@point3/logto-module 1.1.5 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/client/__tests__/m2m-client.spec.ts +28 -6
- package/client/__tests__/oauth-client.spec.ts +4 -0
- package/client/m2m-client.ts +51 -30
- package/client/oauth-client.ts +33 -0
- package/client/types.ts +15 -0
- package/dist/client/__tests__/m2m-client.spec.js +13 -0
- package/dist/client/__tests__/m2m-client.spec.js.map +1 -1
- package/dist/client/__tests__/oauth-client.spec.js +3 -0
- package/dist/client/__tests__/oauth-client.spec.js.map +1 -1
- package/dist/client/m2m-client.d.ts +4 -4
- package/dist/client/m2m-client.js +18 -20
- package/dist/client/m2m-client.js.map +1 -1
- package/dist/client/oauth-client.d.ts +5 -0
- package/dist/client/oauth-client.js +22 -0
- package/dist/client/oauth-client.js.map +1 -1
- package/dist/client/types.d.ts +8 -0
- package/dist/client/types.js.map +1 -1
- package/dist/env-config.d.ts +15 -0
- package/dist/env-config.js +157 -0
- package/dist/env-config.js.map +1 -0
- package/dist/errors.d.ts +3 -0
- package/dist/errors.js +8 -1
- package/dist/errors.js.map +1 -1
- package/dist/local-test.d.ts +1 -0
- package/dist/local-test.js +87 -0
- package/dist/local-test.js.map +1 -0
- package/dist/stateless/guard.d.ts +4 -1
- package/dist/stateless/guard.js +17 -3
- package/dist/stateless/guard.js.map +1 -1
- package/dist/tsconfig.tsbuildinfo +1 -1
- package/errors.ts +7 -0
- package/package.json +2 -1
- package/stateless/guard.ts +30 -12
|
@@ -9,14 +9,14 @@ import { ConsoleLogger } from "@nestjs/common";
|
|
|
9
9
|
|
|
10
10
|
describe('M2mclient를 이용한 Logto API 테스트', () => {
|
|
11
11
|
let m2mClient: LogtoM2MClient;
|
|
12
|
-
let testUser
|
|
13
|
-
let testUserId
|
|
14
|
-
let testRoleId
|
|
12
|
+
let testUser: LogtoUser;
|
|
13
|
+
let testUserId: string = 'bead71jr45u1';
|
|
14
|
+
let testRoleId: string = '0fwcgs8okjy7lav216sb3';
|
|
15
15
|
beforeAll(async () => {
|
|
16
16
|
const module: TestingModule = await Test.createTestingModule({
|
|
17
17
|
imports: [
|
|
18
18
|
ConfigModule.forRoot({
|
|
19
|
-
envFilePath: `env/.env.${process.env.NODE_ENV}`,
|
|
19
|
+
envFilePath: `env/.env.${process.env.NODE_ENV}`,
|
|
20
20
|
isGlobal: true,
|
|
21
21
|
})
|
|
22
22
|
],
|
|
@@ -32,7 +32,7 @@ describe('M2mclient를 이용한 Logto API 테스트', () => {
|
|
|
32
32
|
],
|
|
33
33
|
}).compile();
|
|
34
34
|
m2mClient = module.get<LogtoM2MClient>(LogtoM2MClientToken);
|
|
35
|
-
|
|
35
|
+
|
|
36
36
|
// random number 4 자리
|
|
37
37
|
const randomNumber = Math.floor(1000 + Math.random() * 9000);
|
|
38
38
|
testUser = {
|
|
@@ -43,7 +43,7 @@ describe('M2mclient를 이용한 Logto API 테스트', () => {
|
|
|
43
43
|
primaryPhone: '0101111' + randomNumber,
|
|
44
44
|
};
|
|
45
45
|
});
|
|
46
|
-
|
|
46
|
+
|
|
47
47
|
it('유저 생성', async () => {
|
|
48
48
|
const userId = await m2mClient.createUser(testUser);
|
|
49
49
|
expect(userId).toBeDefined();
|
|
@@ -54,6 +54,28 @@ describe('M2mclient를 이용한 Logto API 테스트', () => {
|
|
|
54
54
|
await m2mClient.fetchAccessToken();
|
|
55
55
|
});
|
|
56
56
|
|
|
57
|
+
it('PAT 추가 및 삭제', async () => {
|
|
58
|
+
const tokenName = 'test_pat_' + Math.floor(1000 + Math.random() * 9000);
|
|
59
|
+
|
|
60
|
+
// 발급 테스트
|
|
61
|
+
const newToken = await m2mClient.addPersonalAccessToken(testUserId, tokenName, 3600);
|
|
62
|
+
expect(newToken).toBeDefined();
|
|
63
|
+
expect(newToken.name).toBe(tokenName);
|
|
64
|
+
|
|
65
|
+
// 조회 테스트 (추가되었는지 확인)
|
|
66
|
+
const tokens = await m2mClient.getPersonalAccessTokens(testUserId);
|
|
67
|
+
const foundToken = tokens.find(t => t.name === tokenName);
|
|
68
|
+
expect(foundToken).toBeDefined();
|
|
69
|
+
|
|
70
|
+
// 삭제 테스트
|
|
71
|
+
await m2mClient.deletePersonalAccessToken(testUserId, tokenName);
|
|
72
|
+
|
|
73
|
+
// 조회 테스트 (삭제되었는지 확인)
|
|
74
|
+
const tokensAfterDelete = await m2mClient.getPersonalAccessTokens(testUserId);
|
|
75
|
+
const deletedToken = tokensAfterDelete.find(t => t.name === tokenName);
|
|
76
|
+
expect(deletedToken).toBeUndefined();
|
|
77
|
+
});
|
|
78
|
+
|
|
57
79
|
it('유저 정보 수정', async () => {
|
|
58
80
|
await m2mClient.updateUserClientInfo(testUserId);
|
|
59
81
|
});
|
package/client/m2m-client.ts
CHANGED
|
@@ -24,6 +24,7 @@ import {
|
|
|
24
24
|
import {
|
|
25
25
|
LogtoOAuthRESTTemplate,
|
|
26
26
|
LogtoPasswordAlgorithm,
|
|
27
|
+
LogtoPersonalAccessTokenResponse,
|
|
27
28
|
LogtoRole,
|
|
28
29
|
LogtoRoleResponse,
|
|
29
30
|
LogtoUser,
|
|
@@ -33,6 +34,7 @@ import {
|
|
|
33
34
|
import { p3Values, axiosAdapter } from "point3-common-tool";
|
|
34
35
|
import {
|
|
35
36
|
UserMissingRequiredFieldsError,
|
|
37
|
+
PersonalAccessTokenFetchError,
|
|
36
38
|
} from "../errors";
|
|
37
39
|
|
|
38
40
|
// DI 토큰
|
|
@@ -129,36 +131,6 @@ export class LogtoM2MClient {
|
|
|
129
131
|
this.apiRestTemplate.setBearer(access_token);
|
|
130
132
|
}
|
|
131
133
|
