npm - @soapjs/soap-auth - Versions diffs - 0.3.2 → 0.4.0 - Mend

@soapjs/soap-auth 0.3.2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/build/strategies/oauth2/providers/__tests__/social-providers.test.js ADDED Viewed

@@ -0,0 +1,201 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const google_strategy_1 = require("../google.strategy");
+const github_strategy_1 = require("../github.strategy");
+const facebook_strategy_1 = require("../facebook.strategy");
+const mockFetch = jest.fn();
+global.fetch = mockFetch;
+const baseConfig = {
+    clientId: "client-id",
+    clientSecret: "client-secret",
+    redirectUri: "https://example.com/callback",
+};
+function makeMockCtx() {
+    return {
+        req: {
+            method: "GET",
+            path: "/callback",
+            headers: { authorization: "Bearer test-token" },
+            query: { code: "auth-code", state: "csrf-state" },
+            cookies: {},
+        },
+        res: {
+            status: jest.fn().mockReturnThis(),
+            json: jest.fn().mockReturnThis(),
+            setHeader: jest.fn().mockReturnThis(),
+            cookie: jest.fn().mockReturnThis(),
+            redirect: jest.fn(),
+        },
+        next: jest.fn(),
+    };
+}
+function mockFetchOk(body) {
+    mockFetch.mockResolvedValueOnce({
+        ok: true,
+        json: async () => body,
+    });
+}
+describe("GoogleStrategy", () => {
+    afterEach(() => jest.clearAllMocks());
+    it("has name 'google'", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        expect(strategy.name).toBe("google");
+    });
+    it("maps Google profile to AuthUser", async () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const googleProfile = {
+            sub: "google-sub-123",
+            email: "user@gmail.com",
+            name: "Test User",
+            picture: "https://example.com/pic.jpg",
+            email_verified: true,
+        };
+        mockFetchOk(googleProfile);
+        const user = await strategy.fetchUser("test-access-token");
+        expect(user).toMatchObject({
+            id: "google-sub-123",
+            email: "user@gmail.com",
+            username: "Test User",
+            picture: "https://example.com/pic.jpg",
+            emailVerified: true,
+        });
+    });
+    it("calls validateUser when provided", async () => {
+        const validateUser = jest.fn().mockResolvedValue({ id: "custom-id", email: "x@x.com" });
+        const strategy = new google_strategy_1.GoogleStrategy({ ...baseConfig, user: { fetchUser: jest.fn(), validateUser } });
+        mockFetchOk({ sub: "sub123", email: "raw@gmail.com" });
+        const user = await strategy.fetchUser("token");
+        expect(validateUser).toHaveBeenCalledWith(expect.objectContaining({ sub: "sub123" }));
+        expect(user).toMatchObject({ id: "custom-id" });
+    });
+    it("returns null when fetch fails", async () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        mockFetch.mockResolvedValueOnce({ ok: false, status: 401 });
+        const user = await strategy.fetchUser("bad-token");
+        expect(user).toBeNull();
+    });
+    it("uses openid+email+profile scope by default", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        expect(strategy.config.scope).toContain("openid");
+    });
+    it("respects custom scope", () => {
+        const strategy = new google_strategy_1.GoogleStrategy({ ...baseConfig, scope: ["openid"] });
+        expect(strategy.config.scope).toEqual(["openid"]);
+    });
+});
+describe("GitHubStrategy", () => {
+    afterEach(() => jest.clearAllMocks());
+    it("has name 'github'", () => {
+        expect(new github_strategy_1.GitHubStrategy(baseConfig).name).toBe("github");
+    });
+    it("maps GitHub profile to AuthUser", async () => {
+        const strategy = new github_strategy_1.GitHubStrategy(baseConfig);
+        mockFetchOk({
+            id: 12345,
+            login: "octocat",
+            email: "octocat@github.com",
+            name: "The Octocat",
+            avatar_url: "https://github.com/avatar.png",
+        });
+        const user = await strategy.fetchUser("token");
+        expect(user).toMatchObject({
+            id: 12345,
+            email: "octocat@github.com",
