@sphereon/ssi-express-support 0.23.5-unstable.88 → 0.24.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/express-builders.js +1 -2
- package/dist/express-builders.js.map +1 -1
- package/package.json +2 -2
- package/src/auth-utils.ts +155 -155
- package/src/entra-id-auth.ts +47 -47
- package/src/express-builders.ts +348 -348
- package/src/express-utils.ts +49 -49
- package/src/openid-connect-rp.ts +228 -228
- package/src/static-bearer-auth.ts +151 -151
package/dist/express-builders.js
CHANGED
|
@@ -212,9 +212,8 @@ class ExpressBuilder {
|
|
|
212
212
|
this._handlers && this._handlers.length > 0 && app.use(this._handlers);
|
|
213
213
|
// @ts-ignore
|
|
214
214
|
(opts === null || opts === void 0 ? void 0 : opts.handlers) && app.use(opts.handlers);
|
|
215
|
-
//fixme: this should come from the config
|
|
216
215
|
app.use(body_parser_1.default.urlencoded({ extended: true }));
|
|
217
|
-
app.use(body_parser_1.default.json(
|
|
216
|
+
app.use(body_parser_1.default.json());
|
|
218
217
|
return app;
|
|
219
218
|
}
|
|
220
219
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"express-builders.js","sourceRoot":"","sources":["../src/express-builders.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;GAEG;AACH,8DAAoC;AAEpC,gDAAwC;AAExC,sDAA0C;AAE1C,sEAA4C;AAG5C,qDAAsE;AACtE,oDAA2B;AAC3B,wDAAsD;AACtD,6CAAgD;AAChD,mDAAkD;AAClD,2CAAiC;AASjC,MAAa,cAAc;IAkBzB,YAAoB,IAA2D;QAdvE,cAAS,GAA8C,EAAE,CAAA;QAEzD,iBAAY,GAAyB,SAAS,CAAA;QAI9C,qBAAgB,GAAa,KAAK,CAAA;QASxC,MAAM,EAAE,eAAe,EAAE,YAAY,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;QACpD,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QACnC,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,EAAE,CAAA;IACxC,CAAC;IAEM,MAAM,CAAC,mBAAmB,CAAC,IAA2D;QAC3F,OAAO,IAAI,cAAc,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,CAAA;IACvC,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,IAAoD;;QAC/E,MAAM,OAAO,GAAG,IAAI,cAAc,CAAC,EAAE,eAAe,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE,YAAY,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE,CAAC,CAAA;QAChH,OAAO,OAAO,CAAC,oBAAoB,iCAAM,IAAI,KAAE,YAAY,EAAE,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,MAAA,IAAI,CAAC,cAAc,mCAAI,KAAK,IAAG,CAAA;IAC3H,CAAC;IAEM,YAAY,CAAC,YAAsB;QACxC,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAClC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,iBAAiB,CAAC,IAAkG;;QACzH,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1D,MAAM,KAAK,CAAC,iEAAiE,CAAC,CAAA;QAChF,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,mCAAI,IAAA,gBAAM,EAAC,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,mCAAI,KAAK,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,CAAC,CAAA;QACnF,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,oBAAoB,CAAC,EAC1B,IAAI,EACJ,YAAY,EACZ,QAAQ,EACR,YAAY,GAMb;QACC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;QAC3B,YAAY,IAAI,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QAC/C,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;YACnC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QACnC,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,YAAY,KAAK,IAAI,CAAA;QACzC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,QAAQ,CAAC,IAAY;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,YAAY,CAAC,YAAoB;QACtC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,QAAoB;QAC5C,IAAI,CAAC,cAAc,GAAG,QAAQ,CAAA;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,WAAW,CAAC,eAAwB;QACzC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,YAAY,GAAG,KAAK,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,UAAiC;QACzD,IAAI,CAAC,eAAe,GAAG,UAAU,CAAA;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,gBAAgB,CAAC,WAAoB,EAAE,iBAAqC;QACjF,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAA;QACnC,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAA;QAC1C,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,sBAAsB,CAAC,YAA+B;QAC3D,IAAI,CAAC,aAAa,GAAG,YAAY,CAAA;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,YAAY,CAAC,QAAkB;QACpC,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,cAAc,CAAC,OAAgB;QACpC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,CAAC,cAAc,CAAC,CAAA;QACtF,IAAI,CAAC,WAAW,GAAG,IAAA,sCAAoB,EAAC;YACtC,MAAM,EAAE,IAAI,CAAC,OAAO;YACpB,iCAAiC;SAClC,CAAC,CAAA;QAEF,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,CAAA;IAC/D,CAAC;IAEM,WAAW;;QAChB,OAAO,MAAA,MAAA,IAAI,CAAC,YAAY,mCAAI,IAAA,eAAG,EAAC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAA;IAC7E,CAAC;IAEM,OAAO;;QACZ,OAAO,CAAC,MAAA,MAAA,IAAI,CAAC,IAAI,mCAAI,IAAA,eAAG,EAAC,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,mCAAI,IAAI,CAAW,CAAA;IACxE,CAAC;IAEM,WAAW,CAAC,QAA2E;QAC5F,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;QAC3B,CAAC;aAAM,IAAI,QAAQ,EAAE,CAAC;YACpB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;YACrB,CAAC;YACD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACrB,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,UAAU,CAAC,OAAuC;QACvD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACrB,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,WAAmC;QAC3D,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,KAAK,CAAwB,IAInC;QACC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QACvC,MAAM,cAAc,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,MAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAA;QAC5G,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,SAAS,CAAA;QACxC,IAAI,cAAc,IAAI,CAAC,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YAC5B,OAAO,GAAG,IAAI,CAAA;QAChB,CAAC;QAED,OAAO;YACL,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE;YACpB,QAAQ,EAAE,IAAI,CAAC,WAAW,EAAE;YAC5B,YAAY,EAAE,IAAI,CAAC,aAAa;YAChC,cAAc;YACd,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE;gBACd,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB,EAAE,CAAC;oBAC9B,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAA;gBACrF,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;wBAC5B,OAAO,GAAG,IAAI,CAAA;oBAChB,CAAC;gBACH,CAAC;gBAED,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB,MAAK,IAAI,EAAE,CAAC;oBACvC,OAAO,CAAC,GAAG,CAAC,gCAAgB,CAAC,CAAA;gBAC/B,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,OAAQ,EAAE,UAAU,EAAE,IAAI,CAAC,WAAY,EAAE,CAAA;YACjE,CAAC;YACD,IAAI,EAAE,CAAO,UAA2B,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,IAAI,CAAC,WAAW,CAAA;gBAC3C,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,OAAO,KAAK,CAAA;gBACd,CAAC;gBACD,OAAO,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;YAChD,CAAC,CAAA;SACF,CAAA;IACH,CAAC;IAES,YAAY,CAAwB,IAI7C;;QACC,MAAM,GAAG,GAAoB,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,mCAAI,IAAI,CAAC,eAAe,mCAAI,IAAA,iBAAO,GAAE,CAAA;QAC/E,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACvB,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,MAAA,IAAI,CAAC,YAAY,CAAC,KAAK,mCAAI,IAAI,yBAAc,CAAC,WAAW,EAAE,CAAA;YACzE,IAAI,CAAC,YAAY,CAAC,KAAK,GAAG,KAAK,CAAA;YAC/B,GAAG,CAAC,GAAG,CAAC,IAAA,yBAAc,EAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAA;QAC5C,CAAC;QACD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,CAAC,kBAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAA;YACpD,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,4CAA4C;gBAC5C,uEAAuE;gBACvE,GAAG,CAAC,GAAG,CAAC,kBAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;YAC7B,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,GAAG,CAAC,GAAG,CAAC,IAAA,8BAAiB,EAAC,EAAE,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAA;QAC3D,CAAC;QACD,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,EAAE,eAAe,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1D,CAAC;QAED,aAAa;QACb,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACtE,aAAa;QACb,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,QAAQ,KAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;
|
|
1
|
+
{"version":3,"file":"express-builders.js","sourceRoot":"","sources":["../src/express-builders.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA;;GAEG;AACH,8DAAoC;AAEpC,gDAAwC;AAExC,sDAA0C;AAE1C,sEAA4C;AAG5C,qDAAsE;AACtE,oDAA2B;AAC3B,wDAAsD;AACtD,6CAAgD;AAChD,mDAAkD;AAClD,2CAAiC;AASjC,MAAa,cAAc;IAkBzB,YAAoB,IAA2D;QAdvE,cAAS,GAA8C,EAAE,CAAA;QAEzD,iBAAY,GAAyB,SAAS,CAAA;QAI9C,qBAAgB,GAAa,KAAK,CAAA;QASxC,MAAM,EAAE,eAAe,EAAE,YAAY,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;QACpD,IAAI,eAAe,EAAE,CAAC;YACpB,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC,CAAA;QACnC,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,EAAE,CAAA;IACxC,CAAC;IAEM,MAAM,CAAC,mBAAmB,CAAC,IAA2D;QAC3F,OAAO,IAAI,cAAc,CAAC,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAC,CAAA;IACvC,CAAC;IAEM,MAAM,CAAC,cAAc,CAAC,IAAoD;;QAC/E,MAAM,OAAO,GAAG,IAAI,cAAc,CAAC,EAAE,eAAe,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,eAAe,EAAE,YAAY,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,YAAY,EAAE,CAAC,CAAA;QAChH,OAAO,OAAO,CAAC,oBAAoB,iCAAM,IAAI,KAAE,YAAY,EAAE,IAAI,CAAC,QAAQ,EAAE,YAAY,EAAE,MAAA,IAAI,CAAC,cAAc,mCAAI,KAAK,IAAG,CAAA;IAC3H,CAAC;IAEM,YAAY,CAAC,YAAsB;QACxC,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAClC,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,iBAAiB,CAAC,IAAkG;;QACzH,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,KAAI,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1D,MAAM,KAAK,CAAC,iEAAiE,CAAC,CAAA;QAChF,CAAC;QACD,IAAI,CAAC,OAAO,GAAG,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,mCAAI,IAAA,gBAAM,EAAC,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,MAAM,mCAAI,KAAK,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,CAAC,CAAA;QACnF,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,oBAAoB,CAAC,EAC1B,IAAI,EACJ,YAAY,EACZ,QAAQ,EACR,YAAY,GAMb;QACC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;QAC3B,YAAY,IAAI,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAA;QAC/C,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;YACnC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QACnC,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,YAAY,KAAK,IAAI,CAAA;QACzC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,QAAQ,CAAC,IAAY;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,YAAY,CAAC,YAAoB;QACtC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;QAChC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,QAAoB;QAC5C,IAAI,CAAC,cAAc,GAAG,QAAQ,CAAA;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,WAAW,CAAC,eAAwB;QACzC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAA;QACtC,IAAI,CAAC,YAAY,GAAG,KAAK,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,UAAiC;QACzD,IAAI,CAAC,eAAe,GAAG,UAAU,CAAA;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,gBAAgB,CAAC,WAAoB,EAAE,iBAAqC;QACjF,IAAI,CAAC,gBAAgB,GAAG,WAAW,CAAA;QACnC,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAA;QAC1C,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,sBAAsB,CAAC,YAA+B;QAC3D,IAAI,CAAC,aAAa,GAAG,YAAY,CAAA;QACjC,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,YAAY,CAAC,QAAkB;QACpC,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,cAAc,CAAC,OAAgB;QACpC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,CAAC,WAAW,EAAE,EAAE,IAAI,CAAC,cAAc,CAAC,CAAA;QACtF,IAAI,CAAC,WAAW,GAAG,IAAA,sCAAoB,EAAC;YACtC,MAAM,EAAE,IAAI,CAAC,OAAO;YACpB,iCAAiC;SAClC,CAAC,CAAA;QAEF,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,CAAA;IAC/D,CAAC;IAEM,WAAW;;QAChB,OAAO,MAAA,MAAA,IAAI,CAAC,YAAY,mCAAI,IAAA,eAAG,EAAC,UAAU,EAAE,IAAI,CAAC,YAAY,CAAC,mCAAI,SAAS,CAAA;IAC7E,CAAC;IAEM,OAAO;;QACZ,OAAO,CAAC,MAAA,MAAA,IAAI,CAAC,IAAI,mCAAI,IAAA,eAAG,EAAC,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,mCAAI,IAAI,CAAW,CAAA;IACxE,CAAC;IAEM,WAAW,CAAC,QAA2E;QAC5F,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAA;QAC3B,CAAC;aAAM,IAAI,QAAQ,EAAE,CAAC;YACpB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;YACrB,CAAC;YACD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACrB,CAAC;QAED,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,UAAU,CAAC,OAAuC;QACvD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAA;QACrB,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC5B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,kBAAkB,CAAC,WAAmC;QAC3D,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,KAAK,CAAwB,IAInC;QACC,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAA;QACvC,MAAM,cAAc,GAAG,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,MAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAA;QAC5G,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,SAAS,CAAA;QACxC,IAAI,cAAc,IAAI,CAAC,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;YAC5B,OAAO,GAAG,IAAI,CAAA;QAChB,CAAC;QAED,OAAO;YACL,OAAO;YACP,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE;YACpB,QAAQ,EAAE,IAAI,CAAC,WAAW,EAAE;YAC5B,YAAY,EAAE,IAAI,CAAC,aAAa;YAChC,cAAc;YACd,QAAQ,EAAE,IAAI,CAAC,SAAS;YACxB,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE;gBACd,IAAI,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB,EAAE,CAAC;oBAC9B,OAAO,CAAC,GAAG,CAAC,sEAAsE,CAAC,CAAA;gBACrF,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,OAAO,EAAE,CAAC;wBACb,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAA;wBAC5B,OAAO,GAAG,IAAI,CAAA;oBAChB,CAAC;gBACH,CAAC;gBAED,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,mBAAmB,MAAK,IAAI,EAAE,CAAC;oBACvC,OAAO,CAAC,GAAG,CAAC,gCAAgB,CAAC,CAAA;gBAC/B,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,OAAQ,EAAE,UAAU,EAAE,IAAI,CAAC,WAAY,EAAE,CAAA;YACjE,CAAC;YACD,IAAI,EAAE,CAAO,UAA2B,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,UAAU,aAAV,UAAU