npm - @soapjs/soap-auth - Versions diffs - 0.1.1 → 0.3.0 - Mend

@soapjs/soap-auth 0.1.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/README.md +120 -169
package/build/factories/http-auth-strategy.factory.js +1 -1
package/build/factories/index.d.ts +3 -0
package/build/factories/index.js +19 -0
package/build/index.d.ts +4 -25
package/build/index.js +4 -25
package/build/session/index.d.ts +3 -0
package/build/session/index.js +19 -0
package/build/soap-auth.d.ts +9 -9
package/build/soap-auth.js +64 -34
package/build/strategies/api-key/api-key.strategy.d.ts +4 -3
package/build/strategies/api-key/api-key.strategy.js +9 -6
package/build/strategies/api-key/api-key.types.d.ts +2 -4
package/build/strategies/base-auth.strategy.d.ts +4 -3
package/build/strategies/base-auth.strategy.js +18 -2
package/build/strategies/basic/basic.strategy.d.ts +5 -11
package/build/strategies/basic/basic.strategy.js +14 -19
package/build/strategies/basic/basic.types.d.ts +2 -2
package/build/strategies/{credential-based-auth.strategy.d.ts → credential-auth.strategy.d.ts} +15 -12
package/build/strategies/{credential-based-auth.strategy.js → credential-auth.strategy.js} +95 -46
package/build/strategies/index.d.ts +16 -0
package/build/strategies/index.js +32 -0
package/build/strategies/jwt/jwt.strategy.d.ts +17 -2
package/build/strategies/jwt/jwt.strategy.js +118 -57
package/build/strategies/jwt/jwt.tools.d.ts +7 -3
package/build/strategies/jwt/jwt.tools.js +80 -41
package/build/strategies/jwt/jwt.types.d.ts +3 -27
package/build/strategies/local/local.strategy.d.ts +3 -9
package/build/strategies/local/local.strategy.js +7 -58
package/build/strategies/local/local.types.d.ts +2 -2
package/build/strategies/oauth2/oauth2.strategy.d.ts +21 -7
package/build/strategies/oauth2/oauth2.strategy.js +158 -49
package/build/strategies/oauth2/oauth2.types.d.ts +8 -16
package/build/strategies/token-auth.strategy.d.ts +25 -0
package/build/strategies/token-auth.strategy.js +78 -0
package/build/tools/index.d.ts +3 -0
package/build/tools/index.js +19 -0
package/build/types.d.ts +87 -57
package/package.json +2 -1
package/build/strategies/token-based-auth.strategy.d.ts +0 -25
package/build/strategies/token-based-auth.strategy.js +0 -130

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@soapjs/soap-auth",
-  "version": "0.1.1",
+  "version": "0.3.0",
   "description": "",
   "homepage": "https://docs.soapjs.com",
   "repository": "https://github.com/soapjs/soap-auth",
@@ -28,6 +28,7 @@
     "axios": "^1.7.9",
     "bcrypt": "^5.1.1",
     "jsonwebtoken": "^9.0.2",
+    "jwks-rsa": "^3.1.0",
     "uuid": "^9.0.1"
   }
 }

package/build/strategies/token-based-auth.strategy.d.ts DELETED Viewed

@@ -1,25 +0,0 @@
-import * as Soap from "@soapjs/soap";
-import { AuthResult, TokenBasedAuthStrategyConfig } from "../types";
-import { BaseAuthStrategy } from "./base-auth.strategy";
-import { TokenConfig } from "../types";
-import { SessionHandler } from "../session/session-handler";
-export declare abstract class TokenBasedAuthStrategy<TContext = unknown, TUser = unknown> extends BaseAuthStrategy<TContext, TUser> {
-    protected config: TokenBasedAuthStrategyConfig<TContext, TUser>;
-    protected accessTokenConfig?: TokenConfig;
-    protected refreshTokenConfig?: TokenConfig;
-    protected session?: SessionHandler;
-    protected logger?: Soap.Logger;
-    constructor(config: TokenBasedAuthStrategyConfig<TContext, TUser>, accessTokenConfig?: TokenConfig, refreshTokenConfig?: TokenConfig, session?: SessionHandler, logger?: Soap.Logger);
-    protected retrieveUser(decodedToken: any): Promise<TUser | null>;
-    authenticate(context: TContext): Promise<AuthResult<TUser>>;
-    logout(context: TContext): Promise<void>;
-    generateTokens(user: TUser, context: TContext): Promise<{
-        accessToken: string;
-        refreshToken?: string;
-    }>;
-    rotateToken(context: TContext): Promise<{
-        accessToken: string;
-        refreshToken?: string;
-    }>;
-    isTokenExpired(token: string): Promise<boolean>;
-}