|
|
132
|
-
/**
|
|
133
|
-
* PAT 토큰을 이용해 AccessToken 발급
|
|
134
|
-
*/
|
|
135
|
-
public async fetchAccessTokenByPAT(pat: string): Promise<{ accessToken: string }> {
|
|
136
|
-
try {
|
|
137
|
-
const parameters = new URLSearchParams();
|
|
138
|
-
parameters.set("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
|
|
139
|
-
parameters.set("scope", this.logtoConfig.scopes!.join(" "));
|
|
140
|
-
parameters.set("resource", this.logtoConfig.resources!.join(" "));
|
|
141
|
-
parameters.set("subject_token", pat);
|
|
142
|
-
parameters.set("subject_token_type", "urn:logto:token-type:personal_access_token");
|
|
143
|
-
|
|
144
|
-
// check the request
|
|
145
|
-
const response = await this.authRestTemplate.post(
|
|
146
|
-
`${this.logtoConfig.endpoint}/token`,
|
|
147
|
-
parameters.toString(),
|
|
148
|
-
{
|
|
149
|
-
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
150
|
-
}
|
|
151
|
-
);
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
console.log(response);
|
|
155
|
-
return {
|
|
156
|
-
accessToken: response.data["access_token"],
|
|
157
|
-
};
|
|
158
|
-
} catch (error) {
|
|
159
|
-
throw new Error(pat);
|
|
160
|
-
}
|
|
161
|
-
}
|
|
162
134
|
|
|
163
135
|
/**
|
|
164
136
|
* 유효한 AccessToken 반환 (만료 시 자동 갱신)
|
|
@@ -409,6 +381,55 @@ export class LogtoM2MClient {
|
|
|
409
381
|
);
|
|
410
382
|
return response.data;
|
|
411
383
|
}
|
|
384
|
+
/**
|
|
385
|
+
* 사용자 Personal Access Token 발급
|
|
386
|
+
* @param userId 사용자 ID
|
|
387
|
+
* @param name 발급할 토큰의 고유 이름
|
|
388
|
+
* @param expiresIn 만료 시간(초). 지정하지 않으면 만료되지 않음
|
|
389
|
+
*/
|
|
390
|
+
async addPersonalAccessToken(
|
|
391
|
+
userId: string,
|
|
392
|
+
name: string,
|
|
393
|
+
expiresIn?: number
|
|
394
|
+
): Promise<LogtoPersonalAccessTokenResponse> {
|
|
395
|
+
await this.getAccessToken();
|
|
396
|
+
|
|
397
|
+
const body: Record<string, any> = { name };
|
|
398
|
+
if (expiresIn !== undefined && expiresIn !== null) {
|
|
399
|
+
// expiresIn is in seconds, expiresAt requires epoch time in milliseconds
|
|
400
|
+
body.expiresAt = Date.now() + expiresIn * 1000;
|
|
401
|
+
}
|
|
402
|
+
|
|
403
|
+
const response = await this.apiRestTemplate.post<LogtoPersonalAccessTokenResponse>(
|
|
404
|
+
`/users/${userId}/personal-access-tokens`,
|
|
405
|
+
body
|
|
406
|
+
);
|
|
407
|
+
return response.data;
|
|
408
|
+
}
|
|
409
|
+
|
|
410
|
+
/**
|
|
411
|
+
* 사용자 Personal Access Token 삭제
|
|
412
|
+
* @param userId 사용자 ID
|
|
413
|
+
* @param name 삭제할 토큰 이름
|
|
414
|
+
*/
|
|
415
|
+
async deletePersonalAccessToken(userId: string, name: string): Promise<void> {
|
|
416
|
+
await this.getAccessToken();
|
|
417
|
+
await this.apiRestTemplate.delete(
|
|
418
|
+
`/users/${userId}/personal-access-tokens/${name}`
|
|
419
|
+
);
|
|
420
|
+
}
|
|
421
|
+
|
|
422
|
+
/**
|
|
423
|
+
* 사용자의 모든 Personal Access Token 조회
|
|
424
|
+
* @param userId 사용자 ID
|
|
425
|
+
*/
|
|
426
|
+
async getPersonalAccessTokens(userId: string): Promise<LogtoPersonalAccessTokenResponse[]> {
|
|
427
|
+
await this.getAccessToken();
|
|
428
|
+
const response = await this.apiRestTemplate.get<LogtoPersonalAccessTokenResponse[]>(
|
|
429
|
+
`/users/${userId}/personal-access-tokens`
|
|
430
|
+
);
|
|
431
|
+
return response.data;
|
|
432
|
+
}
|
|
412
433
|
}
|
|
413
434
|
|
|
414
435
|
/**
|
package/client/oauth-client.ts
CHANGED
|
@@ -7,6 +7,7 @@ import {
|
|
|
7
7
|
AuthorizationCodeTokenFetchError,
|
|
8
8
|
SignInUriGenerationError,
|
|
9
9
|
SignOutUriGenerationError,
|
|
10
|
+
PersonalAccessTokenFetchError,
|
|
10
11
|
} from "../errors";
|
|
11
12
|
import { LogtoLoggerServiceToken, LogtoOAuthRESTTemplate } from "./types";
|
|
12
13
|
|
|
@@ -168,6 +169,38 @@ export class OAuthClient {
|
|
|
168
169
|
throw new AuthorizationCodeTokenFetchError(code);
|
|
169
170
|
}
|
|
170
171
|
}
|
|
172
|
+
/**
|
|
173
|
+
* PAT 토큰을 이용해 AccessToken 발급
|
|
174
|
+
* @param pat Personal Access Token
|
|
175
|
+
* @returns { accessToken, expiresIn, scope } 액세스 토큰 및 정보
|
|
176
|
+
*/
|
|
177
|
+
public async fetchAccessTokenByPAT(pat: string): Promise<{ accessToken: string; expiresIn: number; scope: string }> {
|
|
178
|
+
try {
|
|
179
|
+
const parameters = new URLSearchParams();
|
|
180
|
+
parameters.set("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
|
|
181
|
+
parameters.set("scope", this.logtoConfig.scopes!.join(" "));
|
|
182
|
+
if (this.logtoConfig.resources && this.logtoConfig.resources.length > 0) {
|
|
183
|
+
parameters.set("resource", this.logtoConfig.resources.join(" "));
|
|
184
|
+
}
|
|
185
|
+
parameters.set("subject_token", pat);
|
|
186
|
+
parameters.set("subject_token_type", "urn:logto:token-type:personal_access_token");
|
|
187
|
+
|
|
188
|
+
const response = await this.logtoRestTemplate.post<TokenResponse>(
|
|
189
|
+
`${this.logtoConfig.endpoint}/token`,
|
|
190
|
+
