npm - @sync-in/server - Versions diffs - 1.9.6 → 1.10.0 - Mend

@sync-in/server 1.9.6 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (344) hide show

package/server/applications/webdav/utils/webdav.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../../backend/src/applications/webdav/utils/webdav.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { FastifyReply } from 'fastify'\nimport http from 'node:http'\nimport { currentTimeStamp, encodeUrl, SERVER_NAME } from '../../../common/shared'\nimport { FileLock } from '../../files/interfaces/file-lock.interface'\nimport { LOCK_SCOPE, NS_DAV, NS_PREFIX, PROPSTAT, XML_CONTENT_TYPE } from '../constants/webdav'\nimport { XML_NS, xmlBuild } from './xml'\n\nexport const XML_DAV_NS = { [`${XML_NS}:${NS_PREFIX}`]: `${NS_DAV}` }\nexport const PROPFIND_COLLECTION = { [`${NS_PREFIX}:collection`]: null }\nexport const PROPFIND_ALL_PROP = {\n [`${NS_PREFIX}:propfind`]: {\n [`${NS_PREFIX}:${PROPSTAT.ALLPROP}`]: null,\n ...XML_DAV_NS\n }\n}\n\nexport const SUPPORTED_LOCKS = {\n [`${NS_PREFIX}:lockentry`]: [\n {\n [`${NS_PREFIX}:lockscope`]: {\n [`${NS_PREFIX}:exclusive`]: null\n },\n [`${NS_PREFIX}:locktype`]: {\n [`${NS_PREFIX}:write`]: null\n }\n },\n {\n [`${NS_PREFIX}:lockscope`]: {\n [`${NS_PREFIX}:shared`]: null\n },\n [`${NS_PREFIX}:locktype`]: {\n [`${NS_PREFIX}:write`]: null\n }\n }\n ]\n}\n\nexport function PROP(prop: any, httpVersion: string, httpStatus: number, description?: string) {\n return {\n [`${NS_PREFIX}:prop`]: prop,\n [`${NS_PREFIX}:status`]: `${httpVersion} ${httpStatus} ${http.STATUS_CODES[httpStatus]}`,\n [`${NS_PREFIX}:responsedescription`]: description ? { [`${NS_PREFIX}:error`]: { [`${NS_PREFIX}:${description}`]: null } } : undefined\n }\n}\n\nexport function PROP_STAT(href: string, props: any) {\n return {\n [`${NS_PREFIX}:href`]: href,\n [`${NS_PREFIX}:propstat`]: props\n }\n}\n\nexport function MULTI_STATUS(content: any) {\n return {\n [`${NS_PREFIX}:multistatus`]: { [`${NS_PREFIX}:response`]: content, ...XML_DAV_NS }\n }\n}\n\nexport function LOCK_DISCOVERY(locks: FileLock[]) {\n // only locktype write is currently implemented in RFC\n const activeLocks = []\n for (const lock of locks) {\n activeLocks.push({\n [`${NS_PREFIX}:activelock`]: {\n [`${NS_PREFIX}:locktype`]: { [`${NS_PREFIX}:write`]: null },\n [`${NS_PREFIX}:lockscope`]: { [`${NS_PREFIX}:${lock.~~davLock~~?.~~lockscope~~ \|\| LOCK_SCOPE.EXCLUSIVE}`]: null },\n [`${NS_PREFIX}:locktoken`]: { [`${NS_PREFIX}:href`]: lock.~~davLock~~?.~~locktoken~~ \|\| SERVER_NAME },\n [`${NS_PREFIX}:lockroot`]: { [`${NS_PREFIX}:href`]: encodeUrl(lock.~~davLock~~?.~~lockroot~~ \|\| lock.dbFilePath) },\n [`${NS_PREFIX}:owner`]: lock~~.davLock?.owner \|\| 'WebDAV'~~,\n [`${NS_PREFIX}:timeout`]: `Second-${Math.floor(lock.expiration - currentTimeStamp())}`,\n [`${NS_PREFIX}:depth`]: lock.depth\n }\n })\n }\n return activeLocks\n}\n\nexport function LOCK_PROP(locks: FileLock[]) {\n return { [`${NS_PREFIX}:prop`]: { [`${NS_PREFIX}:lockdiscovery`]: LOCK_DISCOVERY(locks), ...XML_DAV_NS } }\n}\n\nexport function DAV_ERROR(error: string, href?: string): string {\n return xmlBuild({\n 'ns0:error': { [`ns0:${error}`]: href ? [{ 'ns0:href': encodeUrl(href) }] : '', [`${XML_NS}:ns0`]: `${NS_DAV}` }\n })\n}\n\nexport function DAV_ERROR_RES(code: number, error: string, res: FastifyReply, href?: string): FastifyReply {\n return res.status(code).type(XML_CONTENT_TYPE).send(DAV_ERROR(error, href))\n}\n"],"names":["DAV_ERROR","DAV_ERROR_RES","LOCK_DISCOVERY","LOCK_PROP","MULTI_STATUS","PROP","PROPFIND_ALL_PROP","PROPFIND_COLLECTION","PROP_STAT","SUPPORTED_LOCKS","XML_DAV_NS","XML_NS","NS_PREFIX","NS_DAV","PROPSTAT","ALLPROP","prop","httpVersion","httpStatus","description","http","STATUS_CODES","undefined","href","props","content","locks","activeLocks","lock","push","~~davLock~~","~~lockscope~~","LOCK_SCOPE","EXCLUSIVE","~~locktoken~~","SERVER_NAME","encodeUrl","~~lockroot~~","dbFilePath","~~owner~~","Math","floor","expiration","currentTimeStamp","depth","error","xmlBuild","code","res","status","type","XML_CONTENT_TYPE","send"],"mappings":"AAAA;;;;CAIC;;;;;;;;;;;QAmFeA;eAAAA;;QAMAC;eAAAA;;QA7BAC;eAAAA;;QAmBAC;eAAAA;;QAzBAC;eAAAA;;QAfAC;eAAAA;;QA5BHC;eAAAA;;QADAC;eAAAA;;QAqCGC;eAAAA;;QA7BHC;eAAAA;;QATAC;eAAAA;;;iEANI;wBACwC;wBAEiB;qBACzC;;;;;;AAE1B,MAAMA,aAAa;IAAE,CAAC,GAAGC,WAAM,CAAC,CAAC,EAAEC,iBAAS,EAAE,CAAC,EAAE,GAAGC,cAAM,EAAE;AAAC;AAC7D,MAAMN,sBAAsB;IAAE,CAAC,GAAGK,iBAAS,CAAC,WAAW,CAAC,CAAC,EAAE;AAAK;AAChE,MAAMN,oBAAoB;IAC/B,CAAC,GAAGM,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;QACzB,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEE,gBAAQ,CAACC,OAAO,EAAE,CAAC,EAAE;QACtC,GAAGL,UAAU;IACf;AACF;AAEO,MAAMD,kBAAkB;IAC7B,CAAC,GAAGG,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;QAC1B;YACE,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;gBAC1B,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;YAC9B;YACA,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;gBACzB,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;YAC1B;QACF;QACA;YACE,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;gBAC1B,CAAC,GAAGA,iBAAS,CAAC,OAAO,CAAC,CAAC,EAAE;YAC3B;YACA,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;gBACzB,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;YAC1B;QACF;KACD;AACH;AAEO,SAASP,KAAKW,IAAS,EAAEC,WAAmB,EAAEC,UAAkB,EAAEC,WAAoB;IAC3F,OAAO;QACL,CAAC,GAAGP,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEI;QACvB,CAAC,GAAGJ,iBAAS,CAAC,OAAO,CAAC,CAAC,EAAE,GAAGK,YAAY,CAAC,EAAEC,WAAW,CAAC,EAAEE,iBAAI,CAACC,YAAY,CAACH,WAAW,EAAE;QACxF,CAAC,GAAGN,iBAAS,CAAC,oBAAoB,CAAC,CAAC,EAAEO,cAAc;YAAE,CAAC,GAAGP,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;gBAAE,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEO,aAAa,CAAC,EAAE;YAAK;QAAE,IAAIG;IAC9H;AACF;AAEO,SAASd,UAAUe,IAAY,EAAEC,KAAU;IAChD,OAAO;QACL,CAAC,GAAGZ,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEW;QACvB,CAAC,GAAGX,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAEY;IAC7B;AACF;AAEO,SAASpB,aAAaqB,OAAY;IACvC,OAAO;QACL,CAAC,GAAGb,iBAAS,CAAC,YAAY,CAAC,CAAC,EAAE;YAAE,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAEa;YAAS,GAAGf,UAAU;QAAC;IACpF;AACF;AAEO,SAASR,eAAewB,KAAiB;IAC9C,sDAAsD;IACtD,MAAMC,cAAc,EAAE;IACtB,KAAK,MAAMC,QAAQF,MAAO;QACxBC,YAAYE,IAAI,CAAC;YACf,CAAC,GAAGjB,iBAAS,CAAC,WAAW,CAAC,CAAC,EAAE;gBAC3B,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;gBAAK;gBAC1D,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEgB,KAAKE,OAAO,EAAEC,aAAaC,kBAAU,CAACC,SAAS,EAAE,CAAC,EAAE;gBAAK;gBACxG,CAAC,GAAGrB,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEgB,KAAKE,OAAO,EAAEI,aAAaC,mBAAW;gBAAC;gBAC5F,CAAC,GAAGvB,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEwB,IAAAA,iBAAS,EAACR,KAAKE,OAAO,EAAEO,YAAYT,KAAKU,UAAU;gBAAE;gBACzG,CAAC,GAAG1B,iBAAS,CAAC,MAAM,CAAC,CAAC,~~EAAEgB~~,~~KAAKE,OAAO,EAAES,SAAS~~;~~gBAC/C~~,CAAC,~~GAAG3B~~,iBAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE4B,KAAKC,KAAK,CAACb,KAAKc,UAAU,GAAGC,IAAAA,wBAAgB,MAAK;gBACtF,CAAC,GAAG/B,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAEgB,KAAKgB,KAAK;YACpC;QACF;IACF;IACA,OAAOjB;AACT;AAEO,SAASxB,UAAUuB,KAAiB;IACzC,OAAO;QAAE,CAAC,GAAGd,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAE;YAAE,CAAC,GAAGA,iBAAS,CAAC,cAAc,CAAC,CAAC,EAAEV,eAAewB;YAAQ,GAAGhB,UAAU;QAAC;IAAE;AAC3G;AAEO,SAASV,UAAU6C,KAAa,EAAEtB,IAAa;IACpD,OAAOuB,IAAAA,aAAQ,EAAC;QACd,aAAa;YAAE,CAAC,CAAC,IAAI,EAAED,OAAO,CAAC,EAAEtB,OAAO;gBAAC;oBAAE,YAAYa,IAAAA,iBAAS,EAACb;gBAAM;aAAE,GAAG;YAAI,CAAC,GAAGZ,WAAM,CAAC,IAAI,CAAC,CAAC,EAAE,GAAGE,cAAM,EAAE;QAAC;IACjH;AACF;AAEO,SAASZ,cAAc8C,IAAY,EAAEF,KAAa,EAAEG,GAAiB,EAAEzB,IAAa;IACzF,OAAOyB,IAAIC,MAAM,CAACF,MAAMG,IAAI,CAACC,wBAAgB,EAAEC,IAAI,CAACpD,UAAU6C,OAAOtB;AACvE"}
