@pax2pay/model-banking 0.1.554 → 0.1.556
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/Identity.ts +37 -8
- package/Realm.ts +2 -2
- package/Supplier/index.ts +1 -1
- package/User/Identity.ts +3 -2
- package/User/JWT/index.ts +5 -8
- package/dist/cjs/Identity.d.ts +6 -3
- package/dist/cjs/Identity.js +27 -6
- package/dist/cjs/Identity.js.map +1 -1
- package/dist/cjs/Realm.d.ts +1 -1
- package/dist/cjs/Realm.js +1 -1
- package/dist/cjs/Realm.js.map +1 -1
- package/dist/cjs/Supplier/index.js +1 -1
- package/dist/cjs/Supplier/index.js.map +1 -1
- package/dist/cjs/User/Identity.d.ts +3 -2
- package/dist/cjs/User/Identity.js +1 -1
- package/dist/cjs/User/Identity.js.map +1 -1
- package/dist/cjs/User/JWT/index.d.ts +3 -5
- package/dist/cjs/User/JWT/index.js +6 -8
- package/dist/cjs/User/JWT/index.js.map +1 -1
- package/dist/mjs/Identity.d.ts +6 -3
- package/dist/mjs/Identity.js +27 -6
- package/dist/mjs/Identity.js.map +1 -1
- package/dist/mjs/Realm.d.ts +1 -1
- package/dist/mjs/Realm.js +1 -1
- package/dist/mjs/Realm.js.map +1 -1
- package/dist/mjs/Supplier/index.js +1 -1
- package/dist/mjs/Supplier/index.js.map +1 -1
- package/dist/mjs/User/Identity.d.ts +3 -2
- package/dist/mjs/User/Identity.js +1 -1
- package/dist/mjs/User/Identity.js.map +1 -1
- package/dist/mjs/User/JWT/index.d.ts +3 -5
- package/dist/mjs/User/JWT/index.js +6 -8
- package/dist/mjs/User/JWT/index.js.map +1 -1
- package/package.json +1 -1
- package/User/JWT/whitelist.ts +0 -31
- package/dist/cjs/User/JWT/whitelist.d.ts +0 -2
- package/dist/cjs/User/JWT/whitelist.js +0 -32
- package/dist/cjs/User/JWT/whitelist.js.map +0 -1
- package/dist/mjs/User/JWT/whitelist.d.ts +0 -2
- package/dist/mjs/User/JWT/whitelist.js +0 -29
- package/dist/mjs/User/JWT/whitelist.js.map +0 -1
package/Identity.ts
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { gracely } from "gracely"
|
|
2
2
|
import { userwidgets } from "@userwidgets/model"
|
|
3
|
+
import { storage } from "cloudly-storage"
|
|
3
4
|
import { slackly } from "slackly"
|
|
4
5
|
import { Key } from "./Key"
|
|
5
6
|
import { Realm } from "./Realm"
|
|
@@ -38,7 +39,8 @@ export class Identity<T extends Identity.Require = never> {
|
|
|
38
39
|
requires?: T,
|
|
39
40
|
key?: string,
|
|
40
41
|
output?: "undefined",
|
|
41
|
-
notify?: Identity.Notify
|
|
42
|
+
notify?: Identity.Notify,
|
|
43
|
+
store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
|
|
42
44
|
): Promise<Identity<T> | undefined>
|
|
43
45
|
static async authenticate<T extends Identity.Require = Record<string, never>>(
|
|
44
46
|
header: { authorization?: string | undefined; realm?: Realm; organization?: string },
|
|
@@ -46,7 +48,8 @@ export class Identity<T extends Identity.Require = never> {
|
|
|
46
48
|
requires?: T,
|
|
47
49
|
key?: string,
|
|
48
50
|
output?: "error",
|
|
49
|
-
notify?: Identity.Notify
|
|
51
|
+
notify?: Identity.Notify,
|
|
52
|
+
store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
|
|
50
53
|
): Promise<Identity<T> | gracely.Error>
|
|
51
54
|
static async authenticate<T extends Identity.Require = Record<string, never>>(
|
|
52
55
|
header: { authorization?: string | undefined; realm?: Realm; organization?: string },
|
|
@@ -54,20 +57,22 @@ export class Identity<T extends Identity.Require = never> {
|
|
|
54
57
|
requires?: T,
|
|
55
58
|
key: string = publicKey,
|
|
56
59
|
output: "error" | "undefined" = "undefined",
|
|
57
|
-
notify?: Identity.Notify
|
|
60
|
+
notify?: Identity.Notify,
|
|
61
|
+
store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
|
|
58
62
|
): Promise<Identity<T> | (gracely.Error | undefined)> {
|
|
59
63
|
let result: Identity<T> | gracely.Error | undefined
|
|
60
64
|
const authorization = header.authorization?.startsWith("Bearer ")
|
|
61
65
|
? header.authorization.replace("Bearer ", "")
|
|
62
66
|
: undefined
|
|
63
|
-
const verified = await Identity.verify(authorization, key)
|
|
67
|
+
const verified = await Identity.verify(authorization, key, store)
|
|
64
68
|
if (!verified)
|
|
65
69
|
output !== "undefined" && (result = gracely.client.unauthorized())
|
|
66
70
|
else {
|
|
67
71
|
const realms = Identity.getRealms(verified.permissions)
|
|
68
72
|
const identity = new Identity(
|
|
69
73
|
verified,
|
|
70
|
-
((realms
|
|
74
|
+
((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
|
|
75
|
+
verified.realm) as Realm,
|
|
71
76
|
(verified.organization ?? header.organization) as string
|
|
72
77
|
)
|
|
73
78
|
const requirement = (
|
|
@@ -97,9 +102,13 @@ export class Identity<T extends Identity.Require = never> {
|
|
|
97
102
|
}
|
|
98
103
|
return result
|
|
99
104
|
}
|
|
100
|
-
static async verify(
|
|
105
|
+
static async verify(
|
|
106
|
+
authorization: string | undefined,
|
|
107
|
+
key: string = publicKey,
|
|
108
|
+
store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
