@stefaninigo/security-client 1.1.2 → 1.2.0

package/dist/decorators/public.decorator.d.ts

@@ -0,0 +1,2 @@
+export declare const IS_PUBLIC_KEY = "isPublic";
+export declare const Public: () => import("@nestjs/common").CustomDecorator<string>;

package/dist/decorators/public.decorator.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Public = exports.IS_PUBLIC_KEY = void 0;
+const common_1 = require("@nestjs/common");
+exports.IS_PUBLIC_KEY = 'isPublic';
+const Public = () => (0, common_1.SetMetadata)(exports.IS_PUBLIC_KEY, true);
+exports.Public = Public;
+//# sourceMappingURL=public.decorator.js.map

package/dist/decorators/public.decorator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public.decorator.js","sourceRoot":"","sources":["../../src/decorators/public.decorator.ts"],"names":[],"mappings":";;;AAAA,2CAA6C;AAEhC,QAAA,aAAa,GAAG,UAAU,CAAC;AACjC,MAAM,MAAM,GAAG,GAAG,EAAE,CAAC,IAAA,oBAAW,EAAC,qBAAa,EAAE,IAAI,CAAC,CAAC;AAAhD,QAAA,MAAM,UAA0C"}

package/dist/guards/provider.guard.d.ts

@@ -0,0 +1,7 @@
+import { CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
+export declare class ProviderGuard implements CanActivate {
+    private readonly reflector;
+    constructor(reflector: Reflector);
+    canActivate(context: ExecutionContext): boolean;
+}

package/dist/guards/provider.guard.js

@@ -0,0 +1,43 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProviderGuard = void 0;
+const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
+const public_decorator_1 = require("../decorators/public.decorator");
+let ProviderGuard = class ProviderGuard {
+    constructor(reflector) {
+        this.reflector = reflector;
+    }
+    canActivate(context) {
+        const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic) {
+            return true;
+        }
+        const { user } = context.switchToHttp().getRequest();
+        if (!user) {
+            throw new common_1.ForbiddenException('Usuario no autenticado');
+        }
+        if (!user.providerId) {
+            throw new common_1.ForbiddenException('Se requiere un proveedor asociado');
+        }
+        return true;
+    }
+};
+exports.ProviderGuard = ProviderGuard;
+exports.ProviderGuard = ProviderGuard = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [core_1.Reflector])
+], ProviderGuard);
+//# sourceMappingURL=provider.guard.js.map

package/dist/guards/provider.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.guard.js","sourceRoot":"","sources":["../../src/guards/provider.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AACzC,qEAA+D;AAGxD,IAAM,aAAa,GAAnB,MAAM,aAAa;IACxB,YAA6B,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAErD,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,wBAAwB,CAAC,CAAC;QACzD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,2BAAkB,CAAC,mCAAmC,CAAC,CAAC;QACpE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAzBY,sCAAa;wBAAb,aAAa;IADzB,IAAA,mBAAU,GAAE;qCAE6B,gBAAS;GADtC,aAAa,CAyBzB"}

package/dist/guards/role.guard.js

@@ -13,11 +13,19 @@ exports.RoleGuard = void 0;
 const common_1 = require("@nestjs/common");
 const core_1 = require("@nestjs/core");
 const roles_decorator_1 = require("../decorators/roles.decorator");
+const public_decorator_1 = require("../decorators/public.decorator");
 let RoleGuard = class RoleGuard {
     constructor(reflector) {
         this.reflector = reflector;
     }
     canActivate(context) {
+        const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic) {
+            return true;
+        }
         const requiredRoles = this.reflector.getAllAndOverride(roles_decorator_1.ROLES_KEY, [
             context.getHandler(),
             context.getClass(),

package/dist/guards/role.guard.js.map

@@ -1 +1 @@
-{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AAEzC,mEAA0D;AAGnD,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAE5C,WAAW,CAAC,OAAyB;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAa,2BAAS,EAAE;YAC5E,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,wBAAwB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAEjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,2BAAkB,CAAC,4CAA4C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvG,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AA3BY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,SAAS,CA2BrB"}
+{"version":3,"file":"role.guard.js","sourceRoot":"","sources":["../../src/guards/role.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAA+F;AAC/F,uCAAyC;AAEzC,mEAA0D;AAC1D,qEAA+D;AAGxD,IAAM,SAAS,GAAf,MAAM,SAAS;IACpB,YAAoB,SAAoB;QAApB,cAAS,GAAT,SAAS,CAAW;IAAG,CAAC;IAE5C,WAAW,CAAC,OAAyB;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAa,2BAAS,EAAE;YAC5E,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAE,CAAC;QAErD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,2BAAkB,CAAC,wBAAwB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAEjE,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,2BAAkB,CAAC,4CAA4C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvG,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AApCY,8BAAS;oBAAT,SAAS;IADrB,IAAA,mBAAU,GAAE;qCAEoB,gBAAS;GAD7B,SAAS,CAoCrB"}

