@schemavaults/auth-server-sdk 0.20.1 → 0.20.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/decode-jwts-with-key-manager.d.ts +12 -0
- package/dist/decode-jwts-with-key-manager.js +109 -0
- package/dist/decode-jwts-with-key-manager.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/route_guards/base-route-guard.js +1 -0
- package/dist/route_guards/base-route-guard.js.map +1 -1
- package/dist/route_guards/route-guard-factory.d.ts +1 -1
- package/dist/route_guards/route-guard-factory.js +9 -96
- package/dist/route_guards/route-guard-factory.js.map +1 -1
- package/dist/route_guards/withAuthenticatedRouteGuard.js +3 -2
- package/dist/route_guards/withAuthenticatedRouteGuard.js.map +1 -1
- package/package.json +2 -2
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import { type OrganizationID, type UserData, type PotentiallyValidTokenSource } from "@schemavaults/auth-common";
|
|
2
|
+
import { type IJwtKeyManager } from "./JwtKeyManager";
|
|
3
|
+
import { type SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
|
|
4
|
+
export type IDecodeJWTsWithKeyManagerOutput = {
|
|
5
|
+
user: UserData;
|
|
6
|
+
user_organizations: readonly OrganizationID[];
|
|
7
|
+
} | {
|
|
8
|
+
user: null;
|
|
9
|
+
user_organizations: null;
|
|
10
|
+
};
|
|
11
|
+
export declare function decodeJWTsWithKeyManager(keys_manager: IJwtKeyManager, token_sources: readonly PotentiallyValidTokenSource[], jwt_audience?: string, environment?: SchemaVaultsAppEnvironment, debug?: boolean): Promise<IDecodeJWTsWithKeyManagerOutput>;
|
|
12
|
+
export default decodeJWTsWithKeyManager;
|
|
@@ -0,0 +1,109 @@
|
|
|
1
|
+
import { getAppEnvironment } from "./get-app-environment";
|
|
2
|
+
import { decodeJWTs, organizationIdSchema, } from "@schemavaults/auth-common";
|
|
3
|
+
import { JwtDecodingKeysetNotFoundError, loadJwtDecodingKeys, } from "./JwtKeyManager";
|
|
4
|
+
import { apiServerIdSchema, } from "@schemavaults/app-definitions";
|
|
5
|
+
import getSchemavaultsApiServerId from "./get-schemavaults-api-server-id";
|
|
6
|
+
import { decodeJWT as decodeSchemavaultsJwt, getKeysetIdFromToken, } from "@schemavaults/jwt";
|
|
7
|
+
import isValidUuid from "./is-valid-uuid";
|
|
8
|
+
export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_audience = getSchemavaultsApiServerId(), environment = getAppEnvironment(), debug = false) {
|
|
9
|
+
if (debug) {
|
|
10
|
+
console.log(`[decodeJWTsWithKeyManager] Attempting to decode JWTs from token sources: `, token_sources);
|
|
11
|
+
}
|
|
12
|
+
if (!apiServerIdSchema.safeParse(jwt_audience).success) {
|
|
13
|
+
throw new TypeError(`Invalid API server ID for 'jwt_audience': ${jwt_audience}`);
|
|
14
|
+
}
|
|
15
|
+
if (!keys_manager) {
|
|
16
|
+
throw new TypeError("Failed to resolve reference to JWT keys manager to load keys to perform decode!");
|
|
17
|
+
}
|
|
18
|
+
let user = null;
|
|
19
|
+
let user_organizations = null;
|
|
20
|
+
try {
|
|
21
|
+
user = await decodeJWTs({
|
|
22
|
+
token_sources,
|
|
23
|
+
jwt_audience,
|
|
24
|
+
decodeJWT: async (opts) => {
|
|
25
|
+
if (debug) {
|
|
26
|
+
let debugMessage = `[decodeJWTsWithKeyManager] Attempting to decode ${opts.type} JWT for audience: '${opts.jwt_audience}'`;
|
|
27
|
+
if (opts.sourceHint) {
|
|
28
|
+
debugMessage += ` (Source: '${opts.sourceHint}')`;
|
|
29
|
+
}
|
|
30
|
+
console.log(debugMessage);
|
|
31
|
+
}
|
|
32
|
+
let keyset_id;
|
|
33
|
+
try {
|
|
34
|
+
keyset_id = getKeysetIdFromToken(opts.token);
|
|
35
|
+
}
|
|
36
|
+
catch (e) {
|
|
37
|
+
console.error("Failed to load 'keyset_id' from auth token: ", e);
|
|
38
|
+
throw new Error("Failed to load 'keyset_id' from auth token!");
|
|
39
|
+
}
|
|
40
|
+
if (!keyset_id || !isValidUuid(keyset_id)) {
|
|
41
|
+
throw new TypeError("Expected 'keyset_id' from token to be a valid UUID!");
|
|
42
|
+
}
|
|
43
|
+
let decodingKeys;
|
|
44
|
+
try {
|
|
45
|
+
decodingKeys = await loadJwtDecodingKeys({
|
|
46
|
+
keyset_id,
|
|
47
|
+
keys_manager,
|
|
48
|
+
