npm - @skyapp-labs/blueprint-backend-core - Versions diffs - 1.0.9 - Mend

@skyapp-labs/blueprint-backend-core 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (737) hide show

package/dist/modules/auth/providers/interfaces/auth-provider.interface.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+export type AuthProviderType = 'native' | 'keycloak';
+export type AuthIdentity = UserProfile & {
+    externalUid?: string;
+    email: string;
+    passwordHash?: string;
+    isEmailVerified: boolean;
+};
+export interface ValidateSessionResult {
+    valid: boolean;
+    rotatedProviderRefreshToken?: string;
+}
+export interface UserProfile {
+    firstName: string;
+    lastName: string;
+    countryCode?: string;
+    phone?: string;
+    photoUrl?: string;
+}
+export interface CredentialVerificationResult {
+    identity: UserProfile & {
+        externalUid?: string;
+        email: string;
+    };
+    providerRefreshToken?: string;
+}
+export interface IAuthProvider {
+    readonly name: AuthProviderType;
+    verifyEmailCredentials(email: string, password: string): Promise<CredentialVerificationResult>;
+    validateSession(providerRefreshToken?: string): Promise<ValidateSessionResult>;
+    createUser(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    acceptInvite(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    initiatePasswordReset(email: string): Promise<void>;
+    resetPassword(token: string, newPassword: string): Promise<void>;
+    changePassword(userId: string, currentPassword: string | undefined, newPassword: string): Promise<void>;
+    deleteUser(externalUid: string | undefined): Promise<void>;
+}
+//# sourceMappingURL=auth-provider.interface.d.ts.map

package/dist/modules/auth/providers/interfaces/auth-provider.interface.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth-provider.interface.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/interfaces/auth-provider.interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,QAAQ,GAAG,UAAU,CAAC;AAMrD,MAAM,MAAM,YAAY,GAAG,WAAW,GAAG;IACxC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,OAAO,CAAC;CACzB,CAAC;AAMF,MAAM,WAAW,qBAAqB;IAIrC,KAAK,EAAE,OAAO,CAAC;IAMf,2BAA2B,CAAC,EAAE,MAAM,CAAC;CACrC;AAMD,MAAM,WAAW,WAAW;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;CAClB;AAOD,MAAM,WAAW,4BAA4B;IAC5C,QAAQ,EAAE,WAAW,GAAG;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAChE,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAQD,MAAM,WAAW,aAAa;IAC7B,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAC;IAKhC,sBAAsB,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;IAS/F,eAAe,CAAC,oBAAoB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAQ/E,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IASzF,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAQ3F,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAQpD,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAQjE,cAAc,CACb,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,MAAM,GAAG,SAAS,EACnC,WAAW,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC,CAAC;IAQjB,UAAU,CAAC,WAAW,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;CAC3D"}

package/dist/modules/auth/providers/interfaces/auth-provider.interface.js ADDED Viewed

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=auth-provider.interface.js.map

package/dist/modules/auth/providers/interfaces/auth-provider.interface.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-provider.interface.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/interfaces/auth-provider.interface.ts"],"names":[],"mappings":""}

package/dist/modules/auth/providers/interfaces/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './auth-provider.interface';
2	+ //# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/providers/interfaces/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/interfaces/index.ts"],"names":[],"mappings":"AAAA,cAAc,2BAA2B,CAAC"}

package/dist/modules/auth/providers/interfaces/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./auth-provider.interface"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/auth/providers/interfaces/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/interfaces/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4DAA0C"}

package/dist/modules/auth/providers/keycloak/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './keycloak.auth-provider';
+export * from './keycloak-auth-provider.module';
+//# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/providers/keycloak/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,iCAAiC,CAAC"}

package/dist/modules/auth/providers/keycloak/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./keycloak.auth-provider"), exports);
+__exportStar(require("./keycloak-auth-provider.module"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/auth/providers/keycloak/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,2DAAyC;AACzC,kEAAgD"}

package/dist/modules/auth/providers/keycloak/keycloak-auth-provider.module.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export declare class KeycloakAuthProviderModule {
+}
+//# sourceMappingURL=keycloak-auth-provider.module.d.ts.map

package/dist/modules/auth/providers/keycloak/keycloak-auth-provider.module.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"keycloak-auth-provider.module.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak-auth-provider.module.ts"],"names":[],"mappings":"AAUA,qBAwBa,0BAA0B;CAAG"}

package/dist/modules/auth/providers/keycloak/keycloak-auth-provider.module.js ADDED Viewed