package/dist/guards/{cognito-auth.guard.d.ts → security-auth.guard.d.ts}

@@ -1,8 +1,10 @@
 import { CanActivate, ExecutionContext } from '@nestjs/common';
+import { Reflector } from '@nestjs/core';
 import { SecurityClientService } from '../services/security-client.service';
 export declare class SecurityAuthGuard implements CanActivate {
     private readonly securityClient;
-    constructor(securityClient: SecurityClientService);
+    private readonly reflector;
+    constructor(securityClient: SecurityClientService, reflector: Reflector);
     canActivate(context: ExecutionContext): Promise<boolean>;
     private extractTokenFromHeader;
 }

package/dist/guards/{cognito-auth.guard.js → security-auth.guard.js}

@@ -11,12 +11,22 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CognitoAuthGuard = exports.SecurityAuthGuard = void 0;
 const common_1 = require("@nestjs/common");
+const core_1 = require("@nestjs/core");
 const security_client_service_1 = require("../services/security-client.service");
+const public_decorator_1 = require("../decorators/public.decorator");
 let SecurityAuthGuard = class SecurityAuthGuard {
-    constructor(securityClient) {
+    constructor(securityClient, reflector) {
         this.securityClient = securityClient;
+        this.reflector = reflector;
     }
     async canActivate(context) {
+        const isPublic = this.reflector.getAllAndOverride(public_decorator_1.IS_PUBLIC_KEY, [
+            context.getHandler(),
+            context.getClass(),
+        ]);
+        if (isPublic) {
+            return true;
+        }
         const request = context.switchToHttp().getRequest();
         const token = this.extractTokenFromHeader(request);
         if (!token) {
@@ -25,28 +35,31 @@ let SecurityAuthGuard = class SecurityAuthGuard {
         try {
             const user = await this.securityClient.validateTokenAndGetUser(token);
             if (user.status !== 'active') {
-                throw new common_1.UnauthorizedException('Usuario inactivo');
+                throw new common_1.ForbiddenException('Usuario inactivo');
             }
             request.user = user;
             return true;
         }
         catch (error) {
-            if (error instanceof common_1.UnauthorizedException) {
+            if (error instanceof common_1.UnauthorizedException || error instanceof common_1.ForbiddenException || error instanceof common_1.NotFoundException) {
                 throw error;
             }
             if (error instanceof Error) {
-                const errorMsg = error.message.toLowerCase();
-                if (errorMsg.includes('expired') || errorMsg.includes('jwt expired')) {
-                    throw new common_1.UnauthorizedException('Token expirado');
-                }
-                if (errorMsg.includes('invalid') ||
-                    errorMsg.includes('signature') ||
-                    errorMsg.includes('malformed') ||
-                    errorMsg.includes('jwt malformed')) {
-                    throw new common_1.UnauthorizedException('Token inválido');
+                const statusMatch = error.message.match(/status:\s*(\d+)/);
+                if (statusMatch) {
+                    const status = parseInt(statusMatch[1], 10);
+                    if (status === 401) {
+                        throw new common_1.UnauthorizedException('Token expirado o invalido');
+                    }
+                    if (status === 403) {
+                        throw new common_1.ForbiddenException('Acceso denegado');
+                    }
+                    if (status === 404) {
+                        throw new common_1.NotFoundException('Usuario no encontrado');
+                    }
                 }
             }
-            throw new common_1.UnauthorizedException('Error de autenticación');
+            throw new common_1.UnauthorizedException('Error de autenticacion');
         }
     }
     extractTokenFromHeader(request) {
@@ -57,7 +70,8 @@ let SecurityAuthGuard = class SecurityAuthGuard {
 exports.SecurityAuthGuard = SecurityAuthGuard;
 exports.SecurityAuthGuard = SecurityAuthGuard = __decorate([
     (0, common_1.Injectable)(),
-    __metadata("design:paramtypes", [security_client_service_1.SecurityClientService])
+    __metadata("design:paramtypes", [security_client_service_1.SecurityClientService,
+        core_1.Reflector])
 ], SecurityAuthGuard);
 exports.CognitoAuthGuard = SecurityAuthGuard;
-//# sourceMappingURL=cognito-auth.guard.js.map
+//# sourceMappingURL=security-auth.guard.js.map