audience_id: jwt_audience,
|
|
49
|
+
debug,
|
|
50
|
+
});
|
|
51
|
+
if (decodingKeys.keyset_id !== keyset_id) {
|
|
52
|
+
throw new Error("Mismatch between the keyset ID of result and what was requested!");
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
catch (e) {
|
|
56
|
+
console.warn(`[createGuardFromTokenSources] Failed to load keys associated with token-associated keyset '${keyset_id}': `, e);
|
|
57
|
+
if (e instanceof JwtDecodingKeysetNotFoundError) {
|
|
58
|
+
throw e;
|
|
59
|
+
}
|
|
60
|
+
throw new Error("Failed to load keys associated with token-associated keyset!");
|
|
61
|
+
}
|
|
62
|
+
const { decryption_key, verification_key } = decodingKeys;
|
|
63
|
+
try {
|
|
64
|
+
return (await decodeSchemavaultsJwt({
|
|
65
|
+
jwt: opts.token,
|
|
66
|
+
type: opts.type,
|
|
67
|
+
audience: opts.jwt_audience,
|
|
68
|
+
decryption_key,
|
|
69
|
+
verification_key,
|
|
70
|
+
keyset_id,
|
|
71
|
+
env: environment,
|
|
72
|
+
}));
|
|
73
|
+
}
|
|
74
|
+
catch (e) {
|
|
75
|
+
console.error("Failed to decode JSON web token: ", e);
|
|
76
|
+
throw new Error("Failed to decode JSON web token!");
|
|
77
|
+
}
|
|
78
|
+
},
|
|
79
|
+
}, debug);
|
|
80
|
+
if (!("orgs" in user) || !Array.isArray(user.orgs)) {
|
|
81
|
+
throw new Error("No 'orgs' field in decoded user object!");
|
|
82
|
+
}
|
|
83
|
+
if (user.orgs.every((org_id) => typeof org_id === "string" &&
|
|
84
|
+
organizationIdSchema.safeParse(org_id).success)) {
|
|
85
|
+
user_organizations = user.orgs;
|
|
86
|
+
}
|
|
87
|
+
if (!Array.isArray(user_organizations)) {
|
|
88
|
+
throw new TypeError("Failed to load user organizations associated with user from token!");
|
|
89
|
+
}
|
|
90
|
+
return {
|
|
91
|
+
user: user,
|
|
92
|
+
user_organizations: user_organizations,
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
catch (e) {
|
|
96
|
+
if (e instanceof JwtDecodingKeysetNotFoundError) {
|
|
97
|
+
console.warn(`[createdGuardFromTokenSources] Failed to load keyset '${e.keyset_id}' associated with provided token: `, e);
|
|
98
|
+
}
|
|
99
|
+
else {
|
|
100
|
+
console.warn("No-op error creating route-guard... Failed to decode JWTs, setting user = null", e);
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
return {
|
|
104
|
+
user: null,
|
|
105
|
+
user_organizations: null,
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
export default decodeJWTsWithKeyManager;
|
|
109
|
+
//# sourceMappingURL=decode-jwts-with-key-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"decode-jwts-with-key-manager.js","sourceRoot":"","sources":["../src/decode-jwts-with-key-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,UAAU,EAKV,oBAAoB,GACrB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAEL,8BAA8B,EAC9B,mBAAmB,GAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAEL,SAAS,IAAI,qBAAqB,EAClC,oBAAoB,GACrB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,WAAW,MAAM,iBAAiB,CAAC;AAc1C,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,YAA4B,EAC5B,aAAqD,EACrD,eAAuB,0BAA0B,EAAE,EACnD,cAA0C,iBAAiB,EAAE,EAC7D,QAAiB,KAAK;IAEtB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,2EAA2E,EAC3E,aAAa,CACd,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;QACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,SAAS,CACjB,iFAAiF,CAClF,CAAC;IACJ,CAAC;IAED,IAAI,IAAI,GAAoB,IAAI,CAAC;IACjC,IAAI,kBAAkB,GAAqC,IAAI,CAAC;IAChE,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,UAAU,CACrB;YACE,aAAa;YACb,YAAY;YACZ,SAAS,EAAE,KAAK,EAAE,IAAI,EAAgC,EAAE;gBACtD,IAAI,KAAK,EAAE,CAAC;oBACV,IAAI,YAAY,GAAW,mDAAmD,IAAI,CAAC,IAAI,uBAAuB,IAAI,CAAC,YAAY,GAAG,CAAC;oBACnI,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;wBACpB,YAAY,IAAI,cAAc,IAAI,CAAC,UAAU,IAAI,CAAC;oBACpD,CAAC;oBACD,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAC5B,CAAC;gBAED,IAAI,SAAiB,CAAC;gBACtB,IAAI,CAAC;oBACH,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAsB,CAAC,CAAC;gBAChE,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;oBACjE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBAED,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC1C,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;gBACJ,CAAC;gBAED,IAAI,YAAkC,CAAC;gBACvC,IAAI,CAAC;oBACH,YAAY,GAAG,MAAM,mBAAmB,CAAC;wBACvC,SAAS;wBACT,YAAY;wBACZ,WAAW,EAAE,YAAY;wBACzB,KAAK;qBACN,CAAC,CAAC;oBACH,IAAI,YAAY,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;wBACzC,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,IAAI,CACV,8FAA8F,SAAS,KAAK,EAC5G,CAAC,CACF,CAAC;oBACF,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;wBAChD,MAAM,CAAC,CAAC;oBACV,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,cAAc,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAC;gBAE1D,IAAI,CAAC;oBACH,OAAO,CAAC,MAAM,qBAAqB,CAAC;wBAClC,GAAG,EAAE,IAAI,CAAC,KAAK;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,YAAY;wBAC3B,cAAc;wBACd,gBAAgB;wBAChB,SAAS;wBACT,GAAG,EAAE,WAAW;qBACjB,CAAC,CAA4B,CAAC;gBACjC,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;SACF,EACD,KAAK,CACN,CAAC;QACF,IAAI,CAAC,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IACE,IAAI,CAAC,IAAI,CAAC,KAAK,CACb,CAAC,MAAM,EAAE,EAAE,CACT,OAAO,MAAM,KAAK,QAAQ;YAC1B,oBAAoB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,OAAO,CACjD,EACD,CAAC;YACD,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,SAAS,CACjB,oEAAoE,CACrE,CAAC;QACJ,CAAC;QAED,OAAO;YACL,IAAI,EAAE,IAAuB;YAC7B,kBAAkB,EAChB,kBAAsD;SACzD,CAAC;IACJ,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CACV,yDAAyD,CAAC,CAAC,SAAS,oCAAoC,EACxG,CAAC,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CACV,gFAAgF,EAChF,CAAC,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,IAAI;QACV,kBAAkB,EAAE,IAAI;KACzB,CAAC;AACJ,CAAC;AAED,eAAe,wBAAwB,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -22,3 +22,5 @@ export { redirectToLogin } from "./redirect-to-login";
|
|
|
22
22
|
export type * from "./redirect-with-error";
|
|
23
23
|
export { getAppEnvironment } from "./get-app-environment";
|
|
24
24
|
export type { SchemaVaultsAppEnvironment } from "./get-app-environment";
|
|
25
|
+
export { decodeJWTsWithKeyManager } from "./decode-jwts-with-key-manager";
|
|
26
|
+
export type { IDecodeJWTsWithKeyManagerOutput } from "./decode-jwts-with-key-manager";
|
package/dist/index.js
CHANGED
|
@@ -12,4 +12,5 @@ export { RefreshTokenCookieName, RefreshTokenExpiryCookieName, } from "./Refresh
|
|
|
12
12
|
export { default as getStringByteSize } from "./getStringByteSize";
|
|
13
13
|
export { redirectToLogin } from "./redirect-to-login";
|
|
14
14
|
export { getAppEnvironment } from "./get-app-environment";
|
|
15
|
+
export { decodeJWTsWithKeyManager } from "./decode-jwts-with-key-manager";
|
|
15
16
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAG7B,cAAc,gBAAgB,CAAC;AAG/B,cAAc,iBAAiB,CAAC;AAGhC,cAAc,yBAAyB,CAAC;AAGxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,OAAO,EACL,qBAAqB,EACrB,cAAc,GACf,MAAM,qCAAqC,CAAC;AAG7C,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AAEpC,OAAO,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAG9E,OAAO,EAAE,kCAAkC,EAAE,MAAM,0CAA0C,CAAC;AAG9F,OAAO,EACL,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAG7B,cAAc,gBAAgB,CAAC;AAG/B,cAAc,iBAAiB,CAAC;AAGhC,cAAc,yBAAyB,CAAC;AAGxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,OAAO,EACL,qBAAqB,EACrB,cAAc,GACf,MAAM,qCAAqC,CAAC;AAG7C,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AAEpC,OAAO,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAG9E,OAAO,EAAE,kCAAkC,EAAE,MAAM,0CAA0C,CAAC;AAG9F,OAAO,EACL,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-route-guard.js","sourceRoot":"","sources":["../../src/route_guards/base-route-guard.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"base-route-guard.js","sourceRoot":"","sources":["../../src/route_guards/base-route-guard.ts"],"names":[],"mappings":"AAAA,sBAAsB;AAQtB,MAAM,OAAgB,cAAc;IACf,KAAK,CAAkB;IACvB,KAAK,CAA4B;IACnC,WAAW,CAA6B;IAEzD,YAAmB,EACjB,IAAI,EACJ,kBAAkB,EAClB,WAAW,GACgB;QAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,KAAK,GAAG,kBAAkB,IAAI,EAAE,CAAC;QACtC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED,IAAc,eAAe;QAC3B,MAAM,SAAS,GAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QACxC,IAAI,IAAI,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAc,OAAO;QACnB,OAAO,CACL,IAAI,CAAC,eAAe;YACpB,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,KAAK,SAAS;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAID,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAW,kBAAkB;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { IRouteGuard } from "./IRouteGuard";
