@soapjs/soap-auth 0.4.0 → 1.0.0

package/package.json

@@ -1,35 +1,113 @@
 {
   "name": "@soapjs/soap-auth",
-  "version": "0.4.0",
-  "description": "",
+  "version": "1.0.0",
+  "description": "Authentication strategies, sessions, MFA, and token helpers for the SoapJS ecosystem.",
   "homepage": "https://docs.soapjs.com",
-  "repository": "https://github.com/soapjs/soap-auth",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/soapjs/soap-auth.git"
+  },
   "main": "build/index.js",
   "types": "build/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./build/index.d.ts",
+      "require": "./build/index.js"
+    },
+    "./session": {
+      "types": "./build/session/index.d.ts",
+      "require": "./build/session/index.js"
+    },
+    "./session/*": {
+      "types": "./build/session/*.d.ts",
+      "require": "./build/session/*.js"
+    },
+    "./services": {
+      "types": "./build/services/index.d.ts",
+      "require": "./build/services/index.js"
+    },
+    "./services/*": {
+      "types": "./build/services/*.d.ts",
+      "require": "./build/services/*.js"
+    },
+    "./strategies": {
+      "types": "./build/strategies/index.d.ts",
+      "require": "./build/strategies/index.js"
+    },
+    "./strategies/*": {
+      "types": "./build/strategies/*.d.ts",
+      "require": "./build/strategies/*.js"
+    },
+    "./tools": {
+      "types": "./build/tools/index.d.ts",
+      "require": "./build/tools/index.js"
+    },
+    "./tools/*": {
+      "types": "./build/tools/*.d.ts",
+      "require": "./build/tools/*.js"
+    },
+    "./recipes": {
+      "types": "./build/recipes/index.d.ts",
+      "require": "./build/recipes/index.js"
+    },
+    "./recipes/*": {
+      "types": "./build/recipes/*.d.ts",
+      "require": "./build/recipes/*.js"
+    },
+    "./errors": {
+      "types": "./build/errors.d.ts",
+      "require": "./build/errors.js"
+    },
+    "./types": {
+      "types": "./build/types.d.ts",
+      "require": "./build/types.js"
+    },
+    "./soap-auth": {
+      "types": "./build/soap-auth.d.ts",
+      "require": "./build/soap-auth.js"
+    },
+    "./utils/validation": {
+      "types": "./build/utils/validation.d.ts",
+      "require": "./build/utils/validation.js"
+    },
+    "./package.json": "./package.json"
+  },
+  "files": [
+    "build",
+    "README.md",
+    "LICENSE",
+    "ldap.md",
+    "saml.md"
+  ],
+  "sideEffects": false,
   "license": "MIT",
   "author": "Radoslaw Kamysz",
   "scripts": {
     "test:unit": "jest --config=jest.config.unit.json",
     "clean": "rm -rf ./build",
-    "build": "npm run clean && tsc -b",
-    "prepublish": "npm run clean && tsc --project tsconfig.build.json"
+    "build": "npm run clean && tsc --project tsconfig.build.json",
+    "prepack": "npm run build",
+    "prepublishOnly": "npm run test:unit && npm run build"
+  },
+  "publishConfig": {
+    "access": "public"
   },
   "devDependencies": {
-    "@soapjs/soap": "^0.9.0",
-    "@types/jest": "^27.0.3",
-    "jest": "^27.4.5",
-    "ts-jest": "^27.1.3",
+    "@soapjs/soap": "^0.12.1",
+    "@types/jest": "^29.5.14",
+    "jest": "^29.7.0",
+    "ts-jest": "^29.4.11",
     "typescript": "^4.8.2"
   },
   "peerDependencies": {
-    "@soapjs/soap": ">=0.8.0"
+    "@soapjs/soap": ">=0.12.0"
   },
   "engines": {
-    "node": ">=18.0.0"
+    "node": ">=24.17.0"
   },
   "dependencies": {
     "bcrypt": "^6.0.0",
-    "jsonwebtoken": "^9.0.2",
-    "jwks-rsa": "^3.1.0"
+    "jsonwebtoken": "^9.0.3",
+    "jwks-rsa": "^3.2.2"
   }
 }