package/dist/guards/security-auth.guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-auth.guard.js","sourceRoot":"","sources":["../../src/guards/security-auth.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,2CAAyI;AACzI,uCAAyC;AAEzC,iFAA4E;AAE5E,qEAA+D;AAcxD,IAAM,iBAAiB,GAAvB,MAAM,iBAAiB;IAC5B,YACmB,cAAqC,EACrC,SAAoB;QADpB,mBAAc,GAAd,cAAc,CAAuB;QACrC,cAAS,GAAT,SAAS,CAAW;IACpC,CAAC;IAEJ,KAAK,CAAC,WAAW,CAAC,OAAyB;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAU,gCAAa,EAAE;YACxE,OAAO,CAAC,UAAU,EAAE;YACpB,OAAO,CAAC,QAAQ,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,UAAU,EAAiC,CAAC;QACnF,MAAM,KAAK,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;YAEtE,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAC7B,MAAM,IAAI,2BAAkB,CAAC,kBAAkB,CAAC,CAAC;YACnD,CAAC;YAED,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;YAEpB,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,8BAAqB,IAAI,KAAK,YAAY,2BAAkB,IAAI,KAAK,YAAY,0BAAiB,EAAE,CAAC;gBACxH,MAAM,KAAK,CAAC;YACd,CAAC;YAED,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;gBAC3B,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;gBAC3D,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAE5C,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,8BAAqB,CAAC,2BAA2B,CAAC,CAAC;oBAC/D,CAAC;oBAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,2BAAkB,CAAC,iBAAiB,CAAC,CAAC;oBAClD,CAAC;oBAED,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;wBACnB,MAAM,IAAI,0BAAiB,CAAC,uBAAuB,CAAC,CAAC;oBACvD,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAEO,sBAAsB,CAAC,OAAgB;QAC7C,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACtE,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;IAC/C,CAAC;CACF,CAAA;AAjEY,8CAAiB;4BAAjB,iBAAiB;IAD7B,IAAA,mBAAU,GAAE;qCAGwB,+CAAqB;QAC1B,gBAAS;GAH5B,iBAAiB,CAiE7B;AAKY,QAAA,gBAAgB,GAAG,iBAAiB,CAAC"}

package/dist/index.d.ts

@@ -1,6 +1,8 @@
-export { SecurityAuthGuard, CognitoAuthGuard } from './guards/cognito-auth.guard';
+export { SecurityAuthGuard, CognitoAuthGuard } from './guards/security-auth.guard';
 export * from './guards/role.guard';
+export * from './guards/provider.guard';
 export * from './decorators/roles.decorator';
+export * from './decorators/public.decorator';
 export * from './services/security-client.service';
 export * from './module/security-client.module';
 export * from './types/user.types';

package/dist/index.js

@@ -15,11 +15,13 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CognitoAuthGuard = exports.SecurityAuthGuard = void 0;
-var cognito_auth_guard_1 = require("./guards/cognito-auth.guard");
-Object.defineProperty(exports, "SecurityAuthGuard", { enumerable: true, get: function () { return cognito_auth_guard_1.SecurityAuthGuard; } });
-Object.defineProperty(exports, "CognitoAuthGuard", { enumerable: true, get: function () { return cognito_auth_guard_1.CognitoAuthGuard; } });
+var security_auth_guard_1 = require("./guards/security-auth.guard");
+Object.defineProperty(exports, "SecurityAuthGuard", { enumerable: true, get: function () { return security_auth_guard_1.SecurityAuthGuard; } });
+Object.defineProperty(exports, "CognitoAuthGuard", { enumerable: true, get: function () { return security_auth_guard_1.CognitoAuthGuard; } });
 __exportStar(require("./guards/role.guard"), exports);
+__exportStar(require("./guards/provider.guard"), exports);
 __exportStar(require("./decorators/roles.decorator"), exports);
+__exportStar(require("./decorators/public.decorator"), exports);
 __exportStar(require("./services/security-client.service"), exports);
 __exportStar(require("./module/security-client.module"), exports);
 __exportStar(require("./types/user.types"), exports);

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,kEAAkF;AAAzE,uHAAA,iBAAiB,OAAA;AAAE,sHAAA,gBAAgB,OAAA;AAC5C,sDAAoC;AACpC,+DAA6C;AAC7C,qEAAmD;AACnD,kEAAgD;AAChD,qDAAmC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,oEAAmF;AAA1E,wHAAA,iBAAiB,OAAA;AAAE,uHAAA,gBAAgB,OAAA;AAC5C,sDAAoC;AACpC,0DAAwC;AACxC,+DAA6C;AAC7C,gEAA8C;AAC9C,qEAAmD;AACnD,kEAAgD;AAChD,qDAAmC"}

