@technomoron/api-server-base 1.1.13 → 2.0.0-beta.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/api-server-base.cjs +181 -74
- package/dist/cjs/api-server-base.d.ts +66 -29
- package/dist/cjs/auth-api/auth-module.d.ts +96 -0
- package/dist/cjs/auth-api/auth-module.js +1032 -0
- package/dist/cjs/auth-api/compat-auth-storage.d.ts +55 -0
- package/dist/cjs/auth-api/compat-auth-storage.js +116 -0
- package/dist/cjs/auth-api/mem-auth-store.d.ts +66 -0
- package/dist/cjs/auth-api/mem-auth-store.js +135 -0
- package/dist/cjs/{auth-module.d.ts → auth-api/module.d.ts} +7 -7
- package/dist/cjs/{auth-module.cjs → auth-api/module.js} +1 -1
- package/dist/cjs/auth-api/sql-auth-store.d.ts +75 -0
- package/dist/cjs/auth-api/sql-auth-store.js +166 -0
- package/dist/cjs/auth-api/storage.d.ts +36 -0
- package/dist/cjs/{auth-storage.cjs → auth-api/storage.js} +2 -2
- package/dist/cjs/auth-api/types.d.ts +29 -0
- package/dist/cjs/auth-api/types.js +2 -0
- package/dist/cjs/index.cjs +41 -7
- package/dist/cjs/index.d.ts +29 -5
- package/dist/cjs/oauth/base.d.ts +10 -0
- package/dist/cjs/oauth/base.js +6 -0
- package/dist/cjs/oauth/memory.d.ts +16 -0
- package/dist/cjs/oauth/memory.js +99 -0
- package/dist/cjs/oauth/models.d.ts +45 -0
- package/dist/cjs/oauth/models.js +58 -0
- package/dist/cjs/oauth/sequelize.d.ts +68 -0
- package/dist/cjs/oauth/sequelize.js +210 -0
- package/dist/cjs/oauth/types.d.ts +50 -0
- package/dist/cjs/oauth/types.js +3 -0
- package/dist/cjs/passkey/base.d.ts +15 -0
- package/dist/cjs/passkey/base.js +6 -0
- package/dist/cjs/passkey/memory.d.ts +26 -0
- package/dist/cjs/passkey/memory.js +82 -0
- package/dist/cjs/passkey/models.d.ts +25 -0
- package/dist/cjs/passkey/models.js +115 -0
- package/dist/cjs/passkey/sequelize.d.ts +54 -0
- package/dist/cjs/passkey/sequelize.js +211 -0
- package/dist/cjs/passkey/service.d.ts +17 -0
- package/dist/cjs/passkey/service.js +221 -0
- package/dist/cjs/passkey/types.d.ts +75 -0
- package/dist/cjs/passkey/types.js +2 -0
- package/dist/cjs/token/base.d.ts +38 -0
- package/dist/cjs/token/base.js +114 -0
- package/dist/cjs/token/memory.d.ts +19 -0
- package/dist/cjs/token/memory.js +149 -0
- package/dist/cjs/token/sequelize.d.ts +58 -0
- package/dist/cjs/token/sequelize.js +404 -0
- package/dist/cjs/token/types.d.ts +27 -0
- package/dist/cjs/token/types.js +2 -0
- package/dist/cjs/user/base.d.ts +26 -0
- package/dist/cjs/user/base.js +45 -0
- package/dist/cjs/user/memory.d.ts +35 -0
- package/dist/cjs/user/memory.js +173 -0
- package/dist/cjs/user/sequelize.d.ts +41 -0
- package/dist/cjs/user/sequelize.js +182 -0
- package/dist/cjs/user/types.d.ts +11 -0
- package/dist/cjs/user/types.js +2 -0
- package/dist/esm/api-server-base.d.ts +66 -29
- package/dist/esm/api-server-base.js +179 -72
- package/dist/esm/auth-api/auth-module.d.ts +96 -0
- package/dist/esm/auth-api/auth-module.js +1030 -0
- package/dist/esm/auth-api/compat-auth-storage.d.ts +55 -0
- package/dist/esm/auth-api/compat-auth-storage.js +112 -0
- package/dist/esm/auth-api/mem-auth-store.d.ts +66 -0
- package/dist/esm/auth-api/mem-auth-store.js +131 -0
- package/dist/esm/{auth-module.d.ts → auth-api/module.d.ts} +7 -7
- package/dist/esm/{auth-module.js → auth-api/module.js} +1 -1
- package/dist/esm/auth-api/sql-auth-store.d.ts +75 -0
- package/dist/esm/auth-api/sql-auth-store.js +162 -0
