@schemavaults/auth-server-sdk 0.21.18 → 0.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.d.ts +1 -0
  2. package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.js +12 -8
  3. package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.js.map +1 -1
  4. package/dist/JwtKeyManager/RemoteJwtKeyManager/index.d.ts +3 -2
  5. package/dist/JwtKeyManager/RemoteJwtKeyManager/index.js +2 -2
  6. package/dist/JwtKeyManager/RemoteJwtKeyManager/index.js.map +1 -1
  7. package/dist/cli.cjs +2 -2
  8. package/dist/decode-jwts-with-key-manager.d.ts +1 -6
  9. package/dist/decode-jwts-with-key-manager.js +22 -28
  10. package/dist/decode-jwts-with-key-manager.js.map +1 -1
  11. package/dist/index.d.ts +1 -0
  12. package/dist/index.js +2 -0
  13. package/dist/index.js.map +1 -1
  14. package/dist/isUserInOrganization.d.ts +18 -0
  15. package/dist/isUserInOrganization.js +61 -0
  16. package/dist/isUserInOrganization.js.map +1 -0
  17. package/dist/route_guards/IRouteGuard.d.ts +1 -2
  18. package/dist/route_guards/base-route-guard.d.ts +2 -4
  19. package/dist/route_guards/base-route-guard.js +1 -6
  20. package/dist/route_guards/base-route-guard.js.map +1 -1
  21. package/dist/route_guards/init_route_guard_check_options.d.ts +1 -4
  22. package/dist/route_guards/route-guard-factory.js +1 -6
  23. package/dist/route_guards/route-guard-factory.js.map +1 -1
  24. package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.d.ts +2 -3
  25. package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.js +3 -4
  26. package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.js.map +1 -1
  27. package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.d.ts +2 -3
  28. package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.js +7 -4
  29. package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.js.map +1 -1
  30. package/dist/route_guards/withAuthenticatedRouteGuard/IBaseProtectedAuthenticatedServerComponentPageProps.d.ts +1 -2
  31. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.d.ts +9 -1
  32. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.js +31 -12
  33. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.js.map +1 -1
  34. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.d.ts +9 -1
  35. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.js +28 -5
  36. package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.js.map +1 -1
  37. package/package.json +3 -3
package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.d.ts CHANGED
@@ -14,6 +14,7 @@ export declare class RemoteJwtKeyManager implements ICacheableJwtKeyManager {
14
14
  constructor({ auth_server_uri, ...opts }: IRemoteJwtKeyManagerConstructorOpts);
15
15
  private cacheKey;
16
16
  invalidateJwksCache(audienceId: string): void;
17
+ protected loadJwksAccessPrivateKey(): Promise<CryptoKey>;
17
18
  loadJwks(audienceId: ApiServerId): Promise<JWKS>;
18
19
  isConfigured(): boolean;
19
20
  }
package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.js CHANGED
@@ -26,6 +26,17 @@ export class RemoteJwtKeyManager {
26
26
  }
27
27
  RemoteJwtKeyManager.jwksCache.delete(key);
28
28
  }
29
+ async loadJwksAccessPrivateKey() {
30
+ let jwks_access_private_key;
31
+ try {
32
+ jwks_access_private_key = await loadJwksAccessPrivateKey(process.env);
33
+ }
34
+ catch (e) {
35
+ console.error(e);
36
+ throw new TypeError("Failed to load JWKS access private key from environment variables!");
37
+ }
38
+ return jwks_access_private_key;
39
+ }
29
40
  async loadJwks(audienceId) {
30
41
  if (!apiServerIdSchema.safeParse(audienceId).success) {
31
42
  throw new Error(`Invalid audience to load remote JWKS for: '${audienceId}'`);
@@ -42,17 +53,10 @@ export class RemoteJwtKeyManager {
42
53
  }
43
54
  return cached.jwks;
44
55
  }
56
+ const jwks_access_private_key = await this.loadJwksAccessPrivateKey();
45
57
  if (this.debug) {
46
58
  console.log(`[RemoteJwtKeyManager] loadJwks(audience_id='${audienceId}') — fetching from remote (cacheKey='${key}')`);
47
59
  }
48
- let jwks_access_private_key;
49
- try {
50
- jwks_access_private_key = await loadJwksAccessPrivateKey(process.env);
51
- }
52
- catch (e) {
53
- console.error(e);
54
- throw new TypeError("Failed to load JWKS access private key from environment variables!");
55
- }
56
60
  const jwks = await loadRemoteJwks({
57
61
  auth_server_uri: this.auth_server_uri,
58
62
  api_server_id: audienceId,
package/dist/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"RemoteJwtKeyManager.js","sourceRoot":"","sources":["../../../src/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.ts"],"names":[],"mappings":"AAEA,OAAO,cAAc,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAEL,iBAAiB,EACjB,gCAAgC,GACjC,MAAM,+BAA+B,CAAC;AACvC,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,EAAE,EAC/B,oCAAoC,GACrC,MAAM,gCAAgC,CAAC;AAExC,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,YAAY;AAaxD,MAAM,OAAO,mBAAmB;IACb,eAAe,CAAS;IACxB,KAAK,CAAU;IACf,YAAY,CAAS;IAC9B,MAAM,CAAU,SAAS,GAAiC,IAAI,GAAG,EAAE,CAAC;IAE5E,YAAmB,EACjB,eAAe,GAAG,4BAA4B,EAAE,EAChD,GAAG,IAAI,EAC6B;QACpC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QAClE,IAAI,CAAC,YAAY;YACf,OAAO,IAAI,CAAC,YAAY,KAAK,QAAQ,IAAI,IAAI,CAAC,YAAY,GAAG,CAAC;gBAC5D,CAAC,CAAC,IAAI,CAAC,YAAY;gBACnB,CAAC,CAAC,oBAAoB,CAAC;IAC7B,CAAC;IAEO,QAAQ,CAAC,UAAkB;QACjC,OAAO,GAAG,IAAI,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;IAClD,CAAC;IAEM,mBAAmB,CAAC,UAAkB;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACtC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,0DAA0D,UAAU,gBAAgB,GAAG,IAAI,CAC5F,CAAC;QACJ,CAAC;QACD,mBAAmB,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,UAAuB;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CACb,8CAA8C,UAAU,GAAG,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,KAAK,gCAAgC,CAAC,MAAM,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CACb,wEAAwE,CACzE,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtD,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YAChE,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,+CAA+C,UAAU,6BAA6B,GAAG,IAAI,CAC9F,CAAC;YACJ,CAAC;YACD,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,+CAA+C,UAAU,wCAAwC,GAAG,IAAI,CACzG,CAAC;QACJ,CAAC;QAED,IAAI,uBAAkC,CAAC;QACvC,IAAI,CAAC;YACH,uBAAuB,GAAG,MAAM,wBAAwB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxE,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACjB,MAAM,IAAI,SAAS,CACjB,oEAAoE,CACrE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC;YAChC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,aAAa,EAAE,UAAU;YACzB,uBAAuB;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAExE,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,YAAY;QACjB,IACE,OAAO,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,KAAK,QAAQ;YACrE,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC,MAAM,GAAG,CAAC,EAC5D,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;;AAGH,eAAe,mBAAmB,CAAC"}
1
+ {"version":3,"file":"RemoteJwtKeyManager.js","sourceRoot":"","sources":["../../../src/JwtKeyManager/RemoteJwtKeyManager/RemoteJwtKeyManager.ts"],"names":[],"mappings":"AAEA,OAAO,cAAc,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAEL,iBAAiB,EACjB,gCAAgC,GACjC,MAAM,+BAA+B,CAAC;AACvC,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,EAAE,EAC/B,oCAAoC,GACrC,MAAM,gCAAgC,CAAC;AAExC,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,YAAY;AAaxD,MAAM,OAAO,mBAAmB;IACb,eAAe,CAAS;IACxB,KAAK,CAAU;IACf,YAAY,CAAS;IAC9B,MAAM,CAAU,SAAS,GAAiC,IAAI,GAAG,EAAE,CAAC;IAE5E,YAAmB,EACjB,eAAe,GAAG,4BAA4B,EAAE,EAChD,GAAG,IAAI,EAC6B;QACpC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,OAAO,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QAClE,IAAI,CAAC,YAAY;YACf,OAAO,IAAI,CAAC,YAAY,KAAK,QAAQ,IAAI,IAAI,CAAC,YAAY,GAAG,CAAC;gBAC5D,CAAC,CAAC,IAAI,CAAC,YAAY;gBACnB,CAAC,CAAC,oBAAoB,CAAC;IAC7B,CAAC;IAEO,QAAQ,CAAC,UAAkB;QACjC,OAAO,GAAG,IAAI,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;IAClD,CAAC;IAEM,mBAAmB,CAAC,UAAkB;QAC3C,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACtC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,0DAA0D,UAAU,gBAAgB,GAAG,IAAI,CAC5F,CAAC;QACJ,CAAC;QACD,mBAAmB,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5C,CAAC;IAES,KAAK,CAAC,wBAAwB;QACtC,IAAI,uBAAkC,CAAC;QACvC,IAAI,CAAC;YACH,uBAAuB,GAAG,MAAM,wBAAwB,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACxE,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACjB,MAAM,IAAI,SAAS,CACjB,oEAAoE,CACrE,CAAC;QACJ,CAAC;QACD,OAAO,uBAAuB,CAAC;IACjC,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,UAAuB;QAC3C,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CACb,8CAA8C,UAAU,GAAG,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,KAAK,gCAAgC,CAAC,MAAM,EAAE,CAAC;YAC3D,MAAM,IAAI,KAAK,CACb,wEAAwE,CACzE,CAAC;QACJ,CAAC;QAED,mDAAmD;QACnD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACtD,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YAChE,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,+CAA+C,UAAU,6BAA6B,GAAG,IAAI,CAC9F,CAAC;YACJ,CAAC;YACD,OAAO,MAAM,CAAC,IAAI,CAAC;QACrB,CAAC;QAED,MAAM,uBAAuB,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAEtE,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,+CAA+C,UAAU,wCAAwC,GAAG,IAAI,CACzG,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC;YAChC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,aAAa,EAAE,UAAU;YACzB,uBAAuB;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,mBAAmB,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAExE,OAAO,IAAI,CAAC;IACd,CAAC;IAEM,YAAY;QACjB,IACE,OAAO,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,KAAK,QAAQ;YACrE,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC,MAAM,GAAG,CAAC,EAC5D,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;;AAGH,eAAe,mBAAmB,CAAC"}
package/dist/JwtKeyManager/RemoteJwtKeyManager/index.d.ts CHANGED
@@ -1,2 +1,3 @@
1
- export { RemoteJwtKeyManager, RemoteJwtKeyManager as default } from './RemoteJwtKeyManager';
2
- export { loadRemoteJwks } from './loadRemoteJwks';
1
+ export { RemoteJwtKeyManager, RemoteJwtKeyManager as default, } from "./RemoteJwtKeyManager";
2
+ export { loadRemoteJwks } from "./loadRemoteJwks";
3
+ export type { IRemoteJwtKeyManagerConstructorOpts } from "./RemoteJwtKeyManager";
package/dist/JwtKeyManager/RemoteJwtKeyManager/index.js CHANGED
@@ -1,3 +1,3 @@
1
- export { RemoteJwtKeyManager, RemoteJwtKeyManager as default } from './RemoteJwtKeyManager';
2
- export { loadRemoteJwks } from './loadRemoteJwks';
1
+ export { RemoteJwtKeyManager, RemoteJwtKeyManager as default, } from "./RemoteJwtKeyManager";
2
+ export { loadRemoteJwks } from "./loadRemoteJwks";
3
3
  //# sourceMappingURL=index.js.map
package/dist/JwtKeyManager/RemoteJwtKeyManager/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/JwtKeyManager/RemoteJwtKeyManager/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,IAAI,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAE5F,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/JwtKeyManager/RemoteJwtKeyManager/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,mBAAmB,IAAI,OAAO,GAC/B,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC"}
package/dist/cli.cjs CHANGED
@@ -89,7 +89,7 @@ var init_resolve_codegen_templates_directory = __esm({
89
89
 
90
90
  // src/NextjsAppDirectoryPlugin/codegen-marker.ts
91
91
  function getCodegenMarkerComment() {
92
- const version = true ? "0.21.18" : "unknown";
92
+ const version = true ? "0.22.0" : "unknown";
93
93
  return `${CODEGEN_MARKER_PREFIX}${version}`;
94
94
  }
95
95
  function hasCodegenMarker(firstLine) {
@@ -296,7 +296,7 @@ async function main() {
296
296
  return;
297
297
  }
298
298
  if (args.includes("--version") || args.includes("-v")) {
299
- console.log(`${PACKAGE_NAME}@${"0.21.18"}`);
299
+ console.log(`${PACKAGE_NAME}@${"0.22.0"}`);
300
300
  return;
301
301
  }
302
302
  const command = args.find((arg) => !arg.startsWith("-")) ?? "codegen";
package/dist/decode-jwts-with-key-manager.d.ts CHANGED
@@ -1,15 +1,10 @@
1
- import { type OrganizationID, type UserData, type PotentiallyValidTokenSource } from "@schemavaults/auth-common";
1
+ import { type UserData, type PotentiallyValidTokenSource } from "@schemavaults/auth-common";
2
2
  import { type IJwtKeyManager } from "./JwtKeyManager";
3
3
  import { type SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
4
- import { type CustomJWTPayload } from "@schemavaults/jwt";
5
4
  export type IDecodeJWTsWithKeyManagerOutput = {
6
5
  user: UserData;
7
- user_organizations: readonly OrganizationID[];
8
- jwt_payload: CustomJWTPayload;
9
6
  } | {
10
7
  user: null;
11
- user_organizations: null;
12
- jwt_payload: null;
13
8
  };
14
9
  export declare function decodeJWTsWithKeyManager(keys_manager: IJwtKeyManager, token_sources: readonly PotentiallyValidTokenSource[], jwt_audience?: string, environment?: SchemaVaultsAppEnvironment, debug?: boolean): Promise<IDecodeJWTsWithKeyManagerOutput>;
15
10
  export default decodeJWTsWithKeyManager;
package/dist/decode-jwts-with-key-manager.js CHANGED
@@ -1,9 +1,9 @@
1
1
  import { getAppEnvironment } from "./get-app-environment";
2
- import { decodeJWTs, organizationIdSchema, } from "@schemavaults/auth-common";
2
+ import { decodeJWTs, userDataSchema, } from "@schemavaults/auth-common";
3
3
  import { JwtDecodingKeysetNotFoundError, loadJwtDecodingKeys, } from "./JwtKeyManager";
4
4
  import { apiServerIdSchema, } from "@schemavaults/app-definitions";
5
5
  import getSchemavaultsApiServerId from "./get-schemavaults-api-server-id";
6
- import { customJwtPayloadToUserData, decodeJWT as decodeSchemavaultsJwt, getKeysetIdFromToken, } from "@schemavaults/jwt";
6
+ import { decodeJWT as decodeSchemavaultsJwt, getKeysetIdFromToken, customJwtPayloadToUserData, } from "@schemavaults/jwt";
7
7
  import isValidUuid from "./is-valid-uuid";
8
8
  export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_audience = getSchemavaultsApiServerId(), environment = getAppEnvironment(), debug = false) {
9
9
  if (debug) {
@@ -15,12 +15,9 @@ export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_
15
15
  if (!keys_manager) {
16
16
  throw new TypeError("Failed to resolve reference to JWT keys manager to load keys to perform decode!");
17
17
  }
18
- let decoded = null;
19
- let user_organizations = null;
18
+ let decoded_user = null;
20
19
  try {
21
- // The callback returns CustomJWTPayload but DecodeTokenFn types it as UserData & { orgs }.