package/dist/module/security-client.module.d.ts

@@ -2,4 +2,9 @@ import { DynamicModule } from '@nestjs/common';
 import { SecurityClientConfig } from '../types/user.types';
 export declare class SecurityClientModule {
     static forRoot(config: SecurityClientConfig): DynamicModule;
+    static forRootAsync(options: {
+        imports?: any[];
+        useFactory: (...args: any[]) => SecurityClientConfig | Promise<SecurityClientConfig>;
+        inject?: any[];
+    }): DynamicModule;
 }

package/dist/module/security-client.module.js

@@ -10,8 +10,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SecurityClientModule = void 0;
 const common_1 = require("@nestjs/common");
 const security_client_service_1 = require("../services/security-client.service");
-const cognito_auth_guard_1 = require("../guards/cognito-auth.guard");
+const security_auth_guard_1 = require("../guards/security-auth.guard");
 const role_guard_1 = require("../guards/role.guard");
+const provider_guard_1 = require("../guards/provider.guard");
 let SecurityClientModule = SecurityClientModule_1 = class SecurityClientModule {
     static forRoot(config) {
         if (!config.securityServiceUrl || typeof config.securityServiceUrl !== 'string' || config.securityServiceUrl.trim() === '') {
@@ -31,13 +32,38 @@ let SecurityClientModule = SecurityClientModule_1 = class SecurityClientModule {
                     useValue: config,
                 },
                 security_client_service_1.SecurityClientService,
-                cognito_auth_guard_1.SecurityAuthGuard,
+                security_auth_guard_1.SecurityAuthGuard,
                 role_guard_1.RoleGuard,
+                provider_guard_1.ProviderGuard,
             ],
             exports: [
                 security_client_service_1.SecurityClientService,
-                cognito_auth_guard_1.SecurityAuthGuard,
+                security_auth_guard_1.SecurityAuthGuard,
                 role_guard_1.RoleGuard,
+                provider_guard_1.ProviderGuard,
+            ],
+        };
+    }
+    static forRootAsync(options) {
+        return {
+            module: SecurityClientModule_1,
+            imports: options.imports || [],
+            providers: [
+                {
+                    provide: security_client_service_1.SECURITY_CLIENT_CONFIG,
+                    useFactory: options.useFactory,
+                    inject: options.inject || [],
+                },
+                security_client_service_1.SecurityClientService,
+                security_auth_guard_1.SecurityAuthGuard,
+                role_guard_1.RoleGuard,
+                provider_guard_1.ProviderGuard,
+            ],
+            exports: [
+                security_client_service_1.SecurityClientService,
+                security_auth_guard_1.SecurityAuthGuard,
+                role_guard_1.RoleGuard,
+                provider_guard_1.ProviderGuard,
             ],
         };
     }

package/dist/module/security-client.module.js.map

@@ -1 +1 @@
-{"version":3,"file":"security-client.module.js","sourceRoot":"","sources":["../../src/module/security-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAA+D;AAC/D,iFAAoG;AACpG,qEAAiE;AACjE,qDAAiD;AAK1C,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAC/B,MAAM,CAAC,OAAO,CAAC,MAA4B;QACzC,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,OAAO,MAAM,CAAC,kBAAkB,KAAK,QAAQ,IAAI,MAAM,CAAC,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3H,MAAM,IAAI,KAAK,CAAC,uFAAuF,CAAC,CAAC;QAC3G,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,CAAC,kBAAkB,wBAAwB,CAAC,CAAC;QAC3G,CAAC;QAED,OAAO;YACL,MAAM,EAAE,sBAAoB;YAC5B,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,gDAAsB;oBAC/B,QAAQ,EAAE,MAAM;iBACjB;gBACD,+CAAqB;gBACrB,sCAAiB;gBACjB,sBAAS;aACV;YACD,OAAO,EAAE;gBACP,+CAAqB;gBACrB,sCAAiB;gBACjB,sBAAS;aACV;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA9BY,oDAAoB;+BAApB,oBAAoB;IAFhC,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,oBAAoB,CA8BhC"}
+{"version":3,"file":"security-client.module.js","sourceRoot":"","sources":["../../src/module/security-client.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAA+D;AAC/D,iFAAoG;AACpG,uEAAkE;AAClE,qDAAiD;AACjD,6DAAyD;AAKlD,IAAM,oBAAoB,4BAA1B,MAAM,oBAAoB;IAC/B,MAAM,CAAC,OAAO,CAAC,MAA4B;QACzC,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,OAAO,MAAM,CAAC,kBAAkB,KAAK,QAAQ,IAAI,MAAM,CAAC,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YAC3H,MAAM,IAAI,KAAK,CAAC,uFAAuF,CAAC,CAAC;QAC3G,CAAC;QAED,IAAI,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACrC,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,IAAI,KAAK,CAAC,sCAAsC,MAAM,CAAC,kBAAkB,wBAAwB,CAAC,CAAC;QAC3G,CAAC;QAED,OAAO;YACL,MAAM,EAAE,sBAAoB;YAC5B,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,gDAAsB;oBAC/B,QAAQ,EAAE,MAAM;iBACjB;gBACD,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;SACF,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,YAAY,CAAC,OAInB;QACC,OAAO;YACL,MAAM,EAAE,sBAAoB;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;YAC9B,SAAS,EAAE;gBACT;oBACE,OAAO,EAAE,gDAAsB;oBAC/B,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;iBAC7B;gBACD,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;YACD,OAAO,EAAE;gBACP,+CAAqB;gBACrB,uCAAiB;gBACjB,sBAAS;gBACT,8BAAa;aACd;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AA5DY,oDAAoB;+BAApB,oBAAoB;IAFhC,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,oBAAoB,CA4DhC"}