,cAAV,UAAU,GAAI,IAAI,CAAC,WAAW,CAAA;gBAC3C,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,OAAO,KAAK,CAAA;gBACd,CAAC;gBACD,OAAO,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAA;YAChD,CAAC,CAAA;SACF,CAAA;IACH,CAAC;IAES,YAAY,CAAwB,IAI7C;;QACC,MAAM,GAAG,GAAoB,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,mCAAI,IAAI,CAAC,eAAe,mCAAI,IAAA,iBAAO,GAAE,CAAA;QAC/E,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACvB,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,MAAA,IAAI,CAAC,YAAY,CAAC,KAAK,mCAAI,IAAI,yBAAc,CAAC,WAAW,EAAE,CAAA;YACzE,IAAI,CAAC,YAAY,CAAC,KAAK,GAAG,KAAK,CAAA;YAC/B,GAAG,CAAC,GAAG,CAAC,IAAA,yBAAc,EAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAA;QAC5C,CAAC;QACD,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1B,GAAG,CAAC,GAAG,CAAC,kBAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAA;YACpD,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACtB,4CAA4C;gBAC5C,uEAAuE;gBACvE,GAAG,CAAC,GAAG,CAAC,kBAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;YAC7B,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,GAAG,CAAC,GAAG,CAAC,IAAA,8BAAiB,EAAC,EAAE,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC,CAAA;QAC3D,CAAC;QACD,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACzB,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,EAAE,eAAe,EAAE,GAAG,EAAE,CAAC,CAAA;QAC1D,CAAC;QAED,aAAa;QACb,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QACtE,aAAa;QACb,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,QAAQ,KAAI,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAExC,GAAG,CAAC,GAAG,CAAC,qBAAU,CAAC,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QAClD,GAAG,CAAC,GAAG,CAAC,qBAAU,CAAC,IAAI,EAAE,CAAC,CAAA;QAC1B,OAAO,GAAG,CAAA;IACZ,CAAC;CACF;AAjPD,wCAiPC;AAED,MAAa,qBAAqB;IAUhC,YAAY,IAA2D;QACrE,MAAM,EAAE,eAAe,EAAE,YAAY,EAAE,GAAG,IAAI,aAAJ,IAAI,cAAJ,IAAI,GAAI,EAAE,CAAA;QACpD,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAA;QAC/B,IAAI,CAAC,aAAa,GAAG,YAAY,CAAA;IACnC,CAAC;IAEM,WAAW,CAAC,KAAmE;QACpF,IAAI,CAAC,YAAY,GAAG,KAAK,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,WAAW,CAAC,KAAc;QAC/B,IAAI,CAAC,YAAY,GAAG,KAAK,CAAA;QACzB,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,YAAY,CAAC,KAAwB;QAC1C,IAAI,CAAC,aAAa,GAAG,KAAK,CAAA;QAC1B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,cAAc,CAAC,KAAwB;QAC5C,IAAI,CAAC,eAAe,GAAG,KAAK,CAAA;QAC5B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,gBAAgB,CAAC,KAAc;QACpC,IAAI,CAAC,iBAAiB,GAAG,KAAK,CAAA;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;IAEM,SAAS,CAAC,EAAE,eAAe,EAAiC;;QACjE,MAAM,OAAO,GAAG,eAAe,aAAf,eAAe,cAAf,eAAe,GAAI,IAAI,CAAC,QAAQ,CAAA;QAChD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,KAAK,CAAC,uDAAuD,CAAC,CAAA;QACtE,CAAC;QAED,MAAM,cAAc,GAAG,IAAA,eAAG,EAAC,cAAc,EAAE,IAAI,CAAC,aAAa,CAAC,CAAA;QAC9D,MAAM,YAAY,GAAG,MAAA,IAAI,CAAC,YAAY,mCAAI,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAA;QAChG,IAAI,YAAY,EAAE,CAAC;YACjB,OAAM;QACR,CAAC;QACD,MAAM,iBAAiB,GAAG,MAAA,IAAA,eAAG,EAAC,mBAAmB,EAAE,IAAI,CAAC,aAAa,CAAC,mCAAI,GAAG,CAAA;QAC7E,IAAI,cAAiC,CAAA;QACrC,IAAI,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACpC,cAAc,GAAG,iBAAiB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/C,CAAC;aAAM,IAAI,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3C,cAAc,GAAG,iBAAiB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/C,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,iBAAiB,CAAA;QACpC,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjE,cAAc,GAAG,cAAc,CAAC,CAAC,CAAC,CAAA;QACpC,CAAC;QACD,MAAM,WAAW,6DACf,MAAM,EAAE,MAAA,IAAI,CAAC,YAAY,mCAAI,cAAc,IAExC,CAAC,IAAI,CAAC,aAAa,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,GACvD,CAAC,IAAI,CAAC,eAAe,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,eAAe,EAAE,CAAC,GAClE,CAAC,IAAI,CAAC,iBAAiB,KAAK,SAAS,IAAI,EAAE,WAAW,EAAE,IAAI,CAAC,iBAAiB,EAAE,CAAC,KACpF,oBAAoB,EAAE,GAAG,GAC1B,CAAA;QAED,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,IAAA,cAAI,EAAC,WAAW,CAAC,CAAC,CAAA;QACzC,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAA,cAAI,EAAC,WAAW,CAAC,CAAC,CAAA;IAChC,CAAC;CACF;AA9ED,sDA8EC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-express-support",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.24.0",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -76,5 +76,5 @@
|
|
|
76
76
|
"SSI",
|
|
77
77
|
"Agent"
|
|
78
78
|
],
|
|
79
|
-
"gitHead": "
|
|
79
|
+
"gitHead": "fd8e1082588463c2bd5c8d81d711974971812ef7"
|
|
80
80
|
}
|
package/src/auth-utils.ts