@@ -0,0 +1,80 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KeycloakAuthProviderModule = void 0;
+const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
+const keycloak_auth_provider_1 = require("./keycloak.auth-provider");
+const keycloak_verify_email_strategy_1 = require("./keycloak-verify-email.strategy");
+const users_module_1 = require("../../../users/users.module");
+const jwksRsa = __importStar(require("jwks-rsa"));
+const sessions_module_1 = require("../../../sessions/sessions.module");
+const KEYCLOAK_JWKS_CLIENT = 'KEYCLOAK_JWKS_CLIENT';
+let KeycloakAuthProviderModule = class KeycloakAuthProviderModule {
+};
+exports.KeycloakAuthProviderModule = KeycloakAuthProviderModule;
+exports.KeycloakAuthProviderModule = KeycloakAuthProviderModule = __decorate([
+    (0, common_1.Module)({
+        imports: [config_1.ConfigModule, users_module_1.UsersModule, sessions_module_1.SessionsModule],
+        providers: [
+            keycloak_verify_email_strategy_1.KeycloakVerifyEmailStrategy,
+            {
+                provide: KEYCLOAK_JWKS_CLIENT,
+                useFactory: (config) => {
+                    const issuerUrl = config.get('app.keycloak.issuerUrl');
+                    if (!issuerUrl)
+                        return null;
+                    const jwksUri = `${issuerUrl.replace(/\/$/, '')}/protocol/openid-connect/certs`;
+                    return new jwksRsa.JwksClient({
+                        jwksUri,
+                        cache: true,
+                        cacheMaxAge: 600_000,
+                        rateLimit: true,
+                    });
+                },
+                inject: [config_1.ConfigService],
+            },
+            keycloak_auth_provider_1.KeycloakAuthProvider,
+        ],
+        exports: [keycloak_auth_provider_1.KeycloakAuthProvider],
+    })
+], KeycloakAuthProviderModule);
+//# sourceMappingURL=keycloak-auth-provider.module.js.map

package/dist/modules/auth/providers/keycloak/keycloak-auth-provider.module.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keycloak-auth-provider.module.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak-auth-provider.module.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAAwC;AACxC,2CAA6D;AAC7D,qEAAgE;AAChE,qFAA+E;AAC/E,8DAA0D;AAC1D,kDAAoC;AACpC,uEAAmE;AAEnE,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AA0B7C,IAAM,0BAA0B,GAAhC,MAAM,0BAA0B;CAAG,CAAA;AAA7B,gEAA0B;qCAA1B,0BAA0B;IAxBtC,IAAA,eAAM,EAAC;QACP,OAAO,EAAE,CAAC,qBAAY,EAAE,0BAAW,EAAE,gCAAc,CAAC;QACpD,SAAS,EAAE;YACV,4DAA2B;YAC3B;gBACC,OAAO,EAAE,oBAAoB;gBAC7B,UAAU,EAAE,CAAC,MAAqB,EAAE,EAAE;oBACrC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAS,wBAAwB,CAAC,CAAC;oBAC/D,IAAI,CAAC,SAAS;wBAAE,OAAO,IAAI,CAAC;oBAE5B,MAAM,OAAO,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,gCAAgC,CAAC;oBAChF,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC;wBAC7B,OAAO;wBACP,KAAK,EAAE,IAAI;wBACX,WAAW,EAAE,OAAO;wBACpB,SAAS,EAAE,IAAI;qBACf,CAAC,CAAC;gBACJ,CAAC;gBACD,MAAM,EAAE,CAAC,sBAAa,CAAC;aACvB;YACD,6CAAoB;SACpB;QACD,OAAO,EAAE,CAAC,6CAAoB,CAAC;KAC/B,CAAC;GACW,0BAA0B,CAAG"}