parameters.toString()
|
|
191
|
+
);
|
|
192
|
+
|
|
193
|
+
return {
|
|
194
|
+
accessToken: response.data.access_token,
|
|
195
|
+
expiresIn: response.data.expires_in,
|
|
196
|
+
scope: response.data.scope,
|
|
197
|
+
};
|
|
198
|
+
} catch (error) {
|
|
199
|
+
this.logger.error(`PAT를 이용한 AccessToken 발급 실패: ${error.message}`, error.stack, this.constructor.name);
|
|
200
|
+
throw new PersonalAccessTokenFetchError();
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
|
|
171
204
|
|
|
172
205
|
/**
|
|
173
206
|
* 토큰 해지
|
package/client/types.ts
CHANGED
|
@@ -63,6 +63,21 @@ export type LogtoUser = {
|
|
|
63
63
|
export type LogtoUserResponse = { id: string } & LogtoUser;
|
|
64
64
|
|
|
65
65
|
/**
|
|
66
|
+
* LogtoPersonalAccessTokenResponse
|
|
67
|
+
*
|
|
68
|
+
* 사용자의 Personal Access Token 목록 조회 시 반환되는 응답 객체입니다.
|
|
69
|
+
*/
|
|
70
|
+
export type LogtoPersonalAccessTokenResponse = {
|
|
71
|
+
tenantId: string;
|
|
72
|
+
userId: string;
|
|
73
|
+
name: string;
|
|
74
|
+
value: string;
|
|
75
|
+
createdAt: number;
|
|
76
|
+
expiresAt: number | null;
|
|
77
|
+
};
|
|
78
|
+
|
|
79
|
+
/**
|
|
80
|
+
* LogtoRole
|
|
66
81
|
* LogtoRole
|
|
67
82
|
*
|
|
68
83
|
* Logto 역할(Role) 생성/수정 시 사용하는 타입입니다.
|
|
@@ -48,6 +48,19 @@ describe('M2mclient를 이용한 Logto API 테스트', () => {
|
|
|
48
48
|
it('토큰 발급', async () => {
|
|
49
49
|
await m2mClient.fetchAccessToken();
|
|
50
50
|
});
|
|
51
|
+
it('PAT 추가 및 삭제', async () => {
|
|
52
|
+
const tokenName = 'test_pat_' + Math.floor(1000 + Math.random() * 9000);
|
|
53
|
+
const newToken = await m2mClient.addPersonalAccessToken(testUserId, tokenName, 3600);
|
|
54
|
+
expect(newToken).toBeDefined();
|
|
55
|
+
expect(newToken.name).toBe(tokenName);
|
|
56
|
+
const tokens = await m2mClient.getPersonalAccessTokens(testUserId);
|
|
57
|
+
const foundToken = tokens.find(t => t.name === tokenName);
|
|
58
|
+
expect(foundToken).toBeDefined();
|
|
59
|
+
await m2mClient.deletePersonalAccessToken(testUserId, tokenName);
|
|
60
|
+
const tokensAfterDelete = await m2mClient.getPersonalAccessTokens(testUserId);
|
|
61
|
+
const deletedToken = tokensAfterDelete.find(t => t.name === tokenName);
|
|
62
|
+
expect(deletedToken).toBeUndefined();
|
|
63
|
+
});
|
|
51
64
|
it('유저 정보 수정', async () => {
|
|
52
65
|
await m2mClient.updateUserClientInfo(testUserId);
|
|
53
66
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"m2m-client.spec.js","sourceRoot":"","sources":["../../../client/__tests__/m2m-client.spec.ts"],"names":[],"mappings":";;AACA,6CAAsD;AACtD,2CAA8C;AAC9C,2DAA8C;AAE9C,0BAA6F;AAC7F,uCAA0E;AAC1E,2CAA+C;AAE/C,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;IAC1C,IAAI,SAAyB,CAAC;IAC9B,IAAI,
|
|
1
|
+
{"version":3,"file":"m2m-client.spec.js","sourceRoot":"","sources":["../../../client/__tests__/m2m-client.spec.ts"],"names":[],"mappings":";;AACA,6CAAsD;AACtD,2CAA8C;AAC9C,2DAA8C;AAE9C,0BAA6F;AAC7F,uCAA0E;AAC1E,2CAA+C;AAE/C,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;IAC1C,IAAI,SAAyB,CAAC;IAC9B,IAAI,QAAmB,CAAC;IACxB,IAAI,UAAU,GAAW,cAAc,CAAC;IACxC,IAAI,UAAU,GAAW,uBAAuB,CAAC;IACjD,SAAS,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,MAAM,GAAkB,MAAM,cAAI,CAAC,mBAAmB,CAAC;YACzD,OAAO,EAAE;gBACL,qBAAY,CAAC,OAAO,CAAC;oBACjB,WAAW,EAAE,YAAY,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC/C,QAAQ,EAAE,IAAI;iBACjB,CAAC;aACL;YACD,SAAS,EAAE;gBACP;oBACI,OAAO,EAAE,+BAAuB;oBAChC,QAAQ,EAAE,0BAAkB;iBAC/B;gBACD;oBACI,OAAO,EAAE,2BAAuB;oBAChC,QAAQ,EAAE,sBAAa;iBAC1B;aACJ;SACJ,CAAC,CAAC,OAAO,EAAE,CAAC;QACb,SAAS,GAAG,MAAM,CAAC,GAAG,CAAiB,uBAAmB,CAAC,CAAC;QAG5D,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;QAC7D,QAAQ,GAAG;YACP,QAAQ,EAAE,6BAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;YACpE,IAAI,EAAE,MAAM,GAAG,YAAY;YAC3B,YAAY,EAAE,MAAM,GAAG,YAAY,GAAG,WAAW;YACjD,QAAQ,EAAE,SAAS;YACnB,YAAY,EAAE,SAAS,GAAG,YAAY;SACzC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;QACnB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QAC7B,UAAU,GAAG,MAAM,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,OAAO,EAAE,KAAK,IAAI,EAAE;QACnB,MAAM,SAAS,CAAC,gBAAgB,EAAE,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,aAAa,EAAE,KAAK,IAAI,EAAE;QACzB,MAAM,SAAS,GAAG,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;QAGxE,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,sBAAsB,CAAC,UAAU,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/B,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAGtC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;QAC1D,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QAGjC,MAAM,SAAS,CAAC,yBAAyB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;QAGjE,MAAM,iBAAiB,GAAG,MAAM,SAAS,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;QAC9E,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;QACvE,MAAM,CAAC,YAAY,CAAC,CAAC,aAAa,EAAE,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,UAAU,EAAE,KAAK,IAAI,EAAE;QACtB,MAAM,SAAS,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACP,CAAC,CAAC,CAAC"}
