@pax2pay/model-banking 0.1.474 → 0.1.475

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/Identity.ts +55 -17
  2. package/dist/cjs/Identity.d.ts +19 -6
  3. package/dist/cjs/Identity.js +15 -7
  4. package/dist/cjs/Identity.js.map +1 -1
  5. package/dist/mjs/Identity.d.ts +19 -6
  6. package/dist/mjs/Identity.js +15 -7
  7. package/dist/mjs/Identity.js.map +1 -1
  8. package/package.json +1 -1
package/Identity.ts CHANGED
@@ -1,14 +1,19 @@
1
+ import { gracely } from "gracely"
1
2
  import { userwidgets } from "@userwidgets/model"
2
3
  import { Key } from "./Key"
3
4
  import { Realm } from "./Realm"
4
5
 
5
- export class Identity {
6
+ export class Identity<T extends Identity.Require = never> {
6
7
  #realms: Realm[] | undefined
7
8
  get realms(): Realm[] | undefined {
8
9
  return (this.#realms ??= Identity.getRealms(this.key.permissions))
9
10
  }
10
11
 
11
- constructor(readonly key: Key, readonly realm?: Realm, readonly organization?: string) {}
12
+ constructor(
13
+ readonly key: Key,
14
+ readonly realm: T["realm"] extends true ? Realm : Realm | undefined,
15
+ readonly organization: T["organization"] extends true ? string : string | undefined
16
+ ) {}
12
17
  check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean {
13
18
  return Array.isArray(constraint)
14
19
  ? constraint.some(c => this.check(c, realm, organization))
@@ -25,32 +30,53 @@ export class Identity {
25
30
  )
26
31
  }
27
32
 
28
- static async authenticate<T extends Partial<Record<"realm" | "organization", true>> = Record<string, never>>(
33
+ static async authenticate<T extends Identity.Require = Record<string, never>>(
34
+ header: Identity.Header,
35
+ constraint: Key.Permissions | Key.Permissions[],
36
+ requires?: T,
37
+ verifier?: userwidgets.User.Key.Verifier<Key>,
38
+ output?: "undefined"
39
+ ): Promise<Identity<T> | undefined>
40
+ static async authenticate<T extends Identity.Require = Record<string, never>>(
29
41
  header: { authorization?: string | undefined; realm?: Realm; organization?: string },
30
42
  constraint: Key.Permissions | Key.Permissions[],
31
43
  requires?: T,
32
- verifier: userwidgets.User.Key.Verifier<Key> = productionVerifier
33
- ): Promise<(keyof T extends keyof Identity ? Required<Pick<Identity, keyof T>> & Identity : Identity) | undefined> {
44
+ verifier?: userwidgets.User.Key.Verifier<Key>,
45
+ output?: "error"
46
+ ): Promise<Identity<T> | gracely.Error>
47
+ static async authenticate<T extends Identity.Require = Record<string, never>>(
48
+ header: { authorization?: string | undefined; realm?: Realm; organization?: string },
49
+ constraint: Key.Permissions | Key.Permissions[],
50
+ requires?: T,
51
+ verifier: userwidgets.User.Key.Verifier<Key> = productionVerifier,
52
+ output: "error" | "undefined" = "undefined"
53
+ ): Promise<Identity<T> | (gracely.Error | undefined)> {
54
+ let result: Identity<T> | gracely.Error | undefined
34
55
  const authorization = header.authorization?.startsWith("Bearer ")
35
56
  ? header.authorization.replace("Bearer ", "")
36
57
  : undefined
37
58
  const key = await Identity.verify(authorization, verifier)
38
- const realms = key && Identity.getRealms(key.permissions)
39
- const identity =
40
- key &&
41
- new Identity(
59
+ if (!key)
60
+ output !== "undefined" && (result = gracely.client.unauthorized())
61
+ else {
62
+ const realms = Identity.getRealms(key.permissions)
63
+ const identity = new Identity(
42
64
  key,
43
65
  (realms?.length == 1 ? realms[0] : header.realm) as Realm,
44
66
  (key.organization ?? header.organization) as string
45
67
  )
46
- const requirement = (
47
- value: Identity | undefined
48
- ): value is
49
- | (keyof T extends keyof Identity ? Required<Pick<Identity, keyof T>> & Identity : Identity)
50
- | undefined =>
51
- (requires?.organization ? !!identity?.organization : true) &&
52
- (requires?.realm ? Realm.type.is(identity?.realm) : true)
53
- return (identity?.check(constraint) && requirement(identity) && identity) || undefined
68
+ const requirement = (
69
+ value: Identity | undefined
70
+ ): value is
71
