@pax2pay/model-banking 0.1.511 → 0.1.513
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Client/Users/Invites.ts +20 -0
- package/Client/Users/index.ts +31 -0
- package/Client/index.ts +15 -12
- package/Identity.ts +20 -14
- package/Key/Permissions.ts +46 -0
- package/Key/index.ts +16 -5
- package/User/Access/Permission.ts +1 -1
- package/User/Identity.ts +2 -2
- package/User/JWT/index.ts +3 -1
- package/User/JWT/whitelist.ts +16 -0
- package/dist/cjs/Client/Users/Invites.d.ts +11 -0
- package/dist/cjs/Client/Users/Invites.js +23 -0
- package/dist/cjs/Client/Users/Invites.js.map +1 -0
- package/dist/cjs/Client/Users/index.d.ts +16 -0
- package/dist/cjs/Client/Users/index.js +34 -0
- package/dist/cjs/Client/Users/index.js.map +1 -0
- package/dist/cjs/Client/index.d.ts +8 -6
- package/dist/cjs/Client/index.js +15 -12
- package/dist/cjs/Client/index.js.map +1 -1
- package/dist/cjs/Identity.d.ts +3 -4
- package/dist/cjs/Identity.js +19 -8
- package/dist/cjs/Identity.js.map +1 -1
- package/dist/cjs/Key/Permissions.d.ts +2 -0
- package/dist/cjs/Key/Permissions.js +47 -0
- package/dist/cjs/Key/Permissions.js.map +1 -1
- package/dist/cjs/Key/index.d.ts +3 -5
- package/dist/cjs/Key/index.js +17 -0
- package/dist/cjs/Key/index.js.map +1 -1
- package/dist/cjs/User/Access/Permission.d.ts +4 -4
- package/dist/cjs/User/Access/Permission.js +1 -1
- package/dist/cjs/User/Access/Permission.js.map +1 -1
- package/dist/cjs/User/Identity.d.ts +1 -2
- package/dist/cjs/User/Identity.js +2 -4
- package/dist/cjs/User/Identity.js.map +1 -1
- package/dist/cjs/User/JWT/index.d.ts +1 -0
- package/dist/cjs/User/JWT/index.js +3 -1
- package/dist/cjs/User/JWT/index.js.map +1 -1
- package/dist/cjs/User/JWT/whitelist.d.ts +2 -0
- package/dist/cjs/User/JWT/whitelist.js +17 -0
- package/dist/cjs/User/JWT/whitelist.js.map +1 -0
- package/dist/mjs/Client/Users/Invites.d.ts +11 -0
- package/dist/mjs/Client/Users/Invites.js +19 -0
- package/dist/mjs/Client/Users/Invites.js.map +1 -0
- package/dist/mjs/Client/Users/index.d.ts +16 -0
- package/dist/mjs/Client/Users/index.js +30 -0
- package/dist/mjs/Client/Users/index.js.map +1 -0
- package/dist/mjs/Client/index.d.ts +8 -6
- package/dist/mjs/Client/index.js +15 -12
- package/dist/mjs/Client/index.js.map +1 -1
- package/dist/mjs/Identity.d.ts +3 -4
- package/dist/mjs/Identity.js +19 -8
- package/dist/mjs/Identity.js.map +1 -1
- package/dist/mjs/Key/Permissions.d.ts +2 -0
- package/dist/mjs/Key/Permissions.js +47 -0
- package/dist/mjs/Key/Permissions.js.map +1 -1
- package/dist/mjs/Key/index.d.ts +3 -5
- package/dist/mjs/Key/index.js +17 -0
- package/dist/mjs/Key/index.js.map +1 -1
- package/dist/mjs/User/Access/Permission.d.ts +4 -4
- package/dist/mjs/User/Access/Permission.js +1 -1
- package/dist/mjs/User/Access/Permission.js.map +1 -1
- package/dist/mjs/User/Identity.d.ts +1 -2
- package/dist/mjs/User/Identity.js +2 -4
- package/dist/mjs/User/Identity.js.map +1 -1
- package/dist/mjs/User/JWT/index.d.ts +1 -0
- package/dist/mjs/User/JWT/index.js +3 -1
- package/dist/mjs/User/JWT/index.js.map +1 -1
- package/dist/mjs/User/JWT/whitelist.d.ts +2 -0
- package/dist/mjs/User/JWT/whitelist.js +14 -0
- package/dist/mjs/User/JWT/whitelist.js.map +1 -0
- package/package.json +1 -1
package/dist/mjs/Identity.js
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
2
|
import { userwidgets } from "@userwidgets/model";
|
|
3
|
+
import { Key } from "./Key";
|
|
3
4
|
import { Realm } from "./Realm";
|
|
5
|
+
import { User } from "./User";
|
|
4
6
|
export class Identity {
|
|
5
7
|
key;
|
|
6
8
|
realm;
|
|
@@ -27,17 +29,17 @@ export class Identity {
|
|
|
27
29
|
collectionCheck(collection) {
|
|
28
30
|
return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
|
|
29
31
|
}
|
|
30
|
-
static async authenticate(header, constraint, requires,
|
|
32
|
+
static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify) {
|
|
31
33
|
let result;
|
|
32
34
|
const authorization = header.authorization?.startsWith("Bearer ")
|
|
33
35
|
? header.authorization.replace("Bearer ", "")
|
|
34
36
|
: undefined;
|
|
35
|
-
const
|
|
36
|
-
if (!
