@or-sdk/api-tokens-lambda 1.0.1-beta.4010.0 → 1.0.1-beta.4019.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/ApiTokensLambda.js +26 -0
- package/dist/cjs/ApiTokensLambda.js.map +1 -1
- package/dist/esm/ApiTokensLambda.js +16 -0
- package/dist/esm/ApiTokensLambda.js.map +1 -1
- package/dist/types/ApiTokensLambda.d.ts +3 -1
- package/dist/types/ApiTokensLambda.d.ts.map +1 -1
- package/dist/types/types.d.ts +12 -8
- package/dist/types/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/ApiTokensLambda.ts +32 -0
- package/src/types.ts +14 -6
|
@@ -149,6 +149,32 @@ var ApiTokensLambda = (function () {
|
|
|
149
149
|
});
|
|
150
150
|
});
|
|
151
151
|
};
|
|
152
|
+
ApiTokensLambda.prototype.revoke = function (data) {
|
|
153
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
154
|
+
return __generator(this, function (_a) {
|
|
155
|
+
switch (_a.label) {
|
|
156
|
+
case 0: return [4, this.invoke({
|
|
157
|
+
action: 'revoke-token',
|
|
158
|
+
payload: data,
|
|
159
|
+
})];
|
|
160
|
+
case 1: return [2, _a.sent()];
|
|
161
|
+
}
|
|
162
|
+
});
|
|
163
|
+
});
|
|
164
|
+
};
|
|
165
|
+
ApiTokensLambda.prototype.rotate = function (data) {
|
|
166
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
167
|
+
return __generator(this, function (_a) {
|
|
168
|
+
switch (_a.label) {
|
|
169
|
+
case 0: return [4, this.invoke({
|
|
170
|
+
action: 'rotate-token',
|
|
171
|
+
payload: data,
|
|
172
|
+
})];
|
|
173
|
+
case 1: return [2, _a.sent()];
|
|
174
|
+
}
|
|
175
|
+
});
|
|
176
|
+
});
|
|
177
|
+
};
|
|
152
178
|
ApiTokensLambda.prototype.validate = function (token) {
|
|
153
179
|
return __awaiter(this, void 0, void 0, function () {
|
|
154
180
|
return __generator(this, function (_a) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ApiTokensLambda.js","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAAgD;
|
|
1
|
+
{"version":3,"file":"ApiTokensLambda.js","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAAgD;AAyBhD;IAaE,yBAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,sBAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACxC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,uBAAuB;SAClC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;IAC1C,CAAC;IAEa,gCAAM,GAApB,UAAqB,KAAkB;;;;;4BACpB,WAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;4BACxC,YAAY,EAAE,IAAI,CAAC,YAAY;4BAC/B,OAAO,EAAE,MAAM,CAAC,IAAI,CAClB,IAAI,CAAC,SAAS,CAAC;gCACb,MAAM,EAAE,KAAK,CAAC,MAAM;gCACpB,OAAO,EAAE,KAAK,CAAC,OAAO;6BACvB,CAAC,CACH;4BACD,cAAc,EAAE,iBAAiB;yBAClC,CAAC,EAAA;;wBATI,QAAQ,GAAG,SASf;wBAEI,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,KAAI,EAAE,CAAC,CAAC;wBAC3C,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;wBAE1C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;4BACvE,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;wBAChC,CAAC;wBAED,WAAO,MAAM,EAAC;;;;KACf;IAcK,gCAAM,GAAZ,UAAa,IAA2B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,cAAc;4BACtB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IASK,iCAAO,GAAb,UAAc,IAA0B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,iBAAiB;4BACzB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAUK,kCAAQ,GAAd,UAAe,IAA0B;;;;4BAChC,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,kBAAkB;4BAC1B,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAUK,oCAAU,GAAhB,UAAiB,IAA4B;;;;4BACpC,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,oBAAoB;4BAC5B,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAeK,gCAAM,GAAZ,UAAa,IAA2B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,cAAc;4BACtB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAUK,gCAAM,GAAZ,UAAa,IAA2B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,cAAc;4BACtB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAUK,gCAAM,GAAZ,UAAa,IAA2B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,cAAc;4BACtB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAUK,gCAAM,GAAZ,UAAa,IAA2B;;;;4BAC/B,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,cAAc;4BACtB,OAAO,EAAE,IAAI;yBACd,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IAOK,kCAAQ,GAAd,UAAe,KAAa;;;;4BACnB,WAAM,IAAI,CAAC,MAAM,CAAC;4BACvB,MAAM,EAAE,gBAAgB;4BACxB,OAAO,EAAE,EAAE,KAAK,OAAA,EAAE;yBACnB,CAAC,EAAA;4BAHF,WAAO,SAGL,EAAC;;;;KACJ;IACH,sBAAC;AAAD,CAAC,AAtLD,IAsLC;AAtLY,0CAAe"}