|
|
2
2
|
import type { InitRouteGuardCheckOptions } from "./init_route_guard_check_options";
|
|
3
|
-
import {
|
|
3
|
+
import type { PotentiallyValidTokenSource } from "@schemavaults/auth-common";
|
|
4
4
|
import { type ApiServerId, type SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
|
|
5
5
|
import { type IJwtKeyManager } from "../JwtKeyManager";
|
|
6
6
|
export interface RouteGuardFactoryInitOptions {
|
|
@@ -1,12 +1,11 @@
|
|
|
1
|
+
// route-guard-factory.ts
|
|
1
2
|
import AdminRequiredRouteGuard from "./admin";
|
|
2
3
|
import AuthenticationRequiredRouteGuard from "./authenticated";
|
|
3
4
|
import { z } from "zod";
|
|
4
|
-
import {
|
|
5
|
-
import {
|
|
6
|
-
import
|
|
7
|
-
import
|
|
8
|
-
import { RemoteJwtKeyManager, JwtDecodingKeysetNotFoundError, } from "../JwtKeyManager";
|
|
9
|
-
import isValidUuid from "../is-valid-uuid";
|
|
5
|
+
import { apiServerIdSchema, getAppEnvironment, } from "@schemavaults/app-definitions";
|
|
6
|
+
import { RemoteJwtKeyManager } from "../JwtKeyManager";
|
|
7
|
+
import getSchemaVaultsAuthServerUri from "../get-schemavaults-auth-server-uri";
|
|
8
|
+
import decodeJWTsWithKeyManager from "../decode-jwts-with-key-manager";
|
|
10
9
|
const GUARD_TYPES = [
|
|
11
10
|
"authenticated",
|
|
12
11
|
"admin",
|
|
@@ -38,9 +37,8 @@ export class RouteGuardFactory {
|
|
|
38
37
|
if (this.is_auth_server) {
|
|
39
38
|
throw new TypeError("An argument for 'jwt_keys_manager' is required when 'is_auth_server' is true");
|
|
40
39
|
}
|
|
41
|
-
const auth_server_uri = getHardcodedClientWebAppDomain(SCHEMAVAULTS_AUTH_APP_DEFINITION.app_id, environment);
|
|
42
40
|
this.jwt_keys_manager = new RemoteJwtKeyManager({
|
|
43
|
-
auth_server_uri,
|
|
41
|
+
auth_server_uri: getSchemaVaultsAuthServerUri(),
|
|
44
42
|
debug: this.debug,
|
|
45
43
|
});
|
|
46
44
|
}
|
|
@@ -62,101 +60,16 @@ export class RouteGuardFactory {
|
|
|
62
60
|
return RouteGuardFactory.createGuardFromOptions(type, opts);
|
|
63
61
|
}
|
|
64
62
|
async createGuardFromTokenSources(type, token_sources, jwt_audience) {
|
|
65
|
-
|
|
66
|
-
const debug = this.debug;
|
|
67
|
-
if (debug) {
|
|
63
|
+
if (this.debug) {
|
|
68
64
|
console.log(`[RouteGuardFactory] Initializing route guard from token sources: `, token_sources);
|
|
69
65
|
}
|
|
70
66
|
if (!apiServerIdSchema.safeParse(jwt_audience).success) {
|
|
71
67
|
throw new TypeError(`Invalid API server ID for 'jwt_audience': ${jwt_audience}`);
|
|
72
68
|
}
|
|
73
|
-
|
|
74
|
-
if (!keys_manager) {
|
|
69
|
+
if (!this.jwt_keys_manager) {
|
|
75
70
|
throw new Error("Failed to resolve reference to JWT keys manager to operate this route guard!");
|
|
76
71
|
}
|
|
77
|
-
|
|
78
|
-
let user_organizations = null;
|
|
79
|
-
try {
|
|
80
|
-
user = await decodeJWTs({
|
|
81
|
-
token_sources,
|
|
82
|
-
jwt_audience,
|
|
83
|
-
decodeJWT: async (opts) => {
|
|
84
|
-
if (debug) {
|
|
85
|
-
let debugMessage = `[RouteGuardFactory] Attempting to decode ${opts.type} JWT for audience: '${opts.jwt_audience}'`;
|
|
86
|
-
if (opts.sourceHint) {
|
|
87
|
-
debugMessage += ` (Source: '${opts.sourceHint}')`;
|
|
88
|
-
}
|
|
89
|
-
console.log(debugMessage);
|
|
90
|
-
}
|
|
91
|
-
let keyset_id;
|
|
92
|
-
try {
|
|
93
|
-
keyset_id = getKeysetIdFromToken(opts.token);
|
|
94
|
-
}
|
|
95
|
-
catch (e) {
|
|
96
|
-
console.error("Failed to load 'keyset_id' from auth token: ", e);
|
|
97
|
-
throw new Error("Failed to load 'keyset_id' from auth token!");
