@point3/logto-module 1.0.23 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.idea/copilot.data.migration.ask2agent.xml +6 -0
- package/.idea/inspectionProfiles/Project_Default.xml +7 -0
- package/.idea/misc.xml +7 -0
- package/.idea/modules.xml +8 -0
- package/.idea/point3-logto-module.iml +9 -0
- package/.idea/vcs.xml +6 -0
- package/.serena/project.yml +87 -0
- package/README.md +124 -80
- package/client/config.ts +62 -0
- package/client/logto-login-session.ts +8 -17
- package/client/m2m-client.ts +14 -24
- package/client/oauth-client.ts +18 -32
- package/dist/client/config.d.ts +23 -0
- package/dist/client/logto-login-session.d.ts +2 -3
- package/dist/client/logto-login-session.js +4 -13
- package/dist/client/logto-login-session.js.map +1 -1
- package/dist/client/m2m-client.d.ts +3 -3
- package/dist/client/m2m-client.js +11 -19
- package/dist/client/m2m-client.js.map +1 -1
- package/dist/client/oauth-client.d.ts +4 -4
- package/dist/client/oauth-client.js +16 -22
- package/dist/client/oauth-client.js.map +1 -1
- package/dist/module.d.ts +24 -1
- package/dist/module.js +124 -23
- package/dist/module.js.map +1 -1
- package/dist/token/verifier.d.ts +3 -3
- package/dist/token/verifier.js +5 -14
- package/dist/token/verifier.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/module.ts +264 -80
- package/package.json +1 -1
- package/token/verifier.ts +8 -17
package/dist/module.js
CHANGED
|
@@ -1,70 +1,171 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.LogtoModule = void 0;
|
|
3
|
+
exports.LogtoModule = exports.LOGTO_MODULE_OPTIONS = void 0;
|
|
4
4
|
const config_1 = require("@nestjs/config");
|
|
5
5
|
const client_1 = require("./client");
|
|
6
6
|
const token_1 = require("./token");
|
|
7
7
|
const stateless_1 = require("./stateless");
|
|
8
|
+
exports.LOGTO_MODULE_OPTIONS = Symbol('LOGTO_MODULE_OPTIONS');
|
|
8
9
|
class LogtoModule {
|
|
9
|
-
static
|
|
10
|
+
static forRoot(options) {
|
|
11
|
+
const { global = false, enableClient = false, logger } = options;
|
|
10
12
|
const baseProviders = [
|
|
13
|
+
{
|
|
14
|
+
provide: client_1.LogtoLoggerServiceToken,
|
|
15
|
+
useExisting: logger.token,
|
|
16
|
+
},
|
|
17
|
+
{
|
|
18
|
+
provide: token_1.LogtoTokenVerifierToken,
|
|
19
|
+
useFactory: (configService) => {
|
|
20
|
+
return new token_1.LogtoTokenVerifier({
|
|
21
|
+
jwksUri: configService.get('LOGTO_JWKS_URI') ?? 'http://localhost:3001/oidc/jwks',
|
|
22
|
+
issuer: configService.getOrThrow('LOGTO_AUTH_ISSUER'),
|
|
23
|
+
});
|
|
24
|
+
},
|
|
25
|
+
inject: [config_1.ConfigService],
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
provide: stateless_1.LogtoTokenGuardToken,
|
|
29
|
+
useClass: stateless_1.LogtoTokenGuard,
|
|
30
|
+
},
|
|
31
|
+
];
|
|
32
|
+
const clientProviders = enableClient
|
|
33
|
+
? [
|
|
34
|
+
{
|
|
35
|
+
provide: client_1.OAuthClientToken,
|
|
36
|
+
useFactory: (configService, loggerService) => {
|
|
37
|
+
return new client_1.OAuthClient({
|
|
38
|
+
endpoint: configService.getOrThrow('LOGTO_AUTH_ENDPOINT'),
|
|
39
|
+
clientId: configService.getOrThrow('LOGTO_CLIENT_ID'),
|
|
40
|
+
clientSecret: configService.getOrThrow('LOGTO_CLIENT_SECRET'),
