@point3/logto-module 1.0.0

package/package.json

@@ -0,0 +1,33 @@
+{
+  "name": "@point3/logto-module",
+  "version": "1.0.0",
+  "description": "포인트3 내부 logto Authentication 모듈입니다",
+  "main": "dist/index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "build": "tsc --build"
+  },
+  "author": "point3 개발팀",
+  "license": "ISC",
+  "dependencies": {
+    "@nestjs/common": "^11.1.3",
+    "@nestjs/config": "^4.0.2",
+    "@nestjs/core": "^11.1.3",
+    "@nestjs/testing": "^11.1.3",
+    "axios": "^1.9.0",
+    "jest": "^30.0.0",
+    "jose": "^6.0.11",
+    "point3-common-tool": "^1.0.13"
+  },
+  "devDependencies": {
+    "@types/jest": "^29.5.14"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/violetpay-org/point3-logto-module.git"
+  },
+  "bugs": {
+    "url": "https://github.com/violetpay-org/point3-logto-module/issues"
+  },
+  "homepage": "https://github.com/violetpay-org/point3-logto-module#readme"
+}

package/stateless/decorator.ts

@@ -0,0 +1,16 @@
+import { applyDecorators, UseGuards, SetMetadata } from '@nestjs/common';
+import { LogtoTokenGuard } from './guard';
+
+type LogtoProtectedOptions<T> = Partial<{
+  requiredScopes: string[],
+  requiredRoles: (T | 'management-point3')[]
+}>
+
+export function LogtoProtected<RoleType>(options?: LogtoProtectedOptions<RoleType>): ReturnType<typeof applyDecorators> {
+  const { requiredScopes, requiredRoles } = options ?? {};
+  return applyDecorators(
+    UseGuards(LogtoTokenGuard),
+    SetMetadata('requiredScopes', requiredScopes && requiredScopes.length > 0 ? requiredScopes : undefined),
+    SetMetadata('requiredRoles', requiredRoles && requiredRoles.length > 0 ? requiredRoles : undefined),
+  );
+}