package/.claude/settings.local.json

@@ -1,20 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(npm run *)",
-      "Bash(npx tsc *)",
-      "Bash(npm audit *)",
-      "Bash(npm uninstall *)",
-      "Bash(npm install *)",
-      "Bash(echo \"=== SOAP-EXPRESS src ===\" && find /Users/rad/git/soapjs/soap-express/src -type f -name \"*.ts\" | grep -v __tests__ | grep -v \".test.\" | sort && echo \"\" && echo \"=== SOAP-EXPRESS package.json ===\" && cat /Users/rad/git/soapjs/soap-express/package.json)",
-      "Bash(echo \"=== SOAP src \\(http + common\\) ===\" && find /Users/rad/git/soapjs/soap/src -type f -name \"*.ts\" | grep -v __tests__ | grep -v \".test.\" | grep -E \"\\(http|common|config\\)\" | sort)",
-      "Bash(cat /Users/rad/git/soapjs/soap/package.json | grep '\"version\"' | head -1)",
-      "Bash(grep -rln \"AuthStrategy\\\\|\\\\.configure\\(\\\\|\\\\.middleware\\(\\\\|serializeUser\\\\|AuthConfig\\\\b\" src --include=\"*.test.ts\")",
-      "Bash(grep -rln \"AuthStrategy\\\\|AuthConfig\" src/**/__tests__)",
-      "Bash(npm pack *)",
-      "Read(//Users/rad/git/soapjs/**)",
-      "Bash(npm view *)",
-      "Bash(grep -v \"^$\")"
-    ]
-  }
-}

package/build/__tests__/soap-auth.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/__tests__/soap-auth.test.js