|
|
109
|
+
): Promise<Key | undefined> {
|
|
101
110
|
const verifier = userwidgets.User.Key.Verifier.create<Key>(key)
|
|
102
|
-
const jwt = User.JWT.open({ public: key })
|
|
111
|
+
const jwt = User.JWT.open({ public: key }, store)
|
|
103
112
|
const unpacked = authorization ? await jwt.unpack(authorization) : undefined
|
|
104
113
|
let verified: Key | undefined
|
|
105
114
|
if (User.JWT.Payload.type.is(unpacked) && authorization) {
|
|
@@ -109,11 +118,31 @@ export class Identity<T extends Identity.Require = never> {
|
|
|
109
118
|
verified = await verifier.verify(authorization)
|
|
110
119
|
return verified
|
|
111
120
|
}
|
|
121
|
+
static async getRealm(header: Identity.Header, key: string = publicKey): Promise<Realm | undefined> {
|
|
122
|
+
let result: Realm | undefined
|
|
123
|
+
const authorization = header.authorization?.startsWith("Bearer ")
|
|
124
|
+
? header.authorization.replace("Bearer ", "")
|
|
125
|
+
: undefined
|
|
126
|
+
const jwt = User.JWT.open({ public: key })
|
|
127
|
+
const unpacked = authorization ? await jwt.unpack(authorization) : undefined
|
|
128
|
+
if (User.JWT.Payload.type.is(unpacked))
|
|
129
|
+
result = unpacked.realm
|
|
130
|
+
else {
|
|
131
|
+
const verified = await userwidgets.User.Key.Verifier.create<Key>(key).verify(authorization)
|
|
132
|
+
const realms = verified && Identity.getRealms(verified.permissions)
|
|
133
|
+
result =
|
|
134
|
+
realms &&
|
|
135
|
+
(realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined)
|
|
136
|
+
}
|
|
137
|
+
return result
|
|
138
|
+
}
|
|
112
139
|
static getRealms(permissions: Key.Permissions): Realm[] {
|
|
113
140
|
return [
|
|
114
141
|
...new Set(
|
|
115
142
|
Object.keys(permissions).flatMap(code =>
|
|
116
|
-
code.split("-")
|
|
143
|
+
code.split("-").length > 1 && code.split("-")[0] == "*"
|
|
144
|
+
? Realm.realms
|
|
145
|
+
: Realm.type.get(code.split("-")[0]) ?? []
|
|
117
146
|
)
|
|
118
147
|
),
|
|
119
148
|
]
|
package/Realm.ts
CHANGED
|
@@ -18,12 +18,12 @@ export namespace Realm {
|
|
|
18
18
|
export const currency: Record<Realm, isoly.Currency> = { test: "EUR", uk: "GBP", eea: "EUR" }
|
|
19
19
|
export const suppliers: Record<Realm, modelSupplier[]> = {
|
|
20
20
|
test: ["paxgiro", "bankingcircle", "paxgiroCredit"],
|
|
21
|
-
uk: ["clearbank"],
|
|
21
|
+
uk: ["clearbank", "bankingcircle"],
|
|
22
22
|
eea: [],
|
|
23
23
|
}
|
|
24
24
|
export interface Suppliers extends Record<Realm, modelSupplier[]> {
|
|
25
25
|
test: ["paxgiro", "bankingcircle", "paxgiroCredit"]
|
|
26
|
-
uk: ["clearbank"]
|
|
26
|
+
uk: ["clearbank", "bankingcircle"]
|
|
27
27
|
eea: []
|
|
28
28
|
}
|
|
29
29
|
export type Supplier<P extends keyof Suppliers> = Pick<Suppliers, P>[P][number]
|
package/Supplier/index.ts
CHANGED
package/User/Identity.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { gracely } from "gracely"
|
|
2
|
+
import { storage } from "cloudly-storage"
|
|
2
3
|
import { Realm } from "../Realm"
|
|
3
4
|
import { Access } from "./Access"
|
|
4
5
|
import { JWT } from "./JWT"
|
|
@@ -21,10 +22,10 @@ export class Identity {
|
|
|
21
22
|
/** Key will default to production jwt verification key */
|
|
22
23
|
static async open(
|
|
23
24
|
authorization: string | undefined,
|
|
24
|
-
options
|
|
25
|
+
options?: { store?: storage.KeyValueStore<JWT.Payload.LongTerm>; key?: string }
|
|
25
26
|
): Promise<Identity | gracely.Error> {
|
|
26
27
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined
|
|
27
|
-
const payload = jwt ? await JWT.open({ public: options
|
|
28
|
+
const payload = jwt ? await JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined
|
|
28
29
|
return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized()
|
|
29
30
|
}
|
|
30
31
|
}
|
package/User/JWT/index.ts
CHANGED
|
@@ -1,8 +1,7 @@
|
|
|
1
1
|
import { authly } from "authly"
|
|
2
|
-
import {
|
|
2
|
+
import { storage } from "cloudly-storage"
|
|
3
3
|
import { Payload as JWTPayload } from "./Payload"
|
|
4
4
|
import { Signer as JWTSigner } from "./Signer"
|
|
5
|
-
import { whitelist as JWTwhitelist } from "./whitelist"
|
|
6
5
|
|
|
7
6
|
export class JWT {
|
|
8
7
|
#verifier?: authly.Verifier<JWT.Payload>
|
|
@@ -22,7 +21,7 @@ export class JWT {
|
|
|
22
21
|
}
|
|
23
22
|
private constructor(
|
|
24
23
|
private readonly key?: { public?: string; private?: string },
|
|
25
|
-
readonly
|
|
24
|
+
private readonly store?: storage.KeyValueStore<JWT.Payload.LongTerm>
|
|
26
25
|
) {}
|
|
27
26
|
|
|
28
27
|
async verify(token: string): Promise<JWT.Payload | undefined> {
|
|
@@ -30,7 +29,7 @@ export class JWT {
|
|
|
30
29
|
delete verified?.token
|
|
31
30
|
return JWT.Payload.type.is(verified) &&
|
|
32
31
|
verified?.iss == JWT.Payload.configuration.iss &&
|
|
33
|
-
(verified.exp || (verified.id && this.