package/stateless/guard.spec.ts

@@ -0,0 +1,305 @@
+import { Test, TestingModule } from '@nestjs/testing';
+import { ExecutionContext, LoggerService, UnauthorizedException } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+
+import { LogtoTokenGuard } from './guard';
+import {
+  LogtoTokenVerifier, LogtoTokenVerifierToken,
+  AccessToken, AccessTokenPayload 
+} from '../token';
+
+import { p3Values } from 'point3-common-tool';
+import { LogtoLoggerServiceToken } from 'client';
+
+describe('LogtoTokenGuard 테스트', () => {
+  let guard: LogtoTokenGuard;
+  let tokenUtil: jest.Mocked<LogtoTokenVerifier>;
+  let reflector: jest.Mocked<Reflector>;
+  let logger: jest.Mocked<LoggerService>;
+
+  // 사용자가 제공한 실제 JWT 토큰
+  const testToken = 'eyJhbGciOiJFUzM4NCIsInR5cCI6ImF0K2p3dCIsImtpZCI6ImxKUjU3SkFqVmV1dHk4eWljVzUtdFFySDM2WFl6NUlzWFhXSDVzeXV0dEEifQ.eyJ1c2VyUm9sZXMiOlsicDMtQ0lTTy0wIl0sIm1hbmFnZXJJZCI6Im1hbmFnZXItMDE5NjQ0NWMtOGVjNy03MDc4LWExNDItNGU3ZGI5YTRhYWVhIiwiY2xpZW50SWQiOiJwb2ludDMtMDE5NjNjODUtNDQ2ZS03NGM5LWFmNzktNDhlMjU0NjVjMzI3IiwianRpIjoiV0RYTmxoTWkwT0tHQ1pTRzFKZnBrIiwic3ViIjoieXVsaXVmdHNvMWQwIiwiaWF0IjoxNzQ5MDI0NzIzLCJleHAiOjE3NDkwMjgzMjMsInNjb3BlIjoiIiwiY2xpZW50X2lkIjoiNXFydmk5eW0wajJ0YTJ6YXBnbHU0IiwiaXNzIjoiaHR0cHM6Ly9sb2d0by5wb2ludDMuaW8vb2lkYyIsImF1ZCI6Imh0dHBzOi8vZGVmYXVsdC5sb2d0by5hcHAvYXBpIn0.nZdzvdxQ74m2oFEklVTfQlcqYBkRrRxtHQEgz1L6DjST9_9Wa7H7J1gKJVEjm8NnjFCQXljYM_hTVx1ABTmUgDrEKVjtHFVKUyPoSzxQitXexwmBZY5l8WdyqJDqAy8d';
+
+  // 토큰 데이터와 일치하는 모의 페이로드
+  const mockPayload: AccessTokenPayload = {
+    userRoles: ['p3-CISO-0'],
+    managerId: 'manager-0196445c-8ec7-7078-a142-4e7db9a4aaea',
+    clientId: 'point3-019663c85-446e-74c9-af79-48e25465c327',
+    jti: 'WDXNlhMi0OKGCZSG1Jfpk',
+    sub: 'yuliuftso1d0',
+    iat: 1749024723,
+    exp: 1749028323,
+    scope: '',
+    client_id: '5qrvi9ym0j2ta2zapglu4',
+    iss: 'https://logto.point3.io/oidc',
+    aud: 'https://default.logto.app/api'
+  };
+
+  beforeEach(async () => {
+    const mockTokenUtil = {
+      verifyToken: jest.fn(),
+    };
+
+    const mockReflector = {
+      get: jest.fn(),
+    };
+
+    const mockLogger = {
+      warn: jest.fn(),
+      error: jest.fn(),
+      log: jest.fn(),
+    };
+
+    const module: TestingModule = await Test.createTestingModule({
+      providers: [
+        LogtoTokenGuard,
+        {
+          provide: LogtoTokenVerifierToken,
+          useValue: mockTokenUtil,
+        },
+        {
+          provide: Reflector,
+          useValue: mockReflector,
+        },
+        {
+          provide: LogtoLoggerServiceToken,
+          useValue: mockLogger,
+        },
+      ],
+    }).compile();
+
+    guard = module.get<LogtoTokenGuard>(LogtoTokenGuard);
+    tokenUtil = module.get(LogtoTokenVerifierToken);
+    reflector = module.get(Reflector);
+    logger = module.get(LogtoLoggerServiceToken);
+
+    // 각 테스트 전에 모의 함수 초기화
+    jest.clearAllMocks();
+  });
+
+  const createMockExecutionContext = (headers: any = {}, route: any = { path: '/test' }): ExecutionContext => {
+    const mockRequest = {
+      headers,
+      route,
+      user: undefined // Guard에서 설정됨
+    };
+
+    return {
+      switchToHttp: () => ({
+        getRequest: () => mockRequest,
+        getResponse: jest.fn(),
+        getNext: jest.fn(),
+      }),
+      getHandler: jest.fn(),
+      getClass: jest.fn(),
+      getArgs: jest.fn(),
+      getArgByIndex: jest.fn(),