CHANGED
|
@@ -1,155 +1,155 @@
|
|
|
1
|
-
import express, { NextFunction, RequestHandler } from 'express'
|
|
2
|
-
import { ParamsDictionary } from 'express-serve-static-core'
|
|
3
|
-
import passport from 'passport'
|
|
4
|
-
import { ParsedQs } from 'qs'
|
|
5
|
-
import { sendErrorResponse } from './express-utils'
|
|
6
|
-
import { EndpointArgs, hasEndpointOpts, HasEndpointOpts } from './types'
|
|
7
|
-
|
|
8
|
-
export const checkUserIsInRole = (opts: { roles: string | string[] }) => (req: express.Request, res: express.Response, next: NextFunction) => {
|
|
9
|
-
if (!opts?.roles || opts.roles.length === 0) {
|
|
10
|
-
return next()
|
|
11
|
-
}
|
|
12
|
-
const roles = Array.isArray(opts.roles) ? opts.roles : [opts.roles]
|
|
13
|
-
if (!req?.user || !('role' in req.user)) {
|
|
14
|
-
return res.status(401).end()
|
|
15
|
-
}
|
|
16
|
-
|
|
17
|
-
// @ts-ignore
|
|
18
|
-
const hasRole = roles.find((role) => req.user.role.toLowerCase() === role.toLowerCase())
|
|
19
|
-
if (!hasRole) {
|
|
20
|
-
return res.status(403).end()
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
return next()
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
const checkAuthenticationImpl = (req: express.Request, res: express.Response, next: express.NextFunction, opts?: EndpointArgs) => {
|
|
27
|
-
const defaultCallback = (
|
|
28
|
-
err: any,
|
|
29
|
-
user?: Express.User | false | null,
|
|
30
|
-
_info?: object | string | Array<string | undefined>,
|
|
31
|
-
_status?: number | Array<number | undefined>,
|
|
32
|
-
) => {
|
|
33
|
-
if (err) {
|
|
34
|
-
const message = 'message' in err ? err.message : err
|
|
35
|
-
console.log('Authentication failed, error: ' + JSON.stringify(message))
|
|
36
|
-
return next({ statusCode: 403, message })
|
|
37
|
-
} else if (!user) {
|
|
38
|
-
console.log('Authentication failed, no user object present in request. Redirecting to /login')
|
|
39
|
-
// todo: configuration option
|
|
40
|
-
return res.redirect('/authentication/login')
|
|
41
|
-
}
|
|
42
|
-
if (options.session) {
|
|
43
|
-
req.logIn(user, function (err) {
|
|
44
|
-
if (err) {
|
|
45
|
-
return next(err)
|
|
46
|
-
}
|
|
47
|
-
})
|
|
48
|
-
}
|
|
49
|
-
/* /!*if (options.session) {
|
|
50
|
-
req.logIn(user, function (err) {
|
|
51
|
-
if (err) {
|
|
52
|
-
return next(err)
|
|
53
|
-
}
|
|
54
|
-
return res.redirect('/')
|
|
55
|
-
})
|
|
56
|
-
}*!/*/
|
|
57
|
-
return next()
|
|
58
|
-
}
|
|
59
|
-
|
|
60
|
-
if (!opts || !opts.authentication || opts.authentication.enabled === false) {
|
|
61
|
-
return next()
|
|
62
|
-
}
|
|
63
|
-
if (!opts.authentication.strategy) {
|
|
64
|
-
console.log(`Authentication enabled, but no strategy configured. All auth request will be denied!`)
|
|
65
|
-
return res.status(401).end()
|
|
66
|
-
}
|
|
67
|
-
const options = {
|
|
68
|
-
...opts?.authentication?.strategyOptions,
|
|
69
|
-
authInfo: opts?.authentication?.authInfo !== false,
|
|
70
|
-
session: opts?.authentication?.session !== false,
|
|
71
|
-
}
|
|
72
|
-
|
|
73
|
-
const callback = opts?.authentication?.callback ?? (opts?.authentication?.useDefaultCallback ? defaultCallback : undefined)
|
|
74
|
-
|
|
75
|
-
passport.authenticate(opts.authentication.strategy, options, callback).call(this, req, res, next)
|
|
76
|
-
}
|
|
77
|
-
const checkAuthorizationImpl = (req: express.Request, res: express.Response, next: express.NextFunction, opts?: EndpointArgs) => {
|
|
78
|
-
if (!opts || !opts.authentication || !opts.authorization || opts.authentication.enabled === false || opts?.authorization.enabled === false) {
|
|
79
|
-
return next()
|
|
80
|
-
}
|
|
81
|
-
/*if (!req.isAuthenticated()) {
|
|
82
|
-
return sendErrorResponse(res, 403, 'Authorization with an unauthenticated request is not possible')
|
|
83
|
-
}*/
|
|
84
|
-
const authorization = opts.authorization
|
|
85
|
-
|
|
86
|
-
if (!authorization.enforcer && (!authorization.requireUserInRoles || authorization.requireUserInRoles.length === 0)) {
|
|
87
|
-
console.log(`Authorization enabled for endpoint, but no enforcer or roles supplied`)
|
|
88
|
-
return res.status(401).end()
|
|
89
|
-
}
|
|
90
|
-
if (authorization.requireUserInRoles && authorization.requireUserInRoles.length > 0) {
|
|
91
|
-
checkUserIsInRole({ roles: authorization.requireUserInRoles })
|
|
92
|
-
}
|
|
93
|
-
if (authorization.enforcer) {
|
|
94
|
-
const enforcer = authorization.enforcer
|
|
95
|
-