package/dist/modules/auth/providers/keycloak/keycloak-verify-email.strategy.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import type { CredentialVerificationResult } from '../interfaces/auth-provider.interface';
+import { KeycloakConfig } from './keycloak.auth-provider';
+export declare class KeycloakVerifyEmailStrategy {
+    constructor();
+    verify(email: string, password: string, config: KeycloakConfig, decodeJwt: (token: string) => Record<string, unknown>): Promise<CredentialVerificationResult>;
+}
+//# sourceMappingURL=keycloak-verify-email.strategy.d.ts.map

package/dist/modules/auth/providers/keycloak/keycloak-verify-email.strategy.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keycloak-verify-email.strategy.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak-verify-email.strategy.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAEX,4BAA4B,EAC5B,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAM1D,qBACa,2BAA2B;;IAGjC,MAAM,CACX,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,cAAc,EACtB,SAAS,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACnD,OAAO,CAAC,4BAA4B,CAAC;CAqCxC"}

package/dist/modules/auth/providers/keycloak/keycloak-verify-email.strategy.js ADDED Viewed

@@ -0,0 +1,54 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KeycloakVerifyEmailStrategy = void 0;
+const common_1 = require("@nestjs/common");
+let KeycloakVerifyEmailStrategy = class KeycloakVerifyEmailStrategy {
+    constructor() { }
+    async verify(email, password, config, decodeJwt) {
+        const { tokenUrl, clientId, clientSecret } = config;
+        const body = new URLSearchParams({
+            grant_type: 'password',
+            client_id: clientId,
+            username: email,
+            password,
+            ...(clientSecret ? { client_secret: clientSecret } : {}),
+        });
+        const res = await fetch(tokenUrl, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: body.toString(),
+        });
+        const data = await res.json();
+        if (!res.ok)
+            throw new common_1.UnauthorizedException(data.error_description ?? 'Invalid email or password');
+        const payload = decodeJwt(data.access_token);
+        return {
+            identity: {
+                externalUid: payload.sub,
+                email: payload.email ?? email,
+                firstName: payload.given_name,
+                lastName: payload.family_name,
+                countryCode: payload.country_code,
+                phone: payload.phone_number,
+                photoUrl: payload.picture,
+                isEmailVerified: payload.email_verified ?? false,
+            },
+            providerRefreshToken: data.refresh_token,
+        };
+    }
+};
+exports.KeycloakVerifyEmailStrategy = KeycloakVerifyEmailStrategy;
+exports.KeycloakVerifyEmailStrategy = KeycloakVerifyEmailStrategy = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [])
+], KeycloakVerifyEmailStrategy);
+//# sourceMappingURL=keycloak-verify-email.strategy.js.map

package/dist/modules/auth/providers/keycloak/keycloak-verify-email.strategy.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keycloak-verify-email.strategy.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak-verify-email.strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAmE;AAY5D,IAAM,2BAA2B,GAAjC,MAAM,2BAA2B;IACvC,gBAAe,CAAC;IAEhB,KAAK,CAAC,MAAM,CACX,KAAa,EACb,QAAgB,EAChB,MAAsB,EACtB,SAAqD;QAErD,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC;QAEpD,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAChC,UAAU,EAAE,UAAU;YACtB,SAAS,EAAE,QAAQ;YACnB,QAAQ,EAAE,KAAK;YACf,QAAQ;YACR,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACxD,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YACjC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,CAAC,GAAG,CAAC,EAAE;YACV,MAAM,IAAI,8BAAqB,CAAC,IAAI,CAAC,iBAAiB,IAAI,2BAA2B,CAAC,CAAC;QAExF,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAE7C,OAAO;YACN,QAAQ,EAAE;gBACT,WAAW,EAAE,OAAO,CAAC,GAAG;gBACxB,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,KAAK;gBAC7B,SAAS,EAAE,OAAO,CAAC,UAAU;gBAC7B,QAAQ,EAAE,OAAO,CAAC,WAAW;gBAC7B,WAAW,EAAE,OAAO,CAAC,YAAY;gBACjC,KAAK,EAAE,OAAO,CAAC,YAAY;gBAC3B,QAAQ,EAAE,OAAO,CAAC,OAAO;gBACzB,eAAe,EAAE,OAAO,CAAC,cAAc,IAAI,KAAK;aAChC;YACjB,oBAAoB,EAAE,IAAI,CAAC,aAAa;SACxC,CAAC;IACH,CAAC;CACD,CAAA;AA7CY,kEAA2B;sCAA3B,2BAA2B;IADvC,IAAA,mBAAU,GAAE;;GACA,2BAA2B,CA6CvC"}

