@pax2pay/model-banking 0.1.637 → 0.1.639
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/MCCPolicy/Creatable.ts +2 -2
- package/MCCPolicy/index.ts +1 -1
- package/User/Identity.ts +2 -3
- package/User/JWT/index.ts +7 -4
- package/dist/cjs/MCCPolicy/Creatable.d.ts +1 -1
- package/dist/cjs/MCCPolicy/Creatable.js +1 -1
- package/dist/cjs/MCCPolicy/Creatable.js.map +1 -1
- package/dist/cjs/MCCPolicy/index.js +1 -1
- package/dist/cjs/MCCPolicy/index.js.map +1 -1
- package/dist/cjs/User/Identity.d.ts +1 -2
- package/dist/cjs/User/Identity.js +1 -1
- package/dist/cjs/User/Identity.js.map +1 -1
- package/dist/cjs/User/JWT/index.d.ts +3 -3
- package/dist/cjs/User/JWT/index.js +4 -4
- package/dist/cjs/User/JWT/index.js.map +1 -1
- package/dist/mjs/MCCPolicy/Creatable.d.ts +1 -1
- package/dist/mjs/MCCPolicy/Creatable.js +1 -1
- package/dist/mjs/MCCPolicy/Creatable.js.map +1 -1
- package/dist/mjs/MCCPolicy/index.js +1 -1
- package/dist/mjs/MCCPolicy/index.js.map +1 -1
- package/dist/mjs/User/Identity.d.ts +1 -2
- package/dist/mjs/User/Identity.js +1 -1
- package/dist/mjs/User/Identity.js.map +1 -1
- package/dist/mjs/User/JWT/index.d.ts +3 -3
- package/dist/mjs/User/JWT/index.js +4 -4
- package/dist/mjs/User/JWT/index.js.map +1 -1
- package/package.json +1 -15
package/MCCPolicy/Creatable.ts
CHANGED
|
@@ -8,7 +8,7 @@ export interface Creatable {
|
|
|
8
8
|
name: string
|
|
9
9
|
description?: string
|
|
10
10
|
stacks?: Card.Stack[]
|
|
11
|
-
|
|
11
|
+
organization?: string
|
|
12
12
|
group: Group
|
|
13
13
|
}
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ export namespace Creatable {
|
|
|
17
17
|
action: Action.type,
|
|
18
18
|
name: isly.string(),
|
|
19
19
|
description: isly.string().optional(),
|
|
20
|
-
|
|
20
|
+
organization: isly.string().optional(),
|
|
21
21
|
stacks: Card.Stack.type.array().optional(),
|
|
22
22
|
group: Group.type,
|
|
23
23
|
})
|
package/MCCPolicy/index.ts
CHANGED
|
@@ -31,7 +31,7 @@ export namespace MCCPolicy {
|
|
|
31
31
|
export function match(policy: MCCPolicy, transaction: TransactionInput): boolean {
|
|
32
32
|
const stack = transaction.cardPreset ? Card.Preset.presets[transaction.cardPreset] : undefined
|
|
33
33
|
const stackMatches = !policy.stacks || (!!stack && policy.stacks.includes(stack))
|
|
34
|
-
const orgMatches =
|
|
34
|
+
const orgMatches = policy.organization == undefined || (!!transaction.org && policy.organization == transaction.org)
|
|
35
35
|
return !!transaction.category && stackMatches && orgMatches && Group.within(policy.group, transaction.category)
|
|
36
36
|
}
|
|
37
37
|
export function resolve(policies: MCCPolicy[], transaction: TransactionInput): MCCPolicy[] {
|
package/User/Identity.ts
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { gracely } from "gracely"
|
|
2
|
-
import { storage } from "cloudly-storage"
|
|
3
2
|
import { Realm } from "../Realm"
|
|
4
3
|
import { Access } from "./Access"
|
|
5
4
|
import { JWT } from "./JWT"
|
|
@@ -26,10 +25,10 @@ export class Identity {
|
|
|
26
25
|
/** Key will default to production jwt verification key */
|
|
27
26
|
static async open(
|
|
28
27
|
authorization: string | undefined,
|
|
29
|
-
options?: {
|
|
28
|
+
options?: { longTermTokenGetter?: JWT.LongTermTokenGetter; key?: string }
|
|
30
29
|
): Promise<Identity | gracely.Error> {
|
|
31
30
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined
|
|
32
|
-
const payload = jwt ? await JWT.open({ public: options?.key }, options?.
