@pristine-ts/security 2.0.2 → 2.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lib/cjs/factories/authenticator.factory.js +5 -2
- package/dist/lib/cjs/factories/authenticator.factory.js.map +1 -1
- package/dist/lib/cjs/factories/guard.factory.js +6 -2
- package/dist/lib/cjs/factories/guard.factory.js.map +1 -1
- package/dist/lib/cjs/guards/role.guard.js +6 -0
- package/dist/lib/cjs/guards/role.guard.js.map +1 -1
- package/dist/lib/cjs/managers/authentication.manager.js +8 -11
- package/dist/lib/cjs/managers/authentication.manager.js.map +1 -1
- package/dist/lib/cjs/managers/authorizer.manager.js +12 -27
- package/dist/lib/cjs/managers/authorizer.manager.js.map +1 -1
- package/dist/lib/cjs/tsconfig.cjs.tsbuildinfo +1 -1
- package/dist/lib/esm/factories/authenticator.factory.js +5 -2
- package/dist/lib/esm/factories/authenticator.factory.js.map +1 -1
- package/dist/lib/esm/factories/guard.factory.js +6 -2
- package/dist/lib/esm/factories/guard.factory.js.map +1 -1
- package/dist/lib/esm/guards/role.guard.js +7 -1
- package/dist/lib/esm/guards/role.guard.js.map +1 -1
- package/dist/lib/esm/managers/authentication.manager.js +9 -12
- package/dist/lib/esm/managers/authentication.manager.js.map +1 -1
- package/dist/lib/esm/managers/authorizer.manager.js +13 -28
- package/dist/lib/esm/managers/authorizer.manager.js.map +1 -1
- package/dist/lib/esm/tsconfig.tsbuildinfo +1 -1
- package/dist/types/managers/authentication.manager.d.ts +2 -3
- package/dist/types/managers/authorizer.manager.d.ts +2 -4
- package/package.json +4 -4
|
@@ -22,8 +22,11 @@ let AuthenticatorFactory = class AuthenticatorFactory {
|
|
|
22
22
|
fromContext(authenticatorContext, container) {
|
|
23
23
|
// Check if the guard needs to be instantiated
|
|
24
24
|
let instantiatedAuthenticator = authenticatorContext.authenticator;
|
|
25
|
-
//
|
|
26
|
-
//
|
|
25
|
+
// ── container.resolve, justified ────────────────────────────────────────────
|
|
26
|
+
// Per CLAUDE.md: factory whose target class is data carried on the route's
|
|
27
|
+
// `@authenticator(SomeAuth)` metadata. Token isn't known at factory construction;
|
|
28
|
+
// resolving it is the factory's entire purpose. Per-event container passed in by
|
|
29
|
+
// the router so the authenticator sees request-scoped dependencies.
|
|
27
30
|
if (typeof instantiatedAuthenticator === 'function') {
|
|
28
31
|
instantiatedAuthenticator = container.resolve(instantiatedAuthenticator);
|
|
29
32
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authenticator.factory.js","sourceRoot":"","sources":["../../../../src/factories/authenticator.factory.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyD;AAGzD,mGAA4F;AAE5F;;GAEG;AAEI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAE/B;;;;;OAKG;IACH,WAAW,CAAC,oBAAmD,EAAE,SAA8B;QAC7F,8CAA8C;QAC9C,IAAI,yBAAyB,GAA2B,oBAAoB,CAAC,aAAuC,CAAC;QAErH,
|
|
1
|
+
