@plusscommunities/pluss-core-aws 2.0.25-auth.0 → 2.0.25-beta.0

package/package.json

@@ -1,42 +1,37 @@
 {
-  "name": "@plusscommunities/pluss-core-aws",
-  "version": "2.0.25-auth.0",
-  "description": "Core extension package for Pluss Communities platform",
-  "scripts": {
-    "betapatch": "npm version prepatch --preid=beta",
-    "patch": "npm version patch",
-    "betaupload": "npm i && npm i && npm publish --access public --tag beta",
-    "betaupload:p": "npm run betapatch && npm run betaupload",
-    "authpatch": "npm version prepatch --preid=auth",
-    "authupload": "npm i && npm i && npm publish --access public --tag auth",
-    "authupload:p": "npm run authpatch && npm run authupload",
-    "upload": "npm i && npm i && npm publish --access public",
-    "upload:p": "npm run patch && npm run upload"
-  },
-  "author": "Thorbjorn Kappel Davis",
-  "license": "ISC",
-  "dependencies": {
-    "@aws/dynamodb-auto-marshaller": "^0.7.1",
-    "amazon-cognito-identity-js": "^2.0.19",
-    "axios": "^1.6.8",
-    "aws-sdk": "^2.1591.0",
-    "expo-server-sdk": "^3.0.1",
-    "html-entities": "^2.3.2",
-    "https": "^1.0.0",
-    "jsonwebtoken": "^9.0.2",
-    "jwks-rsa": "^3.1.0",
-    "lodash": "^4.17.10",
-    "moment": "^2.30.1",
-    "moment-timezone": "^0.5.41",
-    "node-fetch": "^2.2.0",
-    "node-jose": "^1.0.0",
-    "nodemailer": "^6.9.12",
-    "twilio": "^3.18.0",
-    "uuid": "^2.0.3"
-  },
-  "devDependencies": {
-    "eslint-config-rallycoding": "^3.2.0",
-    "serverless-domain-manager": "^3.3.1",
-    "serverless-prune-plugin": "^1.4.1"
-  }
+	"name": "@plusscommunities/pluss-core-aws",
+	"version": "2.0.25-beta.0",
+	"description": "Core extension package for Pluss Communities platform",
+	"scripts": {
+		"betapatch": "npm version prepatch --preid=beta",
+		"patch": "npm version patch",
+		"betaupload": "npm i && npm i && npm publish --access public --tag beta",
+		"betaupload:p": "npm run betapatch && npm run betaupload",
+		"upload": "npm i && npm i && npm publish --access public",
+		"upload:p": "npm run patch && npm run upload"
+	},
+	"author": "Thorbjorn Kappel Davis",
+	"license": "ISC",
+	"dependencies": {
+		"@aws/dynamodb-auto-marshaller": "^0.7.1",
+		"amazon-cognito-identity-js": "^2.0.19",
+		"axios": "^1.6.8",
+		"aws-sdk": "^2.1591.0",
+		"expo-server-sdk": "^3.0.1",
+		"html-entities": "^2.3.2",
+		"https": "^1.0.0",
+		"lodash": "^4.17.10",
+		"moment": "^2.30.1",
+		"moment-timezone": "^0.5.41",
+		"node-fetch": "^2.2.0",
+		"node-jose": "^1.0.0",
+		"nodemailer": "^6.9.12",
+		"twilio": "^3.18.0",
+		"uuid": "^2.0.3"
+	},
+	"devDependencies": {
+		"eslint-config-rallycoding": "^3.2.0",
+		"serverless-domain-manager": "^3.3.1",
+		"serverless-prune-plugin": "^1.4.1"
+	}
 }