|
|
31
|
+
const payload = jwt ? await JWT.open({ public: options?.key }, options?.longTermTokenGetter).verify(jwt) : undefined
|
|
33
32
|
return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized()
|
|
34
33
|
}
|
|
35
34
|
}
|
package/User/JWT/index.ts
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { authly } from "authly"
|
|
2
|
-
import { storage } from "cloudly-storage"
|
|
3
2
|
import { Payload as JWTPayload } from "./Payload"
|
|
4
3
|
import { Signer as JWTSigner } from "./Signer"
|
|
5
4
|
|
|
@@ -21,7 +20,7 @@ export class JWT {
|
|
|
21
20
|
}
|
|
22
21
|
private constructor(
|
|
23
22
|
private readonly key?: { public?: string; private?: string },
|
|
24
|
-
private readonly
|
|
23
|
+
private readonly longTermTokenGetter?: JWT.LongTermTokenGetter
|
|
25
24
|
) {}
|
|
26
25
|
|
|
27
26
|
async verify(token: string): Promise<JWT.Payload | undefined> {
|
|
@@ -29,7 +28,7 @@ export class JWT {
|
|
|
29
28
|
delete verified?.token
|
|
30
29
|
return JWT.Payload.type.is(verified) &&
|
|
31
30
|
verified.iss == JWT.Payload.configuration.iss &&
|
|
32
|
-
("exp" in verified || (await this.
|
|
31
|
+
("exp" in verified || (await this.longTermTokenGetter?.(verified.id)))
|
|
33
32
|
? verified
|
|
34
33
|
: undefined
|
|
35
34
|
}
|
|
@@ -39,12 +38,16 @@ export class JWT {
|
|
|
39
38
|
return unpacked
|
|
40
39
|
}
|
|
41
40
|
|
|
42
|
-
static open(
|
|
41
|
+
static open(
|
|
42
|
+
key?: { private?: string; public?: string },
|
|
43
|
+
store?: (id: string) => Promise<JWT.Payload.LongTerm | undefined>
|
|
44
|
+
): JWT {
|
|
43
45
|
return new this({ private: key?.private, public: key?.public ?? JWT.key }, store)
|
|
44
46
|
}
|
|
45
47
|
}
|
|
46
48
|
export namespace JWT {
|
|
47
49
|
export import Signer = JWTSigner
|
|
50
|
+
export type LongTermTokenGetter = (id: string) => Promise<JWT.Payload.LongTerm | undefined>
|
|
48
51
|
export async function unpack(token: string): Promise<JWT.Payload | undefined> {
|
|
49
52
|
const algorithm = authly.Algorithm.RS256(undefined)
|
|
50
53
|
const verifier = algorithm ? authly.Verifier.create<JWT.Payload>(algorithm) : undefined
|
|
@@ -11,7 +11,7 @@ var Creatable;
|
|
|
11
11
|
action: Action_1.Action.type,
|
|
12
12
|
name: isly_1.isly.string(),
|
|
13
13
|
description: isly_1.isly.string().optional(),
|
|
14
|
-
|
|
14
|
+
organization: isly_1.isly.string().optional(),
|
|
15
15
|
stacks: Card_1.Card.Stack.type.array().optional(),
|
|
16
16
|
group: Group_1.Group.type,
|
|
17
17
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Creatable.js","sourceRoot":"","sources":["../../../MCCPolicy/Creatable.ts"],"names":[],"mappings":";;;AAAA,+BAA2B;AAC3B,kCAA8B;AAC9B,qCAAiC;AACjC,mCAA+B;AAW/B,IAAiB,SAAS,CASzB;AATD,WAAiB,SAAS;IACZ,cAAI,GAAG,WAAI,CAAC,MAAM,CAAY;QAC1C,MAAM,EAAE,eAAM,CAAC,IAAI;QACnB,IAAI,EAAE,WAAI,CAAC,MAAM,EAAE;QACnB,WAAW,EAAE,WAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACrC,
|
|
1
|
+
{"version":3,"file":"Creatable.js","sourceRoot":"","sources":["../../../MCCPolicy/Creatable.ts"],"names":[],"mappings":";;;AAAA,+BAA2B;AAC3B,kCAA8B;AAC9B,qCAAiC;AACjC,mCAA+B;AAW/B,IAAiB,SAAS,CASzB;AATD,WAAiB,SAAS;IACZ,cAAI,GAAG,WAAI,CAAC,MAAM,CAAY;QAC1C,MAAM,EAAE,eAAM,CAAC,IAAI;QACnB,IAAI,EAAE,WAAI,CAAC,MAAM,EAAE;QACnB,WAAW,EAAE,WAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACrC,YAAY,EAAE,WAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACtC,MAAM,EAAE,WAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC1C,KAAK,EAAE,aAAK,CAAC,IAAI;KACjB,CAAC,CAAA;AACH,CAAC,EATgB,SAAS,yBAAT,SAAS,QASzB"}
|
|
@@ -26,7 +26,7 @@ var MCCPolicy;
|
|
|
26
26
|
function match(policy, transaction) {
|
|
27
27
|
const stack = transaction.cardPreset ? Card_1.Card.Preset.presets[transaction.cardPreset] : undefined;
|
|
28
28
|
const stackMatches = !policy.stacks || (!!stack && policy.stacks.includes(stack));
|
|
29
|
-
const orgMatches =
|
|
29
|
+