22
- // Cast is safe because decodeSchemavaultsJwt always returns a full CustomJWTPayload.
23
- decoded = (await decodeJWTs({
20
+ const user = await decodeJWTs({
24
21
  token_sources,
25
22
  jwt_audience,
26
23
  decodeJWT: async (opts) => {
@@ -63,7 +60,7 @@ export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_
63
60
  }
64
61
  const { decryption_key, verification_key } = decodingKeys;
65
62
  try {
66
- return (await decodeSchemavaultsJwt({
63
+ const jwtPayload = await decodeSchemavaultsJwt({
67
64
  jwt: opts.token,
68
65
  type: opts.type,
69
66
  audience: opts.jwt_audience,
@@ -71,30 +68,16 @@ export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_
71
68
  verification_key,
72
69
  keyset_id,
73
70
  env: environment,
74
- }));
71
+ });
72
+ return customJwtPayloadToUserData(jwtPayload);
75
73
  }
76
74
  catch (e) {
77
75
  console.error("Failed to decode JSON web token: ", e);
78
76
  throw new Error("Failed to decode JSON web token!");
79
77
  }
80
78
  },
81
- }, debug));
82
- if (!("orgs" in decoded) || !Array.isArray(decoded.orgs)) {
83
- throw new Error("No 'orgs' field in decoded user object!");
84
- }
85
- if (decoded.orgs.every((org_id) => typeof org_id === "string" &&
86
- organizationIdSchema.safeParse(org_id).success)) {
87
- user_organizations = decoded.orgs;
88
- }
89
- if (!Array.isArray(user_organizations)) {
90
- throw new TypeError("Failed to load user organizations associated with user from token!");
91
- }
92
- const user = customJwtPayloadToUserData(decoded);
93
- return {
94
- user,
95
- user_organizations: user_organizations,
96
- jwt_payload: decoded,
97
- };
79
+ }, debug);
80
+ decoded_user = user;
98
81
  }
99
82
  catch (e) {
100
83
  if (e instanceof JwtDecodingKeysetNotFoundError) {
@@ -104,10 +87,21 @@ export async function decodeJWTsWithKeyManager(keys_manager, token_sources, jwt_
104
87
  console.warn("No-op error creating route-guard... Failed to decode JWTs, setting user = null", e);
105
88
  }
106
89
  }
90
+ if (decoded_user) {
91
+ const parsed_user = await userDataSchema.safeParseAsync(decoded_user);
92
+ if (!parsed_user.success) {
93
+ console.warn("Received invalid user data from JWT decode operation: ", parsed_user.error);
94
+ return {
95
+ user: null,
96
+ };
97
+ }
98
+ const user = parsed_user.data;
99
+ return {
100
+ user,
101
+ };
102
+ }
107
103
  return {
108
104
  user: null,
109
- user_organizations: null,
110
- jwt_payload: null,
111
105
  };
112
106
  }
113
107
  export default decodeJWTsWithKeyManager;
package/dist/decode-jwts-with-key-manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"decode-jwts-with-key-manager.js","sourceRoot":"","sources":["../src/decode-jwts-with-key-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,UAAU,EAKV,oBAAoB,GACrB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAEL,8BAA8B,EAC9B,mBAAmB,GAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAEL,0BAA0B,EAC1B,SAAS,IAAI,qBAAqB,EAClC,oBAAoB,GACrB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,WAAW,MAAM,iBAAiB,CAAC;AAgB1C,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,YAA4B,EAC5B,aAAqD,EACrD,eAAuB,0BAA0B,EAAE,EACnD,cAA0C,iBAAiB,EAAE,EAC7D,QAAiB,KAAK;IAEtB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,2EAA2E,EAC3E,aAAa,CACd,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;QACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,SAAS,CACjB,iFAAiF,CAClF,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,GAA4B,IAAI,CAAC;IAC5C,IAAI,kBAAkB,GAAqC,IAAI,CAAC;IAChE,IAAI,CAAC;QACH,2FAA2F;QAC3F,qFAAqF;QACrF,OAAO,GAAG,CAAC,MAAM,UAAU,CACzB;YACE,aAAa;YACb,YAAY;YACZ,SAAS,EAAE,KAAK,EAAE,IAAI,EAAgC,EAAE;gBACtD,IAAI,KAAK,EAAE,CAAC;oBACV,IAAI,YAAY,GAAW,mDAAmD,IAAI,CAAC,IAAI,uBAAuB,IAAI,CAAC,YAAY,GAAG,CAAC;oBACnI,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;wBACpB,YAAY,IAAI,cAAc,IAAI,CAAC,UAAU,IAAI,CAAC;oBACpD,CAAC;oBACD,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAC5B,CAAC;gBAED,IAAI,SAAiB,CAAC;gBACtB,IAAI,CAAC;oBACH,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAsB,CAAC,CAAC;gBAChE,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;oBACjE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBAED,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC1C,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;gBACJ,CAAC;gBAED,IAAI,YAAkC,CAAC;gBACvC,IAAI,CAAC;oBACH,YAAY,GAAG,MAAM,mBAAmB,CAAC;wBACvC,SAAS;wBACT,YAAY;wBACZ,WAAW,EAAE,YAAY;wBACzB,KAAK;qBACN,CAAC,CAAC;oBACH,IAAI,YAAY,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;wBACzC,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,IAAI,CACV,8FAA8F,SAAS,KAAK,EAC5G,CAAC,CACF,CAAC;oBACF,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;wBAChD,MAAM,CAAC,CAAC;oBACV,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,cAAc,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAC;gBAE1D,IAAI,CAAC;oBACH,OAAO,CAAC,MAAM,qBAAqB,CAAC;wBAClC,GAAG,EAAE,IAAI,CAAC,KAAK;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,YAAY;wBAC3B,cAAc;wBACd,gBAAgB;wBAChB,SAAS;wBACT,GAAG,EAAE,WAAW;qBACjB,CAAC,CAA4B,CAAC;gBACjC,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;SACF,EACD,KAAK,CACN,CAAqB,CAAC;QACvB,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;QAC7D,CAAC;QAED,IACE,OAAO,CAAC,IAAI,CAAC,KAAK,CAChB,CAAC,MAAM,EAAE,EAAE,CACT,OAAO,MAAM,KAAK,QAAQ;YAC1B,oBAAoB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,OAAO,CACjD,EACD,CAAC;YACD,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;QACpC,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,SAAS,CACjB,oEAAoE,CACrE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAa,0BAA0B,CAAC,OAAO,CAAC,CAAC;QAE3D,OAAO;YACL,IAAI;YACJ,kBAAkB,EAChB,kBAAsD;YACxD,WAAW,EAAE,OAAO;SACrB,CAAC;IACJ,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CACV,yDAAyD,CAAC,CAAC,SAAS,oCAAoC,EACxG,CAAC,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CACV,gFAAgF,EAChF,CAAC,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,IAAI;QACV,kBAAkB,EAAE,IAAI;QACxB,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED,eAAe,wBAAwB,CAAC"}
1
+ {"version":3,"file":"decode-jwts-with-key-manager.js","sourceRoot":"","sources":["../src/decode-jwts-with-key-manager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EACL,UAAU,EAGV,cAAc,GACf,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAEL,8BAA8B,EAC9B,mBAAmB,GAEpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EACL,SAAS,IAAI,qBAAqB,EAClC,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,mBAAmB,CAAC;AAC3B,OAAO,WAAW,MAAM,iBAAiB,CAAC;AAU1C,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,YAA4B,EAC5B,aAAqD,EACrD,eAAuB,0BAA0B,EAAE,EACnD,cAA0C,iBAAiB,EAAE,EAC7D,QAAiB,KAAK;IAEtB,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,GAAG,CACT,2EAA2E,EAC3E,aAAa,CACd,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;QACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,SAAS,CACjB,iFAAiF,CAClF,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,GAAoB,IAAI,CAAC;IACzC,IAAI,CAAC;QACH,MAAM,IAAI,GAAa,MAAM,UAAU,CACrC;YACE,aAAa;YACb,YAAY;YACZ,SAAS,EAAE,KAAK,EAAE,IAAI,EAAqB,EAAE;gBAC3C,IAAI,KAAK,EAAE,CAAC;oBACV,IAAI,YAAY,GAAW,mDAAmD,IAAI,CAAC,IAAI,uBAAuB,IAAI,CAAC,YAAY,GAAG,CAAC;oBACnI,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;wBACpB,YAAY,IAAI,cAAc,IAAI,CAAC,UAAU,IAAI,CAAC;oBACpD,CAAC;oBACD,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gBAC5B,CAAC;gBAED,IAAI,SAAiB,CAAC;gBACtB,IAAI,CAAC;oBACH,SAAS,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAsB,CAAC,CAAC;gBAChE,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,8CAA8C,EAAE,CAAC,CAAC,CAAC;oBACjE,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBAED,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC1C,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;gBACJ,CAAC;gBAED,IAAI,YAAkC,CAAC;gBACvC,IAAI,CAAC;oBACH,YAAY,GAAG,MAAM,mBAAmB,CAAC;wBACvC,SAAS;wBACT,YAAY;wBACZ,WAAW,EAAE,YAAY;wBACzB,KAAK;qBACN,CAAC,CAAC;oBACH,IAAI,YAAY,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;wBACzC,MAAM,IAAI,KAAK,CACb,kEAAkE,CACnE,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,IAAI,CACV,8FAA8F,SAAS,KAAK,EAC5G,CAAC,CACF,CAAC;oBACF,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;wBAChD,MAAM,CAAC,CAAC;oBACV,CAAC;oBACD,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,cAAc,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAC;gBAE1D,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,MAAM,qBAAqB,CAAC;wBAC7C,GAAG,EAAE,IAAI,CAAC,KAAK;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,IAAI,CAAC,YAAY;wBAC3B,cAAc;wBACd,gBAAgB;wBAChB,SAAS;wBACT,GAAG,EAAE,WAAW;qBACjB,CAAC,CAAC;oBACH,OAAO,0BAA0B,CAAC,UAAU,CAAC,CAAC;gBAChD,CAAC;gBAAC,OAAO,CAAU,EAAE,CAAC;oBACpB,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,CAAC,CAAC,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;SACF,EACD,KAAK,CACN,CAAC;QAEF,YAAY,GAAG,IAAI,CAAC;IACtB,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,IAAI,CAAC,YAAY,8BAA8B,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CACV,yDAAyD,CAAC,CAAC,SAAS,oCAAoC,EACxG,CAAC,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CACV,gFAAgF,EAChF,CAAC,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QACtE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,CACV,wDAAwD,EACxD,WAAW,CAAC,KAAK,CAClB,CAAC;YAEF,OAAO;gBACL,IAAI,EAAE,IAAI;aACX,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;QAExC,OAAO;YACL,IAAI;SACL,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,IAAI;KACX,CAAC;AACJ,CAAC;AAED,eAAe,wBAAwB,CAAC"}
package/dist/index.d.ts CHANGED
@@ -26,6 +26,7 @@ export { getAppEnvironment } from "./get-app-environment";
26
26
  export type { SchemaVaultsAppEnvironment } from "./get-app-environment";
27
27
  export { decodeJWTsWithKeyManager } from "./decode-jwts-with-key-manager";
28
28
  export type { IDecodeJWTsWithKeyManagerOutput } from "./decode-jwts-with-key-manager";
29
+ export { isUserInOrganization } from "./isUserInOrganization";
29
30
  export { userDataSchema } from "@schemavaults/auth-common";
30
31
  export type { UserData } from "@schemavaults/auth-common";
31
32
  export { organizationIdSchema, organizationDefinitionSchema, isValidOrganizationID, SCHEMAVAULTS_ORGANIZATION_ID, } from "@schemavaults/auth-common";
package/dist/index.js CHANGED
@@ -19,6 +19,8 @@ export { redirectToLogin } from "./redirect-to-login";
19
19
  export { getAppEnvironment } from "./get-app-environment";
20
20
  // Decode helper
21
21
  export { decodeJWTsWithKeyManager } from "./decode-jwts-with-key-manager";
22
+ // Check user organization membership from auth server (for resource servers)
23
+ export { isUserInOrganization } from "./isUserInOrganization";
22
24
  // Re-export user data types
23
25
  export { userDataSchema } from "@schemavaults/auth-common";
24
26
  // Re-export organization types