|
|
@@ -36,5 +36,8 @@ describe('OAuthClient', () => {
|
|
|
36
36
|
const uri = oauthClient.getSignInURI(__1.SignInType.Admin);
|
|
37
37
|
expect(uri).toContain('prompt=login');
|
|
38
38
|
});
|
|
39
|
+
it('잘못된 PAT 토큰으로 발급 시도 시 에러 발생', async () => {
|
|
40
|
+
await expect(oauthClient.fetchAccessTokenByPAT('invalid_pat')).rejects.toThrow();
|
|
41
|
+
});
|
|
39
42
|
});
|
|
40
43
|
//# sourceMappingURL=oauth-client.spec.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client.spec.js","sourceRoot":"","sources":["../../../client/__tests__/oauth-client.spec.ts"],"names":[],"mappings":";;AAAA,6CAAuC;AACvC,0BAAwF;AACxF,2CAA8C;AAC9C,2CAA+C;AAC/C,uCAA0E;AAE1E,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IACzB,IAAI,WAAwB,CAAC;IAE7B,UAAU,CAAC,KAAK,IAAI,EAAE;QAClB,MAAM,aAAa,GAAG,MAAM,cAAI,CAAC,mBAAmB,CAAC;YACjD,OAAO,EAAE;gBACL,qBAAY,CAAC,OAAO,CAAC;oBACnB,WAAW,EAAE,YAAY,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC/C,QAAQ,EAAE,IAAI;iBACf,CAAC;aACH;YACH,SAAS,EAAE;gBACP;oBACI,OAAO,EAAE,2BAAuB;oBAChC,QAAQ,EAAE,sBAAa;iBAC1B;gBACD;oBACI,OAAO,EAAE,oBAAgB;oBACzB,QAAQ,EAAE,eAAW;iBACxB;gBACD;oBACI,OAAO,EAAE,+BAAuB;oBAChC,QAAQ,EAAE,0BAAkB;iBAC/B;aACJ;SACJ,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,WAAW,GAAG,aAAa,CAAC,GAAG,CAAc,oBAAgB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QAEvC,MAAM,GAAG,GAAG,WAAW,CAAC,YAAY,CAAC,cAAU,CAAC,KAAK,CAAC,CAAC;QAEvD,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"oauth-client.spec.js","sourceRoot":"","sources":["../../../client/__tests__/oauth-client.spec.ts"],"names":[],"mappings":";;AAAA,6CAAuC;AACvC,0BAAwF;AACxF,2CAA8C;AAC9C,2CAA+C;AAC/C,uCAA0E;AAE1E,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IACzB,IAAI,WAAwB,CAAC;IAE7B,UAAU,CAAC,KAAK,IAAI,EAAE;QAClB,MAAM,aAAa,GAAG,MAAM,cAAI,CAAC,mBAAmB,CAAC;YACjD,OAAO,EAAE;gBACL,qBAAY,CAAC,OAAO,CAAC;oBACnB,WAAW,EAAE,YAAY,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC/C,QAAQ,EAAE,IAAI;iBACf,CAAC;aACH;YACH,SAAS,EAAE;gBACP;oBACI,OAAO,EAAE,2BAAuB;oBAChC,QAAQ,EAAE,sBAAa;iBAC1B;gBACD;oBACI,OAAO,EAAE,oBAAgB;oBACzB,QAAQ,EAAE,eAAW;iBACxB;gBACD;oBACI,OAAO,EAAE,+BAAuB;oBAChC,QAAQ,EAAE,0BAAkB;iBAC/B;aACJ;SACJ,CAAC,CAAC,OAAO,EAAE,CAAC;QAEb,WAAW,GAAG,aAAa,CAAC,GAAG,CAAc,oBAAgB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QAEvC,MAAM,GAAG,GAAG,WAAW,CAAC,YAAY,CAAC,cAAU,CAAC,KAAK,CAAC,CAAC;QAEvD,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,MAAM,CAAC,WAAW,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IACrF,CAAC,CAAC,CAAC;AAEP,CAAC,CAAC,CAAC"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { LoggerService } from "@nestjs/common";
|
|
2
2
|
import { LogtoM2MConfig } from "./config";
|
|
3
3
|
import { LogtoTokenVerifier } from "../token";
|
|
4
|
-
import { LogtoRole, LogtoRoleResponse, LogtoUser, LogtoUserResponse } from "./types";
|
|
4
|
+
import { LogtoPersonalAccessTokenResponse, LogtoRole, LogtoRoleResponse, LogtoUser, LogtoUserResponse } from "./types";
|
|
5
5
|
import { p3Values } from "point3-common-tool";
|
|
6
6
|
export declare const LogtoM2MClientToken: unique symbol;
|
|
7
7
|
export declare class LogtoM2MClient {
|
|
@@ -14,9 +14,6 @@ export declare class LogtoM2MClient {
|
|
|
14
14
|
private readonly apiRestTemplate;
|
|
15
15
|
constructor(config: LogtoM2MConfig, tokenVerifier: LogtoTokenVerifier, logger: LoggerService);
|
|
16
16
|
fetchAccessToken(): Promise<void>;
|
|
17
|
-
fetchAccessTokenByPAT(pat: string): Promise<{
|
|
18
|
-
accessToken: string;
|
|
19
|
-
}>;
|
|
20
17
|
private getAccessToken;
|
|
21
18
|
getRoles(): Promise<LogtoRoleResponse[]>;
|
|
22
19
|
getRoleByName(name: string): Promise<LogtoRoleResponse>;
|
|
@@ -33,5 +30,8 @@ export declare class LogtoM2MClient {
|
|
|
33
30
|
sendVerificationCode(identifier: p3Values.PhoneNumber | p3Values.Email): Promise<void>;
|
|
34
31
|
verifyCode(identifier: p3Values.PhoneNumber | p3Values.Email, code: string): Promise<void>;
|
|
35
32
|
updateUserPassword(userId: string, password: string): Promise<LogtoUserResponse>;
|
|
33
|
+
addPersonalAccessToken(userId: string, name: string, expiresIn?: number): Promise<LogtoPersonalAccessTokenResponse>;
|
|
34
|
+
deletePersonalAccessToken(userId: string, name: string): Promise<void>;
|
|
35
|
+
getPersonalAccessTokens(userId: string): Promise<LogtoPersonalAccessTokenResponse[]>;
|
|
36
36
|
}
|
|
37
37
|
export declare function generatePhoneNumberWithCountryCode(countryCode: string, phoneNumber: string): string;
|
|
@@ -48,26 +48,6 @@ let LogtoM2MClient = class LogtoM2MClient {
|
|
|
48
48
|
this.accessToken = new token_1.AccessToken(payload.sub, access_token, expires_in);
|
|
49
49
|
this.apiRestTemplate.setBearer(access_token);
|
|
50
50
|
}
|
|
51
|
-
async fetchAccessTokenByPAT(pat) {
|
|
52
|
-
try {