+ | (keyof T extends keyof Identity ? Required<Pick<Identity, keyof T>> & Identity : Identity)
72
+ | undefined =>
73
+ (requires?.organization ? !!identity?.organization : true) &&
74
+ (requires?.realm ? Realm.type.is(identity?.realm) : true)
75
+ result =
76
+ (identity?.check(constraint) && requirement(identity) && identity) ||
77
+ (output === "undefined" ? undefined : gracely.client.forbidden())
78
+ }
79
+ return result
54
80
  }
55
81
  static async verify(
56
82
  authorization: string | undefined,
@@ -68,6 +94,18 @@ export class Identity {
68
94
  ]
69
95
  }
70
96
  }
97
+
98
+ export namespace Identity {
99
+ export type Require = {
100
+ realm?: true
101
+ organization?: true
102
+ }
103
+ export interface Header {
104
+ authorization?: string | undefined
105
+ realm?: Realm
106
+ organization?: string
107
+ }
108
+ }
71
109
  const publicKey =
72
110
  "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ=="
73
111
  const productionVerifier = userwidgets.User.Key.Verifier.create<Key>(publicKey)
package/dist/cjs/Identity.d.ts CHANGED
@@ -1,20 +1,33 @@
1
+ import { gracely } from "gracely";
1
2
  import { userwidgets } from "@userwidgets/model";
2
3
  import { Key } from "./Key";
3
4
  import { Realm } from "./Realm";
4
- export declare class Identity {
5
+ export declare class Identity<T extends Identity.Require = never> {
5
6
  #private;
6
7
  readonly key: Key;
7
- readonly realm?: Realm | undefined;
8
- readonly organization?: string | undefined;
8
+ readonly realm: T["realm"] extends true ? Realm : Realm | undefined;
9
+ readonly organization: T["organization"] extends true ? string : string | undefined;
9
10
  get realms(): Realm[] | undefined;
10
- constructor(key: Key, realm?: Realm | undefined, organization?: string | undefined);
11
+ constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
11
12
  check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
12
13
  collectionCheck(collection: string): boolean;
13
- static authenticate<T extends Partial<Record<"realm" | "organization", true>> = Record<string, never>>(header: {
14
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined"): Promise<Identity<T> | undefined>;
15
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: {
14
16
  authorization?: string | undefined;
15
17
  realm?: Realm;
16
18
  organization?: string;
17
- }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<(keyof T extends keyof Identity ? Required<Pick<Identity, keyof T>> & Identity : Identity) | undefined>;
19
+ }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error"): Promise<Identity<T> | gracely.Error>;
18
20
  static verify(authorization: string | undefined, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<Key | undefined>;
19
21
  static getRealms(permissions: Key.Permissions): Realm[];
20
22
  }
23
+ export declare namespace Identity {
24
+ type Require = {
25
+ realm?: true;
26
+ organization?: true;
27
+ };
28
+ interface Header {
29
+ authorization?: string | undefined;
30
+ realm?: Realm;
31
+ organization?: string;
32
+ }
33
+ }
package/dist/cjs/Identity.js CHANGED
@@ -13,6 +13,7 @@ var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (
13
13
  var _Identity_realms;
14
14
  Object.defineProperty(exports, "__esModule", { value: true });
15
15
  exports.Identity = void 0;
16
+ const gracely_1 = require("gracely");
16
17
  const model_1 = require("@userwidgets/model");
17
18
  const Realm_1 = require("./Realm");
18
19
  class Identity {
@@ -38,17 +39,24 @@ class Identity {
38
39
  collectionCheck(collection) {
39
40
  return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
40
41
  }
41
- static async authenticate(header, constraint, requires, verifier = productionVerifier) {
42
+ static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined") {
43
+ let result;
42
44
  const authorization = header.authorization?.startsWith("Bearer ")
43
45
  ? header.authorization.replace("Bearer ", "")
44
46
  : undefined;
45
47
  const key = await Identity.verify(authorization, verifier);
46
- const realms = key && Identity.getRealms(key.permissions);
47
- const identity = key &&