@@ -1,136 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const globals_1 = require("@jest/globals");
-const soap_auth_1 = require("../soap-auth");
-const memory_session_store_1 = require("../session/memory.session-store");
-describe("SoapAuth", () => {
-    let soapAuth;
-    const mockLogger = { error: globals_1.jest.fn(), info: globals_1.jest.fn() };
-    const mockStrategy = {
-        authenticate: globals_1.jest.fn(),
-        init: globals_1.jest.fn(),
-        logout: globals_1.jest.fn(),
-    };
-    beforeEach(() => {
-        globals_1.jest.clearAllMocks();
-        soapAuth = new soap_auth_1.SoapAuth({ logger: mockLogger });
-    });
-    test("addStrategy should add a valid strategy", () => {
-        expect(() => soapAuth.addStrategy(mockStrategy, "jwt", "http")).not.toThrow();
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(true);
-    });
-    test("addStrategy should throw error if strategy is invalid", () => {
-        expect(() => soapAuth.addStrategy({}, "invalid", "http")).toThrow("Invalid authentication strategy: does not implement required methods.");
-    });
-    test("removeStrategy should remove an existing strategy", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(true);
-        soapAuth.removeStrategy("jwt", "http");
-        expect(soapAuth.hasStrategy("jwt", "http")).toBe(false);
-    });
-    test("getStrategy should return an existing strategy", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        expect(soapAuth.getStrategy("jwt", "http")).toBe(mockStrategy);
-    });
-    test("getStrategy should throw an error if strategy does not exist", () => {
-        expect(() => soapAuth.getStrategy("nonexistent", "http")).toThrow('Authentication strategy "nonexistent" not found.');
-    });
-    test("listStrategies should return all registered strategy names", () => {
-        soapAuth.addStrategy(mockStrategy, "jwt", "http");
-        soapAuth.addStrategy(mockStrategy, "oauth", "http");
-        expect(soapAuth.listStrategies("http")).toEqual(["jwt", "oauth"]);
-    });
-});
-describe("SoapAuth.create()", () => {
-    const mockLogger = { error: globals_1.jest.fn(), info: globals_1.jest.fn(), warn: globals_1.jest.fn() };
-    const apiKeyConfig = {
-        keyType: "session",
-        extractApiKey: (ctx) => ctx?.headers?.["x-api-key"],
-        retrieveUserByApiKey: async (_key) => ({ id: "1", email: "test@test.com" }),
-    };
-    const jwtConfig = {
-        accessToken: {
-            issuer: {
-                secretKey: "test-secret-key-for-tests",
-                options: { expiresIn: "1h" },
-            },
-            verifier: { options: {} },
-        },
-        routes: {
-            login: { path: "/auth/jwt/login", method: "POST" },
-            logout: { path: "/auth/jwt/logout", method: "POST" },
-        },
-    };
-    const localConfig = {
-        credentials: {
-            extractCredentials: (ctx) => ({
-                identifier: ctx?.body?.username,
-                password: ctx?.body?.password,
-            }),
-            verifyCredentials: async (_id, _pwd) => true,
-        },
-        user: { fetchUser: async (_id) => ({ id: "1", email: "u@test.com" }) },
-        routes: {
-            login: { path: "/auth/login", method: "POST" },
-            logout: { path: "/auth/logout", method: "POST" },
-        },
-    };
-    test("registers api-key strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { apiKey: apiKeyConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("api-key", "http")).toBe(true);
-    });
-    test("registers jwt as standalone HTTP strategy from http.jwt", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { jwt: jwtConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("jwt", "http")).toBe(true);
-    });
-    test("registers local strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-    test("registers multiple HTTP strategies simultaneously", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { apiKey: apiKeyConfig, jwt: jwtConfig, local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("api-key", "http")).toBe(true);
-        expect(auth.hasStrategy("jwt", "http")).toBe(true);
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-    test("registers custom strategies from config", async () => {
-        const customStrategy = { name: "custom", authenticate: globals_1.jest.fn() };
-        const auth = await soap_auth_1.SoapAuth.create({
-            http: { custom: { myStrategy: customStrategy } },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("myStrategy", "http")).toBe(true);
-    });
-    test("registers socket JWT strategy from config", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({
-            socket: { jwt: jwtConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("jwt", "socket")).toBe(true);
-    });
-    test("returns empty SoapAuth when no strategy configs provided", async () => {
-        const auth = await soap_auth_1.SoapAuth.create({ logger: mockLogger });
-        expect(auth.listStrategies("http")).toEqual([]);
-    });
-    test("uses session handler when session config provided", async () => {
-        const store = new memory_session_store_1.MemorySessionStore();
-        const auth = await soap_auth_1.SoapAuth.create({
-            session: { secret: "test-secret", store, getSessionId: () => "sid" },
-            http: { local: localConfig },
-            logger: mockLogger,
-        });
-        expect(auth.hasStrategy("local", "http")).toBe(true);
-    });
-});

package/build/services/__tests__/account-lock.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/account-lock.service.test.js

@@ -1,55 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const account_lock_service_1 = require("../account-lock.service");
-const mockConfig = {
-    isAccountLocked: jest.fn(),
-    lockAccount: jest.fn(),
-    hasAccountLockExpired: jest.fn(),
-    removeAccountLock: jest.fn(),
-    logFailedAttempt: jest.fn(),
-    notifyOnLockout: jest.fn(),
-};
-const mockLogger = {
-    error: jest.fn(),
-};
-describe("AccountLockService", () => {
-    let service;
-    const mockAccount = { id: "123" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new account_lock_service_1.AccountLockService(mockConfig, mockLogger);
-    });
-    it("isAccountLocked throws error if account is locked", async () => {
-        mockConfig.isAccountLocked.mockResolvedValue(true);
-        await expect(service.isAccountLocked(mockAccount)).rejects.toThrow(errors_1.AccountLockedError);
-    });
-    it("isAccountLocked returns false if account is not locked", async () => {
-        mockConfig.isAccountLocked.mockResolvedValue(false);
-        await expect(service.isAccountLocked(mockAccount)).resolves.toBe(false);
-    });
-    it("lockAccount locks the account and notifies if enabled", async () => {
-        mockConfig.notifyOnLockout = jest.fn();
-        await service.lockAccount(mockAccount);
-        expect(mockConfig.lockAccount).toHaveBeenCalledWith(mockAccount);
-        expect(mockConfig.notifyOnLockout).toHaveBeenCalledWith(mockAccount);
-    });
-    it("lockAccount does not notify if notifyOnLockout is not defined", async () => {
-        mockConfig.notifyOnLockout = undefined;
-        await service.lockAccount(mockAccount);
-        expect(mockConfig.lockAccount).toHaveBeenCalledWith(mockAccount);
-    });
-    it("hasAccountLockExpired returns expected value", async () => {
-        mockConfig.hasAccountLockExpired.mockResolvedValue(true);
-        await expect(service.hasAccountLockExpired(mockAccount)).resolves.toBe(true);
-    });
-    it("removeAccountLock calls the correct method", async () => {
-        await service.removeAccountLock(mockAccount);
-        expect(mockConfig.removeAccountLock).toHaveBeenCalledWith(mockAccount);
-    });
-    it("logFailedAttempt logs action and handles error if logging fails", async () => {
-        mockConfig.logFailedAttempt.mockRejectedValue(new Error("Logging failed"));
-        await service.logFailedAttempt("LOGIN_ATTEMPT", mockAccount, {});
-        expect(mockLogger.error).toHaveBeenCalled();
-    });
-});

