@stefaninigo/security-client 1.0.3 → 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -10
- package/dist/decorators/public.decorator.d.ts +2 -0
- package/dist/decorators/public.decorator.js +8 -0
- package/dist/decorators/public.decorator.js.map +1 -0
- package/dist/guards/provider.guard.d.ts +7 -0
- package/dist/guards/provider.guard.js +43 -0
- package/dist/guards/provider.guard.js.map +1 -0
- package/dist/guards/role.guard.js +8 -0
- package/dist/guards/role.guard.js.map +1 -1
- package/dist/guards/security-auth.guard.d.ts +11 -0
- package/dist/guards/{cognito-auth.guard.js → security-auth.guard.js} +35 -20
- package/dist/guards/security-auth.guard.js.map +1 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.js +6 -1
- package/dist/index.js.map +1 -1
- package/dist/module/security-client.module.d.ts +5 -0
- package/dist/module/security-client.module.js +29 -3
- package/dist/module/security-client.module.js.map +1 -1
- package/dist/services/security-client.service.d.ts +15 -0
- package/dist/services/security-client.service.js +95 -7
- package/dist/services/security-client.service.js.map +1 -1
- package/dist/types/user.types.d.ts +4 -0
- package/package.json +4 -3
- package/dist/generated/authentication/authentication.d.ts +0 -20
- package/dist/generated/authentication/authentication.js +0 -49
- package/dist/generated/authentication/authentication.js.map +0 -1
- package/dist/generated/bootstrap/bootstrap.d.ts +0 -12
- package/dist/generated/bootstrap/bootstrap.js +0 -24
- package/dist/generated/bootstrap/bootstrap.js.map +0 -1
- package/dist/generated/client-assignments/client-assignments.d.ts +0 -22
- package/dist/generated/client-assignments/client-assignments.js +0 -46
- package/dist/generated/client-assignments/client-assignments.js.map +0 -1
- package/dist/generated/health/health.d.ts +0 -11
- package/dist/generated/health/health.js +0 -21
- package/dist/generated/health/health.js.map +0 -1
- package/dist/generated/provider-client-assignments/provider-client-assignments.d.ts +0 -20
- package/dist/generated/provider-client-assignments/provider-client-assignments.js +0 -42
- package/dist/generated/provider-client-assignments/provider-client-assignments.js.map +0 -1
- package/dist/generated/providers/providers.d.ts +0 -20
- package/dist/generated/providers/providers.js +0 -42
- package/dist/generated/providers/providers.js.map +0 -1
- package/dist/generated/stefaniniGoSecurityAPI.schemas.d.ts +0 -621
- package/dist/generated/stefaniniGoSecurityAPI.schemas.js +0 -105
- package/dist/generated/stefaniniGoSecurityAPI.schemas.js.map +0 -1
- package/dist/generated/users/users.d.ts +0 -26
- package/dist/generated/users/users.js +0 -60
- package/dist/generated/users/users.js.map +0 -1
- package/dist/guards/cognito-auth.guard.d.ts +0 -8
- package/dist/guards/cognito-auth.guard.js.map +0 -1
- package/dist/utils/mutator.d.ts +0 -3
- package/dist/utils/mutator.js +0 -22
- package/dist/utils/mutator.js.map +0 -1
package/README.md
CHANGED
|
@@ -39,10 +39,10 @@ export class AppModule {}
|
|
|
39
39
|
|
|
40
40
|
```typescript
|
|
41
41
|
import { Controller, Get, UseGuards } from '@nestjs/common';
|
|
42
|
-
import { Roles,
|
|
42
|
+
import { Roles, SecurityAuthGuard, RoleGuard, UserRole } from '@stefaninigo/security-client';
|
|
43
43
|
|
|
44
44
|
@Controller('clients')
|
|
45
|
-
@UseGuards(
|
|
45
|
+
@UseGuards(SecurityAuthGuard, RoleGuard)
|
|
46
46
|
export class ClientsController {
|
|
47
47
|
@Get()
|
|
48
48
|
@Roles(UserRole.ROOT, UserRole.ADMIN)
|
|
@@ -56,9 +56,11 @@ export class ClientsController {
|
|
|
56
56
|
|
|
57
57
|
### Guards
|
|
58
58
|
|
|
59
|
-
- **
|
|
59
|
+
- **SecurityAuthGuard**: Valida tokens delegando al servicio Security centralizado y obtiene información del usuario
|
|
60
60
|
- **RoleGuard**: Valida que el usuario tenga uno de los roles requeridos
|
|
61
61
|
|
|
62
|
+
> **Nota:** `CognitoAuthGuard` está deprecated, usa `SecurityAuthGuard` en su lugar.