const orgMatches = policy.organization == undefined || (!!transaction.org && policy.organization == transaction.org);
|
|
30
30
|
return !!transaction.category && stackMatches && orgMatches && MCCPolicy.Group.within(policy.group, transaction.category);
|
|
31
31
|
}
|
|
32
32
|
MCCPolicy.match = match;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../MCCPolicy/index.ts"],"names":[],"mappings":";;;AAAA,iCAA6B;AAC7B,+BAA2B;AAC3B,kCAA8B;AAE9B,oCAAgC;AAChC,qCAA8C;AAC9C,2CAA6D;AAC7D,mCAA2C;AAC3C,6CAAgE;AAChE,2CAA6D;AAQ7D,IAAiB,SAAS,CA6BzB;AA7BD,WAAiB,SAAS;IACX,mBAAS,GAAG,qBAAkB,CAAA;IAC9B,mBAAS,GAAG,qBAAkB,CAAA;IAC9B,oBAAU,GAAG,uBAAmB,CAAA;IAChC,gBAAM,GAAG,eAAS,CAAA;IAClB,eAAK,GAAG,aAAQ,CAAA;IAEjB,cAAI,GAAG,UAAA,SAAS,CAAC,IAAI,CAAC,MAAM,CAAY;QACpD,EAAE,EAAE,WAAI,CAAC,MAAM,EAAE;QACjB,KAAK,EAAE,aAAK,CAAC,IAAI;QACjB,OAAO,EAAE,WAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,OAAO,EAAE,WAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;KACzD,CAAC,CAAA;IACF,SAAgB,KAAK,CAAC,MAAiB,EAAE,WAA6B;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,WAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC9F,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;QACjF,MAAM,UAAU,GAAG,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../MCCPolicy/index.ts"],"names":[],"mappings":";;;AAAA,iCAA6B;AAC7B,+BAA2B;AAC3B,kCAA8B;AAE9B,oCAAgC;AAChC,qCAA8C;AAC9C,2CAA6D;AAC7D,mCAA2C;AAC3C,6CAAgE;AAChE,2CAA6D;AAQ7D,IAAiB,SAAS,CA6BzB;AA7BD,WAAiB,SAAS;IACX,mBAAS,GAAG,qBAAkB,CAAA;IAC9B,mBAAS,GAAG,qBAAkB,CAAA;IAC9B,oBAAU,GAAG,uBAAmB,CAAA;IAChC,gBAAM,GAAG,eAAS,CAAA;IAClB,eAAK,GAAG,aAAQ,CAAA;IAEjB,cAAI,GAAG,UAAA,SAAS,CAAC,IAAI,CAAC,MAAM,CAAY;QACpD,EAAE,EAAE,WAAI,CAAC,MAAM,EAAE;QACjB,KAAK,EAAE,aAAK,CAAC,IAAI;QACjB,OAAO,EAAE,WAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,OAAO,EAAE,WAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,aAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;KACzD,CAAC,CAAA;IACF,SAAgB,KAAK,CAAC,MAAiB,EAAE,WAA6B;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,WAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC9F,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;QACjF,MAAM,UAAU,GAAG,MAAM,CAAC,YAAY,IAAI,SAAS,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,GAAG,CAAC,CAAA;QACpH,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,YAAY,IAAI,UAAU,IAAI,UAAA,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAA;IAChH,CAAC;IALe,eAAK,QAKpB,CAAA;IACD,SAAgB,OAAO,CAAC,QAAqB,EAAE,WAA6B;QAC3E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAA;QACxD,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;QACxE,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAA;QACxD,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;IAChG,CAAC;IALe,iBAAO,UAKtB,CAAA;IACD,SAAgB,SAAS,CAAC,QAAqB,EAAE,WAA6B;QAC7E,MAAM,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;QAC/C,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;IACrD,CAAC;IAHe,mBAAS,YAGxB,CAAA;AACF,CAAC,EA7BgB,SAAS,yBAAT,SAAS,QA6BzB"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
-
import { storage } from "cloudly-storage";
|
|
3
2
|
import { Realm } from "../Realm";
|
|
4
3
|
import { Access } from "./Access";
|
|
5
4
|
import { JWT } from "./JWT";
|
|
@@ -10,7 +9,7 @@ export declare class Identity {
|
|
|
10
9
|
constructor(payload: JWT.Payload, jwt: string);
|
|
11
10
|
authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
|
|
12
11
|
static open(authorization: string | undefined, options?: {
|
|
13
|
-
|
|
12
|
+
longTermTokenGetter?: JWT.LongTermTokenGetter;
|
|
14
13
|
key?: string;
|
|
15
14
|
}): Promise<Identity | gracely.Error>;
|
|
16
15
|
}
|
|
@@ -26,7 +26,7 @@ class Identity {
|
|
|
26
26
|
}
|
|
27
27
|
static async open(authorization, options) {
|
|
28
28
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
|
|
29
|
-
const payload = jwt ? await JWT_1.JWT.open({ public: options?.key }, options?.