package/templates/supportTicketEmails.js

@@ -1,6 +1,6 @@
 module.exports.newTicketEmailTemplate = {
-  subject: `New Support Ticket: ___TITLE___`,
-  content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
+	subject: `New Support Ticket: ___TITLE___`,
+	content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
                 ___NAME___ from ___SITE___ (___CLIENT___) has submitted a new support ticket.
             </div>
             <div style='margin-bottom: 16px; font-size: 22px; line-height: 30px; color: #0a2246; font-weight: bold;'>
@@ -12,8 +12,8 @@ module.exports.newTicketEmailTemplate = {
 };
 
 module.exports.statusChangeEmailTemplate = {
-  subject: `Status Changed on Your Ticket: ___TITLE___`,
-  content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
+	subject: `Status Changed on Your Ticket: ___TITLE___`,
+	content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
                   Your ticket has been updated.
               </div>
               <div style='margin-bottom: 16px; font-size: 13px; line-height: 28px; height: 28px; width: 300px; border-radius: 4px; background-color: ___LABELCOLOR___; color: #fff; text-align: center;'>
@@ -28,8 +28,8 @@ module.exports.statusChangeEmailTemplate = {
 };
 
 module.exports.ticketCommentEmailTemplate = {
-  subject: `New Comment on Ticket: ___TITLE___`,
-  content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
+	subject: `New Comment on Ticket: ___TITLE___`,
+	content: `<div style='margin-bottom: 24px; font-size: 14px; line-height: 23px; color: #3e4245;'>
                   There is a new comment on an update:
               </div>
               <div style='margin-bottom: 24px; font-size: 15px; line-height: 22px; border-radius: 4px; border: solid 1px #ccc; padding: 8px; color: #536280; max-width: 500px; display: inline-block;'>
@@ -44,6 +44,6 @@ module.exports.ticketCommentEmailTemplate = {
 };
 
 module.exports.plussTeamEmails = [
-  "marty@plusscommunities.com",
-  "thor@plusscommunities.com",
+	"marty@plusscommunities.com",
+	"thor@plusscommunities.com",
 ];

package/helper/auth/context/AuthenticationContext.js

@@ -1,50 +0,0 @@
-const Auth0Strategy = require("./auth0/Strategy");
-const CognitoStrategy = require("./cognito/Strategy");
-const BoltonClarkeStrategy = require("./boltonclarke/Strategy");
-const { getConfig } = require("../../../config");
-
-class AuthenticationContext {
-  static strategy = null;
-
-  static initialiseStrategy() {
-    switch (getConfig().authConfig.provider) {
-      case "auth0":
-        AuthenticationContext.strategy = new Auth0Strategy();
-        break;
-      case "boltonclarke":
-        AuthenticationContext.strategy = new BoltonClarkeStrategy();
-        break;
-      case "cognito":
-        AuthenticationContext.strategy = new CognitoStrategy();
-        break;
-      default:
-        throw new Error("Invalid authentication provider specified");
-    }
-  }
-
-  static getSessionUser = async (token) => {
-    if (!AuthenticationContext.strategy) {
-      AuthenticationContext.initialiseStrategy();
-    }
-    return AuthenticationContext.strategy.getSessionUser(token);
-  };
-
-  static populateUser = async (token) => {
-    if (!AuthenticationContext.strategy) {
-      AuthenticationContext.initialiseStrategy();
-    }
-    return AuthenticationContext.strategy.populateUser(token);
-  };
-
-  static updateIdentityAttributes = async (input, userId) => {
-    if (!AuthenticationContext.strategy) {
-      AuthenticationContext.initialiseStrategy();
-    }
-    return AuthenticationContext.strategy.updateIdentityAttributes(
-      input,
-      userId
-    );
-  };
-}
-
-module.exports = AuthenticationContext;

package/helper/auth/context/AuthenticationStrategy.js

@@ -1,20 +0,0 @@
-// Authentication Strategy Interface
-class AuthenticationStrategy {
-  constructor() {}
-
-  getSessionUser(token) {
-    throw new Error("Method 'getSessionUser()' must be implemented.");
-  }
-
-  // optional function to populate user data based on a token
-  populateUser(token) {
-    return;
-  }
-
-  // optional function to save attributes to identity provider
-  updateIdentityAttributes = async (input, userId) => {
-    return;
-  };
-}
-
-module.exports = AuthenticationStrategy;

