@sphereon/ssi-express-support 0.33.1-feature.vcdm2.tsup.31 → 0.33.1-next.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth-utils.d.ts +21 -0
- package/dist/auth-utils.d.ts.map +1 -0
- package/dist/auth-utils.js +148 -0
- package/dist/auth-utils.js.map +1 -0
- package/dist/entra-id-auth.d.ts +10 -0
- package/dist/entra-id-auth.d.ts.map +1 -0
- package/dist/entra-id-auth.js +61 -0
- package/dist/entra-id-auth.js.map +1 -0
- package/dist/express-builders.d.ts +99 -0
- package/dist/express-builders.d.ts.map +1 -0
- package/dist/express-builders.js +281 -0
- package/dist/express-builders.js.map +1 -0
- package/dist/express-utils.d.ts +4 -0
- package/dist/express-utils.d.ts.map +1 -0
- package/dist/express-utils.js +55 -0
- package/dist/express-utils.js.map +1 -0
- package/dist/functions.d.ts +2 -0
- package/dist/functions.d.ts.map +1 -0
- package/dist/functions.js +10 -0
- package/dist/functions.js.map +1 -0
- package/dist/index.d.ts +9 -403
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +26 -911
- package/dist/index.js.map +1 -1
- package/dist/openid-connect-rp.d.ts +54 -0
- package/dist/openid-connect-rp.d.ts.map +1 -0
- package/dist/openid-connect-rp.js +214 -0
- package/dist/openid-connect-rp.js.map +1 -0
- package/dist/static-bearer-auth.d.ts +34 -0
- package/dist/static-bearer-auth.d.ts.map +1 -0
- package/dist/static-bearer-auth.js +146 -0
- package/dist/static-bearer-auth.js.map +1 -0
- package/dist/types.d.ts +193 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +7 -0
- package/dist/types.js.map +1 -0
- package/package.json +10 -21
- package/src/openid-connect-rp.ts +0 -1
- package/src/static-bearer-auth.ts +3 -5
- package/dist/index.cjs +0 -944
- package/dist/index.cjs.map +0 -1
- package/dist/index.d.cts +0 -403
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import express, { NextFunction, RequestHandler } from 'express';
|
|
2
|
+
import { ParamsDictionary } from 'express-serve-static-core';
|
|
3
|
+
import { ParsedQs } from 'qs';
|
|
4
|
+
import { EndpointArgs, HasEndpointOpts } from './types';
|
|
5
|
+
export declare const checkUserIsInRole: (opts: {
|
|
6
|
+
roles: string | string[];
|
|
7
|
+
}) => (req: express.Request, res: express.Response, next: NextFunction) => void | express.Response<any, Record<string, any>>;
|
|
8
|
+
export declare const checkAuthenticationOnly: (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => void | express.Response<any, Record<string, any>>;
|
|
9
|
+
export declare const checkAuthorizationOnly: (opts?: EndpointArgs) => (req: express.Request, res: express.Response, next: express.NextFunction) => void | express.Response<any, Record<string, any>>;
|
|
10
|
+
export declare const isUserNotAuthenticated: (req: express.Request, res: express.Response, next: express.NextFunction) => void;
|
|
11
|
+
export declare const isUserAuthenticated: (req: express.Request, res: express.Response, next: express.NextFunction) => void | express.Response<any, Record<string, any>>;
|
|
12
|
+
export declare const checkAuth: (opts?: EndpointArgs) => RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>[];
|
|
13
|
+
export declare function copyGlobalAuthToEndpoint(args?: {
|
|
14
|
+
opts?: HasEndpointOpts;
|
|
15
|
+
key: string;
|
|
16
|
+
}): void;
|
|
17
|
+
export declare function copyGlobalAuthToEndpoints(args?: {
|
|
18
|
+
opts?: HasEndpointOpts;
|
|
19
|
+
keys: string[];
|
|
20
|
+
}): void;
|
|
21
|
+
//# sourceMappingURL=auth-utils.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-utils.d.ts","sourceRoot":"","sources":["../src/auth-utils.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,EAAE,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAC/D,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAE5D,OAAO,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAA;AAE7B,OAAO,EAAE,YAAY,EAAmB,eAAe,EAAE,MAAM,SAAS,CAAA;AAExE,eAAO,MAAM,iBAAiB,SAAU;IAAE,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;CAAE,WAAW,OAAO,CAAC,OAAO,OAAO,OAAO,CAAC,QAAQ,QAAQ,YAAY,sDAgBxI,CAAA;AAgFD,eAAO,MAAM,uBAAuB,UAAW,YAAY,WAAW,OAAO,CAAC,OAAO,OAAO,OAAO,CAAC,QAAQ,QAAQ,OAAO,CAAC,YAAY,sDAGvI,CAAA;AAED,eAAO,MAAM,sBAAsB,UAAW,YAAY,WAAW,OAAO,CAAC,OAAO,OAAO,OAAO,CAAC,QAAQ,QAAQ,OAAO,CAAC,YAAY,sDAGtI,CAAA;AAED,eAAO,MAAM,sBAAsB,QAAS,OAAO,CAAC,OAAO,OAAO,OAAO,CAAC,QAAQ,QAAQ,OAAO,CAAC,YAAY,SAI7G,CAAA;AAED,eAAO,MAAM,mBAAmB,QAAS,OAAO,CAAC,OAAO,OAAO,OAAO,CAAC,QAAQ,QAAQ,OAAO,CAAC,YAAY,sDAM1G,CAAA;AAED,eAAO,MAAM,SAAS,UAAW,YAAY,KAAG,cAAc,CAAC,gBAAgB,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,EAMxH,CAAA;AAED,wBAAgB,wBAAwB,CAAC,IAAI,CAAC,EAAE;IAAE,IAAI,CAAC,EAAE,eAAe,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,QAmBtF;AAED,wBAAgB,yBAAyB,CAAC,IAAI,CAAC,EAAE;IAAE,IAAI,CAAC,EAAE,eAAe,CAAC;IAAC,IAAI,EAAE,MAAM,EAAE,CAAA;CAAE,QAE1F"}
|
|
@@ -0,0 +1,148 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.checkAuth = exports.isUserAuthenticated = exports.isUserNotAuthenticated = exports.checkAuthorizationOnly = exports.checkAuthenticationOnly = exports.checkUserIsInRole = void 0;
|
|
7
|
+
exports.copyGlobalAuthToEndpoint = copyGlobalAuthToEndpoint;
|
|
8
|
+
exports.copyGlobalAuthToEndpoints = copyGlobalAuthToEndpoints;
|
|
9
|
+
const passport_1 = __importDefault(require("passport"));
|
|
10
|
+
const express_utils_1 = require("./express-utils");
|
|
11
|
+
const types_1 = require("./types");
|
|
12
|
+
const checkUserIsInRole = (opts) => (req, res, next) => {
|
|
13
|
+
if (!(opts === null || opts === void 0 ? void 0 : opts.roles) || opts.roles.length === 0) {