|
|
98
|
-
}
|
|
99
|
-
if (!keyset_id || !isValidUuid(keyset_id)) {
|
|
100
|
-
throw new TypeError("Expected 'keyset_id' from token to be a valid UUID!");
|
|
101
|
-
}
|
|
102
|
-
let decodingKeys;
|
|
103
|
-
try {
|
|
104
|
-
decodingKeys = await loadJwtDecodingKeys({
|
|
105
|
-
keyset_id,
|
|
106
|
-
keys_manager,
|
|
107
|
-
audience_id: jwt_audience,
|
|
108
|
-
debug,
|
|
109
|
-
});
|
|
110
|
-
if (decodingKeys.keyset_id !== keyset_id) {
|
|
111
|
-
throw new Error("Mismatch between the keyset ID of result and what was requested!");
|
|
112
|
-
}
|
|
113
|
-
}
|
|
114
|
-
catch (e) {
|
|
115
|
-
console.warn(`[createGuardFromTokenSources] Failed to load keys associated with token-associated keyset '${keyset_id}': `, e);
|
|
116
|
-
if (e instanceof JwtDecodingKeysetNotFoundError) {
|
|
117
|
-
throw e;
|
|
118
|
-
}
|
|
119
|
-
throw new Error("Failed to load keys associated with token-associated keyset!");
|
|
120
|
-
}
|
|
121
|
-
const { decryption_key, verification_key } = decodingKeys;
|
|
122
|
-
try {
|
|
123
|
-
return (await decodeSchemavaultsJwt({
|
|
124
|
-
jwt: opts.token,
|
|
125
|
-
type: opts.type,
|
|
126
|
-
audience: opts.jwt_audience,
|
|
127
|
-
decryption_key,
|
|
128
|
-
verification_key,
|
|
129
|
-
keyset_id,
|
|
130
|
-
env: environment,
|
|
131
|
-
}));
|
|
132
|
-
}
|
|
133
|
-
catch (e) {
|
|
134
|
-
console.error("Failed to decode JSON web token: ", e);
|
|
135
|
-
throw new Error("Failed to decode JSON web token!");
|
|
136
|
-
}
|
|
137
|
-
},
|
|
138
|
-
}, debug);
|
|
139
|
-
if (!("orgs" in user) || !Array.isArray(user.orgs)) {
|
|
140
|
-
throw new Error("No 'orgs' field in decoded user object!");
|
|
141
|
-
}
|
|
142
|
-
if (user.orgs.every((org_id) => typeof org_id === "string" &&
|
|
143
|
-
organizationIdSchema.safeParse(org_id).success)) {
|
|
144
|
-
user_organizations = user.orgs;
|
|
145
|
-
}
|
|
146
|
-
if (!Array.isArray(user_organizations)) {
|
|
147
|
-
throw new TypeError("Failed to load user organizations associated with user from token!");
|
|
148
|
-
}
|
|
149
|
-
}
|
|
150
|
-
catch (e) {
|
|
151
|
-
if (e instanceof JwtDecodingKeysetNotFoundError) {
|
|
152
|
-
console.warn(`[createdGuardFromTokenSources] Failed to load keyset '${e.keyset_id}' associated with provided token: `, e);
|
|
153
|
-
}
|
|
154
|
-
else {
|
|
155
|
-
console.warn("No-op error creating route-guard... Failed to decode JWTs, setting user = null", e);
|
|
156
|
-
}
|
|
157
|
-
user = null;
|
|
158
|
-
user_organizations = null;
|
|
159
|
-
}
|
|
72
|
+
const { user, user_organizations } = await decodeJWTsWithKeyManager(this.jwt_keys_manager, token_sources, jwt_audience, this.environment, this.debug);
|
|
160
73
|
const init_opts = {
|
|
161
74
|
user,
|
|
162
75
|
environment: getAppEnvironment(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"route-guard-factory.js","sourceRoot":"","sources":["../../src/route_guards/route-guard-factory.ts"],"names":[],"mappings":"AAAA,OAAO,uBAAuB,MAAM,SAAS,CAAC;AAC9C,OAAO,gCAAgC,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;
|
|
1
|
+
{"version":3,"file":"route-guard-factory.js","sourceRoot":"","sources":["../../src/route_guards/route-guard-factory.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,OAAO,uBAAuB,MAAM,SAAS,CAAC;AAC9C,OAAO,gCAAgC,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAEL,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAuB,MAAM,iBAAiB,CAAC;AAC3E,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,MAAM,gCAAgC,CAAC;AAStE,MAAM,WAAW,GAAG;IAClB,eAAe;IACf,OAAO;CAC6B,CAAC;AAGvC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAyB,EAAE;IAC5E,OACE,WACD,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,MAAM,MAAM,GAAG;IACb,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,gCAAgC,CAAC,IAAI,CAAC;IACnE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,uBAAuB,CAAC,IAAI,CAAC;CAInD,CAAC;AAEF,MAAM,OAAO,iBAAiB;IACX,gBAAgB,CAAiB;IACjC,WAAW,CAA6B;IACxC,KAAK,CAAU;IACf,cAAc,CAAU;IAEzC,YAAmB,EAAE,WAAW,EAAE,GAAG,IAAI,EAAgC;QACvE,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;QACjC,IACE,OAAO,IAAI,CAAC,cAAc,KAAK,SAAS;YACxC,OAAO,IAAI,CAAC,cAAc,KAAK,WAAW,EAC1C,CAAC;YACD,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,KAAK,CAAC;QAEnD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,IAAI,SAAS,CACjB,8EAA8E,CAC/E,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC;gBAC9C,eAAe,EAAE,4BAA4B,EAAE;gBAC/C,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAa;QAChD,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;IACtD,CAAC;IAEM,MAAM,CAAC,sBAAsB,CAClC,IAAoB,EACpB,IAAgC;QAEhC,IAAI,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,+CAA+C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxE,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,KAAK,GAAgB,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9C,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,sBAAsB,CAC3B,IAAoB,EACpB,IAAgC;QAEhC,OAAO,iBAAiB,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9D,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,IAAoB,EACpB,aAAqD,EACrD,YAAyB;QAEzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE,aAAa,CACd,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,kBAAkB,EAAE,GAAG,MAAM,wBAAwB,CACjE,IAAI,CAAC,gBAAgB,EACrB,aAAa,EACb,YAAY,EACZ,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,KAAK,CACX,CAAC;QAEF,MAAM,SAAS,GAA+B;YAC5C,IAAI;YACJ,WAAW,EAAE,iBAAiB,EAAE;YAChC,kBAAkB,EAAE,kBAAkB,IAAI,EAAE;SAC7C,CAAC;QAEF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,8DAA8D,EAC9D,SAAS,CACV,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,SAAS,CAAuB,CAAC;IAC5E,CAAC;IAEM,KAAK,CAAC,yBAAyB,CACpC,IAAoB,EACpB,UAAyB,EACzB,YAAoB;QAEpB,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,YAAY,GAAG,SAAkB,CAAC;QACxC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE5D,OAAO,MAAM,IAAI,CAAC,2BAA2B,CAC3C,IAAI,EACJ;YACE;gBACE,UAAU,EAAE,0BAA0B;gBACtC,KAAK;gBACL,IAAI,EAAE,QAAQ;aACf;SACF,EACD,YAAY,CACb,CAAC;IACJ,CAAC;CACF;AAED,eAAe,iBAAiB,CAAC"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import "server-only";
|
|
2
|
-
import { SCHEMAVAULTS_AUTH_APP_ID, getAppEnvironment,
|
|
2
|
+
import { SCHEMAVAULTS_AUTH_APP_ID, getAppEnvironment, } from "@schemavaults/app-definitions";
|
|
3
3
|
import { accessTokenDataSchema, } from "@schemavaults/auth-common";
|
|
4
4
|
import { cookies as loadCookies } from "next/headers";
|
|
5
5
|
import { redirectWithNextAppDirError } from "../redirect-with-error";
|
|
@@ -14,10 +14,11 @@ import { RemoteJwtKeyManager } from "../JwtKeyManager";
|
|
|
14
14
|
import redirectToLogin from "../redirect-to-login";
|
|
15
15
|
import { redirect } from "next/navigation";
|
|
16
16
|
import assertValidRouteGuardType from "./assertValidRouteGuardType";
|
|
17
|
+
import getSchemaVaultsAuthServerUri from "../get-schemavaults-auth-server-uri";
|
|
17
18
|
// default key manager is RemoteJwtKeyManager-- makes it easier for external apps, we can overwrite this once for the auth server
|
|
18
19
|
export function initDefaultJwtKeyManagerForAuthenticatedRouteGuard(debug = process.env.NODE_ENV === "development") {
|
|
19
20
|
return new RemoteJwtKeyManager({
|
|
20
|
-
auth_server_uri:
|
|
21
|
+
auth_server_uri: getSchemaVaultsAuthServerUri(),
|
|
21
22
|
debug,
|
|
22
23
|
});
|
|
23
24
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"withAuthenticatedRouteGuard.js","sourceRoot":"","sources":["../../src/route_guards/withAuthenticatedRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,
|
|
1
|
+