+            username: "octocat",
+            name: "The Octocat",
+            avatarUrl: "https://github.com/avatar.png",
+        });
+    });
+    it("returns null when fetch fails", async () => {
+        const strategy = new github_strategy_1.GitHubStrategy(baseConfig);
+        mockFetch.mockResolvedValueOnce({ ok: false, status: 403 });
+        expect(await strategy.fetchUser("bad")).toBeNull();
+    });
+});
+describe("FacebookStrategy", () => {
+    afterEach(() => jest.clearAllMocks());
+    it("has name 'facebook'", () => {
+        expect(new facebook_strategy_1.FacebookStrategy(baseConfig).name).toBe("facebook");
+    });
+    it("maps Facebook profile to AuthUser", async () => {
+        const strategy = new facebook_strategy_1.FacebookStrategy(baseConfig);
+        mockFetchOk({
+            id: "fb-id-456",
+            name: "FB User",
+            email: "fb@facebook.com",
+            picture: { data: { url: "https://fb.com/pic.jpg" } },
+        });
+        const user = await strategy.fetchUser("token");
+        expect(user).toMatchObject({
+            id: "fb-id-456",
+            email: "fb@facebook.com",
+            username: "FB User",
+            picture: "https://fb.com/pic.jpg",
+        });
+    });
+    it("returns null on Facebook API error", async () => {
+        const strategy = new facebook_strategy_1.FacebookStrategy(baseConfig);
+        mockFetchOk({ error: { message: "Invalid token", code: 190 } });
+        expect(await strategy.fetchUser("token")).toBeNull();
+    });
+    it("returns null when fetch fails", async () => {
+        const strategy = new facebook_strategy_1.FacebookStrategy(baseConfig);
+        mockFetch.mockResolvedValueOnce({ ok: false, status: 401 });
+        expect(await strategy.fetchUser("bad")).toBeNull();
+    });
+});
+describe("HttpOAuth2Strategy — HTTP plumbing", () => {
+    afterEach(() => jest.clearAllMocks());
+    it("extracts access token from Authorization header", async () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        const token = await strategy.extractAccessToken(ctx);
+        expect(token).toBe("test-token");
+    });
+    it("extracts access token from cookie when no header", async () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        ctx.req.headers = {};
+        ctx.req.cookies = { access_token: "cookie-token" };
+        const token = await strategy.extractAccessToken(ctx);
+        expect(token).toBe("cookie-token");
+    });
+    it("extracts refresh token from cookie", async () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        ctx.req.cookies = { refresh_token: "rt-abc" };
+        const rt = await strategy.extractRefreshToken(ctx);
+        expect(rt).toBe("rt-abc");
+    });
+    it("extracts authorization code from query", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        expect(strategy.extractAuthorizationCode(ctx)).toBe("auth-code");
+    });
+    it("embeds access token as Authorization header", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        strategy.embedAccessToken("new-token", ctx);
+        expect(ctx.res.setHeader).toHaveBeenCalledWith("Authorization", "Bearer new-token");
+    });
+    it("embeds refresh token as httpOnly cookie", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        strategy.embedRefreshToken("rt-new", ctx);
+        expect(ctx.res.cookie).toHaveBeenCalledWith("refresh_token", "rt-new", expect.objectContaining({ httpOnly: true, secure: true }));
+    });
+    it("redirects via res.redirect when available", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        strategy.redirectUser(ctx, "https://accounts.google.com/auth");
+        expect(ctx.res.redirect).toHaveBeenCalledWith("https://accounts.google.com/auth");
+    });
+    it("falls back to Location header when res.redirect is missing", () => {
+        const strategy = new google_strategy_1.GoogleStrategy(baseConfig);
+        const ctx = makeMockCtx();
+        delete ctx.res.redirect;
+        strategy.redirectUser(ctx, "https://accounts.google.com/auth");
+        expect(ctx.res.setHeader).toHaveBeenCalledWith("Location", "https://accounts.google.com/auth");
+        expect(ctx.res.status).toHaveBeenCalledWith(302);
+    });
+});

