@soapjs/soap-auth 0.4.0 → 0.4.4

package/build/strategies/jwt/jwt.strategy.js

@@ -105,12 +105,12 @@ class JwtStrategy extends token_auth_strategy_1.TokenAuthStrategy {
         return Promise.resolve(jwt_tools_1.JwtTools.generateRefreshToken(payload, this.refreshTokenConfig));
     }
     async storeAccessToken(token) {
-        if (this.accessTokenConfig.persistence.store) {
+        if (this.accessTokenConfig.persistence?.store) {
             await this.accessTokenConfig.persistence.store(token, null, this.accessTokenConfig.issuer.options.expiresIn);
         }
     }
     async storeRefreshToken(token) {
-        if (this.refreshTokenConfig.persistence.store) {
+        if (this.refreshTokenConfig?.persistence?.store) {
             await this.refreshTokenConfig.persistence.store(token, null, this.refreshTokenConfig.issuer.options.expiresIn);
         }
     }
@@ -141,6 +141,9 @@ class JwtStrategy extends token_auth_strategy_1.TokenAuthStrategy {
         }
     }
     extractRefreshToken(context) {
+        if (!this.refreshTokenConfig) {
+            return undefined;
+        }
         if (this.refreshTokenConfig.extract) {
             return this.refreshTokenConfig.extract(context);
         }
@@ -161,7 +164,7 @@ class JwtStrategy extends token_auth_strategy_1.TokenAuthStrategy {
     async invalidateRefreshToken(token, context) {
         const refreshToken = token || (await this.extractRefreshToken(context));
         if (refreshToken) {
-            await this.refreshTokenConfig.persistence?.remove?.(refreshToken);
+            await this.refreshTokenConfig?.persistence?.remove?.(refreshToken);
             if (context) {
                 jwt_tools_1.JwtTools.clearDefaultJwtCookie(context);
                 jwt_tools_1.JwtTools.clearDefaultJwtHeader(context);

package/build/strategies/jwt/jwt.tools.js

@@ -88,6 +88,7 @@ class JwtTools {
         return context.req.cookies?.refreshToken;
     }
     static prepareAccessTokenConfig = (config) => {
+        const verifierOptions = config.verifier?.options ?? {};
         return Soap.removeUndefinedProperties({
             ...config,
             issuer: {
@@ -101,14 +102,15 @@ class JwtTools {
             verifier: {
                 ...config.verifier,
                 options: {
-                    ...config.verifier.options,
-                    algorithms: config.verifier.options.algorithms || ["HS256"],
-                    expiresIn: config.verifier.options.expiresIn || "1h",
+                    ...verifierOptions,
+                    algorithms: verifierOptions.algorithms || ["HS256"],
+                    expiresIn: verifierOptions.expiresIn || "1h",
                 },
             },
         });
     };
     static prepareRefreshTokenConfig = (config) => {
+        const verifierOptions = config.verifier?.options ?? {};
         return Soap.removeUndefinedProperties({
             ...config,
             issuer: {
@@ -122,9 +124,9 @@ class JwtTools {
             verifier: {
                 ...config.verifier,
                 options: {
-                    ...config.verifier.options,
-                    algorithms: config.verifier.options.algorithms || ["HS256"],
-                    expiresIn: config.verifier.options.expiresIn || "7d",
+                    ...verifierOptions,
+                    algorithms: verifierOptions.algorithms || ["HS256"],
+                    expiresIn: verifierOptions.expiresIn || "7d",
                 },
             },
         });

package/build/strategies/local/local.strategy.d.ts

@@ -15,9 +15,9 @@ export declare class LocalStrategy<TContext = Soap.HttpContext, TUser extends So
         password: string;
     }>;
     protected verifyCredentials(identifier: string, password: string): Promise<boolean>;
-    protected fetchUser(credentials: {
+    protected fetchUser(identifierOrCredentials: string | {
         identifier: string;
-        password: string;
+        password?: string;
     }): Promise<TUser | null>;
     changePassword(context: TContext): Promise<void>;
 }