1	+ {"version":3,"sources":["../../../../../backend/src/applications/webdav/utils/webdav.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { FastifyReply } from 'fastify'\nimport http from 'node:http'\nimport { currentTimeStamp, encodeUrl, SERVER_NAME } from '../../../common/shared'\nimport { FileLock } from '../../files/interfaces/file-lock.interface'\nimport { LOCK_SCOPE, NS_DAV, NS_PREFIX, PROPSTAT, XML_CONTENT_TYPE } from '../constants/webdav'\nimport { XML_NS, xmlBuild } from './xml'\n\nexport const XML_DAV_NS = { [`${XML_NS}:${NS_PREFIX}`]: `${NS_DAV}` }\nexport const PROPFIND_COLLECTION = { [`${NS_PREFIX}:collection`]: null }\nexport const PROPFIND_ALL_PROP = {\n [`${NS_PREFIX}:propfind`]: {\n [`${NS_PREFIX}:${PROPSTAT.ALLPROP}`]: null,\n ...XML_DAV_NS\n }\n}\n\nexport const SUPPORTED_LOCKS = {\n [`${NS_PREFIX}:lockentry`]: [\n {\n [`${NS_PREFIX}:lockscope`]: {\n [`${NS_PREFIX}:exclusive`]: null\n },\n [`${NS_PREFIX}:locktype`]: {\n [`${NS_PREFIX}:write`]: null\n }\n },\n {\n [`${NS_PREFIX}:lockscope`]: {\n [`${NS_PREFIX}:shared`]: null\n },\n [`${NS_PREFIX}:locktype`]: {\n [`${NS_PREFIX}:write`]: null\n }\n }\n ]\n}\n\nexport function PROP(prop: any, httpVersion: string, httpStatus: number, description?: string) {\n return {\n [`${NS_PREFIX}:prop`]: prop,\n [`${NS_PREFIX}:status`]: `${httpVersion} ${httpStatus} ${http.STATUS_CODES[httpStatus]}`,\n [`${NS_PREFIX}:responsedescription`]: description ? { [`${NS_PREFIX}:error`]: { [`${NS_PREFIX}:${description}`]: null } } : undefined\n }\n}\n\nexport function PROP_STAT(href: string, props: any) {\n return {\n [`${NS_PREFIX}:href`]: href,\n [`${NS_PREFIX}:propstat`]: props\n }\n}\n\nexport function MULTI_STATUS(content: any) {\n return {\n [`${NS_PREFIX}:multistatus`]: { [`${NS_PREFIX}:response`]: content, ...XML_DAV_NS }\n }\n}\n\nexport function LOCK_DISCOVERY(locks: FileLock[]) {\n // only locktype write is currently implemented in RFC\n const activeLocks = []\n for (const lock of locks) {\n activeLocks.push({\n [`${NS_PREFIX}:activelock`]: {\n [`${NS_PREFIX}:locktype`]: { [`${NS_PREFIX}:write`]: null },\n [`${NS_PREFIX}:lockscope`]: { [`${NS_PREFIX}:${lock.options?.lockScope \|\| LOCK_SCOPE.EXCLUSIVE}`]: null },\n [`${NS_PREFIX}:locktoken`]: { [`${NS_PREFIX}:href`]: lock.options?.lockToken \|\| SERVER_NAME },\n [`${NS_PREFIX}:lockroot`]: { [`${NS_PREFIX}:href`]: encodeUrl(lock.options?.lockRoot \|\| lock.dbFilePath) },\n [`${NS_PREFIX}:owner`]: formatLockOwner(lock),\n [`${NS_PREFIX}:timeout`]: `Second-${Math.floor(lock.expiration - currentTimeStamp())}`,\n [`${NS_PREFIX}:depth`]: lock.depth\n }\n })\n }\n return activeLocks\n}\n\nexport function LOCK_PROP(locks: FileLock[]) {\n return { [`${NS_PREFIX}:prop`]: { [`${NS_PREFIX}:lockdiscovery`]: LOCK_DISCOVERY(locks), ...XML_DAV_NS } }\n}\n\nexport function DAV_ERROR(error: string, href?: string): string {\n return xmlBuild({\n 'ns0:error': { [`ns0:${error}`]: href ? [{ 'ns0:href': encodeUrl(href) }] : '', [`${XML_NS}:ns0`]: `${NS_DAV}` }\n })\n}\n\nexport function DAV_ERROR_RES(code: number, error: string, res: FastifyReply, href?: string): FastifyReply {\n return res.status(code).type(XML_CONTENT_TYPE).send(DAV_ERROR(error, href))\n}\n\nfunction formatLockOwner(lock: FileLock) {\n const lockInfo = `${lock.options.lockInfo ? `${lock.options.lockInfo}` : ''}${lock.app ? ` ${lock.app}` : ''}`\n return `${lock.owner.fullName} (${lock.owner.email})${lockInfo ? ` - ${lockInfo}` : ''}`\n}\n"],"names":["DAV_ERROR","DAV_ERROR_RES","LOCK_DISCOVERY","LOCK_PROP","MULTI_STATUS","PROP","PROPFIND_ALL_PROP","PROPFIND_COLLECTION","PROP_STAT","SUPPORTED_LOCKS","XML_DAV_NS","XML_NS","NS_PREFIX","NS_DAV","PROPSTAT","ALLPROP","prop","httpVersion","httpStatus","description","http","STATUS_CODES","undefined","href","props","content","locks","activeLocks","lock","push","options","lockScope","LOCK_SCOPE","EXCLUSIVE","lockToken","SERVER_NAME","encodeUrl","lockRoot","dbFilePath","formatLockOwner","Math","floor","expiration","currentTimeStamp","depth","error","xmlBuild","code","res","status","type","XML_CONTENT_TYPE","send","lockInfo","app","owner","fullName","email"],"mappings":"AAAA;;;;CAIC;;;;;;;;;;;QAmFeA;eAAAA;;QAMAC;eAAAA;;QA7BAC;eAAAA;;QAmBAC;eAAAA;;QAzBAC;eAAAA;;QAfAC;eAAAA;;QA5BHC;eAAAA;;QADAC;eAAAA;;QAqCGC;eAAAA;;QA7BHC;eAAAA;;QATAC;eAAAA;;;iEANI;wBACwC;wBAEiB;qBACzC;;;;;;AAE1B,MAAMA,aAAa;IAAE,CAAC,GAAGC,WAAM,CAAC,CAAC,EAAEC,iBAAS,EAAE,CAAC,EAAE,GAAGC,cAAM,EAAE;AAAC;AAC7D,MAAMN,sBAAsB;IAAE,CAAC,GAAGK,iBAAS,CAAC,WAAW,CAAC,CAAC,EAAE;AAAK;AAChE,MAAMN,oBAAoB;IAC/B,CAAC,GAAGM,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;QACzB,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEE,gBAAQ,CAACC,OAAO,EAAE,CAAC,EAAE;QACtC,GAAGL,UAAU;IACf;AACF;AAEO,MAAMD,kBAAkB;IAC7B,CAAC,GAAGG,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;QAC1B;YACE,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;gBAC1B,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;YAC9B;YACA,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;gBACzB,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;YAC1B;QACF;QACA;YACE,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;gBAC1B,CAAC,GAAGA,iBAAS,CAAC,OAAO,CAAC,CAAC,EAAE;YAC3B;YACA,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;gBACzB,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;YAC1B;QACF;KACD;AACH;AAEO,SAASP,KAAKW,IAAS,EAAEC,WAAmB,EAAEC,UAAkB,EAAEC,WAAoB;IAC3F,OAAO;QACL,CAAC,GAAGP,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEI;QACvB,CAAC,GAAGJ,iBAAS,CAAC,OAAO,CAAC,CAAC,EAAE,GAAGK,YAAY,CAAC,EAAEC,WAAW,CAAC,EAAEE,iBAAI,CAACC,YAAY,CAACH,WAAW,EAAE;QACxF,CAAC,GAAGN,iBAAS,CAAC,oBAAoB,CAAC,CAAC,EAAEO,cAAc;YAAE,CAAC,GAAGP,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;gBAAE,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEO,aAAa,CAAC,EAAE;YAAK;QAAE,IAAIG;IAC9H;AACF;AAEO,SAASd,UAAUe,IAAY,EAAEC,KAAU;IAChD,OAAO;QACL,CAAC,GAAGZ,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEW;QACvB,CAAC,GAAGX,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAEY;IAC7B;AACF;AAEO,SAASpB,aAAaqB,OAAY;IACvC,OAAO;QACL,CAAC,GAAGb,iBAAS,CAAC,YAAY,CAAC,CAAC,EAAE;YAAE,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAEa;YAAS,GAAGf,UAAU;QAAC;IACpF;AACF;AAEO,SAASR,eAAewB,KAAiB;IAC9C,sDAAsD;IACtD,MAAMC,cAAc,EAAE;IACtB,KAAK,MAAMC,QAAQF,MAAO;QACxBC,YAAYE,IAAI,CAAC;YACf,CAAC,GAAGjB,iBAAS,CAAC,WAAW,CAAC,CAAC,EAAE;gBAC3B,CAAC,GAAGA,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE;gBAAK;gBAC1D,CAAC,GAAGA,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,CAAC,EAAEgB,KAAKE,OAAO,EAAEC,aAAaC,kBAAU,CAACC,SAAS,EAAE,CAAC,EAAE;gBAAK;gBACxG,CAAC,GAAGrB,iBAAS,CAAC,UAAU,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEgB,KAAKE,OAAO,EAAEI,aAAaC,mBAAW;gBAAC;gBAC5F,CAAC,GAAGvB,iBAAS,CAAC,SAAS,CAAC,CAAC,EAAE;oBAAE,CAAC,GAAGA,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAEwB,IAAAA,iBAAS,EAACR,KAAKE,OAAO,EAAEO,YAAYT,KAAKU,UAAU;gBAAE;gBACzG,CAAC,GAAG1B,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAE2B,gBAAgBX;gBACxC,CAAC,GAAGhB,iBAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE4B,KAAKC,KAAK,CAACb,KAAKc,UAAU,GAAGC,IAAAA,wBAAgB,MAAK;gBACtF,CAAC,GAAG/B,iBAAS,CAAC,MAAM,CAAC,CAAC,EAAEgB,KAAKgB,KAAK;YACpC;QACF;IACF;IACA,OAAOjB;AACT;AAEO,SAASxB,UAAUuB,KAAiB;IACzC,OAAO;QAAE,CAAC,GAAGd,iBAAS,CAAC,KAAK,CAAC,CAAC,EAAE;YAAE,CAAC,GAAGA,iBAAS,CAAC,cAAc,CAAC,CAAC,EAAEV,eAAewB;YAAQ,GAAGhB,UAAU;QAAC;IAAE;AAC3G;AAEO,SAASV,UAAU6C,KAAa,EAAEtB,IAAa;IACpD,OAAOuB,IAAAA,aAAQ,EAAC;QACd,aAAa;YAAE,CAAC,CAAC,IAAI,EAAED,OAAO,CAAC,EAAEtB,OAAO;gBAAC;oBAAE,YAAYa,IAAAA,iBAAS,EAACb;gBAAM;aAAE,GAAG;YAAI,CAAC,GAAGZ,WAAM,CAAC,IAAI,CAAC,CAAC,EAAE,GAAGE,cAAM,EAAE;QAAC;IACjH;AACF;AAEO,SAASZ,cAAc8C,IAAY,EAAEF,KAAa,EAAEG,GAAiB,EAAEzB,IAAa;IACzF,OAAOyB,IAAIC,MAAM,CAACF,MAAMG,IAAI,CAACC,wBAAgB,EAAEC,IAAI,CAACpD,UAAU6C,OAAOtB;AACvE;AAEA,SAASgB,gBAAgBX,IAAc;IACrC,MAAMyB,WAAW,GAAGzB,KAAKE,OAAO,CAACuB,QAAQ,GAAG,GAAGzB,KAAKE,OAAO,CAACuB,QAAQ,EAAE,GAAG,KAAKzB,KAAK0B,GAAG,GAAG,CAAC,CAAC,EAAE1B,KAAK0B,GAAG,EAAE,GAAG,IAAI;IAC9G,OAAO,GAAG1B,KAAK2B,KAAK,CAACC,QAAQ,CAAC,EAAE,EAAE5B,KAAK2B,KAAK,CAACE,KAAK,CAAC,CAAC,EAAEJ,WAAW,CAAC,GAAG,EAAEA,UAAU,GAAG,IAAI;AAC1F"}

package/server/applications/webdav/webdav.controller.js CHANGED Viewed

@@ -37,28 +37,28 @@ function _ts_param(paramIndex, decorator) {
 }
 let WebDAVController = class WebDAVController {
     serverOptions() {
-        // OPTIONS method is handled in the `DavProtocolGuard`, return empty response with headers
+        // OPTIONS method is handled in the `WebDAVProtocolGuard`, return empty response with headers
         return;
     }
     serverPropFind(req, res) {
         return this.webdavMethods.propfind(req, res, _routes.WEBDAV_NS.SERVER);
     }
     webdavOptions() {
-        // OPTIONS method is handled in the `DavProtocolGuard`, return empty response with headers
+        // OPTIONS method is handled in the `WebDAVProtocolGuard`, return empty response with headers
         return;
     }
     async webdavPropfind(req, res) {
         return this.webdavMethods.propfind(req, res, _routes.WEBDAV_NS.WEBDAV);
     }
     repositoriesOptions() {
-        // OPTIONS method is handled in the `DavProtocolGuard`
+        // OPTIONS method is handled in the `WebDAVProtocolGuard`
         return;
     }
     async repositoriesPropfind(req, res, repository) {
         return this.webdavMethods.propfind(req, res, repository);
     }
     async files(req, res) {
-        // OPTIONS method is handled in the `DavProtocolGuard`
+        // OPTIONS method is handled in the `WebDAVProtocolGuard`
         switch(req.method){
             case _applicationsconstants.HTTP_METHOD.PROPFIND:
                 return this.webdavMethods.propfind(req, res, _spaces.SPACE_REPOSITORY.FILES);