package/build/services/__tests__/auth-throttle.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/auth-throttle.service.test.js

@@ -1,48 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const errors_1 = require("../../errors");
-const auth_throttle_service_1 = require("../auth-throttle.service");
-const mockConfig = {
-    getFailedAttempts: jest.fn(),
-    incrementFailedAttempts: jest.fn(),
-    resetFailedAttempts: jest.fn(),
-    maxFailedAttempts: 3,
-};
-const mockLogger = {
-    warn: jest.fn(),
-    error: jest.fn(),
-};
-describe("AuthThrottleService", () => {
-    let service;
-    const mockIdentifier = "user123";
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new auth_throttle_service_1.AuthThrottleService(mockConfig, mockLogger);
-    });
-    it("checkFailedAttempts throws error if max failed attempts reached", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(3);
-        await expect(service.checkFailedAttempts(mockIdentifier)).rejects.toThrow(errors_1.AccountLockedError);
-        expect(mockLogger.warn).toHaveBeenCalledWith(`User ${mockIdentifier} is temporarily locked out.`);
-    });
-    it("checkFailedAttempts does not throw error if failed attempts are below threshold", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(2);
-        await expect(service.checkFailedAttempts(mockIdentifier)).resolves.not.toThrow();
-    });
-    it("checkFailedAttempts logs error if an exception occurs", async () => {
-        mockConfig.getFailedAttempts.mockRejectedValue(new Error("DB error"));
-        await service.checkFailedAttempts(mockIdentifier);
-        expect(mockLogger.error).toHaveBeenCalledWith("Check failed attempts:", expect.any(Error));
-    });
-    it("incrementFailedAttempts increments counter and throws if max reached", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(3);
-        await expect(service.incrementFailedAttempts(mockIdentifier)).rejects.toThrow(errors_1.AccountLockedError);
-    });
-    it("incrementFailedAttempts increments counter without throwing if below threshold", async () => {
-        mockConfig.getFailedAttempts.mockResolvedValue(2);
-        await expect(service.incrementFailedAttempts(mockIdentifier)).resolves.not.toThrow();
-    });
-    it("resetFailedAttempts calls the correct method", async () => {
-        await service.resetFailedAttempts(mockIdentifier);
-        expect(mockConfig.resetFailedAttempts).toHaveBeenCalledWith(mockIdentifier);
-    });
-});

package/build/services/__tests__/jwks.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/jwks.service.test.js