|
|
41
|
+
resources: [configService.getOrThrow('LOGTO_RESOURCES')],
|
|
42
|
+
scopes: configService.getOrThrow('LOGTO_SCOPES').split(','),
|
|
43
|
+
prompt: configService.getOrThrow('LOGTO_PROMPT'),
|
|
44
|
+
redirectUri: configService.getOrThrow('LOGTO_REDIRECT_URI'),
|
|
45
|
+
signInUri: configService.getOrThrow('LOGTO_SIGN_IN_URI'),
|
|
46
|
+
dashboardSignInUri: configService.get('LOGTO_DASHBOARD_SIGN_IN_URI'),
|
|
47
|
+
}, loggerService);
|
|
48
|
+
},
|
|
49
|
+
inject: [config_1.ConfigService, client_1.LogtoLoggerServiceToken],
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
provide: client_1.LogtoLoginSessionToken,
|
|
53
|
+
useFactory: (configService, loggerService, oauthClient) => {
|
|
54
|
+
return new client_1.LogtoLoginSession(configService.getOrThrow('LOGTO_M2M_API_URL'), loggerService, oauthClient);
|
|
55
|
+
},
|
|
56
|
+
inject: [config_1.ConfigService, client_1.LogtoLoggerServiceToken, client_1.OAuthClientToken],
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
provide: client_1.LogtoM2MClientToken,
|
|
60
|
+
useFactory: (configService, tokenVerifier, loggerService) => {
|
|
61
|
+
return new client_1.LogtoM2MClient({
|
|
62
|
+
endpoint: configService.getOrThrow('LOGTO_AUTH_ENDPOINT'),
|
|
63
|
+
clientId: configService.getOrThrow('LOGTO_M2M_CLIENT_ID'),
|
|
64
|
+
clientSecret: configService.getOrThrow('LOGTO_M2M_CLIENT_SECRET'),
|
|
65
|
+
resource: configService.getOrThrow('LOGTO_M2M_RESOURCE'),
|
|
66
|
+
apiUrl: configService.getOrThrow('LOGTO_M2M_API_URL'),
|
|
67
|
+
scopes: ['all'],
|
|
68
|
+
}, tokenVerifier, loggerService);
|
|
69
|
+
},
|
|
70
|
+
inject: [config_1.ConfigService, token_1.LogtoTokenVerifierToken, client_1.LogtoLoggerServiceToken],
|
|
71
|
+
},
|
|
72
|
+
]
|
|
73
|
+
: [];
|
|
74
|
+
const providers = [...baseProviders, ...clientProviders];
|
|
75
|
+
return {
|
|
76
|
+
module: LogtoModule,
|
|
77
|
+
global,
|
|
78
|
+
imports: [config_1.ConfigModule, logger.module],
|
|
79
|
+
providers,
|
|
80
|
+
exports: providers,
|
|
81
|
+
};
|
|
82
|
+
}
|
|
83
|
+
static forRootAsync(options) {
|
|
84
|
+
const { global = false, imports = [], loggerToken, useFactory, inject = [] } = options;
|
|
85
|
+
const asyncOptionsProvider = {
|
|
86
|
+
provide: exports.LOGTO_MODULE_OPTIONS,
|
|
87
|
+
useFactory,
|
|
88
|
+
inject,
|
|
89
|
+
};
|
|
90
|
+
const baseProviders = [
|
|
91
|
+
asyncOptionsProvider,
|
|
11
92
|
{
|
|
12
93
|
provide: client_1.LogtoLoggerServiceToken,
|
|
13
94
|
useExisting: loggerToken,
|
|
14
95
|
},
|
|
15
96
|
{
|
|
16
97
|
provide: token_1.LogtoTokenVerifierToken,
|
|
17
|
-
|
|
98
|
+
useFactory: (configService) => {
|
|
99
|
+
return new token_1.LogtoTokenVerifier({
|
|
100
|
+
jwksUri: configService.getOrThrow('LOGTO_JWKS_URI'),
|
|
101
|
+
issuer: configService.getOrThrow('LOGTO_AUTH_ISSUER'),
|
|
102
|
+
});
|
|
103
|
+
},
|
|
104
|
+
inject: [config_1.ConfigService],
|
|
18
105
|
},
|
|
19
106
|
{
|
|
20
107
|
provide: stateless_1.LogtoTokenGuardToken,
|
|
21
108
|
useClass: stateless_1.LogtoTokenGuard,
|
|
22
109
|
},
|
|
23
110
|
];
|
|
24
|
-
const
|
|
111
|
+
const clientProviders = [
|