|
|
53
|
-
const parameters = new URLSearchParams();
|
|
54
|
-
parameters.set("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
|
|
55
|
-
parameters.set("scope", this.logtoConfig.scopes.join(" "));
|
|
56
|
-
parameters.set("resource", this.logtoConfig.resources.join(" "));
|
|
57
|
-
parameters.set("subject_token", pat);
|
|
58
|
-
parameters.set("subject_token_type", "urn:logto:token-type:personal_access_token");
|
|
59
|
-
const response = await this.authRestTemplate.post(`${this.logtoConfig.endpoint}/token`, parameters.toString(), {
|
|
60
|
-
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
61
|
-
});
|
|
62
|
-
console.log(response);
|
|
63
|
-
return {
|
|
64
|
-
accessToken: response.data["access_token"],
|
|
65
|
-
};
|
|
66
|
-
}
|
|
67
|
-
catch (error) {
|
|
68
|
-
throw new Error(pat);
|
|
69
|
-
}
|
|
70
|
-
}
|
|
71
51
|
async getAccessToken() {
|
|
72
52
|
if (!this.accessToken || this.accessToken.isExpired()) {
|
|
73
53
|
await this.fetchAccessToken();
|
|
@@ -180,6 +160,24 @@ let LogtoM2MClient = class LogtoM2MClient {
|
|
|
180
160
|
const response = await this.apiRestTemplate.patch(`/users/${userId}/password`, { password });
|
|
181
161
|
return response.data;
|
|
182
162
|
}
|
|
163
|
+
async addPersonalAccessToken(userId, name, expiresIn) {
|
|
164
|
+
await this.getAccessToken();
|
|
165
|
+
const body = { name };
|
|
166
|
+
if (expiresIn !== undefined && expiresIn !== null) {
|
|
167
|
+
body.expiresAt = Date.now() + expiresIn * 1000;
|
|
168
|
+
}
|
|
169
|
+
const response = await this.apiRestTemplate.post(`/users/${userId}/personal-access-tokens`, body);
|
|
170
|
+
return response.data;
|
|
171
|
+
}
|
|
172
|
+
async deletePersonalAccessToken(userId, name) {
|
|
173
|
+
await this.getAccessToken();
|
|
174
|
+
await this.apiRestTemplate.delete(`/users/${userId}/personal-access-tokens/${name}`);
|
|
175
|
+
}
|
|
176
|
+
async getPersonalAccessTokens(userId) {
|
|
177
|
+
await this.getAccessToken();
|
|
178
|
+
const response = await this.apiRestTemplate.get(`/users/${userId}/personal-access-tokens`);
|
|
179
|
+
return response.data;
|
|
180
|
+
}
|
|
183
181
|
};
|
|
184
182
|
exports.LogtoM2MClient = LogtoM2MClient;
|
|
185
183
|
exports.LogtoM2MClient = LogtoM2MClient = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"m2m-client.js","sourceRoot":"","sources":["../../client/m2m-client.ts"],"names":[],"mappings":";;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"m2m-client.js","sourceRoot":"","sources":["../../client/m2m-client.ts"],"names":[],"mappings":";;;;;;;;;;;;AAwbA,gFAKC;AArbD,2CAIwB;AAExB,qCAIkB;AAClB,oCAGkB;AAClB,mCASiB;AACjB,2DAA4D;AAC5D,sCAGmB;AAGN,QAAA,mBAAmB,GAAG,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;AAwBzD,IAAM,cAAc,GAApB,MAAM,cAAc;IASvB,YACqB,MAAsB,EACtB,aAAiC,EACjC,MAAqB;QAFrB,WAAM,GAAN,MAAM,CAAgB;QACtB,kBAAa,GAAb,aAAa,CAAoB;QACjC,WAAM,GAAN,MAAM,CAAe;QAGtC,IAAI,CAAC,WAAW,GAAG;YACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,QAAQ;YACtB,SAAS,EAAE,MAAM,CAAC,YAAY;YAC9B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,SAAS,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC5B,SAAS,EAAE,kBAAS,CAAC,iBAAiB;SACzC,CAAC;QAGF,IAAI,CAAC,gBAAgB,GAAG,IAAI,8BAAsB,CAC9C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,WAAW,CAAC,QAAQ,CAC5B,CAAC;QACF,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAGnF,IAAI,CAAC,eAAe,GAAG,IAAI,8BAAsB,CAC7C,IAAI,CAAC,MAAM,EACX,MAAM,CAAC,MAAM,CAChB,CAAC;IACN,CAAC;IASD,KAAK,CAAC,gBAAgB;QAClB,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,MAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,SAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAG9C,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE;YAC5B,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;SACnE,CAAC,CAAC;QAEH,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC;QACnD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAEnE,IAAI,CAAC,WAAW,GAAG,IAAI,mBAAW,CAC9B,OAAO,CAAC,GAAG,EACX,YAAY,EACZ,UAAU,CACb,CAAC;QACF,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACjD,CAAC;IAOO,KAAK,CAAC,cAAc;QACxB,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC;YACpD,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAClC,CAAC;QACD,OAAO,IAAI,CAAC,WAAY,CAAC,KAAK,CAAC;IACnC,CAAC;IASD,KAAK,CAAC,QAAQ;QACV,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAAsB,QAAQ,CAAC,CAAC;QAC/E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAMD,KAAK,CAAC,aAAa,CAAC,IAAY;QAC5B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAC3C,UAAU,MAAM,CAAC,QAAQ,EAAE,EAAE,CAChC,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAMD,KAAK,CAAC,UAAU,CAAC,IAAe;QAC5B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG;YACT,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,IAAI,EAAE,IAAI,CAAC,IAAI;SAClB,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAC5C,QAAQ,EACR,IAAI,CACP,CAAC;QAEF,IAAI,QAAQ,YAAY,iCAAY,CAAC,eAAe,EAAE,CAAC;YACnD,IAAI,QAAQ,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBACvC,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,eAAe,QAAQ,CAAC,IAAI,EAAE,EAC9B,IAAI,CAAC,WAAW,CAAC,IAAI,CACxB,CAAC;gBACF,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,CAAC;YACD,MAAM,QAAQ,CAAC;QACnB,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAOD,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,MAAc;QACjD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,EAAE,OAAO,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC;QACnC,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,UAAU,MAAM,QAAQ,EAAE,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,MAAM,CAAC,GAAG,CACX,eAAe,MAAM,EAAE,EACvB,IAAI,CAAC,WAAW,CAAC,IAAI,CACxB,CAAC;IACN,CAAC;IAWD,KAAK,CAAC,UAAU,CAAC,IAAe;QAC5B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACnE,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,IAAI,8BAAsB,CAAC,OAAO,CAAC;YAClF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAiB,QAAQ,EAAE,IAAI,CAAC,CAAC;YACjF,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,IAAI,uCAA8B,EAAE,CAAC;IAC/C,CAAC;IAOD,KAAK,CAAC,oBAAoB,CACtB,MAAc,EACd,QAAiB;QAEjB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,UAAU,MAAM,EAAE,EAAE;YACjD,UAAU,EAAE,EAAE,QAAQ,EAAE;SAC3B,CAAC,CAAC;IACP,CAAC;IAMD,KAAK,CAAC,OAAO,CAAC,EAAU;QACpB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAAoB,UAAU,EAAE,EAAE,CAAC,CAAC;QACnF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAOD,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QACpC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;QAErC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAC3C,UAAU,MAAM,CAAC,QAAQ,EAAE,EAAE,CAChC,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAMD,KAAK,CAAC,WAAW,CAAC,MAAc;QAC5B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAC7C,UAAU,MAAM,eAAe,EAC/B,EAAE,WAAW,EAAE,IAAI,EAAE,CACxB,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAMD,KAAK,CAAC,UAAU,CAAC,MAAc;QAC3B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,MAAM,EAAE,CAAC,CAAC;IAC1D,CAAC;IAOD,KAAK,CAAC,cAAc,CAAC,MAAc,EAAE,MAAc;QAC/C,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,MAAM,UAAU,MAAM,EAAE,CAAC,CAAC;IAC1E,CAAC;IAMD,KAAK,CAAC,aAAa,CAAC,MAAc;QAC9B,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAC7C,UAAU,MAAM,eAAe,EAC/B,EAAE,WAAW,EAAE,KAAK,EAAE,CACzB,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAMD,KAAK,CAAC,oBAAoB,CACtB,UAAiD;QAEjD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAG5B,MAAM,MAAM,GACR,UAAU,YAAY,8BAAsB,CAAC,KAAK;YAC9C,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,OAAO,CAAC;QAElB,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,qBAAqB,EAAE;YACnD,CAAC,MAAM,CAAC,EAAE,UAAU,CAAC,QAAQ,EAAE;SAClC,CAAC,CAAC;IACP,CAAC;IAOD,KAAK,CAAC,UAAU,CACZ,UAAiD,EACjD,IAAY;QAEZ,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,MAAM,MAAM,GACR,UAAU,YAAY,8BAAsB,CAAC,KAAK;YAC9C,CAAC,CAAC,OAAO;YACT,CAAC,CAAC,OAAO,CAAC;QAElB,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,4BAA4B,EAAE;YAC1D,CAAC,MAAM,CAAC,EAAE,UAAU,CAAC,QAAQ,EAAE;YAC/B,gBAAgB,EAAE,IAAI;SACzB,CAAC,CAAC;IACP,CAAC;IAOD,KAAK,CAAC,kBAAkB,CAAC,MAAc,EAAE,QAAgB;QACrD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAC7C,UAAU,MAAM,WAAW,EAC3B,EAAE,QAAQ,EAAE,CACf,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAOD,KAAK,CAAC,sBAAsB,CACxB,MAAc,EACd,IAAY,EACZ,SAAkB;QAElB,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,MAAM,IAAI,GAAwB,EAAE,IAAI,EAAE,CAAC;QAC3C,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YAEhD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,IAAI,CAAC;QACnD,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAC5C,UAAU,MAAM,yBAAyB,EACzC,IAAI,CACP,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;IAOD,KAAK,CAAC,yBAAyB,CAAC,MAAc,EAAE,IAAY;QACxD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAC7B,UAAU,MAAM,2BAA2B,IAAI,EAAE,CACpD,CAAC;IACN,CAAC;IAMD,KAAK,CAAC,uBAAuB,CAAC,MAAc;QACxC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,GAAG,CAC3C,UAAU,MAAM,yBAAyB,CAC5C,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACzB,CAAC;CACJ,CAAA;AAhXY,wCAAc;yBAAd,cAAc;IAF1B,IAAA,eAAM,GAAE;IACR,IAAA,mBAAU,GAAE;6CAY2B,0BAAkB;GAX7C,cAAc,CAgX1B;AAQD,SAAgB,kCAAkC,CAAC,WAAmB,EAAE,WAAmB;IACvF,IAAI,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9B,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IACD,OAAO,GAAG,WAAW,GAAG,WAAW,EAAE,CAAC;AAC1C,CAAC"}
|
|
@@ -17,6 +17,11 @@ export declare class OAuthClient {
|
|
|
17
17
|
accessToken: string;
|
|
18
18
|
idToken: string;
|
|
19
19
|
}>;
|
|
20
|
+
fetchAccessTokenByPAT(pat: string): Promise<{
|
|
21
|
+
accessToken: string;
|
|
22
|
+
expiresIn: number;
|
|
23
|
+
scope: string;
|
|
24
|
+
}>;
|
|
20
25
|
revokeToken(token: string): Promise<void>;
|
|
21
26
|
}
|
|
22
27
|
export declare enum SignInType {
|
|