|
|
63
|
+
|
|
62
64
|
### Decorators
|
|
63
65
|
|
|
64
66
|
- **@Roles(...roles)**: Especifica los roles requeridos para acceder a un endpoint
|
|
@@ -71,13 +73,26 @@ export class ClientsController {
|
|
|
71
73
|
|
|
72
74
|
## Variables de entorno requeridas
|
|
73
75
|
|
|
74
|
-
- `
|
|
75
|
-
|
|
76
|
-
|
|
76
|
+
- `SECURITY_SERVICE_URL`: URL del servicio Security (requerido en forRoot o como env var)
|
|
77
|
+
|
|
78
|
+
## Arquitectura
|
|
77
79
|
|
|
78
|
-
|
|
80
|
+
```
|
|
81
|
+
┌─────────────────┐ Token ┌─────────────────────┐
|
|
82
|
+
│ Tu Servicio │ ────────────► │ Security Service │
|
|
83
|
+
│ (tickets, etc) │ │ (valida Cognito) │
|
|
84
|
+
└─────────────────┘ └─────────────────────┘
|
|
85
|
+
│ │
|
|
86
|
+
│ SecurityAuthGuard │ CognitoAuthGuard
|
|
87
|
+
│ delega validación │ valida JWT
|
|
88
|
+
▼ ▼
|
|
89
|
+
request.user request.user
|
|
90
|
+
```
|
|
79
91
|
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
92
|
+
El guard **NO** valida tokens JWT directamente. Delega al servicio Security centralizado:
|
|
93
|
+
1. Recibe token Bearer del request
|
|
94
|
+
2. Llama al endpoint `/api/v1/security/users/me` del servicio Security
|
|
95
|
+
3. El servicio Security valida el token con Cognito
|
|
96
|
+
4. Retorna datos del usuario al guard
|
|
97
|
+
5. Guard adjunta usuario al request
|
|
83
98
|
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Public = exports.IS_PUBLIC_KEY = void 0;
|
|
4
|
+
const common_1 = require("@nestjs/common");
|
|
5
|
+
exports.IS_PUBLIC_KEY = 'isPublic';
|
|
6
|
+
const Public = () => (0, common_1.SetMetadata)(exports.IS_PUBLIC_KEY, true);
|
|
7
|
+
exports.Public = Public;
|
|
8
|
+
//# sourceMappingURL=public.decorator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"public.decorator.js","sourceRoot":"","sources":["../../src/decorators/public.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAEhC,QAAA,aAAa,GAAG,UAAU,CAAC;AACjC,MAAM,MAAM,GAAG,GAAG,EAAE,CAAC,IAAA,oBAAW,EAAC,qBAAa,EAAE,IAAI,CAAC,CAAC;AAAhD,QAAA,MAAM,UAA0C"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
export declare class ProviderGuard implements CanActivate {
|
|
4
|
+
private readonly reflector;
|
|
5
|
+
constructor(reflector: Reflector);
|
|
6
|
+
canActivate(context: ExecutionContext): boolean;
|
|
7
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
|
|
3
|
+
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
4
|
+
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
5
|
+
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
|
+
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
|
+
};
|
|
8
|
+
var __metadata = (this && this.__metadata) || function (k, v) {
|
|
9
|
+
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
|
+
};
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.ProviderGuard = void 0;
|
|
13
|
+
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
15
|
+
const public_decorator_1 = require("../decorators/public.decorator");
|
|
16
|
+
let ProviderGuard = class ProviderGuard {
|
|
17
|
+
constructor(reflector) {
|
|
18
|
+
this.reflector = reflector;
|
|
19
|
+
}
|
|
20
|
+
canActivate(context) {
|
|
21
|
+
const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
|
|
22
|
+
context.getHandler(),
|
|
23
|
+
context.getClass(),
|
|
24
|
+
]);
|
|
25
|
+
if (isPublic) {
|
|
26
|
+
return true;
|
|
27
|
+
}
|
|
28
|
+
const { user } = context.switchToHttp().getRequest();
|
|
29
|
+
if (!user) {
|
|
30
|
+
throw new common_1.ForbiddenException('Usuario no autenticado');
|
|
31
|
+
}
|
|
32
|
+
if (!user.providerId) {
|
|
33
|
+
throw new common_1.ForbiddenException('Se requiere un proveedor asociado');
|
|
34
|
+
}
|
|
35
|
+
return true;
|
|
36
|
+
}
|
|
37
|
+
};
|
|
38
|
+
exports.ProviderGuard = ProviderGuard;
|
|
39
|
+
exports.ProviderGuard = ProviderGuard = __decorate([
|
|
40
|
+
(0, common_1.Injectable)(),
|
|
41
|
+
__metadata("design:paramtypes", [core_1.Reflector])
|
|
42
|
+
], ProviderGuard);
|
|
43
|
+