- package/dist/esm/auth-api/storage.d.ts +36 -0
- package/dist/esm/{auth-storage.js → auth-api/storage.js} +2 -2
- package/dist/esm/auth-api/types.d.ts +29 -0
- package/dist/esm/auth-api/types.js +1 -0
- package/dist/esm/index.d.ts +29 -5
- package/dist/esm/index.js +19 -2
- package/dist/esm/oauth/base.d.ts +10 -0
- package/dist/esm/oauth/base.js +2 -0
- package/dist/esm/oauth/memory.d.ts +16 -0
- package/dist/esm/oauth/memory.js +92 -0
- package/dist/esm/oauth/models.d.ts +45 -0
- package/dist/esm/oauth/models.js +51 -0
- package/dist/esm/oauth/sequelize.d.ts +68 -0
- package/dist/esm/oauth/sequelize.js +199 -0
- package/dist/esm/oauth/types.d.ts +50 -0
- package/dist/esm/oauth/types.js +2 -0
- package/dist/esm/passkey/base.d.ts +15 -0
- package/dist/esm/passkey/base.js +2 -0
- package/dist/esm/passkey/memory.d.ts +26 -0
- package/dist/esm/passkey/memory.js +78 -0
- package/dist/esm/passkey/models.d.ts +25 -0
- package/dist/esm/passkey/models.js +108 -0
- package/dist/esm/passkey/sequelize.d.ts +54 -0
- package/dist/esm/passkey/sequelize.js +207 -0
- package/dist/esm/passkey/service.d.ts +17 -0
- package/dist/esm/passkey/service.js +217 -0
- package/dist/esm/passkey/types.d.ts +75 -0
- package/dist/esm/passkey/types.js +1 -0
- package/dist/esm/token/base.d.ts +38 -0
- package/dist/esm/token/base.js +107 -0
- package/dist/esm/token/memory.d.ts +19 -0
- package/dist/esm/token/memory.js +145 -0
- package/dist/esm/token/sequelize.d.ts +58 -0
- package/dist/esm/token/sequelize.js +400 -0
- package/dist/esm/token/types.d.ts +27 -0
- package/dist/esm/token/types.js +1 -0
- package/dist/esm/user/base.d.ts +26 -0
- package/dist/esm/user/base.js +38 -0
- package/dist/esm/user/memory.d.ts +35 -0
- package/dist/esm/user/memory.js +169 -0
- package/dist/esm/user/sequelize.d.ts +41 -0
- package/dist/esm/user/sequelize.js +176 -0
- package/dist/esm/user/types.d.ts +11 -0
- package/dist/esm/user/types.js +1 -0
- package/package.json +11 -3
- package/dist/cjs/auth-storage.d.ts +0 -133
- package/dist/esm/auth-storage.d.ts +0 -133
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import { PasskeyService } from '../passkey/service.js';
|
|
2
|
+
import type { AuthIdentifier, AuthStorage } from './types.js';
|
|
3
|
+
import type { OAuthStore } from '../oauth/base.js';
|
|
4
|
+
import type { AuthCodeData, AuthCodeRequest, OAuthClient } from '../oauth/types.js';
|
|
5
|
+
import type { PasskeyStore } from '../passkey/base.js';
|
|
6
|
+
import type { PasskeyChallenge, PasskeyChallengeParams, PasskeyServiceConfig, PasskeyVerificationParams, PasskeyVerificationResult } from '../passkey/types.js';
|
|
7
|
+
import type { TokenStore } from '../token/base.js';
|
|
8
|
+
import type { Token } from '../token/types.js';
|
|
9
|
+
import type { UserStore } from '../user/base.js';
|
|
10
|
+
interface PasskeyAdapterOptions {
|
|
11
|
+
store: PasskeyStore;
|
|
12
|
+
config: PasskeyServiceConfig;
|
|
13
|
+
}
|
|
14
|
+
export interface AuthStorageAdapterOptions<UserRow, PublicUser> {
|
|
15
|
+
userStore: UserStore<UserRow, PublicUser>;
|
|
16
|
+
tokenStore: TokenStore;
|
|
17
|
+
passkeys?: PasskeyAdapterOptions | PasskeyService;
|
|
18
|
+
oauthStore?: OAuthStore;
|
|
19
|
+
canImpersonate?: (params: {
|
|
20
|
+
realUserId: AuthIdentifier;
|
|
21
|
+
effectiveUserId: AuthIdentifier;
|
|
22
|
+