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAG7B,cAAc,gBAAgB,CAAC;AAG/B,cAAc,iBAAiB,CAAC;AAGhC,cAAc,yBAAyB,CAAC;AAGxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,OAAO,EACL,qBAAqB,EACrB,cAAc,GACf,MAAM,qCAAqC,CAAC;AAG7C,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AAEpC,iBAAiB;AACjB,OAAO,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAE9E,OAAO,EACL,iBAAiB,EACjB,0BAA0B,GAC3B,MAAM,+BAA+B,CAAC;AAEvC,yBAAyB;AACzB,OAAO,EAAE,kCAAkC,EAAE,MAAM,0CAA0C,CAAC;AAE9F,OAAO,EACL,WAAW,EACX,oBAAoB,GACrB,MAAM,+BAA+B,CAAC;AAEvC,eAAe;AACf,OAAO,EACL,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,gBAAgB;AAChB,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAG1E,4BAA4B;AAC5B,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAG3D,+BAA+B;AAC/B,OAAO,EACL,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAkBnC,8BAA8B;AAC9B,OAAO,EACL,eAAe,EACf,8BAA8B,EAC9B,qBAAqB,EACrB,2BAA2B,EAC3B,gBAAgB,GACjB,MAAM,+BAA+B,CAAC"}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAG7B,cAAc,gBAAgB,CAAC;AAG/B,cAAc,iBAAiB,CAAC;AAGhC,cAAc,yBAAyB,CAAC;AAGxC,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,OAAO,EACL,qBAAqB,EACrB,cAAc,GACf,MAAM,qCAAqC,CAAC;AAG7C,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,wBAAwB,EAAE,CAAC;AAEpC,iBAAiB;AACjB,OAAO,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAE9E,OAAO,EACL,iBAAiB,EACjB,0BAA0B,GAC3B,MAAM,+BAA+B,CAAC;AAEvC,yBAAyB;AACzB,OAAO,EAAE,kCAAkC,EAAE,MAAM,0CAA0C,CAAC;AAE9F,OAAO,EACL,WAAW,EACX,oBAAoB,GACrB,MAAM,+BAA+B,CAAC;AAEvC,eAAe;AACf,OAAO,EACL,sBAAsB,EACtB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,IAAI,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAEnE,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAG1D,gBAAgB;AAChB,OAAO,EAAE,wBAAwB,EAAE,MAAM,gCAAgC,CAAC;AAG1E,6EAA6E;AAC7E,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAE9D,4BAA4B;AAC5B,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAG3D,+BAA+B;AAC/B,OAAO,EACL,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AAkBnC,8BAA8B;AAC9B,OAAO,EACL,eAAe,EACf,8BAA8B,EAC9B,qBAAqB,EACrB,2BAA2B,EAC3B,gBAAgB,GACjB,MAAM,+BAA+B,CAAC"}
package/dist/isUserInOrganization.d.ts ADDED
@@ -0,0 +1,18 @@
1
+ import { type ApiServerId } from "@schemavaults/app-definitions";
2
+ import { type OrganizationID, type OrganizationMembershipRoleType } from "@schemavaults/auth-common/organizations";
3
+ /**
4
+ * Check if a user is a member of an organization by querying the auth server.
5
+ *
6
+ * This function is intended for use by resource servers that need to verify
7
+ * organization membership. It authenticates to the auth server using a
8
+ * JWKS access key token (the same mechanism used for JWKS retrieval).
9
+ *
10
+ * @param auth_server_url - The base URL of the auth server
11
+ * @param api_server_id - The API server ID of the calling resource server
12
+ * @param jwks_access_private_key - The JWKS access private key for signing assertions
13
+ * @param uid - The user ID to check membership for
14
+ * @param organization_id - The organization to check membership in
15
+ * @returns false if not a member, or the role name string (e.g. "owner", "member") if they are
16
+ */
17
+ export declare function isUserInOrganization(auth_server_url: string, api_server_id: ApiServerId, jwks_access_private_key: CryptoKey, uid: string, organization_id: OrganizationID): Promise<OrganizationMembershipRoleType | false>;
18
+ export default isUserInOrganization;
package/dist/isUserInOrganization.js ADDED
@@ -0,0 +1,61 @@
1
+ import { createJwksAccessProofToken } from "@schemavaults/jwt";
2
+ import { apiServerIdSchema, } from "@schemavaults/app-definitions";
3
+ import { isValidOrganizationMembershipRoleType, organizationIdSchema, } from "@schemavaults/auth-common/organizations";
4
+ /**
5
+ * Check if a user is a member of an organization by querying the auth server.
6
+ *
7
+ * This function is intended for use by resource servers that need to verify
8
+ * organization membership. It authenticates to the auth server using a
9
+ * JWKS access key token (the same mechanism used for JWKS retrieval).
10
+ *
11
+ * @param auth_server_url - The base URL of the auth server
12
+ * @param api_server_id - The API server ID of the calling resource server
13
+ * @param jwks_access_private_key - The JWKS access private key for signing assertions
14
+ * @param uid - The user ID to check membership for
15
+ * @param organization_id - The organization to check membership in
16
+ * @returns false if not a member, or the role name string (e.g. "owner", "member") if they are
17
+ */
18
+ export async function isUserInOrganization(auth_server_url, api_server_id, jwks_access_private_key, uid, organization_id) {
19
+ if (!apiServerIdSchema.safeParse(api_server_id).success) {
20
+ throw new TypeError("Invalid API server ID!");
21
+ }
22
+ if (!organizationIdSchema.safeParse(organization_id).success) {
23
+ throw new TypeError("Invalid organization ID!");
24
+ }
25
+ if (!uid || typeof uid !== "string") {
26
+ throw new TypeError("Invalid user ID!");
27
+ }
28
+ const assertion = await createJwksAccessProofToken({
29
+ api_server_id,
30
+ private_key: jwks_access_private_key,
31
+ });
32
+ const url = `${auth_server_url}/api/resource-server/organizations/${encodeURIComponent(organization_id)}/members/${encodeURIComponent(uid)}/role`;
33
+ const response = await fetch(url, {
34
+ method: "GET",
35
+ headers: new Headers({
36
+ Authorization: `Bearer ${assertion}`,
37
+ "X-Api-Server-Id": api_server_id,
38
+ }),
39
+ });
40
+ if (!response.ok) {
41
+ throw new Error(`Failed to check organization membership from auth server (status: ${response.status})`);
42
+ }
43
+ const body = await response.json();
44
+ if (typeof body !== "object" ||
45
+ !body ||
46
+ !("success" in body) ||
47
+ !body.success ||
48
+ !("data" in body) ||
49
+ typeof body.data !== "object" ||
50
+ !body.data) {
51
+ throw new Error("Received unexpected response when checking organization membership");
52
+ }
53
+ const data = body.data;
54
+ if (typeof data.role === "string" &&
55
+ isValidOrganizationMembershipRoleType(data.role)) {
56
+ return data.role;
57
+ }
58
+ return false;
59
+ }
60
+ export default isUserInOrganization;
61
+ //# sourceMappingURL=isUserInOrganization.js.map
package/dist/isUserInOrganization.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"isUserInOrganization.js","sourceRoot":"","sources":["../src/isUserInOrganization.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAC/D,OAAO,EAEL,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,qCAAqC,EACrC,oBAAoB,GAGrB,MAAM,yCAAyC,CAAC;AAEjD;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,eAAuB,EACvB,aAA0B,EAC1B,uBAAkC,EAClC,GAAW,EACX,eAA+B;IAE/B,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC;QACxD,MAAM,IAAI,SAAS,CAAC,wBAAwB,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7D,MAAM,IAAI,SAAS,CAAC,0BAA0B,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,SAAS,CAAC,kBAAkB,CAAC,CAAC;IAC1C,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,0BAA0B,CAAC;QACjD,aAAa;QACb,WAAW,EAAE,uBAAuB;KACrC,CAAC,CAAC;IAEH,MAAM,GAAG,GAAG,GAAG,eAAe,sCAAsC,kBAAkB,CAAC,eAAe,CAAC,YAAY,kBAAkB,CAAC,GAAG,CAAC,OAAO,CAAC;IAElJ,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,IAAI,OAAO,CAAC;YACnB,aAAa,EAAE,UAAU,SAAS,EAAE;YACpC,iBAAiB,EAAE,aAAa;SACjC,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CACb,qEAAqE,QAAQ,CAAC,MAAM,GAAG,CACxF,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAY,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC5C,IACE,OAAO,IAAI,KAAK,QAAQ;QACxB,CAAC,IAAI;QACL,CAAC,CAAC,SAAS,IAAI,IAAI,CAAC;QACpB,CAAC,IAAI,CAAC,OAAO;QACb,CAAC,CAAC,MAAM,IAAI,IAAI,CAAC;QACjB,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;QAC7B,CAAC,IAAI,CAAC,IAAI,EACV,CAAC;QACD,MAAM,IAAI,KAAK,CACb,oEAAoE,CACrE,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAA+B,CAAC;IAClD,IACE,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ;QAC7B,qCAAqC,CAAC,IAAI,CAAC,IAAI,CAAC,EAChD,CAAC;QACD,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,eAAe,oBAAoB,CAAC"}
package/dist/route_guards/IRouteGuard.d.ts CHANGED
@@ -1,6 +1,5 @@
1
- import type { OrganizationID, UserData } from "@schemavaults/auth-common";
1
+ import type { UserData } from "@schemavaults/auth-common";
2
2
  export interface IRouteGuard {
3
3
  isAccessAllowed: () => boolean;
4
4
  user: UserData | null;
5
- user_organizations: readonly OrganizationID[];
6
5
  }
package/dist/route_guards/base-route-guard.d.ts CHANGED
@@ -1,15 +1,13 @@
1
- import type { OrganizationID, UserData } from "@schemavaults/auth-common";
1
+ import type { UserData } from "@schemavaults/auth-common";
2
2
  import type { InitRouteGuardCheckOptions } from "./init_route_guard_check_options";
3
3
  import type { IRouteGuard } from "./IRouteGuard";
4
4
  export type { IRouteGuard } from "./IRouteGuard";
5
5
  export declare abstract class BaseRouteGuard implements IRouteGuard {
6
6
  protected readonly _user: UserData | null;
7
- protected readonly _orgs: readonly OrganizationID[];
8
7
  private readonly environment;
9
- constructor({ user, user_organizations, environment, }: InitRouteGuardCheckOptions);
8
+ constructor({ user, environment, }: InitRouteGuardCheckOptions);
10
9
  protected get isAuthenticated(): boolean;
11
10
  protected get isAdmin(): boolean;
12
11
  abstract isAccessAllowed(): boolean;
13
12
  get user(): UserData | null;
14
- get user_organizations(): readonly OrganizationID[];
15
13
  }
package/dist/route_guards/base-route-guard.js CHANGED
@@ -1,11 +1,9 @@
1
1
  // base-route-guard.ts
2
2
  export class BaseRouteGuard {
3
3
  _user;
4
- _orgs;
5
4
  environment;
6
- constructor({ user, user_organizations, environment, }) {
5
+ constructor({ user, environment, }) {
7
6
  this._user = user;
8
- this._orgs = user_organizations ?? [];
9
7
  this.environment = environment;
10
8
  }
11
9
  get isAuthenticated() {
@@ -23,8 +21,5 @@ export class BaseRouteGuard {
23
21
  get user() {
24
22
  return this._user;
25
23
  }
26
- get user_organizations() {
27
- return this._orgs;
28
- }
29
24
  }
30
25
  //# sourceMappingURL=base-route-guard.js.map
package/dist/route_guards/base-route-guard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"base-route-guard.js","sourceRoot":"","sources":["../../src/route_guards/base-route-guard.ts"],"names":[],"mappings":"AAAA,sBAAsB;AAQtB,MAAM,OAAgB,cAAc;IACf,KAAK,CAAkB;IACvB,KAAK,CAA4B;IACnC,WAAW,CAA6B;IAEzD,YAAmB,EACjB,IAAI,EACJ,kBAAkB,EAClB,WAAW,GACgB;QAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,KAAK,GAAG,kBAAkB,IAAI,EAAE,CAAC;QACtC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED,IAAc,eAAe;QAC3B,MAAM,SAAS,GAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QACxC,IAAI,IAAI,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAc,OAAO;QACnB,OAAO,CACL,IAAI,CAAC,eAAe;YACpB,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,KAAK,SAAS;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAID,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,IAAW,kBAAkB;QAC3B,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}
1
