@owox/idp-protocol 0.4.0

package/README.md

@@ -0,0 +1,298 @@
+# @owox/idp-protocol
+
+Identity Provider protocol package for OWOX Data Marts. Provides core types, middleware, and provider implementations for authentication and authorization.
+
+## Features
+
+- 🔧 Core IDP interfaces and types
+- 🔀 Express middleware for authentication routes
+- 🚫 NULL IDP provider for single-user deployments
+- 🛡️ Built-in error handling
+- ⚙️ Configurable routing
+
+## Installation
+
+```bash
+npm install @owox/idp-protocol
+```
+
+## Architecture
+
+```text
+@owox/idp-protocol
+├── types/                    # Core interfaces and models
+│   ├── provider.ts          # IdpProvider interface
+│   ├── models.ts            # Payload, AuthResult, Role types
+│   ├── config.ts            # Configuration types
+│   ├── errors.ts            # Error classes
+│   └── cli.ts               # CLI command interfaces
+├── providers/               # Provider implementations
+│   └── null-provider.ts     # NULL provider for development
+└── middleware/              # Express middleware
+    └── protocol-middleware.ts # Route handling middleware
+```
+
+## Core Types
+
+### IdpProvider Interface
+
+The main provider interface that all IDP implementations must follow:
+
+```typescript
+import { IdpProvider } from '@owox/idp-protocol';
+
+interface IdpProvider {
+  // Middleware handlers
+  signInMiddleware(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+  signOutMiddleware(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+  accessTokenMiddleware(req: Request, res: Response, next: NextFunction): Promise<void | Response>;
+
+  // Token management
+  introspectToken(token: string): Promise<Payload | null>;
+  refreshToken(refreshToken: string): Promise<AuthResult>;
+  revokeToken(token: string): Promise<void>;
+
+  // Lifecycle
+  initialize(): Promise<void>;
+  shutdown(): Promise<void>;
+}
+```
+
+### Domain Models
+
+```typescript
+import { Payload, AuthResult, Role } from '@owox/idp-protocol';
+
+type Role = 'admin' | 'editor' | 'viewer';
+
+interface Payload {
+  userId: string;
+  projectId: string;
+  email?: string;
+  fullName?: string;
+  roles?: Role[];
+  projectTitle?: string;
+}
+
+interface AuthResult {
+  accessToken: string;
+  refreshToken?: string;
+}
+```
+
+### Error Classes
+
+```typescript
+import {
+  IdpError,
+  AuthenticationError,
+  AuthorizationError,
+  TokenExpiredError,
+  InvalidTokenError,
+} from '@owox/idp-protocol';
+```
+
+## Middleware
+
+The protocol middleware handles authentication routes automatically:
+
+```typescript
+import express from 'express';
+import { IdpProtocolMiddleware, NullIdpProvider } from '@owox/idp-protocol';
+
+const app = express();
+const provider = new NullIdpProvider();
+
+// Basic usage with default routes (/auth/sign-in, /auth/sign-out, /auth/access-token)
+const middleware = new IdpProtocolMiddleware(provider);
+middleware.register(app);
+
+// Custom configuration
+const middleware = new IdpProtocolMiddleware(provider, {
+  basePath: '/api/v1/auth',
+  routes: {
+    signIn: '/login',
+    signOut: '/logout',
+    accessToken: '/token',
+  },
+});
+middleware.register(app);
+```
+
+### Middleware Features
+
+- ✅ Configurable base path and route names
+- ✅ Automatic error handling with try-catch
+- ✅ Support for all HTTP methods (GET, POST, etc.)
+- ✅ Route collision detection
+- ✅ Path validation
+- ✅ TypeScript support
+
+## NULL Provider
+
+The included NULL provider is perfect for development and single-user deployments:
+
+```typescript
+import { NullIdpProvider } from '@owox/idp-protocol';
+
+const provider = new NullIdpProvider();
+
+// Default user payload
+const defaultPayload = {
+  userId: '0',