package/helper/auth/context/auth0/Strategy.js

@@ -1,12 +0,0 @@
-// auth0Strategy.js
-const AuthenticationStrategy = require("../AuthenticationStrategy");
-const getSessionUser = require("./functions/getSessionUser");
-
-class Auth0Strategy extends AuthenticationStrategy {
-  constructor() {
-    super();
-    this.getSessionUser = getSessionUser;
-  }
-}
-
-module.exports = Auth0Strategy;

package/helper/auth/context/auth0/functions/decodeAccessToken.js

@@ -1,102 +0,0 @@
-const jwt = require("jsonwebtoken");
-const jwksClient = require("jwks-rsa");
-
-const { getConfig } = require("../../../../../config");
-const { log } = require("../../../../");
-
-// Function to retrieve the signing key from Auth0 JWKS
-const getKey = (header, callback) => {
-  // Initialize JWKS client
-  const client = jwksClient({
-    jwksUri: `https://${getConfig().auth0Config.domain}/.well-known/jwks.json`,
-  });
-  const logId = log("getKey", "header", header);
-  client.getSigningKey(header.kid, (err, key) => {
-    if (err) {
-      log("getKey", "Error:client.getSigningKey", err, logId);
-      callback(err, null);
-    } else {
-      const signingKey = key.publicKey || key.rsaPublicKey;
-      log("getKey", "signingKey", signingKey, logId);
-      callback(null, signingKey);
-    }
-  });
-};
-
-// Function to retrieve the signing key from the secondary Auth0 JWKS
-const getSecondaryKey = (header, callback) => {
-  const logId = log("getSecondaryKey", "header", header);
-
-  // Initialize secondary JWKS client for the secondary domain
-  const secondaryClient = jwksClient({
-    jwksUri: `https://${
-      getConfig().auth0Config.secondaryDomain
-    }/.well-known/jwks.json`,
-  });
-
-  secondaryClient.getSigningKey(header.kid, (err, key) => {
-    if (err) {
-      log("getSecondaryKey", "Error:secondaryClient.getSigningKey", err, logId);
-      callback(err, null);
-    } else {
-      const signingKey = key.publicKey || key.rsaPublicKey;
-      log("getSecondaryKey", "signingKey", signingKey, logId);
-      callback(null, signingKey);
-    }
-  });
-};
-
-// Secondary function to verify the access token
-const verifySecondaryAccessToken = (token) => {
-  return new Promise((resolve, reject) => {
-    jwt.verify(
-      token,
-      getSecondaryKey,
-      {
-        audience: getConfig().auth0Config.audience,
-        issuer: `https://${getConfig().auth0Config.secondaryDomain}/`,
-        algorithms: ["RS256"],
-      },
-      (err, decoded) => {
-        if (err) {
-          log("verifySecondaryAccessToken", "Error:jwt.verify", err);
-          reject(err);
-        } else {
-          resolve(decoded); // 'sub' contains the user ID
-        }
-      }
-    );
-  });
-};
-
-// Function to validate the token and extract user information
-const decodeAccessToken = async (token) => {
-  return new Promise((resolve, reject) => {
-    jwt.verify(
-      token,
-      getKey,
-      {
-        audience: getConfig().auth0Config.audience,
-        issuer: `https://${getConfig().auth0Config.domain}/`,
-        algorithms: ["RS256"],
-      },
-      (err, decoded) => {
-        if (err) {
-          log("decodeAccessToken", "Error:jwt.verify", err);
-          // Attempt to verify with the secondary domain
-          verifySecondaryAccessToken(token)
-            .then((decodedSecondary) => {
-              resolve(decodedSecondary);
-            })
-            .catch((secondaryErr) => {
-              reject(secondaryErr);
-            });
-        } else {
-          resolve(decoded); // 'sub' contains the user ID
-        }
-      }
-    );
-  });
-};
-
-module.exports = decodeAccessToken;