//# sourceMappingURL=provider.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"provider.guard.js","sourceRoot":"","sources":["../../src/guards/provider.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AACzC,qEAA+D;AAGxD,IAAM,aAAa,GAAnB,MAAM,aAAa;IACxB,YAA6B,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAErD,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,wBAAwB,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,2BAAkB,CAAC,mCAAmC,CAAC,CAAC;QACpE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAzBY,sCAAa;wBAAb,aAAa;IADzB,IAAA,mBAAU,GAAE;qCAE6B,gBAAS;GADtC,aAAa,CAyBzB"}
|
|
@@ -13,11 +13,19 @@ exports.RoleGuard = void 0;
|
|
|
13
13
|
const common_1 = require("@nestjs/common");
|
|
14
14
|
const core_1 = require("@nestjs/core");
|
|
15
15
|
const roles_decorator_1 = require("../decorators/roles.decorator");
|
|
16
|
+
const public_decorator_1 = require("../decorators/public.decorator");
|
|
16
17
|
let RoleGuard = class RoleGuard {
|
|
17
18
|
constructor(reflector) {
|
|
18
19
|
this.reflector = reflector;
|
|
19
20
|
}
|
|
20
21
|
canActivate(context) {
|
|
22
|
+
const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
|
|
23
|
+
context.getHandler(),
|
|
24
|
+
context.getClass(),
|
|
25
|
+
]);
|
|
26
|
+
if (isPublic) {
|
|
27
|
+
return true;
|
|
28
|
+
}
|
|
21
29
|
const requiredRoles = this.reflector.getAllAndOverride(roles_decorator_1.ROLES_KEY, [
|
|
22
30
|
context.getHandler(),
|
|
23
31
|
context.getClass(),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AAEzC,mEAA0D;
|
|
1
|
+
{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AAEzC,mEAA0D;AAC1D,qEAA+D;AAGxD,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAE5C,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAa,2BAAS,EAAE;YAC5E,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,wBAAwB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAEjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,2BAAkB,CAAC,4CAA4C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvG,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AApCY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,SAAS,CAoCrB"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
import { CanActivate, ExecutionContext } from '@nestjs/common';
|
|
2
|
+
import { Reflector } from '@nestjs/core';
|
|
3
|
+
import { SecurityClientService } from '../services/security-client.service';
|
|
4
|
+
export declare class SecurityAuthGuard implements CanActivate {
|
|
5
|
+
private readonly securityClient;
|
|
6
|
+
private readonly reflector;
|
|
7
|
+
constructor(securityClient: SecurityClientService, reflector: Reflector);
|
|
8
|
+
canActivate(context: ExecutionContext): Promise<boolean>;
|
|
9
|
+
private extractTokenFromHeader;
|
|
10
|
+
}
|
|
11
|
+
export declare const CognitoAuthGuard: typeof SecurityAuthGuard;
|
|
@@ -9,14 +9,24 @@ var __metadata = (this && this.__metadata) || function (k, v) {
|
|
|
9
9
|
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.CognitoAuthGuard = void 0;
|
|
12
|
+
exports.CognitoAuthGuard = exports.SecurityAuthGuard = void 0;
|
|
13
13
|
const common_1 = require("@nestjs/common");
|
|
14
|
+
const core_1 = require("@nestjs/core");
|
|
14
15
|
const security_client_service_1 = require("../services/security-client.service");
|
|
15
|
-
|
|
16
|
-
|
|
16
|
+
const public_decorator_1 = require("../decorators/public.decorator");
|
|
17
|
+
let SecurityAuthGuard = class SecurityAuthGuard {
|
|
18
|
+
constructor(securityClient, reflector) {
|
|
17
19
|
this.securityClient = securityClient;
|
|
20
|
+
this.reflector = reflector;
|
|
18
21
|
}
|
|
19
22
|
async canActivate(context) {
|
|
23
|
+
const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
|
|
24
|
+
context.getHandler(),
|
|
25
|
+
context.getClass(),
|
|
26
|
+
]);
|
|
27
|
+
if (isPublic) {
|
|
28
|
+
return true;
|
|
29
|
+
}
|
|
20
30
|
const request = context.switchToHttp().getRequest();
|
|
21
31
|
const token = this.extractTokenFromHeader(request);
|
|
22
32
|
if (!token) {
|
|
@@ -25,28 +35,31 @@ let CognitoAuthGuard = class CognitoAuthGuard {
|
|
|
25
35
|
try {
|
|
26
36
|
const user = await this.securityClient.validateTokenAndGetUser(token);
|
|
27
37
|
if (user.status !== 'active') {
|
|
28
|
-
throw new common_1.
