@pax2pay/model-banking 0.1.555 → 0.1.556

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/Identity.ts +37 -8
  2. package/User/Identity.ts +3 -2
  3. package/User/JWT/index.ts +5 -8
  4. package/dist/cjs/Identity.d.ts +6 -3
  5. package/dist/cjs/Identity.js +27 -6
  6. package/dist/cjs/Identity.js.map +1 -1
  7. package/dist/cjs/User/Identity.d.ts +3 -2
  8. package/dist/cjs/User/Identity.js +1 -1
  9. package/dist/cjs/User/Identity.js.map +1 -1
  10. package/dist/cjs/User/JWT/index.d.ts +3 -5
  11. package/dist/cjs/User/JWT/index.js +6 -8
  12. package/dist/cjs/User/JWT/index.js.map +1 -1
  13. package/dist/mjs/Identity.d.ts +6 -3
  14. package/dist/mjs/Identity.js +27 -6
  15. package/dist/mjs/Identity.js.map +1 -1
  16. package/dist/mjs/User/Identity.d.ts +3 -2
  17. package/dist/mjs/User/Identity.js +1 -1
  18. package/dist/mjs/User/Identity.js.map +1 -1
  19. package/dist/mjs/User/JWT/index.d.ts +3 -5
  20. package/dist/mjs/User/JWT/index.js +6 -8
  21. package/dist/mjs/User/JWT/index.js.map +1 -1
  22. package/package.json +1 -1
  23. package/User/JWT/whitelist.ts +0 -31
  24. package/dist/cjs/User/JWT/whitelist.d.ts +0 -2
  25. package/dist/cjs/User/JWT/whitelist.js +0 -32
  26. package/dist/cjs/User/JWT/whitelist.js.map +0 -1
  27. package/dist/mjs/User/JWT/whitelist.d.ts +0 -2
  28. package/dist/mjs/User/JWT/whitelist.js +0 -29
  29. package/dist/mjs/User/JWT/whitelist.js.map +0 -1
package/Identity.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  import { gracely } from "gracely"
2
2
  import { userwidgets } from "@userwidgets/model"
3
+ import { storage } from "cloudly-storage"
3
4
  import { slackly } from "slackly"
4
5
  import { Key } from "./Key"
5
6
  import { Realm } from "./Realm"
@@ -38,7 +39,8 @@ export class Identity<T extends Identity.Require = never> {
38
39
  requires?: T,
39
40
  key?: string,
40
41
  output?: "undefined",
41
- notify?: Identity.Notify
42
+ notify?: Identity.Notify,
43
+ store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
42
44
  ): Promise<Identity<T> | undefined>
43
45
  static async authenticate<T extends Identity.Require = Record<string, never>>(
44
46
  header: { authorization?: string | undefined; realm?: Realm; organization?: string },
@@ -46,7 +48,8 @@ export class Identity<T extends Identity.Require = never> {
46
48
  requires?: T,
47
49
  key?: string,
48
50
  output?: "error",
49
- notify?: Identity.Notify
51
+ notify?: Identity.Notify,
52
+ store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
50
53
  ): Promise<Identity<T> | gracely.Error>
51
54
  static async authenticate<T extends Identity.Require = Record<string, never>>(
52
55
  header: { authorization?: string | undefined; realm?: Realm; organization?: string },
@@ -54,20 +57,22 @@ export class Identity<T extends Identity.Require = never> {
54
57
  requires?: T,
55
58
  key: string = publicKey,
56
59
  output: "error" | "undefined" = "undefined",
57
- notify?: Identity.Notify
60
+ notify?: Identity.Notify,
61
+ store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
58
62
  ): Promise<Identity<T> | (gracely.Error | undefined)> {
59
63
  let result: Identity<T> | gracely.Error | undefined
60
64
  const authorization = header.authorization?.startsWith("Bearer ")
61
65
  ? header.authorization.replace("Bearer ", "")
62
66
  : undefined
63
- const verified = await Identity.verify(authorization, key)
67
+ const verified = await Identity.verify(authorization, key, store)
64
68
  if (!verified)
65
69
  output !== "undefined" && (result = gracely.client.unauthorized())
66
70
  else {
67
71
  const realms = Identity.getRealms(verified.permissions)
68
72
  const identity = new Identity(
69
73
  verified,
70
- ((realms?.length == 1 ? realms[0] : header.realm) ?? verified.realm) as Realm,
74
+ ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
75
+ verified.realm) as Realm,
71
76
  (verified.organization ?? header.organization) as string
72
77
  )
73
78
  const requirement = (
@@ -97,9 +102,13 @@ export class Identity<T extends Identity.Require = never> {
97
102
  }
98
103
  return result
99
104
  }
100
- static async verify(authorization: string | undefined, key: string = publicKey): Promise<Key | undefined> {
105
+ static async verify(
106
+ authorization: string | undefined,
107
+ key: string = publicKey,
108
+ store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>
109
+ ): Promise<Key | undefined> {
101
110
  const verifier = userwidgets.User.Key.Verifier.create<Key>(key)
102
- const jwt = User.JWT.open({ public: key })
111
+ const jwt = User.JWT.open({ public: key }, store)
103
112
  const unpacked = authorization ? await jwt.unpack(authorization) : undefined
104
113
  let verified: Key | undefined
105
114
  if (User.JWT.Payload.type.is(unpacked) && authorization) {
@@ -109,11 +118,31 @@ export class Identity<T extends Identity.Require = never> {
109
118
  verified = await verifier.verify(authorization)
110
119
  return verified
111
120
  }
121
+ static async getRealm(header: Identity.Header, key: string = publicKey): Promise<Realm | undefined> {
122
+ let result: Realm | undefined
123
+ const authorization = header.authorization?.startsWith("Bearer ")
124
+ ? header.authorization.replace("Bearer ", "")
125
+ : undefined
126
+ const jwt = User.JWT.open({ public: key })
127
+ const unpacked = authorization ? await jwt.unpack(authorization) : undefined
128
+ if (User.JWT.Payload.type.is(unpacked))
129
+ result = unpacked.realm