{"version":3,"file":"withAuthenticatedRouteGuard.js","sourceRoot":"","sources":["../../src/route_guards/withAuthenticatedRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,aAAa,CAAC;AAErB,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAEL,qBAAqB,GAItB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,cAAc,CAAC;AAEtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,uBAAuB,CAAC;AACpE,OAAO,iBAAiB,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAoB,YAAY,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,iBAAiB,MAAM,qBAAqB,CAAC;AACpD,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAuB,MAAM,iBAAiB,CAAC;AAC3E,OAAO,eAAe,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,yBAAyB,MAAM,6BAA6B,CAAC;AACpE,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AA2B9E,iIAAiI;AACjI,MAAM,UAAU,kDAAkD,CAChE,QAAiB,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;IAEvD,OAAO,IAAI,mBAAmB,CAAC;QAC7B,eAAe,EAAE,4BAA4B,EAAE;QAC/C,KAAK;KACN,CAAC,CAAC;AACL,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0CAA0C,CAG9D,gBAAoF,EACpF,wCAAgE,EAChE,mBAA8C,eAAe,EAC7D,6BAKgB,SAAS,EACzB,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;IACpE,MAAM,aAAa,GAAgB,cAAc,EAAE,CAAC;IACpD,MAAM,OAAO,GAAG,MAAM,WAAW,EAAE,CAAC;IAEpC,MAAM,aAAa,GAAkC,EAAE,CAAC;IAExD,qCAAqC;IACrC,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;QAC/C,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CACtC,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;QACF,IAAI,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;YACpD,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,2BAA2B;gBACvC,IAAI,EAAE,SAAS;gBACf,KAAK,EAAE,oBAAoB,CAAC,KAAK;aAClC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,MAAM,wBAAwB,GAAW,qBAAqB,CAAC,aAAa,CAAC,CAAC;IAC9E,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAClE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;QAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,EACrC,CAAC;QACD,IAAI,UAAU,GAAkB,IAAI,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YACrD,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC/C,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC;YAC5B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;YAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;QACzC,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,6BAA6B,wBAAwB,GAAG;gBACpE,IAAI,EAAE,QAAQ;gBACd,KAAK,EAAE,UAAU;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED,MAAM,mBAAmB,GAAG,IAAI,iBAAiB,CAAC;QAChD,WAAW;QACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;QAC1D,gBAAgB;KACjB,CAAC,CAAC;IACH,MAAM,WAAW,GACf,MAAM,mBAAmB,CAAC,2BAA2B,CACnD,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;IAEJ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACtB,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;IAExC,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,CAAC;QACnC,2BAA2B,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CACjB,mGAAmG,CACpG,CAAC;IACJ,CAAC;IACD,MAAM,yCAAyC,GAAG,gBAAgB,CAAC;IAEnE,MAAM,2BAA2B,GAC/B;QACE,IAAI;QACJ,WAAW;QACX,kBAAkB,EAAE,WAAW,CAAC,kBAAkB;KACnD,CAAC;IAEJ,MAAM,sBAAsB,GACD;QACzB,GAAG,2BAA2B;QAC9B,GAAG,wCAAwC;KAC5C,CAAC;IAEF,IAAI,OAAO,0BAA0B,KAAK,UAAU,EAAE,CAAC;QACrD,IAAI,aAAa,GAAY,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,aAAa,GAAG,MAAM,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;QAC3E,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;YACpE,2BAA2B,CAAC,GAAG,EAAE,uBAAuB,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,2BAA2B,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,MAAM,yCAAyC,CACrD,sBAAsB,CACvB,CAAwB,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,8BAA8B,CAG5C,iBAAgF,EAChF,kCAAgE,EAChE,mBAA8C,eAAe,EAC7D,6BAKgB,SAAS,EACzB,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,qBAAqB,GACzB,iBAAiB,CAAC;IACpB,OAAO,KAAK,UAAU,8BAA8B,CAClD,GAAgB;QAEhB,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;QACpE,MAAM,aAAa,GAAgB,cAAc,EAAE,CAAC;QAEpD,MAAM,aAAa,GAAkC,EAAE,CAAC;QAExD,4CAA4C;QAC5C,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;YAC/C,MAAM,oBAAoB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAC1C,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;YACF,IACE,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ;gBAC/C,oBAAoB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACtC,iBAAiB,CAAC,oBAAoB,CAAC,KAAK,CAAC;oBAC3C,wBAAwB,EAC1B,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,2BAA2B;oBACvC,IAAI,EAAE,SAAS;oBACf,KAAK,EAAE,oBAAoB,CAAC,KAAsB;iBACnD