package/build/strategies/oauth2/providers/facebook.strategy.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import * as Soap from "@soapjs/soap";
+import { SessionHandler } from "../../../session/session-handler";
+import { JwtStrategy } from "../../jwt/jwt.strategy";
+import { HttpOAuth2Strategy } from "./http-oauth2.strategy";
+import { SocialProviderConfig } from "./provider.types";
+export type FacebookStrategyConfig<TUser extends Soap.AuthUser = Soap.AuthUser> = SocialProviderConfig<TUser>;
+export declare class FacebookStrategy<TUser extends Soap.AuthUser = Soap.AuthUser> extends HttpOAuth2Strategy<TUser> {
+    readonly name = "facebook";
+    constructor(config: FacebookStrategyConfig<TUser>, session?: SessionHandler, jwt?: JwtStrategy<Soap.HttpContext, TUser>, logger?: Soap.Logger);
+    protected fetchUser(accessToken: string): Promise<TUser | null>;
+}

package/build/strategies/oauth2/providers/facebook.strategy.js ADDED Viewed

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FacebookStrategy = void 0;
+const http_oauth2_strategy_1 = require("./http-oauth2.strategy");
+const FACEBOOK_API_VERSION = "v19.0";
+const FACEBOOK_ENDPOINTS = {
+    authorizationUrl: "https://www.facebook.com/dialog/oauth",
+    tokenUrl: `https://graph.facebook.com/${FACEBOOK_API_VERSION}/oauth/access_token`,
+    userInfoUrl: `https://graph.facebook.com/${FACEBOOK_API_VERSION}/me`,
+    revocationUrl: `https://graph.facebook.com/${FACEBOOK_API_VERSION}/me/permissions`,
+};
+const FACEBOOK_FIELDS = "id,name,email,picture";
+class FacebookStrategy extends http_oauth2_strategy_1.HttpOAuth2Strategy {
+    name = "facebook";
+    constructor(config, session, jwt, logger) {
+        super({
+            grantType: "authorization_code",
+            scope: config.scope ?? ["email", "public_profile"],
+            routes: {
+                login: { path: "/auth/facebook", method: "GET" },
+                callback: { path: "/auth/facebook/callback", method: "GET" },
+                logout: { path: "/auth/facebook/logout", method: "POST" },
+                ...config.routes,
+            },
+            ...config,
+            endpoints: { ...FACEBOOK_ENDPOINTS, ...config.endpoints },
+        }, session, jwt, logger);
+    }
+    async fetchUser(accessToken) {
+        try {
+            const url = new URL(FACEBOOK_ENDPOINTS.userInfoUrl);
+            url.searchParams.set("fields", FACEBOOK_FIELDS);
+            url.searchParams.set("access_token", accessToken);
+            const response = await fetch(url.toString());
+            if (!response.ok)
+                return null;
+            const profile = await response.json();
+            if (profile.error) {
+                this.logger?.error("Facebook API error:", profile.error);
+                return null;
+            }
+            if (this.config.user?.validateUser) {
+                return this.config.user.validateUser(profile);
+            }
+            return {
+                id: profile.id,
+                email: profile.email,
+                username: profile.name,
+                picture: profile.picture?.data?.url,
+            };
+        }
+        catch (error) {
+            this.logger?.error("FacebookStrategy.fetchUser failed:", error);
+            return null;
+        }
+    }
+}
+exports.FacebookStrategy = FacebookStrategy;

package/build/strategies/oauth2/providers/github.strategy.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import * as Soap from "@soapjs/soap";
+import { SessionHandler } from "../../../session/session-handler";
+import { JwtStrategy } from "../../jwt/jwt.strategy";
+import { HttpOAuth2Strategy } from "./http-oauth2.strategy";
+import { SocialProviderConfig } from "./provider.types";
+export type GitHubStrategyConfig<TUser extends Soap.AuthUser = Soap.AuthUser> = SocialProviderConfig<TUser>;
+export declare class GitHubStrategy<TUser extends Soap.AuthUser = Soap.AuthUser> extends HttpOAuth2Strategy<TUser> {
+    readonly name = "github";
+    constructor(config: GitHubStrategyConfig<TUser>, session?: SessionHandler, jwt?: JwtStrategy<Soap.HttpContext, TUser>, logger?: Soap.Logger);
+    protected fetchUser(accessToken: string): Promise<TUser | null>;
+}