+ {"version":3,"file":"base-route-guard.js","sourceRoot":"","sources":["../../src/route_guards/base-route-guard.ts"],"names":[],"mappings":"AAAA,sBAAsB;AAQtB,MAAM,OAAgB,cAAc;IACf,KAAK,CAAkB;IACzB,WAAW,CAA6B;IAEzD,YAAmB,EACjB,IAAI,EACJ,WAAW,GACgB;QAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;IAED,IAAc,eAAe;QAC3B,MAAM,SAAS,GAAY,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC;QACxC,IAAI,IAAI,CAAC,WAAW,KAAK,YAAY,EAAE,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAc,OAAO;QACnB,OAAO,CACL,IAAI,CAAC,eAAe;YACpB,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,KAAK,SAAS;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CACjB,CAAC;IACJ,CAAC;IAID,IAAW,IAAI;QACb,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF"}
package/dist/route_guards/init_route_guard_check_options.d.ts CHANGED
@@ -1,9 +1,6 @@
1
1
  import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
2
- import type { OrganizationID, UserData } from "@schemavaults/auth-common";
3
- import type { CustomJWTPayload } from "@schemavaults/jwt";
2
+ import type { UserData } from "@schemavaults/auth-common";
4
3
  export interface InitRouteGuardCheckOptions {
5
4
  user: UserData | null;
6
- jwt_payload: CustomJWTPayload | null;
7
- user_organizations: readonly OrganizationID[] | null;
8
5
  environment: SchemaVaultsAppEnvironment;
9
6
  }
package/dist/route_guards/route-guard-factory.js CHANGED
@@ -75,15 +75,10 @@ export class RouteGuardFactory {
75
75
  if (!this.jwt_keys_manager) {
76
76
  throw new Error("Failed to resolve reference to JWT keys manager to operate this route guard!");
77
77
  }
78
- const { user, user_organizations, jwt_payload } = await decodeJWTsWithKeyManager(this.jwt_keys_manager, token_sources, jwt_audience, this.environment, this.debug);
79
- if (user && !Array.isArray(user_organizations)) {
80
- throw new TypeError("Expected 'user_organizations' to be an array if 'user' was truthy!");
81
- }
78
+ const { user } = await decodeJWTsWithKeyManager(this.jwt_keys_manager, token_sources, jwt_audience, this.environment, this.debug);
82
79
  const init_opts = {
83
80
  user,
84
81
  environment: getAppEnvironment(),
85
- user_organizations: user_organizations ?? [],
86
- jwt_payload,
87
82
  };
88
83
  if (this.debug) {
89
84
  console.log(`[RouteGuardFactory] Creating route guard with init options: `, init_opts);
package/dist/route_guards/route-guard-factory.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"route-guard-factory.js","sourceRoot":"","sources":["../../src/route_guards/route-guard-factory.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,OAAO,uBAAuB,MAAM,SAAS,CAAC;AAC9C,OAAO,gCAAgC,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,OAAO,EAEL,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAuB,MAAM,iBAAiB,CAAC;AAC3E,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,MAAM,gCAAgC,CAAC;AAStE,MAAM,WAAW,GAAG;IAClB,eAAe;IACf,OAAO;CAC6B,CAAC;AAGvC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAyB,EAAE;IAC5E,OACE,WACD,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,MAAM,MAAM,GAAG;IACb,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,gCAAgC,CAAC,IAAI,CAAC;IACnE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,uBAAuB,CAAC,IAAI,CAAC;CAInD,CAAC;AAEF,MAAM,OAAO,iBAAiB;IACX,gBAAgB,CAAiB;IACjC,WAAW,CAA6B;IACxC,KAAK,CAAU;IACf,cAAc,CAAU;IAEzC,YAAmB,EAAE,WAAW,EAAE,GAAG,IAAI,EAAgC;QACvE,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;QACjC,IACE,OAAO,IAAI,CAAC,cAAc,KAAK,SAAS;YACxC,OAAO,IAAI,CAAC,cAAc,KAAK,WAAW,EAC1C,CAAC;YACD,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,KAAK,CAAC;QAEnD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,+EAA+E,CAChF,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,IAAI,SAAS,CACjB,8EAA8E,CAC/E,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,mHAAmH,CACpH,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC;gBAC9C,eAAe,EAAE,4BAA4B,EAAE;gBAC/C,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAa;QAChD,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;IACtD,CAAC;IAEM,MAAM,CAAC,sBAAsB,CAClC,IAAoB,EACpB,IAAgC;QAEhC,IAAI,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,+CAA+C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxE,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,KAAK,GAAgB,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9C,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,sBAAsB,CAC3B,IAAoB,EACpB,IAAgC;QAEhC,OAAO,iBAAiB,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9D,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,IAAoB,EACpB,aAAqD,EACrD,YAAyB;QAEzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE,aAAa,CACd,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,GAC7C,MAAM,wBAAwB,CAC5B,IAAI,CAAC,gBAAgB,EACrB,aAAa,EACb,YAAY,EACZ,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,KAAK,CACX,CAAC;QAEJ,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,SAAS,CACjB,oEAAoE,CACrE,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAA+B;YAC5C,IAAI;YACJ,WAAW,EAAE,iBAAiB,EAAE;YAChC,kBAAkB,EAAE,kBAAkB,IAAI,EAAE;YAC5C,WAAW;SACZ,CAAC;QAEF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,8DAA8D,EAC9D,SAAS,CACV,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,SAAS,CAAuB,CAAC;IAC5E,CAAC;IAEM,KAAK,CAAC,yBAAyB,CACpC,IAAoB,EACpB,UAAyB,EACzB,YAAoB;QAEpB,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,YAAY,GAAG,SAAkB,CAAC;QACxC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE5D,OAAO,MAAM,IAAI,CAAC,2BAA2B,CAC3C,IAAI,EACJ;YACE;gBACE,UAAU,EAAE,0BAA0B;gBACtC,KAAK;gBACL,IAAI,EAAE,QAAQ;aACf;SACF,EACD,YAAY,CACb,CAAC;IACJ,CAAC;CACF;AAED,eAAe,iBAAiB,CAAC"}
1
+ {"version":3,"file":"route-guard-factory.js","sourceRoot":"","sources":["../../src/route_guards/route-guard-factory.ts"],"names":[],"mappings":"AAAA,yBAAyB;AAEzB,OAAO,uBAAuB,MAAM,SAAS,CAAC;AAC9C,OAAO,gCAAgC,MAAM,iBAAiB,CAAC;AAE/D,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAKxB,OAAO,EAEL,iBAAiB,EACjB,iBAAiB,GAElB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAuB,MAAM,iBAAiB,CAAC;AAC3E,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,MAAM,gCAAgC,CAAC;AAStE,MAAM,WAAW,GAAG;IAClB,eAAe;IACf,OAAO;CAC6B,CAAC;AAGvC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,CAAC,GAAG,EAAyB,EAAE;IAC5E,OACE,WACD,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC;AAEH,MAAM,MAAM,GAAG;IACb,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,gCAAgC,CAAC,IAAI,CAAC;IACnE,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,uBAAuB,CAAC,IAAI,CAAC;CAInD,CAAC;AAEF,MAAM,OAAO,iBAAiB;IACX,gBAAgB,CAAiB;IACjC,WAAW,CAA6B;IACxC,KAAK,CAAU;IACf,cAAc,CAAU;IAEzC,YAAmB,EAAE,WAAW,EAAE,GAAG,IAAI,EAAgC;QACvE,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;QACjC,IACE,OAAO,IAAI,CAAC,cAAc,KAAK,SAAS;YACxC,OAAO,IAAI,CAAC,cAAc,KAAK,WAAW,EAC1C,CAAC;YACD,MAAM,IAAI,SAAS,CAAC,oCAAoC,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,IAAI,KAAK,CAAC;QAEnD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,+EAA+E,CAChF,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,IAAI,SAAS,CACjB,8EAA8E,CAC/E,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,mHAAmH,CACpH,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,gBAAgB,GAAG,IAAI,mBAAmB,CAAC;gBAC9C,eAAe,EAAE,4BAA4B,EAAE;gBAC/C,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,qBAAqB,CAAC,IAAa;QAChD,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,oBAAoB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;IACtD,CAAC;IAEM,MAAM,CAAC,sBAAsB,CAClC,IAAoB,EACpB,IAAgC;QAEhC,IAAI,CAAC,iBAAiB,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,+CAA+C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxE,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,KAAK,GAAgB,YAAY,CAAC,IAAI,CAAC,CAAC;QAE9C,OAAO,KAAK,CAAC;IACf,CAAC;IAEM,sBAAsB,CAC3B,IAAoB,EACpB,IAAgC;QAEhC,OAAO,iBAAiB,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAC9D,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,IAAoB,EACpB,aAAqD,EACrD,YAAyB;QAEzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,mEAAmE,EACnE,aAAa,CACd,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,YAA6B,CAAC,CAAC,OAAO,EAAE,CAAC;YACxE,MAAM,IAAI,SAAS,CACjB,6CAA6C,YAAY,EAAE,CAC5D,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,8EAA8E,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,wBAAwB,CAC7C,IAAI,CAAC,gBAAgB,EACrB,aAAa,EACb,YAAY,EACZ,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,KAAK,CACX,CAAC;QAEF,MAAM,SAAS,GAA+B;YAC5C,IAAI;YACJ,WAAW,EAAE,iBAAiB,EAAE;SACjC,CAAC;QAEF,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,8DAA8D,EAC9D,SAAS,CACV,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,SAAS,CAAuB,CAAC;IAC5E,CAAC;IAEM,KAAK,CAAC,yBAAyB,CACpC,IAAoB,EACpB,UAAyB,EACzB,YAAoB;QAEpB,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,YAAY,GAAG,SAAkB,CAAC;QACxC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAE5D,OAAO,MAAM,IAAI,CAAC,2BAA2B,CAC3C,IAAI,EACJ;YACE;gBACE,UAAU,EAAE,0BAA0B;gBACtC,KAAK;gBACL,IAAI,EAAE,QAAQ;aACf;SACF,EACD,YAAY,CACb,CAAC;IACJ,CAAC;CACF;AAED,eAAe,iBAAiB,CAAC"}
package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.d.ts CHANGED
@@ -1,8 +1,7 @@
1
- import type { ApiServerId } from "@schemavaults/app-definitions";
2
1
  import { type TProtectedAuthenticatedApiRoute, type IBaseProtectedAuthenticatedApiRouteInputs } from "../../route_guards/withAuthenticatedRouteGuard";
3
2
  import type { NextRequest, NextResponse } from "next/server";
4
- import type { IJwtKeyManager } from "../../JwtKeyManager";
3
+ import { IWithAuthenticatedApiRouteGuardAdditionalOptions } from "../withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard";
5
4
  type TAdditionalRouteInputs<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs> = Omit<TRouteInputs, keyof IBaseProtectedAuthenticatedApiRouteInputs>;
6
- export declare function withAdminApiRouteGuard<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs>(api_route_handler: TProtectedAuthenticatedApiRoute<TRouteInputs>, additional_custom_api_route_inputs?: TAdditionalRouteInputs<TRouteInputs> | undefined, custom_is_authorized_check?: ((route_inputs: TRouteInputs) => Promise<boolean>) | undefined, jwt_keys_manager?: IJwtKeyManager, getApiServerId?: () => ApiServerId): (req: NextRequest) => Promise<NextResponse>;
5
+ export declare function withAdminApiRouteGuard<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs>(api_route_handler: TProtectedAuthenticatedApiRoute<TRouteInputs>, additional_custom_api_route_inputs?: TAdditionalRouteInputs<TRouteInputs> | undefined, opts?: IWithAuthenticatedApiRouteGuardAdditionalOptions): (req: NextRequest) => Promise<NextResponse>;
7
6
  export default withAdminApiRouteGuard;
8
7
  export type { TProtectedAuthenticatedApiRoute as TProtectedAdminApiRoute, IBaseProtectedAuthenticatedApiRouteInputs as IBaseProtectedAdminApiRouteInputs, } from "../../route_guards/withAuthenticatedRouteGuard";
package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.js CHANGED
@@ -1,7 +1,6 @@
1
- import { initDefaultJwtKeyManagerForAuthenticatedRouteGuard, withAuthenticatedApiRouteGuard, } from "../../route_guards/withAuthenticatedRouteGuard";
2
- import getSchemavaultsApiServerId from "../../get-schemavaults-api-server-id";
3