{"version":3,"file":"authenticator.factory.js","sourceRoot":"","sources":["../../../../src/factories/authenticator.factory.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyD;AAGzD,mGAA4F;AAE5F;;GAEG;AAEI,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAE/B;;;;;OAKG;IACH,WAAW,CAAC,oBAAmD,EAAE,SAA8B;QAC7F,8CAA8C;QAC9C,IAAI,yBAAyB,GAA2B,oBAAoB,CAAC,aAAuC,CAAC;QAErH,+EAA+E;QAC/E,2EAA2E;QAC3E,kFAAkF;QAClF,iFAAiF;QACjF,oEAAoE;QACpE,IAAI,OAAO,yBAAyB,KAAK,UAAU,EAAE,CAAC;YACpD,yBAAyB,GAAG,SAAS,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;QAC3E,CAAC;QAED,uDAAuD;QACvD,IAAI,OAAO,yBAAyB,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACjE,MAAM,IAAI,mEAA+B,CAAC,oGAAoG,EAAE,yBAAyB,EAAE,oBAAoB,CAAC,CAAC;QACnM,CAAC;QAED,qDAAqD;QACrD,IAAI,OAAO,yBAAyB,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;YAC/D,MAAM,IAAI,mEAA+B,CAAC,kGAAkG,EAAE,yBAAyB,EAAE,oBAAoB,CAAC,CAAC;QACjM,CAAC;QAED,OAAO,yBAAyB,CAAC;IACnC,CAAC;CACF,CAAA;AAjCY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,qBAAU,GAAE;GACA,oBAAoB,CAiChC"}
|
|
@@ -22,8 +22,12 @@ let GuardFactory = class GuardFactory {
|
|
|
22
22
|
fromContext(guardContext, container) {
|
|
23
23
|
// Check if the guard needs to be instantiated
|
|
24
24
|
let instantiatedGuard = guardContext.guard;
|
|
25
|
-
//
|
|
26
|
-
//
|
|
25
|
+
// ── container.resolve, justified ────────────────────────────────────────────
|
|
26
|
+
// Per CLAUDE.md: this is a factory whose target class is data carried on the
|
|
27
|
+
// route's metadata (the `@guard(SomeGuard)` decorator value). The token isn't
|
|
28
|
+
// known at factory construction; the factory's whole job is to look it up. The
|
|
29
|
+
// per-event child container is passed in by the router so the resolved guard
|
|
30
|
+
// sees the correct request-scoped dependencies.
|
|
27
31
|
if (typeof instantiatedGuard === 'function') {
|
|
28
32
|
instantiatedGuard = container.resolve(instantiatedGuard);
|
|
29
33
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guard.factory.js","sourceRoot":"","sources":["../../../../src/factories/guard.factory.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyD;AAGzD,mFAA4E;AAE5E;;GAEG;AAEI,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEvB;;;;;OAKG;IACH,WAAW,CAAC,YAAmC,EAAE,SAA8B;QAC7E,8CAA8C;QAC9C,IAAI,iBAAiB,GAAmB,YAAY,CAAC,KAAuB,CAAC;QAE7E,
|
|
1
|
+
{"version":3,"file":"guard.factory.js","sourceRoot":"","sources":["../../../../src/factories/guard.factory.ts"],"names":[],"mappings":";;;;;;;;;AAAA,uCAAyD;AAGzD,mFAA4E;AAE5E;;GAEG;AAEI,IAAM,YAAY,GAAlB,MAAM,YAAY;IAEvB;;;;;OAKG;IACH,WAAW,CAAC,YAAmC,EAAE,SAA8B;QAC7E,8CAA8C;QAC9C,IAAI,iBAAiB,GAAmB,YAAY,CAAC,KAAuB,CAAC;QAE7E,+EAA+E;QAC/E,6EAA6E;QAC7E,8EAA8E;QAC9E,+EAA+E;QAC/E,6EAA6E;QAC7E,gDAAgD;QAChD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE,CAAC;YAC5C,iBAAiB,GAAG,SAAS,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAC3D,CAAC;QAED,uDAAuD;QACvD,IAAI,OAAO,iBAAiB,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACzD,MAAM,IAAI,mDAAuB,CAAC,wDAAwD,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC;QAC/H,CAAC;QAED,qDAAqD;QACrD,IAAI,OAAO,iBAAiB,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;YACvD,MAAM,IAAI,mDAAuB,CAAC,sDAAsD,EAAE,iBAAiB,EAAE,YAAY,CAAC,CAAC;QAC7H,CAAC;QAED,OAAO,iBAAiB,CAAC;IAC3B,CAAC;CACF,CAAA;AAlCY,oCAAY;uBAAZ,YAAY;IADxB,IAAA,qBAAU,GAAE;GACA,YAAY,CAkCxB"}