|
|
29
|
+
const payload = jwt ? await JWT_1.JWT.open({ public: options?.key }, options?.longTermTokenGetter).verify(jwt) : undefined;
|
|
30
30
|
return jwt && payload ? new Identity(payload, jwt) : gracely_1.gracely.client.unauthorized();
|
|
31
31
|
}
|
|
32
32
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":";;;AAAA,qCAAiC;AAEjC,qCAAiC;AACjC,+BAA2B;AAE3B,MAAa,QAAQ;IAKH;IACA;IALjB,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YACiB,OAAoB,EACpB,GAAW;QADX,YAAO,GAAP,OAAO,CAAa;QACpB,QAAG,GAAH,GAAG,CAAQ;IACzB,CAAC;IAEJ,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACP,OAAO,GAAG,eAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,CAAC;QACD,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAAyE;QAEzE,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,SAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpH,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD;AA5BD,4BA4BC"}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
|
-
import { storage } from "cloudly-storage";
|
|
2
1
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
2
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
3
|
export declare class JWT {
|
|
5
4
|
#private;
|
|
6
5
|
private readonly key?;
|
|
7
|
-
private readonly
|
|
6
|
+
private readonly longTermTokenGetter?;
|
|
8
7
|
private get verifier();
|
|
9
8
|
private get signer();
|
|
10
9
|
get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
|
|
@@ -14,10 +13,11 @@ export declare class JWT {
|
|
|
14
13
|
static open(key?: {
|
|
15
14
|
private?: string;
|
|
16
15
|
public?: string;
|
|
17
|
-
}, store?:
|
|
16
|
+
}, store?: (id: string) => Promise<JWT.Payload.LongTerm | undefined>): JWT;
|
|
18
17
|
}
|
|
19
18
|
export declare namespace JWT {
|
|
20
19
|
export import Signer = JWTSigner;
|
|
20
|
+
type LongTermTokenGetter = (id: string) => Promise<JWT.Payload.LongTerm | undefined>;
|
|
21
21
|
function unpack(token: string): Promise<JWT.Payload | undefined>;
|
|
22
22
|
export import Payload = JWTPayload;
|
|
23
23
|
const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
|
|
@@ -6,7 +6,7 @@ const Payload_1 = require("./Payload");
|
|
|
6
6
|
const Signer_1 = require("./Signer");
|
|
7
7
|
class JWT {
|
|
8
8
|
key;
|
|
9
|
-
|
|
9
|
+
longTermTokenGetter;
|
|
10
10
|
#verifier;
|
|
11
11
|
get verifier() {
|
|
12
12
|
if (!this.#verifier && this.key?.public) {
|
|
@@ -22,16 +22,16 @@ class JWT {
|
|
|
22
22
|
get sign() {
|
|
23
23
|
return this.signer?.sign;
|
|
24
24
|
}
|
|
25
|
-
constructor(key,
|
|
25
|
+
constructor(key, longTermTokenGetter) {
|
|
26
26
|
this.key = key;
|
|
27
|
-
this.
|
|
27
|
+
this.longTermTokenGetter = longTermTokenGetter;
|
|
28
28
|
}
|
|
29
29
|
async verify(token) {
|
|
30
30
|
const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
|
|
31
31
|
delete verified?.token;
|
|
32
32
|
return JWT.Payload.type.is(verified) &&
|
|
33
33
|
verified.iss == JWT.Payload.configuration.iss &&
|
|
34
|
-
("exp" in verified || (await this.