|
|
32
|
+
(verified.exp || (verified.id && (await this.store?.get(verified.id as string).then(s => s?.value))))
|
|
34
33
|
? verified
|
|
35
34
|
: undefined
|
|
36
35
|
}
|
|
@@ -40,14 +39,12 @@ export class JWT {
|
|
|
40
39
|
return unpacked
|
|
41
40
|
}
|
|
42
41
|
|
|
43
|
-
static open(key?: { private?: string; public?: string },
|
|
44
|
-
return new this({ private: key?.private, public: key?.public ?? JWT.key },
|
|
42
|
+
static open(key?: { private?: string; public?: string }, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT {
|
|
43
|
+
return new this({ private: key?.private, public: key?.public ?? JWT.key }, store)
|
|
45
44
|
}
|
|
46
45
|
}
|
|
47
46
|
export namespace JWT {
|
|
48
47
|
export import Signer = JWTSigner
|
|
49
|
-
export const whitelist = JWTwhitelist
|
|
50
|
-
export type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>
|
|
51
48
|
export async function unpack(token: string): Promise<JWT.Payload | undefined> {
|
|
52
49
|
const algorithm = authly.Algorithm.RS256(undefined)
|
|
53
50
|
const verifier = algorithm ? authly.Verifier.create<JWT.Payload>(algorithm) : undefined
|
package/dist/cjs/Identity.d.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
+
import { storage } from "cloudly-storage";
|
|
2
3
|
import { slackly } from "slackly";
|
|
3
4
|
import { Key } from "./Key";
|
|
4
5
|
import { Realm } from "./Realm";
|
|
6
|
+
import { User } from "./User";
|
|
5
7
|
export declare class Identity<T extends Identity.Require = never> {
|
|
6
8
|
#private;
|
|
7
9
|
readonly key: Key;
|
|
@@ -11,13 +13,14 @@ export declare class Identity<T extends Identity.Require = never> {
|
|
|
11
13
|
constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
|
|
12
14
|
check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
|
|
13
15
|
collectionCheck(collection: string): boolean;
|
|
14
|
-
static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
|
|
16
|
+
static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | undefined>;
|
|
15
17
|
static authenticate<T extends Identity.Require = Record<string, never>>(header: {
|
|
16
18
|
authorization?: string | undefined;
|
|
17
19
|
realm?: Realm;
|
|
18
20
|
organization?: string;
|
|
19
|
-
}, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
|
|
20
|
-
static verify(authorization: string | undefined, key?: string): Promise<Key | undefined>;
|
|
21
|
+
}, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | gracely.Error>;
|
|
22
|
+
static verify(authorization: string | undefined, key?: string, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Key | undefined>;
|
|
23
|
+
static getRealm(header: Identity.Header, key?: string): Promise<Realm | undefined>;
|
|
21
24
|
static getRealms(permissions: Key.Permissions): Realm[];
|
|
22
25
|
}
|
|
23
26
|
export declare namespace Identity {
|
package/dist/cjs/Identity.js
CHANGED
|
@@ -32,17 +32,18 @@ class Identity {
|
|
|
32
32
|
collectionCheck(collection) {
|
|
33
33
|
return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
|
|
34
34
|
}
|
|
35
|
-
static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify) {
|
|
35
|
+
static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify, store) {
|
|
36
36
|
let result;
|
|
37
37
|
const authorization = header.authorization?.startsWith("Bearer ")
|
|
38
38
|
? header.authorization.replace("Bearer ", "")
|
|
39
39
|
: undefined;
|
|
40
|
-
const verified = await Identity.verify(authorization, key);
|
|
40
|
+
const verified = await Identity.verify(authorization, key, store);
|
|
41
41
|
if (!verified)
|
|
42
42
|
output !== "undefined" && (result = gracely_1.gracely.client.unauthorized());
|
|
43
43
|
else {
|
|
44
44
|
const realms = Identity.getRealms(verified.permissions);
|
|
45
|
-
const identity = new Identity(verified, ((realms
|
|
45
|
+
const identity = new Identity(verified, ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
|
|
46
|
+
verified.realm), (verified.organization ?? header.organization));
|
|
46
47
|
const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
|
|
47
48
|
(requires?.realm ? Realm_1.Realm.type.is(identity?.realm) : true);
|
|
48
49
|
if (identity?.check(constraint) && requirement(identity))
|
|
@@ -57,9 +58,9 @@ class Identity {
|
|
|
57
58
|
}
|
|
58
59
|
return result;
|
|
59
60
|
}
|
|
60
|
-
static async verify(authorization, key = publicKey) {
|
|
61
|
+
static async verify(authorization, key = publicKey, store) {
|
|
61
62
|
const verifier = model_1.userwidgets.User.Key.Verifier.create(key);
|
|
62
|
-
const jwt = User_1.User.JWT.open({ public: key });
|
|
63
|
+
const jwt = User_1.User.JWT.open({ public: key }, store);
|
|
63
64
|
const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
|
|
64
65
|
let verified;
|
|
65
66
|
if (User_1.User.JWT.Payload.type.is(unpacked) && authorization) {
|
|
@@ -70,9 +71,29 @@ class Identity {
|
|
|
70
71
|
verified = await verifier.verify(authorization);
|
|
71
72
|
return verified;
|
|
72
73
|
}
|
|
74
|
+
static async getRealm(header, key = publicKey) {
|
|
75
|
+
let result;
|
|
76
|
+
const authorization = header.authorization?.startsWith("Bearer ")
|
|
77
|
+
? header.authorization.replace("Bearer ", "")
|
|
78
|
+
: undefined;
|
|
79
|
+
const jwt = User_1.User.JWT.open({ public: key });
|
|
80
|
+
const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
|
|
81
|
+
if (User_1.User.JWT.Payload.type.is(unpacked))
|
|
82
|
+
result = unpacked.realm;
|
|
83
|
+
else {
|
|
84
|
+
const verified = await model_1.userwidgets.User.Key.Verifier.create(key).verify(authorization);
|
|
85
|
+
const realms = verified && Identity.getRealms(verified.permissions);
|
|
86
|
+
result =
|
|
87
|
+
realms &&
|
|
88
|
+
(realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined);
|
|
89
|
+
}
|
|
90
|
+
return result;
|
|
91
|
+
}
|
|
73
92
|
static getRealms(permissions) {
|
|
74
93
|
return [
|
|
75
|
-
...new Set(Object.keys(permissions).flatMap(code => code.split("-")
|
|
94
|
+
...new Set(Object.keys(permissions).flatMap(code => code.split("-").length > 1 && code.split("-")[0] == "*"