package/dist/services/security-client.service.d.ts

@@ -5,7 +5,22 @@ export declare class SecurityClientService {
     private readonly config;
     private readonly logger;
     private readonly httpClient;
+    private readonly cache;
+    private readonly cacheTtlMs;
+    private readonly maxCacheSize;
+    private readonly retryAttempts;
+    private readonly retryDelayMs;
     constructor(config: SecurityClientConfig);
+    private hashToken;
+    private getCached;
+    private setCache;
+    evictExpired(): void;
+    private isAuthError;
+    private withRetry;
     validateTokenAndGetUser(token: string): Promise<AuthUser>;
     getUserById(userId: string, token: string): Promise<AuthUser>;
+    healthCheck(): Promise<{
+        healthy: boolean;
+        responseTimeMs: number;
+    }>;
 }

package/dist/services/security-client.service.js

@@ -19,11 +19,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SecurityClientService = exports.SECURITY_CLIENT_CONFIG = void 0;
 const common_1 = require("@nestjs/common");
 const axios_1 = __importDefault(require("axios"));
+const crypto_1 = require("crypto");
 exports.SECURITY_CLIENT_CONFIG = 'SECURITY_CLIENT_CONFIG';
 let SecurityClientService = SecurityClientService_1 = class SecurityClientService {
     constructor(config) {
         this.config = config;
         this.logger = new common_1.Logger(SecurityClientService_1.name);
+        this.cache = new Map();
         this.httpClient = axios_1.default.create({
             baseURL: config.securityServiceUrl,
             timeout: config.timeout || 5000,
@@ -31,18 +33,88 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
                 'Content-Type': 'application/json',
             },
         });
+        this.cacheTtlMs = config.cacheTtlMs ?? 60000;
+        this.maxCacheSize = config.maxCacheSize ?? 1000;
+        this.retryAttempts = config.retryAttempts ?? 2;
+        this.retryDelayMs = config.retryDelayMs ?? 1000;
+    }
+    hashToken(token) {
+        return (0, crypto_1.createHash)('sha256').update(token).digest('hex').substring(0, 16);
+    }
+    getCached(key) {
+        const entry = this.cache.get(key);
+        if (!entry)
+            return null;
+        if (Date.now() > entry.expiresAt) {
+            this.cache.delete(key);
+            return null;
+        }
+        return entry.user;
+    }
+    setCache(key, user) {
+        if (this.cache.size >= this.maxCacheSize) {
+            this.evictExpired();
+            if (this.cache.size >= this.maxCacheSize) {
+                const firstKey = this.cache.keys().next().value;
+                if (firstKey)
+                    this.cache.delete(firstKey);
+            }
+        }
+        this.cache.set(key, {
+            user,
+            expiresAt: Date.now() + this.cacheTtlMs,
+        });
+    }
+    evictExpired() {
+        const now = Date.now();
+        for (const [key, entry] of this.cache) {
+            if (now > entry.expiresAt) {
+                this.cache.delete(key);
+            }
+        }
+    }
+    isAuthError(status) {
+        return status === 401 || status === 403;
+    }
+    async withRetry(fn) {
+        let lastError;
+        for (let attempt = 0; attempt <= this.retryAttempts; attempt++) {
+            try {
+                return await fn();
+            }
+            catch (error) {
+                lastError = error;
+                if (error.response && this.isAuthError(error.response.status)) {
+                    throw error;
+                }
+                if (attempt < this.retryAttempts) {
+                    const delay = Math.pow(2, attempt) * this.retryDelayMs;
+                    this.logger.warn(`Retry attempt ${attempt + 1}/${this.retryAttempts} after ${delay}ms`);
+                    await new Promise(resolve => setTimeout(resolve, delay));
+                }
+            }
+        }
+        throw lastError;
     }
     async validateTokenAndGetUser(token) {
+        const cacheKey = this.hashToken(token);
+        const cached = this.getCached(cacheKey);
+        if (cached) {
+            return cached;
+        }
         try {
-            const response = await this.httpClient.get('/api/v1/security/users/me', {
+            const response = await this.withRetry(() => this.httpClient.get('/api/v1/security/users/me', {
                 headers: {
                     Authorization: `Bearer ${token}`,
                 },
-            });
+            }));
             if (!response.data || typeof response.data !== 'object') {
                 throw new Error('Invalid response format from security service');
             }
-            const userData = response.data;
+            const rawData = response.data;
+            const userData = (rawData?.success !== undefined && rawData?.message && typeof rawData.message === 'object')
+                ? rawData.message
+                : rawData;
             if (!userData.id || !userData.email || !userData.role || !userData.status) {
                 this.logger.warn('Security service returned incomplete user data', {
                     hasId: !!userData.id,
@@ -52,7 +124,9 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
                 });
                 throw new Error('Incomplete user data from security service');
             }
-            return userData;
+            const user = userData;
+            this.setCache(cacheKey, user);
+            return user;
         }
         catch (error) {
             this.logger.error(`Error validating token: ${error.message}`);
@@ -66,15 +140,18 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
     }
     async getUserById(userId, token) {
         try {
-            const response = await this.httpClient.get(`/api/v1/security/users/${userId}`, {
+            const response = await this.withRetry(() => this.httpClient.get(`/api/v1/security/users/${userId}`, {
                 headers: {
                     Authorization: `Bearer ${token}`,
                 },
-            });
+            }));
             if (!response.data || typeof response.data !== 'object') {
                 throw new Error('Invalid response format from security service');
             }
-            const userData = response.data;
+            const rawData = response.data;
+            const userData = (rawData?.success !== undefined && rawData?.message && typeof rawData.message === 'object')
+                ? rawData.message
+                : rawData;
             if (!userData.id || !userData.email || !userData.role || !userData.status) {
                 this.logger.warn('Security service returned incomplete user data', {
                     hasId: !!userData.id,
@@ -96,6 +173,17 @@ let SecurityClientService = SecurityClientService_1 = class SecurityClientServic
             throw new Error(`Failed to connect to security service: ${error.message}`);
         }
     }
+    async healthCheck() {
+        const start = Date.now();
+        try {
+            await this.httpClient.get('/api/v1/security/health', { timeout: 3000 });
+            return { healthy: true, responseTimeMs: Date.now() - start };
+        }
+        catch (error) {
+            this.logger.error(`Health check failed: ${error.message}`);
+            return { healthy: false, responseTimeMs: Date.now() - start };
+        }
+    }
 };
 exports.SecurityClientService = SecurityClientService;
 exports.SecurityClientService = SecurityClientService = SecurityClientService_1 = __decorate([