|
25
112
|
{
|
|
26
113
|
provide: client_1.OAuthClientToken,
|
|
27
|
-
useFactory: (configService,
|
|
28
|
-
if (
|
|
29
|
-
return new client_1.OAuthClient(
|
|
114
|
+
useFactory: (opts, configService, loggerService) => {
|
|
115
|
+
if (opts.enableClient) {
|
|
116
|
+
return new client_1.OAuthClient({
|
|
117
|
+
endpoint: configService.getOrThrow('LOGTO_AUTH_ENDPOINT'),
|
|
118
|
+
clientId: configService.getOrThrow('LOGTO_CLIENT_ID'),
|
|
119
|
+
clientSecret: configService.getOrThrow('LOGTO_CLIENT_SECRET'),
|
|
120
|
+
resources: [configService.getOrThrow('LOGTO_RESOURCES')],
|
|
121
|
+
scopes: configService.getOrThrow('LOGTO_SCOPES').split(','),
|
|
122
|
+
prompt: configService.getOrThrow('LOGTO_PROMPT'),
|
|
123
|
+
redirectUri: configService.getOrThrow('LOGTO_REDIRECT_URI'),
|
|
124
|
+
signInUri: configService.getOrThrow('LOGTO_SIGN_IN_URI'),
|
|
125
|
+
dashboardSignInUri: configService.get('LOGTO_DASHBOARD_SIGN_IN_URI'),
|
|
126
|
+
}, loggerService);
|
|
30
127
|
}
|
|
31
128
|
return null;
|
|
32
129
|
},
|
|
33
|
-
inject: [config_1.ConfigService, client_1.LogtoLoggerServiceToken],
|
|
130
|
+
inject: [exports.LOGTO_MODULE_OPTIONS, config_1.ConfigService, client_1.LogtoLoggerServiceToken],
|
|
34
131
|
},
|
|
35
132
|
{
|
|
36
133
|
provide: client_1.LogtoLoginSessionToken,
|
|
37
|
-
useFactory: (configService,
|
|
38
|
-
if (
|
|
39
|
-
return new client_1.LogtoLoginSession(
|
|
134
|
+
useFactory: (opts, configService, loggerService, oauthClient) => {
|
|
135
|
+
if (opts.enableClient) {
|
|
136
|
+
return new client_1.LogtoLoginSession(configService.getOrThrow('LOGTO_M2M_API_URL'), loggerService, oauthClient);
|
|
40
137
|
}
|
|
41
138
|
return null;
|
|
42
139
|
},
|
|
43
|
-
inject: [config_1.ConfigService, client_1.LogtoLoggerServiceToken, client_1.OAuthClientToken],
|
|
140
|
+
inject: [exports.LOGTO_MODULE_OPTIONS, config_1.ConfigService, client_1.LogtoLoggerServiceToken, client_1.OAuthClientToken],
|
|
44
141
|
},
|
|
45
142
|
{
|
|
46
143
|
provide: client_1.LogtoM2MClientToken,
|
|
47
|
-
useFactory: (configService, tokenVerifier,
|
|
48
|
-
if (
|
|
49
|
-
return new client_1.LogtoM2MClient(
|
|
144
|
+
useFactory: (opts, configService, tokenVerifier, loggerService) => {
|
|
145
|
+
if (opts.enableClient) {
|
|
146
|
+
return new client_1.LogtoM2MClient({
|
|
147
|
+
endpoint: configService.getOrThrow('LOGTO_AUTH_ENDPOINT'),
|
|
148
|
+
clientId: configService.getOrThrow('LOGTO_M2M_CLIENT_ID'),
|
|
149
|
+
clientSecret: configService.getOrThrow('LOGTO_M2M_CLIENT_SECRET'),
|
|
150
|
+
resource: configService.getOrThrow('LOGTO_M2M_RESOURCE'),
|
|
151
|
+
apiUrl: configService.getOrThrow('LOGTO_M2M_API_URL'),
|
|
152
|
+
scopes: ['all'],
|
|
153
|
+
}, tokenVerifier, loggerService);
|
|
50
154
|
}
|
|
51
155
|
return null;
|
|
52
156
|
},
|
|
53
|
-
inject: [config_1.ConfigService, token_1.LogtoTokenVerifierToken, client_1.LogtoLoggerServiceToken],
|
|
157
|
+
inject: [exports.LOGTO_MODULE_OPTIONS, config_1.ConfigService, token_1.LogtoTokenVerifierToken, client_1.LogtoLoggerServiceToken],
|
|
54
158
|
},
|
|
55
159
|
];
|
|
56
|
-
const providers = [...baseProviders, ...