|
|
37
|
+
const verified = await Identity.verify(authorization, key);
|
|
38
|
+
if (!verified)
|
|
37
39
|
output !== "undefined" && (result = gracely.client.unauthorized());
|
|
38
40
|
else {
|
|
39
|
-
const realms = Identity.getRealms(
|
|
40
|
-
const identity = new Identity(
|
|
41
|
+
const realms = Identity.getRealms(verified.permissions);
|
|
42
|
+
const identity = new Identity(verified, (realms?.length == 1 ? realms[0] : header.realm), (verified.organization ?? header.organization));
|
|
41
43
|
const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
|
|
42
44
|
(requires?.realm ? Realm.type.is(identity?.realm) : true);
|
|
43
45
|
if (identity?.check(constraint) && requirement(identity))
|
|
@@ -52,8 +54,18 @@ export class Identity {
|
|
|
52
54
|
}
|
|
53
55
|
return result;
|
|
54
56
|
}
|
|
55
|
-
static async verify(authorization,
|
|
56
|
-
|
|
57
|
+
static async verify(authorization, key) {
|
|
58
|
+
const verifier = userwidgets.User.Key.Verifier.create(key);
|
|
59
|
+
const jwt = User.JWT.open({ public: key });
|
|
60
|
+
const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
|
|
61
|
+
let verified;
|
|
62
|
+
if (User.JWT.Payload.type.is(unpacked) && authorization) {
|
|
63
|
+
const payload = await jwt.verify(authorization);
|
|
64
|
+
verified = payload && Key.from(payload, authorization);
|
|
65
|
+
}
|
|
66
|
+
else
|
|
67
|
+
verified = await verifier.verify(authorization);
|
|
68
|
+
return verified;
|
|
57
69
|
}
|
|
58
70
|
static getRealms(permissions) {
|
|
59
71
|
return [
|
|
@@ -62,5 +74,4 @@ export class Identity {
|
|
|
62
74
|
}
|
|
63
75
|
}
|
|
64
76
|
const publicKey = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
|
|
65
|
-
const productionVerifier = userwidgets.User.Key.Verifier.create(publicKey);
|
|
66
77
|
//# sourceMappingURL=Identity.js.map
|
package/dist/mjs/Identity.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAC3B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAE7B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAkBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB;QAExB,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;QAC1D,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAU,EACzD,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,aAAiC,EAAE,GAAW;QACjE,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
import { User } from "../User";
|
|
2
3
|
export type Permissions = Permissions.Organization | Permissions.Realm;
|
|
3
4
|
export declare namespace Permissions {
|
|
4
5
|
function stringify(permissions: Permissions): string;
|
|
@@ -90,4 +91,5 @@ export declare namespace Permissions {
|
|
|
90
91
|
cancel?: true;
|
|
91
92
|
} | true;
|
|
92
93
|
}
|
|
94
|
+
function from(permission: User.Access.Permission): Permissions;
|
|
93
95
|
}
|
|
@@ -1,9 +1,56 @@
|
|
|
1
1
|
import { userwidgets } from "@userwidgets/model";
|
|
2
|
+
import { User } from "../User";
|
|
2
3
|
export var Permissions;
|
|
3
4
|
(function (Permissions) {
|
|
4
5
|
function stringify(permissions) {
|
|
5
6
|
return userwidgets.User.Permissions.stringify(permissions);
|
|
6
7
|
}
|
|
7
8
|
Permissions.stringify = stringify;
|
|
9
|
+
function from(permission) {
|
|
10
|
+
const result = {};
|
|
11
|
+
if (permission["*"])
|
|
12
|
+