|
|
14
|
+
return next();
|
|
15
|
+
}
|
|
16
|
+
const roles = Array.isArray(opts.roles) ? opts.roles : [opts.roles];
|
|
17
|
+
if (!(req === null || req === void 0 ? void 0 : req.user) || !('role' in req.user)) {
|
|
18
|
+
return res.status(401).end();
|
|
19
|
+
}
|
|
20
|
+
// @ts-ignore
|
|
21
|
+
const hasRole = roles.find((role) => req.user.role.toLowerCase() === role.toLowerCase());
|
|
22
|
+
if (!hasRole) {
|
|
23
|
+
return res.status(403).end();
|
|
24
|
+
}
|
|
25
|
+
return next();
|
|
26
|
+
};
|
|
27
|
+
exports.checkUserIsInRole = checkUserIsInRole;
|
|
28
|
+
const checkAuthenticationImpl = (req, res, next, opts) => {
|
|
29
|
+
var _a, _b, _c, _d, _e, _f;
|
|
30
|
+
const defaultCallback = (err, user, _info, _status) => {
|
|
31
|
+
if (err) {
|
|
32
|
+
const message = 'message' in err ? err.message : err;
|
|
33
|
+
console.log('Authentication failed, error: ' + JSON.stringify(message));
|
|
34
|
+
return next({ statusCode: 403, message });
|
|
35
|
+
}
|
|
36
|
+
else if (!user) {
|
|
37
|
+
console.log('Authentication failed, no user object present in request. Redirecting to /login');
|
|
38
|
+
// todo: configuration option
|
|
39
|
+
return res.redirect('/authentication/login');
|
|
40
|
+
}
|
|
41
|
+
if (options.session) {
|
|
42
|
+
req.logIn(user, function (err) {
|
|
43
|
+
if (err) {
|
|
44
|
+
return next(err);
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
}
|
|
48
|
+
/* /!*if (options.session) {
|
|
49
|
+
req.logIn(user, function (err) {
|
|
50
|
+
if (err) {
|
|
51
|
+
return next(err)
|
|
52
|
+
}
|
|
53
|
+
return res.redirect('/')
|
|
54
|
+
})
|
|
55
|
+
}*!/*/
|
|
56
|
+
return next();
|
|
57
|
+
};
|
|
58
|
+
if (!opts || !opts.authentication || opts.authentication.enabled === false) {
|
|
59
|
+
return next();
|
|
60
|
+
}
|
|
61
|
+
if (!opts.authentication.strategy) {
|
|
62
|
+
console.log(`Authentication enabled, but no strategy configured. All auth request will be denied!`);
|
|
63
|
+
return res.status(401).end();
|
|
64
|
+
}
|
|
65
|
+
const options = Object.assign(Object.assign({}, (_a = opts === null || opts === void 0 ? void 0 : opts.authentication) === null || _a === void 0 ? void 0 : _a.strategyOptions), { authInfo: ((_b = opts === null || opts === void 0 ? void 0 : opts.authentication) === null || _b === void 0 ? void 0 : _b.authInfo) !== false, session: ((_c = opts === null || opts === void 0 ? void 0 : opts.authentication) === null || _c === void 0 ? void 0 : _c.session) !== false });
|
|
66
|
+
const callback = (_e = (_d = opts === null || opts === void 0 ? void 0 : opts.authentication) === null || _d === void 0 ? void 0 : _d.callback) !== null && _e !== void 0 ? _e : (((_f = opts === null || opts === void 0 ? void 0 : opts.authentication) === null || _f === void 0 ? void 0 : _f.useDefaultCallback) ? defaultCallback : undefined);
|
|
67
|
+
passport_1.default.authenticate(opts.authentication.strategy, options, callback).call(this, req, res, next);
|
|
68
|
+
};
|
|
69
|
+
const checkAuthorizationImpl = (req, res, next, opts) => {
|
|
70
|
+
if (!opts || !opts.authentication || !opts.authorization || opts.authentication.enabled === false || (opts === null || opts === void 0 ? void 0 : opts.authorization.enabled) === false) {
|
|
71
|
+
return next();
|
|
72
|
+
}
|
|
73
|
+
/*if (!req.isAuthenticated()) {
|
|
74
|
+
return sendErrorResponse(res, 403, 'Authorization with an unauthenticated request is not possible')
|
|
75
|
+
}*/
|
|
76
|
+
const authorization = opts.authorization;
|
|
77
|
+
if (!authorization.enforcer && (!authorization.requireUserInRoles || authorization.requireUserInRoles.length === 0)) {
|
|
78
|
+
console.log(`Authorization enabled for endpoint, but no enforcer or roles supplied`);
|
|
79
|
+
return res.status(401).end();
|
|
80
|
+
}
|
|
81
|
+
if (authorization.requireUserInRoles && authorization.requireUserInRoles.length > 0) {
|
|
82
|
+
(0, exports.checkUserIsInRole)({ roles: authorization.requireUserInRoles });
|
|
83
|
+
}
|
|
84
|
+
if (authorization.enforcer) {
|
|
85
|
+
const enforcer = authorization.enforcer;
|
|
86
|
+
const permitted = enforcer.enforceSync(req.user, opts.resource, opts.operation);
|
|
87
|
+
if (!permitted) {
|
|
88
|
+
console.log(`Access to ${opts.resource} and op ${opts.operation} not allowed for ${req.user}`);
|
|
89
|
+
return res.status(403).end();
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
return next();
|
|
93
|
+
};
|
|
94
|
+
const checkAuthenticationOnly = (opts) => (req, res, next) => {
|
|
95
|
+
// executeRequestHandlers(req, res, next, opts)
|
|
96
|
+
return checkAuthenticationImpl(req, res, next, opts);
|
|
97
|
+
};
|
|
98
|
+
exports.checkAuthenticationOnly = checkAuthenticationOnly;
|
|
99
|
+
const checkAuthorizationOnly = (opts) => (req, res, next) => {
|
|
100
|
+
// executeRequestHandlers(req, res, next, opts)
|
|
101
|
+
return checkAuthorizationImpl(req, res, next, opts);
|
|
102
|
+
};
|
|
103
|
+
exports.checkAuthorizationOnly = checkAuthorizationOnly;
|
|
104
|
+
const isUserNotAuthenticated = (req, res, next) => {
|
|
105
|
+
if (!req.user) {
|
|
106
|
+
next();
|
|
107
|
+
}
|
|
108
|
+
};
|
|
109
|
+
exports.isUserNotAuthenticated = isUserNotAuthenticated;
|
|
110
|
+
const isUserAuthenticated = (req, res, next) => {
|
|
111
|
+
if (!req.user) {
|
|
112
|
+
return (0, express_utils_1.sendErrorResponse)(res, 401, 'Authentication required');
|
|
113
|
+
}
|
|
114
|
+
else {
|
|
115
|
+
return next();
|
|