|
|
@@ -102,6 +102,12 @@ let RoleGuard = class RoleGuard {
|
|
|
102
102
|
}
|
|
103
103
|
};
|
|
104
104
|
exports.RoleGuard = RoleGuard;
|
|
105
|
+
__decorate([
|
|
106
|
+
(0, common_1.traced)(),
|
|
107
|
+
__metadata("design:type", Function),
|
|
108
|
+
__metadata("design:paramtypes", [common_1.Request, Object]),
|
|
109
|
+
__metadata("design:returntype", Promise)
|
|
110
|
+
], RoleGuard.prototype, "isAuthorized", null);
|
|
105
111
|
exports.RoleGuard = RoleGuard = __decorate([
|
|
106
112
|
(0, tsyringe_1.injectable)(),
|
|
107
113
|
__param(0, (0, common_1.injectConfig)(security_configuration_keys_1.SecurityConfigurationKeys.RolesClaimKey)),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA4C;AAC5C,gFAAyE;AACzE,
|
|
1
|
+
{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA4C;AAC5C,gFAAyE;AACzE,gDAAqF;AAKrF;;GAEG;AAEI,IAAM,SAAS,GAAf,MAAM,SAAS;IAWpB;;;OAGG;IACH,YAAmE,aAAsC,EAC9D,UAAgD;QADP,kBAAa,GAAb,aAAa,CAAQ;QAC7C,eAAU,GAAV,UAAU,CAAqB;QAf3F;;WAEG;QACI,YAAO,GAAG,MAAM,CAAC;IAaxB,CAAC;IAED;;;OAGG;IACG,UAAU,CAAC,OAAY;;YAC3B,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC;YAE5B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,2CAA2C,EAAE,EAAC,KAAK,EAAE,EAAC,OAAO,EAAC,EAAC,CAAC,CAAC;YAEvF,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;QAC3B,CAAC;KAAA;IAED;;;;;;OAMG;IAEG,YAAY,CAAC,OAAgB,EAAE,QAA4B;;;YAC/D,MAAM,WAAW,GAAa,EAAE,CAAC;YAEjC,iCAAiC;YACjC,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBACpC,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,IAAI,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACrI,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YACvD,CAAC;YAED,wDAAwD;YACxD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAA,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,0CAAE,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,MAAK,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvJ,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,iEAAiE,EAAE;oBACvF,KAAK,EAAE;wBACL,OAAO;wBACP,QAAQ;wBACR,WAAW;qBACZ;iBACF,CAAC,CAAC;gBACH,OAAO,KAAK,CAAC;YACf,CAAC;YAED,+DAA+D;YAC/D,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,IAAI,CAAC,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAA,EAAE,CAAC;oBACzD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,sDAAsD,EAAE;wBAC5E,KAAK,EAAE;4BACL,OAAO;4BACP,QAAQ;4BACR,WAAW;4BACX,IAAI;yBACL;qBACF,CAAC,CAAC;oBACH,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,4DAA4D;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;CACF,CAAA;AAlFY,8BAAS;AAuCd;IADL,IAAA,eAAM,GAAE;;qCACmB,gBAAO;;6CA0ClC;oBAjFU,SAAS;IADrB,IAAA,qBAAU,GAAE;IAgBE,WAAA,IAAA,qBAAY,EAAC,uDAAyB,CAAC,aAAa,CAAC,CAAA;IACrD,WAAA,IAAA,iBAAM,EAAC,qBAAqB,CAAC,CAAA;;GAhB/B,SAAS,CAkFrB"}
|
|
@@ -38,11 +38,10 @@ let AuthenticationManager = class AuthenticationManager {
|
|
|
38
38
|
* @param logHandler The log handler to output logs.
|
|
39
39
|
* @param authenticatorFactory The factory to create the authenticator.