130
+ else {
131
+ const verified = await userwidgets.User.Key.Verifier.create<Key>(key).verify(authorization)
132
+ const realms = verified && Identity.getRealms(verified.permissions)
133
+ result =
134
+ realms &&
135
+ (realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined)
136
+ }
137
+ return result
138
+ }
112
139
  static getRealms(permissions: Key.Permissions): Realm[] {
113
140
  return [
114
141
  ...new Set(
115
142
  Object.keys(permissions).flatMap(code =>
116
- code.split("-")[0] == "*" ? Realm.realms : Realm.type.get(code.split("-")[0]) ?? []
143
+ code.split("-").length > 1 && code.split("-")[0] == "*"
144
+ ? Realm.realms
145
+ : Realm.type.get(code.split("-")[0]) ?? []
117
146
  )
118
147
  ),
119
148
  ]
package/User/Identity.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { gracely } from "gracely"
2
+ import { storage } from "cloudly-storage"
2
3
  import { Realm } from "../Realm"
3
4
  import { Access } from "./Access"
4
5
  import { JWT } from "./JWT"
@@ -21,10 +22,10 @@ export class Identity {
21
22
  /** Key will default to production jwt verification key */
22
23
  static async open(
23
24
  authorization: string | undefined,
24
- options: { whitelist?: JWT.Whitelist; key?: string }
25
+ options?: { store?: storage.KeyValueStore<JWT.Payload.LongTerm>; key?: string }
25
26
  ): Promise<Identity | gracely.Error> {
26
27
  const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined
27
- const payload = jwt ? await JWT.open({ public: options.key }, options.whitelist).verify(jwt) : undefined
28
+ const payload = jwt ? await JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined
28
29
  return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized()
29
30
  }
30
31
  }
package/User/JWT/index.ts CHANGED
@@ -1,8 +1,7 @@
1
1
  import { authly } from "authly"
2
- import { Realm } from "../../Realm"
2
+ import { storage } from "cloudly-storage"
3
3
  import { Payload as JWTPayload } from "./Payload"
4
4
  import { Signer as JWTSigner } from "./Signer"
5
- import { whitelist as JWTwhitelist } from "./whitelist"
6
5
 
7
6
  export class JWT {
8
7
  #verifier?: authly.Verifier<JWT.Payload>
@@ -22,7 +21,7 @@ export class JWT {
22
21
  }
23
22
  private constructor(
24
23
  private readonly key?: { public?: string; private?: string },
25
- readonly whitelist?: JWT.Whitelist
24
+ private readonly store?: storage.KeyValueStore<JWT.Payload.LongTerm>
26
25
  ) {}
27
26
 
28
27
  async verify(token: string): Promise<JWT.Payload | undefined> {
@@ -30,7 +29,7 @@ export class JWT {
30
29
  delete verified?.token
31
30
  return JWT.Payload.type.is(verified) &&
32
31
  verified?.iss == JWT.Payload.configuration.iss &&
33
- (verified.exp || (verified.id && this.whitelist?.[verified.realm]?.some(e => e.id === verified.id)))
32
+ (verified.exp || (verified.id && (await this.store?.get(verified.id as string).then(s => s?.value))))
34
33
  ? verified
35
34
  : undefined
36
35
  }
@@ -40,14 +39,12 @@ export class JWT {
40
39
  return unpacked
41
40
  }
42
41
 
43
- static open(key?: { private?: string; public?: string }, whitelist?: JWT.Whitelist): JWT {
44
- return new this({ private: key?.private, public: key?.public ?? JWT.key }, whitelist ?? JWT.whitelist)
42
+ static open(key?: { private?: string; public?: string }, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT {
43
+ return new this({ private: key?.private, public: key?.public ?? JWT.key }, store)
45
44
  }
46
45
  }
47
46
  export namespace JWT {
48
47
  export import Signer = JWTSigner
49
- export const whitelist = JWTwhitelist
50
- export type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>
51
48
  export async function unpack(token: string): Promise<JWT.Payload | undefined> {
52
49
  const algorithm = authly.Algorithm.RS256(undefined)
53
50
  const verifier = algorithm ? authly.Verifier.create<JWT.Payload>(algorithm) : undefined
package/dist/cjs/Identity.d.ts CHANGED
@@ -1,7 +1,9 @@
1
1
  import { gracely } from "gracely";
2
+ import { storage } from "cloudly-storage";
2
3
  import { slackly } from "slackly";
3
4
  import { Key } from "./Key";
4
5
  import { Realm } from "./Realm";
6
+ import { User } from "./User";
5
7
  export declare class Identity<T extends Identity.Require = never> {
6
8
  #private;
7
9
  readonly key: Key;
@@ -11,13 +13,14 @@ export declare class Identity<T extends Identity.Require = never> {
11
13
  constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
12
14
  check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
13
15
  collectionCheck(collection: string): boolean;
14
- static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
16
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | undefined>;
15
17
  static authenticate<T extends Identity.Require = Record<string, never>>(header: {
16
18
  authorization?: string | undefined;
17
19
  realm?: Realm;
18
20
  organization?: string;
19
- }, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
20
- static verify(authorization: string | undefined, key?: string): Promise<Key | undefined>;
21
+ }, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | gracely.Error>;
22
+ static verify(authorization: string | undefined, key?: string, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Key | undefined>;
23
+ static getRealm(header: Identity.Header, key?: string): Promise<Realm | undefined>;
21
24
  static getRealms(permissions: Key.Permissions): Realm[];
22
25
  }
23
26