@@ -1,39 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
-const jwks_service_1 = require("../jwks.service");
-const oauth2_errors_1 = require("../../strategies/oauth2/oauth2.errors");
-describe("JwtService", () => {
-    let service;
-    let mockConfig;
-    const mockIdToken = "mock.id.token";
-    beforeEach(() => {
-        jest.clearAllMocks();
-        mockConfig = {
-            jwks: {
-                jwksUri: "https://mock-jwks-uri.com",
-                algorithms: ["RS256"],
-                issuer: "mock-issuer",
-                audience: "mock-client-id",
-            },
-        };
-        service = new jwks_service_1.JwtService(mockConfig);
-    });
-    it("verify throws error if ID token structure is invalid", async () => {
-        jest.spyOn(jsonwebtoken_1.default, "decode").mockReturnValue(null);
-        await expect(service.verify(mockIdToken)).rejects.toThrow("Invalid ID Token structure.");
-    });
-    it("verify throws error if ID token is expired", async () => {
-        jest.spyOn(jsonwebtoken_1.default, "decode").mockReturnValue({ header: { kid: "mock-kid" } });
-        jest
-            .spyOn(service.client, "getSigningKey")
-            .mockResolvedValue({ getPublicKey: () => "mock-public-key" });
-        jest
-            .spyOn(jsonwebtoken_1.default, "verify")
-            .mockReturnValue({ exp: Math.floor(Date.now() / 1000) - 10 });
-        await expect(service.verify(mockIdToken)).rejects.toThrow(oauth2_errors_1.InvalidIdTokenError);
-    });
-});

package/build/services/__tests__/mfa.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/mfa.service.test.js

@@ -1,66 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const mfa_service_1 = require("../mfa.service");
-const mockConfig = {
-    isMfaRequired: jest.fn(),
-    extractMfaCode: jest.fn(),
-    sendMfaCode: jest.fn(),
-    validateMfaCode: jest.fn(),
-    maxMfaAttempts: 3,
-    getMfaAttempts: jest.fn(),
-    incrementMfaAttempts: jest.fn(),
-    resetMfaAttempts: jest.fn(),
-    lockMfaOnFailure: jest.fn(),
-};
-const mockLogger = {
-    info: jest.fn(),
-    warn: jest.fn(),
-    error: jest.fn(),
-};
-describe("MfaService", () => {
-    let service;
-    const mockUser = { id: "user123" };
-    const mockContext = { token: "mock-token" };
-    beforeEach(() => {
-        jest.clearAllMocks();
-        service = new mfa_service_1.MfaService(mockConfig, mockLogger);
-    });
-    it("checkMfa sends code if required and no code provided", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue(null);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("2FA required. A verification code has been sent.");
-        expect(mockConfig.sendMfaCode).toHaveBeenCalledWith(mockUser, mockContext);
-    });
-    it("checkMfa locks account after too many failed attempts", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("wrong-code");
-        mockConfig.getMfaAttempts.mockResolvedValue(3);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("Your account has been temporarily locked due to too many failed 2FA attempts.");
-        expect(mockLogger.warn).toHaveBeenCalledWith(`User ${mockUser} exceeded maximum MFA attempts.`);
-        expect(mockConfig.lockMfaOnFailure).toHaveBeenCalledWith(mockUser);
-    });
-    it("checkMfa rejects invalid MFA codes", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("invalid-code");
-        mockConfig.getMfaAttempts.mockResolvedValue(1);
-        mockConfig.validateMfaCode.mockResolvedValue(false);
-        await expect(service.checkMfa(mockUser, mockContext)).rejects.toThrow("Invalid 2FA code provided.");
-        expect(mockLogger.warn).toHaveBeenCalledWith(`Invalid MFA code attempt for user: ${mockUser}`);
-        expect(mockConfig.incrementMfaAttempts).toHaveBeenCalledWith(mockUser);
-    });
-    it("checkMfa resets attempts on successful MFA validation", async () => {
-        mockConfig.isMfaRequired.mockReturnValue(true);
-        mockConfig.extractMfaCode.mockReturnValue("valid-code");
-        mockConfig.validateMfaCode.mockResolvedValue(true);
-        await expect(service.checkMfa(mockUser, mockContext)).resolves.not.toThrow();
-        expect(mockConfig.resetMfaAttempts).toHaveBeenCalledWith(mockUser);
-        expect(mockLogger.info).toHaveBeenCalledWith(`2FA successfully validated for user: ${mockUser}`);
-    });
-    it("lockMfaOnFailure logs error if an exception occurs", async () => {
-        mockConfig.lockMfaOnFailure.mockImplementation(() => {
-            throw new Error("Lock failed");
-        });
-        service.lockMfaOnFailure(mockUser);
-        expect(mockLogger.error).toHaveBeenCalledWith(expect.any(Error));
-    });
-});