|
|
40
40
|
*/
|
|
41
|
-
constructor(identityProviders, logHandler, authenticatorFactory
|
|
41
|
+
constructor(identityProviders, logHandler, authenticatorFactory) {
|
|
42
42
|
this.identityProviders = identityProviders;
|
|
43
43
|
this.logHandler = logHandler;
|
|
44
44
|
this.authenticatorFactory = authenticatorFactory;
|
|
45
|
-
this.breadcrumbHandler = breadcrumbHandler;
|
|
46
45
|
}
|
|
47
46
|
/**
|
|
48
47
|
* Authenticates a request by providing the identity that made the request.
|
|
@@ -52,10 +51,6 @@ let AuthenticationManager = class AuthenticationManager {
|
|
|
52
51
|
*/
|
|
53
52
|
authenticate(request, routeContext, container) {
|
|
54
53
|
return __awaiter(this, void 0, void 0, function* () {
|
|
55
|
-
this.breadcrumbHandler.add(request.id, `${security_module_keyname_1.SecurityModuleKeyname}:authentication.manager:authenticate:enter`, {
|
|
56
|
-
request,
|
|
57
|
-
routeContext
|
|
58
|
-
});
|
|
59
54
|
if (!routeContext || routeContext[authenticator_decorator_1.authenticatorMetadataKeyname] === undefined) {
|
|
60
55
|
return undefined;
|
|
61
56
|
}
|
|
@@ -76,7 +71,6 @@ let AuthenticationManager = class AuthenticationManager {
|
|
|
76
71
|
}
|
|
77
72
|
catch (e) {
|
|
78
73
|
this.logHandler.error("AuthenticationManager: Error authenticating the request.", {
|
|
79
|
-
eventId: request.id,
|
|
80
74
|
extra: { error: e }
|
|
81
75
|
});
|
|
82
76
|
throw e;
|
|
@@ -85,8 +79,6 @@ let AuthenticationManager = class AuthenticationManager {
|
|
|
85
79
|
highlights: {
|
|
86
80
|
identity,
|
|
87
81
|
},
|
|
88
|
-
breadcrumb: `${security_module_keyname_1.SecurityModuleKeyname}:authentication.manager:authenticate:return`,
|
|
89
|
-
eventId: request.id,
|
|
90
82
|
extra: {
|
|
91
83
|
request,
|
|
92
84
|
routeContext,
|
|
@@ -97,13 +89,18 @@ let AuthenticationManager = class AuthenticationManager {
|
|
|
97
89
|
}
|
|
98
90
|
};
|
|
99
91
|
exports.AuthenticationManager = AuthenticationManager;
|
|
92
|
+
__decorate([
|
|
93
|
+
(0, common_1.traced)(),
|
|
94
|
+
__metadata("design:type", Function),
|
|
95
|
+
__metadata("design:paramtypes", [common_1.Request, Object, Object]),
|
|
96
|
+
__metadata("design:returntype", Promise)
|
|
97
|
+
], AuthenticationManager.prototype, "authenticate", null);
|
|
100
98
|
exports.AuthenticationManager = AuthenticationManager = __decorate([
|
|
101
99
|
(0, common_1.moduleScoped)(security_module_keyname_1.SecurityModuleKeyname),
|
|
102
100
|
(0, common_1.tag)("AuthenticationManagerInterface"),
|
|
103
101
|
(0, tsyringe_1.injectable)(),
|
|
104
102
|
__param(0, (0, tsyringe_1.injectAll)(common_1.ServiceDefinitionTagEnum.IdentityProvider, { isOptional: true })),
|
|
105
103
|
__param(1, (0, tsyringe_1.inject)("LogHandlerInterface")),
|
|
106
|
-
|
|
107
|