result["*"] = User.Access.Permission.Level.get(permission["*"]) >= 2 || {
|
|
13
|
+
org: { view: true },
|
|
14
|
+
user: User.Access.Permission.Level.get(permission["user"]) >= 2 || { view: true },
|
|
15
|
+
app: { view: true },
|
|
16
|
+
};
|
|
17
|
+
if (permission["account"])
|
|
18
|
+
result.accounts = User.Access.Permission.Level.get(permission["account"]) >= 2 || {
|
|
19
|
+
view: true,
|
|
20
|
+
};
|
|
21
|
+
if (permission["card"])
|
|
22
|
+
result.cards = User.Access.Permission.Level.get(permission["card"]) >= 2 || {
|
|
23
|
+
view: true,
|
|
24
|
+
};
|
|
25
|
+
if (permission["log"])
|
|
26
|
+
result.logs = User.Access.Permission.Level.get(permission["log"]) >= 2 || {
|
|
27
|
+
view: true,
|
|
28
|
+
};
|
|
29
|
+
if (permission["operation"])
|
|
30
|
+
result.operations = User.Access.Permission.Level.get(permission["operation"]) >= 2 || {
|
|
31
|
+
view: true,
|
|
32
|
+
};
|
|
33
|
+
if (permission["organization"])
|
|
34
|
+
result.organizations = User.Access.Permission.Level.get(permission["organization"]) >= 2 || {
|
|
35
|
+
view: true,
|
|
36
|
+
rules: { view: true, customer: { view: true }, product: { view: true }, fincrime: { view: true } },
|
|
37
|
+
accounts: { view: true },
|
|
38
|
+
};
|
|
39
|
+
if (permission["rule"])
|
|
40
|
+
result.rules = User.Access.Permission.Level.get(permission["rule"]) >= 2 || {
|
|
41
|
+
view: true,
|
|
42
|
+
customer: { view: true },
|
|
43
|
+
product: { view: true },
|
|
44
|
+
fincrime: { view: true },
|
|
45
|
+
};
|
|
46
|
+
if (permission["settlement"])
|
|
47
|
+
result.settlements = User.Access.Permission.Level.get(permission["settlement"]) >= 2 || { view: true };
|
|
48
|
+
if (permission["transaction"])
|
|
49
|
+
result.transactions = User.Access.Permission.Level.get(permission["transaction"]) >= 2 || { view: true };
|
|
50
|
+
if (permission["treasury"])
|
|
51
|
+
result.treasury = User.Access.Permission.Level.get(permission["treasury"]) >= 2 || { view: true };
|
|
52
|
+
return result;
|
|
53
|
+
}
|
|
54
|
+
Permissions.from = from;
|
|
8
55
|
})(Permissions || (Permissions = {}));
|
|
9
56
|
//# sourceMappingURL=Permissions.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Permissions.js","sourceRoot":"","sources":["../../../Key/Permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"Permissions.js","sourceRoot":"","sources":["../../../Key/Permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAChD,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAG9B,MAAM,KAAW,WAAW,CAyF3B;AAzFD,WAAiB,WAAW;IAC3B,SAAgB,SAAS,CAAC,WAAwB;QACjD,OAAO,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;IAC3D,CAAC;IAFe,qBAAS,YAExB,CAAA;IAyCD,SAAgB,IAAI,CAAC,UAAkC;QACtD,MAAM,MAAM,GAAgB,EAAE,CAAA;QAC9B,IAAI,UAAU,CAAC,GAAG,CAAC;YAClB,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI;gBACvE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBACnB,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE;gBACjF,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACnB,CAAA;QACF,IAAI,UAAU,CAAC,SAAS,CAAC;YACxB,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI;gBACjF,IAAI,EAAE,IAAI;aACV,CAAA;QACF,IAAI,UAAU,CAAC,MAAM,CAAC;YACrB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI;gBAC3E,IAAI,EAAE,IAAI;aACV,CAAA;QACF,IAAI,UAAU,CAAC,KAAK,CAAC;YACpB,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI;gBACzE,IAAI,EAAE,IAAI;aACV,CAAA;QACF,IAAI,UAAU,CAAC,WAAW,CAAC;YAC1B,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI;gBACrF,IAAI,EAAE,IAAI;aACV,CAAA;QACF,IAAI,UAAU,CAAC,cAAc,CAAC;YAC7B,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,IAAI;gBAC3F,IAAI,EAAE,IAAI;gBACV,KAAK,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;gBAClG,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACxB,CAAA;QACF,IAAI,UAAU,CAAC,MAAM,CAAC;YACrB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI;gBAC3E,IAAI,EAAE,IAAI;gBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBACxB,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;gBACvB,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;aACxB,CAAA;QACF,IAAI,UAAU,CAAC,YAAY,CAAC;YAC3B,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;QACvG,IAAI,UAAU,CAAC,aAAa,CAAC;YAC5B,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;QACzG,IAAI,UAAU,CAAC,UAAU,CAAC;YACzB,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;QAClG,OAAO,MAAM,CAAA;IACd,CAAC;IA5Ce,gBAAI,OA4CnB,CAAA;AACF,CAAC,EAzFgB,WAAW,KAAX,WAAW,QAyF3B"}
|
package/dist/mjs/Key/index.d.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { userwidgets } from "@userwidgets/model";
|
|
2
2
|
import { Realm } from "../Realm";
|
|
3
|
+
import { User } from "../User";
|
|
3
4
|
import { Permissions as KeyPermissions } from "./Permissions";
|
|
4
5
|
import { Roles as KeyRoles } from "./Roles";
|
|
5
6
|
type Claims = {
|
|
@@ -8,11 +9,7 @@ type Claims = {
|
|
|
8
9
|
};
|
|
9
10
|
export type Key = userwidgets.User.Key<userwidgets.User.Key.Creatable.Claims | Claims, Key.Permissions>;
|
|
10
11
|
export declare namespace Key {
|
|
11
|
-
|
|
12
|
-
namespace Permissions {
|
|
13
|
-
type Realm = KeyPermissions.Realm;
|
|
14
|
-
type Organization = KeyPermissions.Organization;
|
|
15
|
-
}
|
|
12
|
+
export import Permissions = KeyPermissions;
|
|
16
13
|
type Roles = KeyRoles;
|
|
17
14
|
const Roles: typeof KeyRoles;
|
|
18
15
|
namespace Roles {
|
|
@@ -21,5 +18,6 @@ export declare namespace Key {
|
|
|
21
18
|
type Role = KeyRoles.Organization.Role;
|
|
22
19
|
}
|
|
23
20
|
}
|
|
21
|
+
function from(payload: User.JWT.Payload, token: string): Key;
|
|
24
22
|
}
|
|
25
23
|
export {};
|
package/dist/mjs/Key/index.js
CHANGED
|
@@ -1,6 +1,23 @@
|
|
|
1
|
+
import { isoly } from "isoly";
|
|
2
|
+
import { Permissions as KeyPermissions } from "./Permissions";
|
|
1
3
|
import { Roles as KeyRoles } from "./Roles";
|
|
2
4
|
export var Key;
|
|
3
5
|
(function (Key) {
|
|
6
|
+
Key.Permissions = KeyPermissions;
|
|
4
7
|
Key.Roles = KeyRoles;
|
|
8
|
+
function from(payload, token) {
|
|
9
|
+
return {
|
|
10
|
+
audience: payload.aud,
|
|
11
|
+
email: payload.sub,
|
|
12
|
+
realm: payload.realm,
|
|
13
|
+
permissions: { [payload.realm + "-*"]: Key.Permissions.from(payload.permission) },
|
|
14
|
+
expires: payload.exp ? isoly.DateTime.create(payload.exp) : isoly.DateTime.nextYear(isoly.DateTime.now(), 10),
|
|
15
|
+
issued: isoly.DateTime.create(payload.iat),
|
|
16
|
+
issuer: payload.iss,
|
|
17
|
+
name: { first: "", last: "" },
|
|
18
|
+
token,
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
Key.from = from;
|
|
5
22
|
})(Key || (Key = {}));
|
|
6
23
