npm - @sync-in/server - Versions diffs - 1.11.0 → 2.0.0 - Mend

@sync-in/server 1.11.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1040) hide show

package/server/applications/sync/services/sync-clients-manager.service.js CHANGED Viewed

@@ -1,8 +1,4 @@
-/*
- * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>
- * This file is part of Sync-in | The open source file sync and share solution
- * See the LICENSE file for licensing details
- */ "use strict";
+"use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true
 });
@@ -17,9 +13,10 @@ const _common = require("@nestjs/common");
 const _nodecrypto = /*#__PURE__*/ _interop_require_default(require("node:crypto"));
 const _promises = /*#__PURE__*/ _interop_require_default(require("node:fs/promises"));
 const _nodepath = /*#__PURE__*/ _interop_require_default(require("node:path"));
-const _authmethod = require("../../../authentication/models/auth-method");
-const _authmanagerservice = require("../../../authentication/services/auth-manager.service");
-const _authmethodtwofaservice = require("../../../authentication/services/auth-methods/auth-method-two-fa.service");
+const _authservice = require("../../../authentication/auth.service");
+const _scope = require("../../../authentication/constants/scope");
+const _authprovidersmodels = require("../../../authentication/providers/auth-providers.models");
+const _authprovidertwofaservice = require("../../../authentication/providers/two-fa/auth-provider-two-fa.service");
 const _functions = require("../../../common/functions");
 const _shared = require("../../../common/shared");
 const _configconstants = require("../../../configuration/config.constants");
@@ -49,43 +46,64 @@ function _ts_metadata(k, v) {
 }
 let SyncClientsManager = class SyncClientsManager {
     async register(clientRegistrationDto, ip) {
-        const user = await this.authMethod.validateUser(clientRegistrationDto.login, clientRegistrationDto.password);
+        const user = await this.authProvider.validateUser(clientRegistrationDto.login, clientRegistrationDto.password, ip, _scope.AUTH_SCOPE.CLIENT);
         if (!user) {
-            this.logger.warn(`${this.register.name} - auth failed for user *${clientRegistrationDto.login}*`);
+            this.logger.warn({
+                tag: this.register.name,
+                msg: `auth failed for user *${clientRegistrationDto.login}*`
+            });
             throw new _common.HttpException('Wrong login or password', _common.HttpStatus.UNAUTHORIZED);
         }
         if (!user.havePermission(_user.USER_PERMISSION.DESKTOP_APP)) {
-            this.logger.warn(`${this.register.name} - user *${user.login}* (${user.id}) does not have permission : ${_user.USER_PERMISSION.DESKTOP_APP}`);
+            this.logger.warn({
+                tag: this.register.name,
+                msg: `user *${user.login}* (${user.id}) does not have permission : ${_user.USER_PERMISSION.DESKTOP_APP}`
+            });
             throw new _common.HttpException('Missing permission', _common.HttpStatus.FORBIDDEN);
         }
         if (_configenvironment.configuration.auth.mfa.totp.enabled && user.twoFaEnabled) {
+            // Checking TOTP code and recovery code
             if (!clientRegistrationDto.code) {
-                this.logger.warn(`${this.register.name} - missing two-fa code for user *${user.login}* (${user.id})`);
+                this.logger.warn({
+                    tag: this.register.name,
+                    msg: `missing two-fa code for user *${user.login}* (${user.id})`
+                });
                 throw new _common.HttpException('Missing TWO-FA code', _common.HttpStatus.UNAUTHORIZED);
             }
-            const auth = this.authMethod2Fa.validateTwoFactorCode(clientRegistrationDto.code, user.secrets.twoFaSecret);
-            if (!auth.success) {
-                this.logger.warn(`${this.register.name} - wrong two-fa code for user *${user.login}* (${user.id})`);
-                this.usersManager.updateAccesses(user, ip, false).catch((e)=>this.logger.error(`${this.register.name} - ${e}`));
-                throw new _common.HttpException(auth.message, _common.HttpStatus.UNAUTHORIZED);
+            const authCode = this.authProvider2FA.validateTwoFactorCode(clientRegistrationDto.code, user.secrets.twoFaSecret);
+            if (!authCode.success) {
+                this.logger.warn({
+                    tag: this.register.name,
+                    msg: `two-fa code for *${user.login}* (${user.id}) - ${authCode.message}`
+                });
+                const authRCode = await this.authProvider2FA.validateRecoveryCode(user.id, clientRegistrationDto.code, user.secrets.recoveryCodes);
+                if (!authRCode.success) {
+                    this.logger.warn({
+                        tag: this.register.name,
+                        msg: `two-fa recovery code for *${user.login}* (${user.id}) - ${authRCode.message}`
+                    });
+                    this.usersManager.updateAccesses(user, ip, false).catch((e)=>this.logger.error({
+                            tag: this.register.name,
+                            msg: `${e}`
+                        }));
+                    throw new _common.HttpException(authCode.message, _common.HttpStatus.UNAUTHORIZED);
+                }
             }
         }
-        try {
-            const token = await this.syncQueries.getOrCreateClient(user.id, clientRegistrationDto.clientId, clientRegistrationDto.info, ip);
-            this.logger.log(`${this.register.name} - client *${clientRegistrationDto.info.type}* was registered for user *${user.login}* (${user.id})`);
-            return {
-                clientToken: token
-            };
-        } catch (e) {
-            this.logger.error(`${this.register.name} - ${e}`);
-            throw new _common.HttpException('Error during the client registration', _common.HttpStatus.INTERNAL_SERVER_ERROR);
-        }
+        return this.getOrCreateClient(user, clientRegistrationDto.clientId, clientRegistrationDto.info, ip);
+    }
+    async registerWithAuth(clientAuthenticatedRegistrationDto, req) {
+        const clientId = clientAuthenticatedRegistrationDto.clientId || _nodecrypto.default.randomUUID();
+        return this.getOrCreateClient(req.user, clientId, clientAuthenticatedRegistrationDto.info, req.ip);
     }
     async unregister(user) {
         try {
             await this.syncQueries.deleteClient(user.id, user.clientId);
         } catch (e) {
-            this.logger.error(`${this.unregister.name} - ${e}`);
+            this.logger.error({
+                tag: this.unregister.name,
+                msg: `${e}`
+            });
             throw new _common.HttpException('Error during the removing of client registration', _common.HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
@@ -100,7 +118,10 @@ let SyncClientsManager = class SyncClientsManager {
         if ((0, _shared.currentTimeStamp)() >= client.tokenExpiration) {
             throw new _common.HttpException(_auth.CLIENT_TOKEN_EXPIRED_ERROR, _common.HttpStatus.FORBIDDEN);
         }
-        this.syncQueries.updateClientInfo(client, client.info, ip).catch((e)=>this.logger.error(`${this.authenticate.name} - ${e}`));
+        this.syncQueries.updateClientInfo(client, client.info, ip).catch((e)=>this.logger.error({
+                tag: this.authenticate.name,
+                msg: `${e}`