|
|
160
|
+
const providers = [...baseProviders, ...clientProviders];
|
|
57
161
|
return {
|
|
58
162
|
module: LogtoModule,
|
|
59
|
-
global
|
|
60
|
-
imports: [
|
|
61
|
-
|
|
62
|
-
],
|
|
63
|
-
providers: providers,
|
|
163
|
+
global,
|
|
164
|
+
imports: [config_1.ConfigModule, ...imports],
|
|
165
|
+
providers,
|
|
64
166
|
exports: providers,
|
|
65
167
|
};
|
|
66
168
|
}
|
|
67
169
|
}
|
|
68
170
|
exports.LogtoModule = LogtoModule;
|
|
69
|
-
;
|
|
70
171
|
//# sourceMappingURL=module.js.map
|
package/dist/module.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"module.js","sourceRoot":"","sources":["../module.ts"],"names":[],"mappings":";;;AACA,2CAA6D;AAC7D,
|
|
1
|
+
{"version":3,"file":"module.js","sourceRoot":"","sources":["../module.ts"],"names":[],"mappings":";;;AACA,2CAA6D;AAC7D,qCASkB;AAClB,mCAAsE;AACtE,2CAAoE;AAGvD,QAAA,oBAAoB,GAAG,MAAM,CAAC,sBAAsB,CAAC,CAAC;AAsDnE,MAAa,WAAW;IAwBpB,MAAM,CAAC,OAAO,CAAC,OAA2B;QACtC,MAAM,EAAE,MAAM,GAAG,KAAK,EAAE,YAAY,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAEjE,MAAM,aAAa,GAAe;YAC9B;gBACI,OAAO,EAAE,gCAAuB;gBAChC,WAAW,EAAE,MAAM,CAAC,KAAK;aAC5B;YACD;gBACI,OAAO,EAAE,+BAAuB;gBAChC,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE;oBACzC,OAAO,IAAI,0BAAkB,CAAC;wBAC1B,OAAO,EAAE,aAAa,CAAC,GAAG,CAAS,gBAAgB,CAAC,IAAI,iCAAiC;wBACzF,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;qBAChE,CAAC,CAAC;gBACP,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aAC1B;YACD;gBACI,OAAO,EAAE,gCAAoB;gBAC7B,QAAQ,EAAE,2BAAe;aAC5B;SACJ,CAAC;QAEF,MAAM,eAAe,GAAe,YAAY;YAC5C,CAAC,CAAC;gBACI;oBACI,OAAO,EAAE,yBAAgB;oBACzB,UAAU,EAAE,CAAC,aAA4B,EAAE,aAA4B,EAAE,EAAE;wBACvE,OAAO,IAAI,oBAAW,CAClB;4BACI,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,iBAAiB,CAAC;4BAC7D,YAAY,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACrE,SAAS,EAAE,CAAC,aAAa,CAAC,UAAU,CAAS,iBAAiB,CAAC,CAAC;4BAChE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,cAAc,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;4BACnE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,cAAc,CAAW;4BAClE,WAAW,EAAE,aAAa,CAAC,UAAU,CAAS,oBAAoB,CAAC;4BACnE,SAAS,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;4BAChE,kBAAkB,EAAE,aAAa,CAAC,GAAG,CAAS,6BAA6B,CAAC;yBAC/E,EACD,aAAa,CAChB,CAAC;oBACN,CAAC;oBACD,MAAM,EAAE,CAAC,sBAAa,EAAE,gCAAuB,CAAC;iBACnD;gBACD;oBACI,OAAO,EAAE,+BAAsB;oBAC/B,UAAU,EAAE,CACR,aAA4B,EAC5B,aAA4B,EAC5B,WAAwB,EAC1B,EAAE;wBACA,OAAO,IAAI,0BAAiB,CACxB,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC,EACrD,aAAa,EACb,WAAW,CACd,CAAC;oBACN,CAAC;oBACD,MAAM,EAAE,CAAC,sBAAa,EAAE,gCAAuB,EAAE,yBAAgB,CAAC;iBACrE;gBACD;oBACI,OAAO,EAAE,4BAAmB;oBAC5B,UAAU,EAAE,CACR,aAA4B,EAC5B,aAAiC,EACjC,aAA4B,EAC9B,EAAE;wBACA,OAAO,IAAI,uBAAc,CACrB;4BACI,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,YAAY,EAAE,aAAa,CAAC,UAAU,CAAS,yBAAyB,CAAC;4BACzE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,oBAAoB,CAAC;4BAChE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;4BAC7D,MAAM,EAAE,CAAC,KAAK,CAAC;yBAClB,EACD,aAAa,EACb,aAAa,CAChB,CAAC;oBACN,CAAC;oBACD,MAAM,EAAE,CAAC,sBAAa,EAAE,+BAAuB,EAAE,gCAAuB,CAAC;iBAC5E;aACJ;YACH,CAAC,CAAC,EAAE,CAAC;QAET,MAAM,SAAS,GAAG,CAAC,GAAG,aAAa,EAAE,GAAG,eAAe,CAAC,CAAC;QAEzD,OAAO;YACH,MAAM,EAAE,WAAW;YACnB,MAAM;YACN,OAAO,EAAE,CAAC,qBAAY,EAAE,MAAM,CAAC,MAAM,CAAC;YACtC,SAAS;YACT,OAAO,EAAE,SAAS;SACrB,CAAC;IACN,CAAC;IAqBD,MAAM,CAAC,YAAY,CAAC,OAAgC;QAChD,MAAM,EAAE,MAAM,GAAG,KAAK,EAAE,OAAO,GAAG,EAAE,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC;QAEvF,MAAM,oBAAoB,GAAa;YACnC,OAAO,EAAE,4BAAoB;YAC7B,UAAU;YACV,MAAM;SACT,CAAC;QAEF,MAAM,aAAa,GAAe;YAC9B,oBAAoB;YACpB;gBACI,OAAO,EAAE,gCAAuB;gBAChC,WAAW,EAAE,WAAW;aAC3B;YACD;gBACI,OAAO,EAAE,+BAAuB;gBAChC,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE;oBACzC,OAAO,IAAI,0BAAkB,CAAC;wBAC1B,OAAO,EAAE,aAAa,CAAC,UAAU,CAAS,gBAAgB,CAAC;wBAC3D,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;qBAChE,CAAC,CAAC;gBACP,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aAC1B;YACD;gBACI,OAAO,EAAE,gCAAoB;gBAC7B,QAAQ,EAAE,2BAAe;aAC5B;SACJ,CAAC;QAEF,MAAM,eAAe,GAAe;YAChC;gBACI,OAAO,EAAE,yBAAgB;gBACzB,UAAU,EAAE,CACR,IAA+B,EAC/B,aAA4B,EAC5B,aAA4B,EAC9B,EAAE;oBACA,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;wBACpB,OAAO,IAAI,oBAAW,CAClB;4BACI,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,iBAAiB,CAAC;4BAC7D,YAAY,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACrE,SAAS,EAAE,CAAC,aAAa,CAAC,UAAU,CAAS,iBAAiB,CAAC,CAAC;4BAChE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,cAAc,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;4BACnE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,cAAc,CAAW;4BAClE,WAAW,EAAE,aAAa,CAAC,UAAU,CAAS,oBAAoB,CAAC;4BACnE,SAAS,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;4BAChE,kBAAkB,EAAE,aAAa,CAAC,GAAG,CAAS,6BAA6B,CAAC;yBAC/E,EACD,aAAa,CAChB,CAAC;oBACN,CAAC;oBACD,OAAO,IAAI,CAAC;gBAChB,CAAC;gBACD,MAAM,EAAE,CAAC,4BAAoB,EAAE,sBAAa,EAAE,gCAAuB,CAAC;aACzE;YACD;gBACI,OAAO,EAAE,+BAAsB;gBAC/B,UAAU,EAAE,CACR,IAA+B,EAC/B,aAA4B,EAC5B,aAA4B,EAC5B,WAAwB,EAC1B,EAAE;oBACA,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;wBACpB,OAAO,IAAI,0BAAiB,CACxB,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC,EACrD,aAAa,EACb,WAAW,CACd,CAAC