+  email: 'admin@localhost',
+  roles: ['admin'],
+  fullName: 'Admin',
+  projectId: '0',
+};
+```
+
+### NULL Provider Features
+
+- ✅ Implements all IdpProvider methods
+- 🔄 Returns consistent default user payload
+- 🚫 No actual authentication (always succeeds)
+- ⚡ Zero configuration required
+- 🛠️ Perfect for testing and development
+
+## Usage Examples
+
+### Basic Setup
+
+```typescript
+import express from 'express';
+import { IdpProtocolMiddleware, NullIdpProvider } from '@owox/idp-protocol';
+
+const app = express();
+const provider = new NullIdpProvider();
+
+// Initialize provider
+await provider.initialize();
+
+// Setup middleware
+const middleware = new IdpProtocolMiddleware(provider);
+middleware.register(app);
+
+// Server will handle:
+// POST /auth/sign-in
+// POST /auth/sign-out
+// POST /auth/access-token
+
+app.listen(3000);
+```
+
+### Custom Provider Implementation
+
+```typescript
+import { IdpProvider, Payload, AuthResult } from '@owox/idp-protocol';
+import { Request, Response, NextFunction } from 'express';
+
+class CustomIdpProvider implements IdpProvider {
+  async signInMiddleware(req: Request, res: Response, next: NextFunction): Promise<Response> {
+    // Handle OAuth redirect, validate credentials, etc.
+    return res.json({ success: true, redirectUrl: '/dashboard' });
+  }
+
+  async signOutMiddleware(req: Request, res: Response, next: NextFunction): Promise<Response> {
+    // Clear session, revoke tokens
+    return res.json({ success: true });
+  }
+
+  async accessTokenMiddleware(req: Request, res: Response, next: NextFunction): Promise<Response> {
+    // Return user info or token
+    const payload = await this.introspectToken(req.headers.authorization);
+    return res.json(payload);
+  }
+
+  async introspectToken(token: string): Promise<Payload | null> {
+    // Validate JWT or call external IDP
+    return {
+      userId: 'user123',
+      projectId: 'proj456',
+      email: 'user@company.com',
+      roles: ['editor'],
+    };
+  }
+
+  async refreshToken(refreshToken: string): Promise<AuthResult> {
+    // Exchange refresh token for new access token
+    return { accessToken: 'new-jwt-token' };
+  }
+
+  async revokeToken(token: string): Promise<void> {
+    // Invalidate token
+  }
+
+  async initialize(): Promise<void> {
+    // Setup external connections, validate config
+  }
+
+  async shutdown(): Promise<void> {
+    // Cleanup resources
+  }
+}
+```
+
+### Advanced Middleware Configuration
+
+```typescript
+import { IdpProtocolMiddleware, ProtocolRoute } from '@owox/idp-protocol';
+
+const middleware = new IdpProtocolMiddleware(provider, {
+  basePath: '/api/v1/auth',
+  routes: {
+    signIn: ProtocolRoute.SIGN_IN, // '/sign-in'
+    signOut: ProtocolRoute.SIGN_OUT, // '/sign-out'
+    accessToken: '/me', // Custom route
+  },
+});
+
+// Results in:
+// ALL /api/v1/auth/sign-in
+// ALL /api/v1/auth/sign-out
+// ALL /api/v1/auth/me
+```
+
+## Error Handling
+
+Use provided error classes for consistent error handling:
+
+```typescript
+import { AuthenticationError, InvalidTokenError } from '@owox/idp-protocol';
+
+class MyProvider implements IdpProvider {
+  async introspectToken(token: string): Promise<Payload | null> {
+    if (!token) {
+      throw new InvalidTokenError('Token is required');
+    }
+
+    try {
+      // Validate token
+      return payload;
+    } catch (error) {
+      throw new AuthenticationError('Token validation failed');
+    }
+  }
+}
+```
+
+## Development
+
+```bash
+# Install dependencies
+npm install
+
+# Build
+npm run build
+
+# Type checking
+npm run typecheck
+
+# Linting
+npm run lint
+npm run lint:fix
+
+# Formatting
+npm run format
+npm run format:check
+```

