if (header.alg !== 'RS256' || header.typ !== 'JWT') {
+        return undefined;
+    } // Unsupported JWS
+    const signedContent = Buffer.from(`${jwsParts[0]}.${jwsParts[1]}`);
+    const signature = Buffer.from(jwsParts[2], 'base64url');
+    if (!(0, crypto_1.verify)('RSA-SHA256', signedContent, signaturePublicKey, signature)) {
+        return undefined;
+    }
+    const payload = Buffer.from(jwsParts[1], 'base64url').toString();
+    try {
+        return JSON.parse(payload);
+    }
+    catch (error) {
+        return undefined;
+    }
+};
+exports.verifyJws = verifyJws;
+/**
+ * Decrypts and verifies a SSO cookie.
+ *
+ * @param token the encrypted token
+ * @param encryptionPrivateKey the private key used to encrypt the token
+ * @param signaturePublicKey the public key used to verify the decrypted token
+ * @returns {user: User; exp: number} (success) or {error: string} (failure)
+ */
+const decryptAndVerify = (token, encryptionPrivateKey, signaturePublicKey) => {
+    const timestamp = Math.floor(Date.now() / 1000);
+    const jws = (0, exports.decryptJwe)(token, encryptionPrivateKey);
+    if (!jws) {
+        return { error: 'invalid token' };
+    }
+    const payload = (0, exports.verifyJws)(jws, signaturePublicKey);
+    // Ensure payload contains all the claims we expect
+    // Normally "sub" would be a string but Accounts uses an object for it instead
+    if (!(0, guards_1.isPlainObject)(payload) ||
+        !(0, guards_1.isPlainObject)(payload.sub) || !payload.sub.uuid ||
+        payload.iss !== issuer ||
+        payload.aud !== audience ||
+        !payload.exp ||
+        !payload.nbf || payload.nbf > timestamp + clockTolerance ||
+        !payload.iat || payload.iat > timestamp + clockTolerance ||
+        !payload.jti) {
+        return { error: 'invalid token' };
+    }
+    if (payload.exp < timestamp - clockTolerance) {
+        return { error: 'expired token', exp: payload.exp };
+    }
+    return { user: payload.sub, exp: payload.exp };
+};
+exports.decryptAndVerify = decryptAndVerify;

package/dist/cjs/services/authProvider/utils/embeddedAuthProvider.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import { User } from '..';
+import { Window } from '../browser';
+export type UserData<T = User> = {
+    user?: T;
+    token: string | null;
+};
+type UserDataLoader = () => Promise<UserData>;
+export declare enum PostMessageTypes {
+    ReceiveUser = "receive-user",
+    RequestUser = "request-user"
+}
+export declare const embeddedAuthProvider: (getUserData: UserDataLoader, { authQuery, window }: {
+    authQuery?: {
+        key: string;
+        value: string | null;
+    };
+    window: Window;
+}) => {
+    embeddedQueryKey: string;
+    embeddedQueryValue: string;
+    getAuthorizedEmbedUrl: (urlString: string, extraParams?: {
+        [key: string]: string;
+    }) => string;
+    unmount: () => void;
+};
+export {};

package/dist/cjs/services/authProvider/utils/embeddedAuthProvider.js ADDED Viewed

@@ -0,0 +1,47 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.embeddedAuthProvider = exports.PostMessageTypes = void 0;
+const query_string_1 = __importDefault(require("query-string"));
+var PostMessageTypes;
+(function (PostMessageTypes) {
+    PostMessageTypes["ReceiveUser"] = "receive-user";
+    PostMessageTypes["RequestUser"] = "request-user";
+})(PostMessageTypes || (exports.PostMessageTypes = PostMessageTypes = {}));
+const embeddedAuthProvider = (getUserData, { authQuery, window }) => {
+    const trustedEmbeds = new Set();
+    const embeddedQueryKey = 'embedded';
+    const embeddedQueryValue = 'true';
+    const messageHandler = event => {
+        if (event.data.type === PostMessageTypes.RequestUser && trustedEmbeds.has(event.origin)) {
+            getUserData().then(data => {
+                event.source.postMessage({ type: PostMessageTypes.ReceiveUser, userData: data }, event.origin);
+            });
+        }
+    };
+    window.addEventListener('message', messageHandler);
+    const getAuthorizedEmbedUrl = (urlString, extraParams) => {
+        const url = new URL(urlString);
+        trustedEmbeds.add(url.origin);
+        const params = query_string_1.default.parse(url.search);
+        url.search = query_string_1.default.stringify({
+            ...params,
+            ...extraParams,
+            ...(authQuery && authQuery.value ? { [authQuery.key]: authQuery.value } : { auth: 'embedded' }),
+            [embeddedQueryKey]: embeddedQueryValue,
+            subcontent: 'true',
+        });
+        return url.href;
+    };
+    return {
+        embeddedQueryKey,
+        embeddedQueryValue,
+        getAuthorizedEmbedUrl,
+        unmount: () => {
+            window.removeEventListener('message', messageHandler);
+        }
+    };
+};
+exports.embeddedAuthProvider = embeddedAuthProvider;

package/dist/cjs/services/authProvider/utils/userRoleValidator.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { AuthProvider } from '..';
+import { AssertionFailed } from '../../../assertions';
+import { ConfigProviderForConfig } from '../../../config';
+type Config = {
+    application: string;
+};
+export declare const createUserRoleValidator: (auth: AuthProvider, config: ConfigProviderForConfig<Config>) => {
+    getUserRoles: () => Promise<string[]>;
+    userHasRole: (role: string[]) => Promise<boolean>;
+    assertUserRole: (role: string[], fail?: AssertionFailed) => Promise<void>;
+};
+export type UserRoleValidator = ReturnType<typeof createUserRoleValidator>;
+export {};

package/dist/cjs/services/authProvider/utils/userRoleValidator.js ADDED Viewed

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createUserRoleValidator = void 0;
+const assertions_1 = require("../../../assertions");
+const resolveConfigValue_1 = require("../../../config/resolveConfigValue");
+const errors_1 = require("../../../errors");
+const helpers_1 = require("../../../misc/helpers");
+const createUserRoleValidator = (auth, config) => {
+    const application = (0, helpers_1.once)(() => (0, resolveConfigValue_1.resolveConfigValue)(config.application));
+    const getUserRoles = async () => {
+        var _a;
+        const user = await auth.getUser();
+        const appName = await application();
+        if (!user || !('applications' in user)) {
+            return [];
+        }
+        return ((_a = user.applications.find(a => a.name === appName)) === null || _a === void 0 ? void 0 : _a.roles) || [];
+    };
+    const userHasRole = async (role) => {
+        const roles = await getUserRoles();
+        if (!roles.some(r => role.includes(r))) {
+            return false;
+        }
+        return true;
+    };
+    const assertUserRole = async (role, fail = new errors_1.UnauthorizedError()) => {
+        if (!await userHasRole(role)) {
+            return (0, assertions_1.doThrow)(fail);
+        }
+    };
+    return {
+        getUserRoles,
+        userHasRole,
+        assertUserRole
+    };
+};
+exports.createUserRoleValidator = createUserRoleValidator;

package/dist/cjs/services/authProvider/utils/userSubrequest.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { ApiUser } from '..';
+import { GenericFetch } from '../../../fetch';
+export declare const loadUserData: (fetch: GenericFetch, accountsBase: string, cookieName: string, token: string) => Promise<ApiUser | undefined>;

package/dist/cjs/services/authProvider/utils/userSubrequest.js ADDED Viewed

@@ -0,0 +1,13 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadUserData = void 0;
+const cookie_1 = __importDefault(require("cookie"));
+const loadUserData = (fetch, accountsBase, cookieName, token) => {
+    const headers = { cookie: cookie_1.default.serialize(cookieName, token) };
+    return fetch(accountsBase.replace(/\/+$/, '') + '/api/user', { headers })
+        .then(response => response.json());
+};
+exports.loadUserData = loadUserData;

package/dist/cjs/services/documentStore/dynamoEncoding.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { AttributeValue } from '@aws-sdk/client-dynamodb';
+import { DocumentBaseType, DocumentBaseValueTypes } from '.';
+export declare const encodeDynamoAttribute: (value: DocumentBaseValueTypes) => AttributeValue;
+export declare const encodeDynamoDocument: (base: DocumentBaseType) => {
+    [k: string]: AttributeValue;
+};
+export declare const decodeDynamoAttribute: (value: AttributeValue) => DocumentBaseValueTypes;
+export declare const decodeDynamoDocument: <T extends DocumentBaseType>(document: {
+    [key: string]: AttributeValue;
+}) => T;