- export function withAdminApiRouteGuard(api_route_handler, additional_custom_api_route_inputs = undefined, custom_is_authorized_check = async (inputs) => inputs.user.admin === true, jwt_keys_manager = initDefaultJwtKeyManagerForAuthenticatedRouteGuard(), getApiServerId = getSchemavaultsApiServerId) {
4
- return withAuthenticatedApiRouteGuard(api_route_handler, additional_custom_api_route_inputs, "admin", custom_is_authorized_check, jwt_keys_manager, getApiServerId);
1
+ import { withAuthenticatedApiRouteGuard, } from "../../route_guards/withAuthenticatedRouteGuard";
2
+ export function withAdminApiRouteGuard(api_route_handler, additional_custom_api_route_inputs = undefined, opts) {
3
+ return withAuthenticatedApiRouteGuard(api_route_handler, additional_custom_api_route_inputs, { ...opts, route_guard_type: "admin" });
5
4
  }
6
5
  export default withAdminApiRouteGuard;
7
6
  //# sourceMappingURL=withAdminApiRouteGuard.js.map
package/dist/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"withAdminApiRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kDAAkD,EAElD,8BAA8B,GAE/B,MAAM,4CAA4C,CAAC;AAEpD,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAO1E,MAAM,UAAU,sBAAsB,CAGpC,iBAAgE,EAChE,qCAEgB,SAAS,EACzB,6BAEgB,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,IAAI,EAC5D,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,OAAO,8BAA8B,CACnC,iBAAiB,EACjB,kCAAkC,EAClC,OAAO,EACP,0BAA0B,EAC1B,gBAAgB,EAChB,cAAc,CACf,CAAC;AACJ,CAAC;AAED,eAAe,sBAAsB,CAAC"}
1
+ {"version":3,"file":"withAdminApiRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAdminRouteGuard/withAdminApiRouteGuard.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,8BAA8B,GAE/B,MAAM,4CAA4C,CAAC;AAUpD,MAAM,UAAU,sBAAsB,CAIpC,iBAAgE,EAChE,qCAEgB,SAAS,EACzB,IAAuD;IAEvD,OAAO,8BAA8B,CACnC,iBAAiB,EACjB,kCAAkC,EAClC,EAAE,GAAG,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,CACvC,CAAC;AACJ,CAAC;AAED,eAAe,sBAAsB,CAAC"}
package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.d.ts CHANGED
@@ -1,7 +1,6 @@
1
- import { type ApiServerId } from "@schemavaults/app-definitions";
2
1
  import { type IBaseProtectedAuthenticatedServerComponentPageProps, type TProtectedAuthenticatedPageServerComponent } from "../../route_guards/withAuthenticatedRouteGuard";
3
2
  import type { ReactElement } from "react";
4
- import type { IJwtKeyManager } from "../../JwtKeyManager";
3
+ import type { IWithAuthenticatedServerComponentRouteGuardAdditionalOptions } from "../../route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard";
5
4
  type TAdditionalProps<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps> = Omit<TProps, keyof IBaseProtectedAuthenticatedServerComponentPageProps>;
6
- export declare function withAdminServerComponentRouteGuard<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps>(server_component: TProtectedAuthenticatedPageServerComponent<TProps>, additional_custom_server_component_props?: TAdditionalProps<TProps> | undefined, custom_is_authorized_check?: ((props: TProps) => Promise<boolean>) | undefined, jwt_keys_manager?: IJwtKeyManager, getApiServerId?: () => ApiServerId): Promise<ReactElement>;
5
+ export declare function withAdminServerComponentRouteGuard<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps>(server_component: TProtectedAuthenticatedPageServerComponent<TProps>, additional_custom_server_component_props?: TAdditionalProps<TProps> | undefined, opts?: IWithAuthenticatedServerComponentRouteGuardAdditionalOptions): Promise<ReactElement>;
7
6
  export type { TProtectedAuthenticatedPageServerComponent as TProtectedAdminPageServerComponent, IBaseProtectedAuthenticatedServerComponentPageProps as IBaseProtectedAdminServerComponentPageProps, } from "../../route_guards/withAuthenticatedRouteGuard";
package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.js CHANGED
@@ -1,6 +1,9 @@
1
- import { initDefaultJwtKeyManagerForAuthenticatedRouteGuard, withAuthenticatedServerComponentRouteGuard, } from "../../route_guards/withAuthenticatedRouteGuard";
2
- import getSchemavaultsApiServerId from "../../get-schemavaults-api-server-id";
3
- export async function withAdminServerComponentRouteGuard(server_component, additional_custom_server_component_props = undefined, custom_is_authorized_check = async (props) => props.user.admin === true, jwt_keys_manager = initDefaultJwtKeyManagerForAuthenticatedRouteGuard(), getApiServerId = getSchemavaultsApiServerId) {
4
- return await withAuthenticatedServerComponentRouteGuard(server_component, additional_custom_server_component_props, "admin", custom_is_authorized_check, jwt_keys_manager, getApiServerId);
1
+ import { withAuthenticatedServerComponentRouteGuard, } from "../../route_guards/withAuthenticatedRouteGuard";
2
+ export async function withAdminServerComponentRouteGuard(server_component, additional_custom_server_component_props = undefined, opts) {
3
+ return await withAuthenticatedServerComponentRouteGuard(server_component, additional_custom_server_component_props, {
4
+ ...opts,
5
+ route_guard_type: "admin",
6
+ custom_is_authorized_check: async (t) => (t.user.admin ? true : false),
7
+ });
5
8
  }
6
9
  //# sourceMappingURL=withAdminServerComponentRouteGuard.js.map
package/dist/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"withAdminServerComponentRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.ts"],"names":[],"mappings":"AACA,OAAO,EACL,kDAAkD,EAClD,0CAA0C,GAG3C,MAAM,4CAA4C,CAAC;AAEpD,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAO1E,MAAM,CAAC,KAAK,UAAU,kCAAkC,CAGtD,gBAAoE,EACpE,2CAEgB,SAAS,EACzB,6BAEgB,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,IAAI,EAC1D,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,OAAO,MAAM,0CAA0C,CACrD,gBAAgB,EAChB,wCAAwC,EACxC,OAAO,EACP,0BAA0B,EAC1B,gBAAgB,EAChB,cAAc,CACf,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"withAdminServerComponentRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAdminRouteGuard/withAdminServerComponentRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0CAA0C,GAG3C,MAAM,4CAA4C,CAAC;AASpD,MAAM,CAAC,KAAK,UAAU,kCAAkC,CAItD,gBAAoE,EACpE,2CAEgB,SAAS,EACzB,IAAmE;IAEnE,OAAO,MAAM,0CAA0C,CACrD,gBAAgB,EAChB,wCAAwC,EACxC;QACE,GAAG,IAAI;QACP,gBAAgB,EAAE,OAAO;QACzB,0BAA0B,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;KACvE,CACF,CAAC;AACJ,CAAC"}
package/dist/route_guards/withAuthenticatedRouteGuard/IBaseProtectedAuthenticatedServerComponentPageProps.d.ts CHANGED
@@ -1,7 +1,6 @@
1
1
  import type { SchemaVaultsAppEnvironment } from "@schemavaults/app-definitions";
2
- import type { OrganizationID, UserData } from "@schemavaults/auth-common";
2
+ import type { UserData } from "@schemavaults/auth-common";
3
3
  export interface IBaseProtectedAuthenticatedServerComponentPageProps {
4
4
  user: UserData;
5
- user_organizations: readonly OrganizationID[];
6
5
  environment: SchemaVaultsAppEnvironment;
7
6
  }
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.d.ts CHANGED
@@ -1,8 +1,16 @@
1
1
  import { type ApiServerId } from "@schemavaults/app-definitions";
2
+ import type { OrganizationID } from "@schemavaults/auth-common/organizations";
2
3
  import type { NextRequest, NextResponse } from "next/server";
3
4
  import type { IJwtKeyManager } from "../../JwtKeyManager";
4
5
  import type { IBaseProtectedAuthenticatedApiRouteInputs } from "./IBaseProtectedAuthenticatedApiRouteInputs";
5
6
  export type TProtectedAuthenticatedApiRoute<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs> = (route_inputs: TRouteInputs) => Promise<NextResponse>;
6
7
  type TAdditionalRouteInputs<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs> = Omit<TRouteInputs, keyof IBaseProtectedAuthenticatedApiRouteInputs>;
7
- export declare function withAuthenticatedApiRouteGuard<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs>(api_route_handler: TProtectedAuthenticatedApiRoute<TRouteInputs>, additional_custom_api_route_inputs?: TAdditionalRouteInputs<TRouteInputs> | undefined, route_guard_type?: "authenticated" | "admin", custom_is_authorized_check?: ((route_inputs: TRouteInputs) => Promise<boolean>) | undefined, jwt_keys_manager?: IJwtKeyManager, getApiServerId?: () => ApiServerId): (req: NextRequest) => Promise<NextResponse>;
8
+ export interface IWithAuthenticatedApiRouteGuardAdditionalOptions<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs> {
9
+ route_guard_type?: "authenticated" | "admin";
10
+ jwt_keys_manager?: IJwtKeyManager;
11
+ api_server_id?: ApiServerId;
12
+ custom_is_authorized_check?: (props: TRouteInputs) => Promise<boolean>;
13
+ required_organization?: OrganizationID;
14
+ }
15
+ export declare function withAuthenticatedApiRouteGuard<TRouteInputs extends IBaseProtectedAuthenticatedApiRouteInputs = IBaseProtectedAuthenticatedApiRouteInputs>(api_route_handler: TProtectedAuthenticatedApiRoute<TRouteInputs>, additional_custom_api_route_inputs?: TAdditionalRouteInputs<TRouteInputs> | undefined, opts?: IWithAuthenticatedApiRouteGuardAdditionalOptions): (req: NextRequest) => Promise<NextResponse>;
8
16
  export default withAuthenticatedApiRouteGuard;
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.js CHANGED
@@ -1,5 +1,8 @@
1
1
  import { SCHEMAVAULTS_AUTH_APP_ID, getAppEnvironment, } from "@schemavaults/app-definitions";
2
2
  import { accessTokenDataSchema, } from "@schemavaults/auth-common";
3
+ import isUserInOrganization from "../../isUserInOrganization";
4
+ import getSchemaVaultsAuthServerUri from "../../get-schemavaults-auth-server-uri";
5
+ import loadJwksAccessPrivateKey from "../../env/loadJwksAccessPrivateKey/loadJwksAccessPrivateKey";
3
6
  import RouteGuardFactory from "../../route_guards/route-guard-factory";
4
7
  import getStringByteSize from "../../getStringByteSize";
5
8
  import MaximumBrowserCookieSize from "../../MaximumBrowserCookieSize";
@@ -18,14 +21,14 @@ async function loadCreateJsonResponseFn() {
18
21
  }
19
22
  return json_response_fn;
20
23
  }
21
- export function withAuthenticatedApiRouteGuard(api_route_handler, additional_custom_api_route_inputs = undefined, route_guard_type = "authenticated", custom_is_authorized_check = undefined, jwt_keys_manager = initDefaultJwtKeyManagerForAuthenticatedRouteGuard(), getApiServerId = getSchemavaultsApiServerId) {
24
+ export function withAuthenticatedApiRouteGuard(api_route_handler, additional_custom_api_route_inputs = undefined, opts) {
25
+ const route_guard_type = opts?.route_guard_type ?? "authenticated";
22
26
  assertValidRouteGuardType(route_guard_type);
23
27
  const AuthenticatedApiRoute = api_route_handler;
24
28
  return async function ProtectedAuthenticatedApiRoute(req) {
25
29
  const environment = getAppEnvironment();
26
- let api_server_id;
30
+ const api_server_id = opts?.api_server_id ?? getSchemavaultsApiServerId();
27
31
  try {
28
- api_server_id = getApiServerId();
29
32
  if (typeof api_server_id !== "string") {
30
33
  throw new TypeError("Expected result of 'getApiServerId' to be a string!");
31
34
  }
@@ -41,6 +44,8 @@ export function withAuthenticatedApiRouteGuard(api_route_handler, additional_cus
41
44
  status: 500,
42
45
  });
43
46
  }
47
+ const jwt_keys_manager = opts?.jwt_keys_manager ??