-
__metadata("design:paramtypes", [Array, Object, authenticator_factory_1.AuthenticatorFactory, Object])
|
|
104
|
+
__metadata("design:paramtypes", [Array, Object, authenticator_factory_1.AuthenticatorFactory])
|
|
108
105
|
], AuthenticationManager);
|
|
109
106
|
//# sourceMappingURL=authentication.manager.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.manager.js","sourceRoot":"","sources":["../../../../src/managers/authentication.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA4E;AAE5E,
|
|
1
|
+
{"version":3,"file":"authentication.manager.js","sourceRoot":"","sources":["../../../../src/managers/authentication.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAA4E;AAE5E,gDAAoH;AAIpH,8EAAwE;AACxE,wEAAiE;AAEjE,mFAAmF;AAEnF;;;GAGG;AAII,IAAM,qBAAqB,GAA3B,MAAM,qBAAqB;IAEhC;;;;;OAKG;IACH,YAC6F,iBAA8C,EACzF,UAA+B,EAC9D,oBAA0C;QAFgC,sBAAiB,GAAjB,iBAAiB,CAA6B;QACzF,eAAU,GAAV,UAAU,CAAqB;QAC9D,yBAAoB,GAApB,oBAAoB,CAAsB;IAC7D,CAAC;IAED;;;;;OAKG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B;;YAC3F,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,sDAA4B,CAAC,KAAK,SAAS,EAAE,CAAC;gBAC9E,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,MAAM,aAAa,GAAG,YAAY,CAAC,sDAA4B,CAAC,CAAC;YAEjE,IAAI,QAAuC,CAAC;YAE5C,MAAM,oBAAoB,GAAkC,aAAa,CAAC;YAE1E,IAAI,CAAC;gBACH,MAAM,yBAAyB,GAA2B,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,oBAAoB,EAAE,SAAS,CAAC,CAAC;gBAEjI,MAAM,yBAAyB,CAAC,UAAU,CAAC,oBAAoB,CAAC,CAAC;gBAEjE,QAAQ,GAAG,MAAM,yBAAyB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;gBAEjE,IAAI,QAAQ,IAAI,SAAS,EAAE,CAAC;oBAC1B,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBAED,mCAAmC;gBACnC,KAAK,MAAM,gBAAgB,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACtD,QAAQ,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACtD,CAAC;YAEH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,0DAA0D,EAAE;oBAChF,KAAK,EAAE,EAAC,KAAK,EAAE,CAAC,EAAC;iBAClB,CAAC,CAAC;gBACH,MAAM,CAAC,CAAC;YACV,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,kCAAkC,EAAE;gBACvD,UAAU,EAAE;oBACV,QAAQ;iBACT;gBACD,KAAK,EAAE;oBACL,OAAO;oBACP,YAAY;iBACb;aACF,CAAC,CAAA;YACF,OAAO,QAAQ,CAAC;QAClB,CAAC;KAAA;CACF,CAAA;AAlEY,sDAAqB;AAqBnB;IADZ,IAAA,eAAM,GAAE;;qCAC0B,gBAAO;;yDA4CzC;gCAjEU,qBAAqB;IAHjC,IAAA,qBAAY,EAAC,+CAAqB,CAAC;IACnC,IAAA,YAAG,EAAC,gCAAgC,CAAC;IACrC,IAAA,qBAAU,GAAE;IAUR,WAAA,IAAA,oBAAS,EAAC,iCAAwB,CAAC,gBAAgB,EAAE,EAAC,UAAU,EAAE,IAAI,EAAC,CAAC,CAAA;IACxE,WAAA,IAAA,iBAAM,EAAC,qBAAqB,CAAC,CAAA;oDACS,4CAAoB;GAXlD,qBAAqB,CAkEjC"}
|
|
@@ -36,12 +36,10 @@ let AuthorizerManager = class AuthorizerManager {
|
|
|
36
36
|
* The authorizer manager provides authorization by authorizing the action.
|
|
37
37
|
* @param logHandler The log handler to output logs.
|
|
38
38
|
* @param guardFactory The factory to create the guard.