116
|
+
}
|
|
117
|
+
};
|
|
118
|
+
exports.isUserAuthenticated = isUserAuthenticated;
|
|
119
|
+
const checkAuth = (opts) => {
|
|
120
|
+
const handlers = [];
|
|
121
|
+
handlers.push((0, exports.checkAuthenticationOnly)(opts));
|
|
122
|
+
handlers.push((0, exports.checkAuthorizationOnly)(opts));
|
|
123
|
+
(opts === null || opts === void 0 ? void 0 : opts.handlers) && handlers.push(...opts.handlers);
|
|
124
|
+
return handlers;
|
|
125
|
+
};
|
|
126
|
+
exports.checkAuth = checkAuth;
|
|
127
|
+
function copyGlobalAuthToEndpoint(args) {
|
|
128
|
+
var _a, _b, _c;
|
|
129
|
+
const opts = args === null || args === void 0 ? void 0 : args.opts;
|
|
130
|
+
const key = args === null || args === void 0 ? void 0 : args.key;
|
|
131
|
+
if (!opts || !key || !(0, types_1.hasEndpointOpts)(opts)) {
|
|
132
|
+
return;
|
|
133
|
+
}
|
|
134
|
+
if (key === 'basePath') {
|
|
135
|
+
// make sure to not copy base path over, as we use these at the global router, and this would repeat the path
|
|
136
|
+
return;
|
|
137
|
+
}
|
|
138
|
+
if ((_a = opts.endpointOpts) === null || _a === void 0 ? void 0 : _a.globalAuth) {
|
|
139
|
+
if (((_b = opts.endpointOpts[key]) === null || _b === void 0 ? void 0 : _b.disableGlobalAuth) === true) {
|
|
140
|
+
return;
|
|
141
|
+
}
|
|
142
|
+
opts.endpointOpts[key] = Object.assign(Object.assign({}, opts.endpointOpts[key]), { endpoint: Object.assign(Object.assign({}, opts.endpointOpts.globalAuth), (_c = opts.endpointOpts[key]) === null || _c === void 0 ? void 0 : _c.endpoint) });
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
function copyGlobalAuthToEndpoints(args) {
|
|
146
|
+
args === null || args === void 0 ? void 0 : args.keys.forEach((key) => copyGlobalAuthToEndpoint({ opts: args === null || args === void 0 ? void 0 : args.opts, key }));
|
|
147
|
+
}
|
|
148
|
+
//# sourceMappingURL=auth-utils.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-utils.js","sourceRoot":"","sources":["../src/auth-utils.ts"],"names":[],"mappings":";;;;;;AAuIA,4DAmBC;AAED,8DAEC;AA5JD,wDAA+B;AAE/B,mDAAmD;AACnD,mCAAwE;AAEjE,MAAM,iBAAiB,GAAG,CAAC,IAAkC,EAAE,EAAE,CAAC,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAAkB,EAAE,EAAE;IAC3I,IAAI,CAAC,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,CAAA,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;IACD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;IACnE,IAAI,CAAC,CAAA,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,IAAI,CAAA,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACxC,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;IAC9B,CAAC;IAED,aAAa;IACb,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC,CAAA;IACxF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;IAC9B,CAAC;IAED,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA;AAhBY,QAAA,iBAAiB,qBAgB7B;AAED,MAAM,uBAAuB,GAAG,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,IAAmB,EAAE,EAAE;;IAC/H,MAAM,eAAe,GAAG,CACtB,GAAQ,EACR,IAAkC,EAClC,KAAmD,EACnD,OAA4C,EAC5C,EAAE;QACF,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,OAAO,GAAG,SAAS,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAA;YACpD,OAAO,CAAC,GAAG,CAAC,gCAAgC,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;YACvE,OAAO,IAAI,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAA;QAC3C,CAAC;aAAM,IAAI,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,iFAAiF,CAAC,CAAA;YAC9F,6BAA6B;YAC7B,OAAO,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAA;QAC9C,CAAC;QACD,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,GAAG;gBAC3B,IAAI,GAAG,EAAE,CAAC;oBACR,OAAO,IAAI,CAAC,GAAG,CAAC,CAAA;gBAClB,CAAC;YACH,CAAC,CAAC,CAAA;QACJ,CAAC;QACD;;;;;;;qBAOa;QACb,OAAO,IAAI,EAAE,CAAA;IACf,CAAC,CAAA;IAED,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC3E,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAAA;QACnG,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;IAC9B,CAAC;IACD,MAAM,OAAO,mCACR,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,0CAAE,eAAe,KACxC,QAAQ,EAAE,CAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,0CAAE,QAAQ,MAAK,KAAK,EAClD,OAAO,EAAE,CAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,0CAAE,OAAO,MAAK,KAAK,GACjD,CAAA;IAED,MAAM,QAAQ,GAAG,MAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,0CAAE,QAAQ,mCAAI,CAAC,CAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,cAAc,0CAAE,kBAAkB,EAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;IAE3H,kBAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAA;AACnG,CAAC,CAAA;AACD,MAAM,sBAAsB,GAAG,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,IAAmB,EAAE,EAAE;IAC9H,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,cAAc,CAAC,OAAO,KAAK,KAAK,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,aAAa,CAAC,OAAO,MAAK,KAAK,EAAE,CAAC;QAC3I,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;IACD;;WAEO;IACP,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAA;IAExC,IAAI,CAAC,aAAa,CAAC,QAAQ,IAAI,CAAC,CAAC,aAAa,CAAC,kBAAkB,IAAI,aAAa,CAAC,kBAAkB,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACpH,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAA;QACpF,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;IAC9B,CAAC;IACD,IAAI,aAAa,CAAC,kBAAkB,IAAI,aAAa,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpF,IAAA,yBAAiB,EAAC,EAAE,KAAK,EAAE,aAAa,CAAC,kBAAkB,EAAE,CAAC,CAAA;IAChE,CAAC;IACD,IAAI,aAAa,CAAC,QAAQ,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAA;QACvC,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,CAAA;QAC/E