package/build/strategies/oauth2/providers/github.strategy.js ADDED Viewed

@@ -0,0 +1,56 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitHubStrategy = void 0;
+const http_oauth2_strategy_1 = require("./http-oauth2.strategy");
+const GITHUB_ENDPOINTS = {
+    authorizationUrl: "https://github.com/login/oauth/authorize",
+    tokenUrl: "https://github.com/login/oauth/access_token",
+    userInfoUrl: "https://api.github.com/user",
+    revocationUrl: "https://api.github.com/applications/{client_id}/token",
+};
+class GitHubStrategy extends http_oauth2_strategy_1.HttpOAuth2Strategy {
+    name = "github";
+    constructor(config, session, jwt, logger) {
+        super({
+            grantType: "authorization_code",
+            scope: config.scope ?? ["read:user", "user:email"],
+            routes: {
+                login: { path: "/auth/github", method: "GET" },
+                callback: { path: "/auth/github/callback", method: "GET" },
+                logout: { path: "/auth/github/logout", method: "POST" },
+                ...config.routes,
+            },
+            ...config,
+            endpoints: { ...GITHUB_ENDPOINTS, ...config.endpoints },
+        }, session, jwt, logger);
+    }
+    async fetchUser(accessToken) {
+        try {
+            const response = await fetch(GITHUB_ENDPOINTS.userInfoUrl, {
+                headers: {
+                    Authorization: `Bearer ${accessToken}`,
+                    Accept: "application/vnd.github+json",
+                    "X-GitHub-Api-Version": "2022-11-28",
+                },
+            });
+            if (!response.ok)
+                return null;
+            const profile = await response.json();
+            if (this.config.user?.validateUser) {
+                return this.config.user.validateUser(profile);
+            }
+            return {
+                id: profile.id,
+                email: profile.email,
+                username: profile.login,
+                name: profile.name,
+                avatarUrl: profile.avatar_url,
+            };
+        }
+        catch (error) {
+            this.logger?.error("GitHubStrategy.fetchUser failed:", error);
+            return null;
+        }
+    }
+}
+exports.GitHubStrategy = GitHubStrategy;

package/build/strategies/oauth2/providers/google.strategy.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import * as Soap from "@soapjs/soap";
+import { SessionHandler } from "../../../session/session-handler";
+import { JwtStrategy } from "../../jwt/jwt.strategy";
+import { HttpOAuth2Strategy } from "./http-oauth2.strategy";
+import { SocialProviderConfig } from "./provider.types";
+export type GoogleStrategyConfig<TUser extends Soap.AuthUser = Soap.AuthUser> = SocialProviderConfig<TUser>;
+export declare class GoogleStrategy<TUser extends Soap.AuthUser = Soap.AuthUser> extends HttpOAuth2Strategy<TUser> {
+    readonly name = "google";
+    constructor(config: GoogleStrategyConfig<TUser>, session?: SessionHandler, jwt?: JwtStrategy<Soap.HttpContext, TUser>, logger?: Soap.Logger);
+    protected fetchUser(accessToken: string): Promise<TUser | null>;
+}

package/build/strategies/oauth2/providers/google.strategy.js ADDED Viewed

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GoogleStrategy = void 0;
+const http_oauth2_strategy_1 = require("./http-oauth2.strategy");
+const GOOGLE_ENDPOINTS = {
+    authorizationUrl: "https://accounts.google.com/o/oauth2/v2/auth",
+    tokenUrl: "https://oauth2.googleapis.com/token",
+    userInfoUrl: "https://openidconnect.googleapis.com/v1/userinfo",
+    revocationUrl: "https://oauth2.googleapis.com/revoke",
+};
+class GoogleStrategy extends http_oauth2_strategy_1.HttpOAuth2Strategy {
+    name = "google";
+    constructor(config, session, jwt, logger) {
+        super({
+            grantType: "authorization_code",
+            scope: config.scope ?? ["openid", "email", "profile"],
+            routes: {
+                login: { path: "/auth/google", method: "GET" },
+                callback: { path: "/auth/google/callback", method: "GET" },
+                logout: { path: "/auth/google/logout", method: "POST" },
+                ...config.routes,
+            },
+            ...config,
+            endpoints: { ...GOOGLE_ENDPOINTS, ...config.endpoints },
+        }, session, jwt, logger);
+    }
+    async fetchUser(accessToken) {
+        try {
+            const response = await fetch(GOOGLE_ENDPOINTS.userInfoUrl, {
+                headers: { Authorization: `Bearer ${accessToken}` },
+            });
+            if (!response.ok)
+                return null;
+            const profile = await response.json();
+            if (this.config.user?.validateUser) {
+                return this.config.user.validateUser(profile);
+            }
+            return {
+                id: profile.sub,
+                email: profile.email,
+                username: profile.name,
+                picture: profile.picture,
+                emailVerified: profile.email_verified,
+            };
+        }
+        catch (error) {
+            this.logger?.error("GoogleStrategy.fetchUser failed:", error);
+            return null;
+        }
+    }
+}
+exports.GoogleStrategy = GoogleStrategy;