+      switchToRpc: jest.fn(),
+      switchToWs: jest.fn(),
+      getType: jest.fn(),
+    } as ExecutionContext;
+  };
+
+  describe('🔐 성공적인 인증 테스트', () => {
+    it('유효한 토큰이 제공되었을 때 인증하고 사용자 데이터를 설정해야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: `Bearer ${testToken}`,
+      });
+      
+      // Reflector 모의 설정 - 특정 역할 요구사항
+      reflector.get
+        .mockReturnValueOnce(undefined) // requiredScopes
+        .mockReturnValueOnce(['p3-CISO-0']); // requiredRoles
+
+      // 성공적인 토큰 검증 모의
+      tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
+
+      // 실행
+      const result = await guard.canActivate(context);
+      const request = context.switchToHttp().getRequest();
+
+      // 검증
+      expect(result).toBe(true);
+      expect(tokenUtil.verifyToken).toHaveBeenCalledWith(
+        testToken,
+        undefined,
+        ['p3-CISO-0']
+      );
+
+      // 사용자 데이터가 올바르게 설정되었는지 확인
+      expect(request.user).toEqual({
+        userId: 'yuliuftso1d0',
+        managerId: expect.objectContaining({
+          toString: expect.any(Function)
+        }),
+        clientId: expect.objectContaining({
+          toString: expect.any(Function)
+        }),
+      });
+
+      // GUID 값 검증
+      expect(request.user.managerId.toString()).toContain('manager');
+      expect(request.user.managerId.toString()).toContain('0196445c-8ec7-7078-a142-4e7db9a4aaea');
+      expect(request.user.clientId.toString()).toContain('point3');
+      expect(request.user.clientId.toString()).toContain('019663c85-446e-74c9-af79-48e25465c327');
+    });
+
+    it('필수 스코프나 역할이 없을 때도 동작해야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: `Bearer ${testToken}`,
+      });
+      
+      // Reflector 모의 설정 - 요구사항 없음
+      reflector.get
+        .mockReturnValueOnce(undefined) // requiredScopes
+        .mockReturnValueOnce(undefined); // requiredRoles
+
+      // 성공적인 토큰 검증 모의
+      tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
+
+      // 실행
+      const result = await guard.canActivate(context);
+
+      // 검증
+      expect(result).toBe(true);
+      expect(tokenUtil.verifyToken).toHaveBeenCalledWith(
+        testToken,
+        undefined,
+        undefined
+      );
+    });
+  });
+
+  describe('🚫 토큰 추출 실패 테스트', () => {
+    it('Authorization 헤더가 없을 때 UnauthorizedException을 던져야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({}); // 헤더 없음
+      
+      reflector.get
+        .mockReturnValueOnce(undefined)
+        .mockReturnValueOnce(['p3-CISO-0']);
+
+      // 실행 & 검증
+      await expect(guard.canActivate(context)).rejects.toThrow(UnauthorizedException);
+      await expect(guard.canActivate(context)).rejects.toThrow('Authorization header is missing');
+    });
+
+    it('Authorization 헤더가 Bearer가 아닐 때 UnauthorizedException을 던져야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: 'Basic sometoken',
+      });
+      
+      reflector.get
+        .mockReturnValueOnce(undefined)
+        .mockReturnValueOnce(['p3-CISO-0']);
+
+      // 실행 & 검증
+      await expect(guard.canActivate(context)).rejects.toThrow(UnauthorizedException);
+      await expect(guard.canActivate(context)).rejects.toThrow('Authorization token type not supported');
+    });
+
+    it('Bearer 헤더에서 토큰을 올바르게 추출해야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: `Bearer ${testToken}`,
+      });
+      
+      reflector.get
+        .mockReturnValueOnce(undefined)