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Key/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Key/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAI7B,OAAO,EAAE,WAAW,IAAI,cAAc,EAAE,MAAM,eAAe,CAAA;AAC7D,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,SAAS,CAAA;AAQ3C,MAAM,KAAW,GAAG,CAuBnB;AAvBD,WAAiB,GAAG;IACL,eAAW,GAAG,cAAc,CAAA;IAE7B,SAAK,GAAG,QAAQ,CAAA;IAO7B,SAAgB,IAAI,CAAC,OAAyB,EAAE,KAAa;QAC5D,OAAO;YACN,QAAQ,EAAE,OAAO,CAAC,GAAG;YACrB,KAAK,EAAE,OAAO,CAAC,GAAG;YAClB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,EAAE,IAAA,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;YAC7E,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC;YAC7G,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;YAC1C,MAAM,EAAE,OAAO,CAAC,GAAG;YACnB,IAAI,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;YAC7B,KAAK;SACL,CAAA;IACF,CAAC;IAZe,QAAI,OAYnB,CAAA;AACF,CAAC,EAvBgB,GAAG,KAAH,GAAG,QAuBnB"}
|
|
@@ -7,14 +7,14 @@ export declare namespace Permission {
|
|
|
7
7
|
type Level = typeof Level.values[number];
|
|
8
8
|
namespace Level {
|
|
9
9
|
const values: readonly ["read", "write", "developer", "admin"];
|
|
10
|
-
const type: isly.Type<"
|
|
10
|
+
const type: isly.Type<"read" | "write" | "developer" | "admin">;
|
|
11
11
|
function get(level: Level | undefined): number;
|
|
12
12
|
const value: Record<Level, number>;
|
|
13
13
|
}
|
|
14
14
|
type Collection = typeof Collection.values[number];
|
|
15
15
|
namespace Collection {
|
|
16
|
-
const values: readonly ["account", "card", "log", "operation", "organization", "rule", "settlement", "transaction", "treasury", "user"
|
|
17
|
-
const type: isly.Type<"rule" | "card" | "transaction" | "account" | "settlement" | "organization" | "log" | "user" | "operation" | "
|
|
16
|
+
const values: readonly ["*", "account", "card", "log", "operation", "organization", "rule", "settlement", "transaction", "treasury", "user"];
|
|
17
|
+
const type: isly.Type<"rule" | "card" | "transaction" | "account" | "settlement" | "organization" | "log" | "user" | "operation" | "*" | "treasury">;
|
|
18
18
|
}
|
|
19
|
-
const type: isly.Type<Partial<Record<"rule" | "card" | "transaction" | "account" | "settlement" | "organization" | "log" | "user" | "operation" | "
|
|
19
|
+
const type: isly.Type<Partial<Record<"rule" | "card" | "transaction" | "account" | "settlement" | "organization" | "log" | "user" | "operation" | "*" | "treasury", "read" | "write" | "developer" | "admin">>>;
|
|
20
20
|
}
|
|
@@ -25,6 +25,7 @@ export var Permission;
|
|
|
25
25
|
let Collection;
|
|
26
26
|
(function (Collection) {
|
|
27
27
|
Collection.values = [
|
|
28
|
+
"*",
|
|
28
29
|
"account",
|
|
29
30
|
"card",
|
|
30
31
|
"log",
|
|
@@ -35,7 +36,6 @@ export var Permission;
|
|
|
35
36
|
"transaction",
|
|
36
37
|
"treasury",
|
|
37
38
|
"user",
|
|
38
|
-
"*",
|
|
39
39
|
];
|
|
40
40
|
Collection.type = isly.string(Collection.values);
|
|
41
41
|