package/dist/modules/auth/providers/keycloak/keycloak.auth-provider.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import { AuthIdentity, CredentialVerificationResult, IAuthProvider, UserProfile, ValidateSessionResult } from '../interfaces/auth-provider.interface';
+import { UsersService } from '../../../users/services/users.service';
+import { ConfigService } from '@nestjs/config';
+import { KeycloakVerifyEmailStrategy } from './keycloak-verify-email.strategy';
+export interface KeycloakConfig {
+    tokenUrl: string;
+    clientId: string;
+    clientSecret?: string;
+}
+export interface KeycloakAdminConfig {
+    adminUrl: string;
+    realm: string;
+    adminClientId: string;
+    adminClientSecret: string;
+}
+export declare class KeycloakAuthProvider implements IAuthProvider {
+    private readonly config;
+    private readonly usersService;
+    private readonly keycloakVerifyEmailStrategy;
+    readonly name: "keycloak";
+    constructor(config: ConfigService, usersService: UsersService, keycloakVerifyEmailStrategy: KeycloakVerifyEmailStrategy);
+    verifyEmailCredentials(email: string, password: string): Promise<CredentialVerificationResult>;
+    validateSession(providerRefreshToken?: string): Promise<ValidateSessionResult>;
+    createUser(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    acceptInvite(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    initiatePasswordReset(email: string): Promise<void>;
+    resetPassword(_token: string, _newPassword: string): Promise<void>;
+    changePassword(userId: string, _currentPassword: string | undefined, newPassword: string): Promise<void>;
+    deleteUser(externalUid?: string): Promise<void>;
+    private getConfig;
+    private getAdminConfig;
+    private getAdminToken;
+    private findKcUserByEmail;
+    private decodeJwt;
+}
+//# sourceMappingURL=keycloak.auth-provider.d.ts.map

package/dist/modules/auth/providers/keycloak/keycloak.auth-provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keycloak.auth-provider.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak.auth-provider.ts"],"names":[],"mappings":"AAOA,OAAO,EACN,YAAY,EACZ,4BAA4B,EAC5B,aAAa,EACb,WAAW,EACX,qBAAqB,EACrB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAE/E,MAAM,WAAW,cAAc;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,mBAAmB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,CAAC;CAC1B;AAED,qBACa,oBAAqB,YAAW,aAAa;IAIxD,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,2BAA2B;IAL7C,QAAQ,CAAC,IAAI,EAAG,UAAU,CAAU;gBAGlB,MAAM,EAAE,aAAa,EACrB,YAAY,EAAE,YAAY,EAC1B,2BAA2B,EAAE,2BAA2B;IAGpE,sBAAsB,CAC3B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,4BAA4B,CAAC;IAUlC,eAAe,CAAC,oBAAoB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC;IA2B9E,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC;IA8CxF,YAAY,CACjB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,WAAW,GAClB,OAAO,CAAC,YAAY,CAAC;IAIlB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBnD,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IASlE,cAAc,CACnB,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,MAAM,GAAG,SAAS,EACpC,WAAW,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC;IAyBV,UAAU,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAerD,OAAO,CAAC,SAAS;IAQjB,OAAO,CAAC,cAAc;YASR,aAAa;YAiBb,iBAAiB;IAY/B,OAAO,CAAC,SAAS;CAGjB"}

package/dist/modules/auth/providers/keycloak/keycloak.auth-provider.js ADDED Viewed

