npm - @optimizely-opal/opal-tool-ocp-sdk - Versions diffs - 0.0.0-beta.7 → 0.0.0-beta.9 - Mend

@optimizely-opal/opal-tool-ocp-sdk 0.0.0-beta.7 → 0.0.0-beta.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/README.md +9 -43
package/dist/auth/TokenVerifier.d.ts +31 -0
package/dist/auth/TokenVerifier.d.ts.map +1 -0
package/dist/auth/TokenVerifier.js +127 -0
package/dist/auth/TokenVerifier.js.map +1 -0
package/dist/auth/TokenVerifier.test.d.ts +2 -0
package/dist/auth/TokenVerifier.test.d.ts.map +1 -0
package/dist/auth/TokenVerifier.test.js +114 -0
package/dist/auth/TokenVerifier.test.js.map +1 -0
package/dist/function/ToolFunction.d.ts +4 -7
package/dist/function/ToolFunction.d.ts.map +1 -1
package/dist/function/ToolFunction.js +38 -10
package/dist/function/ToolFunction.js.map +1 -1
package/dist/function/ToolFunction.test.js +177 -196
package/dist/function/ToolFunction.test.js.map +1 -1
package/dist/index.d.ts +1 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1 -0
package/dist/index.js.map +1 -1
package/dist/service/Service.d.ts +7 -7
package/dist/service/Service.d.ts.map +1 -1
package/dist/service/Service.js +22 -16
package/dist/service/Service.js.map +1 -1
package/dist/service/Service.test.js +8 -3
package/dist/service/Service.test.js.map +1 -1
package/dist/types/Models.d.ts +5 -5
package/dist/types/Models.d.ts.map +1 -1
package/dist/types/Models.js +9 -9
package/dist/types/Models.js.map +1 -1
package/package.json +5 -3
package/src/auth/TokenVerifier.test.ts +152 -0
package/src/auth/TokenVerifier.ts +145 -0
package/src/function/ToolFunction.test.ts +194 -214
package/src/function/ToolFunction.ts +45 -11
package/src/index.ts +1 -0
package/src/service/Service.test.ts +8 -3
package/src/service/Service.ts +22 -17
package/src/types/Models.ts +4 -4

package/src/service/Service.ts CHANGED Viewed

@@ -4,6 +4,11 @@ import * as App from '@zaiusinc/app-sdk';
 import { logger } from '@zaiusinc/app-sdk';
 import { ToolFunction } from '../function/ToolFunction';
+/**
+ * Default OptiID authentication requirement that will be enforced for all tools
+ */
+const DEFAULT_OPTIID_AUTH = new AuthRequirement('OptiID', 'default', true);
 /**
@@ -43,7 +48,7 @@ export class Tool<TAuthData> {
    * @param parameters Function parameters
    * @param endpoint API endpoint
    * @param handler Function implementing the tool
-   * @param authRequirements Authentication requirements (optional)
+   * @param authRequirements Authentication requirements (mandatory - OptiID enforced)
    */
   public constructor(
     public name: string,
@@ -51,7 +56,7 @@ export class Tool<TAuthData> {
     public parameters: Parameter[],
     public endpoint: string,
     public handler: (functionContext: ToolFunction, params: unknown, authData?: TAuthData) => Promise<unknown>,
-    public authRequirements?: AuthRequirement[]
+    public authRequirements: AuthRequirement[] = [DEFAULT_OPTIID_AUTH]
   ) {}
   /**
@@ -63,13 +68,10 @@ export class Tool<TAuthData> {
       description: this.description,
       parameters: this.parameters.map((p) => p.toJSON()),
       endpoint: this.endpoint,
-      http_method: this.httpMethod
+      http_method: this.httpMethod,
+      auth_requirements: this.authRequirements.map((auth) => auth.toJSON())
     };
-    if (this.authRequirements && this.authRequirements.length > 0) {
-      result.auth_requirements = this.authRequirements.map((auth) => auth.toJSON());
-    }
     return result;
   }
 }
@@ -79,18 +81,19 @@ export class ToolsService {
   private interactions: Map<string, Interaction<any>> = new Map();
   /**
-   * Extract Bearer token from Authorization header
-   * @param headers Request headers (Map-like object or Headers object with get method)
-   * @returns Bearer token string or undefined
+   * Enforce OptiID authentication for tools by ensuring OptiID auth requirement is present
+   * @param authRequirements Original authentication requirements
+   * @returns Enforced authentication requirements with OptiID
    */
-  public extractBearerToken(headers: App.Headers): string | undefined {
-    let bearerToken: string | undefined;
+  private enforceOptiIdAuth(authRequirements?: AuthRequirement[]): AuthRequirement[] {
+    const hasOptiIdProvider = authRequirements
+      && authRequirements.some((auth) => auth.provider.toLowerCase() === 'optiid');
-    const authHeader = headers ? headers.get('authorization') : undefined;
-    if (authHeader && authHeader.startsWith('Bearer ')) {
-      bearerToken = authHeader.substring(7).trim();
+    if (hasOptiIdProvider) {
+      return authRequirements;
     }
-    return bearerToken;
+    return [...(authRequirements || []), DEFAULT_OPTIID_AUTH];
   }
   /**
@@ -110,7 +113,9 @@ export class ToolsService {
     endpoint: string,
     authRequirements?: AuthRequirement[]
   ): void {
-    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, authRequirements);
+    // Enforce OptiID authentication for all tools
+    const enforcedAuthRequirements = this.enforceOptiIdAuth(authRequirements);
+    const func = new Tool<TAuthData>(name, description, parameters, endpoint, handler, enforcedAuthRequirements);
     this.functions.set(endpoint, func);
   }

package/src/types/Models.ts CHANGED Viewed

@@ -48,10 +48,10 @@ export class Parameter {
 export class OptiIdAuthDataCredentials {
   public constructor(
-    public customerId: string,
-    public instanceId: string,
-    public accessToken: string,
-    public productSku: string
+    public customer_id: string,
+    public instance_id: string,
+    public access_token: string,
+    public product_sku: string
   ) {}
 }