;oBACN,CAAC;oBACD,OAAO,IAAI,CAAC;gBAChB,CAAC;gBACD,MAAM,EAAE,CAAC,4BAAoB,EAAE,sBAAa,EAAE,gCAAuB,EAAE,yBAAgB,CAAC;aAC3F;YACD;gBACI,OAAO,EAAE,4BAAmB;gBAC5B,UAAU,EAAE,CACR,IAA+B,EAC/B,aAA4B,EAC5B,aAAiC,EACjC,aAA4B,EAC9B,EAAE;oBACA,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;wBACpB,OAAO,IAAI,uBAAc,CACrB;4BACI,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,qBAAqB,CAAC;4BACjE,YAAY,EAAE,aAAa,CAAC,UAAU,CAAS,yBAAyB,CAAC;4BACzE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAS,oBAAoB,CAAC;4BAChE,MAAM,EAAE,aAAa,CAAC,UAAU,CAAS,mBAAmB,CAAC;4BAC7D,MAAM,EAAE,CAAC,KAAK,CAAC;yBAClB,EACD,aAAa,EACb,aAAa,CAChB,CAAC;oBACN,CAAC;oBACD,OAAO,IAAI,CAAC;gBAChB,CAAC;gBACD,MAAM,EAAE,CAAC,4BAAoB,EAAE,sBAAa,EAAE,+BAAuB,EAAE,gCAAuB,CAAC;aAClG;SACJ,CAAC;QAEF,MAAM,SAAS,GAAG,CAAC,GAAG,aAAa,EAAE,GAAG,eAAe,CAAC,CAAC;QAEzD,OAAO;YACH,MAAM,EAAE,WAAW;YACnB,MAAM;YACN,OAAO,EAAE,CAAC,qBAAY,EAAE,GAAG,OAAO,CAAC;YACnC,SAAS;YACT,OAAO,EAAE,SAAS;SACrB,CAAC;IACN,CAAC;CACJ;AAhQD,kCAgQC"}
|
package/dist/token/verifier.d.ts
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { LogtoVerifierConfig } from "../client/config";
|
|
2
2
|
import * as token from "./access-token";
|
|
3
3
|
export declare const LogtoTokenVerifierToken: unique symbol;
|
|
4
4
|
export declare class LogtoTokenVerifier {
|
|
5
|
-
private readonly
|
|
6
|
-
constructor(
|
|
5
|
+
private readonly config;
|
|
6
|
+
constructor(config: LogtoVerifierConfig);
|
|
7
7
|
verifyToken(token: string): Promise<token.AccessTokenPayload>;
|
|
8
8
|
verifyToken(token: string, requiredScopes: string[], requiredRoles: string[]): Promise<token.AccessTokenPayload>;
|
|
9
9
|
verifyIdToken(token: string): Promise<token.IdTokenPayload>;
|
package/dist/token/verifier.js
CHANGED
|
@@ -8,25 +8,19 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
8
8
|
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
9
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
10
|
};
|
|
11
|
-
var __param = (this && this.__param) || function (paramIndex, decorator) {
|
|
12
|
-
return function (target, key) { decorator(target, key, paramIndex); }
|
|
13
|
-
};
|
|
14
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
12
|
exports.LogtoTokenVerifier = exports.LogtoTokenVerifierToken = void 0;
|
|
16
13
|
const common_1 = require("@nestjs/common");
|
|
17
|
-
const config_1 = require("@nestjs/config");
|
|
18
14
|
const jose_1 = require("jose");
|
|
19
15
|
exports.LogtoTokenVerifierToken = Symbol.for("LogtoTokenVerifier");
|
|
20
16
|
let LogtoTokenVerifier = class LogtoTokenVerifier {
|
|
21
|
-
constructor(
|
|
22
|
-
this.