@@ -0,0 +1,188 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.KeycloakAuthProvider = void 0;
+const common_1 = require("@nestjs/common");
+const users_service_1 = require("../../../users/services/users.service");
+const config_1 = require("@nestjs/config");
+const keycloak_verify_email_strategy_1 = require("./keycloak-verify-email.strategy");
+let KeycloakAuthProvider = class KeycloakAuthProvider {
+    constructor(config, usersService, keycloakVerifyEmailStrategy) {
+        this.config = config;
+        this.usersService = usersService;
+        this.keycloakVerifyEmailStrategy = keycloakVerifyEmailStrategy;
+        this.name = 'keycloak';
+    }
+    async verifyEmailCredentials(email, password) {
+        const config = this.getConfig();
+        return await this.keycloakVerifyEmailStrategy.verify(email, password, config, this.decodeJwt);
+    }
+    async validateSession(providerRefreshToken) {
+        if (!providerRefreshToken)
+            return { valid: true };
+        const { tokenUrl, clientId, clientSecret } = this.getConfig();
+        const body = new URLSearchParams({
+            grant_type: 'refresh_token',
+            client_id: clientId,
+            refresh_token: providerRefreshToken,
+            ...(clientSecret ? { client_secret: clientSecret } : {}),
+        });
+        const res = await fetch(tokenUrl, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: body.toString(),
+        });
+        if (!res.ok)
+            return { valid: false };
+        const data = await res.json();
+        return {
+            valid: true,
+            rotatedProviderRefreshToken: data.refresh_token,
+        };
+    }
+    async createUser(email, password, profile) {
+        const { adminUrl, realm } = this.getAdminConfig();
+        const adminToken = await this.getAdminToken();
+        const res = await fetch(`${adminUrl}/admin/realms/${realm}/users`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${adminToken}`,
+            },
+            body: JSON.stringify({
+                username: email,
+                email,
+                firstName: profile.firstName,
+                lastName: profile.lastName,
+                enabled: true,
+                emailVerified: false,
+                credentials: [{ type: 'password', value: password, temporary: false }],
+            }),
+        });
+        if (!res.ok) {
+            if (res.status === 409) {
+                throw new common_1.ConflictException('An account with this email already exists.');
+            }
+            throw new common_1.InternalServerErrorException('Failed to create user in Keycloak');
+        }
+        const location = res.headers.get('Location') ?? '';
+        const externalUid = location.split('/').pop();
+        return {
+            externalUid,
+            email,
+            firstName: profile.firstName,
+            lastName: profile.lastName,
+            countryCode: profile.countryCode,
+            phoneNumber: profile.phone,
+            photoUrl: profile.photoUrl,
+            isEmailVerified: false,
+            isPhoneVerified: false,
+        };
+    }
+    async acceptInvite(email, password, profile) {
+        return this.createUser(email, password, profile);
+    }
+    async initiatePasswordReset(email) {
+        const { adminUrl, realm } = this.getAdminConfig();
+        const adminToken = await this.getAdminToken();
+        const user = await this.findKcUserByEmail(email, adminToken);
+        if (!user)
+            return;
+        await fetch(`${adminUrl}/admin/realms/${realm}/users/${user.id}/execute-actions-email`, {