|
|
95
|
+
? Realm_1.Realm.realms
|
|
96
|
+
: Realm_1.Realm.type.get(code.split("-")[0]) ?? [])),
|
|
76
97
|
];
|
|
77
98
|
}
|
|
78
99
|
}
|
package/dist/cjs/Identity.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAGhD,+BAA2B;AAC3B,mCAA+B;AAC/B,iCAA6B;AAE7B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAoBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB,EACxB,KAAwD;QAExD,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACjE,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3G,QAAQ,CAAC,KAAK,CAAU,EACzB,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,MAAc,SAAS,EACvB,KAAwD;QAExD,MAAM,QAAQ,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,SAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAuB,EAAE,MAAc,SAAS;QACrE,IAAI,MAAyB,CAAA;QAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACrC,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAA;aACnB,CAAC;YACL,MAAM,QAAQ,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC3F,MAAM,MAAM,GAAG,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACnE,MAAM;gBACL,MAAM;oBACN,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;gBACtD,CAAC,CAAC,aAAK,CAAC,MAAM;gBACd,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAC3C,CACD;SACD,CAAA;IACF,CAAC;CACD;AA7ID,4BA6IC;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
|
package/dist/cjs/Realm.d.ts
CHANGED
|
@@ -12,7 +12,7 @@ export declare namespace Realm {
|
|
|
12
12
|
const suppliers: Record<Realm, modelSupplier[]>;
|
|
13
13
|
interface Suppliers extends Record<Realm, modelSupplier[]> {
|
|
14
14
|
test: ["paxgiro", "bankingcircle", "paxgiroCredit"];
|
|
15
|
-
uk: ["clearbank"];
|
|
15
|
+
uk: ["clearbank", "bankingcircle"];
|
|
16
16
|
eea: [];
|
|
17
17
|
}
|
|
18
18
|
type Supplier<P extends keyof Suppliers> = Pick<Suppliers, P>[P][number];
|
package/dist/cjs/Realm.js
CHANGED
package/dist/cjs/Realm.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Realm.js","sourceRoot":"","sources":["../../Realm.ts"],"names":[],"mappings":";;;AACA,+BAA2B;AAC3B,iCAAqC;AAKrC,IAAiB,KAAK,CA2BrB;AA3BD,WAAiB,KAAK;IACR,YAAM,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAU,CAAA;IACvC,UAAI,GAAG,WAAI,CAAC,MAAM,CAAQ,MAAA,MAAM,CAAC,CAAA;IACjC,WAAK,GAAG,YAAK;SACxB,MAAM,CAAQ,OAAO,EAAE,GAAG,MAAA,MAAM,CAAC;SACjC,MAAM,CAAC,OAAO,CAAC;SACf,QAAQ,CAAC,yBAAyB,CAAC,CAAA;IACrC,SAAgB,QAAQ;QACvB,OAAO,MAAA,MAAM,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,GAAG,CAAA;IACrD,CAAC;IAFe,cAAQ,WAEvB,CAAA;IACY,cAAQ,GAAkC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAA;IAChF,eAAS,GAAmC;QACxD,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,eAAe,CAAC;QACnD,EAAE,EAAE,CAAC,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"Realm.js","sourceRoot":"","sources":["../../Realm.ts"],"names":[],"mappings":";;;AACA,+BAA2B;AAC3B,iCAAqC;AAKrC,IAAiB,KAAK,CA2BrB;AA3BD,WAAiB,KAAK;IACR,YAAM,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAU,CAAA;IACvC,UAAI,GAAG,WAAI,CAAC,MAAM,CAAQ,MAAA,MAAM,CAAC,CAAA;IACjC,WAAK,GAAG,YAAK;SACxB,MAAM,CAAQ,OAAO,EAAE,GAAG,MAAA,MAAM,CAAC;SACjC,MAAM,CAAC,OAAO,CAAC;SACf,QAAQ,CAAC,yBAAyB,CAAC,CAAA;IACrC,SAAgB,QAAQ;QACvB,OAAO,MAAA,MAAM,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,GAAG,CAAA;IACrD,CAAC;IAFe,cAAQ,WAEvB,CAAA;IACY,cAAQ,GAAkC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAA;IAChF,eAAS,GAAmC;QACxD,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,eAAe,CAAC;QACnD,EAAE,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;QAClC,GAAG,EAAE,EAAE;KACP,CAAA;IAOD,IAAiB,QAAQ,CAIxB;IAJD,WAAiB,QAAQ;QACxB,SAAgB,EAAE,CAAC,KAAY,EAAE,QAA6B;YAC7D,OAAO,MAAA,SAAS,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAC3C,CAAC;QAFe,WAAE,KAEjB,CAAA;IACF,CAAC,EAJgB,QAAQ,GAAR,cAAQ,KAAR,cAAQ,QAIxB;AACF,CAAC,EA3BgB,KAAK,qBAAL,KAAK,QA2BrB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Supplier/index.ts"],"names":[],"mappings":";;;AACA,+BAA2B;AAI3B,IAAiB,QAAQ,CAcxB;AAdD,WAAiB,QAAQ;IACX,cAAK,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,CAAU,CAAA;IAC3E,aAAI,GAAG,WAAI,CAAC,MAAM,CAAW,SAAA,KAAK,CAAC,CAAA;IACnC,mBAAU,GAAuC;QAC7D,SAAS,EAAE,CAAC,KAAK,CAAC;QAClB,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACvE,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACrC,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;KAC3C,CAAA;IACY,cAAK,GAA8B;QAC/C,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;QAClC,EAAE,EAAE,CAAC,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Supplier/index.ts"],"names":[],"mappings":";;;AACA,+BAA2B;AAI3B,IAAiB,QAAQ,CAcxB;AAdD,WAAiB,QAAQ;IACX,cAAK,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,CAAU,CAAA;IAC3E,aAAI,GAAG,WAAI,CAAC,MAAM,CAAW,SAAA,KAAK,CAAC,CAAA;IACnC,mBAAU,GAAuC;QAC7D,SAAS,EAAE,CAAC,KAAK,CAAC;QAClB,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACvE,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACrC,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;KAC3C,CAAA;IACY,cAAK,GAA8B;QAC/C,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;QAClC,EAAE,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;KAClC,CAAA;AACF,CAAC,EAdgB,QAAQ,wBAAR,QAAQ,QAcxB"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
+
import { storage } from "cloudly-storage";
|
|
2
3
|
import { Realm } from "../Realm";
|
|
3
4
|
import { Access } from "./Access";
|
|
4
5
|
import { JWT } from "./JWT";
|
|
@@ -8,8 +9,8 @@ export declare class Identity {
|
|
|
8
9
|
get realm(): Realm;
|
|
9
10
|
constructor(payload: JWT.Payload, jwt: string);
|
|
10
11
|
authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
|
|
11
|
-
static open(authorization: string | undefined, options
|
|
12
|
-
|
|
12
|
+
static open(authorization: string | undefined, options?: {
|
|
13
|
+
store?: storage.KeyValueStore<JWT.Payload.LongTerm>;
|
|
13
14
|
key?: string;
|
|
14
15
|
}): Promise<Identity | gracely.Error>;
|
|
15
16
|
}
|
|
@@ -24,7 +24,7 @@ class Identity {
|
|
|
24
24
|
}
|
|
25
25
|
static async open(authorization, options) {
|
|
26
26
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
|
|
27
|