+        .mockReturnValueOnce(['p3-CISO-0']);
+      tokenUtil.verifyToken.mockResolvedValueOnce(mockPayload);
+
+      // 실행
+      await guard.canActivate(context);
+
+      // 검증 - 토큰이 올바르게 추출되어 verifyToken에 전달됨
+      expect(tokenUtil.verifyToken).toHaveBeenCalledWith(
+        testToken,
+        undefined,
+        ['p3-CISO-0']
+      );
+    });
+  });
+
+  describe('❌ 토큰 검증 실패 테스트', () => {
+    it('토큰 검증에서 UnauthorizedException이 발생하면 다시 던져야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: `Bearer ${testToken}`,
+      });
+      
+      reflector.get
+        .mockReturnValueOnce(undefined)
+        .mockReturnValueOnce(['p3-CISO-0']);
+      
+      const authError = new UnauthorizedException('Invalid token');
+      tokenUtil.verifyToken.mockRejectedValueOnce(authError);
+
+      // 실행 & 검증
+      await expect(guard.canActivate(context)).rejects.toThrow(UnauthorizedException);
+    });
+
+    it('다른 에러가 발생하면 일반적인 에러 메시지를 던져야 함', async () => {
+      // 준비
+      const context = createMockExecutionContext({
+        authorization: `Bearer ${testToken}`,
+      });
+      
+      reflector.get
+        .mockReturnValueOnce(undefined)
+        .mockReturnValueOnce(['p3-CISO-0']);
+      
+      tokenUtil.verifyToken.mockRejectedValueOnce(new Error('Some other error'));
+
+      // 실행 & 검증
+      await expect(guard.canActivate(context)).rejects.toThrow('요청을 처리하지 못하였습니다.');
+    });
+  });
+
+  describe('🔍 실제 JWT 토큰 분석', () => {
+    it('제공된 JWT 토큰의 페이로드를 올바르게 디코딩해야 함', () => {
+      // JWT 토큰을 수동으로 디코딩하여 모의 데이터와 비교
+      const [header, payload, signature] = testToken.split('.');
+      const decodedPayload = JSON.parse(Buffer.from(payload, 'base64url').toString());
+      
+      console.log('🔍 디코딩된 토큰 페이로드:');
+      console.log(JSON.stringify(decodedPayload, null, 2));
+      
+      // 모의 페이로드가 실제 토큰과 일치하는지 확인
+      expect(decodedPayload.userRoles).toEqual(['p3-CISO-0']);
+      expect(decodedPayload.managerId).toBe('manager-0196445c-8ec7-7078-a142-4e7db9a4aaea');
+      expect(decodedPayload.clientId).toBe('point3-01963c85-446e-74c9-af79-48e25465c327');
+      expect(decodedPayload.sub).toBe('yuliuftso1d0');
+      expect(decodedPayload.iss).toBe('https://logto.point3.io/oidc');
+      
+      // 토큰 만료 시간 확인 (Unix timestamp)
+      const expirationDate = new Date(decodedPayload.exp * 1000);
+      const issuedDate = new Date(decodedPayload.iat * 1000);
+      
+      console.log(`📅 토큰 발급 시간: ${issuedDate.toISOString()}`);
+      console.log(`⏰ 토큰 만료 시간: ${expirationDate.toISOString()}`);
+      console.log(`🏢 발급자: ${decodedPayload.iss}`);
+      console.log(`👤 사용자 역할: ${decodedPayload.userRoles.join(', ')}`);
+    });
+
+    it('토큰에서 추출된 GUID 값들이 올바른 형식인지 확인해야 함', () => {
+      const [header, payload, signature] = testToken.split('.');
+      const decodedPayload = JSON.parse(Buffer.from(payload, 'base64url').toString());
+      
+      // managerId GUID 검증
+      const managerId = p3Values.Guid.parse(decodedPayload.managerId);
+      expect(managerId.Prefix == 'manager');
+      
+      // clientId GUID 검증
+      const clientId = p3Values.Guid.parse(decodedPayload.clientId);
+      expect(clientId.Prefix == 'point3');
+      
+      console.log('✅ GUID 형식 검증 완료:');
+      console.log(`   Manager ID: ${managerId.toString()}`);
+      console.log(`   Client ID: ${clientId.toString()}`);
+    });
+  });
+}); 

