@pax2pay/model-banking 0.1.476 → 0.1.478

package/Identity.ts

@@ -1,5 +1,6 @@
 import { gracely } from "gracely"
 import { userwidgets } from "@userwidgets/model"
+import { slackly } from "slackly"
 import { Key } from "./Key"
 import { Realm } from "./Realm"
 
@@ -35,21 +36,24 @@ export class Identity<T extends Identity.Require = never> {
 		constraint: Key.Permissions | Key.Permissions[],
 		requires?: T,
 		verifier?: userwidgets.User.Key.Verifier<Key>,
-		output?: "undefined"
+		output?: "undefined",
+		notify?: Identity.Notify
 	): Promise<Identity<T> | undefined>
 	static async authenticate<T extends Identity.Require = Record<string, never>>(
 		header: { authorization?: string | undefined; realm?: Realm; organization?: string },
 		constraint: Key.Permissions | Key.Permissions[],
 		requires?: T,
 		verifier?: userwidgets.User.Key.Verifier<Key>,
-		output?: "error"
+		output?: "error",
+		notify?: Identity.Notify
 	): Promise<Identity<T> | gracely.Error>
 	static async authenticate<T extends Identity.Require = Record<string, never>>(
 		header: { authorization?: string | undefined; realm?: Realm; organization?: string },
 		constraint: Key.Permissions | Key.Permissions[],
 		requires?: T,
 		verifier: userwidgets.User.Key.Verifier<Key> = productionVerifier,
-		output: "error" | "undefined" = "undefined"
+		output: "error" | "undefined" = "undefined",
+		notify?: Identity.Notify
 	): Promise<Identity<T> | (gracely.Error | undefined)> {
 		let result: Identity<T> | gracely.Error | undefined
 		const authorization = header.authorization?.startsWith("Bearer ")
@@ -76,6 +80,12 @@ export class Identity<T extends Identity.Require = never> {
 				(identity?.check(constraint) && requirement(identity) && identity) ||
 				(output === "undefined" ? undefined : gracely.client.forbidden())
 		}
+		gracely.Error.is(result) &&
+			result.type == "forbidden" &&
+			(await notify?.slack.send(
+				"monitoring",
+				`Unauthorized access attempt at ${notify.method.toUpperCase()} ${notify.endpoint}`
+			))
 		return result
 	}
 	static async verify(
@@ -105,6 +115,11 @@ export namespace Identity {
 		realm?: Realm
 		organization?: string
 	}
+	export type Notify = {
+		slack: slackly.Connection<["monitoring"]>
+		endpoint: string
+		method: string
+	}
 }
 const publicKey =
 	"MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ=="

package/dist/cjs/Identity.d.ts

@@ -1,5 +1,6 @@
 import { gracely } from "gracely";
 import { userwidgets } from "@userwidgets/model";
+import { slackly } from "slackly";
 import { Key } from "./Key";
 import { Realm } from "./Realm";
 export declare class Identity<T extends Identity.Require = never> {
@@ -11,12 +12,12 @@ export declare class Identity<T extends Identity.Require = never> {
     constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
     check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
     collectionCheck(collection: string): boolean;
-    static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined"): Promise<Identity<T> | undefined>;
+    static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
     static authenticate<T extends Identity.Require = Record<string, never>>(header: {
         authorization?: string | undefined;
         realm?: Realm;
         organization?: string;
-    }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error"): Promise<Identity<T> | gracely.Error>;
+    }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
     static verify(authorization: string | undefined, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<Key | undefined>;
     static getRealms(permissions: Key.Permissions): Realm[];
 }
@@ -30,4 +31,9 @@ export declare namespace Identity {
         realm?: Realm;
         organization?: string;
     }
+    type Notify = {
+        slack: slackly.Connection<["monitoring"]>;
+        endpoint: string;
+        method: string;
+    };
 }

package/dist/cjs/Identity.js

@@ -30,7 +30,7 @@ class Identity {
     collectionCheck(collection) {
         return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
     }
-    static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined") {
+    static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined", notify) {
         let result;
         const authorization = header.authorization?.startsWith("Bearer ")
             ? header.authorization.replace("Bearer ", "")
@@ -47,6 +47,9 @@ class Identity {
                 (identity?.check(constraint) && requirement(identity) && identity) ||
                     (output === "undefined" ? undefined : gracely_1.gracely.client.forbidden());
         }
+        gracely_1.gracely.Error.is(result) &&
+            result.type == "forbidden" &&
+            (await notify?.slack.send("monitoring", `Unauthorized access attempt at ${notify.method.toUpperCase()} ${notify.endpoint}`));
         return result;
     }
     static async verify(authorization, verifier = productionVerifier) {

package/dist/cjs/Identity.js.map

@@ -1 +1 @@
-{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAEhD,mCAA+B;AAE/B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAgBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW;QAE3C,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AA1FD,4BA0FC;AAaD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
+{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAGhD,mCAA+B;AAE/B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAkBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW,EAC3C,MAAwB;QAExB,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,iBAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;YACvB,MAAM,CAAC,IAAI,IAAI,WAAW;YAC1B,CAAC,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACxB,YAAY,EACZ,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAC,CAAA;QACH,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAnGD,4BAmGC;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}