package/dist/services/security-client.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"security-client.service.js","sourceRoot":"","sources":["../../src/services/security-client.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA4D;AAC5D,kDAA6C;AAIhC,QAAA,sBAAsB,GAAG,wBAAwB,CAAC;AAGxD,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAIhC,YACkC,MAA6C;QAA5B,WAAM,GAAN,MAAM,CAAsB;QAJ9D,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;QAM/D,IAAI,CAAC,UAAU,GAAG,eAAK,CAAC,MAAM,CAAC;YAC7B,OAAO,EAAE,MAAM,CAAC,kBAAkB;YAClC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,KAAa;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,2BAA2B,EAAE;gBACtE,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CAAC;YAGH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAW,CAAC;YACtC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,OAAO,QAAoB,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,KAAa;QAC7C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,EAAE;gBAC7E,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CAAC;YAGH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAW,CAAC;YACtC,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,OAAO,QAAoB,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;CACF,CAAA;AAvFY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAMR,WAAA,IAAA,eAAM,EAAC,8BAAsB,CAAC,CAAA;;GALtB,qBAAqB,CAuFjC"}
+{"version":3,"file":"security-client.service.js","sourceRoot":"","sources":["../../src/services/security-client.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;AAAA,2CAA4D;AAC5D,kDAA6C;AAC7C,mCAAoC;AAIvB,QAAA,sBAAsB,GAAG,wBAAwB,CAAC;AAQxD,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAShC,YACkC,MAA6C;QAA5B,WAAM,GAAN,MAAM,CAAsB;QAT9D,WAAM,GAAG,IAAI,eAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;QAEhD,UAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;QASrD,IAAI,CAAC,UAAU,GAAG,eAAK,CAAC,MAAM,CAAC;YAC7B,OAAO,EAAE,MAAM,CAAC,kBAAkB;YAClC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,IAAI;YAC/B,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;aACnC;SACF,CAAC,CAAC;QACH,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,KAAK,CAAC;QAC7C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC;QAChD,IAAI,CAAC,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC;IAClD,CAAC;IAEO,SAAS,CAAC,KAAa;QAC7B,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IAEO,SAAS,CAAC,GAAW;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC;IACpB,CAAC;IAEO,QAAQ,CAAC,GAAW,EAAE,IAAc;QAC1C,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACzC,IAAI,CAAC,YAAY,EAAE,CAAC;YACpB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;gBAChD,IAAI,QAAQ;oBAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,IAAI;YACJ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU;SACxC,CAAC,CAAC;IACL,CAAC;IAED,YAAY;QACV,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,EAAE,CAAC;gBAC1B,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,MAAc;QAChC,OAAO,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,CAAC;IAC1C,CAAC;IAEO,KAAK,CAAC,SAAS,CAAI,EAAoB;QAC7C,IAAI,SAAc,CAAC;QACnB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,EAAE,CAAC;YAC/D,IAAI,CAAC;gBACH,OAAO,MAAM,EAAE,EAAE,CAAC;YACpB,CAAC;YAAC,OAAO,KAAU,EAAE,CAAC;gBACpB,SAAS,GAAG,KAAK,CAAC;gBAClB,IAAI,KAAK,CAAC,QAAQ,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC9D,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,IAAI,OAAO,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;oBACjC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC;oBACvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,aAAa,UAAU,KAAK,IAAI,CAAC,CAAC;oBACxF,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBAC3D,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,SAAS,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,KAAa;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,CACzC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,2BAA2B,EAAE;gBAC/C,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CACH,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAW,CAAC;YACrC,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC;gBAC1G,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,CAAC;YACZ,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,MAAM,IAAI,GAAG,QAAoB,CAAC;YAClC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,KAAa;QAC7C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,CACzC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,EAAE;gBACtD,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,KAAK,EAAE;iBACjC;aACF,CAAC,CACH,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxD,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;YACnE,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAW,CAAC;YACrC,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,OAAO,EAAE,OAAO,IAAI,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC;gBAC1G,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,CAAC;YACZ,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAC1E,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK;oBAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;oBACxB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;iBAC7B,CAAC,CAAC;gBACH,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,OAAO,QAAoB,CAAC;QAC9B,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1D,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrC,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,IAAI,eAAe,CAAC;gBAC/F,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,MAAM,OAAO,EAAE,CAAC,CAAC;YAC5E,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,yBAAyB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACxE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;QAC/D,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;CACF,CAAA;AAxLY,sDAAqB;gCAArB,qBAAqB;IADjC,IAAA,mBAAU,GAAE;IAWR,WAAA,IAAA,eAAM,EAAC,8BAAsB,CAAC,CAAA;;GAVtB,qBAAqB,CAwLjC"}