-
const payload = jwt ? await JWT_1.JWT.open({ public: options
|
|
27
|
+
const payload = jwt ? await JWT_1.JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined;
|
|
28
28
|
return jwt && payload ? new Identity(payload, jwt) : gracely_1.gracely.client.unauthorized();
|
|
29
29
|
}
|
|
30
30
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AAGjC,qCAAiC;AACjC,+BAA2B;AAE3B,MAAa,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,eAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAA+E;QAE/E,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,SAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACtG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD;AAxBD,4BAwBC"}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { storage } from "cloudly-storage";
|
|
2
2
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
3
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
4
|
export declare class JWT {
|
|
5
5
|
#private;
|
|
6
6
|
private readonly key?;
|
|
7
|
-
readonly
|
|
7
|
+
private readonly store?;
|
|
8
8
|
private get verifier();
|
|
9
9
|
private get signer();
|
|
10
10
|
get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
|
|
@@ -14,12 +14,10 @@ export declare class JWT {
|
|
|
14
14
|
static open(key?: {
|
|
15
15
|
private?: string;
|
|
16
16
|
public?: string;
|
|
17
|
-
},
|
|
17
|
+
}, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT;
|
|
18
18
|
}
|
|
19
19
|
export declare namespace JWT {
|
|
20
20
|
export import Signer = JWTSigner;
|
|
21
|
-
const whitelist: Partial<Record<"test" | "uk" | "eea", Payload.LongTerm[]>>;
|
|
22
|
-
type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>;
|
|
23
21
|
function unpack(token: string): Promise<JWT.Payload | undefined>;
|
|
24
22
|
export import Payload = JWTPayload;
|
|
25
23
|
const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
|
|
@@ -4,10 +4,9 @@ exports.JWT = void 0;
|
|
|
4
4
|
const authly_1 = require("authly");
|
|
5
5
|
const Payload_1 = require("./Payload");
|
|
6
6
|
const Signer_1 = require("./Signer");
|
|
7
|
-
const whitelist_1 = require("./whitelist");
|
|
8
7
|
class JWT {
|
|
9
8
|
key;
|
|
10
|
-
|
|
9
|
+
store;
|
|
11
10
|
#verifier;
|
|
12
11
|
get verifier() {
|
|
13
12
|
if (!this.#verifier && this.key?.public) {
|
|
@@ -23,16 +22,16 @@ class JWT {
|
|
|
23
22
|
get sign() {
|
|
24
23
|
return this.signer?.sign;
|
|
25
24
|
}
|
|
26
|
-
constructor(key,
|
|
25
|
+
constructor(key, store) {
|
|
27
26
|
this.key = key;
|
|
28
|
-
this.
|
|
27
|
+
this.store = store;
|
|
29
28
|
}
|
|
30
29
|
async verify(token) {
|
|
31
30
|
const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
|
|
32
31
|
delete verified?.token;
|
|
33
32
|
return JWT.Payload.type.is(verified) &&
|
|
34
33
|
verified?.iss == JWT.Payload.configuration.iss &&
|
|
35
|
-
(verified.exp || (verified.id && this.
|
|
34
|
+
(verified.exp || (verified.id && (await this.store?.get(verified.id).then(s => s?.value))))
|
|
36
35
|
? verified
|
|
37
36
|
: undefined;
|
|
38
37
|
}
|
|
@@ -41,14 +40,13 @@ class JWT {
|
|
|
41
40
|
delete unpacked?.token;
|
|
42
41
|
return unpacked;
|
|
43
42
|
}
|
|
44
|
-
static open(key,
|
|
45
|
-
return new this({ private: key?.private, public: key?.public ?? JWT.key },
|
|
43
|
+
static open(key, store) {
|
|
44
|
+
return new this({ private: key?.private, public: key?.public ?? JWT.key }, store);
|
|
46
45
|
}
|
|
47
46
|
}
|
|
48
47
|
exports.JWT = JWT;
|
|
49
48
|
(function (JWT) {
|
|
50
49
|
JWT.Signer = Signer_1.Signer;
|
|
51
|
-
JWT.whitelist = whitelist_1.whitelist;
|
|
52
50
|
async function unpack(token) {
|
|
53
51
|
const algorithm = authly_1.authly.Algorithm.RS256(undefined);
|
|
54
52
|
const verifier = algorithm ? authly_1.authly.Verifier.create(algorithm) : undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;AAE/B,uCAAiD;AACjD,qCAA8C;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;AAE/B,uCAAiD;AACjD,qCAA8C;AAE9C,MAAa,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,eAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,KAAmD;QADnD,QAAG,GAAH,GAAG,CAAwC;QAC3C,UAAK,GAAL,KAAK,CAA8C;IAClE,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YACrG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,KAAmD;QAC3G,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AAvCD,kBAuCC;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,eAAS,CAAA;IACzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,iBAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAVgB,GAAG,mBAAH,GAAG,QAUnB"}
|
package/dist/mjs/Identity.d.ts
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
+
import { storage } from "cloudly-storage";
|
|
2
3
|
import { slackly } from "slackly";
|
|
3
4
|
import { Key } from "./Key";
|
|
4
5
|
import { Realm } from "./Realm";
|
|
6
|
+
import { User } from "./User";
|
|
5
7
|
export declare class Identity<T extends Identity.Require = never> {
|
|
6
8
|
#private;
|
|
7
9
|
readonly key: Key;
|
|
@@ -11,13 +13,14 @@ export declare class Identity<T extends Identity.Require = never> {
|
|
|
11
13
|
constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
|
|
12
14
|
check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
|
|
13
15
|
collectionCheck(collection: string): boolean;
|
|
14
|
-
static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
|
|
16
|
+
static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | undefined>;
|
|
15
17
|
static authenticate<T extends Identity.Require = Record<string, never>>(header: {
|
|
16
18
|
authorization?: string | undefined;
|
|
17
19
|
realm?: Realm;
|
|
18
20
|
organization?: string;
|
|
19
|
-
}, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
|
|
20
|
-
static verify(authorization: string | undefined, key?: string): Promise<Key | undefined>;
|
|
21
|
+
}, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | gracely.Error>;
|
|
22
|
+
static verify(authorization: string | undefined, key?: string, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Key | undefined>;
|
|
23
|
+