})(Collection = Permission.Collection || (Permission.Collection = {}));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Permission.js","sourceRoot":"","sources":["../../../../User/Access/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,MAAM,KAAW,UAAU,CA0C1B;AA1CD,WAAiB,UAAU;IAG1B,SAAgB,KAAK,CAAC,UAAsB,EAAE,SAAqB;QAClE,OAAO,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAC9C,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE,CACvB,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC;YAC1E,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CACpE,CAAA;IACF,CAAC;IANe,gBAAK,QAMpB,CAAA;IAED,IAAiB,KAAK,CAYrB;IAZD,WAAiB,KAAK;QACR,YAAM,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,CAAU,CAAA;QACzD,UAAI,GAAG,IAAI,CAAC,MAAM,CAAC,MAAA,MAAM,CAAC,CAAA;QACvC,SAAgB,GAAG,CAAC,KAAwB;YAC3C,OAAO,KAAK,CAAC,CAAC,CAAC,MAAA,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAChC,CAAC;QAFe,SAAG,MAElB,CAAA;QACY,WAAK,GAA0B;YAC3C,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,CAAC;YACR,SAAS,EAAE,CAAC;YACZ,KAAK,EAAE,CAAC;SACC,CAAA;IACX,CAAC,EAZgB,KAAK,GAAL,gBAAK,KAAL,gBAAK,QAYrB;IAED,IAAiB,UAAU,CAe1B;IAfD,WAAiB,UAAU;QACb,iBAAM,GAAG;YACrB,SAAS;YACT,MAAM;YACN,KAAK;YACL,WAAW;YACX,cAAc;YACd,MAAM;YACN,YAAY;YACZ,aAAa;YACb,UAAU;YACV,MAAM;
|
|
1
|
+
{"version":3,"file":"Permission.js","sourceRoot":"","sources":["../../../../User/Access/Permission.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,MAAM,KAAW,UAAU,CA0C1B;AA1CD,WAAiB,UAAU;IAG1B,SAAgB,KAAK,CAAC,UAAsB,EAAE,SAAqB;QAClE,OAAO,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,CAC9C,CAAC,CAAC,UAAU,EAAE,KAAK,CAAC,EAAE,EAAE,CACvB,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC;YAC1E,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CACpE,CAAA;IACF,CAAC;IANe,gBAAK,QAMpB,CAAA;IAED,IAAiB,KAAK,CAYrB;IAZD,WAAiB,KAAK;QACR,YAAM,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,CAAU,CAAA;QACzD,UAAI,GAAG,IAAI,CAAC,MAAM,CAAC,MAAA,MAAM,CAAC,CAAA;QACvC,SAAgB,GAAG,CAAC,KAAwB;YAC3C,OAAO,KAAK,CAAC,CAAC,CAAC,MAAA,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAChC,CAAC;QAFe,SAAG,MAElB,CAAA;QACY,WAAK,GAA0B;YAC3C,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,CAAC;YACR,SAAS,EAAE,CAAC;YACZ,KAAK,EAAE,CAAC;SACC,CAAA;IACX,CAAC,EAZgB,KAAK,GAAL,gBAAK,KAAL,gBAAK,QAYrB;IAED,IAAiB,UAAU,CAe1B;IAfD,WAAiB,UAAU;QACb,iBAAM,GAAG;YACrB,GAAG;YACH,SAAS;YACT,MAAM;YACN,KAAK;YACL,WAAW;YACX,cAAc;YACd,MAAM;YACN,YAAY;YACZ,aAAa;YACb,UAAU;YACV,MAAM;SACG,CAAA;QACG,eAAI,GAAG,IAAI,CAAC,MAAM,CAAC,WAAA,MAAM,CAAC,CAAA;IACxC,CAAC,EAfgB,UAAU,GAAV,qBAAU,KAAV,qBAAU,QAe1B;IACY,eAAI,GAAG,IAAI,CAAC,MAAM,CAAa,UAAU,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAA;AACzE,CAAC,EA1CgB,UAAU,KAAV,UAAU,QA0C1B"}
|
|
@@ -4,9 +4,8 @@ import { Access } from "./Access";
|
|
|
4
4
|
import { JWT } from "./JWT";
|
|
5
5
|
export declare class Identity {
|
|
6
6
|
readonly payload: JWT.Payload;
|
|
7
|
-
private readonly jwt;
|
|
8
7
|
get realm(): Realm;
|
|
9
|
-
constructor(payload: JWT.Payload
|
|
8
|
+
constructor(payload: JWT.Payload);
|
|
10
9
|
authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
|
|
11
10
|
static open(authorization: string | undefined, options: {
|
|
12
11
|
whitelist?: JWT.Whitelist;
|
|
@@ -3,13 +3,11 @@ import { Access } from "./Access";
|
|
|
3
3
|
import { JWT } from "./JWT";
|
|
4
4
|
export class Identity {
|
|
5
5
|
payload;
|
|
6
|
-
jwt;
|
|
7
6
|
get realm() {
|
|
8
7
|
return this.payload.realm;
|
|
9
8
|
}
|
|
10
|
-
constructor(payload
|
|
9
|
+
constructor(payload) {
|
|
11
10
|
this.payload = payload;
|
|
12
|
-
this.jwt = jwt;
|
|
13
11
|
}
|
|
14
12
|
authenticate(constraint) {
|
|
15
13
|
let allowed;
|
|
@@ -22,7 +20,7 @@ export class Identity {
|
|
|
22
20
|
static async open(authorization, options) {