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,QAAQ,WAAW,IAAI,CAAC,SAAS,oBAAoB,GAAG,CAAC,IAAI,EAAE,CAAC,CAAA;YAC9F,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAA;QAC9B,CAAC;IACH,CAAC;IACD,OAAO,IAAI,EAAE,CAAA;AACf,CAAC,CAAA;AAEM,MAAM,uBAAuB,GAAG,CAAC,IAAmB,EAAE,EAAE,CAAC,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;IAC1I,+CAA+C;IAC/C,OAAO,uBAAuB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;AACtD,CAAC,CAAA;AAHY,QAAA,uBAAuB,2BAGnC;AAEM,MAAM,sBAAsB,GAAG,CAAC,IAAmB,EAAE,EAAE,CAAC,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;IACzI,+CAA+C;IAC/C,OAAO,sBAAsB,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAA;AACrD,CAAC,CAAA;AAHY,QAAA,sBAAsB,0BAGlC;AAEM,MAAM,sBAAsB,GAAG,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;IAChH,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACd,IAAI,EAAE,CAAA;IACR,CAAC;AACH,CAAC,CAAA;AAJY,QAAA,sBAAsB,0BAIlC;AAEM,MAAM,mBAAmB,GAAG,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;IAC7G,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,IAAA,iCAAiB,EAAC,GAAG,EAAE,GAAG,EAAE,yBAAyB,CAAC,CAAA;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,EAAE,CAAA;IACf,CAAC;AACH,CAAC,CAAA;AANY,QAAA,mBAAmB,uBAM/B;AAEM,MAAM,SAAS,GAAG,CAAC,IAAmB,EAA+E,EAAE;IAC5H,MAAM,QAAQ,GAAgF,EAAE,CAAA;IAChG,QAAQ,CAAC,IAAI,CAAC,IAAA,+BAAuB,EAAC,IAAI,CAAC,CAAC,CAAA;IAC5C,QAAQ,CAAC,IAAI,CAAC,IAAA,8BAAsB,EAAC,IAAI,CAAC,CAAC,CAAA;IAC3C,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,QAAQ,KAAI,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAA;IACjD,OAAO,QAAQ,CAAA;AACjB,CAAC,CAAA;AANY,QAAA,SAAS,aAMrB;AAED,SAAgB,wBAAwB,CAAC,IAA8C;;IACrF,MAAM,IAAI,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,CAAA;IACvB,MAAM,GAAG,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,CAAA;IACrB,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC,IAAA,uBAAe,EAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAM;IACR,CAAC;IACD,IAAI,GAAG,KAAK,UAAU,EAAE,CAAC;QACvB,6GAA6G;QAC7G,OAAM;IACR,CAAC;IACD,IAAI,MAAA,IAAI,CAAC,YAAY,0CAAE,UAAU,EAAE,CAAC;QAClC,IAAI,CAAA,MAAA,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,0CAAE,iBAAiB,MAAK,IAAI,EAAE,CAAC;YACvD,OAAM;QACR,CAAC;QACD,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,mCACjB,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KACzB,QAAQ,kCAAO,IAAI,CAAC,YAAY,CAAC,UAAU,GAAK,MAAA,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,0CAAE,QAAQ,IACjF,CAAA;IACH,CAAC;AACH,CAAC;AAED,SAAgB,yBAAyB,CAAC,IAAiD;IACzF,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,wBAAwB,CAAC,EAAE,IAAI,EAAE,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC,CAAA;AAClF,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { IBearerStrategyOption, IBearerStrategyOptionWithRequest } from './types';
|
|
2
|
+
export declare class EntraIDAuth {
|
|
3
|
+
private readonly strategy;
|
|
4
|
+
private options?;
|
|
5
|
+
static init(strategy: string): EntraIDAuth;
|
|
6
|
+
private constructor();
|
|
7
|
+
withOptions(options: IBearerStrategyOption | IBearerStrategyOptionWithRequest): this;
|
|
8
|
+
connectPassport(): void;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=entra-id-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entra-id-auth.d.ts","sourceRoot":"","sources":["../src/entra-id-auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,qBAAqB,EAAE,gCAAgC,EAAiC,MAAM,SAAS,CAAA;AAEhH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAQ;IACjC,OAAO,CAAC,OAAO,CAAC,CAAkC;WAEpC,IAAI,CAAC,QAAQ,EAAE,MAAM;IAInC,OAAO;IAIA,WAAW,CAAC,OAAO,EAAE,qBAAqB,GAAG,gCAAgC,GAAG,IAAI;IAQ3F,eAAe;CAuBhB"}
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
24
|
+
};
|
|
25
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
26
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
27
|
+
};
|
|
28
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
|
+
exports.EntraIDAuth = void 0;
|
|
30
|
+
const passport_1 = __importDefault(require("passport"));
|
|
31
|
+
class EntraIDAuth {
|
|
32
|
+
static init(strategy) {
|
|
33
|
+
return new EntraIDAuth(strategy);
|
|
34
|
+
}
|
|
35
|
+
constructor(strategy) {
|
|
36
|
+
this.strategy = strategy;
|
|
37
|
+
}
|
|
38
|
+
withOptions(options) {
|
|
39
|
+
this.options = Object.assign(Object.assign({}, options), { passReqToCallback: 'passReqToCallback' in options ? options.passReqToCallback : false });
|
|
40
|
+
return this;
|
|
41
|
+
}
|
|
42
|
+
connectPassport() {
|
|
43
|
+
const _options = this.options;
|
|
44
|
+
if (!_options) {
|
|
45
|
+
throw Error('No options supplied for EntraID');
|
|
46
|
+
}
|
|
47
|
+
Promise.resolve().then(() => __importStar(require('passport-azure-ad'))).then((entraID) => passport_1.default.use(this.strategy, new entraID.BearerStrategy(_options, function (token, cb) {
|
|
48
|
+
if (token) {
|
|
49
|
+
// console.log(`token: ${JSON.stringify(token, null, 2)}`)
|
|
50
|
+
return cb(null, token);
|
|
51
|
+
}
|
|
52
|
+
return cb('bearer token not found or incorrect', null);
|
|
53
|
+
})))
|
|
54
|
+
.catch((reason) => {
|
|
55
|
+
console.log(reason);
|
|
56
|
+
throw Error('Could not create bearer strategy. Did you include the "passport-azure-ad/bearer-strategy" dependency in package.json?');
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
exports.EntraIDAuth = EntraIDAuth;
|
|
61
|
+