48
+ initDefaultJwtKeyManagerForAuthenticatedRouteGuard();
44
49
  if (!jwt_keys_manager.isConfigured()) {
45
50
  console.error("[withAuthenticatedApiRouteGuard] JWT Keys Manager does not appear to be properly configured!");
46
51
  const json = await loadCreateJsonResponseFn();
@@ -148,13 +153,6 @@ export function withAuthenticatedApiRouteGuard(api_route_handler, additional_cus
148
153
  }, { status: 401 });
149
154
  }
150
155
  const user = route_guard.user;
151
- if (!Array.isArray(route_guard.user_organizations)) {
152
- return json({
153
- success: false,
154
- error: true,
155
- message: "Authentication failed, failed to load associated user organizations",
156
- }, { status: 401 });
157
- }
158
156
  if (!route_guard.isAccessAllowed() || !route_guard.user) {
159
157
  return json({
160
158
  success: false,
@@ -162,12 +160,32 @@ export function withAuthenticatedApiRouteGuard(api_route_handler, additional_cus
162
160
  message: "Access is not allowed",
163
161
  }, { status: 403 });
164
162
  }
165
- const user_organizations = route_guard.user_organizations;
163
+ if (opts?.required_organization) {
164
+ try {
165
+ const auth_server_url = getSchemaVaultsAuthServerUri();
166
+ const jwks_access_private_key = await loadJwksAccessPrivateKey();
167
+ const org_role = await isUserInOrganization(auth_server_url, api_server_id, jwks_access_private_key, user.uid, opts.required_organization);
168
+ if (org_role === false) {
169
+ return json({
170
+ success: false,
171
+ error: true,
172
+ message: "User is not a member of the required organization",
173
+ }, { status: 403 });
174
+ }
175
+ }
176
+ catch (e) {
177
+ console.error("[withAuthenticatedApiRouteGuard] Organization membership check failed: ", e);
178
+ return json({
179
+ success: false,
180
+ error: true,
181
+ message: "Error while checking organization membership",
182
+ }, { status: 500 });
183
+ }
184
+ }
166
185
  const base_api_route_inputs = {
167
186
  req,
168
187
  user,
169
188
  environment,
170
- user_organizations,
171
189
  };
172
190
  const final_route_inputs = typeof additional_custom_api_route_inputs === "object" &&
173
191
  additional_custom_api_route_inputs
@@ -176,6 +194,7 @@ export function withAuthenticatedApiRouteGuard(api_route_handler, additional_cus
176
194
  ...additional_custom_api_route_inputs,
177
195
  }
178
196
  : base_api_route_inputs;
197
+ const custom_is_authorized_check = opts?.custom_is_authorized_check;
179
198
  if (typeof custom_is_authorized_check === "function") {
180
199
  let is_authorized = false;
181
200
  try {
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"withAuthenticatedApiRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAEL,qBAAqB,GAItB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,iBAAiB,MAAM,oCAAoC,CAAC;AAEnE,OAAO,iBAAiB,MAAM,qBAAqB,CAAC;AACpD,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAE1E,OAAO,yBAAyB,MAAM,0CAA0C,CAAC;AAEjF,OAAO,kDAAkD,MAAM,sDAAsD,CAAC;AActH,KAAK,UAAU,wBAAwB;IACrC,MAAM,WAAW,GAAkC,MAAM,CAAC,aAAa,CAAC;SACrE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC;SAC/B,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC3B,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC;IAC3C,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CAAC,mCAAmC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,8BAA8B,CAI5C,iBAAgE,EAChE,qCAEgB,SAAS,EACzB,mBAA8C,eAAe,EAC7D,6BAEgB,SAAS,EACzB,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,qBAAqB,GACzB,iBAAiB,CAAC;IACpB,OAAO,KAAK,UAAU,8BAA8B,CAClD,GAAgB;QAEhB,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;QAEpE,IAAI,aAA0B,CAAC;QAC/B,IAAI,CAAC;YACH,aAAa,GAAG,cAAc,EAAE,CAAC;YACjC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,4DAA4D,EAC5D,CAAC,CACF,CAAC;YACF,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;YACpE,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD;gBACE,MAAM,EAAE,GAAG;aACZ,CACF,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,EAAE,CAAC;YACrC,OAAO,CAAC,KAAK,CACX,8FAA8F,CAC/F,CAAC;YACF,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;YACpE,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD;gBACE,MAAM,EAAE,GAAG;aACZ,CACF,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAkC,EAAE,CAAC;QAExD,4CAA4C;QAC5C,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;YAC/C,MAAM,oBAAoB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAC1C,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;YACF,IACE,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ;gBAC/C,oBAAoB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACtC,iBAAiB,CAAC,oBAAoB,CAAC,KAAK,CAAC;oBAC3C,wBAAwB,EAC1B,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,2BAA2B;oBACvC,IAAI,EAAE,SAAS;oBACf,KAAK,EAAE,oBAAoB,CAAC,KAAsB;iBACnD,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,IAAI,CACV,yEAAyE,CAC1E,CAAC;YACJ,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,gHAAgH;QAChH,MAAM,CAAC,KAAK,UAAU,wCAAwC;YAC5D,MAAM,wBAAwB,GAC5B,qBAAqB,CAAC,aAAa,CAAC,CAAC;YACvC,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;YACtE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;gBAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACrC,iBAAiB,CAAC,mBAAmB,CAAC,KAAK,CAAC,IAAI,wBAAwB,EACxE,CAAC;gBACD,IAAI,UAAU,GAAkB,IAAI,CAAC;gBACrC,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,cAAc,CACvD,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CACtC,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACpB,MAAM,MAAM,CAAC,KAAK,CAAC;oBACrB,CAAC;oBACD,MAAM,0BAA0B,GAAgB,MAAM,CAAC,IAAI,CAAC;oBAC5D,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,0BAA0B,CAAC,GAAG,EAAE,CAAC;wBAChD,UAAU,GAAG,0BAA0B,CAAC,KAAK,CAAC;oBAChD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,0BAA0B;oBAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACzC,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,aAAa,CAAC,IAAI,CAAC;wBACjB,UAAU,EAAE,6BAA6B,wBAAwB,GAAG;wBACpE,IAAI,EAAE,QAAQ;wBACd,KAAK,EAAE,UAAU;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,8CAA8C;QAC9C,CAAC,SAAS,4CAA4C;YACpD,IACE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;gBAChC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAChC,CAAC;gBACD,MAAM,WAAW,GACf,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;gBACvE,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;oBACpD,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,MAAM,wBAAwB,GAC5B,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC;oBAClE,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC;oBACrC,CAAC,CAAC,EAAE,CAAC;gBACT,IAAI,CAAC,wBAAwB,EAAE,CAAC;oBAC9B,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,+CAA+C;oBAC3D,IAAI,EAAE,QAAQ;oBACd,KAAK,EAAE,wBAAyC;iBACjD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;QAEpE,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;YAC9D,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,2DAA2D;aACrE,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAgB,MAAM,IAAI,iBAAiB,CAAC;YAC3D,WAAW;YACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;YAC1D,gBAAgB;SACjB,CAAC,CAAC,2BAA2B,CAC5B,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACtB,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,qCAAqC;aAC/C,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;QAExC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnD,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EACL,qEAAqE;aACxE,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACxD,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,MAAM,kBAAkB,GACtB,WAAW,CAAC,kBAAkB,CAAC;QAEjC,MAAM,qBAAqB,GAA8C;YACvE,GAAG;YACH,IAAI;YACJ,WAAW;YACX,kBAAkB;SACnB,CAAC;QAEF,MAAM,kBAAkB,GACtB,OAAO,kCAAkC,KAAK,QAAQ;YACtD,kCAAkC;YAChC,CAAC,CAAE;gBACC,GAAG,qBAAqB;gBACxB,GAAG,kCAAkC;aACV;YAC/B,CAAC,CAAE,qBAAiD,CAAC;QAEzD,IAAI,OAAO,0BAA0B,KAAK,UAAU,EAAE,CAAC;YACrD,IAAI,aAAa,GAAY,KAAK,CAAC;YACnC,IAAI,CAAC;gBACH,aAAa,GAAG,MAAM,0BAA0B,CAAC,kBAAkB,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;gBACpE,OAAO,IAAI,CACT;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,2CAA2C;iBACrD,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,IAAI,CACT;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,uBAAuB;iBACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,CAAC,MAAM,qBAAqB,CACjC,kBAAkB,CACnB,CAAwB,CAAC;IAC5B,CAAC,CAAC;AACJ,CAAC;AAED,eAAe,8BAA8B,CAAC"}
1
+ {"version":3,"file":"withAuthenticatedApiRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAuthenticatedRouteGuard/withAuthenticatedApiRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAEL,qBAAqB,GAGtB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,oBAAoB,MAAM,wBAAwB,CAAC;AAC1D,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,MAAM,yDAAyD,CAAC;AAE/F,OAAO,iBAAiB,MAAM,oCAAoC,CAAC;AAEnE,OAAO,iBAAiB,MAAM,qBAAqB,CAAC;AACpD,OAAO,wBAAwB,MAAM,4BAA4B,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAE1E,OAAO,yBAAyB,MAAM,0CAA0C,CAAC;AAEjF,OAAO,kDAAkD,MAAM,sDAAsD,CAAC;AActH,KAAK,UAAU,wBAAwB;IACrC,MAAM,WAAW,GAAkC,MAAM,CAAC,aAAa,CAAC;SACrE,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC;SAC/B,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC3B,MAAM,gBAAgB,GAAG,MAAM,WAAW,CAAC;IAC3C,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CAAC,mCAAmC,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAaD,MAAM,UAAU,8BAA8B,CAI5C,iBAAgE,EAChE,qCAEgB,SAAS,EACzB,IAAuD;IAEvD,MAAM,gBAAgB,GACpB,IAAI,EAAE,gBAAgB,IAAI,eAAe,CAAC;IAC5C,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,qBAAqB,GACzB,iBAAiB,CAAC;IACpB,OAAO,KAAK,UAAU,8BAA8B,CAClD,GAAgB;QAEhB,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;QAEpE,MAAM,aAAa,GACjB,IAAI,EAAE,aAAa,IAAI,0BAA0B,EAAE,CAAC;QACtD,IAAI,CAAC;YACH,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;gBACtC,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,4DAA4D,EAC5D,CAAC,CACF,CAAC;YACF,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;YACpE,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD;gBACE,MAAM,EAAE,GAAG;aACZ,CACF,CAAC;QACJ,CAAC;QAED,MAAM,gBAAgB,GACpB,IAAI,EAAE,gBAAgB;YACtB,kDAAkD,EAAE,CAAC;QACvD,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,EAAE,CAAC;YACrC,OAAO,CAAC,KAAK,CACX,8FAA8F,CAC/F,CAAC;YACF,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