package/server/applications/webdav/webdav.controller.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../backend/src/applications/webdav/webdav.controller.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n /\n\nimport { All, Controller, HttpStatus, Options, Param, Propfind, Req, Res, UseGuards } from '@nestjs/common'\nimport { FastifyReply } from 'fastify'\nimport { HTTP_METHOD } from '../applications.constants'\nimport { SPACE_REPOSITORY } from '../spaces/constants/spaces'\nimport { SpaceGuard } from '../spaces/guards/space.guard'\nimport { WEBDAV_BASE_PATH, WEBDAV_NS } from './constants/routes'\nimport { WebDAVEnvironment } from './decorators/webdav-context.decorator'\nimport { FastifyDAVRequest } from './interfaces/webdav.interface'\nimport { WebDAVMethods } from './services/webdav-methods.service'\n\n@Controller()\n@WebDAVEnvironment()\nexport class WebDAVController {\n constructor(private readonly webdavMethods: WebDAVMethods) {}\n\n @Options()\n serverOptions() {\n // OPTIONS method is handled in the `~~DavProtocolGuard~~`, return empty response with headers\n return\n }\n\n @Propfind()\n serverPropFind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n return this.webdavMethods.propfind(req, res, WEBDAV_NS.SERVER)\n }\n\n @Options(WEBDAV_BASE_PATH)\n webdavOptions() {\n // OPTIONS method is handled in the `~~DavProtocolGuard~~`, return empty response with headers\n return\n }\n\n @Propfind(WEBDAV_BASE_PATH)\n async webdavPropfind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n return this.webdavMethods.propfind(req, res, WEBDAV_NS.WEBDAV)\n }\n\n @Options(`${WEBDAV_BASE_PATH}/:repository(^(${WEBDAV_NS.SPACES}\|${WEBDAV_NS.TRASH})$)`)\n repositoriesOptions() {\n // OPTIONS method is handled in the `~~DavProtocolGuard~~`\n return\n }\n\n @Propfind(`${WEBDAV_BASE_PATH}/:repository(^(${WEBDAV_NS.SPACES}\|${WEBDAV_NS.TRASH})$)`)\n async repositoriesPropfind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply, @Param('repository') repository: string) {\n return this.webdavMethods.propfind(req, res, repository)\n }\n\n @All(`${WEBDAV_BASE_PATH}/`)\n @UseGuards(SpaceGuard)\n async files(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n // OPTIONS method is handled in the `~~DavProtocolGuard~~`\n switch (req.method) {\n case HTTP_METHOD.PROPFIND:\n return this.webdavMethods.propfind(req, res, SPACE_REPOSITORY.FILES)\n case HTTP_METHOD.HEAD:\n case HTTP_METHOD.GET:\n return this.webdavMethods.headOrGet(req, res, SPACE_REPOSITORY.FILES)\n case HTTP_METHOD.PUT:\n return this.webdavMethods.put(req, res)\n case HTTP_METHOD.DELETE:\n return this.webdavMethods.delete(req, res)\n case HTTP_METHOD.LOCK:\n return this.webdavMethods.lock(req, res)\n case HTTP_METHOD.UNLOCK:\n return this.webdavMethods.unlock(req, res)\n case HTTP_METHOD.PROPPATCH:\n return this.webdavMethods.proppatch(req, res)\n case HTTP_METHOD.MKCOL:\n return this.webdavMethods.mkcol(req, res)\n case HTTP_METHOD.COPY:\n case HTTP_METHOD.MOVE:\n return this.webdavMethods.copyMove(req, res)\n default:\n return res.status(HttpStatus.METHOD_NOT_ALLOWED).send()\n }\n }\n}\n"],"names":["WebDAVController","serverOptions","serverPropFind","req","res","webdavMethods","propfind","WEBDAV_NS","SERVER","webdavOptions","webdavPropfind","WEBDAV","repositoriesOptions","repositoriesPropfind","repository","files","method","HTTP_METHOD","PROPFIND","SPACE_REPOSITORY","FILES","HEAD","GET","headOrGet","PUT","put","DELETE","delete","LOCK","lock","UNLOCK","unlock","PROPPATCH","proppatch","MKCOL","mkcol","COPY","MOVE","copyMove","status","HttpStatus","METHOD_NOT_ALLOWED","send","passthrough","WEBDAV_BASE_PATH","SPACES","TRASH"],"mappings":"AAAA;;;;CAIC;;;;+BAcYA;;;eAAAA;;;wBAZ8E;yBAC9D;uCACD;wBACK;4BACN;wBACiB;wCACV;iCACA;sCACJ;;;;;;;;;;;;;;;AAIvB,IAAA,AAAMA,mBAAN,MAAMA;IAIXC,gBAAgB;QACd,~~0FAA0F~~;~~QAC1F~~;IACF;IAGAC,eAAe,AAAOC,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QAC3F,OAAO,IAAI,CAACC,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKG,iBAAS,CAACC,MAAM;IAC/D;IAGAC,gBAAgB;QACd,~~0FAA0F~~;~~QAC1F~~;IACF;IAEA,MACMC,eAAe,AAAOP,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QACjG,OAAO,IAAI,CAACC,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKG,iBAAS,CAACI,MAAM;IAC/D;IAGAC,sBAAsB;QACpB,~~sDAAsD~~;~~QACtD~~;IACF;IAEA,MACMC,qBAAqB,AAAOV,GAAsB,EAAE,AAA4BC,GAAiB,EAAE,AAAqBU,UAAkB,EAAE;QAChJ,OAAO,IAAI,CAACT,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKU;IAC/C;IAEA,MAEMC,MAAM,AAAOZ,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QACxF,~~sDAAsD~~;~~QACtD~~,OAAQD,IAAIa,MAAM;YAChB,KAAKC,kCAAW,CAACC,QAAQ;gBACvB,OAAO,IAAI,CAACb,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKe,wBAAgB,CAACC,KAAK;YACrE,KAAKH,kCAAW,CAACI,IAAI;YACrB,KAAKJ,kCAAW,CAACK,GAAG;gBAClB,OAAO,IAAI,CAACjB,aAAa,CAACkB,SAAS,CAACpB,KAAKC,KAAKe,wBAAgB,CAACC,KAAK;YACtE,KAAKH,kCAAW,CAACO,GAAG;gBAClB,OAAO,IAAI,CAACnB,aAAa,CAACoB,GAAG,CAACtB,KAAKC;YACrC,KAAKa,kCAAW,CAACS,MAAM;gBACrB,OAAO,IAAI,CAACrB,aAAa,CAACsB,MAAM,CAACxB,KAAKC;YACxC,KAAKa,kCAAW,CAACW,IAAI;gBACnB,OAAO,IAAI,CAACvB,aAAa,CAACwB,IAAI,CAAC1B,KAAKC;YACtC,KAAKa,kCAAW,CAACa,MAAM;gBACrB,OAAO,IAAI,CAACzB,aAAa,CAAC0B,MAAM,CAAC5B,KAAKC;YACxC,KAAKa,kCAAW,CAACe,SAAS;gBACxB,OAAO,IAAI,CAAC3B,aAAa,CAAC4B,SAAS,CAAC9B,KAAKC;YAC3C,KAAKa,kCAAW,CAACiB,KAAK;gBACpB,OAAO,IAAI,CAAC7B,aAAa,CAAC8B,KAAK,CAAChC,KAAKC;YACvC,KAAKa,kCAAW,CAACmB,IAAI;YACrB,KAAKnB,kCAAW,CAACoB,IAAI;gBACnB,OAAO,IAAI,CAAChC,aAAa,CAACiC,QAAQ,CAACnC,KAAKC;YAC1C;gBACE,OAAOA,IAAImC,MAAM,CAACC,kBAAU,CAACC,kBAAkB,EAAEC,IAAI;QACzD;IACF;IA/DA,YAAY,AAAiBrC,aAA4B,CAAE;aAA9BA,gBAAAA;IAA+B;AAgE9D;;;;;;;;;;;QAvDuDsC,aAAa;;;;;;;;;;;;;;;;;;;QAWPA,aAAa;;;;;;;;;;4BAI5DC,wBAAgB,CAAC,eAAe,EAAErC,iBAAS,CAACsC,MAAM,CAAC,CAAC,EAAEtC,iBAAS,CAACuC,KAAK,CAAC,GAAG;;;;;;6BAMxEF,wBAAgB,CAAC,eAAe,EAAErC,iBAAS,CAACsC,MAAM,CAAC,CAAC,EAAEtC,iBAAS,CAACuC,KAAK,CAAC,GAAG;;;QACrBH,aAAa;;;;;;;;;;;;wBAItEC,wBAAgB,CAAC,EAAE;;;;QAEuBD,aAAa"}
1	+ {"version":3,"sources":["../../../../backend/src/applications/webdav/webdav.controller.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n /\n\nimport { All, Controller, HttpStatus, Options, Param, Propfind, Req, Res, UseGuards } from '@nestjs/common'\nimport { FastifyReply } from 'fastify'\nimport { HTTP_METHOD } from '../applications.constants'\nimport { SPACE_REPOSITORY } from '../spaces/constants/spaces'\nimport { SpaceGuard } from '../spaces/guards/space.guard'\nimport { WEBDAV_BASE_PATH, WEBDAV_NS } from './constants/routes'\nimport { WebDAVEnvironment } from './decorators/webdav-context.decorator'\nimport { FastifyDAVRequest } from './interfaces/webdav.interface'\nimport { WebDAVMethods } from './services/webdav-methods.service'\n\n@Controller()\n@WebDAVEnvironment()\nexport class WebDAVController {\n constructor(private readonly webdavMethods: WebDAVMethods) {}\n\n @Options()\n serverOptions() {\n // OPTIONS method is handled in the `WebDAVProtocolGuard`, return empty response with headers\n return\n }\n\n @Propfind()\n serverPropFind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n return this.webdavMethods.propfind(req, res, WEBDAV_NS.SERVER)\n }\n\n @Options(WEBDAV_BASE_PATH)\n webdavOptions() {\n // OPTIONS method is handled in the `WebDAVProtocolGuard`, return empty response with headers\n return\n }\n\n @Propfind(WEBDAV_BASE_PATH)\n async webdavPropfind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n return this.webdavMethods.propfind(req, res, WEBDAV_NS.WEBDAV)\n }\n\n @Options(`${WEBDAV_BASE_PATH}/:repository(^(${WEBDAV_NS.SPACES}\|${WEBDAV_NS.TRASH})$)`)\n repositoriesOptions() {\n // OPTIONS method is handled in the `WebDAVProtocolGuard`\n return\n }\n\n @Propfind(`${WEBDAV_BASE_PATH}/:repository(^(${WEBDAV_NS.SPACES}\|${WEBDAV_NS.TRASH})$)`)\n async repositoriesPropfind(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply, @Param('repository') repository: string) {\n return this.webdavMethods.propfind(req, res, repository)\n }\n\n @All(`${WEBDAV_BASE_PATH}/`)\n @UseGuards(SpaceGuard)\n async files(@Req() req: FastifyDAVRequest, @Res({ passthrough: true }) res: FastifyReply) {\n // OPTIONS method is handled in the `WebDAVProtocolGuard`\n switch (req.method) {\n case HTTP_METHOD.PROPFIND:\n return this.webdavMethods.propfind(req, res, SPACE_REPOSITORY.FILES)\n case HTTP_METHOD.HEAD:\n case HTTP_METHOD.GET:\n return this.webdavMethods.headOrGet(req, res, SPACE_REPOSITORY.FILES)\n case HTTP_METHOD.PUT:\n return this.webdavMethods.put(req, res)\n case HTTP_METHOD.DELETE:\n return this.webdavMethods.delete(req, res)\n case HTTP_METHOD.LOCK:\n return this.webdavMethods.lock(req, res)\n case HTTP_METHOD.UNLOCK:\n return this.webdavMethods.unlock(req, res)\n case HTTP_METHOD.PROPPATCH:\n return this.webdavMethods.proppatch(req, res)\n case HTTP_METHOD.MKCOL:\n return this.webdavMethods.mkcol(req, res)\n case HTTP_METHOD.COPY:\n case HTTP_METHOD.MOVE:\n return this.webdavMethods.copyMove(req, res)\n default:\n return res.status(HttpStatus.METHOD_NOT_ALLOWED).send()\n }\n }\n}\n"],"names":["WebDAVController","serverOptions","serverPropFind","req","res","webdavMethods","propfind","WEBDAV_NS","SERVER","webdavOptions","webdavPropfind","WEBDAV","repositoriesOptions","repositoriesPropfind","repository","files","method","HTTP_METHOD","PROPFIND","SPACE_REPOSITORY","FILES","HEAD","GET","headOrGet","PUT","put","DELETE","delete","LOCK","lock","UNLOCK","unlock","PROPPATCH","proppatch","MKCOL","mkcol","COPY","MOVE","copyMove","status","HttpStatus","METHOD_NOT_ALLOWED","send","passthrough","WEBDAV_BASE_PATH","SPACES","TRASH"],"mappings":"AAAA;;;;CAIC;;;;+BAcYA;;;eAAAA;;;wBAZ8E;yBAC9D;uCACD;wBACK;4BACN;wBACiB;wCACV;iCACA;sCACJ;;;;;;;;;;;;;;;AAIvB,IAAA,AAAMA,mBAAN,MAAMA;IAIXC,gBAAgB;QACd,6FAA6F;QAC7F;IACF;IAGAC,eAAe,AAAOC,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QAC3F,OAAO,IAAI,CAACC,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKG,iBAAS,CAACC,MAAM;IAC/D;IAGAC,gBAAgB;QACd,6FAA6F;QAC7F;IACF;IAEA,MACMC,eAAe,AAAOP,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QACjG,OAAO,IAAI,CAACC,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKG,iBAAS,CAACI,MAAM;IAC/D;IAGAC,sBAAsB;QACpB,yDAAyD;QACzD;IACF;IAEA,MACMC,qBAAqB,AAAOV,GAAsB,EAAE,AAA4BC,GAAiB,EAAE,AAAqBU,UAAkB,EAAE;QAChJ,OAAO,IAAI,CAACT,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKU;IAC/C;IAEA,MAEMC,MAAM,AAAOZ,GAAsB,EAAE,AAA4BC,GAAiB,EAAE;QACxF,yDAAyD;QACzD,OAAQD,IAAIa,MAAM;YAChB,KAAKC,kCAAW,CAACC,QAAQ;gBACvB,OAAO,IAAI,CAACb,aAAa,CAACC,QAAQ,CAACH,KAAKC,KAAKe,wBAAgB,CAACC,KAAK;YACrE,KAAKH,kCAAW,CAACI,IAAI;YACrB,KAAKJ,kCAAW,CAACK,GAAG;gBAClB,OAAO,IAAI,CAACjB,aAAa,CAACkB,SAAS,CAACpB,KAAKC,KAAKe,wBAAgB,CAACC,KAAK;YACtE,KAAKH,kCAAW,CAACO,GAAG;gBAClB,OAAO,IAAI,CAACnB,aAAa,CAACoB,GAAG,CAACtB,KAAKC;YACrC,KAAKa,kCAAW,CAACS,MAAM;gBACrB,OAAO,IAAI,CAACrB,aAAa,CAACsB,MAAM,CAACxB,KAAKC;YACxC,KAAKa,kCAAW,CAACW,IAAI;gBACnB,OAAO,IAAI,CAACvB,aAAa,CAACwB,IAAI,CAAC1B,KAAKC;YACtC,KAAKa,kCAAW,CAACa,MAAM;gBACrB,OAAO,IAAI,CAACzB,aAAa,CAAC0B,MAAM,CAAC5B,KAAKC;YACxC,KAAKa,kCAAW,CAACe,SAAS;gBACxB,OAAO,IAAI,CAAC3B,aAAa,CAAC4B,SAAS,CAAC9B,KAAKC;YAC3C,KAAKa,kCAAW,CAACiB,KAAK;gBACpB,OAAO,IAAI,CAAC7B,aAAa,CAAC8B,KAAK,CAAChC,KAAKC;YACvC,KAAKa,kCAAW,CAACmB,IAAI;YACrB,KAAKnB,kCAAW,CAACoB,IAAI;gBACnB,OAAO,IAAI,CAAChC,aAAa,CAACiC,QAAQ,CAACnC,KAAKC;YAC1C;gBACE,OAAOA,IAAImC,MAAM,CAACC,kBAAU,CAACC,kBAAkB,EAAEC,IAAI;QACzD;IACF;IA/DA,YAAY,AAAiBrC,aAA4B,CAAE;aAA9BA,gBAAAA;IAA+B;AAgE9D;;;;;;;;;;;QAvDuDsC,aAAa;;;;;;;;;;;;;;;;;;;QAWPA,aAAa;;;;;;;;;;4BAI5DC,wBAAgB,CAAC,eAAe,EAAErC,iBAAS,CAACsC,MAAM,CAAC,CAAC,EAAEtC,iBAAS,CAACuC,KAAK,CAAC,GAAG;;;;;;6BAMxEF,wBAAgB,CAAC,eAAe,EAAErC,iBAAS,CAACsC,MAAM,CAAC,CAAC,EAAEtC,iBAAS,CAACuC,KAAK,CAAC,GAAG;;;QACrBH,aAAa;;;;;;;;;;;;wBAItEC,wBAAgB,CAAC,EAAE;;;;QAEuBD,aAAa"}

package/server/authentication/guards/auth-token-access.guard.js CHANGED Viewed

@@ -15,7 +15,8 @@ Object.defineProperty(exports, "AuthTokenAccessGuard", {
 const _common = require("@nestjs/common");
 const _core = require("@nestjs/core");
 const _passport = require("@nestjs/passport");
-const _onlyoffice = require("../../applications/files/constants/only-office");
+const _collaboraonlineconstants = require("../../applications/files/modules/collabora-online/collabora-online.constants");
+const _onlyofficeconstants = require("../../applications/files/modules/only-office/only-office.constants");
 const _webdavcontextdecorator = require("../../applications/webdav/decorators/webdav-context.decorator");
 const _authtokenskipdecorator = require("../decorators/auth-token-skip.decorator");
 function _ts_decorate(decorators, target, key, desc) {
@@ -37,11 +38,15 @@ let AuthTokenAccessGuard = class AuthTokenAccessGuard extends (0, _passport.Auth
             ctx.getHandler(),
             ctx.getClass()
         ]);
-        const onlyOfficeContext = this.reflector.getAllAndOverride(_onlyoffice.ONLY_OFFICE_CONTEXT, [
+        const onlyOfficeContext = this.reflector.getAllAndOverride(_onlyofficeconstants.ONLY_OFFICE_CONTEXT, [
             ctx.getHandler(),
             ctx.getClass()
         ]);
-        return authTokenSkip || webDAVContext || onlyOfficeContext || super.canActivate(ctx);
+        const collaboraOnlineContext = this.reflector.getAllAndOverride(_collaboraonlineconstants.COLLABORA_CONTEXT, [
+            ctx.getHandler(),
+            ctx.getClass()
+        ]);
+        return authTokenSkip || webDAVContext || onlyOfficeContext || collaboraOnlineContext || super.canActivate(ctx);
     }
     handleRequest(err, user, info, ctx, status) {
         const req = this.getRequest(ctx);

package/server/authentication/guards/auth-token-access.guard.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../backend/src/authentication/guards/auth-token-access.guard.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { ExecutionContext, Injectable, Logger } from '@nestjs/common'\nimport { Reflector } from '@nestjs/core'\nimport { AuthGuard, IAuthGuard } from '@nestjs/passport'\nimport { ~~ONLY_OFFICE_CONTEXT~~ } from '../../applications/files/constants/only-office'\nimport { WEB_DAV_CONTEXT } from '../../applications/webdav/decorators/webdav-context.decorator'\nimport { AUTH_TOKEN_SKIP } from '../decorators/auth-token-skip.decorator'\n\n@Injectable()\nexport class AuthTokenAccessGuard extends AuthGuard('tokenAccess') implements IAuthGuard {\n private readonly logger = new Logger(AuthTokenAccessGuard.name)\n\n constructor(private readonly reflector: Reflector) {\n super()\n }\n\n canActivate(ctx: ExecutionContext) {\n const authTokenSkip: boolean = this.reflector.getAllAndOverride<boolean>(AUTH_TOKEN_SKIP, [ctx.getHandler(), ctx.getClass()])\n const webDAVContext: boolean = this.reflector.getAllAndOverride<boolean>(WEB_DAV_CONTEXT, [ctx.getHandler(), ctx.getClass()])\n const onlyOfficeContext: boolean = this.reflector.getAllAndOverride<boolean>(ONLY_OFFICE_CONTEXT, [ctx.getHandler(), ctx.getClass()])\n return authTokenSkip \|\| webDAVContext \|\| onlyOfficeContext \|\| super.canActivate(ctx)\n }\n\n handleRequest<TUser = any>(err: any, user: any, info: Error, ctx: ExecutionContext, status?: any): TUser {\n const req = this.getRequest(ctx)\n req.raw.user = user?.login \|\| 'unauthorized'\n if (info) {\n this.logger.warn(`<${req.raw.user}> <${req.ip}> ${info}`)\n }\n return super.handleRequest(err, user, info, ctx, status)\n }\n}\n"],"names":["AuthTokenAccessGuard","AuthGuard","canActivate","ctx","authTokenSkip","reflector","getAllAndOverride","AUTH_TOKEN_SKIP","getHandler","getClass","webDAVContext","WEB_DAV_CONTEXT","onlyOfficeContext","ONLY_OFFICE_CONTEXT","handleRequest","err","user","info","status","req","getRequest","raw","login","logger","warn","ip","Logger","name"],"mappings":"AAAA;;;;CAIC;;;;+~~BAUYA~~;;;eAAAA;;;~~wBARwC~~;sBAC3B;0BACY;~~4BACF~~;wCACJ;wCACA;;;;;;;;;;AAGzB,IAAA,AAAMA,uBAAN,MAAMA,6BAA6BC,IAAAA,mBAAS,EAAC;IAOlDC,YAAYC,GAAqB,EAAE;QACjC,MAAMC,gBAAyB,IAAI,CAACC,SAAS,CAACC,iBAAiB,CAAUC,uCAAe,EAAE;YAACJ,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QAC5H,MAAMC,gBAAyB,IAAI,CAACL,SAAS,CAACC,iBAAiB,CAAUK,uCAAe,EAAE;YAACR,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QAC5H,MAAMG,oBAA6B,IAAI,CAACP,SAAS,CAACC,iBAAiB,CAAUO~~,+BAAmB~~,EAAE;YAACV,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QACpI,OAAOL,iBAAiBM,iBAAiBE,~~qBAAqB~~,KAAK,~~CAACV~~,YAAYC;~~IAClF~~;~~IAEAW~~,cAA2BC,GAAQ,EAAEC,IAAS,EAAEC,IAAW,~~EAAEd~~,GAAqB,~~EAAEe~~,MAAY,EAAS;QACvG,MAAMC,MAAM,IAAI,CAACC,UAAU,~~CAACjB~~;~~QAC5BgB~~,IAAIE,GAAG,CAACL,IAAI,GAAGA,MAAMM,SAAS;QAC9B,IAAIL,MAAM;YACR,IAAI,CAACM,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC,EAAEL,IAAIE,GAAG,CAACL,IAAI,CAAC,GAAG,EAAEG,IAAIM,EAAE,CAAC,EAAE,EAAER,MAAM;QAC1D;QACA,OAAO,KAAK,CAACH,cAAcC,KAAKC,MAAMC,~~MAAMd~~,~~KAAKe~~;IACnD;~~IAlBA~~,YAAY,~~AAAiBb~~,SAAoB,CAAE;QACjD,KAAK,SADsBA,YAAAA,~~gBAFZkB~~,SAAS,IAAIG,cAAM,~~CAAC1B~~,~~qBAAqB2B~~,IAAI;IAI9D;~~AAiBF~~"}