|
|
39
|
-
* @param breadcrumbHandler
|
|
40
39
|
*/
|
|
41
|
-
constructor(logHandler, guardFactory
|
|
40
|
+
constructor(logHandler, guardFactory) {
|
|
42
41
|
this.logHandler = logHandler;
|
|
43
42
|
this.guardFactory = guardFactory;
|
|
44
|
-
this.breadcrumbHandler = breadcrumbHandler;
|
|
45
43
|
}
|
|
46
44
|
/**
|
|
47
45
|
* Returns whether or not the request is authorized to access the route.
|
|
@@ -53,11 +51,6 @@ let AuthorizerManager = class AuthorizerManager {
|
|
|
53
51
|
isAuthorized(request, routeContext, container, identity) {
|
|
54
52
|
return __awaiter(this, void 0, void 0, function* () {
|
|
55
53
|
var _a, _b, _c;
|
|
56
|
-
// If there are no guards defined, we simply return that it is authorized.
|
|
57
|
-
this.breadcrumbHandler.add(request.id, `${security_module_keyname_1.SecurityModuleKeyname}:authorizer.manager:isAuthorized:enter`, {
|
|
58
|
-
request,
|
|
59
|
-
routeContext
|
|
60
|
-
});
|
|
61
54
|
if (!routeContext || routeContext[guard_decorator_1.guardMetadataKeyname] === undefined || Array.isArray(routeContext[guard_decorator_1.guardMetadataKeyname]) === false) {
|
|
62
55
|
return true;
|
|
63
56
|
}
|
|
@@ -78,7 +71,6 @@ let AuthorizerManager = class AuthorizerManager {
|
|
|
78
71
|
identityId: (_b = identity === null || identity === void 0 ? void 0 : identity.id) !== null && _b !== void 0 ? _b : "No Identity Id found",
|
|
79
72
|
identityClaims: (_c = identity === null || identity === void 0 ? void 0 : identity.claims) !== null && _c !== void 0 ? _c : "No claims found",
|
|
80
73
|
},
|
|
81
|
-
eventId: request.id,
|
|
82
74
|
extra: {
|
|
83
75
|
error: e,
|
|
84
76
|
request,
|
|
@@ -88,33 +80,26 @@ let AuthorizerManager = class AuthorizerManager {
|
|
|
88
80
|
isAuthorized = false;
|
|
89
81
|
}
|
|
90
82
|
}
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
eventId: request.id,
|
|
96
|
-
breadcrumb: `${security_module_keyname_1.SecurityModuleKeyname}:authorizer.manager:isAuthorized:return`
|
|
97
|
-
});
|
|
98
|
-
}
|
|
99
|
-
else {
|
|
100
|
-
this.logHandler.info(`User authorized`, {
|
|
101
|
-
headlights: { isAuthorized },
|
|
102
|
-
extra: { request, routeContext },
|
|
103
|
-
eventId: request.id,
|
|
104
|
-
breadcrumb: `${security_module_keyname_1.SecurityModuleKeyname}:authorizer.manager:isAuthorized:return`
|
|
105
|
-
});
|
|
106
|
-
}
|
|
83
|
+
this.logHandler.info(`User authorized`, {
|
|
84
|
+
headlights: { isAuthorized },
|
|
85
|
+
extra: { request, routeContext },
|
|
86
|
+
});
|
|
107
87
|
return isAuthorized;
|
|
108
88
|
});
|
|
109
89
|
}
|
|
110
90
|
};
|
|
111
91
|
exports.AuthorizerManager = AuthorizerManager;
|
|
92
|
+
__decorate([
|
|
93
|
+
(0, common_1.traced)(),
|
|
94
|
+
__metadata("design:type", Function),
|
|
95
|
+
__metadata("design:paramtypes", [common_1.Request, Object, Object, Object]),
|
|
96
|
+
__metadata("design:returntype", Promise)
|
|
97
|
+
], AuthorizerManager.prototype, "isAuthorized", null);