@@ -97,6 +97,28 @@ let OAuthClient = OAuthClient_1 = class OAuthClient {
|
|
|
97
97
|
throw new errors_1.AuthorizationCodeTokenFetchError(code);
|
|
98
98
|
}
|
|
99
99
|
}
|
|
100
|
+
async fetchAccessTokenByPAT(pat) {
|
|
101
|
+
try {
|
|
102
|
+
const parameters = new URLSearchParams();
|
|
103
|
+
parameters.set("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
|
|
104
|
+
parameters.set("scope", this.logtoConfig.scopes.join(" "));
|
|
105
|
+
if (this.logtoConfig.resources && this.logtoConfig.resources.length > 0) {
|
|
106
|
+
parameters.set("resource", this.logtoConfig.resources.join(" "));
|
|
107
|
+
}
|
|
108
|
+
parameters.set("subject_token", pat);
|
|
109
|
+
parameters.set("subject_token_type", "urn:logto:token-type:personal_access_token");
|
|
110
|
+
const response = await this.logtoRestTemplate.post(`${this.logtoConfig.endpoint}/token`, parameters.toString());
|
|
111
|
+
return {
|
|
112
|
+
accessToken: response.data.access_token,
|
|
113
|
+
expiresIn: response.data.expires_in,
|
|
114
|
+
scope: response.data.scope,
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
catch (error) {
|
|
118
|
+
this.logger.error(`PAT를 이용한 AccessToken 발급 실패: ${error.message}`, error.stack, this.constructor.name);
|
|
119
|
+
throw new errors_1.PersonalAccessTokenFetchError();
|
|
120
|
+
}
|
|
121
|
+
}
|
|
100
122
|
async revokeToken(token) {
|
|
101
123
|
try {
|
|
102
124
|
const response = await axios_1.default.post(`${this.logtoConfig.endpoint}/token/revoke`, new URLSearchParams({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oauth-client.js","sourceRoot":"","sources":["../../client/oauth-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAmE;AACnE,kDAA6C;AAC7C,qCAAoE;AACpE,2DAA4D;AAC5D,
|
|
1
|
+
{"version":3,"file":"oauth-client.js","sourceRoot":"","sources":["../../client/oauth-client.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2CAAmE;AACnE,kDAA6C;AAC7C,qCAAoE;AACpE,2DAA4D;AAC5D,sCAMmB;AACnB,mCAA0E;AAE1E,MAAM,KAAK,GAAG,6BAAQ,CAAC,KAAK,CAAC;AAGhB,QAAA,gBAAgB,GAAG,aAAa,CAAC;AAwBvC,IAAM,WAAW,mBAAjB,MAAM,WAAW;IAapB,YACqB,MAAwB,EACxB,MAAqB;QADrB,WAAM,GAAN,MAAM,CAAkB;QACxB,WAAM,GAAN,MAAM,CAAe;QAGtC,IAAI,CAAC,WAAW,GAAG;YACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,QAAQ;YACtB,SAAS,EAAE,MAAM,CAAC,YAAY;YAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,SAAS,EAAE,kBAAS,CAAC,iBAAiB;SACzC,CAAC;QAGF,IAAI,CAAC,iBAAiB,GAAG,IAAI,8BAAsB,CAC/C,MAAM,EACN,IAAI,CAAC,WAAW,CAAC,QAAQ,CAC5B,CAAC;QACF,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAC3B,IAAI,CAAC,WAAW,CAAC,KAAM,EACvB,IAAI,CAAC,WAAW,CAAC,SAAU,CAC9B,CAAC;IACN,CAAC;IAOM,YAAY,CACf,UAAsB;QAEtB,IAAI,CAAC;YACD,IAAI,GAAQ,CAAC;YAGb,IAAI,UAAU,KAAK,UAAU,CAAC,SAAS,EAAE,CAAC;gBACtC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;oBACjC,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,OAAO,CAAC,CAAC;gBAC5D,CAAC;qBAAM,CAAC;oBACJ,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,yCAAyC,EACzC,IAAI,CAAC,WAAW,CAAC,IAAI,CACxB,CAAC;oBACF,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,OAAO,CAAC,CAAC;gBACnD,CAAC;YACL,CAAC;iBAAM,CAAC;gBACJ,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,OAAO,CAAC,CAAC;YACnD,CAAC;YAGD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,aAAW,CAAC,MAAM,CAAC,CAAC;YAG/C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,WAAY,CAAC,CAAC;YACpE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;YAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,MAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAClE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,MAAO,CAAC,CAAC;YACzD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,KAAM,CAAC,CAAC;YAC3D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,SAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACxE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YAEhD,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE,EAAE,CAAC;QAC5D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,iCAAwB,CAAC,UAAU,CAAC,CAAC;QACnD,CAAC;IACL,CAAC;IAMM,KAAK,CAAC,aAAa;QACtB,IAAI,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,cAAc,CAAC,CAAC;YAG5D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,WAAY,CAAC,CAAC;YACpE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,KAAM,CAAC,CAAC;YAC3D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC1B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,kCAAyB,EAAE,CAAC;QAC1C,CAAC;IACL,CAAC;IAOM,KAAK,CAAC,6BAA6B,CACtC,IAAY;QAEZ,IAAI,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,UAAU,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC7B,UAAU,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YACzD,UAAU,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,WAAY,CAAC,CAAC;YAC9D,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,SAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAClE,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,MAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAG5D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAC9C,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,QAAQ,EACpC,UAAU,CAAC,QAAQ,EAAE,CACxB,CAAC;YACF,OAAO;gBACH,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;gBACvC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;aAClC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,yCAAgC,CAAC,IAAI,CAAC,CAAC;QACrD,CAAC;IACL,CAAC;IAMM,KAAK,CAAC,qBAAqB,CAAC,GAAW;QAC1C,IAAI,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;YACzC,UAAU,CAAC,GAAG,CAAC,YAAY,EAAE,iDAAiD,CAAC,CAAC;YAChF,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,MAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5D,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,IAAI,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtE,UAAU,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACrE,CAAC;YACD,UAAU,CAAC,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC,CAAC;YACrC,UAAU,CAAC,GAAG,CAAC,oBAAoB,EAAE,4CAA4C,CAAC,CAAC;YAEnF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAC9C,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,QAAQ,EACpC,UAAU,CAAC,QAAQ,EAAE,CACxB,CAAC;YAEF,OAAO;gBACH,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;gBACvC,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;gBACnC,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;aAC7B,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,CAAC,OAAO,EAAE,EAAE,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YACtG,MAAM,IAAI,sCAA6B,EAAE,CAAC;QAC9C,CAAC;IACL,CAAC;IAOM,KAAK,CAAC,WAAW,CAAC,KAAa;QAClC,IAAI,CAAC;YACD,MAAM,QAAQ,GAAkB,MAAM,eAAK,CAAC,IAAI,CAC5C,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,eAAe,EAC3C,IAAI,eAAe,CAAC;gBAChB,KAAK,EAAE,KAAK;gBACZ,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,KAAM;aACrC,CAAC,CAAC,QAAQ,EAAE,EACb;gBACI,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACnE,CACJ,CAAC;YAEF,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;gBAAE,OAAO;YAEpC,MAAM,IAAI,mCAA0B,EAAE,CAAC;QAC3C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,mCAA0B,EAAE,CAAC;QAC3C,CAAC;IACL,CAAC;;AA3LQ,kCAAW;AAMJ,kBAAM,GAAW,QAAQ,AAAnB,CAAoB;sBANjC,WAAW;IAFvB,IAAA,eAAM,GAAE;IACR,IAAA,mBAAU,GAAE;;GACA,WAAW,CA4LvB;AAOD,IAAY,UAGX;AAHD,WAAY,UAAU;IAClB,6BAAe,CAAA;IACf,qCAAuB,CAAA;AAC3B,CAAC,EAHW,UAAU,0BAAV,UAAU,QAGrB"}
|
package/dist/client/types.d.ts
CHANGED
|
@@ -22,6 +22,14 @@ export type LogtoUser = {
|
|
|
22
22
|
export type LogtoUserResponse = {
|
|
23
23
|
id: string;
|
|
24
24
|
} & LogtoUser;
|
|
25
|
+
export type LogtoPersonalAccessTokenResponse = {
|
|
26
|
+
tenantId: string;
|
|
27
|
+
userId: string;
|
|
28
|
+
name: string;
|
|
29
|
+
value: string;
|
|
30
|
+
createdAt: number;
|
|
31
|
+
expiresAt: number | null;
|
|
32
|
+
};
|
|
25
33
|
export type LogtoRole = {
|
|
26
34
|
name: string;
|
|
27
35
|
description: string;
|
package/dist/client/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../client/types.ts"],"names":[],"mappings":";;;AAAA,2DAA4D;AAQ5D,MAAa,2BAA4B,SAAQ,KAAK;IAClD,YAAY,OAAe;QACvB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACzC,CAAC;CACJ;AALD,kEAKC;AAUD,IAAY,sBAMX;AAND,WAAY,sBAAsB;IAC9B,6CAAmB,CAAA;IACnB,+CAAqB,CAAA;IACrB,6CAAmB,CAAA;IACnB,uCAAa,CAAA;IACb,2CAAiB,CAAA;AACrB,CAAC,EANW,sBAAsB,sCAAtB,sBAAsB,QAMjC;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../client/types.ts"],"names":[],"mappings":";;;AAAA,2DAA4D;AAQ5D,MAAa,2BAA4B,SAAQ,KAAK;IAClD,YAAY,OAAe;QACvB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACzC,CAAC;CACJ;AALD,kEAKC;AAUD,IAAY,sBAMX;AAND,WAAY,sBAAsB;IAC9B,6CAAmB,CAAA;IACnB,+CAAqB,CAAA;IACrB,6CAAmB,CAAA;IACnB,uCAAa,CAAA;IACb,2CAAiB,CAAA;AACrB,CAAC,EANW,sBAAsB,sCAAtB,sBAAsB,QAMjC;AAsFD,MAAa,sBAAsB;;AAAnC,wDAGC;AAFU,4BAAK,GAAG,6BAAQ,CAAC,WAAW,CAAC;AAC7B,4BAAK,GAAG,6BAAQ,CAAC,KAAK,CAAC;AAUlC,MAAa,uBAAuB;IAIhC,YAAY,cAAsB,EAAE,SAAiB;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC/B,CAAC;CACJ;AARD,0DAQC;AAQD,MAAa,sBAAuB,SAAQ,iCAAY,CAAC,YAAY;CAAG;AAAxE,wDAAwE;AAAA,CAAC;AAO5D,QAAA,uBAAuB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { LogtoError } from './errors';
|
|
2
|
+
export declare class LogtoEnvValidationError extends LogtoError {
|
|
3
|
+
constructor(mode: string, missingVars: string[]);
|
|
4
|
+
}
|
|
5
|
+
export type EnvRequirement = 'always' | 'client' | 'optional';
|
|
6
|
+
export interface EnvVarEntry {
|
|
7
|
+
newName: string;
|
|
8
|
+
legacyName: string;
|
|
9
|
+
requirement: EnvRequirement;
|
|
10
|
+
description: string;
|
|
11
|
+
}
|
|
12
|
+
export declare const LOGTO_ENV_REGISTRY: EnvVarEntry[];
|
|
13
|
+
export declare function resolveEnv(newName: string, legacyName: string): string | undefined;
|
|
14
|
+
export declare function resolveEnvOrThrow(newName: string, legacyName: string): string;
|
|
15
|
+
export declare function validateLogtoEnv(enableClient: boolean): void;
|