package/stateless/guard.ts

@@ -0,0 +1,76 @@
+import { 
+  Injectable, 
+  CanActivate, 
+  ExecutionContext, 
+  UnauthorizedException, 
+  InternalServerErrorException,
+  Inject, 
+  Global, 
+  HttpStatus 
+} from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+import { IncomingHttpHeaders } from 'http';
+
+import * as jose from 'jose';
+
+import { p3Values } from 'point3-common-tool';
+import * as token from '../token';
+
+@Global()
+@Injectable()
+export class LogtoTokenGuard implements CanActivate {
+  constructor(
+    private reflector: Reflector,
+
+    @Inject(token.LogtoTokenVerifierToken)
+    private tokenVerifier: token.LogtoTokenVerifier
+  ) { }
+
+  async canActivate(context: ExecutionContext): Promise<boolean> {
+    //매타데이터에서 필요한 스코프와 역할을 가져온다.
+    const requiredScopes = this.reflector.get<string[]>('requiredScopes', context.getHandler());
+    const requiredRoles = this.reflector.get<string[]>('requiredRoles', context.getHandler());
+
+    const request = context.switchToHttp().getRequest();
+
+    //헤더에서 베어러 토큰을 추출한다
+    try {
+      const bearerToken = this.extractBearerTokenFrom(request.headers);
+      const result = await this.tokenVerifier.verifyToken(bearerToken, requiredScopes, requiredRoles);
+
+      // request.user에 사용자 정보를 추가한다.
+      request.user = {
+        userId: result.sub,
+        managerId: p3Values.Guid.parse(result.managerId),
+        clientId: p3Values.Guid.parse(result.clientId),
+      }
+      return true;
+    } catch (error) {
+      if (error instanceof UnauthorizedException) throw error;
+      if (error instanceof jose.errors.JOSEError) throw new UnauthorizedException(error);
+      if (error instanceof Error) throw new InternalServerErrorException("요청을 처리하지 못하였습니다.", `${HttpStatus.INTERNAL_SERVER_ERROR}`);
+
+      throw new UnauthorizedException("접근이 허용되지 않습니다.");
+    }
+  }
+
+  /**
+   * Extracts the Bearer token from the authorization header.
+   * @param headers - The incoming HTTP headers.
+   * @returns The extracted token.
+   * @throws UnauthorizedException if the authorization header is missing or invalid.
+   */
+  private extractBearerTokenFrom(headers: IncomingHttpHeaders): string {
+    const bearerTokenIdentifier = 'Bearer';
+
+    if (!headers.authorization) {
+      throw new UnauthorizedException('Authorization header is missing');
+    }
+
+    if (!headers.authorization.startsWith(bearerTokenIdentifier)) {
+      throw new UnauthorizedException('Authorization token type not supported');
+    }
+
+    return headers.authorization.slice(bearerTokenIdentifier.length + 1);
+  };
+}

package/stateless/index.ts

@@ -0,0 +1,2 @@
+export * from "./guard";
+export * from "./decorator";

package/token/access-token.ts

@@ -0,0 +1,48 @@
+
+export class AccessToken {
+    static THRESHOLD_TIME = 1000 * 60 * 10; // 10분
+
+    accountId: string;
+    token: string;
+    expiresAt: Date;
+
+    constructor(accountId: string, token: string, expireInSeconds: number) {
+        this.accountId = accountId;
+        this.token = token;
+        this.expiresAt = new Date(
+            Date.now() + expireInSeconds * 1000 - AccessToken.THRESHOLD_TIME,
+        );
+    }
+
+    public isExpired(): boolean {
+        return this.expiresAt < new Date();
+    }
+
+    public toString(): string {
+        return `AccessToken{accountId: ${this.accountId}, expiresAt: ${this.expiresAt}}`;
+    }
+}
+
+export type AccessTokenPayload = {
+    jti: string;
+    sub: string;
+    iat: number;
+    exp: number;
+    scope: string;
+    client_id: string;
+    iss: string;
+    aud: string;
+    userRoles: string[];
+    clientId: string; // 이게 진짜임 ;;
+    managerId: string;
+    userScopes?: string[];
+};
+
+export type IdTokenPayload = {
+    sub: string;
+    email: string;
+    email_verified: boolean;
+    name: string;
+    phone_number: string;
+    username: string;
+};

package/token/index.ts

@@ -0,0 +1,2 @@
+export * from "./access-token";
+export * from "./verifier";