static getRealm(header: Identity.Header, key?: string): Promise<Realm | undefined>;
|
|
21
24
|
static getRealms(permissions: Key.Permissions): Realm[];
|
|
22
25
|
}
|
|
23
26
|
export declare namespace Identity {
|
package/dist/mjs/Identity.js
CHANGED
|
@@ -29,17 +29,18 @@ export class Identity {
|
|
|
29
29
|
collectionCheck(collection) {
|
|
30
30
|
return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
|
|
31
31
|
}
|
|
32
|
-
static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify) {
|
|
32
|
+
static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify, store) {
|
|
33
33
|
let result;
|
|
34
34
|
const authorization = header.authorization?.startsWith("Bearer ")
|
|
35
35
|
? header.authorization.replace("Bearer ", "")
|
|
36
36
|
: undefined;
|
|
37
|
-
const verified = await Identity.verify(authorization, key);
|
|
37
|
+
const verified = await Identity.verify(authorization, key, store);
|
|
38
38
|
if (!verified)
|
|
39
39
|
output !== "undefined" && (result = gracely.client.unauthorized());
|
|
40
40
|
else {
|
|
41
41
|
const realms = Identity.getRealms(verified.permissions);
|
|
42
|
-
const identity = new Identity(verified, ((realms
|
|
42
|
+
const identity = new Identity(verified, ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
|
|
43
|
+
verified.realm), (verified.organization ?? header.organization));
|
|
43
44
|
const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
|
|
44
45
|
(requires?.realm ? Realm.type.is(identity?.realm) : true);
|
|
45
46
|
if (identity?.check(constraint) && requirement(identity))
|
|
@@ -54,9 +55,9 @@ export class Identity {
|
|
|
54
55
|
}
|
|
55
56
|
return result;
|
|
56
57
|
}
|
|
57
|
-
static async verify(authorization, key = publicKey) {
|
|
58
|
+
static async verify(authorization, key = publicKey, store) {
|
|
58
59
|
const verifier = userwidgets.User.Key.Verifier.create(key);
|
|
59
|
-
const jwt = User.JWT.open({ public: key });
|
|
60
|
+
const jwt = User.JWT.open({ public: key }, store);
|
|
60
61
|
const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
|
|
61
62
|
let verified;
|
|
62
63
|
if (User.JWT.Payload.type.is(unpacked) && authorization) {
|
|
@@ -67,9 +68,29 @@ export class Identity {
|
|
|
67
68
|
verified = await verifier.verify(authorization);
|
|
68
69
|
return verified;
|
|
69
70
|
}
|
|
71
|
+
static async getRealm(header, key = publicKey) {
|
|
72
|
+
let result;
|
|
73
|
+
const authorization = header.authorization?.startsWith("Bearer ")
|
|
74
|
+
? header.authorization.replace("Bearer ", "")
|
|
75
|
+
: undefined;
|
|
76
|
+
const jwt = User.JWT.open({ public: key });
|
|
77
|
+
const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
|
|
78
|
+
if (User.JWT.Payload.type.is(unpacked))
|
|
79
|
+
result = unpacked.realm;
|
|
80
|
+
else {
|
|
81
|
+
const verified = await userwidgets.User.Key.Verifier.create(key).verify(authorization);
|
|
82
|
+
const realms = verified && Identity.getRealms(verified.permissions);
|
|
83
|
+
result =
|
|
84
|
+
realms &&
|
|
85
|
+
(realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined);
|
|
86
|
+
}
|
|
87
|
+
return result;
|
|
88
|
+
}
|
|
70
89
|
static getRealms(permissions) {
|
|
71
90
|
return [
|
|
72
|
-
...new Set(Object.keys(permissions).flatMap(code => code.split("-")
|
|
91
|
+
...new Set(Object.keys(permissions).flatMap(code => code.split("-").length > 1 && code.split("-")[0] == "*"
|
|
92
|
+
? Realm.realms
|
|
93
|
+
: Realm.type.get(code.split("-")[0]) ?? [])),
|
|
73
94
|
];
|
|
74
95
|
}
|
|
75
96
|
}
|
package/dist/mjs/Identity.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAGhD,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAC3B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAE7B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAoBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB,EACxB,KAAwD;QAExD,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACjE,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3G,QAAQ,CAAC,KAAK,CAAU,EACzB,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,MAAc,SAAS,EACvB,KAAwD;QAExD,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAuB,EAAE,MAAc,SAAS;QACrE,IAAI,MAAyB,CAAA;QAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACrC,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAA;aACnB,CAAC;YACL,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC3F,MAAM,MAAM,GAAG,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACnE,MAAM;gBACL,MAAM;oBACN,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;gBACtD,CAAC,CAAC,KAAK,CAAC,MAAM;gBACd,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAC3C,CACD;SACD,CAAA;IACF,CAAC;CACD;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
|
package/dist/mjs/Realm.d.ts
CHANGED
|
@@ -12,7 +12,7 @@ export declare namespace Realm {
|
|
|
12
12
|
const suppliers: Record<Realm, modelSupplier[]>;
|
|
13
13
|
interface Suppliers extends Record<Realm, modelSupplier[]> {
|
|
14
14
|
test: ["paxgiro", "bankingcircle", "paxgiroCredit"];
|
|
15
|
-
uk: ["clearbank"];
|
|
15
|
+
uk: ["clearbank", "bankingcircle"];
|
|
16
16
|
eea: [];
|
|
17
17
|
}
|
|
18
18
|
type Supplier<P extends keyof Suppliers> = Pick<Suppliers, P>[P][number];
|
package/dist/mjs/Realm.js
CHANGED