|
|
17
|
+
constructor(config) {
|
|
18
|
+
this.config = config;
|
|
23
19
|
}
|
|
24
20
|
async verifyToken(token, requiredScopes, requiredRoles) {
|
|
25
21
|
if (!token)
|
|
26
22
|
throw new common_1.UnauthorizedException('엑세스 토큰이 존재하지 않습니다.');
|
|
27
|
-
const
|
|
28
|
-
const issuer = this.configService.get("LOGTO_AUTH_ISSUER");
|
|
29
|
-
const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(jwksUri)), { issuer });
|
|
23
|
+
const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(this.config.jwksUri)), { issuer: this.config.issuer });
|
|
30
24
|
const tokenPayload = payload;
|
|
31
25
|
if (requiredScopes || requiredRoles) {
|
|
32
26
|
this.shouldContainRequiredPrivileges(tokenPayload, requiredScopes, requiredRoles);
|
|
@@ -34,9 +28,7 @@ let LogtoTokenVerifier = class LogtoTokenVerifier {
|
|
|
34
28
|
return tokenPayload;
|
|
35
29
|
}
|
|
36
30
|
async verifyIdToken(token) {
|
|
37
|
-
const
|
|
38
|
-
const issuer = process.env.LOGTO_AUTH_ISSUER;
|
|
39
|
-
const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(jwksUri)), { issuer });
|
|
31
|
+
const { payload } = await (0, jose_1.jwtVerify)(token, (0, jose_1.createRemoteJWKSet)(new URL(this.config.jwksUri)), { issuer: this.config.issuer });
|
|
40
32
|
return payload;
|
|
41
33
|
}
|
|
42
34
|
shouldContainRequiredPrivileges(payload, requiredScopes, requiredRoles) {
|
|
@@ -59,7 +51,6 @@ let LogtoTokenVerifier = class LogtoTokenVerifier {
|
|
|
59
51
|
exports.LogtoTokenVerifier = LogtoTokenVerifier;
|
|
60
52
|
exports.LogtoTokenVerifier = LogtoTokenVerifier = __decorate([
|
|
61
53
|
(0, common_1.Injectable)(),
|
|
62
|
-
|
|
63
|
-
__metadata("design:paramtypes", [config_1.ConfigService])
|
|
54
|
+
__metadata("design:paramtypes", [Object])
|
|
64
55
|
], LogtoTokenVerifier);
|
|
65
56
|
//# sourceMappingURL=verifier.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verifier.js","sourceRoot":"","sources":["../../token/verifier.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"verifier.js","sourceRoot":"","sources":["../../token/verifier.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmE;AACnE,+BAAqD;AAKxC,QAAA,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAGjE,IAAM,kBAAkB,GAAxB,MAAM,kBAAkB;IAC3B,YAA6B,MAA2B;QAA3B,WAAM,GAAN,MAAM,CAAqB;IAAI,CAAC;IAYtD,KAAK,CAAC,WAAW,CAAC,KAAa,EAAE,cAAyB,EAAE,aAAwB;QACvF,IAAI,CAAC,KAAK;YAAE,MAAM,IAAI,8BAAqB,CAAC,oBAAoB,CAAC,CAAC;QAElE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAC/B,KAAK,EAAE,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EACvD,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CACjC,CAAC;QAEF,MAAM,YAAY,GAAG,OAAmC,CAAC;QAEzD,IAAI,cAAc,IAAI,aAAa,EAAE,CAAC;YAClC,IAAI,CAAC,+BAA+B,CAChC,YAAY,EAAE,cAAc,EAAE,aAAa,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,YAAY,CAAC;IACxB,CAAC;IAOM,KAAK,CAAC,aAAa,CAAC,KAAa;QACpC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,gBAAS,EAC/B,KAAK,EACL,IAAA,yBAAkB,EAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAChD,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CACjC,CAAC;QACF,OAAO,OAA+B,CAAC;IAC3C,CAAC;IAQO,+BAA+B,CACnC,OAAiC,EACjC,cAAyB,EACzB,aAAwB;QAExB,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC;QAC1C,MAAM,MAAM,GAAG,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QAExC,IAAI,IAAI,CAAC,qBAAqB,CAAC,cAAc,EAAE,MAAM,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,8BAAqB,CAC3B,EAAE,IAAI,EAAE,yBAAyB,EAAE,MAAM,EAAE,GAAG,EAAE,EAChD,EAAE,KAAK,EAAE,cAAc,EAAE,CAC5B,CAAC;QACN,CAAC;QAED,IAAI,IAAI,CAAC,oBAAoB,CAAC,aAAa,EAAE,SAAS,CAAC,EAAE,CAAC;YACtD,MAAM,IAAI,8BAAqB,CAC3B,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,GAAG,EAAE,EAC3C,EAAE,KAAK,EAAE,aAAa,EAAE,CAC3B,CAAC;QACN,CAAC;IACL,CAAC;IAEO,qBAAqB,CAAC,cAAoC,EAAE,UAAoB;QACpF,OAAO,CAAC,CAAC,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACzH,CAAC;IAEO,oBAAoB,CAAC,aAAmC,EAAE,SAAmB;QACjF,OAAO,CAAC,CAAC,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClH,CAAC;CACJ,CAAA;AAjFY,gDAAkB;6BAAlB,kBAAkB;IAD9B,IAAA,mBAAU,GAAE;;GACA,kBAAkB,CAiF9B"}
|