package/build/strategies/local/local.strategy.js

@@ -61,13 +61,13 @@ class LocalStrategy extends credential_auth_strategy_1.CredentialAuthStrategy {
         validation_1.ValidationUtils.nonEmptyString(password, "password");
         return this.config.credentials.verifyCredentials(identifier, password);
     }
-    async fetchUser(credentials) {
-        validation_1.ValidationUtils.required(credentials, "credentials");
-        if (credentials && typeof credentials === "object" && !Array.isArray(credentials)) {
-            validation_1.ValidationUtils.nonEmptyString(credentials.identifier, "credentials.identifier");
-            validation_1.ValidationUtils.nonEmptyString(credentials.password, "credentials.password");
-        }
-        return this.config.user.fetchUser(credentials.identifier);
+    async fetchUser(identifierOrCredentials) {
+        validation_1.ValidationUtils.required(identifierOrCredentials, "identifier");
+        const identifier = typeof identifierOrCredentials === "string"
+            ? identifierOrCredentials
+            : identifierOrCredentials?.identifier;
+        validation_1.ValidationUtils.nonEmptyString(identifier, "identifier");
+        return this.config.user.fetchUser(identifier);
     }
     async changePassword(context) {
         try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@soapjs/soap-auth",
-  "version": "0.4.0",
+  "version": "0.4.4",
   "description": "",
   "homepage": "https://docs.soapjs.com",
   "repository": "https://github.com/soapjs/soap-auth",
@@ -15,14 +15,14 @@
     "prepublish": "npm run clean && tsc --project tsconfig.build.json"
   },
   "devDependencies": {
-    "@soapjs/soap": "^0.9.0",
+    "@soapjs/soap": "^0.12.0",
     "@types/jest": "^27.0.3",
     "jest": "^27.4.5",
     "ts-jest": "^27.1.3",
     "typescript": "^4.8.2"
   },
   "peerDependencies": {
-    "@soapjs/soap": ">=0.8.0"
+    "@soapjs/soap": ">=0.12.0"
   },
   "engines": {
     "node": ">=18.0.0"

package/build/__tests__/soap-auth.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/__tests__/soap-auth.test.js

@@ -1,136 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const globals_1 = require("@jest/globals");
-const soap_auth_1 = require("../soap-auth");
-const memory_session_store_1 = require("../session/memory.session-store");
-describe("SoapAuth", () => {
-    let soapAuth;
-    const mockLogger = { error: globals_1.jest.fn(), info: globals_1.jest.fn() };
-    const mockStrategy = {
-        authenticate: globals_1.jest.fn(),
-        init: globals_1.jest.fn(),
-        logout: globals_1.jest.fn(),
-    };
-    beforeEach(() => {
-        globals_1.jest.clearAllMocks();
-        soapAuth = new soap_auth_1.SoapAuth({ logger: mockLogger });
-    });
-    test("addStrategy should add a valid strategy", () => {
-        expect(() => soapAuth.addStrategy(mockStrategy, "jwt", "http")).not.toThrow();
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(true);
-    });
-    test("addStrategy should throw error if strategy is invalid", () => {
-        expect(() => soapAuth.addStrategy({}, "invalid", "http")).toThrow("Invalid authentication strategy: does not implement required methods.");
-    });
-    test("removeStrategy should remove an existing strategy", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(true);
-        soapAuth.removeStrategy("jwt", "http");
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(false);
-    });
-    test("getStrategy should return an existing strategy", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        expect(soapAuth.getStrategy("jwt", "http")).toBe(mockStrategy);
-    });
-    test("getStrategy should throw an error if strategy does not exist", () => {
-        expect(() => soapAuth.getStrategy("nonexistent", "http")).toThrow('Authentication strategy "nonexistent" not found.');
-    });
-    test("listStrategies should return all registered strategy names", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        soapAuth.addStrategy(mockStrategy, "oauth", "http");
-        expect(soapAuth.listStrategies("http")).toEqual(["jwt", "oauth"]);
-    });
-});
-describe("SoapAuth.create()", () => {
-    const mockLogger = { error: globals_1.jest.fn(), info: globals_1.jest.fn(), warn: globals_1.jest.fn() };
-    const apiKeyConfig = {
-        keyType: "session",
-        extractApiKey: (ctx) => ctx?.headers?.["x-api-key"],
-        retrieveUserByApiKey: async (_key) => ({ id: "1", email: "test@test.com" }),
-    };
-    const jwtConfig = {
-        accessToken: {
-            issuer: {
-                secretKey: "test-secret-key-for-tests",
-                options: { expiresIn: "1h" },
-            },
-            verifier: { options: {} },
-        },
-        routes: {
-            login: { path: "/auth/jwt/login", method: "POST" },
-            logout: { path: "/auth/jwt/logout", method: "POST" },
-        },
-    };
-    const localConfig = {
-        credentials: {
-            extractCredentials: (ctx) => ({
-                identifier: ctx?.body?.username,
-                password: ctx?.body?.password,
-            }),
-            verifyCredentials: async (_id, _pwd) => true,
-        },
-        user: { fetchUser: async (_id) => ({ id: "1", email: "u@test.com" }) },
-        routes: {
-            login: { path: "/auth/login", method: "POST" },
-            logout: { path: "/auth/logout", method: "POST" },
-        },
-    };
-    test("registers api-key strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { apiKey: apiKeyConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("api-key", "http")).toBe(true);
-    });
-    test("registers jwt as standalone HTTP strategy from http.jwt", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { jwt: jwtConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("jwt", "http")).toBe(true);
-    });
-    test("registers local strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-    test("registers multiple HTTP strategies simultaneously", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { apiKey: apiKeyConfig, jwt: jwtConfig, local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("api-key", "http")).toBe(true);
-        expect(auth.hasStrategy("jwt", "http")).toBe(true);
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-    test("registers custom strategies from config", async () => {
-        const customStrategy = { name: "custom", authenticate: globals_1.jest.fn() };
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { custom: { myStrategy: customStrategy } },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("myStrategy", "http")).toBe(true);
-    });
-    test("registers socket JWT strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            socket: { jwt: jwtConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("jwt", "socket")).toBe(true);
-    });
-    test("returns empty SoapAuth when no strategy configs provided", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({ logger: mockLogger });
-        expect(auth.listStrategies("http")).toEqual([]);
-    });
-    test("uses session handler when session config provided", async () => {
-        const store = new memory_session_store_1.MemorySessionStore();
-        const auth = await soap_auth_1.SoapAuth.create({
-            session: { secret: "test-secret", store, getSessionId: () => "sid" },
-            http: { local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-});