|
|
23
21
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
|
|
24
22
|
const payload = jwt ? await JWT.open({ public: options.key }, options.whitelist).verify(jwt) : undefined;
|
|
25
|
-
return jwt && payload ? new Identity(payload
|
|
23
|
+
return jwt && payload ? new Identity(payload) : gracely.client.unauthorized();
|
|
26
24
|
}
|
|
27
25
|
}
|
|
28
26
|
//# sourceMappingURL=Identity.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAIQ;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAIQ;IAH5B,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAEpD,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAAoD;QAEpD,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACxG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IAC9E,CAAC;CACD"}
|
|
@@ -18,6 +18,7 @@ export declare class JWT {
|
|
|
18
18
|
}
|
|
19
19
|
export declare namespace JWT {
|
|
20
20
|
export import Signer = JWTSigner;
|
|
21
|
+
const whitelist: Partial<Record<"test" | "uk" | "eea", Payload.LongTerm[]>>;
|
|
21
22
|
type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>;
|
|
22
23
|
function unpack(token: string): Promise<JWT.Payload | undefined>;
|
|
23
24
|
export import Payload = JWTPayload;
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { authly } from "authly";
|
|
2
2
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
3
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
|
+
import { whitelist as JWTwhitelist } from "./whitelist";
|
|
4
5
|
export class JWT {
|
|
5
6
|
key;
|
|
6
7
|
whitelist;
|
|
@@ -38,11 +39,12 @@ export class JWT {
|
|
|
38
39
|
return unpacked;
|
|
39
40
|
}
|
|
40
41
|
static open(key, whitelist) {
|
|
41
|
-
return new this({ private: key?.private, public: key?.public ?? JWT.key }, whitelist);
|
|
42
|
+
return new this({ private: key?.private, public: key?.public ?? JWT.key }, whitelist ?? JWT.whitelist);
|
|
42
43
|
}
|
|
43
44
|
}
|
|
44
45
|
(function (JWT) {
|
|
45
46
|
JWT.Signer = JWTSigner;
|
|
47
|
+
JWT.whitelist = JWTwhitelist;
|
|
46
48
|
async function unpack(token) {
|
|
47
49
|
const algorithm = authly.Algorithm.RS256(undefined);
|
|
48
50
|
const verifier = algorithm ? authly.Verifier.create(algorithm) : undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAC9C,OAAO,EAAE,SAAS,IAAI,YAAY,EAAE,MAAM,aAAa,CAAA;AAEvD,MAAM,OAAO,GAAG;IAiBG;IACR;IAjBV,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EACnD,SAAyB;QADjB,QAAG,GAAH,GAAG,CAAwC;QACnD,cAAS,GAAT,SAAS,CAAgB;IAChC,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YACpG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,SAAyB;QACjF,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,IAAI,GAAG,CAAC,SAAS,CAAC,CAAA;IACvG,CAAC;CACD;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,SAAS,CAAA;IACnB,aAAS,GAAG,YAAY,CAAA;IAE9B,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,UAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAZgB,GAAG,KAAH,GAAG,QAYnB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../../../../User/JWT/whitelist.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,SAAS,GAAkB;IACvC,IAAI,EAAE;QACL;YACC,GAAG,EAAE,6BAA6B;YAClC,GAAG,EAAE,UAAU;YAEf,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,SAAS;YACd,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,MAAM;SACX;KACD;CACD,CAAA"}
|