package/helper/auth/context/auth0/functions/getSessionUser.js

@@ -1,21 +0,0 @@
-const decodeAccessToken = require("./decodeAccessToken");
-const { getConfig } = require("../../../../../config");
-
-// Function to validate the token and extract user information
-const getSessionUser = async (token) => {
-  return new Promise((resolve, reject) => {
-    decodeAccessToken(token)
-      .then((claims) => {
-        return resolve(
-          claims[getConfig().auth0Config.residentIdClaim] ||
-            claims[getConfig().auth0Config.staffIdClaim] ||
-            claims[getConfig().auth0Config.userIdClaim]
-        );
-      })
-      .catch((err) => {
-        reject(err);
-      });
-  });
-};
-
-module.exports = getSessionUser;

package/helper/auth/context/boltonclarke/Strategy.js

@@ -1,10 +0,0 @@
-// auth0Strategy.js
-const Auth0Strategy = require("../auth0/Strategy");
-
-class BoltonClarkeStrategy extends Auth0Strategy {
-  constructor() {
-    super();
-  }
-}
-
-module.exports = BoltonClarkeStrategy;

package/helper/auth/context/cognito/Strategy.js

@@ -1,12 +0,0 @@
-// cognitoStrategy.js
-const AuthenticationStrategy = require("../AuthenticationStrategy");
-const getSessionUser = require("./functions/getSessionUser");
-
-class CognitoStrategy extends AuthenticationStrategy {
-  constructor() {
-    super();
-    this.getSessionUser = getSessionUser;
-  }
-}
-
-module.exports = CognitoStrategy;

package/helper/auth/context/cognito/functions/getSessionUser.js

@@ -1,76 +0,0 @@
-const https = require("https");
-const jose = require("node-jose");
-
-const { getConfig } = require("../../../../../config");
-
-module.exports = async (token) => {
-  return new Promise((resolve, reject) => {
-    if (!token) {
-      return resolve(null);
-    }
-    var sections = token.split(".");
-    // get the kid from the headers prior to verification
-    var header = jose.util.base64url.decode(sections[0]);
-    header = JSON.parse(header);
-    var kid = header.kid;
-    // download the public keys
-    https.get(getConfig().keys_url, async (response) => {
-      if (response.statusCode == 200) {
-        response.on("data", async (body) => {
-          var keys = JSON.parse(body)["keys"];
-          // search for the kid in the downloaded public keys
-          var key_index = -1;
-          for (var i = 0; i < keys.length; i++) {
-            if (kid == keys[i].kid) {
-              key_index = i;
-              break;
-            }
-          }
-          if (key_index == -1) {
-            reject();
-            return;
-          }
-          // construct the public key
-          jose.JWK.asKey(keys[key_index])
-            .then(async (result) => {
-              // verify the signature
-              jose.JWS.createVerify(result)
-                .verify(token)
-                .then(async (result2) => {
-                  // now we can use the claims
-                  var claims = JSON.parse(result2.payload);
-                  // additionally we can verify the token expiration
-                  var current_ts = Math.floor(new Date() / 1000);
-                  if (current_ts > claims.exp) {
-                    console.log("Token is expired");
-                    reject("Token is expired");
-                    return;
-                  }
-
-                  // const isDisabled = await isUserDisabled(claims.username);
-
-                  // if (isDisabled) {
-                  //   console.log("User is disabled");
-                  //   reject("User is disabled");
-                  //   return;
-                  // }
-
-                  resolve(claims.username);
-                })
-                .catch(async (error) => {
-                  console.log("Signature verification failed", error);
-                  reject("Signature verification failed");
-                });
-            })
-            .catch(async (error) => {
-              console.log("failed JWK.asKey", error);
-              reject(error);
-            });
-        });
-      } else {
-        console.log("failed on response", response);
-        reject(response);
-      }
-    });
-  });
-};