  export declare namespace Identity {
package/dist/cjs/Identity.js CHANGED
@@ -32,17 +32,18 @@ class Identity {
32
32
  collectionCheck(collection) {
33
33
  return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
34
34
  }
35
- static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify) {
35
+ static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify, store) {
36
36
  let result;
37
37
  const authorization = header.authorization?.startsWith("Bearer ")
38
38
  ? header.authorization.replace("Bearer ", "")
39
39
  : undefined;
40
- const verified = await Identity.verify(authorization, key);
40
+ const verified = await Identity.verify(authorization, key, store);
41
41
  if (!verified)
42
42
  output !== "undefined" && (result = gracely_1.gracely.client.unauthorized());
43
43
  else {
44
44
  const realms = Identity.getRealms(verified.permissions);
45
- const identity = new Identity(verified, ((realms?.length == 1 ? realms[0] : header.realm) ?? verified.realm), (verified.organization ?? header.organization));
45
+ const identity = new Identity(verified, ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
46
+ verified.realm), (verified.organization ?? header.organization));
46
47
  const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
47
48
  (requires?.realm ? Realm_1.Realm.type.is(identity?.realm) : true);
48
49
  if (identity?.check(constraint) && requirement(identity))
@@ -57,9 +58,9 @@ class Identity {
57
58
  }
58
59
  return result;
59
60
  }
60
- static async verify(authorization, key = publicKey) {
61
+ static async verify(authorization, key = publicKey, store) {
61
62
  const verifier = model_1.userwidgets.User.Key.Verifier.create(key);
62
- const jwt = User_1.User.JWT.open({ public: key });
63
+ const jwt = User_1.User.JWT.open({ public: key }, store);
63
64
  const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
64
65
  let verified;
65
66
  if (User_1.User.JWT.Payload.type.is(unpacked) && authorization) {
@@ -70,9 +71,29 @@ class Identity {
70
71
  verified = await verifier.verify(authorization);
71
72
  return verified;
72
73
  }
74
+ static async getRealm(header, key = publicKey) {
75
+ let result;
76
+ const authorization = header.authorization?.startsWith("Bearer ")
77
+ ? header.authorization.replace("Bearer ", "")
78
+ : undefined;
79
+ const jwt = User_1.User.JWT.open({ public: key });
80
+ const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
81
+ if (User_1.User.JWT.Payload.type.is(unpacked))
82
+ result = unpacked.realm;
83
+ else {
84
+ const verified = await model_1.userwidgets.User.Key.Verifier.create(key).verify(authorization);
85
+ const realms = verified && Identity.getRealms(verified.permissions);
86
+ result =
87
+ realms &&
88
+ (realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined);
89
+ }
90
+ return result;
91
+ }
73
92
  static getRealms(permissions) {
74
93
  return [
75
- ...new Set(Object.keys(permissions).flatMap(code => code.split("-")[0] == "*" ? Realm_1.Realm.realms : Realm_1.Realm.type.get(code.split("-")[0]) ?? [])),
94
+ ...new Set(Object.keys(permissions).flatMap(code => code.split("-").length > 1 && code.split("-")[0] == "*"
95
+ ? Realm_1.Realm.realms
96
+ : Realm_1.Realm.type.get(code.split("-")[0]) ?? [])),
76
97
  ];
77
98
  }
78
99
  }
package/dist/cjs/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAEhD,+BAA2B;AAC3B,mCAA+B;AAC/B,iCAA6B;AAE7B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAkBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB;QAExB,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;QAC1D,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAU,EAC7E,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,aAAiC,EAAE,MAAc,SAAS;QAC7E,MAAM,QAAQ,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,SAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,aAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAjHD,4BAiHC;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AACjC,8CAAgD;AAGhD,+BAA2B;AAC3B,mCAA+B;AAC/B,iCAA6B;AAE7B,MAAa,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,mBAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAoBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB,EACxB,KAAwD;QAExD,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACjE,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3G,QAAQ,CAAC,KAAK,CAAU,EACzB,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,MAAc,SAAS,EACvB,KAAwD;QAExD,MAAM,QAAQ,GAAG,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,SAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAuB,EAAE,MAAc,SAAS;QACrE,IAAI,MAAyB,CAAA;QAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,WAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,WAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACrC,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAA;aACnB,CAAC;YACL,MAAM,QAAQ,GAAG,MAAM,mBAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC3F,MAAM,MAAM,GAAG,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACnE,MAAM;gBACL,MAAM;oBACN,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;gBACtD,CAAC,CAAC,aAAK,CAAC,MAAM;gBACd,CAAC,CAAC,aAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAC3C,CACD;SACD,CAAA;IACF,CAAC;CACD;AA7ID,4BA6IC;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
package/dist/cjs/User/Identity.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { gracely } from "gracely";
2
+ import { storage } from "cloudly-storage";
2
3
  import { Realm } from "../Realm";
3
4