package/dist/mjs/Realm.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Realm.js","sourceRoot":"","sources":["../../Realm.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,IAAI,KAAK,EAAE,MAAM,OAAO,CAAA;AAKrC,MAAM,KAAW,KAAK,CA2BrB;AA3BD,WAAiB,KAAK;IACR,YAAM,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAU,CAAA;IACvC,UAAI,GAAG,IAAI,CAAC,MAAM,CAAQ,MAAA,MAAM,CAAC,CAAA;IACjC,WAAK,GAAG,KAAK;SACxB,MAAM,CAAQ,OAAO,EAAE,GAAG,MAAA,MAAM,CAAC;SACjC,MAAM,CAAC,OAAO,CAAC;SACf,QAAQ,CAAC,yBAAyB,CAAC,CAAA;IACrC,SAAgB,QAAQ;QACvB,OAAO,MAAA,MAAM,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,GAAG,CAAA;IACrD,CAAC;IAFe,cAAQ,WAEvB,CAAA;IACY,cAAQ,GAAkC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAA;IAChF,eAAS,GAAmC;QACxD,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,eAAe,CAAC;QACnD,EAAE,EAAE,CAAC,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"Realm.js","sourceRoot":"","sources":["../../Realm.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,IAAI,KAAK,EAAE,MAAM,OAAO,CAAA;AAKrC,MAAM,KAAW,KAAK,CA2BrB;AA3BD,WAAiB,KAAK;IACR,YAAM,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAU,CAAA;IACvC,UAAI,GAAG,IAAI,CAAC,MAAM,CAAQ,MAAA,MAAM,CAAC,CAAA;IACjC,WAAK,GAAG,KAAK;SACxB,MAAM,CAAQ,OAAO,EAAE,GAAG,MAAA,MAAM,CAAC;SACjC,MAAM,CAAC,OAAO,CAAC;SACf,QAAQ,CAAC,yBAAyB,CAAC,CAAA;IACrC,SAAgB,QAAQ;QACvB,OAAO,MAAA,MAAM,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,GAAG,CAAA;IACrD,CAAC;IAFe,cAAQ,WAEvB,CAAA;IACY,cAAQ,GAAkC,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,CAAA;IAChF,eAAS,GAAmC;QACxD,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,EAAE,eAAe,CAAC;QACnD,EAAE,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;QAClC,GAAG,EAAE,EAAE;KACP,CAAA;IAOD,IAAiB,QAAQ,CAIxB;IAJD,WAAiB,QAAQ;QACxB,SAAgB,EAAE,CAAC,KAAY,EAAE,QAA6B;YAC7D,OAAO,MAAA,SAAS,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAC3C,CAAC;QAFe,WAAE,KAEjB,CAAA;IACF,CAAC,EAJgB,QAAQ,GAAR,cAAQ,KAAR,cAAQ,QAIxB;AACF,CAAC,EA3BgB,KAAK,KAAL,KAAK,QA2BrB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Supplier/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAI3B,MAAM,KAAW,QAAQ,CAcxB;AAdD,WAAiB,QAAQ;IACX,cAAK,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,CAAU,CAAA;IAC3E,aAAI,GAAG,IAAI,CAAC,MAAM,CAAW,SAAA,KAAK,CAAC,CAAA;IACnC,mBAAU,GAAuC;QAC7D,SAAS,EAAE,CAAC,KAAK,CAAC;QAClB,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACvE,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACrC,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;KAC3C,CAAA;IACY,cAAK,GAA8B;QAC/C,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;QAClC,EAAE,EAAE,CAAC,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../Supplier/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAI3B,MAAM,KAAW,QAAQ,CAcxB;AAdD,WAAiB,QAAQ;IACX,cAAK,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,CAAU,CAAA;IAC3E,aAAI,GAAG,IAAI,CAAC,MAAM,CAAW,SAAA,KAAK,CAAC,CAAA;IACnC,mBAAU,GAAuC;QAC7D,SAAS,EAAE,CAAC,KAAK,CAAC;QAClB,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACvE,OAAO,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;QACrC,aAAa,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;KAC3C,CAAA;IACY,cAAK,GAA8B;QAC/C,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC;QAClC,EAAE,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;KAClC,CAAA;AACF,CAAC,EAdgB,QAAQ,KAAR,QAAQ,QAcxB"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
+
import { storage } from "cloudly-storage";
|
|
2
3
|
import { Realm } from "../Realm";
|
|
3
4
|
import { Access } from "./Access";
|
|
4
5
|
import { JWT } from "./JWT";
|
|
@@ -8,8 +9,8 @@ export declare class Identity {
|
|
|
8
9
|
get realm(): Realm;
|
|
9
10
|
constructor(payload: JWT.Payload, jwt: string);
|
|
10
11
|
authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
|
|
11
|
-
static open(authorization: string | undefined, options
|
|
12
|
-
|
|
12
|
+
static open(authorization: string | undefined, options?: {
|
|
13
|
+
store?: storage.KeyValueStore<JWT.Payload.LongTerm>;
|
|
13
14
|
key?: string;
|
|
14
15
|
}): Promise<Identity | gracely.Error>;
|
|
15
16
|
}
|
|
@@ -21,7 +21,7 @@ export class Identity {
|
|
|
21
21
|
}
|
|
22
22
|
static async open(authorization, options) {
|
|
23
23
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
|
|
24
|
-
const payload = jwt ? await JWT.open({ public: options
|
|
24
|
+
const payload = jwt ? await JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined;
|
|
25
25
|
return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized();
|
|
26
26
|
}
|
|
27
27
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAA+E;QAE/E,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACtG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD"}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { storage } from "cloudly-storage";
|
|
2
2
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
3
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
4
|
export declare class JWT {
|
|
5
5
|
#private;
|
|
6
6
|
private readonly key?;
|
|
7
|
-
readonly
|
|
7
|
+
private readonly store?;
|
|
8
8
|
private get verifier();
|
|
9
9
|
private get signer();
|
|
10
10
|
get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
|
|
@@ -14,12 +14,10 @@ export declare class JWT {
|
|
|
14
14
|
static open(key?: {
|
|
15
15
|
private?: string;
|
|
16
16
|
public?: string;
|
|
17
|
-
},
|
|
17
|
+
}, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT;
|
|
18
18
|
}
|
|
19
19
|
export declare namespace JWT {
|
|
20
20
|
export import Signer = JWTSigner;
|
|
21
|
-
const whitelist: Partial<Record<"test" | "uk" | "eea", Payload.LongTerm[]>>;
|
|
22
|
-
type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>;
|
|
23
21
|
function unpack(token: string): Promise<JWT.Payload | undefined>;
|
|
24
22
|
export import Payload = JWTPayload;
|
|
25
23
|
const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
|
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
import { authly } from "authly";
|
|
2
2
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
3
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
|
-
import { whitelist as JWTwhitelist } from "./whitelist";
|
|
5
4
|
export class JWT {
|
|
6
5
|
key;
|
|
7
|
-
|
|
6
|
+
store;
|
|
8
7
|
#verifier;
|
|
9
8
|
get verifier() {
|
|
10
9
|
if (!this.#verifier && this.key?.public) {
|
|
@@ -20,16 +19,16 @@ export class JWT {
|
|
|
20
19
|
get sign() {
|
|
21
20
|
return this.signer?.sign;
|
|
22
21
|
}
|
|
23
|
-
constructor(key,
|
|
22
|
+
constructor(key, store) {
|
|
24
23
|
this.key = key;
|
|
25
|
-
this.
|
|
24
|
+
this.store = store;
|
|
26
25
|
}
|
|
27
26
|
async verify(token) {
|
|
28
27
|
const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
|
|
29
28
|
delete verified?.token;
|
|
30
29
|
return JWT.Payload.type.is(verified) &&
|
|
31
30
|
verified?.iss == JWT.Payload.configuration.iss &&
|
|
32
|
-
(verified.exp || (verified.id && this.