package/dist/types/user.types.d.ts

@@ -2,6 +2,7 @@ export declare enum UserRole {
     ROOT = "root",
     ADMIN = "admin",
     DISPATCHER = "dispatcher",
+    CLIENT = "client",
     TECHNICIAN = "technician"
 }
 export declare enum UserStatus {
@@ -20,4 +21,8 @@ export interface AuthUser {
 export interface SecurityClientConfig {
     securityServiceUrl: string;
     timeout?: number;
+    cacheTtlMs?: number;
+    maxCacheSize?: number;
+    retryAttempts?: number;
+    retryDelayMs?: number;
 }

package/dist/types/user.types.js

@@ -6,6 +6,7 @@ var UserRole;
     UserRole["ROOT"] = "root";
     UserRole["ADMIN"] = "admin";
     UserRole["DISPATCHER"] = "dispatcher";
+    UserRole["CLIENT"] = "client";
     UserRole["TECHNICIAN"] = "technician";
 })(UserRole || (exports.UserRole = UserRole = {}));
 var UserStatus;

package/dist/types/user.types.js.map

@@ -1 +1 @@
-{"version":3,"file":"user.types.js","sourceRoot":"","sources":["../../src/types/user.types.ts"],"names":[],"mappings":";;;AAAA,IAAY,QAKX;AALD,WAAY,QAAQ;IAClB,yBAAa,CAAA;IACb,2BAAe,CAAA;IACf,qCAAyB,CAAA;IACzB,qCAAyB,CAAA;AAC3B,CAAC,EALW,QAAQ,wBAAR,QAAQ,QAKnB;AAED,IAAY,UAIX;AAJD,WAAY,UAAU;IACpB,+BAAiB,CAAA;IACjB,iCAAmB,CAAA;IACnB,iCAAmB,CAAA;AACrB,CAAC,EAJW,UAAU,0BAAV,UAAU,QAIrB"}
+{"version":3,"file":"user.types.js","sourceRoot":"","sources":["../../src/types/user.types.ts"],"names":[],"mappings":";;;AAAA,IAAY,QAMX;AAND,WAAY,QAAQ;IAClB,yBAAa,CAAA;IACb,2BAAe,CAAA;IACf,qCAAyB,CAAA;IACzB,6BAAiB,CAAA;IACjB,qCAAyB,CAAA;AAC3B,CAAC,EANW,QAAQ,wBAAR,QAAQ,QAMnB;AAED,IAAY,UAIX;AAJD,WAAY,UAAU;IACpB,+BAAiB,CAAA;IACjB,iCAAmB,CAAA;IACnB,iCAAmB,CAAA;AACrB,CAAC,EAJW,UAAU,0BAAV,UAAU,QAIrB"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stefaninigo/security-client",
-  "version": "1.1.2",
+  "version": "1.2.0",
   "description": "StefaniniGo Security Client SDK - Guards, decorators and HTTP client for authentication and authorization",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -31,8 +31,8 @@
     "directory": "packages/security-client"
   },
   "dependencies": {
-    "@nestjs/common": "^11.1.6",
-    "@nestjs/core": "^11.1.6",
+    "@nestjs/common": "^10.0.0 || ^11.0.0",
+    "@nestjs/core": "^10.0.0 || ^11.0.0",
     "axios": "^1.7.9",
     "reflect-metadata": "^0.2.2",
     "rxjs": "^7.8.2"
@@ -42,6 +42,7 @@
     "@nestjs/core": "^10.0.0 || ^11.0.0"
   },
   "devDependencies": {
+    "@types/express": "^5.0.6",
     "@types/node": "^24.7.2",
     "typescript": "^5.9.3"
   }

package/dist/generated/authentication/authentication.d.ts

@@ -1,22 +0,0 @@
-import type { AuthControllerChangePassword200, AuthControllerCompleteNewPassword200, AuthControllerConfirmRegistration200, AuthControllerForgotPassword200, AuthControllerLogin200, AuthControllerLogout200, AuthControllerRefreshToken200, AuthControllerResetPassword200, ChangePasswordDto, CompleteNewPasswordDto, ConfirmRegistrationDto, ForgotPasswordDto, LoginDto, RefreshTokenDto, ResetPasswordDto } from '../stefaniniGoServiceAPI.schemas';