  import { Access } from "./Access";
4
5
  import { JWT } from "./JWT";
@@ -8,8 +9,8 @@ export declare class Identity {
8
9
  get realm(): Realm;
9
10
  constructor(payload: JWT.Payload, jwt: string);
10
11
  authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
11
- static open(authorization: string | undefined, options: {
12
- whitelist?: JWT.Whitelist;
12
+ static open(authorization: string | undefined, options?: {
13
+ store?: storage.KeyValueStore<JWT.Payload.LongTerm>;
13
14
  key?: string;
14
15
  }): Promise<Identity | gracely.Error>;
15
16
  }
package/dist/cjs/User/Identity.js CHANGED
@@ -24,7 +24,7 @@ class Identity {
24
24
  }
25
25
  static async open(authorization, options) {
26
26
  const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
27
- const payload = jwt ? await JWT_1.JWT.open({ public: options.key }, options.whitelist).verify(jwt) : undefined;
27
+ const payload = jwt ? await JWT_1.JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined;
28
28
  return jwt && payload ? new Identity(payload, jwt) : gracely_1.gracely.client.unauthorized();
29
29
  }
30
30
  }
package/dist/cjs/User/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AAEjC,qCAAiC;AACjC,+BAA2B;AAE3B,MAAa,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,eAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAAoD;QAEpD,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,SAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACxG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD;AAxBD,4BAwBC"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AAGjC,qCAAiC;AACjC,+BAA2B;AAE3B,MAAa,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,eAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAA+E;QAE/E,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,SAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACtG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD;AAxBD,4BAwBC"}
package/dist/cjs/User/JWT/index.d.ts CHANGED
@@ -1,10 +1,10 @@
1
- import { Realm } from "../../Realm";
1
+ import { storage } from "cloudly-storage";
2
2
  import { Payload as JWTPayload } from "./Payload";
3
3
  import { Signer as JWTSigner } from "./Signer";
4
4
  export declare class JWT {
5
5
  #private;
6
6
  private readonly key?;
7
- readonly whitelist?: JWT.Whitelist | undefined;
7
+ private readonly store?;
8
8
  private get verifier();
9
9
  private get signer();
10
10
  get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
@@ -14,12 +14,10 @@ export declare class JWT {
14
14
  static open(key?: {
15
15
  private?: string;
16
16
  public?: string;
17
- }, whitelist?: JWT.Whitelist): JWT;
17
+ }, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT;
18
18
  }
19
19
  export declare namespace JWT {
20
20
  export import Signer = JWTSigner;
21
- const whitelist: Partial<Record<"test" | "uk" | "eea", Payload.LongTerm[]>>;
22
- type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>;
23
21
  function unpack(token: string): Promise<JWT.Payload | undefined>;
24
22
  export import Payload = JWTPayload;
25
23
  const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
package/dist/cjs/User/JWT/index.js CHANGED
@@ -4,10 +4,9 @@ exports.JWT = void 0;
4
4
  const authly_1 = require("authly");
5
5
  const Payload_1 = require("./Payload");
6
6
  const Signer_1 = require("./Signer");
7
- const whitelist_1 = require("./whitelist");
8
7
  class JWT {
9
8
  key;
10
- whitelist;
9
+ store;
11
10
  #verifier;
12
11
  get verifier() {
13
12
  if (!this.#verifier && this.key?.public) {
@@ -23,16 +22,16 @@ class JWT {
23
22
  get sign() {
24
23
  return this.signer?.sign;
25
24
  }
26
- constructor(key, whitelist) {
25
+ constructor(key, store) {
27
26
  this.key = key;
28
- this.whitelist = whitelist;
27
+ this.store = store;
29
28
  }
30
29
  async verify(token) {
31
30
  const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
32
31
  delete verified?.token;
33
32
  return JWT.Payload.type.is(verified) &&
34
33
  verified?.iss == JWT.Payload.configuration.iss &&
35
- (verified.exp || (verified.id && this.whitelist?.[verified.realm]?.some(e => e.id === verified.id)))
34
+ (verified.exp || (verified.id && (await this.store?.get(verified.id).then(s => s?.value))))
36
35
  ? verified
37
36
  : undefined;
38
37
  }
@@ -41,14 +40,13 @@ class JWT {
41
40
  delete unpacked?.token;
42
41
  return unpacked;
43
42
  }
44
- static open(key, whitelist) {
45
- return new this({ private: key?.private, public: key?.public ?? JWT.key }, whitelist ?? JWT.whitelist);
43
+ static open(key, store) {
44
+ return new this({ private: key?.private, public: key?.public ?? JWT.key }, store);
46
45
  }
47
46
  }
48
47
  exports.JWT = JWT;
49
48
  (function (JWT) {
50
49
  JWT.Signer = Signer_1.Signer;
51
- JWT.whitelist = whitelist_1.whitelist;
52
50
  async function unpack(token) {
53
51
  const algorithm = authly_1.authly.Algorithm.RS256(undefined);
54
52
  const verifier = algorithm ? authly_1.authly.Verifier.create(algorithm) : undefined;