|
|
34
|
+
("exp" in verified || (await this.longTermTokenGetter?.(verified.id)))
|
|
35
35
|
? verified
|
|
36
36
|
: undefined;
|
|
37
37
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":";;;AAAA,mCAA+B;AAC/B,uCAAiD;AACjD,qCAA8C;AAE9C,MAAa,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,eAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,mBAA6C;QAD7C,QAAG,GAAH,GAAG,CAAwC;QAC3C,wBAAmB,GAAnB,mBAAmB,CAA0B;IAC5D,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC7C,CAAC,KAAK,IAAI,QAAQ,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YACtE,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CACV,GAA2C,EAC3C,KAAiE;QAEjE,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AA1CD,kBA0CC;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,eAAS,CAAA;IAEzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,eAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,eAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,iBAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAXgB,GAAG,mBAAH,GAAG,QAWnB"}
|
|
@@ -8,7 +8,7 @@ export var Creatable;
|
|
|
8
8
|
action: Action.type,
|
|
9
9
|
name: isly.string(),
|
|
10
10
|
description: isly.string().optional(),
|
|
11
|
-
|
|
11
|
+
organization: isly.string().optional(),
|
|
12
12
|
stacks: Card.Stack.type.array().optional(),
|
|
13
13
|
group: Group.type,
|
|
14
14
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Creatable.js","sourceRoot":"","sources":["../../../MCCPolicy/Creatable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAC9B,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAW/B,MAAM,KAAW,SAAS,CASzB;AATD,WAAiB,SAAS;IACZ,cAAI,GAAG,IAAI,CAAC,MAAM,CAAY;QAC1C,MAAM,EAAE,MAAM,CAAC,IAAI;QACnB,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;QACnB,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACrC,
|
|
1
|
+
{"version":3,"file":"Creatable.js","sourceRoot":"","sources":["../../../MCCPolicy/Creatable.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAC9B,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,KAAK,EAAE,MAAM,SAAS,CAAA;AAW/B,MAAM,KAAW,SAAS,CASzB;AATD,WAAiB,SAAS;IACZ,cAAI,GAAG,IAAI,CAAC,MAAM,CAAY;QAC1C,MAAM,EAAE,MAAM,CAAC,IAAI;QACnB,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE;QACnB,WAAW,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACrC,YAAY,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACtC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE;QAC1C,KAAK,EAAE,KAAK,CAAC,IAAI;KACjB,CAAC,CAAA;AACH,CAAC,EATgB,SAAS,KAAT,SAAS,QASzB"}
|
|
@@ -23,7 +23,7 @@ export var MCCPolicy;
|
|
|
23
23
|
function match(policy, transaction) {
|
|
24
24
|
const stack = transaction.cardPreset ? Card.Preset.presets[transaction.cardPreset] : undefined;
|
|
25
25
|
const stackMatches = !policy.stacks || (!!stack && policy.stacks.includes(stack));
|
|
26
|
-
const orgMatches =
|
|
26
|
+
const orgMatches = policy.organization == undefined || (!!transaction.org && policy.organization == transaction.org);
|
|
27
27
|
return !!transaction.category && stackMatches && orgMatches && MCCPolicy.Group.within(policy.group, transaction.category);
|
|
28
28
|
}
|
|
29
29
|