package/build/strategies/token-based-auth.strategy.js DELETED Viewed

@@ -1,130 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.TokenBasedAuthStrategy = void 0;
-const base_auth_strategy_1 = require("./base-auth.strategy");
-const errors_1 = require("../errors");
-class TokenBasedAuthStrategy extends base_auth_strategy_1.BaseAuthStrategy {
-    config;
-    accessTokenConfig;
-    refreshTokenConfig;
-    session;
-    logger;
-    constructor(config, accessTokenConfig, refreshTokenConfig, session, logger) {
-        super(config, session, logger);
-        this.config = config;
-        this.accessTokenConfig = accessTokenConfig;
-        this.refreshTokenConfig = refreshTokenConfig;
-        this.session = session;
-        this.logger = logger;
-    }
-    retrieveUser(decodedToken) {
-        return this.config.login.retrieveUserData(decodedToken);
-    }
-    async authenticate(context) {
-        try {
-            let accessToken = await this.accessTokenConfig.retrieve?.(context);
-            let refreshToken;
-            await this.checkRateLimit(context);
-            if (accessToken) {
-                try {
-                    const decoded = await this.accessTokenConfig.verify?.(accessToken);
-                    const user = await this.retrieveUser(decoded);
-                    if (!user) {
-                        throw new errors_1.UserNotFoundError();
-                    }
-                    await this.isAuthorized(user);
-                    return { user, tokens: { accessToken } };
-                }
-                catch (error) {
-                    this.logger?.warn("Access token is invalid or expired, trying refresh token...");
-                }
-            }
-            if (this.refreshTokenConfig) {
-                refreshToken = await this.refreshTokenConfig?.retrieve?.(context);
-                if (!refreshToken) {
-                    throw new errors_1.MissingTokenError("Refresh");
-                }
-                accessToken = await this.refreshTokenConfig?.rotate?.(refreshToken);
-                if (!accessToken) {
-                    throw new errors_1.MissingTokenError("Access");
-                }
-            }
-            this.accessTokenConfig.embed?.(context, accessToken);
-            const decoded = await this.accessTokenConfig.verify?.(accessToken);
-            const user = await this.retrieveUser(decoded);
-            if (!user) {
-                throw new errors_1.UserNotFoundError();
-            }
-            await this.isAuthorized(user);
-            return { user, tokens: { accessToken, refreshToken } };
-        }
-        catch (error) {
-            this.logger?.error("Authentication failed:", error);
-            throw new errors_1.AuthError(error, "Authentication failed.");
-        }
-    }
-    async logout(context) {
-        try {
-            await this.accessTokenConfig.remove?.(context);
-            if (this.refreshTokenConfig) {
-                await this.refreshTokenConfig.remove?.(context);
-            }
-            await this.config.logout.onSuccess?.(context);
-            this.logger?.info("User logged out successfully.");
-        }
-        catch (error) {
-            this.logger?.error("Error during logout:", error);
-            await this.config.logout.onFailure?.({ context, error });
-            throw new errors_1.AuthError(error, "Logout process failed.");
-        }
-    }
-    async generateTokens(user, context) {
-        const payload = { userId: user.id, roles: user.roles };
-        const accessToken = this.accessTokenConfig.generate?.(payload);
-        if (!accessToken)
-            throw new Error("Failed to generate access token.");
-        await this.accessTokenConfig.store?.(accessToken, user, +this.accessTokenConfig.expiresIn);
-        this.accessTokenConfig.embed?.(context, accessToken);
-        let refreshToken;
-        if (this.refreshTokenConfig) {
-            refreshToken = this.refreshTokenConfig.generate?.(payload);
-            if (refreshToken) {
-                await this.refreshTokenConfig.store?.(refreshToken, user, +this.refreshTokenConfig.expiresIn);
-                this.refreshTokenConfig.embed?.(context, refreshToken);
-            }
-        }
-        return { accessToken, refreshToken };
-    }
-    async rotateToken(context) {
-        try {
-            if (!this.refreshTokenConfig) {
-                throw new Error("Refresh token handler is not configured.");
-            }
-            const refreshToken = await this.refreshTokenConfig.retrieve?.(context);
-            if (!refreshToken) {
-                throw new errors_1.MissingTokenError("Refresh");
-            }
-            const newAccessToken = await this.refreshTokenConfig.rotate?.(refreshToken);
-            this.accessTokenConfig.embed?.(context, newAccessToken);
-            return { accessToken: newAccessToken, refreshToken };
-        }
-        catch (error) {
-            this.logger?.error("Token rotation failed:", error);
-            throw new errors_1.InvalidTokenError("Refresh");
-        }
-    }
-    async isTokenExpired(token) {
-        try {
-            const decoded = JSON.parse(Buffer.from(token.split(".")[1], "base64").toString());
-            if (!decoded.exp)
-                return false;
-            const currentTime = Math.floor(Date.now() / 1000);
-            return decoded.exp < currentTime;
-        }
-        catch (error) {
-            this.logger?.warn("Failed to decode token:", error);
-            return false;
-        }
-    }
-}
-exports.TokenBasedAuthStrategy = TokenBasedAuthStrategy;