//# sourceMappingURL=entra-id-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"entra-id-auth.js","sourceRoot":"","sources":["../src/entra-id-auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,wDAA+B;AAG/B,MAAa,WAAW;IAIf,MAAM,CAAC,IAAI,CAAC,QAAgB;QACjC,OAAO,IAAI,WAAW,CAAC,QAAQ,CAAC,CAAA;IAClC,CAAC;IAED,YAAoB,QAAgB;QAClC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;IAC1B,CAAC;IAEM,WAAW,CAAC,OAAiE;QAClF,IAAI,CAAC,OAAO,mCACP,OAAO,KACV,iBAAiB,EAAE,mBAAmB,IAAI,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,KAAK,GACtF,CAAA;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,eAAe;QACb,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAA;QAC7B,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,KAAK,CAAC,iCAAiC,CAAC,CAAA;QAChD,CAAC;QACD,kDAAO,mBAAmB,IACvB,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAChB,kBAAQ,CAAC,GAAG,CACV,IAAI,CAAC,QAAQ,EACb,IAAI,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,UAAU,KAAoB,EAAE,EAAkB;YACrF,IAAI,KAAK,EAAE,CAAC;gBACV,0DAA0D;gBAC1D,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;YACxB,CAAC;YACD,OAAO,EAAE,CAAC,qCAAqC,EAAE,IAAI,CAAC,CAAA;QACxD,CAAC,CAAC,CACH,CACF;aACA,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE;YAChB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;YACnB,MAAM,KAAK,CAAC,uHAAuH,CAAC,CAAA;QACtI,CAAC,CAAC,CAAA;IACN,CAAC;CACF;AA3CD,kCA2CC"}
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
import { Enforcer } from 'casbin';
|
|
2
|
+
import express, { Express } from 'express';
|
|
3
|
+
import { Application, ApplicationRequestHandler } from 'express-serve-static-core';
|
|
4
|
+
import session from 'express-session';
|
|
5
|
+
import http from 'http';
|
|
6
|
+
import { HttpTerminator } from 'http-terminator';
|
|
7
|
+
import morgan from 'morgan';
|
|
8
|
+
import { InitializeOptions } from 'passport';
|
|
9
|
+
import { ExpressSupport, IExpressServerOpts } from './types';
|
|
10
|
+
type Handler<Request extends http.IncomingMessage, Response extends http.ServerResponse> = (req: Request, res: Response, callback: (err?: Error) => void) => void;
|
|
11
|
+
export declare class ExpressBuilder {
|
|
12
|
+
private existingExpress?;
|
|
13
|
+
private hostnameOrIP?;
|
|
14
|
+
private port?;
|
|
15
|
+
private _handlers?;
|
|
16
|
+
private listenCallback?;
|
|
17
|
+
private _startListen?;
|
|
18
|
+
private readonly envVarPrefix?;
|
|
19
|
+
private _corsConfigurer?;
|
|
20
|
+
private _sessionOpts?;
|
|
21
|
+
private _usePassportAuth?;
|
|
22
|
+
private _passportInitOpts?;
|
|
23
|
+
private _userIsInRole?;
|
|
24
|
+
private _enforcer?;
|
|
25
|
+
private _server?;
|
|
26
|
+
private _terminator?;
|
|
27
|
+
private _morgan?;
|
|
28
|
+
private constructor();
|
|
29
|
+
static fromExistingExpress(opts?: {
|
|
30
|
+
existingExpress?: Express;
|
|
31
|
+
envVarPrefix?: string;
|
|
32
|
+
}): ExpressBuilder;
|
|
33
|
+
static fromServerOpts(opts: IExpressServerOpts & {
|
|
34
|
+
envVarPrefix?: string;
|
|
35
|
+
}): ExpressBuilder;
|
|
36
|
+
enableListen(startOnBuild?: boolean): this;
|
|
37
|
+
withMorganLogging(opts?: {
|
|
38
|
+
existingMorgan?: Handler<any, any>;
|
|
39
|
+
format?: string;
|
|
40
|
+
options?: morgan.Options<any, any>;
|
|
41
|
+
}): this;
|
|
42
|
+
withEnableListenOpts({ port, hostnameOrIP, callback, startOnBuild, }: {
|
|
43
|
+
port?: number;
|
|
44
|
+
hostnameOrIP?: string;
|
|
45
|
+
startOnBuild?: boolean;
|
|
46
|
+
callback?: () => void;
|
|
47
|
+
}): this;
|
|
48
|
+
withPort(port: number): this;
|
|
49
|
+
withHostname(hostnameOrIP: string): this;
|
|
50
|
+
withListenCallback(callback: () => void): this;
|
|
51
|
+
withExpress(existingExpress: Express): this;
|
|
52
|
+
withCorsConfigurer(configurer: ExpressCorsConfigurer): this;
|
|
53
|
+
withPassportAuth(usePassport: boolean, initializeOptions?: InitializeOptions): this;
|
|
54
|
+
withGlobalUserIsInRole(userIsInRole: string | string[]): this;
|
|
55
|
+
withEnforcer(enforcer: Enforcer): this;
|
|
56
|
+
startListening(express: Express): {
|
|
57
|
+
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>;
|
|
58
|
+
terminator: HttpTerminator;
|
|
59
|
+
};
|
|
60
|
+
getHostname(): string;
|
|
61
|
+
getPort(): number;
|
|
62
|
+
setHandlers(handlers: ApplicationRequestHandler<any> | ApplicationRequestHandler<any>[]): this;
|
|
63
|
+
addHandler(handler: ApplicationRequestHandler<any>): this;
|
|
64
|
+
withSessionOptions(sessionOpts: session.SessionOptions): this;
|
|
65
|
+
build<T extends Application>(opts?: {
|
|
66
|
+
express?: Express;
|
|
67
|
+
startListening?: boolean;
|
|
68
|
+
handlers?: ApplicationRequestHandler<T> | ApplicationRequestHandler<T>[];
|
|
69
|
+
}): ExpressSupport;
|
|
70
|
+
protected buildExpress<T extends Application>(opts?: {
|
|
71
|
+
express?: Express;
|
|
72
|
+
startListening?: boolean;
|
|
73
|
+
handlers?: ApplicationRequestHandler<T> | ApplicationRequestHandler<T>[];
|
|
74
|
+
}): express.Express;
|
|
75
|
+
}
|
|
76
|
+
export declare class ExpressCorsConfigurer {
|
|
77
|
+
private _disableCors?;
|
|
78
|
+
private _enablePreflightOptions?;
|
|
79
|
+
private _allowOrigin?;
|
|
80
|
+
private _allowMethods?;
|
|
81
|
+
private _allowedHeaders?;
|
|
82
|
+
private _allowCredentials?;
|
|
83
|
+
private readonly _express?;
|
|
84
|
+
private readonly _envVarPrefix?;
|
|
85
|
+
constructor(args?: {
|
|
86
|
+
existingExpress?: Express;
|
|
87
|
+
envVarPrefix?: string;
|
|
88
|
+
});
|
|
89
|
+
allowOrigin(value: string | boolean | RegExp | Array<string | boolean | RegExp>): this;
|
|
90
|
+
disableCors(value: boolean): this;
|
|
91
|
+
allowMethods(value: string | string[]): this;
|
|
92
|
+
allowedHeaders(value: string | string[]): this;
|
|
93
|
+
allowCredentials(value: boolean): this;
|
|
94
|
+