package/build/strategies/oauth2/providers/http-oauth2.strategy.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import * as Soap from "@soapjs/soap";
+import { OAuth2Strategy } from "../oauth2.strategy";
+import { OAuth2StrategyConfig } from "../oauth2.types";
+import { SessionHandler } from "../../../session/session-handler";
+import { JwtStrategy } from "../../jwt/jwt.strategy";
+export declare abstract class HttpOAuth2Strategy<TUser extends Soap.AuthUser = Soap.AuthUser> extends OAuth2Strategy<Soap.HttpContext, TUser> {
+    constructor(config: OAuth2StrategyConfig<Soap.HttpContext, TUser>, session?: SessionHandler, jwt?: JwtStrategy<Soap.HttpContext, TUser>, logger?: Soap.Logger);
+    protected extractAccessToken(ctx: Soap.HttpContext): Promise<string | undefined>;
+    protected extractRefreshToken(ctx: Soap.HttpContext): Promise<string | undefined>;
+    protected storeAccessToken(_token: string, _ctx: Soap.HttpContext): Promise<void>;
+    protected storeRefreshToken(_token: string, _ctx: Soap.HttpContext): Promise<void>;
+    protected embedAccessToken(token: string, ctx: Soap.HttpContext): void;
+    protected embedRefreshToken(token: string, ctx: Soap.HttpContext): void;
+    protected extractAuthorizationCode(ctx: Soap.HttpContext): string | null;
+    protected redirectUser(ctx: Soap.HttpContext, authUrl: string): void;
+}

package/build/strategies/oauth2/providers/http-oauth2.strategy.js ADDED Viewed

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpOAuth2Strategy = void 0;
+const oauth2_strategy_1 = require("../oauth2.strategy");
+class HttpOAuth2Strategy extends oauth2_strategy_1.OAuth2Strategy {
+    constructor(config, session, jwt, logger) {
+        super(config, session, jwt, logger);
+    }
+    extractAccessToken(ctx) {
+        const auth = ctx.req.headers?.authorization;
+        if (typeof auth === "string" && auth.startsWith("Bearer ")) {
+            return Promise.resolve(auth.slice(7));
+        }
+        return Promise.resolve(ctx.req.cookies?.access_token);
+    }
+    extractRefreshToken(ctx) {
+        return Promise.resolve(ctx.req.cookies?.refresh_token);
+    }
+    storeAccessToken(_token, _ctx) {
+        return Promise.resolve();
+    }
+    storeRefreshToken(_token, _ctx) {
+        return Promise.resolve();
+    }
+    embedAccessToken(token, ctx) {
+        ctx.res.setHeader("Authorization", `Bearer ${token}`);
+    }
+    embedRefreshToken(token, ctx) {
+        ctx.res.cookie("refresh_token", token, {
+            httpOnly: true,
+            secure: true,
+            sameSite: "lax",
+            maxAge: 30 * 24 * 60 * 60 * 1000,
+        });
+    }
+    extractAuthorizationCode(ctx) {
+        return ctx.req.query?.code ?? null;
+    }
+    redirectUser(ctx, authUrl) {
+        if (typeof ctx.res.redirect === "function") {
+            ctx.res.redirect(authUrl);
+        }
+        else {
+            ctx.res.setHeader("Location", authUrl);
+            ctx.res.status(302).json({ message: "Redirecting", location: authUrl });
+        }
+    }
+}
+exports.HttpOAuth2Strategy = HttpOAuth2Strategy;

