@rivascva/dt-idl 1.1.127 → 1.1.129

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/go/auth/jwt.go +14 -14
  2. package/go/auth/utils.go +4 -4
  3. package/go/middlewares/middlewares.go +2 -0
  4. package/go/utils/context.go +1 -1
  5. package/package.json +1 -1
package/go/auth/jwt.go CHANGED
@@ -41,22 +41,22 @@ func NewServiceAccessToken(accessTokenSecret string, issuer string, service stri
41
41
 
42
42
  // NewUserRefreshToken creates a new JWT refresh token for the given user id.
43
43
  func NewUserRefreshToken(refreshTokenSecret string, issuer string, userId string, duration time.Duration) (*jwt.Token, error) {
44
- return newRefreshToken(refreshTokenSecret, issuer, userId, duration)
44
+ return newRefreshToken(refreshTokenSecret, "user", issuer, userId, duration)
45
45
  }
46
46
 
47
47
  // NewServiceRefreshToken creates a new JWT refresh token for the given service.
48
48
  func NewServiceRefreshToken(refreshTokenSecret string, issuer string, service string, duration time.Duration) (*jwt.Token, error) {
49
- return newRefreshToken(refreshTokenSecret, issuer, service, duration)
49
+ return newRefreshToken(refreshTokenSecret, "service", issuer, service, duration)
50
50
  }
51
51
 
52
52
  // newAccessToken creates a new JWT access token.
53
- func newAccessToken(accessTokenSecret string, ttype string, issuer string, subject string, duration time.Duration) (*jwt.Token, error) {
53
+ func newAccessToken(accessTokenSecret string, tokenType string, issuer string, subject string, duration time.Duration) (*jwt.Token, error) {
54
54
  t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
55
- "type": ttype,
56
- "iss": issuer,
57
- "sub": subject,
58
- "iat": jwt.NewNumericDate(time.Now()),
59
- "exp": jwt.NewNumericDate(time.Now().Add(duration)),
55
+ "typ": fmt.Sprintf("access:%s", tokenType),
56
+ "iss": issuer,
57
+ "sub": subject,
58
+ "iat": jwt.NewNumericDate(time.Now()),
59
+ "exp": jwt.NewNumericDate(time.Now().Add(duration)),
60
60
  })
61
61
 
62
62
  s, err := t.SignedString([]byte(accessTokenSecret))
@@ -78,13 +78,13 @@ func newAccessToken(accessTokenSecret string, ttype string, issuer string, subje
78
78
  }
79
79
 
80
80
  // newRefreshToken creates a new JWT refresh token.
81
- func newRefreshToken(refreshTokenSecret string, issuer string, subject string, duration time.Duration) (*jwt.Token, error) {
81
+ func newRefreshToken(refreshTokenSecret string, tokenType string, issuer string, subject string, duration time.Duration) (*jwt.Token, error) {
82
82
  t := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
83
- "type": "refresh",
84
- "iss": issuer,
85
- "sub": subject,
86
- "iat": jwt.NewNumericDate(time.Now()),
87
- "exp": jwt.NewNumericDate(time.Now().Add(duration)),
83
+ "typ": fmt.Sprintf("refresh:%s", tokenType),
84
+ "iss": issuer,
85
+ "sub": subject,
86
+ "iat": jwt.NewNumericDate(time.Now()),
87
+ "exp": jwt.NewNumericDate(time.Now().Add(duration)),
88
88
  })
89
89
 
90
90
  s, err := t.SignedString([]byte(refreshTokenSecret))
package/go/auth/utils.go CHANGED
@@ -24,9 +24,9 @@ func CanActorAccessResourcesForUser(ctx context.Context, userId string) (bool, e
24
24
 
25
25
  // check if the actor is allowed to access the user id
26
26
  switch tokenType {
27
- case "user":
27
+ case "access:user":
28
28
  return actorId == userId, nil
29
- case "service":
29
+ case "access:service":
30
30
  return slices.Contains(approvedServices, actorId), nil
31
31
  default:
32
32
  return false, fmt.Errorf("invalid token type %s", tokenType)
@@ -49,9 +49,9 @@ func CanActorAccessAllResources(ctx context.Context) (bool, error) {
49
49
 
50
50
  // check if the actor is a service
51
51
  switch tokenType {
52
- case "user":
52
+ case "access:user":
53
53
  return false, nil
54
- case "service":
54
+ case "access:service":
55
55
  return slices.Contains(approvedServices, actorId), nil
56
56
  default:
57
57
  return false, fmt.Errorf("invalid token type %s", tokenType)
package/go/middlewares/middlewares.go CHANGED
@@ -26,6 +26,8 @@ func GetAuthMiddleware(accessTokenSecret string) func(http.Handler) http.Handler
26
26
  endpoints := []string{
27
27
  "/v1/auth/login/firebase",
28
28
  "/v1/auth/signup/firebase",
29
+ "/v1/auth/refresh",
30
+ "/v1/auth/logout",
29
31
  "/v1/images",
30
32
  }
31
33
  if slices.Contains(endpoints, r.URL.Path) {
package/go/utils/context.go CHANGED
@@ -49,7 +49,7 @@ func GetTokenTypeFromContext(ctx context.Context) (string, error) {
49
49
  }
50
50
 
51
51
  // get the token type from the access token
52
- tokenType, ok := accessToken.Claims.(jwt.MapClaims)["type"].(string)
52
+ tokenType, ok := accessToken.Claims.(jwt.MapClaims)["typ"].(string)
53
53
  if !ok {
54
54
  return "", errors.New("token type not found in the access token")
55
55
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@rivascva/dt-idl",
3
- "version": "1.1.127",
3
+ "version": "1.1.129",
4
4
  "description": "Dream Trade - Interface Definition Language",
5
5
  "main": "dist/index.cjs.js",
6
6
  "module": "dist/index.esm.js",