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,gHAAgH;QAChH,MAAM,CAAC,KAAK,UAAU,wCAAwC;YAC5D,MAAM,wBAAwB,GAC5B,qBAAqB,CAAC,aAAa,CAAC,CAAC;YACvC,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;YACtE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;gBAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACrC,iBAAiB,CAAC,mBAAmB,CAAC,KAAK,CAAC,IAAI,wBAAwB,EACxE,CAAC;gBACD,IAAI,UAAU,GAAkB,IAAI,CAAC;gBACrC,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,cAAc,CACvD,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CACtC,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACpB,MAAM,MAAM,CAAC,KAAK,CAAC;oBACrB,CAAC;oBACD,MAAM,0BAA0B,GAAgB,MAAM,CAAC,IAAI,CAAC;oBAC5D,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,0BAA0B,CAAC,GAAG,EAAE,CAAC;wBAChD,UAAU,GAAG,0BAA0B,CAAC,KAAK,CAAC;oBAChD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,0BAA0B;oBAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACzC,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,aAAa,CAAC,IAAI,CAAC;wBACjB,UAAU,EAAE,6BAA6B,wBAAwB,GAAG;wBACpE,IAAI,EAAE,QAAQ;wBACd,KAAK,EAAE,UAAU;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,8CAA8C;QAC9C,CAAC,SAAS,4CAA4C;YACpD,IACE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;gBAChC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAChC,CAAC;gBACD,MAAM,WAAW,GACf,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;gBACvE,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;oBACpD,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,MAAM,wBAAwB,GAC5B,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC;oBAClE,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC;oBACrC,CAAC,CAAC,EAAE,CAAC;gBACT,IAAI,CAAC,wBAAwB,EAAE,CAAC;oBAC9B,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,+CAA+C;oBAC3D,IAAI,EAAE,QAAQ;oBACd,KAAK,EAAE,wBAAyC;iBACjD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,mBAAmB,GAAG,IAAI,iBAAiB,CAAC;YAChD,WAAW;YACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;YAC1D,gBAAgB;SACjB,CAAC,CAAC;QACH,MAAM,WAAW,GACf,MAAM,mBAAmB,CAAC,2BAA2B,CACnD,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;QAEJ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACtB,OAAO,YAAY,CAAC,IAAI,CACtB;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,qCAAqC;aAC/C,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;QAExC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnD,OAAO,YAAY,CAAC,IAAI,CACtB;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EACL,qEAAqE;aACxE,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACxD,OAAO,YAAY,CAAC,IAAI,CACtB;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,MAAM,kBAAkB,GACtB,WAAW,CAAC,kBAAkB,CAAC;QAEjC,MAAM,qBAAqB,GAA8C;YACvE,GAAG;YACH,IAAI;YACJ,WAAW;YACX,kBAAkB;SACnB,CAAC;QAEF,MAAM,gBAAgB,GACW;YAC/B,GAAG,qBAAqB;YACxB,GAAG,kCAAkC;SACtC,CAAC;QAEF,IAAI,OAAO,0BAA0B,KAAK,UAAU,EAAE,CAAC;YACrD,IAAI,aAAa,GAAY,KAAK,CAAC;YACnC,IAAI,CAAC;gBACH,aAAa,GAAG,MAAM,0BAA0B,CAAC,gBAAgB,CAAC,CAAC;YACrE,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;gBACpE,OAAO,YAAY,CAAC,IAAI,CACtB;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,2CAA2C;iBACrD,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,YAAY,CAAC,IAAI,CACtB;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,uBAAuB;iBACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,CAAC,MAAM,qBAAqB,CACjC,gBAAgB,CACjB,CAAwB,CAAC;IAC5B,CAAC,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@schemavaults/auth-server-sdk",
|
|
3
3
|
"description": "TypeScript SDK for building authenticated endpoints/middlewares for the Auth Server and Resource Servers",
|
|
4
|
-
"version": "0.20.
|
|
4
|
+
"version": "0.20.4",
|
|
5
5
|
"license": "UNLICENSED",
|
|
6
6
|
"private": false,
|
|
7
7
|
"repository": {
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"zod": "3.23.8",
|
|
21
21
|
"@schemavaults/jwt": "0.6.30",
|
|
22
|
-
"@schemavaults/auth-common": "0.9.
|
|
22
|
+
"@schemavaults/auth-common": "0.9.1",
|
|
23
23
|
"@schemavaults/app-definitions": "0.6.17"
|
|
24
24
|
},
|
|
25
25
|
"scripts": {
|