48
- new Identity(key, (realms?.length == 1 ? realms[0] : header.realm), (key.organization ?? header.organization));
49
- const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
50
- (requires?.realm ? Realm_1.Realm.type.is(identity?.realm) : true);
51
- return (identity?.check(constraint) && requirement(identity) && identity) || undefined;
48
+ if (!key)
49
+ output !== "undefined" && (result = gracely_1.gracely.client.unauthorized());
50
+ else {
51
+ const realms = Identity.getRealms(key.permissions);
52
+ const identity = new Identity(key, (realms?.length == 1 ? realms[0] : header.realm), (key.organization ?? header.organization));
53
+ const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
54
+ (requires?.realm ? Realm_1.Realm.type.is(identity?.realm) : true);
55
+ result =
56
+ (identity?.check(constraint) && requirement(identity) && identity) ||
57
+ (output === "undefined" ? undefined : gracely_1.gracely.client.forbidden());
58
+ }
59
+ return result;
52
60
  }
53
61
  static async verify(authorization, verifier = productionVerifier) {
54
62
  return await verifier.verify(authorization);
package/dist/cjs/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,8CAAgD;AAEhD,mCAA+B;AAE/B,MAAa,QAAQ;IAEpB,IAAI,MAAM;QACT,OAAO,CAAC,sGAAiB,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,MAAA,CAAC,CAAA;IACnE,CAAC;IAED,YAAqB,GAAQ,EAAW,KAAa,EAAW,YAAqB;QAAhE,QAAG,GAAH,GAAG,CAAK;QAAW,UAAK,GAAL,KAAK,CAAQ;QAAW,iBAAY,GAAZ,YAAY,CAAS;QALrF,mCAA4B;IAK4D,CAAC;IACzF,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB;QAEjE,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,MAAM,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;QACzD,MAAM,QAAQ,GACb,GAAG;YACH,IAAI,QAAQ,CACX,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;QACF,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QAC1D,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,IAAI,SAAS,CAAA;IACvF,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAjED,4BAiEC;;AACD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,qCAAiC;AACjC,8CAAgD;AAEhD,mCAA+B;AAE/B,MAAa,QAAQ;IAEpB,IAAI,MAAM;QACT,OAAO,CAAC,sGAAiB,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,MAAA,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;QARpF,mCAA4B;IASzB,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAgBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW;QAE3C,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AA1FD,4BA0FC;;AAaD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
package/dist/mjs/Identity.d.ts CHANGED
@@ -1,20 +1,33 @@
1
+ import { gracely } from "gracely";
1
2
  import { userwidgets } from "@userwidgets/model";
2
3
  import { Key } from "./Key";
3
4
  import { Realm } from "./Realm";
4
- export declare class Identity {
5
+ export declare class Identity<T extends Identity.Require = never> {
5
6
  #private;
6
7
  readonly key: Key;
7
- readonly realm?: Realm | undefined;
8
- readonly organization?: string | undefined;
8
+ readonly realm: T["realm"] extends true ? Realm : Realm | undefined;
9
+ readonly organization: T["organization"] extends true ? string : string | undefined;
9
10
  get realms(): Realm[] | undefined;
10
- constructor(key: Key, realm?: Realm | undefined, organization?: string | undefined);
11
+ constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
11
12
  check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
12
13
  collectionCheck(collection: string): boolean;
13
- static authenticate<T extends Partial<Record<"realm" | "organization", true>> = Record<string, never>>(header: {
14
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined"): Promise<Identity<T> | undefined>;
15
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: {
14
16
  authorization?: string | undefined;
15
17
  realm?: Realm;
16
18
  organization?: string;
17
- }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<(keyof T extends keyof Identity ? Required<Pick<Identity, keyof T>> & Identity : Identity) | undefined>;
19
+ }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error"): Promise<Identity<T> | gracely.Error>;
18
20