package/build/services/__tests__/password.service.test.d.ts

@@ -1 +0,0 @@
-export {};

package/build/services/__tests__/password.service.test.js

@@ -1,73 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const password_service_1 = require("../password.service");
-const globals_1 = require("@jest/globals");
-describe("PasswordService", () => {
-    let service;
-    let mockConfig;
-    const mockLogger = { error: globals_1.jest.fn() };
-    const mockIdentifier = "user123";
-    const mockPassword = "SecurePass123!";
-    beforeEach(() => {
-        globals_1.jest.clearAllMocks();
-        mockConfig = {
-            validatePassword: globals_1.jest.fn(),
-            getPasswordPasswordInfo: globals_1.jest.fn(),
-            generateResetToken: globals_1.jest.fn(),
-            sendPasswordResetEmail: globals_1.jest.fn(),
-            validatePasswordResetToken: globals_1.jest.fn(),
-            updatePassword: globals_1.jest.fn(),
-            passwordExpirationDays: 30,
-        };
-        service = new password_service_1.PasswordService(mockConfig, mockLogger);
-    });
-    it("validatePassword calls config method", async () => {
-        mockConfig.validatePassword.mockReturnValue(true);
-        await expect(service.validatePassword(mockPassword)).resolves.toBe(true);
-        expect(mockConfig.validatePassword).toHaveBeenCalledWith(mockPassword, undefined);
-    });
-    it("getPasswordPasswordInfo calls config method", async () => {
-        const mockPasswordInfo = { type: "default" };
-        mockConfig.getPasswordPasswordInfo.mockReturnValue(mockPasswordInfo);
-        await expect(service.getPasswordPasswordInfo(mockIdentifier)).resolves.toBe(mockPasswordInfo);
-        expect(mockConfig.getPasswordPasswordInfo).toHaveBeenCalledWith(mockIdentifier);
-    });
-    it("generateResetToken calls config method", async () => {
-        mockConfig.generateResetToken.mockResolvedValue("mock-token");
-        await expect(service.generateResetToken(mockIdentifier)).resolves.toBe("mock-token");
-    });
-    it("sendResetEmail calls config method", async () => {
-        await expect(service.sendResetEmail(mockIdentifier, "mock-token")).resolves.not.toThrow();
-        expect(mockConfig.sendPasswordResetEmail).toHaveBeenCalledWith(mockIdentifier, "mock-token");
-    });
-    it("validateResetToken calls config method", async () => {
-        mockConfig.validatePasswordResetToken.mockResolvedValue(true);
-        await expect(service.validateResetToken("mock-token")).resolves.toBeUndefined();
-    });
-    it("updatePassword calls config method", async () => {
-        await expect(service.updatePassword(mockIdentifier, mockPassword)).resolves.not.toThrow();
-        expect(mockConfig.updatePassword).toHaveBeenCalledWith(mockIdentifier, mockPassword, undefined);
-    });
-    it("isPasswordChangeRequired returns true if password is expired", async () => {
-        const pastDate = new Date(Date.now() - 31 * 86400000);
-        mockConfig.getPasswordPasswordInfo.mockResolvedValue({
-            type: "temporary",
-            lastChangeDate: pastDate,
-            expiresIn: 30 * 86400000
-        });
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(true);
-    });
-    it("isPasswordChangeRequired returns false if password is within expiration period", async () => {
-        const recentDate = new Date(Date.now() - 15 * 86400000);
-        mockConfig.getPasswordPasswordInfo.mockResolvedValue({
-            type: "temporary",
-            lastChangeDate: recentDate,
-            expiresIn: 30 * 86400000
-        });
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(false);
-    });
-    it("isPasswordChangeRequired returns false if getPasswordPasswordInfo is not defined", async () => {
-        service = new password_service_1.PasswordService({ passwordExpirationDays: 30 }, mockLogger);
-        await expect(service.isPasswordChangeRequired(mockIdentifier)).resolves.toBe(false);
-    });
-});

package/build/services/__tests__/pkce.service.test.d.ts

@@ -1 +0,0 @@
-export {};