-import { customInstance } from '../../utils/mutator';
-type SecondParameter<T extends (...args: never) => unknown> = Parameters<T>[1];
-export declare const getAuthentication: () => {
-    authControllerLogin: (loginDto: LoginDto, options?: SecondParameter<typeof customInstance<AuthControllerLogin200>>) => Promise<AuthControllerLogin200>;
-    authControllerCompleteNewPassword: (completeNewPasswordDto: CompleteNewPasswordDto, options?: SecondParameter<typeof customInstance<AuthControllerCompleteNewPassword200>>) => Promise<AuthControllerCompleteNewPassword200>;
-    authControllerConfirmRegistration: (confirmRegistrationDto: ConfirmRegistrationDto, options?: SecondParameter<typeof customInstance<AuthControllerConfirmRegistration200>>) => Promise<AuthControllerConfirmRegistration200>;
-    authControllerForgotPassword: (forgotPasswordDto: ForgotPasswordDto, options?: SecondParameter<typeof customInstance<AuthControllerForgotPassword200>>) => Promise<AuthControllerForgotPassword200>;
-    authControllerResetPassword: (resetPasswordDto: ResetPasswordDto, options?: SecondParameter<typeof customInstance<AuthControllerResetPassword200>>) => Promise<AuthControllerResetPassword200>;
-    authControllerRefreshToken: (refreshTokenDto: RefreshTokenDto, options?: SecondParameter<typeof customInstance<AuthControllerRefreshToken200>>) => Promise<AuthControllerRefreshToken200>;
-    authControllerLogout: (options?: SecondParameter<typeof customInstance<AuthControllerLogout200>>) => Promise<AuthControllerLogout200>;
-    authControllerChangePassword: (changePasswordDto: ChangePasswordDto, options?: SecondParameter<typeof customInstance<AuthControllerChangePassword200>>) => Promise<AuthControllerChangePassword200>;
-};
-export type AuthControllerLoginResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerLogin']>>>;
-export type AuthControllerCompleteNewPasswordResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerCompleteNewPassword']>>>;
-export type AuthControllerConfirmRegistrationResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerConfirmRegistration']>>>;
-export type AuthControllerForgotPasswordResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerForgotPassword']>>>;
-export type AuthControllerResetPasswordResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerResetPassword']>>>;
-export type AuthControllerRefreshTokenResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerRefreshToken']>>>;
-export type AuthControllerLogoutResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerLogout']>>>;
-export type AuthControllerChangePasswordResult = NonNullable<Awaited<ReturnType<ReturnType<typeof getAuthentication>['authControllerChangePassword']>>>;
-export {};