}) => boolean | Promise<boolean>;
|
|
23
|
+
}
|
|
24
|
+
export declare class AuthStorageAdapter<UserRow, PublicUser> implements AuthStorage<UserRow, PublicUser> {
|
|
25
|
+
private readonly userStore;
|
|
26
|
+
private readonly tokenStore;
|
|
27
|
+
private readonly oauthStore?;
|
|
28
|
+
private readonly passkeyService?;
|
|
29
|
+
private readonly canImpersonateFn?;
|
|
30
|
+
constructor(options: AuthStorageAdapterOptions<UserRow, PublicUser>);
|
|
31
|
+
getUser(identifier: AuthIdentifier): Promise<UserRow | null>;
|
|
32
|
+
getUserPasswordHash(user: UserRow): string;
|
|
33
|
+
getUserId(user: UserRow): AuthIdentifier;
|
|
34
|
+
filterUser(user: UserRow): PublicUser;
|
|
35
|
+
verifyPassword(password: string, hash: string): Promise<boolean>;
|
|
36
|
+
storeToken(data: Token): Promise<void>;
|
|
37
|
+
getToken(query: Partial<Token>, opts?: {
|
|
38
|
+
includeExpired?: boolean;
|
|
39
|
+
}): Promise<Token | null>;
|
|
40
|
+
deleteToken(query: Partial<Token>): Promise<number>;
|
|
41
|
+
updateToken(updates: Partial<Token> & {
|
|
42
|
+
refreshToken: string;
|
|
43
|
+
}): Promise<boolean>;
|
|
44
|
+
createPasskeyChallenge(params: PasskeyChallengeParams): Promise<PasskeyChallenge>;
|
|
45
|
+
verifyPasskeyResponse(params: PasskeyVerificationParams): Promise<PasskeyVerificationResult>;
|
|
46
|
+
getClient(clientId: string): Promise<OAuthClient | null>;
|
|
47
|
+
verifyClientSecret(client: OAuthClient, clientSecret: string | null): Promise<boolean>;
|
|
48
|
+
createAuthCode(request: AuthCodeRequest): Promise<AuthCodeData>;
|
|
49
|
+
consumeAuthCode(code: string, clientId: string): Promise<AuthCodeData | null>;
|
|
50
|
+
canImpersonate(params: {
|
|
51
|
+
realUserId: AuthIdentifier;
|
|
52
|
+
effectiveUserId: AuthIdentifier;
|
|
53
|
+
}): Promise<boolean>;
|
|
54
|
+
}
|
|
55
|
+
export {};
|
|
@@ -0,0 +1,116 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AuthStorageAdapter = void 0;
|
|
4
|
+
const node_crypto_1 = require("node:crypto");
|
|
5
|
+
const service_js_1 = require("../passkey/service.js");
|
|
6
|
+
class AuthStorageAdapter {
|
|
7
|
+
constructor(options) {
|
|
8
|
+
this.userStore = options.userStore;
|
|
9
|
+
this.tokenStore = options.tokenStore;
|
|
10
|
+
this.oauthStore = options.oauthStore;
|
|
11
|
+
this.canImpersonateFn = options.canImpersonate;
|
|
12
|
+
if (options.passkeys instanceof service_js_1.PasskeyService) {
|
|
13
|
+
this.passkeyService = options.passkeys;
|
|
14
|
+
}
|
|
15
|
+
else if (options.passkeys) {
|
|
16
|
+
this.passkeyService = new service_js_1.PasskeyService(options.passkeys.config, options.passkeys.store);
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
async getUser(identifier) {
|
|
20
|
+
return this.userStore.findUser(identifier);
|
|
21
|
+
}
|
|
22
|
+
getUserPasswordHash(user) {
|
|
23
|
+
return this.userStore.getPasswordHash(user) ?? '';
|
|
24
|
+
}
|
|
25
|
+
getUserId(user) {
|
|
26
|
+
return this.userStore.getUserId(user);
|
|
27
|
+
}
|
|
28
|
+
filterUser(user) {
|
|
29
|
+
return this.userStore.toPublic(user);
|
|
30
|
+
}
|
|
31
|
+
async verifyPassword(password, hash) {
|
|
32
|
+
return this.userStore.verifyPassword(password, hash);
|
|
33
|
+
}
|
|
34
|
+
async storeToken(data) {
|
|
35
|
+
return this.tokenStore.save(data);
|
|
36
|
+
}
|
|
37
|
+
async getToken(query, opts) {
|
|
38
|
+