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+export * from './types/index.js';
+export * from './providers/index.js';
+export * from './middleware/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,cAAc,kBAAkB,CAAC;AAGjC,cAAc,sBAAsB,CAAC;AAGrC,cAAc,uBAAuB,CAAC"}

package/dist/index.js

@@ -0,0 +1,6 @@
+// Core types and interfaces
+export * from './types/index.js';
+// Provider implementations (only NULL provider)
+export * from './providers/index.js';
+// Middleware
+export * from './middleware/index.js';

package/dist/middleware/index.d.ts

@@ -0,0 +1,2 @@
+export * from './protocol-middleware.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/middleware/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/middleware/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC"}

package/dist/middleware/index.js

@@ -0,0 +1 @@
+export * from './protocol-middleware.js';

package/dist/middleware/protocol-middleware.d.ts

@@ -0,0 +1,99 @@
+import { IdpProvider } from '../types/provider.js';
+import { Express } from 'express';
+/**
+ * The routes that are supported by the protocol middleware.
+ */
+export declare enum ProtocolRoute {
+    SIGN_IN = "/sign-in",
+    SIGN_OUT = "/sign-out",
+    ACCESS_TOKEN = "/access-token",
+    USER = "/api/user"
+}
+/**
+ * The options for the protocol middleware.
+ * @property basePath - The base path for the protoc    ol middleware.
+ * @property routes - The routes that are supported by the protocol middleware.
+ * @example
+ * {
+ *   basePath: '/',
+ *   routes: {
+ *     signIn: '/signin', // override the default sign in route
+ *     signOut: '/signout', // override the default sign out route
+ *     accessToken: '/accesstoken', // override the default access token route
+ *     user: '/api/userinfo', // override the default user route
+ *   },
+ * }
+ */
+export interface IdpProtocolMiddlewareOptions {
+    basePath?: string;
+    routes?: {
+        signIn?: string;
+        signOut?: string;
+        accessToken?: string;
+        user?: string;
+    };
+}
+/**
+ * The protocol middleware for the IDP.
+ * @param provider - The provider to use for the middleware.
+ * @param options - The options for the middleware.
+ * @example // Register the middleware with the default routes
+ * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider);
+ * idpProtocolMiddleware.register(app);
+ *
+ * @example // Override the default routes
+ * const app = express();
+ * const middlewareOptions: IdpProtocolMiddlewareOptions = {
+ *   basePath: '/',
+ *   routes: {
+ *     signIn: '/signin',
+ *     signOut: '/signout',
+ *     accessToken: '/accesstoken',
+ *     user: '/api/userinfo',
+ *   }
+ * };
+ * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider, middlewareOptions);
+ * idpProtocolMiddleware.register(app);
+ */
+export declare class IdpProtocolMiddleware {
+    private readonly provider;
+    /**
+     * The default base path for the protocol middleware.
+     */
+    readonly DEFAULT_BASE_PATH = "/auth";
+    private readonly basePath;
+    private readonly routes;
+    /**
+     * The constructor for the protocol middleware.
+     * @param provider - The provider to use for the middleware.
+     * @param options - The options for the middleware.
+     */
+    constructor(provider: IdpProvider, options?: IdpProtocolMiddlewareOptions);
+    /**
+     * Normalize the base path.
+     * @param path - The path to normalize.
+     * @returns The normalized path.
+     */
+    private normalizeBasePath;
+    /**
+     * Validate the configuration.
+     */
+    private validateConfiguration;
+    /**
+     * Create a route handler.
+     * @param handler - The handler to create.
+     * @returns The created handler.
+     */
+    private createRouteHandler;
+    /**
+     * Register the protocol middleware routes with the express app.
+     * @param app - The express app to register the routes with.
+     * @example
+     * const app = express();
+     * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider);
+     * idpProtocolMiddleware.register(app);
+     * app.listen(3000);
+     */
+    register(app: Express): void;
+}
+//# sourceMappingURL=protocol-middleware.d.ts.map

package/dist/middleware/protocol-middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"protocol-middleware.d.ts","sourceRoot":"","sources":["../../src/middleware/protocol-middleware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAmC,MAAM,SAAS,CAAC;AAEnE;;GAEG;AACH,oBAAY,aAAa;IACvB,OAAO,aAAa;IACpB,QAAQ,cAAc;IACtB,YAAY,kBAAkB;IAC9B,IAAI,cAAc;CACnB;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,4BAA4B;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE;QACP,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,MAAM,CAAC;KACf,CAAC;CACH;AAQD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,qBAAa,qBAAqB;IAc9B,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAb3B;;OAEG;IACH,SAAgB,iBAAiB,WAAW;IAC5C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgE;IAEvF;;;;OAIG;gBAEgB,QAAQ,EAAE,WAAW,EACtC,OAAO,GAAE,4BAAiC;IAa5C;;;;OAIG;IACH,OAAO,CAAC,iBAAiB;IAOzB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAe7B;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;IAU1B;;;;;;;;OAQG;IACH,QAAQ,CAAC,GAAG,EAAE,OAAO,GAAG,IAAI;CA6B7B"}