1	+ {"version":3,"sources":["../../../../backend/src/authentication/guards/auth-token-access.guard.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { ExecutionContext, Injectable, Logger } from '@nestjs/common'\nimport { Reflector } from '@nestjs/core'\nimport { AuthGuard, IAuthGuard } from '@nestjs/passport'\nimport { COLLABORA_CONTEXT } from '../../applications/files/modules/collabora-online/collabora-online.constants'\nimport { ONLY_OFFICE_CONTEXT } from '../../applications/files/modules/only-office/only-office.constants'\nimport { WEB_DAV_CONTEXT } from '../../applications/webdav/decorators/webdav-context.decorator'\nimport { AUTH_TOKEN_SKIP } from '../decorators/auth-token-skip.decorator'\n\n@Injectable()\nexport class AuthTokenAccessGuard extends AuthGuard('tokenAccess') implements IAuthGuard {\n private readonly logger = new Logger(AuthTokenAccessGuard.name)\n\n constructor(private readonly reflector: Reflector) {\n super()\n }\n\n canActivate(ctx: ExecutionContext) {\n const authTokenSkip: boolean = this.reflector.getAllAndOverride<boolean>(AUTH_TOKEN_SKIP, [ctx.getHandler(), ctx.getClass()])\n const webDAVContext: boolean = this.reflector.getAllAndOverride<boolean>(WEB_DAV_CONTEXT, [ctx.getHandler(), ctx.getClass()])\n const onlyOfficeContext: boolean = this.reflector.getAllAndOverride<boolean>(ONLY_OFFICE_CONTEXT, [ctx.getHandler(), ctx.getClass()])\n const collaboraOnlineContext: boolean = this.reflector.getAllAndOverride<boolean>(COLLABORA_CONTEXT, [ctx.getHandler(), ctx.getClass()])\n return authTokenSkip \|\| webDAVContext \|\| onlyOfficeContext \|\| collaboraOnlineContext \|\| super.canActivate(ctx)\n }\n\n handleRequest<TUser = any>(err: any, user: any, info: Error, ctx: ExecutionContext, status?: any): TUser {\n const req = this.getRequest(ctx)\n req.raw.user = user?.login \|\| 'unauthorized'\n if (info) {\n this.logger.warn(`<${req.raw.user}> <${req.ip}> ${info}`)\n }\n return super.handleRequest(err, user, info, ctx, status)\n }\n}\n"],"names":["AuthTokenAccessGuard","AuthGuard","canActivate","ctx","authTokenSkip","reflector","getAllAndOverride","AUTH_TOKEN_SKIP","getHandler","getClass","webDAVContext","WEB_DAV_CONTEXT","onlyOfficeContext","ONLY_OFFICE_CONTEXT","collaboraOnlineContext","COLLABORA_CONTEXT","handleRequest","err","user","info","status","req","getRequest","raw","login","logger","warn","ip","Logger","name"],"mappings":"AAAA;;;;CAIC;;;;+BAWYA;;;eAAAA;;;wBATwC;sBAC3B;0BACY;0CACJ;qCACE;wCACJ;wCACA;;;;;;;;;;AAGzB,IAAA,AAAMA,uBAAN,MAAMA,6BAA6BC,IAAAA,mBAAS,EAAC;IAOlDC,YAAYC,GAAqB,EAAE;QACjC,MAAMC,gBAAyB,IAAI,CAACC,SAAS,CAACC,iBAAiB,CAAUC,uCAAe,EAAE;YAACJ,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QAC5H,MAAMC,gBAAyB,IAAI,CAACL,SAAS,CAACC,iBAAiB,CAAUK,uCAAe,EAAE;YAACR,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QAC5H,MAAMG,oBAA6B,IAAI,CAACP,SAAS,CAACC,iBAAiB,CAAUO,wCAAmB,EAAE;YAACV,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QACpI,MAAMK,yBAAkC,IAAI,CAACT,SAAS,CAACC,iBAAiB,CAAUS,2CAAiB,EAAE;YAACZ,IAAIK,UAAU;YAAIL,IAAIM,QAAQ;SAAG;QACvI,OAAOL,iBAAiBM,iBAAiBE,qBAAqBE,0BAA0B,KAAK,CAACZ,YAAYC;IAC5G;IAEAa,cAA2BC,GAAQ,EAAEC,IAAS,EAAEC,IAAW,EAAEhB,GAAqB,EAAEiB,MAAY,EAAS;QACvG,MAAMC,MAAM,IAAI,CAACC,UAAU,CAACnB;QAC5BkB,IAAIE,GAAG,CAACL,IAAI,GAAGA,MAAMM,SAAS;QAC9B,IAAIL,MAAM;YACR,IAAI,CAACM,MAAM,CAACC,IAAI,CAAC,CAAC,CAAC,EAAEL,IAAIE,GAAG,CAACL,IAAI,CAAC,GAAG,EAAEG,IAAIM,EAAE,CAAC,EAAE,EAAER,MAAM;QAC1D;QACA,OAAO,KAAK,CAACH,cAAcC,KAAKC,MAAMC,MAAMhB,KAAKiB;IACnD;IAnBA,YAAY,AAAiBf,SAAoB,CAAE;QACjD,KAAK,SADsBA,YAAAA,gBAFZoB,SAAS,IAAIG,cAAM,CAAC5B,qBAAqB6B,IAAI;IAI9D;AAkBF"}

package/server/authentication/services/auth-methods/auth-method-two-fa.service.js CHANGED Viewed

@@ -116,7 +116,7 @@ let AuthMethod2FA = class AuthMethod2FA {
     async loadUser(userId, ip) {
         const user = await this.usersManager.fromUserId(userId);
         if (!user) {
-            this.logger.warn(`User *${user.login}* (${user.id}) not found`);
+            this.logger.warn(`User ${userId} (${ip}) not found`);
             throw new _common.HttpException(`User not found`, _common.HttpStatus.NOT_FOUND);
         }
         this.usersManager.validateUserAccess(user, ip);

package/server/authentication/services/auth-methods/auth-method-two-fa.service.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../../../../backend/src/authentication/services/auth-methods/auth-method-two-fa.service.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n /\n\nimport { HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { Totp } from 'time2fa'\nimport { NOTIFICATION_APP, NOTIFICATION_APP_EVENT } from '../../../applications/notifications/constants/notifications'\nimport { NotificationContent } from '../../../applications/notifications/interfaces/notification-properties.interface'\nimport { NotificationsManager } from '../../../applications/notifications/services/notifications-manager.service'\nimport { UserModel } from '../../../applications/users/models/user.model'\nimport { UsersManager } from '../../../applications/users/services/users-manager.service'\nimport { ACTION } from '../../../common/constants'\nimport { generateShortUUID } from '../../../common/functions'\nimport { qrcodeToDataURL } from '../../../common/qrcode'\nimport { configuration } from '../../../configuration/config.environment'\nimport { Cache } from '../../../infrastructure/cache/services/cache.service'\nimport { TWO_FA_CODE_LENGTH } from '../../constants/auth'\nimport { TwoFaVerifyDto, TwoFaVerifyWithPasswordDto } from '../../dto/two-fa-verify.dto'\nimport { FastifyAuthenticatedRequest } from '../../interfaces/auth-request.interface'\nimport { TwoFaEnableResult, TwoFaSetup, TwoFaVerifyResult } from '../../interfaces/two-fa-setup.interface'\nimport { decryptSecret, encryptSecret } from '../../utils/crypt-secret'\n\n@Injectable()\nexport class AuthMethod2FA {\n private readonly logger = new Logger(AuthMethod2FA.name)\n private readonly cacheKeyPrefix = 'auth-2fa-pending-user-'\n\n constructor(\n private readonly cache: Cache,\n private readonly usersManager: UsersManager,\n private readonly notificationsManager: NotificationsManager\n ) {}\n\n async initTwoFactor(user: UserModel): Promise<TwoFaSetup> {\n const { secret, qrDataUrl } = this.generateSecretAndQr(user.email)\n // store encrypted secret in cache for 5 minutes\n await this.cache.set(this.getCacheKey(user.id), this.encryptSecret(secret), 300)\n return { secret, qrDataUrl }\n }\n\n async enableTwoFactor(body: TwoFaVerifyWithPasswordDto, req: FastifyAuthenticatedRequest): Promise<TwoFaEnableResult> {\n // retrieve encrypted secret from cache\n const secret: string = await this.cache.get(this.getCacheKey(req.user.id))\n if (!secret) {\n throw new HttpException('The secret has expired', HttpStatus.BAD_REQUEST)\n }\n // load user\n const [auth, user] = await this.verify(body, req, true, secret)\n if (!auth.success) {\n throw new HttpException(auth.message, HttpStatus.FORBIDDEN)\n }\n // verify user password\n await this.verifyUserPassword(user, body.password, req.ip)\n // generate recovery codes\n const recoveryCodes = this.generateRecoveryCodes()\n // store and enable TwoFA & recovery codes\n await this.usersManager.updateSecrets(user.id, {\n twoFaSecret: secret,\n recoveryCodes: recoveryCodes.map((code) => this.encryptSecret(code))\n })\n this.sendEmailNotification(req, ACTION.ADD)\n return { ...auth, recoveryCodes: recoveryCodes }\n }\n\n async disableTwoFactor(body: TwoFaVerifyWithPasswordDto, req: FastifyAuthenticatedRequest): Promise<TwoFaVerifyResult> {\n // load user\n const [auth, user] = await this.verify(body, req, true)\n if (!auth.success) {\n throw new HttpException(auth.message, HttpStatus.FORBIDDEN)\n }\n // verify user password\n await this.verifyUserPassword(user, body.password, req.ip)\n // store and disable TwoFA & recovery codes\n await this.usersManager.updateSecrets(user.id, { twoFaSecret: undefined, recoveryCodes: undefined })\n this.sendEmailNotification(req, ACTION.DELETE)\n return auth\n }\n\n async verify(verifyDto: TwoFaVerifyDto, req: FastifyAuthenticatedRequest, fromLogin?: false, secret?: string): Promise<TwoFaVerifyResult>\n async verify(verifyDto: TwoFaVerifyDto, req: FastifyAuthenticatedRequest, fromLogin: true, secret?: string): Promise<[TwoFaVerifyResult, UserModel]>\n async verify(\n verifyDto: TwoFaVerifyDto,\n req: FastifyAuthenticatedRequest,\n fromLogin = false,\n secret?: string\n ): Promise<TwoFaVerifyResult \| [TwoFaVerifyResult, UserModel]> {\n const user = await this.loadUser(req.user.id, req.ip)\n secret = secret \|\| user.secrets.twoFaSecret\n const auth = verifyDto.isRecoveryCode\n ? await this.validateRecoveryCode(req.user.id, verifyDto.code, user.secrets.recoveryCodes)\n : this.validateTwoFactorCode(verifyDto.code, secret)\n this.usersManager.updateAccesses(user, req.ip, auth.success, true).catch((e: Error) => this.logger.error(`${this.verify.name} - ${e}`))\n return fromLogin ? [auth, user] : auth\n }\n\n async adminResetUserTwoFa(userId: number) {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n try {\n await this.usersManager.updateSecrets(userId, { twoFaSecret: undefined, recoveryCodes: undefined })\n auth.success = true\n } catch (e) {\n auth.success = false\n auth.message = e.message\n this.logger.error(`${this.adminResetUserTwoFa.name} - ${e}`)\n }\n return auth\n }\n\n async loadUser(userId: number, ip: string) {\n const user: UserModel = await this.usersManager.fromUserId(userId)\n if (!user) {\n this.logger.warn(`User ${user.login}* (${user.id}) not found`)\n throw new HttpException(`User not found`, HttpStatus.NOT_FOUND)\n }\n this.usersManager.validateUserAccess(user, ip)\n return user\n }\n\n async verifyUserPassword(user: UserModel, password: string, ip: string) {\n // This function works with any authentication method, provided that\n // the authentication service implements proper user password updates in the database.\n if (!