const permitted = enforcer.enforceSync(req.user, opts.resource, opts.operation)
|
|
96
|
-
if (!permitted) {
|
|
97
|
-
console.log(`Access to ${opts.resource} and op ${opts.operation} not allowed for ${req.user}`)
|
|
98
|
-
return res.status(403).end()
|
|
99
|
-
}
|
|
100
|
-
}
|
|
101
|
-
return next()
|
|
102
|
-
}
|
|
103
|
-
|
|
104
|
-
export const checkAuthenticationOnly = (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
105
|
-
// executeRequestHandlers(req, res, next, opts)
|
|
106
|
-
return checkAuthenticationImpl(req, res, next, opts)
|
|
107
|
-
}
|
|
108
|
-
|
|
109
|
-
export const checkAuthorizationOnly = (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
110
|
-
// executeRequestHandlers(req, res, next, opts)
|
|
111
|
-
return checkAuthorizationImpl(req, res, next, opts)
|
|
112
|
-
}
|
|
113
|
-
|
|
114
|
-
export const isUserNotAuthenticated = (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
115
|
-
if (!req.user) {
|
|
116
|
-
next()
|
|
117
|
-
}
|
|
118
|
-
}
|
|
119
|
-
|
|
120
|
-
export const isUserAuthenticated = (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
121
|
-
if (!req.user) {
|
|
122
|
-
return sendErrorResponse(res, 401, 'Authentication required')
|
|
123
|
-
} else {
|
|
124
|
-
return next()
|
|
125
|
-
}
|
|
126
|
-
}
|
|
127
|
-
|
|
128
|
-
export const checkAuth = (opts?: EndpointArgs): RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>[] => {
|
|
129
|
-
const handlers: RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>[] = []
|
|
130
|
-
handlers.push(checkAuthenticationOnly(opts))
|
|
131
|
-
handlers.push(checkAuthorizationOnly(opts))
|
|
132
|
-
opts?.handlers && handlers.push(...opts.handlers)
|
|
133
|
-
return handlers
|
|
134
|
-
}
|
|
135
|
-
|
|
136
|
-
export function copyGlobalAuthToEndpoint(args?: { opts?: HasEndpointOpts; key: string }) {
|
|
137
|
-
const opts = args?.opts
|
|
138
|
-
const key = args?.key
|
|
139
|
-
if (!opts || !key || !hasEndpointOpts(opts)) {
|
|
140
|
-
return
|
|
141
|
-
}
|
|
142
|
-
if (opts.endpointOpts?.globalAuth) {
|
|
143
|
-
if (opts.endpointOpts[key]?.disableGlobalAuth === true) {
|
|
144
|
-
return
|
|
145
|
-
}
|
|
146
|
-
opts.endpointOpts[key] = {
|
|
147
|
-
...opts.endpointOpts[key],
|
|
148
|
-
endpoint: { ...opts.endpointOpts.globalAuth, ...opts.endpointOpts[key]?.endpoint },
|
|
149
|
-
}
|
|
150
|
-
}
|
|
151
|
-
}
|
|
152
|
-
|
|
153
|
-
export function copyGlobalAuthToEndpoints(args?: { opts?: HasEndpointOpts; keys: string[] }) {
|
|
154
|
-
args?.keys.forEach((key) => copyGlobalAuthToEndpoint({ opts: args?.opts, key }))
|
|
155
|
-
}
|
|
1
|
+
import express, { NextFunction, RequestHandler } from 'express'
|
|
2
|
+
import { ParamsDictionary } from 'express-serve-static-core'
|
|
3
|
+
import passport from 'passport'
|
|
4
|
+
import { ParsedQs } from 'qs'
|
|
5
|
+
import { sendErrorResponse } from './express-utils'
|
|
6
|
+
import { EndpointArgs, hasEndpointOpts, HasEndpointOpts } from './types'
|
|
7
|
+
|
|
8
|
+
export const checkUserIsInRole = (opts: { roles: string | string[] }) => (req: express.Request, res: express.Response, next: NextFunction) => {
|
|
9
|
+
if (!opts?.roles || opts.roles.length === 0) {
|
|
10
|
+
return next()
|
|
11
|
+
}
|
|
12
|
+
const roles = Array.isArray(opts.roles) ? opts.roles : [opts.roles]
|
|
13
|
+
if (!req?.user || !('role' in req.user)) {
|
|
14
|
+
return res.status(401).end()
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
// @ts-ignore
|
|
18
|
+
const hasRole = roles.find((role) => req.user.role.toLowerCase() === role.toLowerCase())
|
|
19
|
+
if (!hasRole) {
|
|
20
|
+
return res.status(403).end()
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
return next()
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
const checkAuthenticationImpl = (req: express.Request, res: express.Response, next: express.NextFunction, opts?: EndpointArgs) => {
|
|
27
|
+
const defaultCallback = (
|
|
28
|
+
err: any,
|
|
29
|
+
user?: Express.User | false | null,
|
|
30
|
+
_info?: object | string | Array<string | undefined>,
|
|
31
|
+
_status?: number | Array<number | undefined>,
|
|
32
|
+
) => {
|
|
33
|
+
if (err) {
|
|
34
|
+
const message = 'message' in err ? err.message : err
|
|
35
|
+
console.log('Authentication failed, error: ' + JSON.stringify(message))
|
|
36
|
+
return next({ statusCode: 403, message })
|
|
37
|
+
} else if (!user) {
|
|
38
|
+
console.log('Authentication failed, no user object present in request. Redirecting to /login')