+            }));
         const user = await this.usersManager.fromUserId(client.ownerId);
         if (!user) {
             throw new _common.HttpException('User does not exist', _common.HttpStatus.FORBIDDEN);
@@ -109,13 +130,19 @@ let SyncClientsManager = class SyncClientsManager {
             throw new _common.HttpException('Account suspended or not authorized', _common.HttpStatus.FORBIDDEN);
         }
         if (!user.havePermission(_user.USER_PERMISSION.DESKTOP_APP)) {
-            this.logger.warn(`${this.register.name} - does not have permission : ${_user.USER_PERMISSION.DESKTOP_APP}`);
+            this.logger.warn({
+                tag: this.authenticate.name,
+                msg: `does not have permission : ${_user.USER_PERMISSION.DESKTOP_APP}`
+            });
             throw new _common.HttpException('Missing permission', _common.HttpStatus.FORBIDDEN);
         }
         // set clientId
         user.clientId = client.id;
         // update accesses
-        this.usersManager.updateAccesses(user, ip, true).catch((e)=>this.logger.error(`${this.authenticate.name} - ${e}`));
+        this.usersManager.updateAccesses(user, ip, true).catch((e)=>this.logger.error({
+                tag: this.authenticate.name,
+                msg: `${e}`
+            }));
         let r;
         if (authType === _auth.CLIENT_AUTH_TYPE.COOKIE) {
             // used by the desktop app to perform the login setup using cookies
@@ -138,11 +165,17 @@ let SyncClientsManager = class SyncClientsManager {
         }
         const token = _nodecrypto.default.randomUUID();
         const expiration = (0, _shared.currentTimeStamp)() + (0, _functions.convertHumanTimeToSeconds)(_auth.CLIENT_TOKEN_EXPIRATION_TIME);
-        this.logger.log(`${this.renewTokenAndExpiration.name} - renew token for user *${owner.login}* and client *${client.id}*`);
+        this.logger.log({
+            tag: this.renewTokenAndExpiration.name,
+            msg: `renew token for user *${owner.login}* and client *${client.id}*`
+        });
         try {
             await this.syncQueries.renewClientTokenAndExpiration(client.id, token, expiration);
         } catch (e) {
-            this.logger.error(`${this.renewTokenAndExpiration.name} - unable to renew token for user *${owner.login}* and client *${client.id}* : ${e}`);
+            this.logger.error({
+                tag: this.renewTokenAndExpiration.name,
+                msg: `unable to renew token for user *${owner.login}* and client *${client.id}* : ${e}`
+            });
             throw new _common.HttpException('Unable to update client token', _common.HttpStatus.BAD_REQUEST);
         }
         return token;
@@ -151,14 +184,17 @@ let SyncClientsManager = class SyncClientsManager {
         try {
             await this.syncQueries.deleteClient(user.id, clientId);
         } catch (e) {
-            this.logger.error(`${this.deleteClient.name} - ${e}`);
+            this.logger.error({
+                tag: this.deleteClient.name,
+                msg: `${e}`
+            });
             throw new _common.HttpException('Unable to delete client', _common.HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
     async checkAppStore() {
         let manifest = null;
         if (_configenvironment.configuration.applications.appStore.repository === _store.APP_STORE_REPOSITORY.PUBLIC) {
-            const url = `${_store.APP_STORE_URL}/${_store.APP_STORE_MANIFEST_FILE}`;
+            const url = `${_shared.RELEASES_URL}/${_store.APP_STORE_MANIFEST_FILE}`;
             try {
                 const res = await this.http.axiosRef({
                     method: _applicationsconstants.HTTP_METHOD.GET,
@@ -167,12 +203,18 @@ let SyncClientsManager = class SyncClientsManager {
                 manifest = res.data;
                 manifest.repository = _store.APP_STORE_REPOSITORY.PUBLIC;
             } catch (e) {
-                this.logger.warn(`${this.checkAppStore.name} - unable to retrieve ${url} : ${e}`);
+                this.logger.warn({
+                    tag: this.checkAppStore.name,
+                    msg: `unable to retrieve ${url} : ${e}`
+                });
             }
         } else {
             const latestFile = _nodepath.default.join(_configconstants.STATIC_PATH, _store.APP_STORE_DIRNAME, _store.APP_STORE_MANIFEST_FILE);
             if (!await (0, _files.isPathExists)(latestFile)) {
-                this.logger.warn(`${this.checkAppStore.name} - ${latestFile} does not exist`);
+                this.logger.warn({
+                    tag: this.checkAppStore.name,
+                    msg: `${latestFile} does not exist`
+                });
             } else {
                 try {
                     manifest = JSON.parse(await _promises.default.readFile(latestFile, 'utf8'));
@@ -188,17 +230,39 @@ let SyncClientsManager = class SyncClientsManager {
                         }
                     }
                 } catch (e) {
-                    this.logger.error(`${this.checkAppStore.name} - ${latestFile} : ${e}`);
+                    this.logger.error({
+                        tag: this.checkAppStore.name,
+                        msg: `${latestFile} : ${e}`
+                    });
                 }
             }
         }
         return manifest;
     }
-    constructor(http, authManager, authMethod, authMethod2Fa, usersManager, syncQueries){
+    async getOrCreateClient(user, clientId, clientInfo, ip) {
+        try {
+            const token = await this.syncQueries.getOrCreateClient(user.id, clientId, clientInfo, ip);
+            this.logger.log({
+                tag: this.getOrCreateClient.name,
+                msg: `client *${clientInfo.type}* was registered for user *${user.login}* (${user.id})`
+            });
+            return {
+                clientId: clientId,
+                clientToken: token
+            };
+        } catch (e) {
+            this.logger.error({
+                tag: this.getOrCreateClient.name,
+                msg: `${e}`
+            });
+            throw new _common.HttpException('Error during the client registration', _common.HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+    constructor(http, authManager, authProvider, authProvider2FA, usersManager, syncQueries){
         this.http = http;
         this.authManager = authManager;
-        this.authMethod = authMethod;
-        this.authMethod2Fa = authMethod2Fa;
+        this.authProvider = authProvider;
+        this.authProvider2FA = authProvider2FA;
         this.usersManager = usersManager;
         this.syncQueries = syncQueries;
         this.logger = new _common.Logger(SyncClientsManager.name);
@@ -215,9 +279,9 @@ SyncClientsManager = _ts_decorate([
     _ts_metadata("design:type", Function),
     _ts_metadata("design:paramtypes", [
         typeof _axios.HttpService === "undefined" ? Object : _axios.HttpService,
-        typeof _authmanagerservice.AuthManager === "undefined" ? Object : _authmanagerservice.AuthManager,
-        typeof _authmethod.AuthMethod === "undefined" ? Object : _authmethod.AuthMethod,
-        typeof _authmethodtwofaservice.AuthMethod2FA === "undefined" ? Object : _authmethodtwofaservice.AuthMethod2FA,
+        typeof _authservice.AuthManager === "undefined" ? Object : _authservice.AuthManager,
+        typeof _authprovidersmodels.AuthProvider === "undefined" ? Object : _authprovidersmodels.AuthProvider,