package/dist/cjs/User/JWT/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;AAE/B,uCAAiD;AACjD,qCAA8C;AAC9C,2CAAuD;AAEvD,MAAa,GAAG;IAiBG;IACR;IAjBV,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,eAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EACnD,SAAyB;QADjB,QAAG,GAAH,GAAG,CAAwC;QACnD,cAAS,GAAT,SAAS,CAAgB;IAChC,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YACpG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,SAAyB;QACjF,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,IAAI,GAAG,CAAC,SAAS,CAAC,CAAA;IACvG,CAAC;CACD;AAvCD,kBAuCC;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,eAAS,CAAA;IACnB,aAAS,GAAG,qBAAY,CAAA;IAE9B,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,iBAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAZgB,GAAG,mBAAH,GAAG,QAYnB"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;AAE/B,uCAAiD;AACjD,qCAA8C;AAE9C,MAAa,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,eAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,KAAmD;QADnD,QAAG,GAAH,GAAG,CAAwC;QAC3C,UAAK,GAAL,KAAK,CAA8C;IAClE,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YACrG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,KAAmD;QAC3G,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AAvCD,kBAuCC;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,eAAS,CAAA;IACzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,iBAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAVgB,GAAG,mBAAH,GAAG,QAUnB"}
package/dist/mjs/Identity.d.ts CHANGED
@@ -1,7 +1,9 @@
1
1
  import { gracely } from "gracely";
2
+ import { storage } from "cloudly-storage";
2
3
  import { slackly } from "slackly";
3
4
  import { Key } from "./Key";
4
5
  import { Realm } from "./Realm";
6
+ import { User } from "./User";
5
7
  export declare class Identity<T extends Identity.Require = never> {
6
8
  #private;
7
9
  readonly key: Key;
@@ -11,13 +13,14 @@ export declare class Identity<T extends Identity.Require = never> {
11
13
  constructor(key: Key, realm: T["realm"] extends true ? Realm : Realm | undefined, organization: T["organization"] extends true ? string : string | undefined);
12
14
  check(constraint: Key.Permissions | Key.Permissions[], realm?: Realm, organization?: string): boolean;
13
15
  collectionCheck(collection: string): boolean;
14
- static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify): Promise<Identity<T> | undefined>;
16
+ static authenticate<T extends Identity.Require = Record<string, never>>(header: Identity.Header, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "undefined", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | undefined>;
15
17
  static authenticate<T extends Identity.Require = Record<string, never>>(header: {
16
18
  authorization?: string | undefined;
17
19
  realm?: Realm;
18
20
  organization?: string;
19
- }, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify): Promise<Identity<T> | gracely.Error>;
20
- static verify(authorization: string | undefined, key?: string): Promise<Key | undefined>;
21
+ }, constraint: Key.Permissions | Key.Permissions[], requires?: T, key?: string, output?: "error", notify?: Identity.Notify, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Identity<T> | gracely.Error>;
22
+ static verify(authorization: string | undefined, key?: string, store?: storage.KeyValueStore<User.JWT.Payload.LongTerm>): Promise<Key | undefined>;
23
+ static getRealm(header: Identity.Header, key?: string): Promise<Realm | undefined>;
21
24
  static getRealms(permissions: Key.Permissions): Realm[];
22
25
  }
23
26
  export declare namespace Identity {
package/dist/mjs/Identity.js CHANGED
@@ -29,17 +29,18 @@ export class Identity {
29
29
  collectionCheck(collection) {
30
30
  return Object.values(this.key.permissions).some(value => (typeof value == "object" && value[collection]) || value == true);
31
31
  }
32
- static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify) {
32
+ static async authenticate(header, constraint, requires, key = publicKey, output = "undefined", notify, store) {
33
33
  let result;
34
34
  const authorization = header.authorization?.startsWith("Bearer ")
35
35
  ? header.authorization.replace("Bearer ", "")
36
36
  : undefined;
37
- const verified = await Identity.verify(authorization, key);
37
+ const verified = await Identity.verify(authorization, key, store);
38
38
  if (!verified)
39
39
  output !== "undefined" && (result = gracely.client.unauthorized());
40
40
  else {
41
41
  const realms = Identity.getRealms(verified.permissions);
42
- const identity = new Identity(verified, ((realms?.length == 1 ? realms[0] : header.realm) ?? verified.realm), (verified.organization ?? header.organization));
42
+ const identity = new Identity(verified, ((realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined) ??
43
+ verified.realm), (verified.organization ?? header.organization));
43
44
  const requirement = (value) => (requires?.organization ? !!identity?.organization : true) &&
44
45
  (requires?.realm ? Realm.type.is(identity?.realm) : true);
45
46
  if (identity?.check(constraint) && requirement(identity))
@@ -54,9 +55,9 @@ export class Identity {
54
55
  }
55
56
  return result;
56
57
  }
57
- static async verify(authorization, key = publicKey) {
58
+ static async verify(authorization, key = publicKey, store) {
58
59
  const verifier = userwidgets.User.Key.Verifier.create(key);
59
- const jwt = User.JWT.open({ public: key });
60
+ const jwt = User.JWT.open({ public: key }, store);
60
61
  const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
61
62
  let verified;
62
63
  if (User.JWT.Payload.type.is(unpacked) && authorization) {
@@ -67,9 +68,29 @@ export class Identity {
67
68
  verified = await verifier.verify(authorization);
68
69
  return verified;
69
70
  }
71
+ static async getRealm(header, key = publicKey) {
72
+ let result;
73
+ const authorization = header.authorization?.startsWith("Bearer ")
74