|
|
@@ -82,6 +82,22 @@ export class ApiTokensLambda {
|
|
|
82
82
|
});
|
|
83
83
|
});
|
|
84
84
|
}
|
|
85
|
+
revoke(data) {
|
|
86
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
87
|
+
return yield this.invoke({
|
|
88
|
+
action: 'revoke-token',
|
|
89
|
+
payload: data,
|
|
90
|
+
});
|
|
91
|
+
});
|
|
92
|
+
}
|
|
93
|
+
rotate(data) {
|
|
94
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
95
|
+
return yield this.invoke({
|
|
96
|
+
action: 'rotate-token',
|
|
97
|
+
payload: data,
|
|
98
|
+
});
|
|
99
|
+
});
|
|
100
|
+
}
|
|
85
101
|
validate(token) {
|
|
86
102
|
return __awaiter(this, void 0, void 0, function* () {
|
|
87
103
|
return yield this.invoke({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ApiTokensLambda.js","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"ApiTokensLambda.js","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,wBAAwB,CAAC;AAyBhD,MAAM,OAAO,eAAe;IAa1B,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACxC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,uBAAuB;SAClC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;IAC1C,CAAC;IAEa,MAAM,CAAC,KAAkB;;YACrC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;gBACxC,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,OAAO,EAAE,MAAM,CAAC,IAAI,CAClB,IAAI,CAAC,SAAS,CAAC;oBACb,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,OAAO,EAAE,KAAK,CAAC,OAAO;iBACvB,CAAC,CACH;gBACD,cAAc,EAAE,iBAAiB;aAClC,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,KAAI,EAAE,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;YAE1C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;gBACvE,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAChC,CAAC;YAED,OAAO,MAAM,CAAC;QAChB,CAAC;KAAA;IAcK,MAAM,CAAC,IAA2B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IASK,OAAO,CAAC,IAA0B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,iBAAiB;gBACzB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAUK,QAAQ,CAAC,IAA0B;;YACvC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,kBAAkB;gBAC1B,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAUK,UAAU,CAAC,IAA4B;;YAC3C,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAeK,MAAM,CAAC,IAA2B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAUK,MAAM,CAAC,IAA2B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAUK,MAAM,CAAC,IAA2B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAUK,MAAM,CAAC,IAA2B;;YACtC,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;KAAA;IAOK,QAAQ,CAAC,KAAa;;YAC1B,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC;gBACvB,MAAM,EAAE,gBAAgB;gBACxB,OAAO,EAAE,EAAE,KAAK,EAAE;aACnB,CAAC,CAAC;QACL,CAAC;KAAA;CACF"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { ApiTokenCreatedResult, ApiTokenResult, CreateApiTokenPayload, DeleteApiTokenPayload, FindAllTokensPayload, FindTokenByIdPayload, FindTokenByNamePayload, LambdaConfig, UpdateApiTokenPayload, ValidateTokenResult } from './types';
|
|
1
|
+
import { ApiTokenCreatedResult, ApiTokenResult, CreateApiTokenPayload, DeleteApiTokenPayload, FindAllTokensPayload, FindTokenByIdPayload, FindTokenByNamePayload, LambdaConfig, RevokeApiTokenPayload, RotateApiTokenPayload, UpdateApiTokenPayload, ValidateTokenResult } from './types';
|
|
2
2
|
export declare class ApiTokensLambda {
|
|
3
3
|
private readonly lambda;
|
|
4
4
|
private readonly functionName;
|
|
@@ -12,6 +12,8 @@ export declare class ApiTokensLambda {
|
|
|
12
12
|
delete(data: DeleteApiTokenPayload): Promise<{
|
|
13
13
|
success: boolean;
|
|
14
14
|
}>;
|
|
15
|
+
revoke(data: RevokeApiTokenPayload): Promise<ApiTokenResult>;