+        typeof _authprovidertwofaservice.AuthProvider2FA === "undefined" ? Object : _authprovidertwofaservice.AuthProvider2FA,
         typeof _usersmanagerservice.UsersManager === "undefined" ? Object : _usersmanagerservice.UsersManager,
         typeof _syncqueriesservice.SyncQueries === "undefined" ? Object : _syncqueriesservice.SyncQueries
     ])

package/server/applications/sync/services/sync-clients-manager.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../../backend/src/applications/sync/services/sync-clients-manager.service.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n /\n\nimport { HttpService } from '@nestjs/axios'\nimport { HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { AxiosResponse } from 'axios'\nimport { FastifyReply } from 'fastify'\nimport crypto from 'node:crypto'\nimport fs from 'node:fs/promises'\nimport path from 'node:path'\nimport { AuthMethod } from '../../../authentication/models/auth-method'\nimport { AuthManager } from '../../../authentication/services/auth-manager.service'\nimport { AuthMethod2FA } from '../../../authentication/services/auth-methods/auth-method-two-fa.service'\nimport { convertHumanTimeToSeconds } from '../../../common/functions'\nimport { currentTimeStamp } from '../../../common/shared'\nimport { STATIC_PATH } from '../../../configuration/config.constants'\nimport { configuration } from '../../../configuration/config.environment'\nimport { CacheDecorator } from '../../../infrastructure/cache/cache.decorator'\nimport { HTTP_METHOD } from '../../applications.constants'\nimport { isPathExists } from '../../files/utils/files'\nimport { USER_PERMISSION } from '../../users/constants/user'\nimport { UserModel } from '../../users/models/user.model'\nimport { UsersManager } from '../../users/services/users-manager.service'\nimport { CLIENT_AUTH_TYPE, CLIENT_TOKEN_EXPIRATION_TIME, CLIENT_TOKEN_EXPIRED_ERROR, CLIENT_TOKEN_RENEW_TIME } from '../constants/auth'\nimport { APP_STORE_DIRNAME, APP_STORE_MANIFEST_FILE, APP_STORE_REPOSITORY, APP_STORE_URL } from '../constants/store'\nimport { SYNC_CLIENT_TYPE } from '../constants/sync'\nimport type { SyncClientAuthDto } from '../dtos/sync-client-auth.dto'\nimport type { SyncClientRegistrationDto } from '../dtos/sync-client-registration.dto'\nimport { AppStoreManifest } from '../interfaces/store-manifest.interface'\nimport { ClientAuthCookieDto, ClientAuthTokenDto } from '../interfaces/sync-client-auth.interface'\nimport { SyncClientPaths } from '../interfaces/sync-client-paths.interface'\nimport { SyncClient } from '../schemas/sync-client.interface'\nimport { SyncQueries } from './sync-queries.service'\n\n@Injectable()\nexport class SyncClientsManager {\n private readonly logger = new Logger(SyncClientsManager.name)\n\n constructor(\n private readonly http: HttpService,\n private readonly authManager: AuthManager,\n private readonly authMethod: AuthMethod,\n private readonly authMethod2Fa: AuthMethod2FA,\n private readonly usersManager: UsersManager,\n private readonly syncQueries: SyncQueries\n ) {}\n\n async register(clientRegistrationDto: SyncClientRegistrationDto, ip: string): Promise<{ clientToken: string }> {\n const user: UserModel = await this.authMethod.validateUser(clientRegistrationDto.login, clientRegistrationDto.password)\n if (!user) {\n this.logger.warn(`${this.register.name} - auth failed for user ${clientRegistrationDto.login}`)\n throw new HttpException('Wrong login or password', HttpStatus.UNAUTHORIZED)\n }\n if (!user.havePermission(USER_PERMISSION.DESKTOP_APP)) {\n this.logger.warn(`${this.register.name} - user ${user.login}* (${user.id}) does not have permission : ${USER_PERMISSION.DESKTOP_APP}`)\n throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n }\n if (configuration.auth.mfa.totp.enabled && user.twoFaEnabled) {\n if (!clientRegistrationDto.code) {\n this.logger.warn(`${this.register.name} - missing two-fa code for user ${user.login} (${user.id})`)\n throw new HttpException('Missing TWO-FA code', HttpStatus.UNAUTHORIZED)\n }\n const auth = this.authMethod2Fa.validateTwoFactorCode(clientRegistrationDto.code, user.secrets.twoFaSecret)\n if (!auth.success) {\n this.logger.warn(`${this.register.name} - wrong two-fa code for user ${user.login} (${user.id})`)\n this.usersManager.updateAccesses(user, ip, false).catch((e: Error) => this.logger.error(`${this.register.name} - ${e}`))\n throw new HttpException(auth.message, HttpStatus.UNAUTHORIZED)\n }\n }\n try {\n const token = await this.syncQueries.getOrCreateClient(user.id, clientRegistrationDto.clientId, clientRegistrationDto.info, ip)\n this.logger.log(`${this.register.name} - client ${clientRegistrationDto.info.type} was registered for user ${user.login} (${user.id})`)\n return { clientToken: token }\n } catch (e) {\n this.logger.error(`${this.register.name} - ${e}`)\n throw new HttpException('Error during the client registration', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n\n async unregister(user: UserModel): Promise<void> {\n try {\n await this.syncQueries.deleteClient(user.id, user.clientId)\n } catch (e) {\n this.logger.error(`${this.unregister.name} - ${e}`)\n throw new HttpException('Error during the removing of client registration', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n\n async authenticate(\n authType: CLIENT_AUTH_TYPE,\n syncClientAuthDto: SyncClientAuthDto,\n ip: string,\n res: FastifyReply\n ): Promise<ClientAuthTokenDto \| ClientAuthCookieDto> {\n const client = await this.syncQueries.getClient(syncClientAuthDto.clientId, null, syncClientAuthDto.token)\n if (!client) {\n throw new HttpException('Client is unknown', HttpStatus.FORBIDDEN)\n }\n if (!client.enabled) {\n throw new HttpException('Client is disabled', HttpStatus.FORBIDDEN)\n }\n if (currentTimeStamp() >= client.tokenExpiration) {\n throw new HttpException(CLIENT_TOKEN_EXPIRED_ERROR, HttpStatus.FORBIDDEN)\n }\n this.syncQueries.updateClientInfo(client, client.info, ip).catch((e: Error) => this.logger.error(`${this.authenticate.name} - ${e}`))\n const user: UserModel = await this.usersManager.fromUserId(client.ownerId)\n if (!user) {\n throw new HttpException('User does not exist', HttpStatus.FORBIDDEN)\n }\n if (!user.isActive) {\n throw new HttpException('Account suspended or not authorized', HttpStatus.FORBIDDEN)\n }\n if (!user.havePermission(USER_PERMISSION.DESKTOP_APP)) {\n this.logger.warn(`${this.register.name} - does not have permission : ${USER_PERMISSION.DESKTOP_APP}`)\n throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n }\n // set clientId\n user.clientId = client.id\n // update accesses\n this.usersManager.updateAccesses(user, ip, true).catch((e: Error) => this.logger.error(`${this.authenticate.name} - ${e}`))\n let r: ClientAuthTokenDto \| ClientAuthCookieDto\n if (authType === CLIENT_AUTH_TYPE.COOKIE) {\n // used by the desktop app to perform the login setup using cookies\n r = await this.authManager.setCookies(user, res)\n } else if (authType === CLIENT_AUTH_TYPE.TOKEN) {\n // used by the cli app and the sync core\n r = await this.authManager.getTokens(user)\n }\n // check if the client token must be updated\n r.client_token_update = await this.renewTokenAndExpiration(client, user)\n return r\n }\n\n getClients(user: UserModel): Promise<SyncClientPaths[]> {\n return this.syncQueries.getClients(user)\n }\n\n async renewTokenAndExpiration(client: SyncClient, owner: UserModel): Promise<string \| undefined> {\n if (currentTimeStamp() + convertHumanTimeToSeconds(CLIENT_TOKEN_RENEW_TIME) < client.tokenExpiration) {\n // client token expiration is not close enough\n return undefined\n }\n const token = crypto.randomUUID()\n const expiration = currentTimeStamp() + convertHumanTimeToSeconds(CLIENT_TOKEN_EXPIRATION_TIME)\n this.logger.log(`${this.renewTokenAndExpiration.name} - renew token for user ${owner.login} and client ${client.id}`)\n try {\n await this.syncQueries.renewClientTokenAndExpiration(client.id, token, expiration)\n } catch (e) {\n this.logger.error(`${this.renewTokenAndExpiration.name} - unable to renew token for user ${owner.login} and client ${client.id} : ${e}`)\n throw new HttpException('Unable to update client token', HttpStatus.BAD_REQUEST)\n }\n return token\n }\n\n async deleteClient(user: UserModel, clientId: string): Promise<void> {\n try {\n await this.syncQueries.deleteClient(user.id, clientId)\n } catch (e) {\n this.logger.error(`${this.deleteClient.name} - ${e}`)\n throw new HttpException('Unable to delete client', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n\n @CacheDecorator(3600)\n async checkAppStore(): Promise<AppStoreManifest> {\n let manifest: AppStoreManifest = null\n if (configuration.applications.appStore.repository === APP_STORE_REPOSITORY.PUBLIC) {\n const url = `${APP_STORE_URL}/${APP_STORE_MANIFEST_FILE}`\n try {\n const res: AxiosResponse = await this.http.axiosRef({\n method: HTTP_METHOD.GET,\n url: url\n })\n manifest = res.data\n manifest.repository = APP_STORE_REPOSITORY.PUBLIC\n } catch (e) {\n this.logger.warn(`${this.checkAppStore.name} - unable to retrieve ${url} : ${e}`)\n }\n } else {\n const latestFile = path.join(STATIC_PATH, APP_STORE_DIRNAME, APP_STORE_MANIFEST_FILE)\n if (!(await isPathExists(latestFile))) {\n this.logger.warn(`${this.checkAppStore.name} - ${latestFile} does not exist`)\n } else {\n try {\n manifest = JSON.parse(await fs.readFile(latestFile, 'utf8'))\n manifest.repository = APP_STORE_REPOSITORY.LOCAL\n // rewrite urls to local repository\n for (const [os, packages] of Object.entries(manifest.platform)) {\n for (const p of packages) {\n if (p.package.toLowerCase().startsWith(SYNC_CLIENT_TYPE.DESKTOP)) {\n p.url = `${APP_STORE_DIRNAME}/${SYNC_CLIENT_TYPE.DESKTOP}/${os}/${p.package}`\n } else {\n p.url = `${APP_STORE_DIRNAME}/${SYNC_CLIENT_TYPE.CLI}/${p.package}`\n }\n }\n }\n } catch (e) {\n this.logger.error(`${this.checkAppStore.name} - ${latestFile} : ${e}`)\n }\n }\n }\n return manifest\n }\n}\n"],"names":["SyncClientsManager","register","clientRegistrationDto","ip","user","authMethod","validateUser","login","password","logger","warn","name","HttpException","HttpStatus","UNAUTHORIZED","havePermission","USER_PERMISSION","DESKTOP_APP","id","FORBIDDEN","configuration","auth","mfa","totp","enabled","twoFaEnabled","code","authMethod2Fa","validateTwoFactorCode","secrets","twoFaSecret","success","usersManager","updateAccesses","catch","e","error","message","token","syncQueries","getOrCreateClient","clientId","info","log","type","clientToken","INTERNAL_SERVER_ERROR","unregister","deleteClient","authenticate","authType","syncClientAuthDto","res","client","getClient","currentTimeStamp","tokenExpiration","CLIENT_TOKEN_EXPIRED_ERROR","updateClientInfo","fromUserId","ownerId","isActive","r","CLIENT_AUTH_TYPE","COOKIE","authManager","setCookies","TOKEN","getTokens","client_token_update","renewTokenAndExpiration","getClients","owner","convertHumanTimeToSeconds","CLIENT_TOKEN_RENEW_TIME","undefined","crypto","randomUUID","expiration","CLIENT_TOKEN_EXPIRATION_TIME","renewClientTokenAndExpiration","BAD_REQUEST","checkAppStore","manifest","applications","appStore","repository","APP_STORE_REPOSITORY","PUBLIC","url","APP_STORE_URL","APP_STORE_MANIFEST_FILE","http","axiosRef","method","HTTP_METHOD","GET","data","latestFile","path","join","STATIC_PATH","APP_STORE_DIRNAME","isPathExists","JSON","parse","fs","readFile","LOCAL","os","packages","Object","entries","platform","p","package","toLowerCase","startsWith","SYNC_CLIENT_TYPE","DESKTOP","CLI","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAkCYA;;;eAAAA;;;uBAhCe;wBACkC;mEAG3C;iEACJ;iEACE;4BACU;oCACC;wCACE;2BACY;wBACT;iCACL;mCACE;gCACC;uCACH;uBACC;sBACG;qCAEH;sBACuF;uBACpB;sBAC/D;oCAOL;;;;;;;;;;;;;;;AAGrB,IAAA,AAAMA,qBAAN,MAAMA;IAYX,MAAMC,SAASC,qBAAgD,EAAEC,EAAU,EAAoC;QAC7G,MAAMC,OAAkB,MAAM,IAAI,CAACC,UAAU,CAACC,YAAY,CAACJ,sBAAsBK,KAAK,EAAEL,sBAAsBM,QAAQ;QACtH,IAAI,CAACJ,MAAM;YACT,IAAI,CAACK,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACT,QAAQ,CAACU,IAAI,CAAC,yBAAyB,EAAET,sBAAsBK,KAAK,CAAC,CAAC,CAAC;YAChG,MAAM,IAAIK,qBAAa,CAAC,2BAA2BC,kBAAU,CAACC,YAAY;QAC5E;QACA,IAAI,CAACV,KAAKW,cAAc,CAACC,qBAAe,CAACC,WAAW,GAAG;YACrD,IAAI,CAACR,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACT,QAAQ,CAACU,IAAI,CAAC,SAAS,EAAEP,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKc,EAAE,CAAC,6BAA6B,EAAEF,qBAAe,CAACC,WAAW,EAAE;YACtI,MAAM,IAAIL,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,IAAIC,gCAAa,CAACC,IAAI,CAACC,GAAG,CAACC,IAAI,CAACC,OAAO,IAAIpB,KAAKqB,YAAY,EAAE;YAC5D,IAAI,CAACvB,sBAAsBwB,IAAI,EAAE;gBAC/B,IAAI,CAACjB,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACT,QAAQ,CAACU,IAAI,CAAC,iCAAiC,EAAEP,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKc,EAAE,CAAC,CAAC,CAAC;gBACpG,MAAM,IAAIN,qBAAa,CAAC,uBAAuBC,kBAAU,CAACC,YAAY;YACxE;YACA,MAAMO,OAAO,IAAI,CAACM,aAAa,CAACC,qBAAqB,CAAC1B,sBAAsBwB,IAAI,EAAEtB,KAAKyB,OAAO,CAACC,WAAW;YAC1G,IAAI,CAACT,KAAKU,OAAO,EAAE;gBACjB,IAAI,CAACtB,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACT,QAAQ,CAACU,IAAI,CAAC,+BAA+B,EAAEP,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKc,EAAE,CAAC,CAAC,CAAC;gBAClG,IAAI,CAACc,YAAY,CAACC,cAAc,CAAC7B,MAAMD,IAAI,OAAO+B,KAAK,CAAC,CAACC,IAAa,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACnC,QAAQ,CAACU,IAAI,CAAC,GAAG,EAAEwB,GAAG;gBACtH,MAAM,IAAIvB,qBAAa,CAACS,KAAKgB,OAAO,EAAExB,kBAAU,CAACC,YAAY;YAC/D;QACF;QACA,IAAI;YACF,MAAMwB,QAAQ,MAAM,IAAI,CAACC,WAAW,CAACC,iBAAiB,CAACpC,KAAKc,EAAE,EAAEhB,sBAAsBuC,QAAQ,EAAEvC,sBAAsBwC,IAAI,EAAEvC;YAC5H,IAAI,CAACM,MAAM,CAACkC,GAAG,CAAC,GAAG,IAAI,CAAC1C,QAAQ,CAACU,IAAI,CAAC,WAAW,EAAET,sBAAsBwC,IAAI,CAACE,IAAI,CAAC,2BAA2B,EAAExC,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKc,EAAE,CAAC,CAAC,CAAC;YAC1I,OAAO;gBAAE2B,aAAaP;YAAM;QAC9B,EAAE,OAAOH,GAAG;YACV,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACnC,QAAQ,CAACU,IAAI,CAAC,GAAG,EAAEwB,GAAG;YAChD,MAAM,IAAIvB,qBAAa,CAAC,wCAAwCC,kBAAU,CAACiC,qBAAqB;QAClG;IACF;IAEA,MAAMC,WAAW3C,IAAe,EAAiB;QAC/C,IAAI;YACF,MAAM,IAAI,CAACmC,WAAW,CAACS,YAAY,CAAC5C,KAAKc,EAAE,EAAEd,KAAKqC,QAAQ;QAC5D,EAAE,OAAON,GAAG;YACV,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACW,UAAU,CAACpC,IAAI,CAAC,GAAG,EAAEwB,GAAG;YAClD,MAAM,IAAIvB,qBAAa,CAAC,oDAAoDC,kBAAU,CAACiC,qBAAqB;QAC9G;IACF;IAEA,MAAMG,aACJC,QAA0B,EAC1BC,iBAAoC,EACpChD,EAAU,EACViD,GAAiB,EACkC;QACnD,MAAMC,SAAS,MAAM,IAAI,CAACd,WAAW,CAACe,SAAS,CAACH,kBAAkBV,QAAQ,EAAE,MAAMU,kBAAkBb,KAAK;QACzG,IAAI,CAACe,QAAQ;YACX,MAAM,IAAIzC,qBAAa,CAAC,qBAAqBC,kBAAU,CAACM,SAAS;QACnE;QACA,IAAI,CAACkC,OAAO7B,OAAO,EAAE;YACnB,MAAM,IAAIZ,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,IAAIoC,IAAAA,wBAAgB,OAAMF,OAAOG,eAAe,EAAE;YAChD,MAAM,IAAI5C,qBAAa,CAAC6C,gCAA0B,EAAE5C,kBAAU,CAACM,SAAS;QAC1E;QACA,IAAI,CAACoB,WAAW,CAACmB,gBAAgB,CAACL,QAAQA,OAAOX,IAAI,EAAEvC,IAAI+B,KAAK,CAAC,CAACC,IAAa,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACa,YAAY,CAACtC,IAAI,CAAC,GAAG,EAAEwB,GAAG;QACnI,MAAM/B,OAAkB,MAAM,IAAI,CAAC4B,YAAY,CAAC2B,UAAU,CAACN,OAAOO,OAAO;QACzE,IAAI,CAACxD,MAAM;YACT,MAAM,IAAIQ,qBAAa,CAAC,uBAAuBC,kBAAU,CAACM,SAAS;QACrE;QACA,IAAI,CAACf,KAAKyD,QAAQ,EAAE;YAClB,MAAM,IAAIjD,qBAAa,CAAC,uCAAuCC,kBAAU,CAACM,SAAS;QACrF;QACA,IAAI,CAACf,KAAKW,cAAc,CAACC,qBAAe,CAACC,WAAW,GAAG;YACrD,IAAI,CAACR,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACT,QAAQ,CAACU,IAAI,CAAC,8BAA8B,EAAEK,qBAAe,CAACC,WAAW,EAAE;YACpG,MAAM,IAAIL,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,eAAe;QACff,KAAKqC,QAAQ,GAAGY,OAAOnC,EAAE;QACzB,kBAAkB;QAClB,IAAI,CAACc,YAAY,CAACC,cAAc,CAAC7B,MAAMD,IAAI,MAAM+B,KAAK,CAAC,CAACC,IAAa,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACa,YAAY,CAACtC,IAAI,CAAC,GAAG,EAAEwB,GAAG;QACzH,IAAI2B;QACJ,IAAIZ,aAAaa,sBAAgB,CAACC,MAAM,EAAE;YACxC,mEAAmE;YACnEF,IAAI,MAAM,IAAI,CAACG,WAAW,CAACC,UAAU,CAAC9D,MAAMgD;QAC9C,OAAO,IAAIF,aAAaa,sBAAgB,CAACI,KAAK,EAAE;YAC9C,wCAAwC;YACxCL,IAAI,MAAM,IAAI,CAACG,WAAW,CAACG,SAAS,CAAChE;QACvC;QACA,4CAA4C;QAC5C0D,EAAEO,mBAAmB,GAAG,MAAM,IAAI,CAACC,uBAAuB,CAACjB,QAAQjD;QACnE,OAAO0D;IACT;IAEAS,WAAWnE,IAAe,EAA8B;QACtD,OAAO,IAAI,CAACmC,WAAW,CAACgC,UAAU,CAACnE;IACrC;IAEA,MAAMkE,wBAAwBjB,MAAkB,EAAEmB,KAAgB,EAA+B;QAC/F,IAAIjB,IAAAA,wBAAgB,MAAKkB,IAAAA,oCAAyB,EAACC,6BAAuB,IAAIrB,OAAOG,eAAe,EAAE;YACpG,8CAA8C;YAC9C,OAAOmB;QACT;QACA,MAAMrC,QAAQsC,mBAAM,CAACC,UAAU;QAC/B,MAAMC,aAAavB,IAAAA,wBAAgB,MAAKkB,IAAAA,oCAAyB,EAACM,kCAA4B;QAC9F,IAAI,CAACtE,MAAM,CAACkC,GAAG,CAAC,GAAG,IAAI,CAAC2B,uBAAuB,CAAC3D,IAAI,CAAC,yBAAyB,EAAE6D,MAAMjE,KAAK,CAAC,cAAc,EAAE8C,OAAOnC,EAAE,CAAC,CAAC,CAAC;QACxH,IAAI;YACF,MAAM,IAAI,CAACqB,WAAW,CAACyC,6BAA6B,CAAC3B,OAAOnC,EAAE,EAAEoB,OAAOwC;QACzE,EAAE,OAAO3C,GAAG;YACV,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACkC,uBAAuB,CAAC3D,IAAI,CAAC,mCAAmC,EAAE6D,MAAMjE,KAAK,CAAC,cAAc,EAAE8C,OAAOnC,EAAE,CAAC,IAAI,EAAEiB,GAAG;YAC3I,MAAM,IAAIvB,qBAAa,CAAC,iCAAiCC,kBAAU,CAACoE,WAAW;QACjF;QACA,OAAO3C;IACT;IAEA,MAAMU,aAAa5C,IAAe,EAAEqC,QAAgB,EAAiB;QACnE,IAAI;YACF,MAAM,IAAI,CAACF,WAAW,CAACS,YAAY,CAAC5C,KAAKc,EAAE,EAAEuB;QAC/C,EAAE,OAAON,GAAG;YACV,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAACY,YAAY,CAACrC,IAAI,CAAC,GAAG,EAAEwB,GAAG;YACpD,MAAM,IAAIvB,qBAAa,CAAC,2BAA2BC,kBAAU,CAACiC,qBAAqB;QACrF;IACF;IAEA,MACMoC,gBAA2C;QAC/C,IAAIC,WAA6B;QACjC,IAAI/D,gCAAa,CAACgE,YAAY,CAACC,QAAQ,CAACC,UAAU,KAAKC,2BAAoB,CAACC,MAAM,EAAE;YAClF,MAAMC,MAAM,GAAGC,oBAAa,CAAC,CAAC,EAAEC,8BAAuB,EAAE;YACzD,IAAI;gBACF,MAAMvC,MAAqB,MAAM,IAAI,CAACwC,IAAI,CAACC,QAAQ,CAAC;oBAClDC,QAAQC,kCAAW,CAACC,GAAG;oBACvBP,KAAKA;gBACP;gBACAN,WAAW/B,IAAI6C,IAAI;gBACnBd,SAASG,UAAU,GAAGC,2BAAoB,CAACC,MAAM;YACnD,EAAE,OAAOrD,GAAG;gBACV,IAAI,CAAC1B,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACwE,aAAa,CAACvE,IAAI,CAAC,sBAAsB,EAAE8E,IAAI,GAAG,EAAEtD,GAAG;YAClF;QACF,OAAO;YACL,MAAM+D,aAAaC,iBAAI,CAACC,IAAI,CAACC,4BAAW,EAAEC,wBAAiB,EAAEX,8BAAuB;YACpF,IAAI,CAAE,MAAMY,IAAAA,mBAAY,EAACL,aAAc;gBACrC,IAAI,CAACzF,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACwE,aAAa,CAACvE,IAAI,CAAC,GAAG,EAAEuF,WAAW,eAAe,CAAC;YAC9E,OAAO;gBACL,IAAI;oBACFf,WAAWqB,KAAKC,KAAK,CAAC,MAAMC,iBAAE,CAACC,QAAQ,CAACT,YAAY;oBACpDf,SAASG,UAAU,GAAGC,2BAAoB,CAACqB,KAAK;oBAChD,mCAAmC;oBACnC,KAAK,MAAM,CAACC,IAAIC,SAAS,IAAIC,OAAOC,OAAO,CAAC7B,SAAS8B,QAAQ,EAAG;wBAC9D,KAAK,MAAMC,KAAKJ,SAAU;4BACxB,IAAII,EAAEC,OAAO,CAACC,WAAW,GAAGC,UAAU,CAACC,sBAAgB,CAACC,OAAO,GAAG;gCAChEL,EAAEzB,GAAG,GAAG,GAAGa,wBAAiB,CAAC,CAAC,EAAEgB,sBAAgB,CAACC,OAAO,CAAC,CAAC,EAAEV,GAAG,CAAC,EAAEK,EAAEC,OAAO,EAAE;4BAC/E,OAAO;gCACLD,EAAEzB,GAAG,GAAG,GAAGa,wBAAiB,CAAC,CAAC,EAAEgB,sBAAgB,CAACE,GAAG,CAAC,CAAC,EAAEN,EAAEC,OAAO,EAAE;4BACrE;wBACF;oBACF;gBACF,EAAE,OAAOhF,GAAG;oBACV,IAAI,CAAC1B,MAAM,CAAC2B,KAAK,CAAC,GAAG,IAAI,CAAC8C,aAAa,CAACvE,IAAI,CAAC,GAAG,EAAEuF,WAAW,GAAG,EAAE/D,GAAG;gBACvE;YACF;QACF;QACA,OAAOgD;IACT;IApKA,YACE,AAAiBS,IAAiB,EAClC,AAAiB3B,WAAwB,EACzC,AAAiB5D,UAAsB,EACvC,AAAiBsB,aAA4B,EAC7C,AAAiBK,YAA0B,EAC3C,AAAiBO,WAAwB,CACzC;aANiBqD,OAAAA;aACA3B,cAAAA;aACA5D,aAAAA;aACAsB,gBAAAA;aACAK,eAAAA;aACAO,cAAAA;aARF9B,SAAS,IAAIgH,cAAM,CAACzH,mBAAmBW,IAAI;IASzD;AA8JL"}
1	+ {"version":3,"sources":["../../../../../backend/src/applications/sync/services/sync-clients-manager.service.ts"],"sourcesContent":["import { HttpService } from '@nestjs/axios'\nimport { HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { AxiosResponse } from 'axios'\nimport { FastifyReply } from 'fastify'\nimport crypto from 'node:crypto'\nimport fs from 'node:fs/promises'\nimport path from 'node:path'\nimport { AuthManager } from '../../../authentication/auth.service'\nimport { AUTH_SCOPE } from '../../../authentication/constants/scope'\nimport { FastifyAuthenticatedRequest } from '../../../authentication/interfaces/auth-request.interface'\nimport { AuthProvider } from '../../../authentication/providers/auth-providers.models'\nimport { AuthProvider2FA } from '../../../authentication/providers/two-fa/auth-provider-two-fa.service'\nimport { convertHumanTimeToSeconds } from '../../../common/functions'\nimport { currentTimeStamp, RELEASES_URL } from '../../../common/shared'\nimport { STATIC_PATH } from '../../../configuration/config.constants'\nimport { configuration } from '../../../configuration/config.environment'\nimport { CacheDecorator } from '../../../infrastructure/cache/cache.decorator'\nimport { HTTP_METHOD } from '../../applications.constants'\nimport { isPathExists } from '../../files/utils/files'\nimport { USER_PERMISSION } from '../../users/constants/user'\nimport { UserModel } from '../../users/models/user.model'\nimport { UsersManager } from '../../users/services/users-manager.service'\nimport { CLIENT_AUTH_TYPE, CLIENT_TOKEN_EXPIRATION_TIME, CLIENT_TOKEN_EXPIRED_ERROR, CLIENT_TOKEN_RENEW_TIME } from '../constants/auth'\nimport { APP_STORE_DIRNAME, APP_STORE_MANIFEST_FILE, APP_STORE_REPOSITORY } from '../constants/store'\nimport { SYNC_CLIENT_TYPE } from '../constants/sync'\nimport type { SyncClientAuthDto } from '../dtos/sync-client-auth.dto'\nimport { SyncClientAuthRegistrationDto, SyncClientRegistrationDto } from '../dtos/sync-client-registration.dto'\nimport { AppStoreManifest } from '../interfaces/store-manifest.interface'\nimport { SyncClientAuthCookie, SyncClientAuthRegistration, SyncClientAuthToken } from '../interfaces/sync-client-auth.interface'\nimport { SyncClientPaths } from '../interfaces/sync-client-paths.interface'\nimport { SyncClientInfo } from '../interfaces/sync-client.interface'\nimport { SyncClient } from '../schemas/sync-client.interface'\nimport { SyncQueries } from './sync-queries.service'\n\n@Injectable()\nexport class SyncClientsManager {\n private readonly logger = new Logger(SyncClientsManager.name)\n\n constructor(\n private readonly http: HttpService,\n private readonly authManager: AuthManager,\n private readonly authProvider: AuthProvider,\n private readonly authProvider2FA: AuthProvider2FA,\n private readonly usersManager: UsersManager,\n private readonly syncQueries: SyncQueries\n ) {}\n\n async register(clientRegistrationDto: SyncClientRegistrationDto, ip: string): Promise<SyncClientAuthRegistration> {\n const user: UserModel = await this.authProvider.validateUser(clientRegistrationDto.login, clientRegistrationDto.password, ip, AUTH_SCOPE.CLIENT)\n if (!user) {\n this.logger.warn({ tag: this.register.name, msg: `auth failed for user ${clientRegistrationDto.login}` })\n throw new HttpException('Wrong login or password', HttpStatus.UNAUTHORIZED)\n }\n if (!user.havePermission(USER_PERMISSION.DESKTOP_APP)) {\n this.logger.warn({\n tag: this.register.name,\n msg: `user ${user.login} (${user.id}) does not have permission : ${USER_PERMISSION.DESKTOP_APP}`\n })\n throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n }\n if (configuration.auth.mfa.totp.enabled && user.twoFaEnabled) {\n // Checking TOTP code and recovery code\n if (!clientRegistrationDto.code) {\n this.logger.warn({ tag: this.register.name, msg: `missing two-fa code for user ${user.login} (${user.id})` })\n throw new HttpException('Missing TWO-FA code', HttpStatus.UNAUTHORIZED)\n }\n const authCode = this.authProvider2FA.validateTwoFactorCode(clientRegistrationDto.code, user.secrets.twoFaSecret)\n if (!authCode.success) {\n this.logger.warn({ tag: this.register.name, msg: `two-fa code for ${user.login} (${user.id}) - ${authCode.message}` })\n const authRCode = await this.authProvider2FA.validateRecoveryCode(user.id, clientRegistrationDto.code, user.secrets.recoveryCodes)\n if (!authRCode.success) {\n this.logger.warn({ tag: this.register.name, msg: `two-fa recovery code for ${user.login} (${user.id}) - ${authRCode.message}` })\n this.usersManager.updateAccesses(user, ip, false).catch((e: Error) => this.logger.error({ tag: this.register.name, msg: `${e}` }))\n throw new HttpException(authCode.message, HttpStatus.UNAUTHORIZED)\n }\n }\n }\n return this.getOrCreateClient(user, clientRegistrationDto.clientId, clientRegistrationDto.info, ip)\n }\n\n async registerWithAuth(\n clientAuthenticatedRegistrationDto: SyncClientAuthRegistrationDto,\n req: FastifyAuthenticatedRequest\n ): Promise<SyncClientAuthRegistration> {\n const clientId = clientAuthenticatedRegistrationDto.clientId \|\| crypto.randomUUID()\n return this.getOrCreateClient(req.user, clientId, clientAuthenticatedRegistrationDto.info, req.ip)\n }\n\n async unregister(user: UserModel): Promise<void> {\n try {\n await this.syncQueries.deleteClient(user.id, user.clientId)\n } catch (e) {\n this.logger.error({ tag: this.unregister.name, msg: `${e}` })\n throw new HttpException('Error during the removing of client registration', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n\n async authenticate(\n authType: CLIENT_AUTH_TYPE,\n syncClientAuthDto: SyncClientAuthDto,\n ip: string,\n res: FastifyReply\n ): Promise<SyncClientAuthToken \| SyncClientAuthCookie> {\n const client = await this.syncQueries.getClient(syncClientAuthDto.clientId, null, syncClientAuthDto.token)\n if (!client) {\n throw new HttpException('Client is unknown', HttpStatus.FORBIDDEN)\n }\n if (!client.enabled) {\n throw new HttpException('Client is disabled', HttpStatus.FORBIDDEN)\n }\n if (currentTimeStamp() >= client.tokenExpiration) {\n throw new HttpException(CLIENT_TOKEN_EXPIRED_ERROR, HttpStatus.FORBIDDEN)\n }\n this.syncQueries.updateClientInfo(client, client.info, ip).catch((e: Error) => this.logger.error({ tag: this.authenticate.name, msg: `${e}` }))\n const user: UserModel = await this.usersManager.fromUserId(client.ownerId)\n if (!user) {\n throw new HttpException('User does not exist', HttpStatus.FORBIDDEN)\n }\n if (!user.isActive) {\n throw new HttpException('Account suspended or not authorized', HttpStatus.FORBIDDEN)\n }\n if (!user.havePermission(USER_PERMISSION.DESKTOP_APP)) {\n this.logger.warn({ tag: this.authenticate.name, msg: `does not have permission : ${USER_PERMISSION.DESKTOP_APP}` })\n throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n }\n // set clientId\n user.clientId = client.id\n // update accesses\n this.usersManager.updateAccesses(user, ip, true).catch((e: Error) => this.logger.error({ tag: this.authenticate.name, msg: `${e}` }))\n let r: SyncClientAuthToken \| SyncClientAuthCookie\n if (authType === CLIENT_AUTH_TYPE.COOKIE) {\n // used by the desktop app to perform the login setup using cookies\n r = await this.authManager.setCookies(user, res)\n } else if (authType === CLIENT_AUTH_TYPE.TOKEN) {\n // used by the cli app and the sync core\n r = await this.authManager.getTokens(user)\n }\n // check if the client token must be updated\n r.client_token_update = await this.renewTokenAndExpiration(client, user)\n return r\n }\n\n getClients(user: UserModel): Promise<SyncClientPaths[]> {\n return this.syncQueries.getClients(user)\n }\n\n async renewTokenAndExpiration(client: SyncClient, owner: UserModel): Promise<string \| undefined> {\n if (currentTimeStamp() + convertHumanTimeToSeconds(CLIENT_TOKEN_RENEW_TIME) < client.tokenExpiration) {\n // client token expiration is not close enough\n return undefined\n }\n const token = crypto.randomUUID()\n const expiration = currentTimeStamp() + convertHumanTimeToSeconds(CLIENT_TOKEN_EXPIRATION_TIME)\n this.logger.log({ tag: this.renewTokenAndExpiration.name, msg: `renew token for user ${owner.login} and client ${client.id}` })\n try {\n await this.syncQueries.renewClientTokenAndExpiration(client.id, token, expiration)\n } catch (e) {\n this.logger.error({\n tag: this.renewTokenAndExpiration.name,\n msg: `unable to renew token for user ${owner.login} and client ${client.id} : ${e}`\n })\n throw new HttpException('Unable to update client token', HttpStatus.BAD_REQUEST)\n }\n return token\n }\n\n async deleteClient(user: UserModel, clientId: string): Promise<void> {\n try {\n await this.syncQueries.deleteClient(user.id, clientId)\n } catch (e) {\n this.logger.error({ tag: this.deleteClient.name, msg: `${e}` })\n throw new HttpException('Unable to delete client', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n\n @CacheDecorator(3600)\n async checkAppStore(): Promise<AppStoreManifest> {\n let manifest: AppStoreManifest = null\n if (configuration.applications.appStore.repository === APP_STORE_REPOSITORY.PUBLIC) {\n const url = `${RELEASES_URL}/${APP_STORE_MANIFEST_FILE}`\n try {\n const res: AxiosResponse = await this.http.axiosRef({\n method: HTTP_METHOD.GET,\n url: url\n })\n manifest = res.data\n manifest.repository = APP_STORE_REPOSITORY.PUBLIC\n } catch (e) {\n this.logger.warn({ tag: this.checkAppStore.name, msg: `unable to retrieve ${url} : ${e}` })\n }\n } else {\n const latestFile = path.join(STATIC_PATH, APP_STORE_DIRNAME, APP_STORE_MANIFEST_FILE)\n if (!(await isPathExists(latestFile))) {\n this.logger.warn({ tag: this.checkAppStore.name, msg: `${latestFile} does not exist` })\n } else {\n try {\n manifest = JSON.parse(await fs.readFile(latestFile, 'utf8'))\n manifest.repository = APP_STORE_REPOSITORY.LOCAL\n // rewrite urls to local repository\n for (const [os, packages] of Object.entries(manifest.platform)) {\n for (const p of packages) {\n if (p.package.toLowerCase().startsWith(SYNC_CLIENT_TYPE.DESKTOP)) {\n p.url = `${APP_STORE_DIRNAME}/${SYNC_CLIENT_TYPE.DESKTOP}/${os}/${p.package}`\n } else {\n p.url = `${APP_STORE_DIRNAME}/${SYNC_CLIENT_TYPE.CLI}/${p.package}`\n }\n }\n }\n } catch (e) {\n this.logger.error({ tag: this.checkAppStore.name, msg: `${latestFile} : ${e}` })\n }\n }\n }\n return manifest\n }\n\n private async getOrCreateClient(user: UserModel, clientId: string, clientInfo: SyncClientInfo, ip: string): Promise<SyncClientAuthRegistration> {\n try {\n const token = await this.syncQueries.getOrCreateClient(user.id, clientId, clientInfo, ip)\n this.logger.log({ tag: this.getOrCreateClient.name, msg: `client ${clientInfo.type} was registered for user ${user.login} (${user.id})` })\n return { clientId: clientId, clientToken: token } satisfies SyncClientAuthRegistration\n } catch (e) {\n this.logger.error({ tag: this.getOrCreateClient.name, msg: `${e}` })\n throw new HttpException('Error during the client registration', HttpStatus.INTERNAL_SERVER_ERROR)\n }\n }\n}\n"],"names":["SyncClientsManager","register","clientRegistrationDto","ip","user","authProvider","validateUser","login","password","AUTH_SCOPE","CLIENT","logger","warn","tag","name","msg","HttpException","HttpStatus","UNAUTHORIZED","havePermission","USER_PERMISSION","DESKTOP_APP","id","FORBIDDEN","configuration","auth","mfa","totp","enabled","twoFaEnabled","code","authCode","authProvider2FA","validateTwoFactorCode","secrets","twoFaSecret","success","message","authRCode","validateRecoveryCode","recoveryCodes","usersManager","updateAccesses","catch","e","error","getOrCreateClient","clientId","info","registerWithAuth","clientAuthenticatedRegistrationDto","req","crypto","randomUUID","unregister","syncQueries","deleteClient","INTERNAL_SERVER_ERROR","authenticate","authType","syncClientAuthDto","res","client","getClient","token","currentTimeStamp","tokenExpiration","CLIENT_TOKEN_EXPIRED_ERROR","updateClientInfo","fromUserId","ownerId","isActive","r","CLIENT_AUTH_TYPE","COOKIE","authManager","setCookies","TOKEN","getTokens","client_token_update","renewTokenAndExpiration","getClients","owner","convertHumanTimeToSeconds","CLIENT_TOKEN_RENEW_TIME","undefined","expiration","CLIENT_TOKEN_EXPIRATION_TIME","log","renewClientTokenAndExpiration","BAD_REQUEST","checkAppStore","manifest","applications","appStore","repository","APP_STORE_REPOSITORY","PUBLIC","url","RELEASES_URL","APP_STORE_MANIFEST_FILE","http","axiosRef","method","HTTP_METHOD","GET","data","latestFile","path","join","STATIC_PATH","APP_STORE_DIRNAME","isPathExists","JSON","parse","fs","readFile","LOCAL","os","packages","Object","entries","platform","p","package","toLowerCase","startsWith","SYNC_CLIENT_TYPE","DESKTOP","CLI","clientInfo","type","clientToken","Logger"],"mappings":";;;;+BAmCaA;;;eAAAA;;;uBAnCe;wBACkC;mEAG3C;iEACJ;iEACE;6BACW;uBACD;qCAEE;0CACG;2BACU;wBACK;iCACnB;mCACE;gCACC;uCACH;uBACC;sBACG;qCAEH;sBACuF;uBACnC;sBAChD;oCAQL;;;;;;;;;;;;;;;AAGrB,IAAA,AAAMA,qBAAN,MAAMA;IAYX,MAAMC,SAASC,qBAAgD,EAAEC,EAAU,EAAuC;QAChH,MAAMC,OAAkB,MAAM,IAAI,CAACC,YAAY,CAACC,YAAY,CAACJ,sBAAsBK,KAAK,EAAEL,sBAAsBM,QAAQ,EAAEL,IAAIM,iBAAU,CAACC,MAAM;QAC/I,IAAI,CAACN,MAAM;YACT,IAAI,CAACO,MAAM,CAACC,IAAI,CAAC;gBAAEC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;gBAAEC,KAAK,CAAC,sBAAsB,EAAEb,sBAAsBK,KAAK,CAAC,CAAC,CAAC;YAAC;YACzG,MAAM,IAAIS,qBAAa,CAAC,2BAA2BC,kBAAU,CAACC,YAAY;QAC5E;QACA,IAAI,CAACd,KAAKe,cAAc,CAACC,qBAAe,CAACC,WAAW,GAAG;YACrD,IAAI,CAACV,MAAM,CAACC,IAAI,CAAC;gBACfC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;gBACvBC,KAAK,CAAC,MAAM,EAAEX,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKkB,EAAE,CAAC,6BAA6B,EAAEF,qBAAe,CAACC,WAAW,EAAE;YACpG;YACA,MAAM,IAAIL,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,IAAIC,gCAAa,CAACC,IAAI,CAACC,GAAG,CAACC,IAAI,CAACC,OAAO,IAAIxB,KAAKyB,YAAY,EAAE;YAC5D,uCAAuC;YACvC,IAAI,CAAC3B,sBAAsB4B,IAAI,EAAE;gBAC/B,IAAI,CAACnB,MAAM,CAACC,IAAI,CAAC;oBAAEC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;oBAAEC,KAAK,CAAC,8BAA8B,EAAEX,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKkB,EAAE,CAAC,CAAC,CAAC;gBAAC;gBAC7G,MAAM,IAAIN,qBAAa,CAAC,uBAAuBC,kBAAU,CAACC,YAAY;YACxE;YACA,MAAMa,WAAW,IAAI,CAACC,eAAe,CAACC,qBAAqB,CAAC/B,sBAAsB4B,IAAI,EAAE1B,KAAK8B,OAAO,CAACC,WAAW;YAChH,IAAI,CAACJ,SAASK,OAAO,EAAE;gBACrB,IAAI,CAACzB,MAAM,CAACC,IAAI,CAAC;oBAAEC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;oBAAEC,KAAK,CAAC,iBAAiB,EAAEX,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKkB,EAAE,CAAC,IAAI,EAAES,SAASM,OAAO,EAAE;gBAAC;gBACtH,MAAMC,YAAY,MAAM,IAAI,CAACN,eAAe,CAACO,oBAAoB,CAACnC,KAAKkB,EAAE,EAAEpB,sBAAsB4B,IAAI,EAAE1B,KAAK8B,OAAO,CAACM,aAAa;gBACjI,IAAI,CAACF,UAAUF,OAAO,EAAE;oBACtB,IAAI,CAACzB,MAAM,CAACC,IAAI,CAAC;wBAAEC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;wBAAEC,KAAK,CAAC,0BAA0B,EAAEX,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKkB,EAAE,CAAC,IAAI,EAAEgB,UAAUD,OAAO,EAAE;oBAAC;oBAChI,IAAI,CAACI,YAAY,CAACC,cAAc,CAACtC,MAAMD,IAAI,OAAOwC,KAAK,CAAC,CAACC,IAAa,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;4BAAEhC,KAAK,IAAI,CAACZ,QAAQ,CAACa,IAAI;4BAAEC,KAAK,GAAG6B,GAAG;wBAAC;oBAC/H,MAAM,IAAI5B,qBAAa,CAACe,SAASM,OAAO,EAAEpB,kBAAU,CAACC,YAAY;gBACnE;YACF;QACF;QACA,OAAO,IAAI,CAAC4B,iBAAiB,CAAC1C,MAAMF,sBAAsB6C,QAAQ,EAAE7C,sBAAsB8C,IAAI,EAAE7C;IAClG;IAEA,MAAM8C,iBACJC,kCAAiE,EACjEC,GAAgC,EACK;QACrC,MAAMJ,WAAWG,mCAAmCH,QAAQ,IAAIK,mBAAM,CAACC,UAAU;QACjF,OAAO,IAAI,CAACP,iBAAiB,CAACK,IAAI/C,IAAI,EAAE2C,UAAUG,mCAAmCF,IAAI,EAAEG,IAAIhD,EAAE;IACnG;IAEA,MAAMmD,WAAWlD,IAAe,EAAiB;QAC/C,IAAI;YACF,MAAM,IAAI,CAACmD,WAAW,CAACC,YAAY,CAACpD,KAAKkB,EAAE,EAAElB,KAAK2C,QAAQ;QAC5D,EAAE,OAAOH,GAAG;YACV,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAAEhC,KAAK,IAAI,CAACyC,UAAU,CAACxC,IAAI;gBAAEC,KAAK,GAAG6B,GAAG;YAAC;YAC3D,MAAM,IAAI5B,qBAAa,CAAC,oDAAoDC,kBAAU,CAACwC,qBAAqB;QAC9G;IACF;IAEA,MAAMC,aACJC,QAA0B,EAC1BC,iBAAoC,EACpCzD,EAAU,EACV0D,GAAiB,EACoC;QACrD,MAAMC,SAAS,MAAM,IAAI,CAACP,WAAW,CAACQ,SAAS,CAACH,kBAAkBb,QAAQ,EAAE,MAAMa,kBAAkBI,KAAK;QACzG,IAAI,CAACF,QAAQ;YACX,MAAM,IAAI9C,qBAAa,CAAC,qBAAqBC,kBAAU,CAACM,SAAS;QACnE;QACA,IAAI,CAACuC,OAAOlC,OAAO,EAAE;YACnB,MAAM,IAAIZ,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,IAAI0C,IAAAA,wBAAgB,OAAMH,OAAOI,eAAe,EAAE;YAChD,MAAM,IAAIlD,qBAAa,CAACmD,gCAA0B,EAAElD,kBAAU,CAACM,SAAS;QAC1E;QACA,IAAI,CAACgC,WAAW,CAACa,gBAAgB,CAACN,QAAQA,OAAOd,IAAI,EAAE7C,IAAIwC,KAAK,CAAC,CAACC,IAAa,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAAEhC,KAAK,IAAI,CAAC6C,YAAY,CAAC5C,IAAI;gBAAEC,KAAK,GAAG6B,GAAG;YAAC;QAC5I,MAAMxC,OAAkB,MAAM,IAAI,CAACqC,YAAY,CAAC4B,UAAU,CAACP,OAAOQ,OAAO;QACzE,IAAI,CAAClE,MAAM;YACT,MAAM,IAAIY,qBAAa,CAAC,uBAAuBC,kBAAU,CAACM,SAAS;QACrE;QACA,IAAI,CAACnB,KAAKmE,QAAQ,EAAE;YAClB,MAAM,IAAIvD,qBAAa,CAAC,uCAAuCC,kBAAU,CAACM,SAAS;QACrF;QACA,IAAI,CAACnB,KAAKe,cAAc,CAACC,qBAAe,CAACC,WAAW,GAAG;YACrD,IAAI,CAACV,MAAM,CAACC,IAAI,CAAC;gBAAEC,KAAK,IAAI,CAAC6C,YAAY,CAAC5C,IAAI;gBAAEC,KAAK,CAAC,2BAA2B,EAAEK,qBAAe,CAACC,WAAW,EAAE;YAAC;YACjH,MAAM,IAAIL,qBAAa,CAAC,sBAAsBC,kBAAU,CAACM,SAAS;QACpE;QACA,eAAe;QACfnB,KAAK2C,QAAQ,GAAGe,OAAOxC,EAAE;QACzB,kBAAkB;QAClB,IAAI,CAACmB,YAAY,CAACC,cAAc,CAACtC,MAAMD,IAAI,MAAMwC,KAAK,CAAC,CAACC,IAAa,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAAEhC,KAAK,IAAI,CAAC6C,YAAY,CAAC5C,IAAI;gBAAEC,KAAK,GAAG6B,GAAG;YAAC;QAClI,IAAI4B;QACJ,IAAIb,aAAac,sBAAgB,CAACC,MAAM,EAAE;YACxC,mEAAmE;YACnEF,IAAI,MAAM,IAAI,CAACG,WAAW,CAACC,UAAU,CAACxE,MAAMyD;QAC9C,OAAO,IAAIF,aAAac,sBAAgB,CAACI,KAAK,EAAE;YAC9C,wCAAwC;YACxCL,IAAI,MAAM,IAAI,CAACG,WAAW,CAACG,SAAS,CAAC1E;QACvC;QACA,4CAA4C;QAC5CoE,EAAEO,mBAAmB,GAAG,MAAM,IAAI,CAACC,uBAAuB,CAAClB,QAAQ1D;QACnE,OAAOoE;IACT;IAEAS,WAAW7E,IAAe,EAA8B;QACtD,OAAO,IAAI,CAACmD,WAAW,CAAC0B,UAAU,CAAC7E;IACrC;IAEA,MAAM4E,wBAAwBlB,MAAkB,EAAEoB,KAAgB,EAA+B;QAC/F,IAAIjB,IAAAA,wBAAgB,MAAKkB,IAAAA,oCAAyB,EAACC,6BAAuB,IAAItB,OAAOI,eAAe,EAAE;YACpG,8CAA8C;YAC9C,OAAOmB;QACT;QACA,MAAMrB,QAAQZ,mBAAM,CAACC,UAAU;QAC/B,MAAMiC,aAAarB,IAAAA,wBAAgB,MAAKkB,IAAAA,oCAAyB,EAACI,kCAA4B;QAC9F,IAAI,CAAC5E,MAAM,CAAC6E,GAAG,CAAC;YAAE3E,KAAK,IAAI,CAACmE,uBAAuB,CAAClE,IAAI;YAAEC,KAAK,CAAC,sBAAsB,EAAEmE,MAAM3E,KAAK,CAAC,cAAc,EAAEuD,OAAOxC,EAAE,CAAC,CAAC,CAAC;QAAC;QACjI,IAAI;YACF,MAAM,IAAI,CAACiC,WAAW,CAACkC,6BAA6B,CAAC3B,OAAOxC,EAAE,EAAE0C,OAAOsB;QACzE,EAAE,OAAO1C,GAAG;YACV,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAChBhC,KAAK,IAAI,CAACmE,uBAAuB,CAAClE,IAAI;gBACtCC,KAAK,CAAC,gCAAgC,EAAEmE,MAAM3E,KAAK,CAAC,cAAc,EAAEuD,OAAOxC,EAAE,CAAC,IAAI,EAAEsB,GAAG;YACzF;YACA,MAAM,IAAI5B,qBAAa,CAAC,iCAAiCC,kBAAU,CAACyE,WAAW;QACjF;QACA,OAAO1B;IACT;IAEA,MAAMR,aAAapD,IAAe,EAAE2C,QAAgB,EAAiB;QACnE,IAAI;YACF,MAAM,IAAI,CAACQ,WAAW,CAACC,YAAY,CAACpD,KAAKkB,EAAE,EAAEyB;QAC/C,EAAE,OAAOH,GAAG;YACV,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAAEhC,KAAK,IAAI,CAAC2C,YAAY,CAAC1C,IAAI;gBAAEC,KAAK,GAAG6B,GAAG;YAAC;YAC7D,MAAM,IAAI5B,qBAAa,CAAC,2BAA2BC,kBAAU,CAACwC,qBAAqB;QACrF;IACF;IAEA,MACMkC,gBAA2C;QAC/C,IAAIC,WAA6B;QACjC,IAAIpE,gCAAa,CAACqE,YAAY,CAACC,QAAQ,CAACC,UAAU,KAAKC,2BAAoB,CAACC,MAAM,EAAE;YAClF,MAAMC,MAAM,GAAGC,oBAAY,CAAC,CAAC,EAAEC,8BAAuB,EAAE;YACxD,IAAI;gBACF,MAAMvC,MAAqB,MAAM,IAAI,CAACwC,IAAI,CAACC,QAAQ,CAAC;oBAClDC,QAAQC,kCAAW,CAACC,GAAG;oBACvBP,KAAKA;gBACP;gBACAN,WAAW/B,IAAI6C,IAAI;gBACnBd,SAASG,UAAU,GAAGC,2BAAoB,CAACC,MAAM;YACnD,EAAE,OAAOrD,GAAG;gBACV,IAAI,CAACjC,MAAM,CAACC,IAAI,CAAC;oBAAEC,KAAK,IAAI,CAAC8E,aAAa,CAAC7E,IAAI;oBAAEC,KAAK,CAAC,mBAAmB,EAAEmF,IAAI,GAAG,EAAEtD,GAAG;gBAAC;YAC3F;QACF,OAAO;YACL,MAAM+D,aAAaC,iBAAI,CAACC,IAAI,CAACC,4BAAW,EAAEC,wBAAiB,EAAEX,8BAAuB;YACpF,IAAI,CAAE,MAAMY,IAAAA,mBAAY,EAACL,aAAc;gBACrC,IAAI,CAAChG,MAAM,CAACC,IAAI,CAAC;oBAAEC,KAAK,IAAI,CAAC8E,aAAa,CAAC7E,IAAI;oBAAEC,KAAK,GAAG4F,WAAW,eAAe,CAAC;gBAAC;YACvF,OAAO;gBACL,IAAI;oBACFf,WAAWqB,KAAKC,KAAK,CAAC,MAAMC,iBAAE,CAACC,QAAQ,CAACT,YAAY;oBACpDf,SAASG,UAAU,GAAGC,2BAAoB,CAACqB,KAAK;oBAChD,mCAAmC;oBACnC,KAAK,MAAM,CAACC,IAAIC,SAAS,IAAIC,OAAOC,OAAO,CAAC7B,SAAS8B,QAAQ,EAAG;wBAC9D,KAAK,MAAMC,KAAKJ,SAAU;4BACxB,IAAII,EAAEC,OAAO,CAACC,WAAW,GAAGC,UAAU,CAACC,sBAAgB,CAACC,OAAO,GAAG;gCAChEL,EAAEzB,GAAG,GAAG,GAAGa,wBAAiB,CAAC,CAAC,EAAEgB,sBAAgB,CAACC,OAAO,CAAC,CAAC,EAAEV,GAAG,CAAC,EAAEK,EAAEC,OAAO,EAAE;4BAC/E,OAAO;gCACLD,EAAEzB,GAAG,GAAG,GAAGa,wBAAiB,CAAC,CAAC,EAAEgB,sBAAgB,CAACE,GAAG,CAAC,CAAC,EAAEN,EAAEC,OAAO,EAAE;4BACrE;wBACF;oBACF;gBACF,EAAE,OAAOhF,GAAG;oBACV,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;wBAAEhC,KAAK,IAAI,CAAC8E,aAAa,CAAC7E,IAAI;wBAAEC,KAAK,GAAG4F,WAAW,GAAG,EAAE/D,GAAG;oBAAC;gBAChF;YACF;QACF;QACA,OAAOgD;IACT;IAEA,MAAc9C,kBAAkB1C,IAAe,EAAE2C,QAAgB,EAAEmF,UAA0B,EAAE/H,EAAU,EAAuC;QAC9I,IAAI;YACF,MAAM6D,QAAQ,MAAM,IAAI,CAACT,WAAW,CAACT,iBAAiB,CAAC1C,KAAKkB,EAAE,EAAEyB,UAAUmF,YAAY/H;YACtF,IAAI,CAACQ,MAAM,CAAC6E,GAAG,CAAC;gBAAE3E,KAAK,IAAI,CAACiC,iBAAiB,CAAChC,IAAI;gBAAEC,KAAK,CAAC,QAAQ,EAAEmH,WAAWC,IAAI,CAAC,2BAA2B,EAAE/H,KAAKG,KAAK,CAAC,GAAG,EAAEH,KAAKkB,EAAE,CAAC,CAAC,CAAC;YAAC;YAC5I,OAAO;gBAAEyB,UAAUA;gBAAUqF,aAAapE;YAAM;QAClD,EAAE,OAAOpB,GAAG;YACV,IAAI,CAACjC,MAAM,CAACkC,KAAK,CAAC;gBAAEhC,KAAK,IAAI,CAACiC,iBAAiB,CAAChC,IAAI;gBAAEC,KAAK,GAAG6B,GAAG;YAAC;YAClE,MAAM,IAAI5B,qBAAa,CAAC,wCAAwCC,kBAAU,CAACwC,qBAAqB;QAClG;IACF;IA3LA,YACE,AAAiB4C,IAAiB,EAClC,AAAiB1B,WAAwB,EACzC,AAAiBtE,YAA0B,EAC3C,AAAiB2B,eAAgC,EACjD,AAAiBS,YAA0B,EAC3C,AAAiBc,WAAwB,CACzC;aANiB8C,OAAAA;aACA1B,cAAAA;aACAtE,eAAAA;aACA2B,kBAAAA;aACAS,eAAAA;aACAc,cAAAA;aARF5C,SAAS,IAAI0H,cAAM,CAACrI,mBAAmBc,IAAI;IASzD;AAqLL"}

package/server/applications/sync/services/sync-clients-manager.service.spec.js CHANGED Viewed

@@ -1,8 +1,4 @@
-/*
- * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>
- * This file is part of Sync-in | The open source file sync and share solution
- * See the LICENSE file for licensing details
- */ "use strict";
+"use strict";
 Object.defineProperty(exports, "__esModule", {
     value: true
 });
@@ -11,9 +7,9 @@ const _common = require("@nestjs/common");
 const _testing = require("@nestjs/testing");
 const _nodecrypto = /*#__PURE__*/ _interop_require_default(require("node:crypto"));
 const _promises = /*#__PURE__*/ _interop_require_default(require("node:fs/promises"));
-const _authmethod = require("../../../authentication/models/auth-method");
-const _authmanagerservice = require("../../../authentication/services/auth-manager.service");
-const _authmethodtwofaservice = require("../../../authentication/services/auth-methods/auth-method-two-fa.service");
+const _authservice = require("../../../authentication/auth.service");
+const _authprovidersmodels = require("../../../authentication/providers/auth-providers.models");
+const _authprovidertwofaservice = require("../../../authentication/providers/two-fa/auth-provider-two-fa.service");
 const _functions = /*#__PURE__*/ _interop_require_wildcard(require("../../../common/functions"));
 const _shared = /*#__PURE__*/ _interop_require_wildcard(require("../../../common/shared"));
 const _configenvironment = require("../../../configuration/config.environment");
@@ -104,7 +100,7 @@ describe(_syncclientsmanagerservice.SyncClientsManager.name, ()=>{
     // Mocks
     let http;
     let authManager;
-    let authMethod;
+    let authProvider;
     let usersManager;
     let syncQueries;
     let cacheMock;
@@ -142,7 +138,7 @@ describe(_syncclientsmanagerservice.SyncClientsManager.name, ()=>{
             setCookies: jest.fn(),
             getTokens: jest.fn()
         };
-        authMethod = {
+        authProvider = {
             validateUser: jest.fn()
         };
         usersManager = {
@@ -183,15 +179,15 @@ describe(_syncclientsmanagerservice.SyncClientsManager.name, ()=>{
                     useValue: usersManager
                 },
                 {
-                    provide: _authmanagerservice.AuthManager,
+                    provide: _authservice.AuthManager,
                     useValue: authManager
                 },
                 {
-                    provide: _authmethod.AuthMethod,
-                    useValue: authMethod
+                    provide: _authprovidersmodels.AuthProvider,
+                    useValue: authProvider
                 },
                 {
-                    provide: _authmethodtwofaservice.AuthMethod2FA,
+                    provide: _authprovidertwofaservice.AuthProvider2FA,
                     useValue: {}
                 }
             ]
@@ -252,13 +248,13 @@ describe(_syncclientsmanagerservice.SyncClientsManager.name, ()=>{
                 _common.HttpStatus.FORBIDDEN
             ]
         ])('should throw %s', async (_label, user, status)=>{
-            authMethod.validateUser.mockResolvedValue(user);
+            authProvider.validateUser.mockResolvedValue(user);
             await expect(service.register(baseDto, '1.2.3.4')).rejects.toMatchObject({
                 status
             });
         });
         it('should return client token when registration succeeds', async ()=>{
-            authMethod.validateUser.mockResolvedValue({
+            authProvider.validateUser.mockResolvedValue({
                 id: 10,
                 login: 'john',
                 havePermission: ()=>true
@@ -266,12 +262,13 @@ describe(_syncclientsmanagerservice.SyncClientsManager.name, ()=>{
             syncQueries.getOrCreateClient.mockResolvedValue('token-abc');
             const r = await service.register(baseDto, '1.2.3.4');
             expect(r).toEqual({
+                clientId: 'client-1',
                 clientToken: 'token-abc'
             });
             expect(syncQueries.getOrCreateClient).toHaveBeenCalledWith(10, 'client-1', baseDto.info, '1.2.3.4');
         });
         it('should throw Internal Server Error when persistence fails', async ()=>{
-            authMethod.validateUser.mockResolvedValue({
+            authProvider.validateUser.mockResolvedValue({
                 id: 10,
                 login: 'john',
                 havePermission: ()=>true