configure({ existingExpress }: {
|
|
95
|
+
existingExpress?: Express;
|
|
96
|
+
}): void;
|
|
97
|
+
}
|
|
98
|
+
export {};
|
|
99
|
+
//# sourceMappingURL=express-builders.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"express-builders.d.ts","sourceRoot":"","sources":["../src/express-builders.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAA;AAGjC,OAAO,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,SAAS,CAAA;AAC1C,OAAO,EAAE,WAAW,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAA;AAElF,OAAO,OAAO,MAAM,iBAAiB,CAAA;AACrC,OAAO,IAAI,MAAM,MAAM,CAAA;AACvB,OAAO,EAAwB,cAAc,EAAE,MAAM,iBAAiB,CAAA;AACtE,OAAO,MAAM,MAAM,QAAQ,CAAA;AAC3B,OAAiB,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAItD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAA;AAE5D,KAAK,OAAO,CAAC,OAAO,SAAS,IAAI,CAAC,eAAe,EAAE,QAAQ,SAAS,IAAI,CAAC,cAAc,IAAI,CACzF,GAAG,EAAE,OAAO,EACZ,GAAG,EAAE,QAAQ,EACb,QAAQ,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,KAAK,IAAI,KAC5B,IAAI,CAAA;AAET,qBAAa,cAAc;IACzB,OAAO,CAAC,eAAe,CAAC,CAAS;IACjC,OAAO,CAAC,YAAY,CAAC,CAAQ;IAC7B,OAAO,CAAC,IAAI,CAAC,CAAQ;IACrB,OAAO,CAAC,SAAS,CAAC,CAA+C;IACjE,OAAO,CAAC,cAAc,CAAC,CAAY;IACnC,OAAO,CAAC,YAAY,CAAC,CAAiC;IACtD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAQ;IACtC,OAAO,CAAC,eAAe,CAAC,CAAuB;IAC/C,OAAO,CAAC,YAAY,CAAC,CAAwB;IAC7C,OAAO,CAAC,gBAAgB,CAAC,CAAiB;IAC1C,OAAO,CAAC,iBAAiB,CAAC,CAAmB;IAC7C,OAAO,CAAC,aAAa,CAAC,CAAmB;IACzC,OAAO,CAAC,SAAS,CAAC,CAAU;IAC5B,OAAO,CAAC,OAAO,CAAC,CAAyB;IACzC,OAAO,CAAC,WAAW,CAAC,CAAgB;IACpC,OAAO,CAAC,OAAO,CAAC,CAA+B;IAE/C,OAAO;WAQO,mBAAmB,CAAC,IAAI,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE;WAI/E,cAAc,CAAC,IAAI,EAAE,kBAAkB,GAAG;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE;IAK1E,YAAY,CAAC,YAAY,CAAC,EAAE,OAAO,GAAG,IAAI;IAO1C,iBAAiB,CAAC,IAAI,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;KAAE,GAAG,IAAI;IAQ3H,oBAAoB,CAAC,EAC1B,IAAI,EACJ,YAAY,EACZ,QAAQ,EACR,YAAY,GACb,EAAE;QACD,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,YAAY,CAAC,EAAE,MAAM,CAAA;QACrB,YAAY,CAAC,EAAE,OAAO,CAAA;QACtB,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAA;KACtB,GAAG,IAAI;IAUD,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAK5B,YAAY,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAKxC,kBAAkB,CAAC,QAAQ,EAAE,MAAM,IAAI,GAAG,IAAI;IAK9C,WAAW,CAAC,eAAe,EAAE,OAAO,GAAG,IAAI;IAM3C,kBAAkB,CAAC,UAAU,EAAE,qBAAqB,GAAG,IAAI;IAK3D,gBAAgB,CAAC,WAAW,EAAE,OAAO,EAAE,iBAAiB,CAAC,EAAE,iBAAiB,GAAG,IAAI;IAMnF,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI;IAK7D,YAAY,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;IAKtC,cAAc,CAAC,OAAO,EAAE,OAAO;;;;IAU/B,WAAW,IAAI,MAAM;IAIrB,OAAO,IAAI,MAAM;IAIjB,WAAW,CAAC,QAAQ,EAAE,yBAAyB,CAAC,GAAG,CAAC,GAAG,yBAAyB,CAAC,GAAG,CAAC,EAAE,GAAG,IAAI;IAe9F,UAAU,CAAC,OAAO,EAAE,yBAAyB,CAAC,GAAG,CAAC,GAAG,IAAI;IAQzD,kBAAkB,CAAC,WAAW,EAAE,OAAO,CAAC,cAAc,GAAG,IAAI;IAK7D,KAAK,CAAC,CAAC,SAAS,WAAW,EAAE,IAAI,CAAC,EAAE;QACzC,OAAO,CAAC,EAAE,OAAO,CAAA;QACjB,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,QAAQ,CAAC,EAAE,yBAAyB,CAAC,CAAC,CAAC,GAAG,yBAAyB,CAAC,CAAC,CAAC,EAAE,CAAA;KACzE,GAAG,cAAc;IAyClB,SAAS,CAAC,YAAY,CAAC,CAAC,SAAS,WAAW,EAAE,IAAI,CAAC,EAAE;QACnD,OAAO,CAAC,EAAE,OAAO,CAAA;QACjB,cAAc,CAAC,EAAE,OAAO,CAAA;QACxB,QAAQ,CAAC,EAAE,yBAAyB,CAAC,CAAC,CAAC,GAAG,yBAAyB,CAAC,CAAC,CAAC,EAAE,CAAA;KACzE,GAAG,OAAO,CAAC,OAAO;CAkCpB;AAED,qBAAa,qBAAqB;IAChC,OAAO,CAAC,YAAY,CAAC,CAAS;IAC9B,OAAO,CAAC,uBAAuB,CAAC,CAAS;IACzC,OAAO,CAAC,YAAY,CAAC,CAA8D;IACnF,OAAO,CAAC,aAAa,CAAC,CAAmB;IACzC,OAAO,CAAC,eAAe,CAAC,CAAmB;IAC3C,OAAO,CAAC,iBAAiB,CAAC,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAQ;gBAE3B,IAAI,CAAC,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE;IAMhE,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,OAAO,GAAG,MAAM,CAAC,GAAG,IAAI;IAKtF,WAAW,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI;IAKjC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI;IAK5C,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI;IAK9C,gBAAgB,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI;IAKtC,SAAS,CAAC,EAAE,eAAe,EAAE,EAAE;QAAE,eAAe,CAAC,EAAE,OAAO,CAAA;KAAE;CAqCpE"}
|
|
@@ -0,0 +1,281 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
+
});
|
|
10
|
+
};
|
|
11
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
|
+
};
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.ExpressCorsConfigurer = exports.ExpressBuilder = void 0;
|
|
16
|
+
/**
|
|
17
|
+
* @public
|
|
18
|
+
*/
|
|
19
|
+
const body_parser_1 = __importDefault(require("body-parser"));
|
|
20
|
+
const cors_1 = __importDefault(require("cors"));
|
|
21
|
+
const express_1 = __importDefault(require("express"));
|
|
22
|
+
const express_session_1 = __importDefault(require("express-session"));
|
|
23
|
+
const http_terminator_1 = require("http-terminator");
|
|
24
|
+
const morgan_1 = __importDefault(require("morgan"));
|
|
25
|
+
const passport_1 = __importDefault(require("passport"));
|
|
26
|
+
const auth_utils_1 = require("./auth-utils");
|
|
27
|
+
const express_utils_1 = require("./express-utils");
|
|
28
|
+
const functions_1 = require("./functions");
|
|
29
|
+
class ExpressBuilder {
|
|
30
|
+
constructor(opts) {
|
|
31
|
+
this._handlers = [];
|
|
32
|
+
this._startListen = undefined;
|
|
33
|
+
this._usePassportAuth = false;
|
|
34
|
+
const { existingExpress, envVarPrefix } = opts !== null && opts !== void 0 ? opts : {};
|
|
35
|
+
if (existingExpress) {
|
|
36
|
+
this.withExpress(existingExpress);
|
|
37
|
+
}
|
|
38
|
+
this.envVarPrefix = envVarPrefix !== null && envVarPrefix !== void 0 ? envVarPrefix : '';