+ ? header.authorization.replace("Bearer ", "")
75
+ : undefined;
76
+ const jwt = User.JWT.open({ public: key });
77
+ const unpacked = authorization ? await jwt.unpack(authorization) : undefined;
78
+ if (User.JWT.Payload.type.is(unpacked))
79
+ result = unpacked.realm;
80
+ else {
81
+ const verified = await userwidgets.User.Key.Verifier.create(key).verify(authorization);
82
+ const realms = verified && Identity.getRealms(verified.permissions);
83
+ result =
84
+ realms &&
85
+ (realms.length == 1 ? realms[0] : header.realm && realms.includes(header.realm) ? header.realm : undefined);
86
+ }
87
+ return result;
88
+ }
70
89
  static getRealms(permissions) {
71
90
  return [
72
- ...new Set(Object.keys(permissions).flatMap(code => code.split("-")[0] == "*" ? Realm.realms : Realm.type.get(code.split("-")[0]) ?? [])),
91
+ ...new Set(Object.keys(permissions).flatMap(code => code.split("-").length > 1 && code.split("-")[0] == "*"
92
+ ? Realm.realms
93
+ : Realm.type.get(code.split("-")[0]) ?? [])),
73
94
  ];
74
95
  }
75
96
  }
package/dist/mjs/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAEhD,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAC3B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAE7B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAkBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB;QAExB,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAA;QAC1D,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAU,EAC7E,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,aAAiC,EAAE,MAAc,SAAS;QAC7E,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CACnF,CACD;SACD,CAAA;IACF,CAAC;CACD;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAGhD,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAC3B,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAC/B,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAE7B,MAAM,OAAO,QAAQ;IAOV;IACA;IACA;IARV,OAAO,CAAqB;IAC5B,IAAI,MAAM;QACT,OAAO,CAAC,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAA;IACnE,CAAC;IAED,YACU,GAAQ,EACR,KAA0D,EAC1D,YAA0E;QAF1E,QAAG,GAAH,GAAG,CAAK;QACR,UAAK,GAAL,KAAK,CAAqD;QAC1D,iBAAY,GAAZ,YAAY,CAA8D;IACjF,CAAC;IACJ,KAAK,CAAC,UAA+C,EAAE,KAAa,EAAE,YAAqB;QAC1F,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC/B,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC;gBACA,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBAC/E,EAAE,CAAC,GAAG,YAAY,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE;gBACxD,EAAE,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,UAAU,EAAE;gBAC5C,EAAE,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE;aACtB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IACD,eAAe,CAAC,UAAkB;QACjC,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9C,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,KAAK,IAAI,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CACzE,CAAA;IACF,CAAC;IAoBD,MAAM,CAAC,KAAK,CAAC,YAAY,CACxB,MAAoF,EACpF,UAA+C,EAC/C,QAAY,EACZ,MAAc,SAAS,EACvB,SAAgC,WAAW,EAC3C,MAAwB,EACxB,KAAwD;QAExD,IAAI,MAA+C,CAAA;QACnD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACjE,IAAI,CAAC,QAAQ;YACZ,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAA;aAC9D,CAAC;YACL,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACvD,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAC5B,QAAQ,EACR,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3G,QAAQ,CAAC,KAAK,CAAU,EACzB,CAAC,QAAQ,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAW,CACxD,CAAA;YACD,MAAM,WAAW,GAAG,CACnB,KAA2B,EAGf,EAAE,CACd,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC1D,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;YAC1D,IAAI,QAAQ,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC;gBACvD,MAAM,GAAG,QAAQ,CAAA;iBACb,IAAI,MAAM,KAAK,WAAW;gBAC9B,MAAM,GAAG,SAAS,CAAA;iBACd,CAAC;gBACL,MAAM,MAAM,EAAE,KAAK,CAAC,IAAI,CACvB,eAAe,EACf,kCAAkC,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,QAAQ,EAAE,CAClF,CAAA;gBACD,OAAO,CAAC,GAAG,CACV,QAAQ,CAAC,GAAG,CAAC,KAAK,EAClB,gCAAgC,EAChC,MAAM,EAAE,MAAM,CAAC,WAAW,EAAE,EAC5B,MAAM,EAAE,QAAQ,CAChB,CAAA;gBACD,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;YACpC,CAAC;QACF,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,MAAM,CAClB,aAAiC,EACjC,MAAc,SAAS,EACvB,KAAwD;QAExD,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAA;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;QACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,QAAyB,CAAA;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,IAAI,aAAa,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC/C,QAAQ,GAAG,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACvD,CAAC;;YACA,QAAQ,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;QAChD,OAAO,QAAQ,CAAA;IAChB,CAAC;IACD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAuB,EAAE,MAAc,SAAS;QACrE,IAAI,MAAyB,CAAA;QAC7B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC;YAChE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAA;QACZ,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1C,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC5E,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACrC,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAA;aACnB,CAAC;YACL,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAM,GAAG,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,CAAA;YAC3F,MAAM,MAAM,GAAG,QAAQ,IAAI,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAA;YACnE,MAAM;gBACL,MAAM;oBACN,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QAC7G,CAAC;QACD,OAAO,MAAM,CAAA;IACd,CAAC;IACD,MAAM,CAAC,SAAS,CAAC,WAA4B;QAC5C,OAAO;YACN,GAAG,IAAI,GAAG,CACT,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG;gBACtD,CAAC,CAAC,KAAK,CAAC,MAAM;gBACd,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAC3C,CACD;SACD,CAAA;IACF,CAAC;CACD;AAkBD,MAAM,SAAS,GACd,kuBAAkuB,CAAA"}