|
|
31
|
+
(verified.exp || (verified.id && (await this.store?.get(verified.id).then(s => s?.value))))
|
|
33
32
|
? verified
|
|
34
33
|
: undefined;
|
|
35
34
|
}
|
|
@@ -38,13 +37,12 @@ export class JWT {
|
|
|
38
37
|
delete unpacked?.token;
|
|
39
38
|
return unpacked;
|
|
40
39
|
}
|
|
41
|
-
static open(key,
|
|
42
|
-
return new this({ private: key?.private, public: key?.public ?? JWT.key },
|
|
40
|
+
static open(key, store) {
|
|
41
|
+
return new this({ private: key?.private, public: key?.public ?? JWT.key }, store);
|
|
43
42
|
}
|
|
44
43
|
}
|
|
45
44
|
(function (JWT) {
|
|
46
45
|
JWT.Signer = JWTSigner;
|
|
47
|
-
JWT.whitelist = JWTwhitelist;
|
|
48
46
|
async function unpack(token) {
|
|
49
47
|
const algorithm = authly.Algorithm.RS256(undefined);
|
|
50
48
|
const verifier = algorithm ? authly.Verifier.create(algorithm) : undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAE9C,MAAM,OAAO,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,KAAmD;QADnD,QAAG,GAAH,GAAG,CAAwC;QAC3C,UAAK,GAAL,KAAK,CAA8C;IAClE,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YACrG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,KAAmD;QAC3G,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,SAAS,CAAA;IACzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,UAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAVgB,GAAG,KAAH,GAAG,QAUnB"}
|
package/package.json
CHANGED
package/User/JWT/whitelist.ts
DELETED
|
@@ -1,31 +0,0 @@
|
|
|
1
|
-
import type { JWT } from "./index"
|
|
2
|
-
|
|
3
|
-
export const whitelist: JWT.Whitelist = {
|
|
4
|
-
test: [
|
|
5
|
-
{
|
|
6
|
-
aud: "https://banking.pax2pay.app",
|
|
7
|
-
iat: 1751283567,
|
|
8
|
-
// cSpell:disable-next-line
|
|
9
|
-
id: "UUwLn9rhcf8AoRuG",
|
|
10
|
-
iss: "pax2pay",
|
|
11
|
-
permission: {},
|
|
12
|
-
realm: "test",
|
|
13
|
-
sub: "Test",
|
|
14
|
-
},
|
|
15
|
-
],
|
|
16
|
-
uk: [
|
|
17
|
-
{
|
|
18
|
-
iss: "pax2pay",
|
|
19
|
-
iat: 1756819776,
|
|
20
|
-
aud: "https://banking.pax2pay.app",
|
|
21
|
-
id: "CcDi3PUCw4suTL0h",
|
|
22
|
-
sub: "poms",
|
|
23
|
-
permission: {
|
|
24
|
-
card: "write",
|
|
25
|
-
organization: "write",
|
|
26
|
-
transaction: "write",
|
|
27
|
-
},
|
|
28
|
-
realm: "uk",
|
|
29
|
-
},
|
|
30
|
-
],
|
|
31
|
-
}
|
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.whitelist = void 0;
|
|
4
|
-
exports.whitelist = {
|
|
5
|
-
test: [
|
|
6
|
-
{
|
|
7
|
-
aud: "https://banking.pax2pay.app",
|
|
8
|
-
iat: 1751283567,
|
|
9
|
-
id: "UUwLn9rhcf8AoRuG",
|
|
10
|
-
iss: "pax2pay",
|
|
11
|
-
permission: {},
|
|
12
|
-
realm: "test",
|
|
13
|
-
sub: "Test",
|
|
14
|
-
},
|
|
15
|
-
],
|
|
16
|
-
uk: [
|
|
17
|
-
{
|
|
18
|
-
iss: "pax2pay",
|
|
19
|
-
iat: 1756819776,
|
|
20
|
-
aud: "https://banking.pax2pay.app",
|
|
21
|
-
id: "CcDi3PUCw4suTL0h",
|
|
22
|
-
sub: "poms",
|
|
23
|
-
permission: {
|
|
24
|
-
card: "write",
|
|
25
|
-
organization: "write",
|
|
26
|
-
transaction: "write",
|
|
27
|
-
},
|
|
28
|
-
realm: "uk",
|
|
29
|
-
},
|
|
30
|
-
],
|
|
31
|
-
};
|
|
32
|
-
//# sourceMappingURL=whitelist.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../../../../User/JWT/whitelist.ts"],"names":[],"mappings":";;;AAEa,QAAA,SAAS,GAAkB;IACvC,IAAI,EAAE;QACL;YACC,GAAG,EAAE,6BAA6B;YAClC,GAAG,EAAE,UAAU;YAEf,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,SAAS;YACd,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,MAAM;SACX;KACD;IACD,EAAE,EAAE;QACH;YACC,GAAG,EAAE,SAAS;YACd,GAAG,EAAE,UAAU;YACf,GAAG,EAAE,6BAA6B;YAClC,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,MAAM;YACX,UAAU,EAAE;gBACX,IAAI,EAAE,OAAO;gBACb,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,OAAO;aACpB;YACD,KAAK,EAAE,IAAI;SACX;KACD;CACD,CAAA"}
|
|
@@ -1,29 +0,0 @@
|
|
|
1
|
-
export const whitelist = {
|
|
2
|
-
test: [
|
|
3
|
-
{
|
|
4
|
-
aud: "https://banking.pax2pay.app",
|
|
5
|
-
iat: 1751283567,
|
|
6
|
-
id: "UUwLn9rhcf8AoRuG",
|
|
7
|
-
iss: "pax2pay",
|
|
8
|
-
permission: {},
|
|
9
|
-
realm: "test",
|
|
10
|
-
sub: "Test",
|
|
11
|
-
},
|
|
12
|
-
],
|
|
13
|
-
uk: [
|
|
14
|
-
{
|
|
15
|
-
iss: "pax2pay",
|
|
16
|
-
iat: 1756819776,
|
|
17
|
-
aud: "https://banking.pax2pay.app",
|
|
18
|
-
id: "CcDi3PUCw4suTL0h",
|
|
19
|
-
sub: "poms",
|
|
20
|
-
permission: {
|
|
21
|
-
card: "write",
|
|
22
|
-
organization: "write",
|
|
23
|
-
transaction: "write",
|
|
24
|
-
},
|
|
25
|
-
realm: "uk",
|
|
26
|
-
},
|
|
27
|
-
],
|
|
28
|
-
};
|
|
29
|
-
//# sourceMappingURL=whitelist.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../../../../User/JWT/whitelist.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,SAAS,GAAkB;IACvC,IAAI,EAAE;QACL;YACC,GAAG,EAAE,6BAA6B;YAClC,GAAG,EAAE,UAAU;YAEf,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,SAAS;YACd,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,MAAM;SACX;KACD;IACD,EAAE,EAAE;QACH;YACC,GAAG,EAAE,SAAS;YACd,GAAG,EAAE,UAAU;YACf,GAAG,EAAE,6BAA6B;YAClC,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,MAAM;YACX,UAAU,EAAE;gBACX,IAAI,EAAE,OAAO;gBACb,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,OAAO;aACpB;YACD,KAAK,EAAE,IAAI;SACX;KACD;CACD,CAAA"}
|