+            method: 'PUT',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${adminToken}`,
+            },
+            body: JSON.stringify(['UPDATE_PASSWORD']),
+        });
+    }
+    async resetPassword(_token, _newPassword) {
+        throw new common_1.BadRequestException('Use the Keycloak reset email link to complete password reset.');
+    }
+    async changePassword(userId, _currentPassword, newPassword) {
+        const user = await this.usersService.findById(userId);
+        if (!user?.uid)
+            throw new common_1.NotFoundException('User not found');
+        const { adminUrl, realm } = this.getAdminConfig();
+        const adminToken = await this.getAdminToken();
+        const res = await fetch(`${adminUrl}/admin/realms/${realm}/users/${user.uid}/reset-password`, {
+            method: 'PUT',
+            headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${adminToken}`,
+            },
+            body: JSON.stringify({ type: 'password', value: newPassword, temporary: false }),
+        });
+        if (!res.ok) {
+            throw new common_1.InternalServerErrorException('Failed to update password in Keycloak');
+        }
+    }
+    async deleteUser(externalUid) {
+        if (!externalUid)
+            return;
+        const { adminUrl, realm } = this.getAdminConfig();
+        const adminToken = await this.getAdminToken();
+        await fetch(`${adminUrl}/admin/realms/${realm}/users/${externalUid}`, {
+            method: 'DELETE',
+            headers: { Authorization: `Bearer ${adminToken}` },
+        });
+    }
+    getConfig() {
+        return {
+            tokenUrl: `${this.config.get('app.keycloak.issuerUrl')}/protocol/openid-connect/token`,
+            clientId: this.config.get('app.keycloak.clientId'),
+            clientSecret: this.config.get('app.keycloak.clientSecret'),
+        };
+    }
+    getAdminConfig() {
+        return {
+            adminUrl: this.config.get('app.keycloak.adminUrl'),
+            realm: this.config.get('app.keycloak.realm'),
+            adminClientId: this.config.get('app.keycloak.adminClientId'),
+            adminClientSecret: this.config.get('app.keycloak.adminClientSecret'),
+        };
+    }
+    async getAdminToken() {
+        const { adminUrl, realm, adminClientId, adminClientSecret } = this.getAdminConfig();
+        const body = new URLSearchParams({
+            grant_type: 'client_credentials',
+            client_id: adminClientId,
+            client_secret: adminClientSecret,
+        });
+        const res = await fetch(`${adminUrl}/realms/${realm}/protocol/openid-connect/token`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            body: body.toString(),
+        });
+        const data = await res.json();
+        return data.access_token;
+    }
+    async findKcUserByEmail(email, adminToken) {
+        const { adminUrl, realm } = this.getAdminConfig();
+        const res = await fetch(`${adminUrl}/admin/realms/${realm}/users?email=${encodeURIComponent(email)}&exact=true`, {
+            headers: { Authorization: `Bearer ${adminToken}` },
+        });
+        const users = await res.json();
+        return users?.[0] ?? null;
+    }
+    decodeJwt(token) {
+        return JSON.parse(Buffer.from(token.split('.')[1], 'base64').toString());
+    }
+};
+exports.KeycloakAuthProvider = KeycloakAuthProvider;
+exports.KeycloakAuthProvider = KeycloakAuthProvider = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [config_1.ConfigService,
+        users_service_1.UsersService,
+        keycloak_verify_email_strategy_1.KeycloakVerifyEmailStrategy])
+], KeycloakAuthProvider);
+//# sourceMappingURL=keycloak.auth-provider.js.map