package/dist/cjs/services/documentStore/dynamoEncoding.js ADDED Viewed

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeDynamoDocument = exports.decodeDynamoAttribute = exports.encodeDynamoDocument = exports.encodeDynamoAttribute = void 0;
+const guards_1 = require("../../guards");
+const encodeDynamoAttribute = (value) => {
+    if (typeof value === 'string') {
+        return { S: value };
+    }
+    if (typeof value === 'number') {
+        return { N: value.toString() };
+    }
+    if (typeof value === 'boolean') {
+        return { BOOL: value };
+    }
+    if (value === null) {
+        return { NULL: true };
+    }
+    if (value instanceof Array) {
+        return { L: value.map(exports.encodeDynamoAttribute) };
+    }
+    if ((0, guards_1.isPlainObject)(value)) {
+        return { M: (0, exports.encodeDynamoDocument)(value) };
+    }
+    throw new Error(`unknown attribute type ${typeof value} with value ${value}.`);
+};
+exports.encodeDynamoAttribute = encodeDynamoAttribute;
+const encodeDynamoDocument = (base) => Object.fromEntries(Object.entries(base).map(([key, value]) => ([key, (0, exports.encodeDynamoAttribute)(value)])));
+exports.encodeDynamoDocument = encodeDynamoDocument;
+const decodeDynamoAttribute = (value) => {
+    if (value.S !== undefined) {
+        return value.S;
+    }
+    if (value.N !== undefined) {
+        return parseFloat(value.N);
+    }
+    if (value.BOOL !== undefined) {
+        return value.BOOL;
+    }
+    if (value.NULL !== undefined) {
+        return null;
+    }
+    if (value.L !== undefined) {
+        return value.L.map(exports.decodeDynamoAttribute);
+    }
+    if (value.M !== undefined) {
+        return (0, exports.decodeDynamoDocument)(value.M);
+    }
+    throw new Error(`unknown attribute type: ${JSON.stringify(value)}.`);
+};
+exports.decodeDynamoAttribute = decodeDynamoAttribute;
+const decodeDynamoDocument = (document) => Object.fromEntries(Object.entries(document).map(([key, value]) => ([key, (0, exports.decodeDynamoAttribute)(value)])));
+exports.decodeDynamoDocument = decodeDynamoDocument;

package/dist/cjs/services/documentStore/fileSystemAssert.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare const assertNoUndefined: (obj: any, path?: string[]) => void;

package/dist/cjs/services/documentStore/fileSystemAssert.js ADDED Viewed

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.assertNoUndefined = void 0;
+const assertNoUndefined = (obj, path = []) => {
+    if (obj === undefined) {
+        throw new Error(`unknown attribute type ${typeof obj} with value ${obj} at ${path.join('.') || 'root'}.`);
+    }
+    if (obj && typeof obj === 'object') {
+        for (const [key, value] of Object.entries(obj)) {
+            (0, exports.assertNoUndefined)(value, [...path, key]);
+        }
+    }
+};
+exports.assertNoUndefined = assertNoUndefined;

package/{packages/utils/src/services/documentStore/index.ts → dist/cjs/services/documentStore/index.d.ts} RENAMED Viewed

@@ -1,14 +1,14 @@
 export type Config = {
-  tableName: string;
+    tableName: string;
+};
+export type DocumentBaseMapType = {
+    [key: string]: DocumentBaseValueTypes;
 };
-export type DocumentBaseMapType = {[key: string]: DocumentBaseValueTypes};
 export type DocumentBaseListType = DocumentBaseValueTypes[];
 export type DocumentBaseValueTypes = number | boolean | string | null | DocumentBaseMapType | DocumentBaseListType;
-export type DocumentBaseType = {[key: string]: DocumentBaseValueTypes};
+export type DocumentBaseType = {
+    [key: string]: DocumentBaseValueTypes;
+};
 export type TDocument<T> = {
-  [_key in keyof T]: DocumentBaseValueTypes;
+    [_key in keyof T]: DocumentBaseValueTypes;
 };

package/dist/cjs/services/documentStore/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/services/documentStore/unversioned/dynamodb.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import { DynamoDB } from '@aws-sdk/client-dynamodb';
+import { Config, TDocument } from '..';
+import { ConfigProviderForConfig } from '../../../config';
+interface Initializer<C> {
+    configSpace?: C;
+    dynamoClient?: DynamoDB;
+}
+export declare const dynamoUnversionedDocumentStore: <C extends string = "dynamodb">(initializer?: Initializer<C>) => <T extends TDocument<T>>() => (configProvider: { [_key in C]: ConfigProviderForConfig<Config>; }) => <K extends keyof T>(_: {}, hashKey: K, options?: {
+    afterWrite?: (item: T) => void | Promise<void>;
+    batchAfterWrite?: (items: T[]) => void | Promise<void>;
+}) => {
+    loadAllDocumentsTheBadWay: () => Promise<T[]>;
+    getItemsByField: (key: keyof T, value: T[K], pageKey?: string) => Promise<{
+        items: T[];
+        nextPageToken: string | undefined;
+    }>;
+    batchGetItem: (ids: T[K][]) => Promise<T[]>;
+    getItem: (id: T[K]) => Promise<T | undefined>;
+    incrementItemAttribute: (id: T[K], attribute: keyof T) => Promise<number>;
+    patchItem: (item: Partial<T>) => Promise<T>;
+    putItem: (item: T) => Promise<T>;
+    createItem: (item: T) => Promise<T>;
+    batchCreateItem: (items: T[], concurrency?: number) => Promise<{
+        successful: T[];
+        failed: Array<{
+            item: T;
+            error: Error;
+        }>;
+    }>;
+};
+export {};