;YACpE,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD;gBACE,MAAM,EAAE,GAAG;aACZ,CACF,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAkC,EAAE,CAAC;QAExD,4CAA4C;QAC5C,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;YAC/C,MAAM,oBAAoB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAC1C,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;YACF,IACE,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ;gBAC/C,oBAAoB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACtC,iBAAiB,CAAC,oBAAoB,CAAC,KAAK,CAAC;oBAC3C,wBAAwB,EAC1B,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,2BAA2B;oBACvC,IAAI,EAAE,SAAS;oBACf,KAAK,EAAE,oBAAoB,CAAC,KAAsB;iBACnD,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,IAAI,CACV,yEAAyE,CAC1E,CAAC;YACJ,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,gHAAgH;QAChH,MAAM,CAAC,KAAK,UAAU,wCAAwC;YAC5D,MAAM,wBAAwB,GAC5B,qBAAqB,CAAC,aAAa,CAAC,CAAC;YACvC,MAAM,mBAAmB,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;YACtE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;gBAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE;gBACrC,iBAAiB,CAAC,mBAAmB,CAAC,KAAK,CAAC,IAAI,wBAAwB,EACxE,CAAC;gBACD,IAAI,UAAU,GAAkB,IAAI,CAAC;gBACrC,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,cAAc,CACvD,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CACtC,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACpB,MAAM,MAAM,CAAC,KAAK,CAAC;oBACrB,CAAC;oBACD,MAAM,0BAA0B,GAAgB,MAAM,CAAC,IAAI,CAAC;oBAC5D,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,0BAA0B,CAAC,GAAG,EAAE,CAAC;wBAChD,UAAU,GAAG,0BAA0B,CAAC,KAAK,CAAC;oBAChD,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,0BAA0B;oBAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACzC,CAAC;gBACD,IAAI,UAAU,EAAE,CAAC;oBACf,aAAa,CAAC,IAAI,CAAC;wBACjB,UAAU,EAAE,6BAA6B,wBAAwB,GAAG;wBACpE,IAAI,EAAE,QAAQ;wBACd,KAAK,EAAE,UAAU;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,8CAA8C;QAC9C,CAAC,SAAS,4CAA4C;YACpD,IACE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;gBAChC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,EAChC,CAAC;gBACD,MAAM,WAAW,GACf,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;gBACvE,IAAI,CAAC,WAAW,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;oBACpD,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CACb,yDAAyD,CAC1D,CAAC;gBACJ,CAAC;gBACD,MAAM,wBAAwB,GAC5B,OAAO,WAAW,KAAK,QAAQ,IAAI,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC;oBAClE,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC;oBACrC,CAAC,CAAC,EAAE,CAAC;gBACT,IAAI,CAAC,wBAAwB,EAAE,CAAC;oBAC9B,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,aAAa,CAAC,IAAI,CAAC;oBACjB,UAAU,EAAE,+CAA+C;oBAC3D,IAAI,EAAE,QAAQ;oBACd,KAAK,EAAE,wBAAyC;iBACjD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;QAEL,MAAM,IAAI,GAAyB,MAAM,wBAAwB,EAAE,CAAC;QAEpE,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;YAC9D,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,2DAA2D;aACrE,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAgB,MAAM,IAAI,iBAAiB,CAAC;YAC3D,WAAW;YACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;YAC1D,gBAAgB;SACjB,CAAC,CAAC,2BAA2B,CAC5B,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACtB,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,qCAAqC;aAC/C,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;QAExC,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YACxD,OAAO,IAAI,CACT;gBACE,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,uBAAuB;aACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,EAAE,qBAAqB,EAAE,CAAC;YAChC,IAAI,CAAC;gBACH,MAAM,eAAe,GAAG,4BAA4B,EAAE,CAAC;gBACvD,MAAM,uBAAuB,GAAG,MAAM,wBAAwB,EAAE,CAAC;gBACjE,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,eAAe,EACf,aAAa,EACb,uBAAuB,EACvB,IAAI,CAAC,GAAG,EACR,IAAI,CAAC,qBAAqB,CAC3B,CAAC;gBACF,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;oBACvB,OAAO,IAAI,CACT;wBACE,OAAO,EAAE,KAAK;wBACd,KAAK,EAAE,IAAI;wBACX,OAAO,EACL,mDAAmD;qBACtD,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;gBACJ,CAAC;YACH,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CACX,yEAAyE,EACzE,CAAC,CACF,CAAC;gBACF,OAAO,IAAI,CACT;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,8CAA8C;iBACxD,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,qBAAqB,GAA8C;YACvE,GAAG;YACH,IAAI;YACJ,WAAW;SACZ,CAAC;QAEF,MAAM,kBAAkB,GACtB,OAAO,kCAAkC,KAAK,QAAQ;YACtD,kCAAkC;YAChC,CAAC,CAAE;gBACC,GAAG,qBAAqB;gBACxB,GAAG,kCAAkC;aACV;YAC/B,CAAC,CAAE,qBAAiD,CAAC;QAEzD,MAAM,0BAA0B,GAEhB,IAAI,EAAE,0BAA0B,CAAC;QACjD,IAAI,OAAO,0BAA0B,KAAK,UAAU,EAAE,CAAC;YACrD,IAAI,aAAa,GAAY,KAAK,CAAC;YACnC,IAAI,CAAC;gBACH,aAAa,GAAG,MAAM,0BAA0B,CAAC,kBAAkB,CAAC,CAAC;YACvE,CAAC;YAAC,OAAO,CAAU,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;gBACpE,OAAO,IAAI,CACT;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,2CAA2C;iBACrD,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,IAAI,CACT;oBACE,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,uBAAuB;iBACjC,EACD,EAAE,MAAM,EAAE,GAAG,EAAE,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,CAAC,MAAM,qBAAqB,CACjC,kBAAkB,CACnB,CAAwB,CAAC;IAC5B,CAAC,CAAC;AACJ,CAAC;AAED,eAAe,8BAA8B,CAAC"}
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.d.ts CHANGED
@@ -1,8 +1,16 @@
1
1
  import { type ApiServerId } from "@schemavaults/app-definitions";
2
+ import type { OrganizationID } from "@schemavaults/auth-common/organizations";
2
3
  import type { ReactElement } from "react";
3
4
  import type { IJwtKeyManager } from "../../JwtKeyManager";
4
5
  import type { IBaseProtectedAuthenticatedServerComponentPageProps } from "./IBaseProtectedAuthenticatedServerComponentPageProps";
5
6
  export type TProtectedAuthenticatedPageServerComponent<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps> = (props: TProps) => Promise<ReactElement>;
6
7
  type TAdditionalProps<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps> = Omit<TProps, keyof IBaseProtectedAuthenticatedServerComponentPageProps>;
7
- export declare function withAuthenticatedServerComponentRouteGuard<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps>(server_component: TProtectedAuthenticatedPageServerComponent<TProps>, additional_custom_server_component_props?: TAdditionalProps<TProps> | undefined, route_guard_type?: "authenticated" | "admin", custom_is_authorized_check?: ((props: TProps) => Promise<boolean>) | undefined, jwt_keys_manager?: IJwtKeyManager, getApiServerId?: () => ApiServerId): Promise<ReactElement>;
8
+ export interface IWithAuthenticatedServerComponentRouteGuardAdditionalOptions<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps> {
9
+ route_guard_type?: "authenticated" | "admin";
10
+ jwt_keys_manager?: IJwtKeyManager;
11
+ api_server_id?: ApiServerId;
12
+ custom_is_authorized_check?: (props: TProps) => Promise<boolean>;
13
+ required_organization?: OrganizationID;
14
+ }
15
+ export declare function withAuthenticatedServerComponentRouteGuard<TProps extends IBaseProtectedAuthenticatedServerComponentPageProps = IBaseProtectedAuthenticatedServerComponentPageProps>(server_component: TProtectedAuthenticatedPageServerComponent<TProps>, additional_custom_server_component_props?: TAdditionalProps<TProps> | undefined, opts?: IWithAuthenticatedServerComponentRouteGuardAdditionalOptions): Promise<ReactElement>;
8
16
  export default withAuthenticatedServerComponentRouteGuard;
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.js CHANGED
@@ -1,4 +1,7 @@
1
1
  import { SCHEMAVAULTS_AUTH_APP_ID, getAppEnvironment, } from "@schemavaults/app-definitions";
2
+ import isUserInOrganization from "../../isUserInOrganization";
3
+ import getSchemaVaultsAuthServerUri from "../../get-schemavaults-auth-server-uri";
4
+ import loadJwksAccessPrivateKey from "../../env/loadJwksAccessPrivateKey/loadJwksAccessPrivateKey";
2
5
  import { redirectWithError } from "../../redirect-with-error";
3
6
  import RouteGuardFactory from "../../route_guards/route-guard-factory";
4
7
  import { AccessTokenCookieName } from "../../AccessTokenCookieNames";
@@ -7,7 +10,12 @@ import getSchemavaultsApiServerId from "../../get-schemavaults-api-server-id";
7
10
  import redirectToLogin from "../../redirect-to-login";
8
11
  import assertValidRouteGuardType from "../../route_guards/assertValidRouteGuardType";
9
12
  import initDefaultJwtKeyManagerForAuthenticatedRouteGuard from "./initDefaultJwtKeyManagerForAuthenticatedRouteGuard";
10
- export async function withAuthenticatedServerComponentRouteGuard(server_component, additional_custom_server_component_props = undefined, route_guard_type = "authenticated", custom_is_authorized_check = undefined, jwt_keys_manager = initDefaultJwtKeyManagerForAuthenticatedRouteGuard(), getApiServerId = getSchemavaultsApiServerId) {
13
+ export async function withAuthenticatedServerComponentRouteGuard(
14
+ // The server component to render
15
+ server_component,
16
+ // Your additional props (e.g. database handle that you want every server component to have access to)
17
+ additional_custom_server_component_props = undefined, opts) {
18
+ const route_guard_type = opts?.route_guard_type ?? "authenticated";
11
19
  assertValidRouteGuardType(route_guard_type);
12
20
  const environment = getAppEnvironment();
13
21
  const [loadCookies, redirect] = await Promise.all([
@@ -20,9 +28,8 @@ export async function withAuthenticatedServerComponentRouteGuard(server_componen
20
28
  else if (typeof redirect !== "function") {
21
29
  throw new TypeError("Expected 'redirect' to be a function");
22
30
  }
23
- let api_server_id;
31
+ const api_server_id = opts?.api_server_id ?? getSchemavaultsApiServerId();
24
32
  try {
25
- api_server_id = getApiServerId();
26
33
  if (typeof api_server_id !== "string") {
27
34
  throw new TypeError("Expected result of 'getApiServerId' to be a string!");
28
35
  }
@@ -31,6 +38,8 @@ export async function withAuthenticatedServerComponentRouteGuard(server_componen
31
38
  console.error("[withAuthenticatedServerComponentRouteGuard] getApiServerId() failed: ", e);
32
39
  redirectWithError(redirect, 500, "server_misconfiguration");
33
40
  }
41
+ const jwt_keys_manager = opts?.jwt_keys_manager ??