package/dist/mjs/Identity.d.ts

@@ -1,5 +1,6 @@
 import { gracely } from "gracely";
 import { userwidgets } from "@userwidgets/model";
+import { slackly } from "slackly";
 import { Key } from "./Key";
 import { Realm } from "./Realm";
 export declare class Identity<T extends Identity.Require = never> {
@@ -11,12 +12,12 @@ export declare class Identity<T extends Identity.Require = never> {
     constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
     check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
     collectionCheck(collection: string): boolean;
-    static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined"): Promise<Identity<T> | undefined>;
+    static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
     static authenticate<T extends Identity.Require = Record<string, never>>(header: {
         authorization?: string | undefined;
         realm?: Realm;
         organization?: string;
-    }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error"): Promise<Identity<T> | gracely.Error>;
+    }, constraint: Key.Permissions | Key.Permissions[], requires?: T, verifier?: userwidgets.User.Key.Verifier<Key>, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
     static verify(authorization: string | undefined, verifier?: userwidgets.User.Key.Verifier<Key>): Promise<Key | undefined>;
     static getRealms(permissions: Key.Permissions): Realm[];
 }
@@ -30,4 +31,9 @@ export declare namespace Identity {
         realm?: Realm;
         organization?: string;
     }
+    type Notify = {
+        slack: slackly.Connection<["monitoring"]>;
+        endpoint: string;
+        method: string;
+    };
 }

package/dist/mjs/Identity.js

@@ -27,7 +27,7 @@ export class Identity {
     collectionCheck(collection) {
         return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
     }
-    static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined") {
+    static async authenticate(header, constraint, requires, verifier = productionVerifier, output = "undefined", notify) {
         let result;
         const authorization = header.authorization?.startsWith("Bearer ")
             ? header.authorization.replace("Bearer ", "")
@@ -44,6 +44,9 @@ export class Identity {
                 (identity?.check(constraint) && requirement(identity) && identity) ||
                     (output === "undefined" ? undefined : gracely.client.forbidden());
         }
+        gracely.Error.is(result) &&
+            result.type == "forbidden" &&
+            (await notify?.slack.send("monitoring", `Unauthorized access attempt at ${notify.method.toUpperCase()} ${notify.endpoint}`));
         return result;
     }
     static async verify(authorization, verifier = productionVerifier) {

package/dist/mjs/Identity.js.map

@@ -1 +1 @@
-{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAE/B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAgBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW;QAE3C,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAaD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}
+{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAGhD,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAE/B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAkBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,WAA+C,kBAAkB,EACjE,SAAgC,WAAW,EAC3C,MAAwB;QAExB,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;QAC1D,IAAI,CAAC,GAAG;YACP,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,GAAG,EACH,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACnD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,MAAM;gBACL,CAAC,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;oBAClE,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAA;QACnE,CAAC;QACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC;YACvB,MAAM,CAAC,IAAI,IAAI,WAAW;YAC1B,CAAC,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACxB,YAAY,EACZ,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAC,CAAA;QACH,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,WAA+C,kBAAkB;QAEjE,OAAO,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;IAC5C,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA;AACnuB,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,SAAS,CAAC,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@pax2pay/model-banking",
-	"version": "0.1.476",
+	"version": "0.1.478",
 	"description": "Library containing data model types and functions for the Pax2Pay Banking API.",
 	"author": "Pax2Pay Ltd",
 	"license": "MIT",
@@ -45,16 +45,16 @@
 	},
 	"devDependencies": {
 		"@cloudflare/workers-types": "^4.20241112.0",
-		"@vitest/coverage-v8": "^2.1.8",
 		"@typescript-eslint/eslint-plugin": "8.2.0",
 		"@typescript-eslint/parser": "8.2.0",
+		"@vitest/coverage-v8": "^2.1.8",
 		"eslint": "^8.57.0",
 		"eslint-plugin-prettierx": "github:utily/eslint-plugin-prettierx#utily-20231004",
 		"eslint-plugin-simple-import-sort": "^12.1.1",
 		"prettierx": "github:utily/prettierx#utily-20231004",
 		"rimraf": "^6.0.1",
-		"vitest": "^2.1.8",
-		"typescript": "^5.5.4"
+		"typescript": "^5.5.4",
+		"vitest": "^2.1.8"
 	},
 	"dependencies": {
 		"@userwidgets/model": "0.8.32",
@@ -68,7 +68,8 @@
 		"isly2": "npm:isly@1.0.1-alpha.21",
 		"isoly": "3.0.6",
 		"isoly2": "npm:isoly@3.0.7-alpha.10",
-		"typedly": "0.0.26",
-		"selectively": "^2.0.15"
+		"selectively": "^2.0.15",
+		"slackly": "^0.0.5",
+		"typedly": "0.0.26"
 	}
 }