|
|
112
98
|
exports.AuthorizerManager = AuthorizerManager = __decorate([
|
|
113
99
|
(0, common_1.moduleScoped)(security_module_keyname_1.SecurityModuleKeyname),
|
|
114
100
|
(0, common_1.tag)("AuthorizerManagerInterface"),
|
|
115
101
|
(0, tsyringe_1.injectable)(),
|
|
116
102
|
__param(0, (0, tsyringe_1.inject)("LogHandlerInterface")),
|
|
117
|
-
|
|
118
|
-
__metadata("design:paramtypes", [Object, guard_factory_1.GuardFactory, Object])
|
|
103
|
+
__metadata("design:paramtypes", [Object, guard_factory_1.GuardFactory])
|
|
119
104
|
], AuthorizerManager);
|
|
120
105
|
//# sourceMappingURL=authorizer.manager.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorizer.manager.js","sourceRoot":"","sources":["../../../../src/managers/authorizer.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAiE;AAEjE,
|
|
1
|
+
{"version":3,"file":"authorizer.manager.js","sourceRoot":"","sources":["../../../../src/managers/authorizer.manager.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAiE;AAEjE,gDAA0F;AAE1F,8DAAwD;AACxD,wEAAiE;AACjE,mEAAmE;AAEnE;;;GAGG;AAII,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAE5B;;;;OAIG;IACH,YAAmE,UAA+B,EAC9D,YAA0B;QADK,eAAU,GAAV,UAAU,CAAqB;QAC9D,iBAAY,GAAZ,YAAY,CAAc;IAC9D,CAAC;IAED;;;;;;OAMG;IAEU,YAAY,CAAC,OAAgB,EAAE,YAAiB,EAAE,SAA8B,EAAE,QAA4B;;;YACzH,IAAI,CAAC,YAAY,IAAI,YAAY,CAAC,sCAAoB,CAAC,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,sCAAoB,CAAC,CAAC,KAAK,KAAK,EAAE,CAAC;gBACrI,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,MAAM,GAAG,YAAY,CAAC,sCAAoB,CAAC,CAAC;YAElD,IAAI,YAAY,GAAG,IAAI,CAAC;YAExB,KAAK,MAAM,YAAY,IAAI,MAAM,EAAE,CAAC;gBAClC,IAAI,CAAC;oBACH,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;oBAEjF,MAAM,iBAAiB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;oBAEjD,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,YAAY,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;oBAC7E,YAAY,GAAG,YAAY,IAAI,YAAY,CAAC;gBAC9C,CAAC;gBAAC,OAAO,CAAM,EAAE,CAAC;oBAChB,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,yDAAyD,EAAE;wBAC/E,UAAU,EAAE;4BACV,YAAY,EAAE,MAAA,CAAC,aAAD,CAAC,uBAAD,CAAC,CAAE,OAAO,mCAAI,eAAe;4BAC3C,UAAU,EAAE,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE;4BAClD,UAAU,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,EAAE,mCAAI,sBAAsB;4BAClD,cAAc,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,iBAAiB;yBACtD;wBACD,KAAK,EAAE;4BACL,KAAK,EAAE,CAAC;4BACR,OAAO;4BACP,QAAQ;yBACT;qBACF,CAAC,CAAC;oBACH,YAAY,GAAG,KAAK,CAAC;gBACvB,CAAC;YACH,CAAC;YAED,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EAAE;gBACtC,UAAU,EAAE,EAAC,YAAY,EAAC;gBAC1B,KAAK,EAAE,EAAC,OAAO,EAAE,YAAY,EAAC;aAC/B,CAAC,CAAC;YAEH,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;CACF,CAAA;AA7DY,8CAAiB;AAmBf;IADZ,IAAA,eAAM,GAAE;;qCAC0B,gBAAO;;qDAyCzC;4BA5DU,iBAAiB;IAH7B,IAAA,qBAAY,EAAC,+CAAqB,CAAC;IACnC,IAAA,YAAG,EAAC,4BAA4B,CAAC;IACjC,IAAA,qBAAU,GAAE;IAQS,WAAA,IAAA,iBAAM,EAAC,qBAAqB,CAAC,CAAA;6CACC,4BAAY;GARnD,iBAAiB,CA6D7B"}
|