package/dist/middleware/protocol-middleware.js

@@ -0,0 +1,131 @@
+/**
+ * The routes that are supported by the protocol middleware.
+ */
+export var ProtocolRoute;
+(function (ProtocolRoute) {
+    ProtocolRoute["SIGN_IN"] = "/sign-in";
+    ProtocolRoute["SIGN_OUT"] = "/sign-out";
+    ProtocolRoute["ACCESS_TOKEN"] = "/access-token";
+    ProtocolRoute["USER"] = "/api/user";
+})(ProtocolRoute || (ProtocolRoute = {}));
+/**
+ * The protocol middleware for the IDP.
+ * @param provider - The provider to use for the middleware.
+ * @param options - The options for the middleware.
+ * @example // Register the middleware with the default routes
+ * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider);
+ * idpProtocolMiddleware.register(app);
+ *
+ * @example // Override the default routes
+ * const app = express();
+ * const middlewareOptions: IdpProtocolMiddlewareOptions = {
+ *   basePath: '/',
+ *   routes: {
+ *     signIn: '/signin',
+ *     signOut: '/signout',
+ *     accessToken: '/accesstoken',
+ *     user: '/api/userinfo',
+ *   }
+ * };
+ * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider, middlewareOptions);
+ * idpProtocolMiddleware.register(app);
+ */
+export class IdpProtocolMiddleware {
+    provider;
+    /**
+     * The default base path for the protocol middleware.
+     */
+    DEFAULT_BASE_PATH = '/auth';
+    basePath;
+    routes;
+    /**
+     * The constructor for the protocol middleware.
+     * @param provider - The provider to use for the middleware.
+     * @param options - The options for the middleware.
+     */
+    constructor(provider, options = {}) {
+        this.provider = provider;
+        this.basePath = this.normalizeBasePath(options.basePath ?? this.DEFAULT_BASE_PATH);
+        this.routes = {
+            signIn: options.routes?.signIn ?? ProtocolRoute.SIGN_IN,
+            signOut: options.routes?.signOut ?? ProtocolRoute.SIGN_OUT,
+            accessToken: options.routes?.accessToken ?? ProtocolRoute.ACCESS_TOKEN,
+            user: options.routes?.user ?? ProtocolRoute.USER,
+        };
+        this.validateConfiguration();
+    }
+    /**
+     * Normalize the base path.
+     * @param path - The path to normalize.
+     * @returns The normalized path.
+     */
+    normalizeBasePath(path) {
+        if (!path.startsWith('/')) {
+            throw new Error(`Base path must start with '/': ${path}`);
+        }
+        return path.endsWith('/') && path !== '/' ? path.slice(0, -1) : path;
+    }
+    /**
+     * Validate the configuration.
+     */
+    validateConfiguration() {
+        const routePaths = Object.values(this.routes);
+        const duplicates = routePaths.filter((path, index) => routePaths.indexOf(path) !== index);
+        if (duplicates.length > 0) {
+            throw new Error(`Duplicate route paths detected: ${duplicates.join(', ')}`);
+        }
+        routePaths.forEach(path => {
+            if (!path.startsWith('/')) {
+                throw new Error(`Route path must start with '/': ${path}`);
+            }
+        });
+    }
+    /**
+     * Create a route handler.
+     * @param handler - The handler to create.
+     * @returns The created handler.
+     */
+    createRouteHandler(handler) {
+        return async (req, res, next) => {
+            try {
+                await handler(req, res, next);
+            }
+            catch (error) {
+                next(error);
+            }
+        };
+    }
+    /**
+     * Register the protocol middleware routes with the express app.
+     * @param app - The express app to register the routes with.
+     * @example
+     * const app = express();
+     * const idpProtocolMiddleware = new IdpProtocolMiddleware(provider);
+     * idpProtocolMiddleware.register(app);
+     * app.listen(3000);
+     */
+    register(app) {
+        const routeConfigs = [
+            {
+                path: this.routes.signIn,
+                handler: (req, res, next) => this.provider.signInMiddleware(req, res, next),
+            },
+            {
+                path: this.routes.signOut,
+                handler: (req, res, next) => this.provider.signOutMiddleware(req, res, next),
+            },
+            {
+                path: this.routes.accessToken,
+                handler: (req, res, next) => this.provider.accessTokenMiddleware(req, res, next),
+            },
+            {
+                path: this.routes.user,
+                handler: (req, res, next) => this.provider.userApiMiddleware(req, res, next),
+            },
+        ];
+        routeConfigs.forEach(({ path, handler }) => {
+            const fullPath = `${this.basePath}${path}`;
+            app.all(fullPath, this.createRouteHandler(handler));
+        });
+    }
+}

package/dist/providers/index.d.ts

@@ -0,0 +1,2 @@
+export { NullIdpProvider } from './null-provider.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/providers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/providers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/providers/index.js