42
+ initDefaultJwtKeyManagerForAuthenticatedRouteGuard();
34
43
  if (!jwt_keys_manager.isConfigured()) {
35
44
  console.error("[withAuthenticatedServerComponentRouteGuard] JWT Keys Manager does not appear to be properly configured!");
36
45
  redirectWithError(redirect, 500, "server_misconfiguration");
@@ -98,7 +107,6 @@ export async function withAuthenticatedServerComponentRouteGuard(server_componen
98
107
  const base_server_component_props = {
99
108
  user,
100
109
  environment,
101
- user_organizations: route_guard.user_organizations,
102
110
  };
103
111
  const final_server_component_props = typeof additional_custom_server_component_props === "object" &&
104
112
  additional_custom_server_component_props
@@ -107,9 +115,24 @@ export async function withAuthenticatedServerComponentRouteGuard(server_componen
107
115
  ...additional_custom_server_component_props,
108
116
  }
109
117
  : base_server_component_props;
110
- if (typeof custom_is_authorized_check === "function") {
118
+ if (opts?.required_organization) {
119
+ try {
120
+ const auth_server_url = getSchemaVaultsAuthServerUri();
121
+ const jwks_access_private_key = await loadJwksAccessPrivateKey();
122
+ const org_role = await isUserInOrganization(auth_server_url, api_server_id, jwks_access_private_key, user.uid, opts.required_organization);
123
+ if (org_role === false) {
124
+ redirectWithError(redirect, 403, "forbidden");
125
+ }
126
+ }
127
+ catch (e) {
128
+ console.error("[withAuthenticatedServerComponentRouteGuard] Organization membership check failed: ", e);
129
+ redirectWithError(redirect, 500, "internal_server_error");
130
+ }
131
+ }
132
+ if (typeof opts?.custom_is_authorized_check === "function") {
111
133
  let is_authorized = false;
112
134
  try {
135
+ const custom_is_authorized_check = opts.custom_is_authorized_check;
113
136
  is_authorized = await custom_is_authorized_check(final_server_component_props);
114
137
  }
115
138
  catch (e) {
package/dist/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"withAuthenticatedServerComponentRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AAOvC,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,iBAAiB,MAAM,oCAAoC,CAAC;AACnE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAE1E,OAAO,eAAe,MAAM,qBAAqB,CAAC;AAClD,OAAO,yBAAyB,MAAM,0CAA0C,CAAC;AAEjF,OAAO,kDAAkD,MAAM,sDAAsD,CAAC;AAgBtH,MAAM,CAAC,KAAK,UAAU,0CAA0C,CAI9D,gBAAoE,EACpE,2CAEgB,SAAS,EACzB,mBAA8C,eAAe,EAC7D,6BAEgB,SAAS,EACzB,mBAAmC,kDAAkD,EAAE,EACvF,iBAAoC,0BAA0B;IAE9D,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;IAEpE,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC;QACjD,MAAM,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;KACtD,CAAC,CAAC;IACH,IAAI,OAAO,WAAW,KAAK,UAAU,EAAE,CAAC;QACtC,MAAM,IAAI,SAAS,CAAC,yCAAyC,CAAC,CAAC;IACjE,CAAC;SAAM,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;QAC1C,MAAM,IAAI,SAAS,CAAC,sCAAsC,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,aAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,aAAa,GAAG,cAAc,EAAE,CAAC;QACjC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACtC,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CACX,wEAAwE,EACxE,CAAC,CACF,CAAC;QACF,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,EAAE,CAAC;QACrC,OAAO,CAAC,KAAK,CACX,0GAA0G,CAC3G,CAAC;QACF,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,OAAO,GAAmB,MAAM,WAAW,EAAE,CAAC;IACpD,IAAI,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QAC7D,MAAM,IAAI,SAAS,CACjB,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAkC,EAAE,CAAC;IAExD,qCAAqC;IACrC,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;QAC/C,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CACtC,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;QACF,IAAI,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;YACpD,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,2BAA2B;gBACvC,IAAI,EAAE,SAAS;gBACf,KAAK,EAAE,oBAAoB,CAAC,KAAK;aAClC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,MAAM,wBAAwB,GAAW,qBAAqB,CAAC,aAAa,CAAC,CAAC;IAC9E,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAClE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;QAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,EACrC,CAAC;QACD,IAAI,UAAU,GAAkB,IAAI,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YACrD,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC/C,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC;YAC5B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;YAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;QACzC,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,6BAA6B,wBAAyC,GAAG;gBACrF,IAAI,EAAE,QAAQ;gBACd,KAAK,EAAE,UAAU;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED,MAAM,mBAAmB,GAAG,IAAI,iBAAiB,CAAC;QAChD,WAAW;QACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;QAC1D,gBAAgB;KACjB,CAAC,CAAC;IACH,MAAM,WAAW,GACf,MAAM,mBAAmB,CAAC,2BAA2B,CACnD,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;IAEJ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACtB,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;IAExC,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,CAAC;QACnC,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CACjB,mGAAmG,CACpG,CAAC;IACJ,CAAC;IACD,MAAM,yCAAyC,GAAG,gBAAgB,CAAC;IAEnE,MAAM,2BAA2B,GAC/B;QACE,IAAI;QACJ,WAAW;QACX,kBAAkB,EAAE,WAAW,CAAC,kBAAkB;KACnD,CAAC;IAEJ,MAAM,4BAA4B,GAChC,OAAO,wCAAwC,KAAK,QAAQ;QAC5D,wCAAwC;QACtC,CAAC,CAAE;YACC,GAAG,2BAA2B;YAC9B,GAAG,wCAAwC;SACtB;QACzB,CAAC,CAAE,2BAAiD,CAAC;IAEzD,IAAI,OAAO,0BAA0B,KAAK,UAAU,EAAE,CAAC;QACrD,IAAI,aAAa,GAAY,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,aAAa,GAAG,MAAM,0BAA0B,CAC9C,4BAA4B,CAC7B,CAAC;QACJ,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;YACpE,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,uBAAuB,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,MAAM,yCAAyC,CACrD,4BAA4B,CAC7B,CAAwB,CAAC;AAC5B,CAAC;AAED,eAAe,0CAA0C,CAAC"}
1
+ {"version":3,"file":"withAuthenticatedServerComponentRouteGuard.js","sourceRoot":"","sources":["../../../src/route_guards/withAuthenticatedRouteGuard/withAuthenticatedServerComponentRouteGuard.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,wBAAwB,EAExB,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AAMvC,OAAO,oBAAoB,MAAM,wBAAwB,CAAC;AAC1D,OAAO,4BAA4B,MAAM,oCAAoC,CAAC;AAC9E,OAAO,wBAAwB,MAAM,yDAAyD,CAAC;AAG/F,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,iBAAiB,MAAM,oCAAoC,CAAC;AACnE,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,0BAA0B,MAAM,kCAAkC,CAAC;AAE1E,OAAO,eAAe,MAAM,qBAAqB,CAAC;AAClD,OAAO,yBAAyB,MAAM,0CAA0C,CAAC;AAEjF,OAAO,kDAAkD,MAAM,sDAAsD,CAAC;AA2BtH,MAAM,CAAC,KAAK,UAAU,0CAA0C;AAI9D,iCAAiC;AACjC,gBAAoE;AAEpE,sGAAsG;AACtG,2CAEgB,SAAS,EACzB,IAAmE;IAEnE,MAAM,gBAAgB,GACpB,IAAI,EAAE,gBAAgB,IAAI,eAAe,CAAC;IAC5C,yBAAyB,CAAC,gBAAgB,CAAC,CAAC;IAE5C,MAAM,WAAW,GAA+B,iBAAiB,EAAE,CAAC;IAEpE,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAChD,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC;QACjD,MAAM,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC;KACtD,CAAC,CAAC;IACH,IAAI,OAAO,WAAW,KAAK,UAAU,EAAE,CAAC;QACtC,MAAM,IAAI,SAAS,CAAC,yCAAyC,CAAC,CAAC;IACjE,CAAC;SAAM,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;QAC1C,MAAM,IAAI,SAAS,CAAC,sCAAsC,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,aAAa,GACjB,IAAI,EAAE,aAAa,IAAI,0BAA0B,EAAE,CAAC;IACtD,IAAI,CAAC;QACH,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACtC,MAAM,IAAI,SAAS,CACjB,qDAAqD,CACtD,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CACX,wEAAwE,EACxE,CAAC,CACF,CAAC;QACF,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,gBAAgB,GACpB,IAAI,EAAE,gBAAgB;QACtB,kDAAkD,EAAE,CAAC;IACvD,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,EAAE,CAAC;QACrC,OAAO,CAAC,KAAK,CACX,0GAA0G,CAC3G,CAAC;QACF,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,OAAO,GAAmB,MAAM,WAAW,EAAE,CAAC;IACpD,IAAI,CAAC,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,UAAU,EAAE,CAAC;QAC7D,MAAM,IAAI,SAAS,CACjB,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAkC,EAAE,CAAC;IAExD,qCAAqC;IACrC,IAAI,aAAa,KAAK,wBAAwB,EAAE,CAAC;QAC/C,MAAM,oBAAoB,GAAG,OAAO,CAAC,GAAG,CACtC,sBAAsB,CAAC,wBAAwB,CAAC,CACjD,CAAC;QACF,IAAI,OAAO,oBAAoB,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;YACpD,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,2BAA2B;gBACvC,IAAI,EAAE,SAAS;gBACf,KAAK,EAAE,oBAAoB,CAAC,KAAK;aAClC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,MAAM,wBAAwB,GAAW,qBAAqB,CAAC,aAAa,CAAC,CAAC;IAC9E,MAAM,mBAAmB,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAClE,IACE,OAAO,mBAAmB,EAAE,KAAK,KAAK,QAAQ;QAC9C,mBAAmB,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,EACrC,CAAC;QACD,IAAI,UAAU,GAAkB,IAAI,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;YACrD,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC/C,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC;YAC5B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;YAC1B,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC;QACzC,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACf,aAAa,CAAC,IAAI,CAAC;gBACjB,UAAU,EAAE,6BAA6B,wBAAyC,GAAG;gBACrF,IAAI,EAAE,QAAQ;gBACd,KAAK,EAAE,UAAU;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED,MAAM,mBAAmB,GAAG,IAAI,iBAAiB,CAAC;QAChD,WAAW;QACX,cAAc,EAAE,aAAa,KAAK,wBAAwB;QAC1D,gBAAgB;KACjB,CAAC,CAAC;IACH,MAAM,WAAW,GACf,MAAM,mBAAmB,CAAC,2BAA2B,CACnD,gBAAgB,EAChB,aAAa,EACb,aAAa,CACd,CAAC;IAEJ,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACtB,eAAe,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IACD,MAAM,IAAI,GAAa,WAAW,CAAC,IAAI,CAAC;IAExC,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,EAAE,CAAC;QACnC,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,OAAO,gBAAgB,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,IAAI,SAAS,CACjB,mGAAmG,CACpG,CAAC;IACJ,CAAC;IACD,MAAM,yCAAyC,GAAG,gBAAgB,CAAC;IAEnE,MAAM,2BAA2B,GAC/B;QACE,IAAI;QACJ,WAAW;KACZ,CAAC;IAEJ,MAAM,4BAA4B,GAChC,OAAO,wCAAwC,KAAK,QAAQ;QAC5D,wCAAwC;QACtC,CAAC,CAAE;YACC,GAAG,2BAA2B;YAC9B,GAAG,wCAAwC;SACtB;QACzB,CAAC,CAAE,2BAAiD,CAAC;IAEzD,IAAI,IAAI,EAAE,qBAAqB,EAAE,CAAC;QAChC,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,4BAA4B,EAAE,CAAC;YACvD,MAAM,uBAAuB,GAAG,MAAM,wBAAwB,EAAE,CAAC;YACjE,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CACzC,eAAe,EACf,aAAa,EACb,uBAAuB,EACvB,IAAI,CAAC,GAAG,EACR,IAAI,CAAC,qBAAqB,CAC3B,CAAC;YACF,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACvB,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CACX,qFAAqF,EACrF,CAAC,CACF,CAAC;YACF,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,uBAAuB,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,IAAI,OAAO,IAAI,EAAE,0BAA0B,KAAK,UAAU,EAAE,CAAC;QAC3D,IAAI,aAAa,GAAY,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,0BAA0B,GAAG,IAAI,CAAC,0BAA0B,CAAC;YACnE,aAAa,GAAG,MAAM,0BAA0B,CAC9C,4BAA4B,CAC7B,CAAC;QACJ,CAAC;QAAC,OAAO,CAAU,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iDAAiD,EAAE,CAAC,CAAC,CAAC;YACpE,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,uBAAuB,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,MAAM,yCAAyC,CACrD,4BAA4B,CAC7B,CAAwB,CAAC;AAC5B,CAAC;AAED,eAAe,0CAA0C,CAAC"}
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@schemavaults/auth-server-sdk",
3
3
  "description": "TypeScript SDK for building authenticated endpoints/middlewares for the Auth Server and Resource Servers",
4
- "version": "0.21.18",
4
+ "version": "0.22.0",
5
5
  "license": "UNLICENSED",
6
6
  "private": false,
7
7
  "repository": {
@@ -18,8 +18,8 @@
18
18
  },
19
19
  "dependencies": {
20
20
  "zod": "3.25.8",
21
- "@schemavaults/jwt": "0.6.37",
22
- "@schemavaults/auth-common": "0.9.8",
21
+ "@schemavaults/jwt": "0.7.0",
22
+ "@schemavaults/auth-common": "0.10.0",
23
23
  "@schemavaults/app-definitions": "0.6.21"
24
24
  },
25
25
  "scripts": {