(await this.usersManager.compareUserPassword(user.id, password))) {\n this.usersManager.updateAccesses(user, ip, false, true).catch((e: Error) => this.logger.error(`${this.enableTwoFactor.name} - ${e}`))\n throw new HttpException('Incorrect code or password', HttpStatus.BAD_REQUEST)\n }\n }\n\n validateTwoFactorCode(code: string, encryptedSecret: string): TwoFaVerifyResult {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n if (!encryptedSecret) {\n auth.message = 'Incorrect code or password'\n return auth\n }\n try {\n auth.success = Totp.validate({ passcode: code, secret: this.decryptSecret(encryptedSecret), drift: 1 })\n if (!auth.success) auth.message = 'Incorrect code or password'\n } catch (e) {\n this.logger.error(`${this.validateTwoFactorCode.name} - ${e}`)\n auth.message = e.message\n }\n return auth\n }\n\n private async validateRecoveryCode(userId: number, code: string, encryptedCodes: string[]): Promise<TwoFaVerifyResult> {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n if (!encryptedCodes \|\| encryptedCodes.length === 0) {\n auth.message = 'Invalid code'\n } else {\n try {\n for (const encCode of encryptedCodes) {\n if (code === this.decryptSecret(encCode)) {\n auth.success = true\n // removed used code\n encryptedCodes.splice(encryptedCodes.indexOf(encCode), 1)\n break\n }\n }\n if (auth.success) {\n // update recovery codes\n await this.usersManager.updateSecrets(userId, { recoveryCodes: encryptedCodes })\n } else {\n auth.message = 'Invalid code'\n }\n } catch (e) {\n this.logger.error(`${this.validateRecoveryCode.name} - ${e}`)\n auth.message = e.message\n }\n }\n return auth\n }\n\n private generateSecretAndQr(userEmail: string): TwoFaSetup {\n // Generate secret + otpauth URL + QR (DataURL)\n // Totp.generateKey returns { issuer, user, config, secret, url }\n const key = Totp.generateKey({ issuer: configuration.auth.mfa.totp.issuer, user: userEmail }, { digits: TWO_FA_CODE_LENGTH })\n const qrDataUrl = qrcodeToDataURL(key.url)\n return { secret: key.secret, qrDataUrl: qrDataUrl }\n }\n\n private getCacheKey(userId: number): string {\n return `${this.cacheKeyPrefix}${userId}`\n }\n\n private encryptSecret(secret: string): string {\n if (configuration.auth.encryptionKey) {\n return encryptSecret(secret, configuration.auth.encryptionKey)\n }\n return secret\n }\n\n private decryptSecret(secret: string): string {\n if (configuration.auth.encryptionKey) {\n return decryptSecret(secret, configuration.auth.encryptionKey)\n }\n return secret\n }\n\n private generateRecoveryCodes(count = 5): string[] {\n return Array.from({ length: count }, () => generateShortUUID())\n }\n\n private sendEmailNotification(req: FastifyAuthenticatedRequest, action: ACTION) {\n const notification: NotificationContent = {\n app: NOTIFICATION_APP.AUTH_2FA,\n event: NOTIFICATION_APP_EVENT.AUTH_2FA[action],\n element: req.headers['user-agent'],\n url: req.ip\n }\n this.notificationsManager\n .sendEmailNotification([req.user], notification)\n .catch((e: Error) => this.logger.error(`${this.sendEmailNotification.name} - ${e}`))\n }\n}\n"],"names":["AuthMethod2FA","initTwoFactor","user","secret","qrDataUrl","generateSecretAndQr","email","cache","set","getCacheKey","id","encryptSecret","enableTwoFactor","body","req","get","HttpException","HttpStatus","BAD_REQUEST","auth","verify","success","message","FORBIDDEN","verifyUserPassword","password","ip","recoveryCodes","generateRecoveryCodes","usersManager","updateSecrets","twoFaSecret","map","code","sendEmailNotification","ACTION","ADD","disableTwoFactor","undefined","DELETE","verifyDto","fromLogin","loadUser","secrets","isRecoveryCode","validateRecoveryCode","validateTwoFactorCode","updateAccesses","catch","e","logger","error","name","adminResetUserTwoFa","userId","fromUserId","warn","login","NOT_FOUND","validateUserAccess","compareUserPassword","encryptedSecret","Totp","validate","passcode","decryptSecret","drift","encryptedCodes","length","encCode","splice","indexOf","userEmail","key","generateKey","issuer","configuration","mfa","totp","digits","TWO_FA_CODE_LENGTH","qrcodeToDataURL","url","cacheKeyPrefix","encryptionKey","count","Array","from","generateShortUUID","action","notification","app","NOTIFICATION_APP","AUTH_2FA","event","NOTIFICATION_APP_EVENT","element","headers","notificationsManager","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAqBYA;;;eAAAA;;;wBAnBiD;yBACzC;+BACoC;6CAEpB;qCAER;2BACN;2BACW;wBACF;mCACF;8BACR;sBACa;6BAIU;;;;;;;;;;AAGtC,IAAA,AAAMA,gBAAN,MAAMA;IAUX,MAAMC,cAAcC,IAAe,EAAuB;QACxD,MAAM,EAAEC,MAAM,EAAEC,SAAS,EAAE,GAAG,IAAI,CAACC,mBAAmB,CAACH,KAAKI,KAAK;QACjE,gDAAgD;QAChD,MAAM,IAAI,CAACC,KAAK,CAACC,GAAG,CAAC,IAAI,CAACC,WAAW,CAACP,KAAKQ,EAAE,GAAG,IAAI,CAACC,aAAa,CAACR,SAAS;QAC5E,OAAO;YAAEA;YAAQC;QAAU;IAC7B;IAEA,MAAMQ,gBAAgBC,IAAgC,EAAEC,GAAgC,EAA8B;QACpH,uCAAuC;QACvC,MAAMX,SAAiB,MAAM,IAAI,CAACI,KAAK,CAACQ,GAAG,CAAC,IAAI,CAACN,WAAW,CAACK,IAAIZ,IAAI,CAACQ,EAAE;QACxE,IAAI,CAACP,QAAQ;YACX,MAAM,IAAIa,qBAAa,CAAC,0BAA0BC,kBAAU,CAACC,WAAW;QAC1E;QACA,YAAY;QACZ,MAAM,CAACC,MAAMjB,KAAK,GAAG,MAAM,IAAI,CAACkB,MAAM,CAACP,MAAMC,KAAK,MAAMX;QACxD,IAAI,CAACgB,KAAKE,OAAO,EAAE;YACjB,MAAM,IAAIL,qBAAa,CAACG,KAAKG,OAAO,EAAEL,kBAAU,CAACM,SAAS;QAC5D;QACA,uBAAuB;QACvB,MAAM,IAAI,CAACC,kBAAkB,CAACtB,MAAMW,KAAKY,QAAQ,EAAEX,IAAIY,EAAE;QACzD,0BAA0B;QAC1B,MAAMC,gBAAgB,IAAI,CAACC,qBAAqB;QAChD,0CAA0C;QAC1C,MAAM,IAAI,CAACC,YAAY,CAACC,aAAa,CAAC5B,KAAKQ,EAAE,EAAE;YAC7CqB,aAAa5B;YACbwB,eAAeA,cAAcK,GAAG,CAAC,CAACC,OAAS,IAAI,CAACtB,aAAa,CAACsB;QAChE;QACA,IAAI,CAACC,qBAAqB,CAACpB,KAAKqB,iBAAM,CAACC,GAAG;QAC1C,OAAO;YAAE,GAAGjB,IAAI;YAAEQ,eAAeA;QAAc;IACjD;IAEA,MAAMU,iBAAiBxB,IAAgC,EAAEC,GAAgC,EAA8B;QACrH,YAAY;QACZ,MAAM,CAACK,MAAMjB,KAAK,GAAG,MAAM,IAAI,CAACkB,MAAM,CAACP,MAAMC,KAAK;QAClD,IAAI,CAACK,KAAKE,OAAO,EAAE;YACjB,MAAM,IAAIL,qBAAa,CAACG,KAAKG,OAAO,EAAEL,kBAAU,CAACM,SAAS;QAC5D;QACA,uBAAuB;QACvB,MAAM,IAAI,CAACC,kBAAkB,CAACtB,MAAMW,KAAKY,QAAQ,EAAEX,IAAIY,EAAE;QACzD,2CAA2C;QAC3C,MAAM,IAAI,CAACG,YAAY,CAACC,aAAa,CAAC5B,KAAKQ,EAAE,EAAE;YAAEqB,aAAaO;YAAWX,eAAeW;QAAU;QAClG,IAAI,CAACJ,qBAAqB,CAACpB,KAAKqB,iBAAM,CAACI,MAAM;QAC7C,OAAOpB;IACT;IAIA,MAAMC,OACJoB,SAAyB,EACzB1B,GAAgC,EAChC2B,YAAY,KAAK,EACjBtC,MAAe,EAC8C;QAC7D,MAAMD,OAAO,MAAM,IAAI,CAACwC,QAAQ,CAAC5B,IAAIZ,IAAI,CAACQ,EAAE,EAAEI,IAAIY,EAAE;QACpDvB,SAASA,UAAUD,KAAKyC,OAAO,CAACZ,WAAW;QAC3C,MAAMZ,OAAOqB,UAAUI,cAAc,GACjC,MAAM,IAAI,CAACC,oBAAoB,CAAC/B,IAAIZ,IAAI,CAACQ,EAAE,EAAE8B,UAAUP,IAAI,EAAE/B,KAAKyC,OAAO,CAAChB,aAAa,IACvF,IAAI,CAACmB,qBAAqB,CAACN,UAAUP,IAAI,EAAE9B;QAC/C,IAAI,CAAC0B,YAAY,CAACkB,cAAc,CAAC7C,MAAMY,IAAIY,EAAE,EAAEP,KAAKE,OAAO,EAAE,MAAM2B,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAAC/B,MAAM,CAACgC,IAAI,CAAC,GAAG,EAAEH,GAAG;QACrI,OAAOR,YAAY;YAACtB;YAAMjB;SAAK,GAAGiB;IACpC;IAEA,MAAMkC,oBAAoBC,MAAc,EAAE;QACxC,MAAMnC,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI;YACF,MAAM,IAAI,CAACO,YAAY,CAACC,aAAa,CAACwB,QAAQ;gBAAEvB,aAAaO;gBAAWX,eAAeW;YAAU;YACjGnB,KAAKE,OAAO,GAAG;QACjB,EAAE,OAAO4B,GAAG;YACV9B,KAAKE,OAAO,GAAG;YACfF,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;YACxB,IAAI,CAAC4B,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACE,mBAAmB,CAACD,IAAI,CAAC,GAAG,EAAEH,GAAG;QAC7D;QACA,OAAO9B;IACT;IAEA,MAAMuB,SAASY,MAAc,EAAE5B,EAAU,EAAE;QACzC,MAAMxB,OAAkB,MAAM,IAAI,CAAC2B,YAAY,CAAC0B,UAAU,CAACD;QAC3D,IAAI,CAACpD,MAAM;YACT,IAAI,CAACgD,MAAM,CAACM,IAAI,CAAC,CAAC,MAAM,EAAEtD,KAAKuD,KAAK,CAAC,GAAG,EAAEvD,KAAKQ,EAAE,CAAC,WAAW,CAAC;YAC9D,MAAM,IAAIM,qBAAa,CAAC,CAAC,cAAc,CAAC,EAAEC,kBAAU,CAACyC,SAAS;QAChE;QACA,IAAI,CAAC7B,YAAY,CAAC8B,kBAAkB,CAACzD,MAAMwB;QAC3C,OAAOxB;IACT;IAEA,MAAMsB,mBAAmBtB,IAAe,EAAEuB,QAAgB,EAAEC,EAAU,EAAE;QACtE,oEAAoE;QACpE,sFAAsF;QACtF,IAAI,CAAE,MAAM,IAAI,CAACG,YAAY,CAAC+B,mBAAmB,CAAC1D,KAAKQ,EAAE,EAAEe,WAAY;YACrE,IAAI,CAACI,YAAY,CAACkB,cAAc,CAAC7C,MAAMwB,IAAI,OAAO,MAAMsB,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACvC,eAAe,CAACwC,IAAI,CAAC,GAAG,EAAEH,GAAG;YACnI,MAAM,IAAIjC,qBAAa,CAAC,8BAA8BC,kBAAU,CAACC,WAAW;QAC9E;IACF;IAEA4B,sBAAsBb,IAAY,EAAE4B,eAAuB,EAAqB;QAC9E,MAAM1C,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI,CAACuC,iBAAiB;YACpB1C,KAAKG,OAAO,GAAG;YACf,OAAOH;QACT;QACA,IAAI;YACFA,KAAKE,OAAO,GAAGyC,aAAI,CAACC,QAAQ,CAAC;gBAAEC,UAAU/B;gBAAM9B,QAAQ,IAAI,CAAC8D,aAAa,CAACJ;gBAAkBK,OAAO;YAAE;YACrG,IAAI,CAAC/C,KAAKE,OAAO,EAAEF,KAAKG,OAAO,GAAG;QACpC,EAAE,OAAO2B,GAAG;YACV,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACL,qBAAqB,CAACM,IAAI,CAAC,GAAG,EAAEH,GAAG;YAC7D9B,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;QAC1B;QACA,OAAOH;IACT;IAEA,MAAc0B,qBAAqBS,MAAc,EAAErB,IAAY,EAAEkC,cAAwB,EAA8B;QACrH,MAAMhD,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI,CAAC6C,kBAAkBA,eAAeC,MAAM,KAAK,GAAG;YAClDjD,KAAKG,OAAO,GAAG;QACjB,OAAO;YACL,IAAI;gBACF,KAAK,MAAM+C,WAAWF,eAAgB;oBACpC,IAAIlC,SAAS,IAAI,CAACgC,aAAa,CAACI,UAAU;wBACxClD,KAAKE,OAAO,GAAG;wBACf,oBAAoB;wBACpB8C,eAAeG,MAAM,CAACH,eAAeI,OAAO,CAACF,UAAU;wBACvD;oBACF;gBACF;gBACA,IAAIlD,KAAKE,OAAO,EAAE;oBAChB,wBAAwB;oBACxB,MAAM,IAAI,CAACQ,YAAY,CAACC,aAAa,CAACwB,QAAQ;wBAAE3B,eAAewC;oBAAe;gBAChF,OAAO;oBACLhD,KAAKG,OAAO,GAAG;gBACjB;YACF,EAAE,OAAO2B,GAAG;gBACV,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACN,oBAAoB,CAACO,IAAI,CAAC,GAAG,EAAEH,GAAG;gBAC5D9B,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;YAC1B;QACF;QACA,OAAOH;IACT;IAEQd,oBAAoBmE,SAAiB,EAAc;QACzD,+CAA+C;QAC/C,iEAAiE;QACjE,MAAMC,MAAMX,aAAI,CAACY,WAAW,CAAC;YAAEC,QAAQC,gCAAa,CAACzD,IAAI,CAAC0D,GAAG,CAACC,IAAI,CAACH,MAAM;YAAEzE,MAAMsE;QAAU,GAAG;YAAEO,QAAQC,wBAAkB;QAAC;QAC3H,MAAM5E,YAAY6E,IAAAA,uBAAe,EAACR,IAAIS,GAAG;QACzC,OAAO;YAAE/E,QAAQsE,IAAItE,MAAM;YAAEC,WAAWA;QAAU;IACpD;IAEQK,YAAY6C,MAAc,EAAU;QAC1C,OAAO,GAAG,IAAI,CAAC6B,cAAc,GAAG7B,QAAQ;IAC1C;IAEQ3C,cAAcR,MAAc,EAAU;QAC5C,IAAIyE,gCAAa,CAACzD,IAAI,CAACiE,aAAa,EAAE;YACpC,OAAOzE,IAAAA,0BAAa,EAACR,QAAQyE,gCAAa,CAACzD,IAAI,CAACiE,aAAa;QAC/D;QACA,OAAOjF;IACT;IAEQ8D,cAAc9D,MAAc,EAAU;QAC5C,IAAIyE,gCAAa,CAACzD,IAAI,CAACiE,aAAa,EAAE;YACpC,OAAOnB,IAAAA,0BAAa,EAAC9D,QAAQyE,gCAAa,CAACzD,IAAI,CAACiE,aAAa;QAC/D;QACA,OAAOjF;IACT;IAEQyB,sBAAsByD,QAAQ,CAAC,EAAY;QACjD,OAAOC,MAAMC,IAAI,CAAC;YAAEnB,QAAQiB;QAAM,GAAG,IAAMG,IAAAA,4BAAiB;IAC9D;IAEQtD,sBAAsBpB,GAAgC,EAAE2E,MAAc,EAAE;QAC9E,MAAMC,eAAoC;YACxCC,KAAKC,+BAAgB,CAACC,QAAQ;YAC9BC,OAAOC,qCAAsB,CAACF,QAAQ,CAACJ,OAAO;YAC9CO,SAASlF,IAAImF,OAAO,CAAC,aAAa;YAClCf,KAAKpE,IAAIY,EAAE;QACb;QACA,IAAI,CAACwE,oBAAoB,CACtBhE,qBAAqB,CAAC;YAACpB,IAAIZ,IAAI;SAAC,EAAEwF,cAClC1C,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACjB,qBAAqB,CAACkB,IAAI,CAAC,GAAG,EAAEH,GAAG;IACtF;IAxLA,YACE,AAAiB1C,KAAY,EAC7B,AAAiBsB,YAA0B,EAC3C,AAAiBqE,oBAA0C,CAC3D;aAHiB3F,QAAAA;aACAsB,eAAAA;aACAqE,uBAAAA;aANFhD,SAAS,IAAIiD,cAAM,CAACnG,cAAcoD,IAAI;aACtC+B,iBAAiB;IAM/B;AAqLL"}
1	+ {"version":3,"sources":["../../../../../backend/src/authentication/services/auth-methods/auth-method-two-fa.service.ts"],"sourcesContent":["/\n Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in \| The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { Totp } from 'time2fa'\nimport { NOTIFICATION_APP, NOTIFICATION_APP_EVENT } from '../../../applications/notifications/constants/notifications'\nimport { NotificationContent } from '../../../applications/notifications/interfaces/notification-properties.interface'\nimport { NotificationsManager } from '../../../applications/notifications/services/notifications-manager.service'\nimport { UserModel } from '../../../applications/users/models/user.model'\nimport { UsersManager } from '../../../applications/users/services/users-manager.service'\nimport { ACTION } from '../../../common/constants'\nimport { generateShortUUID } from '../../../common/functions'\nimport { qrcodeToDataURL } from '../../../common/qrcode'\nimport { configuration } from '../../../configuration/config.environment'\nimport { Cache } from '../../../infrastructure/cache/services/cache.service'\nimport { TWO_FA_CODE_LENGTH } from '../../constants/auth'\nimport { TwoFaVerifyDto, TwoFaVerifyWithPasswordDto } from '../../dto/two-fa-verify.dto'\nimport { FastifyAuthenticatedRequest } from '../../interfaces/auth-request.interface'\nimport { TwoFaEnableResult, TwoFaSetup, TwoFaVerifyResult } from '../../interfaces/two-fa-setup.interface'\nimport { decryptSecret, encryptSecret } from '../../utils/crypt-secret'\n\n@Injectable()\nexport class AuthMethod2FA {\n private readonly logger = new Logger(AuthMethod2FA.name)\n private readonly cacheKeyPrefix = 'auth-2fa-pending-user-'\n\n constructor(\n private readonly cache: Cache,\n private readonly usersManager: UsersManager,\n private readonly notificationsManager: NotificationsManager\n ) {}\n\n async initTwoFactor(user: UserModel): Promise<TwoFaSetup> {\n const { secret, qrDataUrl } = this.generateSecretAndQr(user.email)\n // store encrypted secret in cache for 5 minutes\n await this.cache.set(this.getCacheKey(user.id), this.encryptSecret(secret), 300)\n return { secret, qrDataUrl }\n }\n\n async enableTwoFactor(body: TwoFaVerifyWithPasswordDto, req: FastifyAuthenticatedRequest): Promise<TwoFaEnableResult> {\n // retrieve encrypted secret from cache\n const secret: string = await this.cache.get(this.getCacheKey(req.user.id))\n if (!secret) {\n throw new HttpException('The secret has expired', HttpStatus.BAD_REQUEST)\n }\n // load user\n const [auth, user] = await this.verify(body, req, true, secret)\n if (!auth.success) {\n throw new HttpException(auth.message, HttpStatus.FORBIDDEN)\n }\n // verify user password\n await this.verifyUserPassword(user, body.password, req.ip)\n // generate recovery codes\n const recoveryCodes = this.generateRecoveryCodes()\n // store and enable TwoFA & recovery codes\n await this.usersManager.updateSecrets(user.id, {\n twoFaSecret: secret,\n recoveryCodes: recoveryCodes.map((code) => this.encryptSecret(code))\n })\n this.sendEmailNotification(req, ACTION.ADD)\n return { ...auth, recoveryCodes: recoveryCodes }\n }\n\n async disableTwoFactor(body: TwoFaVerifyWithPasswordDto, req: FastifyAuthenticatedRequest): Promise<TwoFaVerifyResult> {\n // load user\n const [auth, user] = await this.verify(body, req, true)\n if (!auth.success) {\n throw new HttpException(auth.message, HttpStatus.FORBIDDEN)\n }\n // verify user password\n await this.verifyUserPassword(user, body.password, req.ip)\n // store and disable TwoFA & recovery codes\n await this.usersManager.updateSecrets(user.id, { twoFaSecret: undefined, recoveryCodes: undefined })\n this.sendEmailNotification(req, ACTION.DELETE)\n return auth\n }\n\n async verify(verifyDto: TwoFaVerifyDto, req: FastifyAuthenticatedRequest, fromLogin?: false, secret?: string): Promise<TwoFaVerifyResult>\n async verify(verifyDto: TwoFaVerifyDto, req: FastifyAuthenticatedRequest, fromLogin: true, secret?: string): Promise<[TwoFaVerifyResult, UserModel]>\n async verify(\n verifyDto: TwoFaVerifyDto,\n req: FastifyAuthenticatedRequest,\n fromLogin = false,\n secret?: string\n ): Promise<TwoFaVerifyResult \| [TwoFaVerifyResult, UserModel]> {\n const user = await this.loadUser(req.user.id, req.ip)\n secret = secret \|\| user.secrets.twoFaSecret\n const auth = verifyDto.isRecoveryCode\n ? await this.validateRecoveryCode(req.user.id, verifyDto.code, user.secrets.recoveryCodes)\n : this.validateTwoFactorCode(verifyDto.code, secret)\n this.usersManager.updateAccesses(user, req.ip, auth.success, true).catch((e: Error) => this.logger.error(`${this.verify.name} - ${e}`))\n return fromLogin ? [auth, user] : auth\n }\n\n async adminResetUserTwoFa(userId: number) {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n try {\n await this.usersManager.updateSecrets(userId, { twoFaSecret: undefined, recoveryCodes: undefined })\n auth.success = true\n } catch (e) {\n auth.success = false\n auth.message = e.message\n this.logger.error(`${this.adminResetUserTwoFa.name} - ${e}`)\n }\n return auth\n }\n\n async loadUser(userId: number, ip: string) {\n const user: UserModel = await this.usersManager.fromUserId(userId)\n if (!user) {\n this.logger.warn(`User ${userId} (${ip}) not found`)\n throw new HttpException(`User not found`, HttpStatus.NOT_FOUND)\n }\n this.usersManager.validateUserAccess(user, ip)\n return user\n }\n\n async verifyUserPassword(user: UserModel, password: string, ip: string) {\n // This function works with any authentication method, provided that\n // the authentication service implements proper user password updates in the database.\n if (!(await this.usersManager.compareUserPassword(user.id, password))) {\n this.usersManager.updateAccesses(user, ip, false, true).catch((e: Error) => this.logger.error(`${this.enableTwoFactor.name} - ${e}`))\n throw new HttpException('Incorrect code or password', HttpStatus.BAD_REQUEST)\n }\n }\n\n validateTwoFactorCode(code: string, encryptedSecret: string): TwoFaVerifyResult {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n if (!encryptedSecret) {\n auth.message = 'Incorrect code or password'\n return auth\n }\n try {\n auth.success = Totp.validate({ passcode: code, secret: this.decryptSecret(encryptedSecret), drift: 1 })\n if (!auth.success) auth.message = 'Incorrect code or password'\n } catch (e) {\n this.logger.error(`${this.validateTwoFactorCode.name} - ${e}`)\n auth.message = e.message\n }\n return auth\n }\n\n private async validateRecoveryCode(userId: number, code: string, encryptedCodes: string[]): Promise<TwoFaVerifyResult> {\n const auth: TwoFaVerifyResult = { success: false, message: '' }\n if (!encryptedCodes \|\| encryptedCodes.length === 0) {\n auth.message = 'Invalid code'\n } else {\n try {\n for (const encCode of encryptedCodes) {\n if (code === this.decryptSecret(encCode)) {\n auth.success = true\n // removed used code\n encryptedCodes.splice(encryptedCodes.indexOf(encCode), 1)\n break\n }\n }\n if (auth.success) {\n // update recovery codes\n await this.usersManager.updateSecrets(userId, { recoveryCodes: encryptedCodes })\n } else {\n auth.message = 'Invalid code'\n }\n } catch (e) {\n this.logger.error(`${this.validateRecoveryCode.name} - ${e}`)\n auth.message = e.message\n }\n }\n return auth\n }\n\n private generateSecretAndQr(userEmail: string): TwoFaSetup {\n // Generate secret + otpauth URL + QR (DataURL)\n // Totp.generateKey returns { issuer, user, config, secret, url }\n const key = Totp.generateKey({ issuer: configuration.auth.mfa.totp.issuer, user: userEmail }, { digits: TWO_FA_CODE_LENGTH })\n const qrDataUrl = qrcodeToDataURL(key.url)\n return { secret: key.secret, qrDataUrl: qrDataUrl }\n }\n\n private getCacheKey(userId: number): string {\n return `${this.cacheKeyPrefix}${userId}`\n }\n\n private encryptSecret(secret: string): string {\n if (configuration.auth.encryptionKey) {\n return encryptSecret(secret, configuration.auth.encryptionKey)\n }\n return secret\n }\n\n private decryptSecret(secret: string): string {\n if (configuration.auth.encryptionKey) {\n return decryptSecret(secret, configuration.auth.encryptionKey)\n }\n return secret\n }\n\n private generateRecoveryCodes(count = 5): string[] {\n return Array.from({ length: count }, () => generateShortUUID())\n }\n\n private sendEmailNotification(req: FastifyAuthenticatedRequest, action: ACTION) {\n const notification: NotificationContent = {\n app: NOTIFICATION_APP.AUTH_2FA,\n event: NOTIFICATION_APP_EVENT.AUTH_2FA[action],\n element: req.headers['user-agent'],\n url: req.ip\n }\n this.notificationsManager\n .sendEmailNotification([req.user], notification)\n .catch((e: Error) => this.logger.error(`${this.sendEmailNotification.name} - ${e}`))\n }\n}\n"],"names":["AuthMethod2FA","initTwoFactor","user","secret","qrDataUrl","generateSecretAndQr","email","cache","set","getCacheKey","id","encryptSecret","enableTwoFactor","body","req","get","HttpException","HttpStatus","BAD_REQUEST","auth","verify","success","message","FORBIDDEN","verifyUserPassword","password","ip","recoveryCodes","generateRecoveryCodes","usersManager","updateSecrets","twoFaSecret","map","code","sendEmailNotification","ACTION","ADD","disableTwoFactor","undefined","DELETE","verifyDto","fromLogin","loadUser","secrets","isRecoveryCode","validateRecoveryCode","validateTwoFactorCode","updateAccesses","catch","e","logger","error","name","adminResetUserTwoFa","userId","fromUserId","warn","NOT_FOUND","validateUserAccess","compareUserPassword","encryptedSecret","Totp","validate","passcode","decryptSecret","drift","encryptedCodes","length","encCode","splice","indexOf","userEmail","key","generateKey","issuer","configuration","mfa","totp","digits","TWO_FA_CODE_LENGTH","qrcodeToDataURL","url","cacheKeyPrefix","encryptionKey","count","Array","from","generateShortUUID","action","notification","app","NOTIFICATION_APP","AUTH_2FA","event","NOTIFICATION_APP_EVENT","element","headers","notificationsManager","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAqBYA;;;eAAAA;;;wBAnBiD;yBACzC;+BACoC;6CAEpB;qCAER;2BACN;2BACW;wBACF;mCACF;8BACR;sBACa;6BAIU;;;;;;;;;;AAGtC,IAAA,AAAMA,gBAAN,MAAMA;IAUX,MAAMC,cAAcC,IAAe,EAAuB;QACxD,MAAM,EAAEC,MAAM,EAAEC,SAAS,EAAE,GAAG,IAAI,CAACC,mBAAmB,CAACH,KAAKI,KAAK;QACjE,gDAAgD;QAChD,MAAM,IAAI,CAACC,KAAK,CAACC,GAAG,CAAC,IAAI,CAACC,WAAW,CAACP,KAAKQ,EAAE,GAAG,IAAI,CAACC,aAAa,CAACR,SAAS;QAC5E,OAAO;YAAEA;YAAQC;QAAU;IAC7B;IAEA,MAAMQ,gBAAgBC,IAAgC,EAAEC,GAAgC,EAA8B;QACpH,uCAAuC;QACvC,MAAMX,SAAiB,MAAM,IAAI,CAACI,KAAK,CAACQ,GAAG,CAAC,IAAI,CAACN,WAAW,CAACK,IAAIZ,IAAI,CAACQ,EAAE;QACxE,IAAI,CAACP,QAAQ;YACX,MAAM,IAAIa,qBAAa,CAAC,0BAA0BC,kBAAU,CAACC,WAAW;QAC1E;QACA,YAAY;QACZ,MAAM,CAACC,MAAMjB,KAAK,GAAG,MAAM,IAAI,CAACkB,MAAM,CAACP,MAAMC,KAAK,MAAMX;QACxD,IAAI,CAACgB,KAAKE,OAAO,EAAE;YACjB,MAAM,IAAIL,qBAAa,CAACG,KAAKG,OAAO,EAAEL,kBAAU,CAACM,SAAS;QAC5D;QACA,uBAAuB;QACvB,MAAM,IAAI,CAACC,kBAAkB,CAACtB,MAAMW,KAAKY,QAAQ,EAAEX,IAAIY,EAAE;QACzD,0BAA0B;QAC1B,MAAMC,gBAAgB,IAAI,CAACC,qBAAqB;QAChD,0CAA0C;QAC1C,MAAM,IAAI,CAACC,YAAY,CAACC,aAAa,CAAC5B,KAAKQ,EAAE,EAAE;YAC7CqB,aAAa5B;YACbwB,eAAeA,cAAcK,GAAG,CAAC,CAACC,OAAS,IAAI,CAACtB,aAAa,CAACsB;QAChE;QACA,IAAI,CAACC,qBAAqB,CAACpB,KAAKqB,iBAAM,CAACC,GAAG;QAC1C,OAAO;YAAE,GAAGjB,IAAI;YAAEQ,eAAeA;QAAc;IACjD;IAEA,MAAMU,iBAAiBxB,IAAgC,EAAEC,GAAgC,EAA8B;QACrH,YAAY;QACZ,MAAM,CAACK,MAAMjB,KAAK,GAAG,MAAM,IAAI,CAACkB,MAAM,CAACP,MAAMC,KAAK;QAClD,IAAI,CAACK,KAAKE,OAAO,EAAE;YACjB,MAAM,IAAIL,qBAAa,CAACG,KAAKG,OAAO,EAAEL,kBAAU,CAACM,SAAS;QAC5D;QACA,uBAAuB;QACvB,MAAM,IAAI,CAACC,kBAAkB,CAACtB,MAAMW,KAAKY,QAAQ,EAAEX,IAAIY,EAAE;QACzD,2CAA2C;QAC3C,MAAM,IAAI,CAACG,YAAY,CAACC,aAAa,CAAC5B,KAAKQ,EAAE,EAAE;YAAEqB,aAAaO;YAAWX,eAAeW;QAAU;QAClG,IAAI,CAACJ,qBAAqB,CAACpB,KAAKqB,iBAAM,CAACI,MAAM;QAC7C,OAAOpB;IACT;IAIA,MAAMC,OACJoB,SAAyB,EACzB1B,GAAgC,EAChC2B,YAAY,KAAK,EACjBtC,MAAe,EAC8C;QAC7D,MAAMD,OAAO,MAAM,IAAI,CAACwC,QAAQ,CAAC5B,IAAIZ,IAAI,CAACQ,EAAE,EAAEI,IAAIY,EAAE;QACpDvB,SAASA,UAAUD,KAAKyC,OAAO,CAACZ,WAAW;QAC3C,MAAMZ,OAAOqB,UAAUI,cAAc,GACjC,MAAM,IAAI,CAACC,oBAAoB,CAAC/B,IAAIZ,IAAI,CAACQ,EAAE,EAAE8B,UAAUP,IAAI,EAAE/B,KAAKyC,OAAO,CAAChB,aAAa,IACvF,IAAI,CAACmB,qBAAqB,CAACN,UAAUP,IAAI,EAAE9B;QAC/C,IAAI,CAAC0B,YAAY,CAACkB,cAAc,CAAC7C,MAAMY,IAAIY,EAAE,EAAEP,KAAKE,OAAO,EAAE,MAAM2B,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAAC/B,MAAM,CAACgC,IAAI,CAAC,GAAG,EAAEH,GAAG;QACrI,OAAOR,YAAY;YAACtB;YAAMjB;SAAK,GAAGiB;IACpC;IAEA,MAAMkC,oBAAoBC,MAAc,EAAE;QACxC,MAAMnC,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI;YACF,MAAM,IAAI,CAACO,YAAY,CAACC,aAAa,CAACwB,QAAQ;gBAAEvB,aAAaO;gBAAWX,eAAeW;YAAU;YACjGnB,KAAKE,OAAO,GAAG;QACjB,EAAE,OAAO4B,GAAG;YACV9B,KAAKE,OAAO,GAAG;YACfF,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;YACxB,IAAI,CAAC4B,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACE,mBAAmB,CAACD,IAAI,CAAC,GAAG,EAAEH,GAAG;QAC7D;QACA,OAAO9B;IACT;IAEA,MAAMuB,SAASY,MAAc,EAAE5B,EAAU,EAAE;QACzC,MAAMxB,OAAkB,MAAM,IAAI,CAAC2B,YAAY,CAAC0B,UAAU,CAACD;QAC3D,IAAI,CAACpD,MAAM;YACT,IAAI,CAACgD,MAAM,CAACM,IAAI,CAAC,CAAC,KAAK,EAAEF,OAAO,EAAE,EAAE5B,GAAG,WAAW,CAAC;YACnD,MAAM,IAAIV,qBAAa,CAAC,CAAC,cAAc,CAAC,EAAEC,kBAAU,CAACwC,SAAS;QAChE;QACA,IAAI,CAAC5B,YAAY,CAAC6B,kBAAkB,CAACxD,MAAMwB;QAC3C,OAAOxB;IACT;IAEA,MAAMsB,mBAAmBtB,IAAe,EAAEuB,QAAgB,EAAEC,EAAU,EAAE;QACtE,oEAAoE;QACpE,sFAAsF;QACtF,IAAI,CAAE,MAAM,IAAI,CAACG,YAAY,CAAC8B,mBAAmB,CAACzD,KAAKQ,EAAE,EAAEe,WAAY;YACrE,IAAI,CAACI,YAAY,CAACkB,cAAc,CAAC7C,MAAMwB,IAAI,OAAO,MAAMsB,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACvC,eAAe,CAACwC,IAAI,CAAC,GAAG,EAAEH,GAAG;YACnI,MAAM,IAAIjC,qBAAa,CAAC,8BAA8BC,kBAAU,CAACC,WAAW;QAC9E;IACF;IAEA4B,sBAAsBb,IAAY,EAAE2B,eAAuB,EAAqB;QAC9E,MAAMzC,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI,CAACsC,iBAAiB;YACpBzC,KAAKG,OAAO,GAAG;YACf,OAAOH;QACT;QACA,IAAI;YACFA,KAAKE,OAAO,GAAGwC,aAAI,CAACC,QAAQ,CAAC;gBAAEC,UAAU9B;gBAAM9B,QAAQ,IAAI,CAAC6D,aAAa,CAACJ;gBAAkBK,OAAO;YAAE;YACrG,IAAI,CAAC9C,KAAKE,OAAO,EAAEF,KAAKG,OAAO,GAAG;QACpC,EAAE,OAAO2B,GAAG;YACV,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACL,qBAAqB,CAACM,IAAI,CAAC,GAAG,EAAEH,GAAG;YAC7D9B,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;QAC1B;QACA,OAAOH;IACT;IAEA,MAAc0B,qBAAqBS,MAAc,EAAErB,IAAY,EAAEiC,cAAwB,EAA8B;QACrH,MAAM/C,OAA0B;YAAEE,SAAS;YAAOC,SAAS;QAAG;QAC9D,IAAI,CAAC4C,kBAAkBA,eAAeC,MAAM,KAAK,GAAG;YAClDhD,KAAKG,OAAO,GAAG;QACjB,OAAO;YACL,IAAI;gBACF,KAAK,MAAM8C,WAAWF,eAAgB;oBACpC,IAAIjC,SAAS,IAAI,CAAC+B,aAAa,CAACI,UAAU;wBACxCjD,KAAKE,OAAO,GAAG;wBACf,oBAAoB;wBACpB6C,eAAeG,MAAM,CAACH,eAAeI,OAAO,CAACF,UAAU;wBACvD;oBACF;gBACF;gBACA,IAAIjD,KAAKE,OAAO,EAAE;oBAChB,wBAAwB;oBACxB,MAAM,IAAI,CAACQ,YAAY,CAACC,aAAa,CAACwB,QAAQ;wBAAE3B,eAAeuC;oBAAe;gBAChF,OAAO;oBACL/C,KAAKG,OAAO,GAAG;gBACjB;YACF,EAAE,OAAO2B,GAAG;gBACV,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACN,oBAAoB,CAACO,IAAI,CAAC,GAAG,EAAEH,GAAG;gBAC5D9B,KAAKG,OAAO,GAAG2B,EAAE3B,OAAO;YAC1B;QACF;QACA,OAAOH;IACT;IAEQd,oBAAoBkE,SAAiB,EAAc;QACzD,+CAA+C;QAC/C,iEAAiE;QACjE,MAAMC,MAAMX,aAAI,CAACY,WAAW,CAAC;YAAEC,QAAQC,gCAAa,CAACxD,IAAI,CAACyD,GAAG,CAACC,IAAI,CAACH,MAAM;YAAExE,MAAMqE;QAAU,GAAG;YAAEO,QAAQC,wBAAkB;QAAC;QAC3H,MAAM3E,YAAY4E,IAAAA,uBAAe,EAACR,IAAIS,GAAG;QACzC,OAAO;YAAE9E,QAAQqE,IAAIrE,MAAM;YAAEC,WAAWA;QAAU;IACpD;IAEQK,YAAY6C,MAAc,EAAU;QAC1C,OAAO,GAAG,IAAI,CAAC4B,cAAc,GAAG5B,QAAQ;IAC1C;IAEQ3C,cAAcR,MAAc,EAAU;QAC5C,IAAIwE,gCAAa,CAACxD,IAAI,CAACgE,aAAa,EAAE;YACpC,OAAOxE,IAAAA,0BAAa,EAACR,QAAQwE,gCAAa,CAACxD,IAAI,CAACgE,aAAa;QAC/D;QACA,OAAOhF;IACT;IAEQ6D,cAAc7D,MAAc,EAAU;QAC5C,IAAIwE,gCAAa,CAACxD,IAAI,CAACgE,aAAa,EAAE;YACpC,OAAOnB,IAAAA,0BAAa,EAAC7D,QAAQwE,gCAAa,CAACxD,IAAI,CAACgE,aAAa;QAC/D;QACA,OAAOhF;IACT;IAEQyB,sBAAsBwD,QAAQ,CAAC,EAAY;QACjD,OAAOC,MAAMC,IAAI,CAAC;YAAEnB,QAAQiB;QAAM,GAAG,IAAMG,IAAAA,4BAAiB;IAC9D;IAEQrD,sBAAsBpB,GAAgC,EAAE0E,MAAc,EAAE;QAC9E,MAAMC,eAAoC;YACxCC,KAAKC,+BAAgB,CAACC,QAAQ;YAC9BC,OAAOC,qCAAsB,CAACF,QAAQ,CAACJ,OAAO;YAC9CO,SAASjF,IAAIkF,OAAO,CAAC,aAAa;YAClCf,KAAKnE,IAAIY,EAAE;QACb;QACA,IAAI,CAACuE,oBAAoB,CACtB/D,qBAAqB,CAAC;YAACpB,IAAIZ,IAAI;SAAC,EAAEuF,cAClCzC,KAAK,CAAC,CAACC,IAAa,IAAI,CAACC,MAAM,CAACC,KAAK,CAAC,GAAG,IAAI,CAACjB,qBAAqB,CAACkB,IAAI,CAAC,GAAG,EAAEH,GAAG;IACtF;IAxLA,YACE,AAAiB1C,KAAY,EAC7B,AAAiBsB,YAA0B,EAC3C,AAAiBoE,oBAA0C,CAC3D;aAHiB1F,QAAAA;aACAsB,eAAAA;aACAoE,uBAAAA;aANF/C,SAAS,IAAIgD,cAAM,CAAClG,cAAcoD,IAAI;aACtC8B,iBAAiB;IAM/B;AAqLL"}