MCCPolicy.match = match;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../MCCPolicy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAE9B,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAA;AAChC,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAC9C,OAAO,EAAE,SAAS,IAAI,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAC7D,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,SAAS,CAAA;AAC3C,OAAO,EAAE,UAAU,IAAI,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAChE,OAAO,EAAE,SAAS,IAAI,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAQ7D,MAAM,KAAW,SAAS,CA6BzB;AA7BD,WAAiB,SAAS;IACX,mBAAS,GAAG,kBAAkB,CAAA;IAC9B,mBAAS,GAAG,kBAAkB,CAAA;IAC9B,oBAAU,GAAG,mBAAmB,CAAA;IAChC,gBAAM,GAAG,SAAS,CAAA;IAClB,eAAK,GAAG,QAAQ,CAAA;IAEjB,cAAI,GAAG,UAAA,SAAS,CAAC,IAAI,CAAC,MAAM,CAAY;QACpD,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE;QACjB,KAAK,EAAE,KAAK,CAAC,IAAI;QACjB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;KACzD,CAAC,CAAA;IACF,SAAgB,KAAK,CAAC,MAAiB,EAAE,WAA6B;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC9F,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;QACjF,MAAM,UAAU,GAAG,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../MCCPolicy/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAC7B,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,IAAI,EAAE,MAAM,SAAS,CAAA;AAE9B,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAA;AAChC,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAC9C,OAAO,EAAE,SAAS,IAAI,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAC7D,OAAO,EAAE,KAAK,IAAI,QAAQ,EAAE,MAAM,SAAS,CAAA;AAC3C,OAAO,EAAE,UAAU,IAAI,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAChE,OAAO,EAAE,SAAS,IAAI,kBAAkB,EAAE,MAAM,aAAa,CAAA;AAQ7D,MAAM,KAAW,SAAS,CA6BzB;AA7BD,WAAiB,SAAS;IACX,mBAAS,GAAG,kBAAkB,CAAA;IAC9B,mBAAS,GAAG,kBAAkB,CAAA;IAC9B,oBAAU,GAAG,mBAAmB,CAAA;IAChC,gBAAM,GAAG,SAAS,CAAA;IAClB,eAAK,GAAG,QAAQ,CAAA;IAEjB,cAAI,GAAG,UAAA,SAAS,CAAC,IAAI,CAAC,MAAM,CAAY;QACpD,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE;QACjB,KAAK,EAAE,KAAK,CAAC,IAAI;QACjB,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;KACzD,CAAC,CAAA;IACF,SAAgB,KAAK,CAAC,MAAiB,EAAE,WAA6B;QACrE,MAAM,KAAK,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC9F,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;QACjF,MAAM,UAAU,GAAG,MAAM,CAAC,YAAY,IAAI,SAAS,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,IAAI,MAAM,CAAC,YAAY,IAAI,WAAW,CAAC,GAAG,CAAC,CAAA;QACpH,OAAO,CAAC,CAAC,WAAW,CAAC,QAAQ,IAAI,YAAY,IAAI,UAAU,IAAI,UAAA,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,QAAQ,CAAC,CAAA;IAChH,CAAC;IALe,eAAK,QAKpB,CAAA;IACD,SAAgB,OAAO,CAAC,QAAqB,EAAE,WAA6B;QAC3E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAA;QACxD,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;QACxE,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAA;QACxD,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;IAChG,CAAC;IALe,iBAAO,UAKtB,CAAA;IACD,SAAgB,SAAS,CAAC,QAAqB,EAAE,WAA6B;QAC7E,MAAM,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;QAC/C,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;IACrD,CAAC;IAHe,mBAAS,YAGxB,CAAA;AACF,CAAC,EA7BgB,SAAS,KAAT,SAAS,QA6BzB"}
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import { gracely } from "gracely";
|
|
2
|
-
import { storage } from "cloudly-storage";
|
|
3
2
|
import { Realm } from "../Realm";
|
|
4
3
|
import { Access } from "./Access";
|
|
5
4
|
import { JWT } from "./JWT";
|
|
@@ -10,7 +9,7 @@ export declare class Identity {
|
|
|
10
9
|
constructor(payload: JWT.Payload, jwt: string);
|
|
11
10
|
authenticate(constraint: Access.Permission | Access.Permission[]): Identity | gracely.Error;
|
|
12
11
|
static open(authorization: string | undefined, options?: {
|
|
13
|
-
|
|
12
|
+
longTermTokenGetter?: JWT.LongTermTokenGetter;
|
|
14
13
|
key?: string;
|
|
15
14
|
}): Promise<Identity | gracely.Error>;
|
|
16
15
|
}
|
|
@@ -23,7 +23,7 @@ export class Identity {
|
|
|
23
23
|
}
|
|
24
24
|
static async open(authorization, options) {
|
|
25
25
|
const jwt = authorization?.startsWith("Bearer ") ? authorization.replace("Bearer ", "") : undefined;
|
|
26
|
-
const payload = jwt ? await JWT.open({ public: options?.key }, options?.