|
|
39
|
+
// todo: configuration option
|
|
40
|
+
return res.redirect('/authentication/login')
|
|
41
|
+
}
|
|
42
|
+
if (options.session) {
|
|
43
|
+
req.logIn(user, function (err) {
|
|
44
|
+
if (err) {
|
|
45
|
+
return next(err)
|
|
46
|
+
}
|
|
47
|
+
})
|
|
48
|
+
}
|
|
49
|
+
/* /!*if (options.session) {
|
|
50
|
+
req.logIn(user, function (err) {
|
|
51
|
+
if (err) {
|
|
52
|
+
return next(err)
|
|
53
|
+
}
|
|
54
|
+
return res.redirect('/')
|
|
55
|
+
})
|
|
56
|
+
}*!/*/
|
|
57
|
+
return next()
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
if (!opts || !opts.authentication || opts.authentication.enabled === false) {
|
|
61
|
+
return next()
|
|
62
|
+
}
|
|
63
|
+
if (!opts.authentication.strategy) {
|
|
64
|
+
console.log(`Authentication enabled, but no strategy configured. All auth request will be denied!`)
|
|
65
|
+
return res.status(401).end()
|
|
66
|
+
}
|
|
67
|
+
const options = {
|
|
68
|
+
...opts?.authentication?.strategyOptions,
|
|
69
|
+
authInfo: opts?.authentication?.authInfo !== false,
|
|
70
|
+
session: opts?.authentication?.session !== false,
|
|
71
|
+
}
|
|
72
|
+
|
|
73
|
+
const callback = opts?.authentication?.callback ?? (opts?.authentication?.useDefaultCallback ? defaultCallback : undefined)
|
|
74
|
+
|
|
75
|
+
passport.authenticate(opts.authentication.strategy, options, callback).call(this, req, res, next)
|
|
76
|
+
}
|
|
77
|
+
const checkAuthorizationImpl = (req: express.Request, res: express.Response, next: express.NextFunction, opts?: EndpointArgs) => {
|
|
78
|
+
if (!opts || !opts.authentication || !opts.authorization || opts.authentication.enabled === false || opts?.authorization.enabled === false) {
|
|
79
|
+
return next()
|
|
80
|
+
}
|
|
81
|
+
/*if (!req.isAuthenticated()) {
|
|
82
|
+
return sendErrorResponse(res, 403, 'Authorization with an unauthenticated request is not possible')
|
|
83
|
+
}*/
|
|
84
|
+
const authorization = opts.authorization
|
|
85
|
+
|
|
86
|
+
if (!authorization.enforcer && (!authorization.requireUserInRoles || authorization.requireUserInRoles.length === 0)) {
|
|
87
|
+
console.log(`Authorization enabled for endpoint, but no enforcer or roles supplied`)
|
|
88
|
+
return res.status(401).end()
|
|
89
|
+
}
|
|
90
|
+
if (authorization.requireUserInRoles && authorization.requireUserInRoles.length > 0) {
|
|
91
|
+
checkUserIsInRole({ roles: authorization.requireUserInRoles })
|
|
92
|
+
}
|
|
93
|
+
if (authorization.enforcer) {
|
|
94
|
+
const enforcer = authorization.enforcer
|
|
95
|
+
const permitted = enforcer.enforceSync(req.user, opts.resource, opts.operation)
|
|
96
|
+
if (!permitted) {
|
|
97
|
+
console.log(`Access to ${opts.resource} and op ${opts.operation} not allowed for ${req.user}`)
|
|
98
|
+
return res.status(403).end()
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
return next()
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
export const checkAuthenticationOnly = (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
105
|
+
// executeRequestHandlers(req, res, next, opts)
|
|
106
|
+
return checkAuthenticationImpl(req, res, next, opts)
|
|
107
|
+
}
|
|
108
|
+
|
|
109
|
+
export const checkAuthorizationOnly = (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
110
|
+
// executeRequestHandlers(req, res, next, opts)
|
|
111
|
+
return checkAuthorizationImpl(req, res, next, opts)
|
|
112
|
+
}
|
|
113
|
+
|
|
114
|
+
export const isUserNotAuthenticated = (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
115
|
+
if (!req.user) {
|
|
116
|
+
next()
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
|
|
120
|
+
export const isUserAuthenticated = (req: express.Request, res: express.Response, next: express.NextFunction) => {
|
|
121
|
+
if (!req.user) {
|
|
122
|
+
return sendErrorResponse(res, 401, 'Authentication required')
|
|
123
|
+
} else {
|
|
124
|
+
return next()
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
export const checkAuth = (opts?: EndpointArgs): RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>[] => {
|
|
129
|
+
const handlers: RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>[] = []
|
|
130
|
+
handlers.push(checkAuthenticationOnly(opts))
|
|
131
|
+
handlers.push(checkAuthorizationOnly(opts))
|
|
132
|
+
opts?.handlers && handlers.push(...opts.handlers)
|
|
133
|
+
return handlers
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
export function copyGlobalAuthToEndpoint(args?: { opts?: HasEndpointOpts; key: string }) {