package/build/services/__tests__/account-lock.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/account-lock.service.test.js

@@ -1,55 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const account_lock_service_1 = require("../account-lock.service");
-const mockConfig = {
-    isAccountLocked: jest.fn(),
-    lockAccount: jest.fn(),
-    hasAccountLockExpired: jest.fn(),
-    removeAccountLock: jest.fn(),
-    logFailedAttempt: jest.fn(),
-    notifyOnLockout: jest.fn(),
-};
-const mockLogger = {
-    error: jest.fn(),
-};
-describe("AccountLockService", () => {
-    let service;
-    const mockAccount = { id: "123" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new account_lock_service_1.AccountLockService(mockConfig, mockLogger);
-    });
-    it("isAccountLocked throws error if account is locked", async () => {
-        mockConfig.isAccountLocked.mockResolvedValue(true);
-        await expect(service.isAccountLocked(mockAccount)).rejects.toThrow(errors_1.AccountLockedError);
-    });
-    it("isAccountLocked returns false if account is not locked", async () => {
-        mockConfig.isAccountLocked.mockResolvedValue(false);
-        await expect(service.isAccountLocked(mockAccount)).resolves.toBe(false);
-    });
-    it("lockAccount locks the account and notifies if enabled", async () => {
-        mockConfig.notifyOnLockout = jest.fn();
-        await service.lockAccount(mockAccount);
-        expect(mockConfig.lockAccount).toHaveBeenCalledWith(mockAccount);
-        expect(mockConfig.notifyOnLockout).toHaveBeenCalledWith(mockAccount);
-    });
-    it("lockAccount does not notify if notifyOnLockout is not defined", async () => {
-        mockConfig.notifyOnLockout = undefined;
-        await service.lockAccount(mockAccount);
-        expect(mockConfig.lockAccount).toHaveBeenCalledWith(mockAccount);
-    });
-    it("hasAccountLockExpired returns expected value", async () => {
-        mockConfig.hasAccountLockExpired.mockResolvedValue(true);
-        await expect(service.hasAccountLockExpired(mockAccount)).resolves.toBe(true);
-    });
-    it("removeAccountLock calls the correct method", async () => {
-        await service.removeAccountLock(mockAccount);
-        expect(mockConfig.removeAccountLock).toHaveBeenCalledWith(mockAccount);
-    });
-    it("logFailedAttempt logs action and handles error if logging fails", async () => {
-        mockConfig.logFailedAttempt.mockRejectedValue(new Error("Logging failed"));
-        await service.logFailedAttempt("LOGIN_ATTEMPT", mockAccount, {});
-        expect(mockLogger.error).toHaveBeenCalled();
-    });
-});

package/build/services/__tests__/auth-throttle.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/auth-throttle.service.test.js