|
|
26
|
+
const payload = jwt ? await JWT.open({ public: options?.key }, options?.longTermTokenGetter).verify(jwt) : undefined;
|
|
27
27
|
return jwt && payload ? new Identity(payload, jwt) : gracely.client.unauthorized();
|
|
28
28
|
}
|
|
29
29
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;
|
|
1
|
+
{"version":3,"file":"Identity.js","sourceRoot":"","sources":["../../../User/Identity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAEjC,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAA;AACjC,OAAO,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAE3B,MAAM,OAAO,QAAQ;IAKH;IACA;IALjB,IAAI,KAAK;QACR,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,CAAA;IAC1B,CAAC;IACD,YACiB,OAAoB,EACpB,GAAW;QADX,YAAO,GAAP,OAAO,CAAa;QACpB,QAAG,GAAH,GAAG,CAAQ;IACzB,CAAC;IAEJ,YAAY,CAAC,UAAmD;QAC/D,IAAI,OAAgB,CAAA;QACpB,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAA;QACrD,CAAC;aAAM,CAAC;YACP,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;QACvE,CAAC;QACD,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,CAAA;IACnD,CAAC;IAGD,MAAM,CAAC,KAAK,CAAC,IAAI,CAChB,aAAiC,EACjC,OAAyE;QAEzE,MAAM,GAAG,GAAG,aAAa,EAAE,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACnG,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,mBAAmB,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACpH,OAAO,GAAG,IAAI,OAAO,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;IACnF,CAAC;CACD"}
|
|
@@ -1,10 +1,9 @@
|
|
|
1
|
-
import { storage } from "cloudly-storage";
|
|
2
1
|
import { Payload as JWTPayload } from "./Payload";
|
|
3
2
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
3
|
export declare class JWT {
|
|
5
4
|
#private;
|
|
6
5
|
private readonly key?;
|
|
7
|
-
private readonly
|
|
6
|
+
private readonly longTermTokenGetter?;
|
|
8
7
|
private get verifier();
|
|
9
8
|
private get signer();
|
|
10
9
|
get sign(): ((data: JWTPayload.Creatable, duration?: number | "infinite") => Promise<string | undefined>) | undefined;
|
|
@@ -14,10 +13,11 @@ export declare class JWT {
|
|
|
14
13
|
static open(key?: {
|
|
15
14
|
private?: string;
|
|
16
15
|
public?: string;
|
|
17
|
-
}, store?:
|
|
16
|
+
}, store?: (id: string) => Promise<JWT.Payload.LongTerm | undefined>): JWT;
|
|
18
17
|
}
|
|
19
18
|
export declare namespace JWT {
|
|
20
19
|
export import Signer = JWTSigner;
|
|
20
|
+
type LongTermTokenGetter = (id: string) => Promise<JWT.Payload.LongTerm | undefined>;
|
|
21
21
|
function unpack(token: string): Promise<JWT.Payload | undefined>;
|
|
22
22
|
export import Payload = JWTPayload;
|
|
23
23
|
const key = "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA2W8CD2kpfS4QIRV2/rgm4NVvsvJsYNMHtnIl9ADvO3A81hAmRKvOAPVoXICe6+EuZ47jGjGL7f48GEoQuITfBPv/MosCDj1YhJ56ILDynCSd8FlxDrhv8pl5IquST7tcL6Hc6m+vuvoTLrFQ5QqNxv0a5eDd/YTrWv7SUuRfBEhYd/wMysGynN3QauHqy5ceBCt1nv1MJLGlSzczMRK7wjy1zi2g9NCHZBOoo1HXOpi727Xh+YXHc9EP2TN0oOXyxykv45nkGIDI0Qek3/pfkavClBffc1sEqA+rUx7YqRN9KGYxwLMLug+NOOh3ptqjfobXbR5fx/sUWhvcjUMTE1JreTrWYbGmVnjd/SeYSClfmGhdTBUfqnZbaABv0ruTXva18qRhP4y143vHMk/k8HzbuROTKAzrtEeLIjgwUgDcnE+JwDqcb8tKSGV6i++TiTldlSBCRTT4dK2hpHJje80b2abqtrbCkxbJlT98UsAAoiq2eW1X6lYmCfiGCJPkfswibQ2tPAKKNe/2xuHPsjx4FuXGmV0dbzmCwSIQoApXqOvKzoNFi6AaKIjxfNmiEigLwKpNrw08H0lVZbq/9MMxI3TzMTZjY9QmBKVLSGy3Z6IJqZpyK22lv7whJcllG0Qw8tv8+7wmC8SR3+4jpuxuFGZ+69CW+otx+CPMJjcCAwEAAQ==";
|
|
@@ -3,7 +3,7 @@ import { Payload as JWTPayload } from "./Payload";
|
|
|
3
3
|
import { Signer as JWTSigner } from "./Signer";
|
|
4
4
|
export class JWT {
|
|
5
5
|
key;
|
|
6
|
-
|
|
6
|
+
longTermTokenGetter;
|
|
7
7
|
#verifier;
|
|
8
8
|
get verifier() {
|
|
9
9
|
if (!this.#verifier && this.key?.public) {
|
|
@@ -19,16 +19,16 @@ export class JWT {
|
|
|
19
19
|
get sign() {
|
|
20
20
|
return this.signer?.sign;
|
|
21
21
|
}
|
|
22
|
-
constructor(key,
|
|
22
|
+
constructor(key, longTermTokenGetter) {
|
|
23
23
|
this.key = key;
|
|
24
|
-
this.