return this.tokenStore.get(query, opts);
|
|
39
|
+
}
|
|
40
|
+
async deleteToken(query) {
|
|
41
|
+
return this.tokenStore.delete(query);
|
|
42
|
+
}
|
|
43
|
+
async updateToken(updates) {
|
|
44
|
+
return this.tokenStore.update(updates);
|
|
45
|
+
}
|
|
46
|
+
async createPasskeyChallenge(params) {
|
|
47
|
+
if (!this.passkeyService) {
|
|
48
|
+
throw new Error('Passkey storage is not configured');
|
|
49
|
+
}
|
|
50
|
+
return this.passkeyService.createChallenge(params);
|
|
51
|
+
}
|
|
52
|
+
async verifyPasskeyResponse(params) {
|
|
53
|
+
if (!this.passkeyService) {
|
|
54
|
+
throw new Error('Passkey storage is not configured');
|
|
55
|
+
}
|
|
56
|
+
return this.passkeyService.verifyResponse(params);
|
|
57
|
+
}
|
|
58
|
+
async getClient(clientId) {
|
|
59
|
+
if (!this.oauthStore) {
|
|
60
|
+
return null;
|
|
61
|
+
}
|
|
62
|
+
return this.oauthStore.getClient(clientId);
|
|
63
|
+
}
|
|
64
|
+
async verifyClientSecret(client, clientSecret) {
|
|
65
|
+
if (!this.oauthStore) {
|
|
66
|
+
throw new Error('OAuth storage is not configured');
|
|
67
|
+
}
|
|
68
|
+
return this.oauthStore.verifyClientSecret(client.clientId, clientSecret);
|
|
69
|
+
}
|
|
70
|
+
async createAuthCode(request) {
|
|
71
|
+
if (!this.oauthStore) {
|
|
72
|
+
throw new Error('OAuth storage is not configured');
|
|
73
|
+
}
|
|
74
|
+
const expiresAt = new Date(Date.now() + (request.expiresInSeconds ?? 300) * 1000);
|
|
75
|
+
const code = request.code ?? (0, node_crypto_1.randomUUID)();
|
|
76
|
+
await this.oauthStore.createAuthCode({
|
|
77
|
+
code,
|
|
78
|
+
clientId: request.clientId,
|
|
79
|
+
userId: request.userId,
|
|
80
|
+
scope: request.scope,
|
|
81
|
+
redirectUri: request.redirectUri,
|
|
82
|
+
codeChallenge: request.codeChallenge,
|
|
83
|
+
codeChallengeMethod: request.codeChallengeMethod,
|
|
84
|
+
expiresAt,
|
|
85
|
+
metadata: request.metadata
|
|
86
|
+
});
|
|
87
|
+
return {
|
|
88
|
+
code,
|
|
89
|
+
clientId: request.clientId,
|
|
90
|
+
userId: request.userId,
|
|
91
|
+
redirectUri: request.redirectUri,
|
|
92
|
+
scope: request.scope ?? [],
|
|
93
|
+
codeChallenge: request.codeChallenge,
|
|
94
|
+
codeChallengeMethod: request.codeChallengeMethod,
|
|
95
|
+
expiresAt,
|
|
96
|
+
metadata: request.metadata
|
|
97
|
+
};
|
|
98
|
+
}
|
|
99
|
+
async consumeAuthCode(code, clientId) {
|
|
100
|
+
if (!this.oauthStore) {
|
|
101
|
+
return null;
|
|
102
|
+
}
|
|
103
|
+
const consumed = await this.oauthStore.consumeAuthCode(code);
|
|
104
|
+
if (!consumed || consumed.clientId !== clientId) {
|
|
105
|
+
return null;
|
|
106
|
+
}
|
|
107
|
+
return consumed;
|
|
108
|
+
}
|
|
109
|
+
async canImpersonate(params) {
|
|
110
|
+
if (this.canImpersonateFn) {
|
|
111
|
+
return !!(await this.canImpersonateFn(params));
|
|
112
|
+
}
|
|
113
|
+
return params.realUserId === params.effectiveUserId;
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
exports.AuthStorageAdapter = AuthStorageAdapter;
|
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
import { MemoryOAuthStore } from '../oauth/memory.js';
|
|
2
|
+
import { MemoryPasskeyStore } from '../passkey/memory.js';
|
|
3
|
+
import { TokenStore } from '../token/base.js';
|
|
4
|
+
import { MemoryUserStore } from '../user/memory.js';
|
|
5
|
+
import type { AuthIdentifier, AuthStorage } from './types.js';
|