@@ -1,48 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const auth_throttle_service_1 = require("../auth-throttle.service");
-const mockConfig = {
-    getFailedAttempts: jest.fn(),
-    incrementFailedAttempts: jest.fn(),
-    resetFailedAttempts: jest.fn(),
-    maxFailedAttempts: 3,
-};
-const mockLogger = {
-    warn: jest.fn(),
-    error: jest.fn(),
-};
-describe("AuthThrottleService", () => {
-    let service;
-    const mockIdentifier = "user123";
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new auth_throttle_service_1.AuthThrottleService(mockConfig, mockLogger);
-    });
-    it("checkFailedAttempts throws error if max failed attempts reached", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(3);
-        await expect(service.checkFailedAttempts(mockIdentifier)).rejects.toThrow(errors_1.AccountLockedError);
-        expect(mockLogger.warn).toHaveBeenCalledWith(`User ${mockIdentifier} is temporarily locked out.`);
-    });
-    it("checkFailedAttempts does not throw error if failed attempts are below threshold", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(2);
-        await expect(service.checkFailedAttempts(mockIdentifier)).resolves.not.toThrow();
-    });
-    it("checkFailedAttempts logs error if an exception occurs", async () => {
-        mockConfig.getFailedAttempts.mockRejectedValue(new Error("DB error"));
-        await service.checkFailedAttempts(mockIdentifier);
-        expect(mockLogger.error).toHaveBeenCalledWith("Check failed attempts:", expect.any(Error));
-    });
-    it("incrementFailedAttempts increments counter and throws if max reached", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(3);
-        await expect(service.incrementFailedAttempts(mockIdentifier)).rejects.toThrow(errors_1.AccountLockedError);
-    });
-    it("incrementFailedAttempts increments counter without throwing if below threshold", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(2);
-        await expect(service.incrementFailedAttempts(mockIdentifier)).resolves.not.toThrow();
-    });
-    it("resetFailedAttempts calls the correct method", async () => {
-        await service.resetFailedAttempts(mockIdentifier);
-        expect(mockConfig.resetFailedAttempts).toHaveBeenCalledWith(mockIdentifier);
-    });
-});

package/build/services/__tests__/jwks.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/jwks.service.test.js

@@ -1,39 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
-const jwks_service_1 = require("../jwks.service");
-const oauth2_errors_1 = require("../../strategies/oauth2/oauth2.errors");
-describe("JwtService", () => {
-    let service;
-    let mockConfig;
-    const mockIdToken = "mock.id.token";
-    beforeEach(() => {
-        jest.clearAllMocks();
-        mockConfig = {
-            jwks: {
-                jwksUri: "https://mock-jwks-uri.com",
-                algorithms: ["RS256"],
-                issuer: "mock-issuer",
-                audience: "mock-client-id",
-            },
-        };
-        service = new jwks_service_1.JwtService(mockConfig);
-    });
-    it("verify throws error if ID token structure is invalid", async () => {
-        jest.spyOn(jsonwebtoken_1.default, "decode").mockReturnValue(null);
-        await expect(service.verify(mockIdToken)).rejects.toThrow("Invalid ID Token structure.");
-    });
-    it("verify throws error if ID token is expired", async () => {
-        jest.spyOn(jsonwebtoken_1.default, "decode").mockReturnValue({ header: { kid: "mock-kid" } });
-        jest
-            .spyOn(service.client, "getSigningKey")
-            .mockResolvedValue({ getPublicKey: () => "mock-public-key" });
-        jest
-            .spyOn(jsonwebtoken_1.default, "verify")
-            .mockReturnValue({ exp: Math.floor(Date.now() / 1000) - 10 });
-        await expect(service.verify(mockIdToken)).rejects.toThrow(oauth2_errors_1.InvalidIdTokenError);
-    });
-});

package/build/services/__tests__/mfa.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/mfa.service.test.js