package/dist/modules/auth/providers/keycloak/keycloak.auth-provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"keycloak.auth-provider.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/keycloak/keycloak.auth-provider.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAMwB;AAQxB,yEAAqE;AACrE,2CAA+C;AAC/C,qFAA+E;AAgBxE,IAAM,oBAAoB,GAA1B,MAAM,oBAAoB;IAGhC,YACkB,MAAqB,EACrB,YAA0B,EAC1B,2BAAwD;QAFxD,WAAM,GAAN,MAAM,CAAe;QACrB,iBAAY,GAAZ,YAAY,CAAc;QAC1B,gCAA2B,GAA3B,2BAA2B,CAA6B;QALjE,SAAI,GAAG,UAAmB,CAAC;IAMjC,CAAC;IAEJ,KAAK,CAAC,sBAAsB,CAC3B,KAAa,EACb,QAAgB;QAEhB,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,OAAO,MAAM,IAAI,CAAC,2BAA2B,CAAC,MAAM,CACnD,KAAK,EACL,QAAQ,EACR,MAAM,EACN,IAAI,CAAC,SAAS,CACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,oBAA6B;QAClD,IAAI,CAAC,oBAAoB;YAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAElD,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAE9D,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAChC,UAAU,EAAE,eAAe;YAC3B,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,oBAAoB;YACnC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACxD,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YACjC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE;YAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QAErC,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,OAAO;YACN,KAAK,EAAE,IAAI;YACX,2BAA2B,EAAE,IAAI,CAAC,aAAa;SAC/C,CAAC;IACH,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,KAAa,EAAE,QAAgB,EAAE,OAAoB;QACrE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE9C,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,iBAAiB,KAAK,QAAQ,EAAE;YAClE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACR,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,UAAU,EAAE;aACrC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACpB,QAAQ,EAAE,KAAK;gBACf,KAAK;gBACL,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,IAAI;gBACb,aAAa,EAAE,KAAK;gBACpB,WAAW,EAAE,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;aACtE,CAAC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACb,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACxB,MAAM,IAAI,0BAAiB,CAAC,4CAA4C,CAAC,CAAC;YAC3E,CAAC;YAED,MAAM,IAAI,qCAA4B,CAAC,mCAAmC,CAAC,CAAC;QAC7E,CAAC;QAGD,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;QACnD,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;QAE9C,OAAO;YACN,WAAW;YACX,KAAK;YACL,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,KAAK;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,eAAe,EAAE,KAAK;YACtB,eAAe,EAAE,KAAK;SACN,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,YAAY,CACjB,KAAa,EACb,QAAgB,EAChB,OAAoB;QAEpB,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAa;QAExC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE9C,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;QAC7D,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,MAAM,KAAK,CAAC,GAAG,QAAQ,iBAAiB,KAAK,UAAU,IAAI,CAAC,EAAE,wBAAwB,EAAE;YACvF,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACR,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,UAAU,EAAE;aACrC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC,CAAC;SACzC,CAAC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,MAAc,EAAE,YAAoB;QAIvD,MAAM,IAAI,4BAAmB,CAC5B,+DAA+D,CAC/D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CACnB,MAAc,EACd,gBAAoC,EACpC,WAAmB;QAGnB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI,EAAE,GAAG;YAAE,MAAM,IAAI,0BAAiB,CAAC,gBAAgB,CAAC,CAAC;QAE9D,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE9C,MAAM,GAAG,GAAG,MAAM,KAAK,CACtB,GAAG,QAAQ,iBAAiB,KAAK,UAAU,IAAI,CAAC,GAAG,iBAAiB,EACpE;YACC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACR,cAAc,EAAE,kBAAkB;gBAClC,aAAa,EAAE,UAAU,UAAU,EAAE;aACrC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;SAChF,CACD,CAAC;QAEF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACb,MAAM,IAAI,qCAA4B,CAAC,uCAAuC,CAAC,CAAC;QACjF,CAAC;IACF,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,WAAoB;QACpC,IAAI,CAAC,WAAW;YAAE,OAAO;QAEzB,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QAE9C,MAAM,KAAK,CAAC,GAAG,QAAQ,iBAAiB,KAAK,UAAU,WAAW,EAAE,EAAE;YACrE,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,UAAU,EAAE,EAAE;SAClD,CAAC,CAAC;IAEJ,CAAC;IAIO,SAAS;QAChB,OAAO;YACN,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,wBAAwB,CAAC,gCAAgC;YACtF,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,uBAAuB,CAAE;YAC3D,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,2BAA2B,CAAC;SAClE,CAAC;IACH,CAAC;IAEO,cAAc;QACrB,OAAO;YACN,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,uBAAuB,CAAE;YAC3D,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,oBAAoB,CAAE;YACrD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,4BAA4B,CAAE;YACrE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAS,gCAAgC,CAAE;SAC7E,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa;QAE1B,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QACpF,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;YAChC,UAAU,EAAE,oBAAoB;YAChC,SAAS,EAAE,aAAa;YACxB,aAAa,EAAE,iBAAiB;SAChC,CAAC,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,WAAW,KAAK,gCAAgC,EAAE;YACpF,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;YAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;SACrB,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC,YAAY,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,UAAkB;QAChE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG,MAAM,KAAK,CACtB,GAAG,QAAQ,iBAAiB,KAAK,gBAAgB,kBAAkB,CAAC,KAAK,CAAC,aAAa,EACvF;YACC,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,UAAU,EAAE,EAAE;SAClD,CACD,CAAC;QACF,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC/B,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IAC3B,CAAC;IAEO,SAAS,CAAC,KAAa;QAC9B,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC1E,CAAC;CACD,CAAA;AA/NY,oDAAoB;+BAApB,oBAAoB;IADhC,IAAA,mBAAU,GAAE;qCAKc,sBAAa;QACP,4BAAY;QACG,4DAA2B;GAN9D,oBAAoB,CA+NhC"}