package/build/strategies/oauth2/providers/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export * from "./http-oauth2.strategy";
+export * from "./google.strategy";
+export * from "./github.strategy";
+export * from "./facebook.strategy";
+export * from "./provider.types";

package/build/strategies/oauth2/providers/index.js ADDED Viewed

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./http-oauth2.strategy"), exports);
+__exportStar(require("./google.strategy"), exports);
+__exportStar(require("./github.strategy"), exports);
+__exportStar(require("./facebook.strategy"), exports);
+__exportStar(require("./provider.types"), exports);

package/build/strategies/oauth2/providers/provider.types.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import * as Soap from "@soapjs/soap";
+import { OAuth2StrategyConfig, OAuth2Endpoints } from "../oauth2.types";
+export interface SocialProviderConfig<TUser extends Soap.AuthUser = Soap.AuthUser> extends Omit<OAuth2StrategyConfig<Soap.HttpContext, TUser>, "endpoints" | "grantType" | "routes"> {
+    grantType?: "authorization_code";
+    endpoints?: Partial<OAuth2Endpoints>;
+    routes?: OAuth2StrategyConfig<Soap.HttpContext, TUser>["routes"];
+}

package/build/strategies/oauth2/providers/provider.types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/build/strategies/token-auth.strategy.d.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 import * as Soap from "@soapjs/soap";
-import { AuthResult, TokenAuthStrategyConfig } from "../types";
+import { TokenAuthStrategyConfig } from "../types";
 import { BaseAuthStrategy } from "./base-auth.strategy";
 import { SessionHandler } from "../session/session-handler";
-export declare abstract class TokenAuthStrategy<TContext = unknown, TUser = unknown> extends BaseAuthStrategy<TContext, TUser> {
+export declare abstract class TokenAuthStrategy<TContext = Soap.HttpContext, TUser extends Soap.AuthUser = Soap.AuthUser> extends BaseAuthStrategy<TContext, TUser> {
     protected config: TokenAuthStrategyConfig<TContext, TUser>;
     protected session?: SessionHandler;
     protected logger?: Soap.Logger;
@@ -20,9 +20,9 @@ export declare abstract class TokenAuthStrategy<TContext = unknown, TUser = unkn
     protected abstract embedAccessToken(token: string, context: TContext): void;
     protected abstract embedRefreshToken(token: string, context: TContext): void;
     protected fetchUser(payload: unknown): Promise<TUser | null>;
-    authenticate(context: TContext): Promise<AuthResult<TUser>>;
+    authenticate(context: TContext): Promise<Soap.AuthResult<TUser> | null>;
     private verifyAndFetchUser;
-    refreshTokens(context: TContext, existingUser?: TUser): Promise<AuthResult<TUser>>;
+    refreshTokens(context: TContext, existingUser?: TUser): Promise<Soap.AuthResult<TUser>>;
     issueTokens(user: TUser, context: TContext, rotate?: boolean): Promise<{
         accessToken: string;
         refreshToken: any;

package/build/strategies/token-auth.strategy.js CHANGED Viewed

@@ -145,12 +145,11 @@ class TokenAuthStrategy extends base_auth_strategy_1.BaseAuthStrategy {
             const accessToken = await this.generateAccessToken(user, context);
             let refreshToken;
             if (this.config.refreshToken) {
-                refreshToken = await this.generateRefreshToken(user, context);
-                if (rotate && this.config?.refreshToken?.rotation) {
+                if (rotate && this.config.refreshToken.rotation) {
                     const oldRefreshToken = this.extractRefreshToken(context);
                     refreshToken = await this.rotateToken(oldRefreshToken, user, context);
                 }
-                else if (this.generateRefreshToken) {
+                else {
                     refreshToken = await this.generateRefreshToken(user, context);
                 }
             }

package/build/tools/tools.js CHANGED Viewed

@@ -4,10 +4,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.generateRandomString = exports.resolveConfig = exports.generateUUID = void 0;
-const uuid_1 = require("uuid");
 const crypto_1 = __importDefault(require("crypto"));
 const generateUUID = async () => {
-    return Promise.resolve((0, uuid_1.v4)());
+    return Promise.resolve(crypto_1.default.randomUUID());
 };
 exports.generateUUID = generateUUID;
 function resolveConfig(strategyConfig, globalConfig) {