@@ -1,66 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const mfa_service_1 = require("../mfa.service");
-const mockConfig = {
-    isMfaRequired: jest.fn(),
-    extractMfaCode: jest.fn(),
-    sendMfaCode: jest.fn(),
-    validateMfaCode: jest.fn(),
-    maxMfaAttempts: 3,
-    getMfaAttempts: jest.fn(),
-    incrementMfaAttempts: jest.fn(),
-    resetMfaAttempts: jest.fn(),
-    lockMfaOnFailure: jest.fn(),
-};
-const mockLogger = {
-    info: jest.fn(),
-    warn: jest.fn(),
-    error: jest.fn(),
-};
-describe("MfaService", () => {
-    let service;
-    const mockUser = { id: "user123" };
-    const mockContext = { token: "mock-token" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new mfa_service_1.MfaService(mockConfig, mockLogger);
-    });
-    it("checkMfa sends code if required and no code provided", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue(null);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("2FA required. A verification code has been sent.");
-        expect(mockConfig.sendMfaCode).toHaveBeenCalledWith(mockUser, mockContext);
-    });
-    it("checkMfa locks account after too many failed attempts", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("wrong-code");
-        mockConfig.getMfaAttempts.mockResolvedValue(3);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("Your account has been temporarily locked due to too many failed 2FA attempts.");
-        expect(mockLogger.warn).toHaveBeenCalledWith(`User ${mockUser} exceeded maximum MFA attempts.`);
-        expect(mockConfig.lockMfaOnFailure).toHaveBeenCalledWith(mockUser);
-    });
-    it("checkMfa rejects invalid MFA codes", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("invalid-code");
-        mockConfig.getMfaAttempts.mockResolvedValue(1);
-        mockConfig.validateMfaCode.mockResolvedValue(false);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("Invalid 2FA code provided.");
-        expect(mockLogger.warn).toHaveBeenCalledWith(`Invalid MFA code attempt for user: ${mockUser}`);
-        expect(mockConfig.incrementMfaAttempts).toHaveBeenCalledWith(mockUser);
-    });
-    it("checkMfa resets attempts on successful MFA validation", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("valid-code");
-        mockConfig.validateMfaCode.mockResolvedValue(true);
-        await expect(service.checkMfa(mockUser, mockContext)).resolves.not.toThrow();
-        expect(mockConfig.resetMfaAttempts).toHaveBeenCalledWith(mockUser);
-        expect(mockLogger.info).toHaveBeenCalledWith(`2FA successfully validated for user: ${mockUser}`);
-    });
-    it("lockMfaOnFailure logs error if an exception occurs", async () => {
-        mockConfig.lockMfaOnFailure.mockImplementation(() => {
-            throw new Error("Lock failed");
-        });
-        service.lockMfaOnFailure(mockUser);
-        expect(mockLogger.error).toHaveBeenCalledWith(expect.any(Error));
-    });
-});

package/build/services/__tests__/password.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/password.service.test.js

@@ -1,73 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const password_service_1 = require("../password.service");
-const globals_1 = require("@jest/globals");
-describe("PasswordService", () => {
-    let service;
-    let mockConfig;
-    const mockLogger = { error: globals_1.jest.fn() };
-    const mockIdentifier = "user123";
-    const mockPassword = "SecurePass123!";
-    beforeEach(() => {
-        globals_1.jest.clearAllMocks();
-        mockConfig = {
-            validatePassword: globals_1.jest.fn(),
-            getPasswordPasswordInfo: globals_1.jest.fn(),
-            generateResetToken: globals_1.jest.fn(),
-            sendPasswordResetEmail: globals_1.jest.fn(),
-            validatePasswordResetToken: globals_1.jest.fn(),
-            updatePassword: globals_1.jest.fn(),
-            passwordExpirationDays: 30,
-        };
-        service = new password_service_1.PasswordService(mockConfig, mockLogger);
-    });
-    it("validatePassword calls config method", async () => {
-        mockConfig.validatePassword.mockReturnValue(true);
-        await expect(service.validatePassword(mockPassword)).resolves.toBe(true);
-        expect(mockConfig.validatePassword).toHaveBeenCalledWith(mockPassword, undefined);
-    });
-    it("getPasswordPasswordInfo calls config method", async () => {
-        const mockPasswordInfo = { type: "default" };
-        mockConfig.getPasswordPasswordInfo.mockReturnValue(mockPasswordInfo);
-        await expect(service.getPasswordPasswordInfo(mockIdentifier)).resolves.toBe(mockPasswordInfo);
-        expect(mockConfig.getPasswordPasswordInfo).toHaveBeenCalledWith(mockIdentifier);
-    });
-    it("generateResetToken calls config method", async () => {
-        mockConfig.generateResetToken.mockResolvedValue("mock-token");
-        await expect(service.generateResetToken(mockIdentifier)).resolves.toBe("mock-token");
-    });
-    it("sendResetEmail calls config method", async () => {
-        await expect(service.sendResetEmail(mockIdentifier, "mock-token")).resolves.not.toThrow();
-        expect(mockConfig.sendPasswordResetEmail).toHaveBeenCalledWith(mockIdentifier, "mock-token");
-    });
-    it("validateResetToken calls config method", async () => {
-        mockConfig.validatePasswordResetToken.mockResolvedValue(true);
-        await expect(service.validateResetToken("mock-token")).resolves.toBeUndefined();
-    });
-    it("updatePassword calls config method", async () => {
-        await expect(service.updatePassword(mockIdentifier, mockPassword)).resolves.not.toThrow();
-        expect(mockConfig.updatePassword).toHaveBeenCalledWith(mockIdentifier, mockPassword, undefined);
-    });
-    it("isPasswordChangeRequired returns true if password is expired", async () => {
-        const pastDate = new Date(Date.now() - 31 * 86400000);
-        mockConfig.getPasswordPasswordInfo.mockResolvedValue({
-            type: "temporary",
-            lastChangeDate: pastDate,
-            expiresIn: 30 * 86400000
-        });
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(true);
-    });
-    it("isPasswordChangeRequired returns false if password is within expiration period", async () => {
-        const recentDate = new Date(Date.now() - 15 * 86400000);
-        mockConfig.getPasswordPasswordInfo.mockResolvedValue({
-            type: "temporary",
-            lastChangeDate: recentDate,
-            expiresIn: 30 * 86400000
-        });
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(false);
-    });
-    it("isPasswordChangeRequired returns false if getPasswordPasswordInfo is not defined", async () => {
-        service = new password_service_1.PasswordService({ passwordExpirationDays: 30 }, mockLogger);
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(false);
-    });
-});