|
|
38
|
+
throw new common_1.ForbiddenException('Usuario inactivo');
|
|
29
39
|
}
|
|
30
40
|
request.user = user;
|
|
31
41
|
return true;
|
|
32
42
|
}
|
|
33
43
|
catch (error) {
|
|
34
|
-
if (error instanceof common_1.UnauthorizedException) {
|
|
44
|
+
if (error instanceof common_1.UnauthorizedException || error instanceof common_1.ForbiddenException || error instanceof common_1.NotFoundException) {
|
|
35
45
|
throw error;
|
|
36
46
|
}
|
|
37
47
|
if (error instanceof Error) {
|
|
38
|
-
const
|
|
39
|
-
if (
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
48
|
+
const statusMatch = error.message.match(/status:\s*(\d+)/);
|
|
49
|
+
if (statusMatch) {
|
|
50
|
+
const status = parseInt(statusMatch[1], 10);
|
|
51
|
+
if (status === 401) {
|
|
52
|
+
throw new common_1.UnauthorizedException('Token expirado o invalido');
|
|
53
|
+
}
|
|
54
|
+
if (status === 403) {
|
|
55
|
+
throw new common_1.ForbiddenException('Acceso denegado');
|
|
56
|
+
}
|
|
57
|
+
if (status === 404) {
|
|
58
|
+
throw new common_1.NotFoundException('Usuario no encontrado');
|
|
59
|
+
}
|
|
47
60
|
}
|
|
48
61
|
}
|
|
49
|
-
throw new common_1.UnauthorizedException('Error de
|
|
62
|
+
throw new common_1.UnauthorizedException('Error de autenticacion');
|
|
50
63
|
}
|
|
51
64
|
}
|
|
52
65
|
extractTokenFromHeader(request) {
|
|
@@ -54,9 +67,11 @@ let CognitoAuthGuard = class CognitoAuthGuard {
|
|
|
54
67
|
return type === 'Bearer' ? token : undefined;
|
|
55
68
|
}
|
|
56
69
|
};
|
|
57
|
-
exports.
|
|
58
|
-
exports.
|
|
70
|
+
exports.SecurityAuthGuard = SecurityAuthGuard;
|
|
71
|
+
exports.SecurityAuthGuard = SecurityAuthGuard = __decorate([
|
|
59
72
|
(0, common_1.Injectable)(),
|
|
60
|
-
__metadata("design:paramtypes", [security_client_service_1.SecurityClientService
|
|
61
|
-
]
|
|
62
|
-
|
|
73
|
+
__metadata("design:paramtypes", [security_client_service_1.SecurityClientService,
|
|
74
|
+
core_1.Reflector])
|
|
75
|
+
], SecurityAuthGuard);
|
|
76
|
+
exports.CognitoAuthGuard = SecurityAuthGuard;
|
|
77
|
+
//# sourceMappingURL=security-auth.guard.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-auth.guard.js","sourceRoot":"","sources":["../../src/guards/security-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyI;AACzI,uCAAyC;AAEzC,iFAA4E;AAE5E,qEAA+D;AAcxD,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC5B,YACmB,cAAqC,EACrC,SAAoB;QADpB,mBAAc,GAAd,cAAc,CAAuB;QACrC,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAiC,CAAC;QACnF,MAAM,KAAK,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YAEtE,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC7B,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,CAAC,CAAC;YACnD,CAAC;YAED,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;YAEpB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,8BAAqB,IAAI,KAAK,YAAY,2BAAkB,IAAI,KAAK,YAAY,0BAAiB,EAAE,CAAC;gBACxH,MAAM,KAAK,CAAC;YACd,CAAC;YAED,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBAC3D,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAE5C,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;oBAC/D,CAAC;oBAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,2BAAkB,CAAC,iBAAiB,CAAC,CAAC;oBAClD,CAAC;oBAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,0BAAiB,CAAC,uBAAuB,CAAC,CAAC;oBACvD,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAEO,sBAAsB,CAAC,OAAgB;QAC7C,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACtE,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;IAC/C,CAAC;CACF,CAAA;AAjEY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;qCAGwB,+CAAqB;QAC1B,gBAAS;GAH5B,iBAAiB,CAiE7B;AAKY,QAAA,gBAAgB,GAAG,iBAAiB,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
export
|
|
1
|
+
export { SecurityAuthGuard, CognitoAuthGuard } from './guards/security-auth.guard';
|
|
2
2
|
export * from './guards/role.guard';
|
|
3
|
+
export * from './guards/provider.guard';
|
|
3
4
|
export * from './decorators/roles.decorator';
|
|
5
|
+
export * from './decorators/public.decorator';
|
|
4
6
|
export * from './services/security-client.service';
|
|
5
7
|
export * from './module/security-client.module';
|
|
6
8
|
export * from './types/user.types';
|
package/dist/index.js
CHANGED
|
@@ -14,9 +14,14 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
|
|
17
|
+
exports.CognitoAuthGuard = exports.SecurityAuthGuard = void 0;
|
|
18
|
+