package/dist/modules/auth/providers/native/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './native.auth-provider';
+export * from './native.auth-provider.module';
+//# sourceMappingURL=index.d.ts.map

package/dist/modules/auth/providers/native/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/index.ts"],"names":[],"mappings":"AAAA,cAAc,wBAAwB,CAAC;AACvC,cAAc,+BAA+B,CAAC"}

package/dist/modules/auth/providers/native/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./native.auth-provider"), exports);
+__exportStar(require("./native.auth-provider.module"), exports);
+//# sourceMappingURL=index.js.map

package/dist/modules/auth/providers/native/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yDAAuC;AACvC,gEAA8C"}

package/dist/modules/auth/providers/native/native.auth-provider.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import { AuthIdentity, CredentialVerificationResult, IAuthProvider, UserProfile, ValidateSessionResult } from '../interfaces/auth-provider.interface';
+import { UsersService } from '../../../users/services/users.service';
+import { JobsQueue } from '../../../../jobs';
+export declare class NativeAuthProvider implements IAuthProvider {
+    private readonly usersService;
+    private readonly jobsQueue;
+    readonly name: "native";
+    private readonly logger;
+    constructor(usersService: UsersService, jobsQueue: JobsQueue | null);
+    verifyEmailCredentials(email: string, password: string): Promise<CredentialVerificationResult>;
+    validateSession(_providerRefreshToken?: string): Promise<ValidateSessionResult>;
+    createUser(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    acceptInvite(email: string, password: string, profile: UserProfile): Promise<AuthIdentity>;
+    initiatePasswordReset(_email: string): Promise<void>;
+    resetPassword(_token: string, _newPassword: string): Promise<void>;
+    changePassword(userId: string, currentPassword: string | undefined, newPassword: string): Promise<void>;
+    deleteUser(_externalUid: string | undefined): Promise<void>;
+}
+//# sourceMappingURL=native.auth-provider.d.ts.map

package/dist/modules/auth/providers/native/native.auth-provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"native.auth-provider.d.ts","sourceRoot":"","sources":["../../../../../modules/auth/providers/native/native.auth-provider.ts"],"names":[],"mappings":"AAUA,OAAO,EACN,YAAY,EACZ,4BAA4B,EAC5B,aAAa,EACb,WAAW,EACX,qBAAqB,EACrB,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAErE,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAE7C,qBACa,kBAAmB,YAAW,aAAa;IAOtD,OAAO,CAAC,QAAQ,CAAC,YAAY;IAG7B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAT3B,QAAQ,CAAC,IAAI,EAAG,QAAQ,CAAU;IAElC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuC;gBAI5C,YAAY,EAAE,YAAY,EAG1B,SAAS,EAAE,SAAS,GAAG,IAAI;IAGvC,sBAAsB,CAC3B,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,GACd,OAAO,CAAC,4BAA4B,CAAC;IAsBlC,eAAe,CAAC,qBAAqB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAK/E,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC;IAkCxF,YAAY,CACjB,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,WAAW,GAClB,OAAO,CAAC,YAAY,CAAC;IAgBxB,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMpD,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAK5D,cAAc,CACnB,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,MAAM,GAAG,SAAS,EACnC,WAAW,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC;IAehB,UAAU,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;CAG3D"}