package/build/services/__tests__/pkce.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/pkce.service.test.js

@@ -1,77 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const pkce_service_1 = require("../pkce.service");
-class InMemoryPKCEPersistence {
-    storeMap = new Map();
-    async store(key, meta) {
-        this.storeMap.set(key, meta || {});
-    }
-    async read(verifierOrChallenge) {
-        return this.storeMap.get(verifierOrChallenge);
-    }
-    async remove(key) {
-        this.storeMap.delete(key);
-    }
-}
-describe("PKCEService", () => {
-    let service;
-    let config;
-    beforeEach(() => {
-        config = {
-            verifier: {
-                expiresIn: 1,
-                embed: jest.fn(),
-                extract: jest.fn().mockImplementation((ctx) => ctx.verifier),
-                persistence: new InMemoryPKCEPersistence(),
-            },
-            challenge: {
-                expiresIn: 1,
-                embed: jest.fn(),
-                extract: jest.fn().mockImplementation((ctx) => ctx.challenge),
-                persistence: new InMemoryPKCEPersistence(),
-            },
-        };
-        service = new pkce_service_1.PKCEService(config);
-    });
-    it("should generate and store a code verifier", async () => {
-        const context = { key: "code_verifier_test" };
-        const verifier = await service.generateCodeVerifier(context);
-        expect(verifier).toBeDefined();
-        expect(config.verifier.embed).toHaveBeenCalledWith(context, verifier);
-    });
-    it("should generate and store a code challenge", async () => {
-        const context = { key: "code_challenge_test" };
-        const challenge = await service.generateCodeChallenge("test_verifier", context);
-        expect(challenge).toBeDefined();
-        expect(config.challenge.embed).toHaveBeenCalledWith(context, challenge);
-    });
-    it("should detect expired code verifier", async () => {
-        config.verifier.embed = (ctx, cv) => {
-            ctx.verifier = cv;
-        };
-        const context = { key: "expired_verifier_test" };
-        await service.generateCodeVerifier(context);
-        await new Promise((resolve) => setTimeout(resolve, 1500));
-        const isExpired = await service.isCodeVerifierExpired(context);
-        expect(isExpired).toBe(true);
-    });
-    it("should detect not-expired code verifier", async () => {
-        config.verifier.embed = (ctx, cv) => {
-            ctx.verifier = cv;
-        };
-        const context = {
-            key: "not_expired_verifier_test",
-        };
-        await service.generateCodeVerifier(context);
-        await new Promise((resolve) => setTimeout(resolve, 500));
-        const isExpired = await service.isCodeVerifierExpired(context);
-        expect(isExpired).toBe(false);
-    });
-    it("should clear code verifier", async () => {
-        const context = {
-            key: "clear_verifier_test",
-            verifier: "test_verifier_value",
-        };
-        await service.clearCodeVerifier(context);
-    });
-});

package/build/services/__tests__/rate-limit.service.test.d.ts

@@ -1 +0,0 @@
-export {};