|
|
39
|
+
}
|
|
40
|
+
static fromExistingExpress(opts) {
|
|
41
|
+
return new ExpressBuilder(opts !== null && opts !== void 0 ? opts : {});
|
|
42
|
+
}
|
|
43
|
+
static fromServerOpts(opts) {
|
|
44
|
+
var _a;
|
|
45
|
+
const builder = new ExpressBuilder({ existingExpress: opts === null || opts === void 0 ? void 0 : opts.existingExpress, envVarPrefix: opts === null || opts === void 0 ? void 0 : opts.envVarPrefix });
|
|
46
|
+
return builder.withEnableListenOpts(Object.assign(Object.assign({}, opts), { hostnameOrIP: opts.hostname, startOnBuild: (_a = opts.startListening) !== null && _a !== void 0 ? _a : false }));
|
|
47
|
+
}
|
|
48
|
+
enableListen(startOnBuild) {
|
|
49
|
+
if (startOnBuild !== undefined) {
|
|
50
|
+
this._startListen = startOnBuild;
|
|
51
|
+
}
|
|
52
|
+
return this;
|
|
53
|
+
}
|
|
54
|
+
withMorganLogging(opts) {
|
|
55
|
+
var _a, _b;
|
|
56
|
+
if ((opts === null || opts === void 0 ? void 0 : opts.existingMorgan) && (opts.format || opts.options)) {
|
|
57
|
+
throw Error('Cannot using an existing morgan with either a format or options');
|
|
58
|
+
}
|
|
59
|
+
this._morgan = (_a = opts === null || opts === void 0 ? void 0 : opts.existingMorgan) !== null && _a !== void 0 ? _a : (0, morgan_1.default)((_b = opts === null || opts === void 0 ? void 0 : opts.format) !== null && _b !== void 0 ? _b : 'dev', opts === null || opts === void 0 ? void 0 : opts.options);
|
|
60
|
+
return this;
|
|
61
|
+
}
|
|
62
|
+
withEnableListenOpts({ port, hostnameOrIP, callback, startOnBuild, }) {
|
|
63
|
+
port && this.withPort(port);
|
|
64
|
+
hostnameOrIP && this.withHostname(hostnameOrIP);
|
|
65
|
+
if (typeof callback === 'function') {
|
|
66
|
+
this.withListenCallback(callback);
|
|
67
|
+
}
|
|
68
|
+
this._startListen = startOnBuild === true;
|
|
69
|
+
return this;
|
|
70
|
+
}
|
|
71
|
+
withPort(port) {
|
|
72
|
+
this.port = port;
|
|
73
|
+
return this;
|
|
74
|
+
}
|
|
75
|
+
withHostname(hostnameOrIP) {
|
|
76
|
+
this.hostnameOrIP = hostnameOrIP;
|
|
77
|
+
return this;
|
|
78
|
+
}
|
|
79
|
+
withListenCallback(callback) {
|
|
80
|
+
this.listenCallback = callback;
|
|
81
|
+
return this;
|
|
82
|
+
}
|
|
83
|
+
withExpress(existingExpress) {
|
|
84
|
+
this.existingExpress = existingExpress;
|
|
85
|
+
this._startListen = false;
|
|
86
|
+
return this;
|
|
87
|
+
}
|
|
88
|
+
withCorsConfigurer(configurer) {
|
|
89
|
+
this._corsConfigurer = configurer;
|
|
90
|
+
return this;
|
|
91
|
+
}
|
|
92
|
+
withPassportAuth(usePassport, initializeOptions) {
|
|
93
|
+
this._usePassportAuth = usePassport;
|
|
94
|
+
this._passportInitOpts = initializeOptions;
|
|
95
|
+
return this;
|
|
96
|
+
}
|
|
97
|
+
withGlobalUserIsInRole(userIsInRole) {
|
|
98
|
+
this._userIsInRole = userIsInRole;
|
|
99
|
+
return this;
|
|
100
|
+
}
|
|
101
|
+
withEnforcer(enforcer) {
|
|
102
|
+
this._enforcer = enforcer;
|
|
103
|
+
return this;
|
|
104
|
+
}
|
|
105
|
+
startListening(express) {
|
|
106
|
+
this._server = express.listen(this.getPort(), this.getHostname(), this.listenCallback);
|
|
107
|
+
this._terminator = (0, http_terminator_1.createHttpTerminator)({
|
|
108
|
+
server: this._server,
|
|
109
|
+
// gracefulTerminationTimeout: 10
|
|
110
|
+
});
|
|
111
|
+
return { server: this._server, terminator: this._terminator };
|
|
112
|
+
}
|
|
113
|
+
getHostname() {
|
|
114
|
+
var _a, _b;
|
|
115
|
+
return (_b = (_a = this.hostnameOrIP) !== null && _a !== void 0 ? _a : (0, functions_1.env)('HOSTNAME', this.envVarPrefix)) !== null && _b !== void 0 ? _b : '0.0.0.0';
|
|
116
|
+
}
|
|
117
|
+
getPort() {
|
|
118
|
+
var _a, _b;
|
|
119
|
+
return ((_b = (_a = this.port) !== null && _a !== void 0 ? _a : (0, functions_1.env)('PORT', this.envVarPrefix)) !== null && _b !== void 0 ? _b : 5000);
|
|
120
|
+
}
|
|
121
|
+
setHandlers(handlers) {
|
|
122
|
+
if (Array.isArray(handlers)) {
|
|
123
|
+
this._handlers = handlers;
|
|
124
|
+
}
|
|
125
|
+
else if (handlers) {
|
|
126
|
+
if (!this._handlers) {
|
|
127
|
+
this._handlers = [];
|
|
128
|
+
}
|
|
129
|
+
this._handlers.push(handlers);
|
|
130
|
+
}
|
|
131
|
+
else {
|
|
132
|
+
this._handlers = [];
|
|
133
|
+
}
|
|
134
|
+
return this;
|
|
135
|
+
}
|
|
136
|
+
addHandler(handler) {
|
|
137
|
+
if (!this._handlers) {
|
|
138
|
+
this._handlers = [];
|
|
139
|
+
}
|
|
140
|
+
this._handlers.push(handler);
|
|
141
|
+
return this;
|
|
142
|
+
}
|
|
143
|
+
withSessionOptions(sessionOpts) {
|
|
144
|
+
this._sessionOpts = sessionOpts;
|
|
145
|
+
return this;
|
|
146
|
+
}
|
|
147
|
+
build(opts) {
|
|
148
|
+
const express = this.buildExpress(opts);
|
|
149
|
+
const startListening = (opts === null || opts === void 0 ? void 0 : opts.startListening) === undefined ? this._startListen !== true : opts.startListening;
|
|
150
|
+
let started = this._server !== undefined;
|
|
151
|
+
if (startListening && !started) {
|
|
152
|
+
this.startListening(express);
|
|
153
|
+
started = true;
|
|
154
|
+
}
|
|
155
|
+
return {
|
|
156
|
+
express,
|
|
157
|
+
port: this.getPort(),
|
|
158
|
+
hostname: this.getHostname(),
|
|
159
|
+
userIsInRole: this._userIsInRole,
|
|
160
|
+
startListening,
|
|
161
|
+
enforcer: this._enforcer,
|
|
162
|
+
start: (opts) => {
|
|
163
|
+
if (opts === null || opts === void 0 ? void 0 : opts.doNotStartListening) {
|
|
164
|
+
console.log('Express will not start listening. You will have to start it yourself');
|
|
165
|
+
}
|
|
166
|
+
else {
|
|
167
|
+