var security_auth_guard_1 = require("./guards/security-auth.guard");
|
|
19
|
+
Object.defineProperty(exports, "SecurityAuthGuard", { enumerable: true, get: function () { return security_auth_guard_1.SecurityAuthGuard; } });
|
|
20
|
+
Object.defineProperty(exports, "CognitoAuthGuard", { enumerable: true, get: function () { return security_auth_guard_1.CognitoAuthGuard; } });
|
|
18
21
|
__exportStar(require("./guards/role.guard"), exports);
|
|
22
|
+
__exportStar(require("./guards/provider.guard"), exports);
|
|
19
23
|
__exportStar(require("./decorators/roles.decorator"), exports);
|
|
24
|
+
__exportStar(require("./decorators/public.decorator"), exports);
|
|
20
25
|
__exportStar(require("./services/security-client.service"), exports);
|
|
21
26
|
__exportStar(require("./module/security-client.module"), exports);
|
|
22
27
|
__exportStar(require("./types/user.types"), exports);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,oEAAmF;AAA1E,wHAAA,iBAAiB,OAAA;AAAE,uHAAA,gBAAgB,OAAA;AAC5C,sDAAoC;AACpC,0DAAwC;AACxC,+DAA6C;AAC7C,gEAA8C;AAC9C,qEAAmD;AACnD,kEAAgD;AAChD,qDAAmC"}
|
|
@@ -2,4 +2,9 @@ import { DynamicModule } from '@nestjs/common';
|
|
|
2
2
|
import { SecurityClientConfig } from '../types/user.types';
|
|
3
3
|
export declare class SecurityClientModule {
|
|
4
4
|
static forRoot(config: SecurityClientConfig): DynamicModule;
|
|
5
|
+
static forRootAsync(options: {
|
|
6
|
+
imports?: any[];
|
|
7
|
+
useFactory: (...args: any[]) => SecurityClientConfig | Promise<SecurityClientConfig>;
|
|
8
|
+
inject?: any[];
|
|
9
|
+
}): DynamicModule;
|
|
5
10
|
}
|
|
@@ -10,8 +10,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
10
10
|
exports.SecurityClientModule = void 0;
|
|
11
11
|
const common_1 = require("@nestjs/common");
|
|
12
12
|
const security_client_service_1 = require("../services/security-client.service");
|
|
13
|
-
const
|
|
13
|
+
const security_auth_guard_1 = require("../guards/security-auth.guard");
|
|
14
14
|
const role_guard_1 = require("../guards/role.guard");
|
|
15
|
+
const provider_guard_1 = require("../guards/provider.guard");
|
|
15
16
|
let SecurityClientModule = SecurityClientModule_1 = class SecurityClientModule {
|
|
16
17
|
static forRoot(config) {
|
|
17
18
|
if (!config.securityServiceUrl || typeof config.securityServiceUrl !== 'string' || config.securityServiceUrl.trim() === '') {
|
|
@@ -31,13 +32,38 @@ let SecurityClientModule = SecurityClientModule_1 = class SecurityClientModule {
|
|
|
31
32
|
useValue: config,
|
|
32
33
|
},
|
|
33
34
|
security_client_service_1.SecurityClientService,
|
|
34
|
-
|
|
35
|
+
security_auth_guard_1.SecurityAuthGuard,
|
|
35
36
|
role_guard_1.RoleGuard,
|
|
37
|
+
provider_guard_1.ProviderGuard,
|
|
36
38
|
],
|
|
37
39
|
exports: [
|
|
38
40
|
security_client_service_1.SecurityClientService,
|
|
39
|
-
|
|
41
|
+
security_auth_guard_1.SecurityAuthGuard,
|
|
40
42
|
role_guard_1.RoleGuard,
|
|
43
|
+
provider_guard_1.ProviderGuard,
|
|
44
|
+
],
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
static forRootAsync(options) {
|
|
48
|
+
return {
|
|
49
|
+
module: SecurityClientModule_1,
|
|
50
|
+
imports: options.imports || [],
|
|
51
|
+
providers: [
|
|
52
|
+
{
|
|
53
|
+
provide: security_client_service_1.SECURITY_CLIENT_CONFIG,
|
|
54
|
+
useFactory: options.useFactory,
|
|
55
|
+
inject: options.inject || [],
|
|
56
|
+
},
|
|
57
|
+
security_client_service_1.SecurityClientService,
|
|
58
|
+
security_auth_guard_1.SecurityAuthGuard,
|
|
59
|
+
role_guard_1.RoleGuard,
|
|
60
|
+
provider_guard_1.ProviderGuard,
|
|
61
|
+
],
|
|
62
|
+
exports: [
|
|
63
|
+
security_client_service_1.SecurityClientService,
|
|
64
|
+
security_auth_guard_1.SecurityAuthGuard,
|
|
65
|
+
role_guard_1.RoleGuard,
|
|
66
|
+
provider_guard_1.ProviderGuard,
|
|
41
67
|
],
|
|
42
68
|
};
|
|
43
69
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-client.module.js","sourceRoot":"","sources":["../../src/module/security-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAA+D;AAC/D,iFAAoG;AACpG,
|
|
1
|
+