|
|
24
|
+
this.longTermTokenGetter = longTermTokenGetter;
|
|
25
25
|
}
|
|
26
26
|
async verify(token) {
|
|
27
27
|
const verified = await this.verifier?.verify(token, JWT.Payload.configuration.aud);
|
|
28
28
|
delete verified?.token;
|
|
29
29
|
return JWT.Payload.type.is(verified) &&
|
|
30
30
|
verified.iss == JWT.Payload.configuration.iss &&
|
|
31
|
-
("exp" in verified || (await this.
|
|
31
|
+
("exp" in verified || (await this.longTermTokenGetter?.(verified.id)))
|
|
32
32
|
? verified
|
|
33
33
|
: undefined;
|
|
34
34
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../User/JWT/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,EAAE,OAAO,IAAI,UAAU,EAAE,MAAM,WAAW,CAAA;AACjD,OAAO,EAAE,MAAM,IAAI,SAAS,EAAE,MAAM,UAAU,CAAA;AAE9C,MAAM,OAAO,GAAG;IAiBG;IACA;IAjBlB,SAAS,CAA+B;IACxC,IAAY,QAAQ;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,CAAC;YACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACzD,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAC3E,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAA;IACtB,CAAC;IACD,OAAO,CAAY;IACnB,IAAY,MAAM;QACjB,OAAO,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,KAAK,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnF,CAAC;IACD,IAAI,IAAI;QACP,OAAO,IAAI,CAAC,MAAM,EAAE,IAAI,CAAA;IACzB,CAAC;IACD,YACkB,GAA2C,EAC3C,mBAA6C;QAD7C,QAAG,GAAH,GAAG,CAAwC;QAC3C,wBAAmB,GAAnB,mBAAmB,CAA0B;IAC5D,CAAC;IAEJ,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QAClF,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;YACnC,QAAQ,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG;YAC7C,CAAC,KAAK,IAAI,QAAQ,IAAI,CAAC,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;YACtE,CAAC,CAAC,QAAQ;YACV,CAAC,CAAC,SAAS,CAAA;IACb,CAAC;IACD,KAAK,CAAC,MAAM,CAAC,KAAa;QACzB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;QACxC,OAAO,QAAQ,EAAE,KAAK,CAAA;QACtB,OAAO,QAAQ,CAAA;IAChB,CAAC;IAED,MAAM,CAAC,IAAI,CACV,GAA2C,EAC3C,KAAiE;QAEjE,OAAO,IAAI,IAAI,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,IAAI,GAAG,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,CAAA;IAClF,CAAC;CACD;AACD,WAAiB,GAAG;IACL,UAAM,GAAG,SAAS,CAAA;IAEzB,KAAK,UAAU,MAAM,CAAC,KAAa;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAc,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QACvF,OAAO,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,CAAA;IAC/B,CAAC;IAJqB,UAAM,SAI3B,CAAA;IACa,WAAO,GAAG,UAAU,CAAA;IACrB,OAAG,GACf,kuBAAkuB,CAAA;AACpuB,CAAC,EAXgB,GAAG,KAAH,GAAG,QAWnB"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@pax2pay/model-banking",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.639",
|
|
4
4
|
"description": "Library containing data model types and functions for the Pax2Pay Banking API.",
|
|
5
5
|
"author": "Pax2Pay Ltd",
|
|
6
6
|
"license": "MIT",
|
|
@@ -11,20 +11,6 @@
|
|
|
11
11
|
"homepage": "https://pax2pay.com",
|
|
12
12
|
"private": false,
|
|
13
13
|
"type": "module",
|
|
14
|
-
"module": "./dist/mjs/index.js",
|
|
15
|
-
"types": "./dist/types/index.d.ts",
|
|
16
|
-
"exports": {
|
|
17
|
-
".": {
|
|
18
|
-
"import": {
|
|
19
|
-
"types": "./dist/types/index.d.ts",
|
|
20
|
-
"default": "./dist/mjs/index.js"
|
|
21
|
-
},
|
|
22
|
-
"require": {
|
|
23
|
-
"types": "./dist/types/index.d.ts",
|
|
24
|
-
"default": "./dist/cjs/index.js"
|
|
25
|
-
}
|
|
26
|
-
}
|
|
27
|
-
},
|
|
28
14
|
"git": {
|
|
29
15
|
"tagName": "v${version}"
|
|
30
16
|
},
|