package/token/verifier.ts

@@ -0,0 +1,101 @@
+import { Global, Inject, Injectable, UnauthorizedException } from "@nestjs/common";
+import { ConfigService } from "@nestjs/config";
+import { jwtVerify, createRemoteJWKSet } from "jose";
+
+import * as token from "./access-token";
+
+export const LogtoTokenVerifierToken = Symbol.for("LogtoTokenVerifier");
+
+@Global()
+@Injectable()
+export class LogtoTokenVerifier {
+    constructor(
+        @Inject(ConfigService)
+        private readonly configService: ConfigService
+    ) { }
+
+    /**
+     * 토큰을 검증하고 필요에 따라 필수 스코프와 역할을 확인합니다.
+     * @param token 검증할 토큰입니다.
+     * @param requiredScopes 선택적으로 확인할 스코프입니다.
+     * @param requiredRoles 선택적으로 확인할 역할입니다.
+     * @returns 토큰이 유효한 경우 토큰 페이로드를 반환하는 Promise입니다.
+     * @throws UnauthorizedException 토큰이 유효하지 않은 경우 발생합니다.
+     */
+    public async verifyToken(token: string): Promise<token.AccessTokenPayload>;
+    public async verifyToken(token: string, requiredScopes: string[], requiredRoles: string[]): Promise<token.AccessTokenPayload>;
+    public async verifyToken(token: string, requiredScopes?: string[], requiredRoles?: string[]): Promise<token.AccessTokenPayload> {
+        if (!token) throw new UnauthorizedException('엑세스 토큰이 존재하지 않습니다.');
+
+        const jwksUri = this.configService.get<string>("LOGTO_JWKS_URI") ?? 'http://localhost:3001/oidc/jwks';
+        const issuer = this.configService.get<string>("LOGTO_AUTH_ISSUER");
+
+        const { payload } = await jwtVerify(
+            token, createRemoteJWKSet(new URL(jwksUri)),
+            { issuer }
+        );
+
+        const tokenPayload = payload as token.AccessTokenPayload;
+
+        if (requiredScopes || requiredRoles) {
+            this.shouldContainRequiredPrivileges(
+                tokenPayload, requiredScopes, requiredRoles);
+        }
+
+        return tokenPayload;
+    }
+
+    /**
+     * id token을 검증합니다.
+     * @param token id token 문자열입니다.
+     * @returns id token 페이로드입니다.
+     */
+    public async verifyIdToken(token: string): Promise<token.IdTokenPayload> {
+        const jwksUri = process.env.LOGTO_JWKS_URI ?? 'http://localhost:3001/oidc/jwks';
+        const issuer = process.env.LOGTO_AUTH_ISSUER;
+
+        const { payload } = await jwtVerify(
+            token,
+            createRemoteJWKSet(new URL(jwksUri)),
+            { issuer }
+        );
+        return payload as token.IdTokenPayload;
+    }
+
+    /**
+     * 토큰 페이로드를 통해 필요한 스코프와 역할 등 추가적인 검사를 수행합니다.
+     * @param payload 토큰 페이로드입니다.
+     * @param requiredScopes 선택적으로 확인할 스코프입니다.
+     * @param requiredRoles 선택적으로 확인할 역할입니다.
+     */
+    private shouldContainRequiredPrivileges(
+        payload: token.AccessTokenPayload,
+        requiredScopes?: string[],
+        requiredRoles?: string[]
+    ): void {
+        const { userScopes, userRoles } = payload;
+        const scopes = userScopes?.flat() ?? [];
+
+        if (this.hasInsufficientScopes(requiredScopes, scopes)) {
+            throw new UnauthorizedException(
+                { code: 'auth.insufficient_scope', status: 403 },
+                { cause: requiredScopes }
+            );
+        }
+
+        if (this.hasInsufficientRoles(requiredRoles, userRoles)) {
+            throw new UnauthorizedException(
+                { code: 'auth.role_mismatch', status: 403 },
+                { cause: requiredRoles }
+            );
+        }
+    }
+
+    private hasInsufficientScopes(requiredScopes: string[] | undefined, userScopes: string[]): boolean {
+        return !!(requiredScopes && requiredScopes.length > 0 && !requiredScopes.every(scope => userScopes.includes(scope)));
+    }
+
+    private hasInsufficientRoles(requiredRoles: string[] | undefined, userRoles: string[]): boolean {
+        return !!(requiredRoles && requiredRoles.length > 0 && !requiredRoles.some(role => userRoles.includes(role)));
+    }
+}

package/tsconfig.json

@@ -0,0 +1,23 @@
+{
+    "compilerOptions": {
+      "module": "commonjs",
+      "declaration": true,
+      "removeComments": true,
+      "emitDecoratorMetadata": true,
+      "experimentalDecorators": true,
+      "allowSyntheticDefaultImports": true,
+      "target": "ES2021",
+      "sourceMap": true,
+      "outDir": "./dist",
+      "baseUrl": "./",
+      "incremental": true,
+      "skipLibCheck": true,
+      "strictNullChecks": false,
+      "noImplicitAny": false,
+      "strictBindCallApply": false,
+      "forceConsistentCasingInFileNames": false,
+      "noFallthroughCasesInSwitch": false,
+      "moduleResolution": "node",
+      "esModuleInterop": true,
+    },
+  }