{"version":3,"file":"security-client.module.js","sourceRoot":"","sources":["../../src/module/security-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAA+D;AAC/D,iFAAoG;AACpG,uEAAkE;AAClE,qDAAiD;AACjD,6DAAyD;AAKlD,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAC/B,MAAM,CAAC,OAAO,CAAC,MAA4B;QACzC,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,OAAO,MAAM,CAAC,kBAAkB,KAAK,QAAQ,IAAI,MAAM,CAAC,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3H,MAAM,IAAI,KAAK,CAAC,uFAAuF,CAAC,CAAC;QAC3G,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,CAAC,kBAAkB,wBAAwB,CAAC,CAAC;QAC3G,CAAC;QAED,OAAO;YACL,MAAM,EAAE,sBAAoB;YAC5B,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,gDAAsB;oBAC/B,QAAQ,EAAE,MAAM;iBACjB;gBACD,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;SACF,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAInB;QACC,OAAO;YACL,MAAM,EAAE,sBAAoB;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;YAC9B,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,gDAAsB;oBAC/B,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;iBAC7B;gBACD,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA5DY,oDAAoB;+BAApB,oBAAoB;IAFhC,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,oBAAoB,CA4DhC"}
|
|
@@ -5,7 +5,22 @@ export declare class SecurityClientService {
|
|
|
5
5
|
private readonly config;
|
|
6
6
|
private readonly logger;
|
|
7
7
|
private readonly httpClient;
|
|
8
|
+
private readonly cache;
|
|
9
|
+
private readonly cacheTtlMs;
|
|
10
|
+
private readonly maxCacheSize;
|
|
11
|
+
private readonly retryAttempts;
|
|
12
|
+
private readonly retryDelayMs;
|
|
8
13
|
constructor(config: SecurityClientConfig);
|
|
14
|
+
private hashToken;
|
|
15
|
+
private getCached;
|
|
16
|
+
private setCache;
|
|
17
|
+
evictExpired(): void;
|
|
18
|
+
private isAuthError;
|
|
19
|
+
private withRetry;
|
|
9
20
|
validateTokenAndGetUser(token: string): Promise<AuthUser>;
|
|
10
21
|
getUserById(userId: string, token: string): Promise<AuthUser>;
|
|
22
|
+
healthCheck(): Promise<{
|
|
23
|
+
healthy: boolean;
|
|
24
|
+
responseTimeMs: number;
|
|
25
|
+
}>;
|
|
11
26
|
}
|
|
@@ -19,11 +19,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
19
19
|
exports.SecurityClientService = exports.SECURITY_CLIENT_CONFIG = void 0;
|
|
20
20
|
const common_1 = require("@nestjs/common");
|
|
21
21
|
const axios_1 = __importDefault(require("axios"));
|
|
22
|
+
const crypto_1 = require("crypto");
|
|
22
23
|
exports.SECURITY_CLIENT_CONFIG = 'SECURITY_CLIENT_CONFIG';
|
|
23
24
|
let SecurityClientService = SecurityClientService_1 = class SecurityClientService {
|
|
24
25
|
constructor(config) {
|
|
25
26
|
this.config = config;
|
|
26
27
|
this.logger = new common_1.Logger(SecurityClientService_1.name);
|
|
28
|
+
this.cache = new Map();
|
|
27
29
|
this.httpClient = axios_1.default.create({
|
|
28
30
|
baseURL: config.securityServiceUrl,
|
|
29
31
|
timeout: config.timeout || 5000,
|
|
@@ -31,18 +33,88 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
|
|
|
31
33
|
'Content-Type': 'application/json',
|
|
32
34
|
},
|
|
33
35
|
});
|
|
36
|
+
this.cacheTtlMs = config.cacheTtlMs ?? 60000;
|
|
37
|
+
this.maxCacheSize = config.maxCacheSize ?? 1000;
|
|
38
|
+
this.retryAttempts = config.retryAttempts ?? 2;
|
|
39
|
+
this.retryDelayMs = config.retryDelayMs ?? 1000;
|
|
40
|
+
}
|
|
41
|
+
hashToken(token) {
|
|
42
|
+
return (0, crypto_1.createHash)('sha256').update(token).digest('hex').substring(0, 16);
|
|
43
|
+
}
|
|
44
|
+
getCached(key) {
|
|
45
|
+
const entry = this.cache.get(key);
|
|
46
|
+
if (!entry)
|
|
47
|
+
return null;
|
|
48
|
+
if (Date.now() > entry.expiresAt) {
|
|
49
|
+
this.cache.delete(key);
|
|
50
|
+
return null;
|
|
51
|
+
}
|
|
52
|
+
return entry.user;
|
|
53
|
+
}
|
|
54
|
+
setCache(key, user) {
|
|
55
|
+
if (this.cache.size >= this.maxCacheSize) {
|
|
56
|
+
this.evictExpired();
|
|
57
|
+
if (this.cache.size >= this.maxCacheSize) {
|
|
58
|
+
const firstKey = this.cache.keys().next().value;
|
|
59
|
+
if (firstKey)
|
|
60
|
+
this.cache.delete(firstKey);
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
this.cache.set(key, {
|
|
64
|
+
user,
|
|
65
|
+
expiresAt: Date.now() + this.cacheTtlMs,
|
|
66
|
+
});
|
|
67
|
+
}
|
|
68
|
+
evictExpired() {
|
|
69
|
+
const now = Date.now();
|
|
70
|
+
for (const [key, entry] of this.cache) {
|
|
71
|
+
if (now > entry.expiresAt) {
|
|
72
|
+
this.cache.delete(key);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
isAuthError(status) {
|
|
77
|
+
return status === 401 || status === 403;
|
|
78
|
+
}
|
|
79
|
+
async withRetry(fn) {
|
|
80
|
+
let lastError;
|
|
81
|
+
for (let attempt = 0; attempt <= this.retryAttempts; attempt++) {
|
|
82
|
+
try {
|
|
83
|
+
return await fn();
|
|
84
|
+
}
|