|
|
16
|
+
rotate(data: RotateApiTokenPayload): Promise<ApiTokenCreatedResult>;
|
|
15
17
|
validate(token: string): Promise<ValidateTokenResult>;
|
|
16
18
|
}
|
|
17
19
|
//# sourceMappingURL=ApiTokensLambda.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ApiTokensLambda.d.ts","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,qBAAqB,EACrB,cAAc,EACd,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,YAAY,EAEZ,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,SAAS,CAAC;AASjB,qBAAa,eAAe;IAU1B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;gBAE1B,MAAM,EAAE,YAAY;YAQlB,MAAM;IAkCd,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAcnE,OAAO,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAe9D,QAAQ,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,CAAC;IAe7D,UAAU,CAAC,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC,cAAc,CAAC;IAoBjE,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAAC;IAe5D,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"ApiTokensLambda.d.ts","sourceRoot":"","sources":["../../src/ApiTokensLambda.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,qBAAqB,EACrB,cAAc,EACd,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,YAAY,EAEZ,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,SAAS,CAAC;AASjB,qBAAa,eAAe;IAU1B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;gBAE1B,MAAM,EAAE,YAAY;YAQlB,MAAM;IAkCd,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAcnE,OAAO,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAe9D,QAAQ,CAAC,IAAI,EAAE,oBAAoB,GAAG,OAAO,CAAC,cAAc,CAAC;IAe7D,UAAU,CAAC,IAAI,EAAE,sBAAsB,GAAG,OAAO,CAAC,cAAc,CAAC;IAoBjE,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAAC;IAe5D,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAelE,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,cAAc,CAAC;IAe5D,MAAM,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAYnE,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,CAAC;CAM5D"}
|
package/dist/types/types.d.ts
CHANGED
|
@@ -44,6 +44,16 @@ export type DeleteApiTokenPayload = {
|
|
|
44
44
|
accountId: string;
|
|
45
45
|
role: string;
|
|
46
46
|
};
|
|
47
|
+
export type RevokeApiTokenPayload = {
|
|
48
|
+
id: string;
|
|
49
|
+
accountId: string;
|
|
50
|
+
role: string;
|
|
51
|
+
};
|
|
52
|
+
export type RotateApiTokenPayload = {
|
|
53
|
+
id: string;
|
|
54
|
+
accountId: string;
|
|
55
|
+
role: string;
|
|
56
|
+
};
|
|
47
57
|
export type ValidateApiTokenPayload = {
|
|
48
58
|
token: string;
|
|
49
59
|
};
|
|
@@ -54,6 +64,7 @@ export type ApiTokenResult = {
|
|
|
54
64
|
accountId: string;
|
|
55
65
|
createdBy: string | null;
|
|
56
66
|
isActive: boolean;
|
|
67
|
+
isRevoked: boolean;
|
|
57
68
|
expiresAt: string | null;
|
|
58
69
|
metadata: Record<string, unknown> | null;
|
|
59
70
|
createdAt: string;
|
|
@@ -63,13 +74,6 @@ export type ApiTokenResult = {
|
|
|
63
74
|
export type ApiTokenCreatedResult = ApiTokenResult & {
|
|
64
75
|
token: string;
|
|
65
76
|
};
|
|
66
|
-
export type PermissionGroup = {
|
|
67
|
-
serviceName: string;
|
|
68
|
-
permissions: {
|
|
69
|
-
name: string;
|
|
70
|
-
effect: boolean;
|
|
71
|
-
}[];
|
|
72
|
-
};
|
|
73
77
|
export type ValidateTokenResult = {
|
|
74
78
|
allow: boolean;
|
|
75
79
|
reason?: string;
|
|
@@ -78,6 +82,6 @@ export type ValidateTokenResult = {
|
|
|
78
82
|
userId?: string | null;
|
|
79
83
|
role?: string;
|
|
80
84
|
expire?: number | null;
|
|
81
|
-
permissions?:
|
|
85
|
+
permissions?: string[];
|
|
82
86
|
};
|
|
83
87
|