if (!started) {
|
|
168
|
+
this.startListening(express);
|
|
169
|
+
started = true;
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
if ((opts === null || opts === void 0 ? void 0 : opts.disableErrorHandler) !== true) {
|
|
173
|
+
express.use(express_utils_1.jsonErrorHandler);
|
|
174
|
+
}
|
|
175
|
+
return { server: this._server, terminator: this._terminator };
|
|
176
|
+
},
|
|
177
|
+
stop: (terminator) => __awaiter(this, void 0, void 0, function* () {
|
|
178
|
+
const term = terminator !== null && terminator !== void 0 ? terminator : this._terminator;
|
|
179
|
+
if (!term) {
|
|
180
|
+
return false;
|
|
181
|
+
}
|
|
182
|
+
return yield term.terminate().then(() => true);
|
|
183
|
+
}),
|
|
184
|
+
};
|
|
185
|
+
}
|
|
186
|
+
buildExpress(opts) {
|
|
187
|
+
var _a, _b, _c;
|
|
188
|
+
const app = (_b = (_a = opts === null || opts === void 0 ? void 0 : opts.express) !== null && _a !== void 0 ? _a : this.existingExpress) !== null && _b !== void 0 ? _b : (0, express_1.default)();
|
|
189
|
+
if (this._morgan) {
|
|
190
|
+
app.use(this._morgan);
|
|
191
|
+
}
|
|
192
|
+
if (this._sessionOpts) {
|
|
193
|
+
const store = (_c = this._sessionOpts.store) !== null && _c !== void 0 ? _c : new express_session_1.default.MemoryStore();
|
|
194
|
+
this._sessionOpts.store = store;
|
|
195
|
+
app.use((0, express_session_1.default)(this._sessionOpts));
|
|
196
|
+
}
|
|
197
|
+
if (this._usePassportAuth) {
|
|
198
|
+
app.use(passport_1.default.initialize(this._passportInitOpts));
|
|
199
|
+
if (this._sessionOpts) {
|
|
200
|
+
// app.use(passport.authenticate('session'))
|
|
201
|
+
//_sessionOpts are not for passport session, they are for express above
|
|
202
|
+
app.use(passport_1.default.session());
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
if (this._userIsInRole) {
|
|
206
|
+
app.use((0, auth_utils_1.checkUserIsInRole)({ roles: this._userIsInRole }));
|
|
207
|
+
}
|
|
208
|
+
if (this._corsConfigurer) {
|
|
209
|
+
this._corsConfigurer.configure({ existingExpress: app });
|
|
210
|
+
}
|
|
211
|
+
// @ts-ignore
|
|
212
|
+
this._handlers && this._handlers.length > 0 && app.use(this._handlers);
|
|
213
|
+
// @ts-ignore
|
|
214
|
+
(opts === null || opts === void 0 ? void 0 : opts.handlers) && app.use(opts.handlers);
|
|
215
|
+
//fixme: this should come from the config
|
|
216
|
+
app.use(body_parser_1.default.urlencoded({ extended: true }));
|
|
217
|
+
app.use(body_parser_1.default.json({ limit: '5mb' }));
|
|
218
|
+
return app;
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
exports.ExpressBuilder = ExpressBuilder;
|
|
222
|
+
class ExpressCorsConfigurer {
|
|
223
|
+
constructor(args) {
|
|
224
|
+
const { existingExpress, envVarPrefix } = args !== null && args !== void 0 ? args : {};
|
|
225
|
+
this._express = existingExpress;
|
|
226
|
+
this._envVarPrefix = envVarPrefix;
|
|
227
|
+
}
|
|
228
|
+
allowOrigin(value) {
|
|
229
|
+
this._allowOrigin = value;
|
|
230
|
+
return this;
|
|
231
|
+
}
|
|
232
|
+
disableCors(value) {
|
|
233
|
+
this._disableCors = value;
|
|
234
|
+
return this;
|
|
235
|
+
}
|
|
236
|
+
allowMethods(value) {
|
|
237
|
+
this._allowMethods = value;
|
|
238
|
+
return this;
|
|
239
|
+
}
|
|
240
|
+
allowedHeaders(value) {
|
|
241
|
+
this._allowedHeaders = value;
|
|
242
|
+
return this;
|
|
243
|
+
}
|
|
244
|
+
allowCredentials(value) {
|
|
245
|
+
this._allowCredentials = value;
|
|
246
|
+
return this;
|
|
247
|
+
}
|
|
248
|
+
configure({ existingExpress }) {
|
|
249
|
+
var _a, _b, _c;
|
|
250
|
+
const express = existingExpress !== null && existingExpress !== void 0 ? existingExpress : this._express;
|
|
251
|
+
if (!express) {
|
|
252
|
+
throw Error('No express passed in during construction or configure');
|
|
253
|
+
}
|
|
254
|
+
const disableCorsEnv = (0, functions_1.env)('CORS_DISABLE', this._envVarPrefix);
|
|
255
|
+
const corsDisabled = (_a = this._disableCors) !== null && _a !== void 0 ? _a : (disableCorsEnv ? /true/.test(disableCorsEnv) : false);
|
|
256
|
+
if (corsDisabled) {
|
|
257
|
+
return;
|
|
258
|
+
}
|
|
259
|
+
const envAllowOriginStr = (_b = (0, functions_1.env)('CORS_ALLOW_ORIGIN', this._envVarPrefix)) !== null && _b !== void 0 ? _b : '*';
|
|
260
|
+
let envAllowOrigin;
|
|
261
|
+
if (envAllowOriginStr.includes(',')) {
|
|
262
|
+
envAllowOrigin = envAllowOriginStr.split(',');
|
|
263
|
+
}
|
|
264
|
+
else if (envAllowOriginStr.includes(' ')) {
|
|
265
|
+
envAllowOrigin = envAllowOriginStr.split(' ');
|
|
266
|
+
}
|
|
267
|
+
else {
|
|
268
|
+
envAllowOrigin = envAllowOriginStr;
|
|
269
|
+
}
|
|
270
|
+
if (Array.isArray(envAllowOrigin) && envAllowOrigin.length === 1) {
|
|
271
|
+
envAllowOrigin = envAllowOrigin[0];
|
|
272
|
+
}
|
|
273
|
+
const corsOptions = Object.assign(Object.assign(Object.assign(Object.assign({ origin: (_c = this._allowOrigin) !== null && _c !== void 0 ? _c : envAllowOrigin }, (this._allowMethods && { methods: this._allowMethods })), (this._allowedHeaders && { allowedHeaders: this._allowedHeaders })), (this._allowCredentials !== undefined && { credentials: this._allowCredentials })), { optionsSuccessStatus: 204 });
|
|
274
|
+
if (this._enablePreflightOptions) {
|
|
275
|
+
express.options('*', (0, cors_1.default)(corsOptions));
|
|
276
|
+
}
|
|
277
|
+
express.use((0, cors_1.default)(corsOptions));
|
|
278
|
+
}
|
|
279
|
+
}
|
|
280
|
+
exports.ExpressCorsConfigurer = ExpressCorsConfigurer;
|
|
281
|
+
//# sourceMappingURL=express-builders.js.map
|