|
85
|
+
catch (error) {
|
|
86
|
+
lastError = error;
|
|
87
|
+
if (error.response && this.isAuthError(error.response.status)) {
|
|
88
|
+
throw error;
|
|
89
|
+
}
|
|
90
|
+
if (attempt < this.retryAttempts) {
|
|
91
|
+
const delay = Math.pow(2, attempt) * this.retryDelayMs;
|
|
92
|
+
this.logger.warn(`Retry attempt ${attempt + 1}/${this.retryAttempts} after ${delay}ms`);
|
|
93
|
+
await new Promise(resolve => setTimeout(resolve, delay));
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
throw lastError;
|
|
34
98
|
}
|
|
35
99
|
async validateTokenAndGetUser(token) {
|
|
100
|
+
const cacheKey = this.hashToken(token);
|
|
101
|
+
const cached = this.getCached(cacheKey);
|
|
102
|
+
if (cached) {
|
|
103
|
+
return cached;
|
|
104
|
+
}
|
|
36
105
|
try {
|
|
37
|
-
const response = await this.httpClient.get('/api/v1/security/users/me', {
|
|
106
|
+
const response = await this.withRetry(() => this.httpClient.get('/api/v1/security/users/me', {
|
|
38
107
|
headers: {
|
|
39
108
|
Authorization: `Bearer ${token}`,
|
|
40
109
|
},
|
|
41
|
-
});
|
|
110
|
+
}));
|
|
42
111
|
if (!response.data || typeof response.data !== 'object') {
|
|
43
112
|
throw new Error('Invalid response format from security service');
|
|
44
113
|
}
|
|
45
|
-
const
|
|
114
|
+
const rawData = response.data;
|
|
115
|
+
const userData = (rawData?.success !== undefined && rawData?.message && typeof rawData.message === 'object')
|
|
116
|
+
? rawData.message
|
|
117
|
+
: rawData;
|
|
46
118
|
if (!userData.id || !userData.email || !userData.role || !userData.status) {
|
|
47
119
|
this.logger.warn('Security service returned incomplete user data', {
|
|
48
120
|
hasId: !!userData.id,
|
|
@@ -52,7 +124,9 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
|
|
|
52
124
|
});
|
|
53
125
|
throw new Error('Incomplete user data from security service');
|
|
54
126
|
}
|
|
55
|
-
|
|
127
|
+
const user = userData;
|
|
128
|
+
this.setCache(cacheKey, user);
|
|
129
|
+
return user;
|
|
56
130
|
}
|
|
57
131
|
catch (error) {
|
|
58
132
|
this.logger.error(`Error validating token: ${error.message}`);
|
|
@@ -66,15 +140,18 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
|
|
|
66
140
|
}
|
|
67
141
|
async getUserById(userId, token) {
|
|
68
142
|
try {
|
|
69
|
-
const response = await this.httpClient.get(`/api/v1/security/users/${userId}`, {
|
|
143
|
+
const response = await this.withRetry(() => this.httpClient.get(`/api/v1/security/users/${userId}`, {
|
|
70
144
|
headers: {
|
|
71
145
|
Authorization: `Bearer ${token}`,
|
|
72
146
|
},
|
|
73
|
-
});
|
|
147
|
+
}));
|
|
74
148
|
if (!response.data || typeof response.data !== 'object') {
|
|
75
149
|
throw new Error('Invalid response format from security service');
|
|
76
150
|
}
|
|
77
|
-
const
|
|
151
|
+
const rawData = response.data;
|
|
152
|
+
const userData = (rawData?.success !== undefined && rawData?.message && typeof rawData.message === 'object')
|
|
153
|
+
? rawData.message
|
|
154
|
+
: rawData;
|
|
78
155
|
if (!userData.id || !userData.email || !userData.role || !userData.status) {
|
|
79
156
|
this.logger.warn('Security service returned incomplete user data', {
|
|
80
157
|
hasId: !!userData.id,
|
|
@@ -96,6 +173,17 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
|
|
|
96
173
|
throw new Error(`Failed to connect to security service: ${error.message}`);
|
|
97
174
|
}
|
|
98
175
|
}
|
|
176
|
+
async healthCheck() {
|
|
177
|
+
const start = Date.now();
|
|
178
|
+
try {
|
|
179
|
+
await this.httpClient.get('/api/v1/security/health', { timeout: 3000 });
|
|
180
|
+
return { healthy: true, responseTimeMs: Date.now() - start };
|
|
181
|
+
}
|
|
182
|
+
catch (error) {
|
|
183
|
+
this.logger.error(`Health check failed: ${error.message}`);
|
|
184
|
+
return { healthy: false, responseTimeMs: Date.now() - start };
|
|
185
|
+
}
|
|
186
|
+
}
|
|
99
187
|
};
|
|
100
188
|
exports.SecurityClientService = SecurityClientService;
|
|
101
189
|
exports.SecurityClientService = SecurityClientService = SecurityClientService_1 = __decorate([
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-client.service.js","sourceRoot":"","sources":["../../src/services/security-client.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA4D;AAC5D,kDAA6C;
|
|
1
|
+