package/dist/mjs/User/Identity.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  import { gracely } from "gracely";
2
+ import { storage } from "cloudly-storage";
2
3
  import { Realm } from "../Realm";
3
4
  import { Access } from "./Access";
4
5
  import { JWT } from "./JWT";
@@ -8,8 +9,8 @@ export declare class Identity {
8
9
  get realm(): Realm;
9
10
  constructor(payload: JWT.Payload, jwt: string);
10
11
  authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
11
- static open(authorization: string | undefined, options: {
12
- whitelist?: JWT.Whitelist;
12
+ static open(authorization: string | undefined, options?: {
13
+ store?: storage.KeyValueStore<JWT.Payload.LongTerm>;
13
14
  key?: string;
14
15
  }): Promise<Identity | gracely.Error>;
15
16
  }
package/dist/mjs/User/Identity.js CHANGED
@@ -21,7 +21,7 @@ export class Identity {
21
21
  }
22
22
  static async open(authorization, options) {
23
23
  const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
24
- const payload = jwt ? await JWT.open({ public: options.key }, options.whitelist).verify(jwt) : undefined;
24
+ const payload = jwt ? await JWT.open({ public: options?.key }, options?.store).verify(jwt) : undefined;
25
25
  return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized();
26
26
  }
27
27
  }
package/dist/mjs/User/Identity.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAEjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAAoD;QAEpD,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACxG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD"}
1
+ {"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAGjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAIQ;IAAsC;IAHlE,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YAA4B,OAAoB,EAAkB,GAAW;QAAjD,YAAO,GAAP,OAAO,CAAa;QAAkB,QAAG,GAAH,GAAG,CAAQ;IAAG,CAAC;IAEjF,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;YAC5B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;;YAEpD,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAA+E;QAE/E,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACtG,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD"}
package/dist/mjs/User/JWT/index.d.ts CHANGED
@@ -1,10 +1,10 @@
1
- import { Realm } from "../../Realm";
1
+ import { storage } from "cloudly-storage";
2
2
  import { Payload as JWTPayload } from "./Payload";
3
3
  import { Signer as JWTSigner } from "./Signer";
4
4
  export declare class JWT {
5
5
  #private;
6
6
  private readonly key?;
7
- readonly whitelist?: JWT.Whitelist | undefined;
7
+ private readonly store?;
8
8
  private get verifier();
9
9
  private get signer();
10
10
  get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
@@ -14,12 +14,10 @@ export declare class JWT {
14
14
  static open(key?: {
15
15
  private?: string;
16
16
  public?: string;
17
- }, whitelist?: JWT.Whitelist): JWT;
17
+ }, store?: storage.KeyValueStore<JWT.Payload.LongTerm>): JWT;
18
18
  }
19
19
  export declare namespace JWT {
20
20
  export import Signer = JWTSigner;
21
- const whitelist: Partial<Record<"test" | "uk" | "eea", Payload.LongTerm[]>>;
22
- type Whitelist = Partial<Record<Realm, Payload.LongTerm[]>>;
23
21
  function unpack(token: string): Promise<JWT.Payload | undefined>;
24
22
  export import Payload = JWTPayload;
25
23
  const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
package/dist/mjs/User/JWT/index.js CHANGED
@@ -1,10 +1,9 @@
1
1
  import { authly } from "authly";
2
2
  import { Payload as JWTPayload } from "./Payload";
3
3
  import { Signer as JWTSigner } from "./Signer";
4
- import { whitelist as JWTwhitelist } from "./whitelist";
5
4
  export class JWT {
6
5
  key;
7
- whitelist;
6
+ store;
8
7
  #verifier;
9
8
  get verifier() {
10
9
  if (!this.#verifier && this.key?.public) {
@@ -20,16 +19,16 @@ export class JWT {
20
19
  get sign() {
21
20
  return this.signer?.sign;
22
21
  }
23
- constructor(key, whitelist) {
22
+ constructor(key, store) {
24
23
  this.key = key;
25
- this.whitelist = whitelist;
24
+ this.store = store;
26
25
  }
27
26
  async verify(token) {
28
27
  const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
29
28
  delete verified?.token;
30
29
  return JWT.Payload.type.is(verified) &&
31
30
  verified?.iss == JWT.Payload.configuration.iss &&
32
- (verified.exp || (verified.id && this.whitelist?.[verified.realm]?.some(e => e.id === verified.id)))
31
+ (verified.exp || (verified.id && (await this.store?.get(verified.id).then(s => s?.value))))
33
32
  ? verified
34
33
  : undefined;
35
34
  }
@@ -38,13 +37,12 @@ export class JWT {
38
37
  delete unpacked?.token;
39
38
  return unpacked;
40
39
  }
41
- static open(key, whitelist) {
42
- return new this({ private: key?.private, public: key?.public ?? JWT.key }, whitelist ?? JWT.whitelist);
40
+ static open(key, store) {
41
+ return new this({ private: key?.private, public: key?.public ?? JWT.key }, store);
43
42
  }
44
43
  }
45
44
  (function (JWT) {
46
45
  JWT.Signer = JWTSigner;
47
- JWT.whitelist = JWTwhitelist;
48
46
  async function unpack(token) {
49
47
  const algorithm = authly.Algorithm.RS256(undefined);
50
48
  const verifier = algorithm ? authly.Verifier.create(algorithm) : undefined;