//# sourceMappingURL=types.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,GAAG,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC1C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC1C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,cAAc,GAAG;IACnD,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,YAAY,GAAG;IACzB,OAAO,EAAE,OAAO,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,GAAG,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC1C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,sBAAsB,GAAG;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IAC1C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG;IACpC,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,cAAc,GAAG;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG,cAAc,GAAG;IACnD,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,mBAAmB,GAAG;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB,CAAC"}
|
package/package.json
CHANGED
package/src/ApiTokensLambda.ts
CHANGED
|
@@ -10,6 +10,8 @@ import {
|
|
|
10
10
|
FindTokenByNamePayload,
|
|
11
11
|
LambdaConfig,
|
|
12
12
|
LambdaEvent,
|
|
13
|
+
RevokeApiTokenPayload,
|
|
14
|
+
RotateApiTokenPayload,
|
|
13
15
|
UpdateApiTokenPayload,
|
|
14
16
|
ValidateTokenResult,
|
|
15
17
|
} from './types';
|
|
@@ -162,6 +164,36 @@ export class ApiTokensLambda {
|
|
|
162
164
|
});
|
|
163
165
|
}
|
|
164
166
|
|
|
167
|
+
/**
|
|
168
|
+
* Revokes an API token (soft-disable)
|
|
169
|
+
* @param {RevokeApiTokenPayload} data - Revoke parameters
|
|
170
|
+
* @param {string} data.id - API Token identifier
|
|
171
|
+
* @param {string} data.accountId - Account identifier
|
|
172
|
+
* @param {string} data.role - User role for authorization
|
|
173
|
+
* @returns {Promise<ApiTokenResult>} The revoked token
|
|
174
|
+
*/
|
|
175
|
+
async revoke(data: RevokeApiTokenPayload): Promise<ApiTokenResult> {
|
|
176
|
+
return await this.invoke({
|
|
177
|
+
action: 'revoke-token',
|
|
178
|
+
payload: data,
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
/**
|
|
183
|
+
* Rotates an API token — generates a new token value and invalidates the old one
|
|
184
|
+
* @param {RotateApiTokenPayload} data - Rotate parameters
|
|
185
|
+
* @param {string} data.id - API Token identifier
|
|
186
|
+
* @param {string} data.accountId - Account identifier
|
|
187
|
+
* @param {string} data.role - User role for authorization
|
|
188
|
+
* @returns {Promise<ApiTokenCreatedResult>} The token with the new raw token string
|
|
189
|
+
*/
|
|
190
|
+
async rotate(data: RotateApiTokenPayload): Promise<ApiTokenCreatedResult> {
|
|
191
|
+
return await this.invoke({
|
|
192
|
+
action: 'rotate-token',
|
|
193
|
+
payload: data,
|
|
194
|
+
});
|
|
195
|
+
}
|
|
196
|
+
|
|
165
197
|
/**
|
|
166
198
|
* Validates a raw API token string
|
|
167
199
|
* @param {string} token - Raw API token string to validate
|
package/src/types.ts
CHANGED
|
@@ -52,6 +52,18 @@ export type DeleteApiTokenPayload = {
|
|
|
52
52
|
role: string;
|
|
53
53
|
};
|
|
54
54
|
|
|
55
|
+
export type RevokeApiTokenPayload = {
|
|
56
|
+
id: string;
|
|
57
|
+
accountId: string;
|
|
58
|
+
role: string;
|
|
59
|
+
};
|
|
60
|
+
|
|
61
|
+
export type RotateApiTokenPayload = {
|
|
62
|
+
id: string;
|
|
63
|
+
accountId: string;
|
|
64
|
+
role: string;
|
|
65
|
+
};
|
|
66
|
+
|
|
55
67
|
export type ValidateApiTokenPayload = {
|
|
56
68
|
token: string;
|
|
57
69
|
};
|
|
@@ -63,6 +75,7 @@ export type ApiTokenResult = {
|
|
|
63
75
|
accountId: string;
|
|
64
76
|
createdBy: string | null;
|
|
65
77
|
isActive: boolean;
|
|
78
|
+
isRevoked: boolean;
|
|
66
79
|
expiresAt: string | null;
|
|
67
80
|
metadata: Record<string, unknown> | null;
|
|
68
81
|
createdAt: string;
|
|
@@ -74,11 +87,6 @@ export type ApiTokenCreatedResult = ApiTokenResult & {
|
|
|
74
87
|
token: string;
|
|
75
88
|
};
|
|
76
89
|
|
|
77
|
-
export type PermissionGroup = {
|
|
78
|
-
serviceName: string;
|
|
79
|
-
permissions: { name: string; effect: boolean }[];
|
|
80
|
-
};
|
|
81
|
-
|
|
82
90
|
export type ValidateTokenResult = {
|
|
83
91
|
allow: boolean;
|
|
84
92
|
reason?: string;
|
|
@@ -87,5 +95,5 @@ export type ValidateTokenResult = {
|
|
|
87
95
|
userId?: string | null;
|
|
88
96
|
role?: string;
|
|
89
97
|
expire?: number | null;
|
|
90
|
-
permissions?:
|
|
98
|
+
permissions?: string[];
|
|
91
99
|
};
|