  static verify(authorization: string | undefined, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<Key | undefined>;
19
21
  static getRealms(permissions: Key.Permissions): Realm[];
20
22
  }
23
+ export declare namespace Identity {
24
+ type Require = {
25
+ realm?: true;
26
+ organization?: true;
27
+ };
28
+ interface Header {
29
+ authorization?: string | undefined;
30
+ realm?: Realm;
31
+ organization?: string;
32
+ }
33
+ }
package/dist/mjs/Identity.js CHANGED
@@ -10,6 +10,7 @@ var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (
10
10
  return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
11
11
  };
12
12
  var _Identity_realms;
13
+ import { gracely } from "gracely";
13
14
  import { userwidgets } from "@userwidgets/model";
14
15
  import { Realm } from "./Realm";
15
16
  export class Identity {
@@ -35,17 +36,24 @@ export class Identity {
35
36
  collectionCheck(collection) {
36
37
  return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
37
38
  }
38
- static async authenticate(header, constraint, requires, verifier = productionVerifier) {
39
+ static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined") {
40
+ let result;
39
41
  const authorization = header.authorization?.startsWith("Bearer ")
40
42
  ? header.authorization.replace("Bearer ", "")
41
43
  : undefined;
42
44
  const key = await Identity.verify(authorization, verifier);
43
- const realms = key && Identity.getRealms(key.permissions);
44
- const identity = key &&
45
- new Identity(key, (realms?.length == 1 ? realms[0] : header.realm), (key.organization ?? header.organization));
46
- const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
47
- (requires?.realm ? Realm.type.is(identity?.realm) : true);
48
- return (identity?.check(constraint) && requirement(identity) && identity) || undefined;
45
+ if (!key)
46
+ output !== "undefined" && (result = gracely.client.unauthorized());
47
+ else {
48
+ const realms = Identity.getRealms(key.permissions);
49
+ const identity = new Identity(key, (realms?.length == 1 ? realms[0] : header.realm), (key.organization ?? header.organization));
50
+ const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
51
+ (requires?.realm ? Realm.type.is(identity?.realm) : true);
52
+ result =
53
+ (identity?.check(constraint) && requirement(identity) && identity) ||
54
+ (output === "undefined" ? undefined : gracely.client.forbidden());
55
+ }
56
+ return result;
49
57
  }
50
58
  static async verify(authorization, verifier = productionVerifier) {
51
59
  return await verifier.verify(authorization);
package/dist/mjs/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAE/B,MAAM,OAAO,QAAQ;IAEpB,IAAI,MAAM;QACT,OAAO,CAAC,sGAAiB,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,MAAA,CAAC,CAAA;IACnE,CAAC;IAED,YAAqB,GAAQ,EAAW,KAAa,EAAW,YAAqB;QAAhE,QAAG,GAAH,GAAG,CAAK;QAAW,UAAK,GAAL,KAAK,CAAQ;QAAW,iBAAY,GAAZ,YAAY,CAAS;QALrF,mCAA4B;IAK4D,CAAC;IACzF,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB;QAEjE,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,MAAM,MAAM,GAAG,GAAG,IAAI,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;QACzD,MAAM,QAAQ,GACb,GAAG;YACH,IAAI,QAAQ,CACX,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;QACF,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QAC1D,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,IAAI,SAAS,CAAA;IACvF,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;;AACD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAE/B,MAAM,OAAO,QAAQ;IAEpB,IAAI,MAAM;QACT,OAAO,CAAC,sGAAiB,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,MAAA,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;QARpF,mCAA4B;IASzB,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAgBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW;QAE3C,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;;AAaD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pax2pay/model-banking",
3
- "version": "0.1.474",
3
+ "version": "0.1.475",
4
4
  "description": "Library containing data model types and functions for the Pax2Pay Banking API.",
5
5
  "author": "Pax2Pay Ltd",
6
6
  "license": "MIT",