{"version":3,"file":"security-client.service.js","sourceRoot":"","sources":["../../src/services/security-client.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA4D;AAC5D,kDAA6C;AAC7C,mCAAoC;AAIvB,QAAA,sBAAsB,GAAG,wBAAwB,CAAC;AAQxD,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAShC,YACkC,MAA6C;QAA5B,WAAM,GAAN,MAAM,CAAsB;QAT9D,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;QAEhD,UAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;QASrD,IAAI,CAAC,UAAU,GAAG,eAAK,CAAC,MAAM,CAAC;YAC7B,OAAO,EAAE,MAAM,CAAC,kBAAkB;YAClC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;SACF,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;QAC7C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC;QAChD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC;IAClD,CAAC;IAEO,SAAS,CAAC,KAAa;QAC7B,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IAEO,SAAS,CAAC,GAAW;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC;IACpB,CAAC;IAEO,QAAQ,CAAC,GAAW,EAAE,IAAc;QAC1C,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACzC,IAAI,CAAC,YAAY,EAAE,CAAC;YACpB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;gBAChD,IAAI,QAAQ;oBAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,IAAI;YACJ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU;SACxC,CAAC,CAAC;IACL,CAAC;IAED,YAAY;QACV,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;gBAC1B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,MAAc;QAChC,OAAO,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,CAAC;IAC1C,CAAC;IAEO,KAAK,CAAC,SAAS,CAAI,EAAoB;QAC7C,IAAI,SAAc,CAAC;QACnB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,EAAE,CAAC;YAC/D,IAAI,CAAC;gBACH,OAAO,MAAM,EAAE,EAAE,CAAC;YACpB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,SAAS,GAAG,KAAK,CAAC;gBAClB,IAAI,KAAK,CAAC,QAAQ,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9D,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,IAAI,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;oBACjC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC;oBACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,aAAa,UAAU,KAAK,IAAI,CAAC,CAAC;oBACxF,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,SAAS,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,KAAa;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,CACzC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,2BAA2B,EAAE;gBAC/C,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CACH,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAW,CAAC;YACrC,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC;gBAC1G,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,CAAC;YACZ,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,IAAI,GAAG,QAAoB,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,KAAa;QAC7C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,CACzC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,EAAE;gBACtD,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CACH,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAW,CAAC;YACrC,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC;gBAC1G,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,CAAC;YACZ,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,OAAO,QAAoB,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,yBAAyB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACxE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;QAC/D,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;CACF,CAAA;AAxLY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAWR,WAAA,IAAA,eAAM,EAAC,8BAAsB,CAAC,CAAA;;GAVtB,qBAAqB,CAwLjC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@stefaninigo/security-client",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.1.1",
|
|
4
4
|
"description": "StefaniniGo Security Client SDK - Guards, decorators and HTTP client for authentication and authorization",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -31,8 +31,8 @@
|
|
|
31
31
|
"directory": "packages/security-client"
|
|
32
32
|
},
|
|
33
33
|
"dependencies": {
|
|
34
|
-
"@nestjs/common": "^11.
|
|
35
|
-
"@nestjs/core": "^11.
|
|
34
|
+
"@nestjs/common": "^10.0.0 || ^11.0.0",
|
|
35
|
+
"@nestjs/core": "^10.0.0 || ^11.0.0",
|
|
36
36
|
"axios": "^1.7.9",
|
|
37
37
|
"reflect-metadata": "^0.2.2",
|
|
38
38
|
"rxjs": "^7.8.2"
|
|
@@ -42,6 +42,7 @@
|
|
|
42
42
|
"@nestjs/core": "^10.0.0 || ^11.0.0"
|
|
43
43
|
},
|
|
44
44
|
"devDependencies": {
|
|
45
|
+
"@types/express": "^5.0.6",
|
|
45
46
|
"@types/node": "^24.7.2",
|
|
46
47
|
"typescript": "^5.9.3"
|
|
47
48
|
}
|