@@ -0,0 +1 @@
+export { NullIdpProvider } from './null-provider.js';

package/dist/providers/null-provider.d.ts

@@ -0,0 +1,24 @@
+import { IdpProvider } from '../types/provider.js';
+import { AuthResult, Payload } from '../types/models.js';
+import { Request, Response, NextFunction } from 'express';
+/**
+ * NULL IDP Provider - single user, single project
+ * Used for deployments without user management and development
+ */
+export declare class NullIdpProvider implements IdpProvider {
+    private defaultPayload;
+    private defaultAccessToken;
+    private defaultRefreshToken;
+    constructor();
+    refreshToken(_refreshToken: string): Promise<AuthResult>;
+    signInMiddleware(_req: Request, _res: Response, _next: NextFunction): Promise<void>;
+    signOutMiddleware(_req: Request, _res: Response, _next: NextFunction): Promise<void>;
+    accessTokenMiddleware(_req: Request, res: Response, _next: NextFunction): Promise<Response>;
+    userApiMiddleware(_req: Request, res: Response, _next: NextFunction): Promise<Response<Payload>>;
+    initialize(): Promise<void>;
+    shutdown(): Promise<void>;
+    introspectToken(_token: string): Promise<Payload | null>;
+    parseToken(_token: string): Promise<Payload | null>;
+    revokeToken(_token: string): Promise<void>;
+}
+//# sourceMappingURL=null-provider.d.ts.map

package/dist/providers/null-provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"null-provider.d.ts","sourceRoot":"","sources":["../../src/providers/null-provider.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAE1D;;;GAGG;AACH,qBAAa,eAAgB,YAAW,WAAW;IACjD,OAAO,CAAC,cAAc,CAAU;IAChC,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,mBAAmB,CAAS;;IAc9B,YAAY,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAM9D,gBAAgB,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAQnF,iBAAiB,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAIpF,qBAAqB,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC;IAI3F,iBAAiB,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAI1F,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;IAIzB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIxD,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAInD,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CAGjD"}

package/dist/providers/null-provider.js

@@ -0,0 +1,58 @@
+/**
+ * NULL IDP Provider - single user, single project
+ * Used for deployments without user management and development
+ */
+export class NullIdpProvider {
+    defaultPayload;
+    defaultAccessToken;
+    defaultRefreshToken;
+    constructor() {
+        this.defaultPayload = {
+            userId: '0',
+            email: 'admin@localhost',
+            roles: ['admin'],
+            fullName: 'Admin',
+            projectId: '0',
+        };
+        this.defaultAccessToken = 'accessToken';
+        this.defaultRefreshToken = 'refreshToken';
+    }
+    async refreshToken(_refreshToken) {
+        return {
+            accessToken: this.defaultAccessToken,
+        };
+    }
+    signInMiddleware(_req, _res, _next) {
+        _res.cookie('refreshToken', this.defaultRefreshToken, {
+            httpOnly: true,
+            secure: true,
+            maxAge: 3600000,
+        });
+        return Promise.resolve(_res.redirect('/'));
+    }
+    signOutMiddleware(_req, _res, _next) {
+        _res.clearCookie('refreshToken');
+        return Promise.resolve(_res.redirect('/'));
+    }
+    accessTokenMiddleware(_req, res, _next) {
+        return Promise.resolve(res.json({ accessToken: this.defaultAccessToken }));
+    }
+    userApiMiddleware(_req, res, _next) {
+        return Promise.resolve(res.json(this.defaultPayload));
+    }
+    async initialize() {
+        // Nothing to initialize
+    }
+    async shutdown() {
+        // Nothing to cleanup
+    }
+    async introspectToken(_token) {
+        return this.defaultPayload;
+    }
+    async parseToken(_token) {
+        return this.defaultPayload;
+    }
+    async revokeToken(_token) {
+        // No-op for NULL provider
+    }
+}

package/dist/types/cli.d.ts

@@ -0,0 +1,27 @@
+import { Payload } from './models.js';
+/**
+ * Commands for adding a user to the IDP by app cli.
+ */
+export interface IdpProviderAddUserCommand {
+    addUser(username: string, password?: string): Promise<AddUserCommandResponse>;
+}
+/**
+ * Commands for listing users from the IDP
+ */
+export interface IdpProviderListUsersCommand {
+    listUsers(): Promise<Payload[]>;
+}
+/**
+ * Commands for removing a user from the IDP
+ */
+export interface IdpProviderRemoveUserCommand {
+    removeUser(userId: string): Promise<void>;
+}
+/**
+ * Response for adding a user to the IDP
+ */
+export interface AddUserCommandResponse {
+    username: string;
+    magicLink?: string;
+}
+//# sourceMappingURL=cli.d.ts.map

package/dist/types/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/types/cli.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAEtC;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;CAC/E;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,SAAS,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3C;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB"}