package/dist/mjs/User/JWT/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAC9C,OAAO,EAAE,SAAS,IAAI,YAAY,EAAE,MAAM,aAAa,CAAA;AAEvD,MAAM,OAAO,GAAG;IAiBG;IACR;IAjBV,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EACnD,SAAyB;QADjB,QAAG,GAAH,GAAG,CAAwC;QACnD,cAAS,GAAT,SAAS,CAAgB;IAChC,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YACpG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,SAAyB;QACjF,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,SAAS,IAAI,GAAG,CAAC,SAAS,CAAC,CAAA;IACvG,CAAC;CACD;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,SAAS,CAAA;IACnB,aAAS,GAAG,YAAY,CAAA;IAE9B,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,UAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAZgB,GAAG,KAAH,GAAG,QAYnB"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAE/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAE9C,MAAM,OAAO,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,KAAmD;QADnD,QAAG,GAAH,GAAG,CAAwC;QAC3C,UAAK,GAAL,KAAK,CAA8C;IAClE,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,EAAE,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC9C,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YACrG,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,GAA2C,EAAE,KAAmD;QAC3G,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,SAAS,CAAA;IACzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,UAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAVgB,GAAG,KAAH,GAAG,QAUnB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pax2pay/model-banking",
3
- "version": "0.1.555",
3
+ "version": "0.1.556",
4
4
  "description": "Library containing data model types and functions for the Pax2Pay Banking API.",
5
5
  "author": "Pax2Pay Ltd",
6
6
  "license": "MIT",
package/User/JWT/whitelist.ts DELETED
@@ -1,31 +0,0 @@
1
- import type { JWT } from "./index"
2
-
3
- export const whitelist: JWT.Whitelist = {
4
- test: [
5
- {
6
- aud: "https://banking.pax2pay.app",
7
- iat: 1751283567,
8
- // cSpell:disable-next-line
9
- id: "UUwLn9rhcf8AoRuG",
10
- iss: "pax2pay",
11
- permission: {},
12
- realm: "test",
13
- sub: "Test",
14
- },
15
- ],
16
- uk: [
17
- {
18
- iss: "pax2pay",
19
- iat: 1756819776,
20
- aud: "https://banking.pax2pay.app",
21
- id: "CcDi3PUCw4suTL0h",
22
- sub: "poms",
23
- permission: {
24
- card: "write",
25
- organization: "write",
26
- transaction: "write",
27
- },
28
- realm: "uk",
29
- },
30
- ],
31
- }
package/dist/cjs/User/JWT/whitelist.d.ts DELETED
@@ -1,2 +0,0 @@
1
- import type { JWT } from "./index";
2
- export declare const whitelist: JWT.Whitelist;
package/dist/cjs/User/JWT/whitelist.js DELETED
@@ -1,32 +0,0 @@
1
- "use strict";
2
- Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.whitelist = void 0;
4
- exports.whitelist = {
5
- test: [
6
- {
7
- aud: "https://banking.pax2pay.app",
8
- iat: 1751283567,
9
- id: "UUwLn9rhcf8AoRuG",
10
- iss: "pax2pay",
11
- permission: {},
12
- realm: "test",
13
- sub: "Test",
14
- },
15
- ],
16
- uk: [
17
- {
18
- iss: "pax2pay",
19
- iat: 1756819776,
20
- aud: "https://banking.pax2pay.app",
21
- id: "CcDi3PUCw4suTL0h",
22
- sub: "poms",
23
- permission: {
24
- card: "write",
25
- organization: "write",
26
- transaction: "write",
27
- },
28
- realm: "uk",
29
- },
30
- ],
31
- };
32
- //# sourceMappingURL=whitelist.js.map
package/dist/cjs/User/JWT/whitelist.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../../../../User/JWT/whitelist.ts"],"names":[],"mappings":";;;AAEa,QAAA,SAAS,GAAkB;IACvC,IAAI,EAAE;QACL;YACC,GAAG,EAAE,6BAA6B;YAClC,GAAG,EAAE,UAAU;YAEf,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,SAAS;YACd,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,MAAM;SACX;KACD;IACD,EAAE,EAAE;QACH;YACC,GAAG,EAAE,SAAS;YACd,GAAG,EAAE,UAAU;YACf,GAAG,EAAE,6BAA6B;YAClC,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,MAAM;YACX,UAAU,EAAE;gBACX,IAAI,EAAE,OAAO;gBACb,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,OAAO;aACpB;YACD,KAAK,EAAE,IAAI;SACX;KACD;CACD,CAAA"}
package/dist/mjs/User/JWT/whitelist.d.ts DELETED
@@ -1,2 +0,0 @@
1
- import type { JWT } from "./index";
2
- export declare const whitelist: JWT.Whitelist;
package/dist/mjs/User/JWT/whitelist.js DELETED
@@ -1,29 +0,0 @@
1
- export const whitelist = {
2
- test: [
3
- {
4
- aud: "https://banking.pax2pay.app",
5
- iat: 1751283567,
6
- id: "UUwLn9rhcf8AoRuG",
7
- iss: "pax2pay",
8
- permission: {},
9
- realm: "test",
10
- sub: "Test",
11
- },
12
- ],
13
- uk: [
14
- {
15
- iss: "pax2pay",
16
- iat: 1756819776,
17
- aud: "https://banking.pax2pay.app",
18
- id: "CcDi3PUCw4suTL0h",
19
- sub: "poms",
20
- permission: {
21
- card: "write",
22
- organization: "write",
23
- transaction: "write",
24
- },
25
- realm: "uk",
26
- },
27
- ],
28
- };
29
- //# sourceMappingURL=whitelist.js.map
package/dist/mjs/User/JWT/whitelist.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"whitelist.js","sourceRoot":"","sources":["../../../../User/JWT/whitelist.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,SAAS,GAAkB;IACvC,IAAI,EAAE;QACL;YACC,GAAG,EAAE,6BAA6B;YAClC,GAAG,EAAE,UAAU;YAEf,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,SAAS;YACd,UAAU,EAAE,EAAE;YACd,KAAK,EAAE,MAAM;YACb,GAAG,EAAE,MAAM;SACX;KACD;IACD,EAAE,EAAE;QACH;YACC,GAAG,EAAE,SAAS;YACd,GAAG,EAAE,UAAU;YACf,GAAG,EAAE,6BAA6B;YAClC,EAAE,EAAE,kBAAkB;YACtB,GAAG,EAAE,MAAM;YACX,UAAU,EAAE;gBACX,IAAI,EAAE,OAAO;gBACb,YAAY,EAAE,OAAO;gBACrB,WAAW,EAAE,OAAO;aACpB;YACD,KAAK,EAAE,IAAI;SACX;KACD;CACD,CAAA"}