|
|
137
|
+
const opts = args?.opts
|
|
138
|
+
const key = args?.key
|
|
139
|
+
if (!opts || !key || !hasEndpointOpts(opts)) {
|
|
140
|
+
return
|
|
141
|
+
}
|
|
142
|
+
if (opts.endpointOpts?.globalAuth) {
|
|
143
|
+
if (opts.endpointOpts[key]?.disableGlobalAuth === true) {
|
|
144
|
+
return
|
|
145
|
+
}
|
|
146
|
+
opts.endpointOpts[key] = {
|
|
147
|
+
...opts.endpointOpts[key],
|
|
148
|
+
endpoint: { ...opts.endpointOpts.globalAuth, ...opts.endpointOpts[key]?.endpoint },
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
export function copyGlobalAuthToEndpoints(args?: { opts?: HasEndpointOpts; keys: string[] }) {
|
|
154
|
+
args?.keys.forEach((key) => copyGlobalAuthToEndpoint({ opts: args?.opts, key }))
|
|
155
|
+
}
|
package/src/entra-id-auth.ts
CHANGED
|
@@ -1,47 +1,47 @@
|
|
|
1
|
-
import passport from 'passport'
|
|
2
|
-
import { IBearerStrategyOption, IBearerStrategyOptionWithRequest, ITokenPayload, VerifyCallback } from './types'
|
|
3
|
-
|
|
4
|
-
export class EntraIDAuth {
|
|
5
|
-
private readonly strategy: string
|
|
6
|
-
private options?: IBearerStrategyOptionWithRequest
|
|
7
|
-
|
|
8
|
-
public static init(strategy: string) {
|
|
9
|
-
return new EntraIDAuth(strategy)
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
private constructor(strategy: string) {
|
|
13
|
-
this.strategy = strategy
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
public withOptions(options: IBearerStrategyOption | IBearerStrategyOptionWithRequest): this {
|
|
17
|
-
this.options = {
|
|
18
|
-
...options,
|
|
19
|
-
passReqToCallback: 'passReqToCallback' in options ? options.passReqToCallback : false,
|
|
20
|
-
}
|
|
21
|
-
return this
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
connectPassport() {
|
|
25
|
-
const _options = this.options
|
|
26
|
-
if (!_options) {
|
|
27
|
-
throw Error('No options supplied for EntraID')
|
|
28
|
-
}
|
|
29
|
-
import('passport-azure-ad')
|
|
30
|
-
.then((entraID) =>
|
|
31
|
-
passport.use(
|
|
32
|
-
this.strategy,
|
|
33
|
-
new entraID.BearerStrategy(_options, function (token: ITokenPayload, cb: VerifyCallback): void {
|
|
34
|
-
if (token) {
|
|
35
|
-
// console.log(`token: ${JSON.stringify(token, null, 2)}`)
|
|
36
|
-
return cb(null, token)
|
|
37
|
-
}
|
|
38
|
-
return cb('bearer token not found or incorrect', null)
|
|
39
|
-
}),
|
|
40
|
-
),
|
|
41
|
-
)
|
|
42
|
-
.catch((reason) => {
|
|
43
|
-
console.log(reason)
|
|
44
|
-
throw Error('Could not create bearer strategy. Did you include the "passport-azure-ad/bearer-strategy" dependency in package.json?')
|
|
45
|
-
})
|
|
46
|
-
}
|
|
47
|
-
}
|
|
1
|
+
import passport from 'passport'
|
|
2
|
+
import { IBearerStrategyOption, IBearerStrategyOptionWithRequest, ITokenPayload, VerifyCallback } from './types'
|
|
3
|
+
|
|
4
|
+
export class EntraIDAuth {
|
|
5
|
+
private readonly strategy: string
|
|
6
|
+
private options?: IBearerStrategyOptionWithRequest
|
|
7
|
+
|
|
8
|
+
public static init(strategy: string) {
|
|
9
|
+
return new EntraIDAuth(strategy)
|
|
10
|
+
}
|
|
11
|
+
|
|
12
|
+
private constructor(strategy: string) {
|
|
13
|
+
this.strategy = strategy
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
public withOptions(options: IBearerStrategyOption | IBearerStrategyOptionWithRequest): this {
|
|
17
|
+
this.options = {
|
|
18
|
+
...options,
|
|
19
|
+
passReqToCallback: 'passReqToCallback' in options ? options.passReqToCallback : false,
|
|
20
|
+
}
|
|
21
|
+
return this
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
connectPassport() {
|
|
25
|
+
const _options = this.options
|
|
26
|
+
if (!_options) {
|
|
27
|
+
throw Error('No options supplied for EntraID')
|
|
28
|
+
}
|
|
29
|
+
import('passport-azure-ad')
|
|
30
|
+
.then((entraID) =>
|
|
31
|
+
passport.use(
|
|
32
|
+
this.strategy,
|
|
33
|
+
new entraID.BearerStrategy(_options, function (token: ITokenPayload, cb: VerifyCallback): void {
|
|
34
|
+
if (token) {
|
|
35
|
+
// console.log(`token: ${JSON.stringify(token, null, 2)}`)
|
|
36
|
+
return cb(null, token)
|
|
37
|
+
}
|
|
38
|
+
return cb('bearer token not found or incorrect', null)
|
|
39
|
+
}),
|
|
40
|
+
),
|
|
41
|
+
)
|
|
42
|
+
.catch((reason) => {
|
|
43
|
+
console.log(reason)
|
|
44
|
+
throw Error('Could not create bearer strategy. Did you include the "passport-azure-ad/bearer-strategy" dependency in package.json?')
|
|
45
|
+
})
|
|
46
|
+
}
|
|
47
|
+
}
|