|
6
|
+
import type { MemoryOAuthStoreOptions } from '../oauth/memory.js';
|
|
7
|
+
import type { AuthCodeData, AuthCodeRequest, OAuthClient } from '../oauth/types.js';
|
|
8
|
+
import type { MemoryPasskeyStoreOptions } from '../passkey/memory.js';
|
|
9
|
+
import type { PasskeyChallenge, PasskeyChallengeParams, PasskeyServiceConfig, PasskeyUserDescriptor, PasskeyVerificationParams, PasskeyVerificationResult } from '../passkey/types.js';
|
|
10
|
+
import type { Token } from '../token/types.js';
|
|
11
|
+
import type { MemoryUserAttributes, MemoryPublicUser, MemoryUserStoreOptions } from '../user/memory.js';
|
|
12
|
+
interface PasskeyOptions extends Partial<PasskeyServiceConfig> {
|
|
13
|
+
enabled?: boolean;
|
|
14
|
+
}
|
|
15
|
+
export interface MemAuthStoreParams<UserAttributes extends MemoryUserAttributes = MemoryUserAttributes, PublicUserShape extends MemoryPublicUser<UserAttributes> = MemoryPublicUser<UserAttributes>> extends Omit<MemoryUserStoreOptions<UserAttributes, PublicUserShape>, 'hasher'>, MemoryOAuthStoreOptions, Partial<MemoryPasskeyStoreOptions> {
|
|
16
|
+
bcryptRounds?: number;
|
|
17
|
+
passwordPepper?: string;
|
|
18
|
+
publicUserMapper?: (user: UserAttributes) => PublicUserShape;
|
|
19
|
+
passkeyUserMapper?: (user: UserAttributes) => PasskeyUserDescriptor;
|
|
20
|
+
passkeys?: false | PasskeyOptions;
|
|
21
|
+
canImpersonate?: (params: {
|
|
22
|
+
realUserId: AuthIdentifier;
|
|
23
|
+
effectiveUserId: AuthIdentifier;
|
|
24
|
+
}) => boolean | Promise<boolean>;
|
|
25
|
+
tokenStore?: TokenStore;
|
|
26
|
+
}
|
|
27
|
+
export declare class MemAuthStore<UserAttributes extends MemoryUserAttributes = MemoryUserAttributes, PublicUserShape extends MemoryPublicUser<UserAttributes> = MemoryPublicUser<UserAttributes>> implements AuthStorage<UserAttributes, PublicUserShape> {
|
|
28
|
+
readonly userStore: MemoryUserStore<UserAttributes, PublicUserShape>;
|
|
29
|
+
readonly tokenStore: TokenStore;
|
|
30
|
+
readonly passkeyStore?: MemoryPasskeyStore;
|
|
31
|
+
readonly oauthStore: MemoryOAuthStore;
|
|
32
|
+
private readonly adapter;
|
|
33
|
+
constructor(params?: MemAuthStoreParams<UserAttributes, PublicUserShape>);
|
|
34
|
+
initialise(): Promise<void>;
|
|
35
|
+
close(): Promise<void>;
|
|
36
|
+
getUser(identifier: AuthIdentifier): Promise<UserAttributes | null>;
|
|
37
|
+
getUserPasswordHash(user: UserAttributes): string;
|
|
38
|
+
getUserId(user: UserAttributes): AuthIdentifier;
|
|
39
|
+
filterUser(user: UserAttributes): PublicUserShape;
|
|
40
|
+
verifyPassword(password: string, hash: string): Promise<boolean>;
|
|
41
|
+
storeToken(data: Token): Promise<void>;
|
|
42
|
+
getToken(query: Partial<Token> & {
|
|
43
|
+
userId?: AuthIdentifier;
|
|
44
|
+
ruid?: AuthIdentifier;
|
|
45
|
+
}, opts?: {
|
|
46
|
+
includeExpired?: boolean;
|
|
47
|
+
}): Promise<Token | null>;
|
|
48
|
+
deleteToken(query: Partial<Token> & {
|
|
49
|
+
userId?: AuthIdentifier;
|
|
50
|
+
ruid?: AuthIdentifier;
|
|
51
|
+
}): Promise<number>;
|
|
52
|
+
updateToken(updates: Partial<Token> & {
|
|
53
|
+
refreshToken: string;
|
|
54
|
+
}): Promise<boolean>;
|
|
55
|
+
createPasskeyChallenge(params: PasskeyChallengeParams): Promise<PasskeyChallenge>;
|
|
56
|
+
verifyPasskeyResponse(params: PasskeyVerificationParams): Promise<PasskeyVerificationResult>;
|
|
57
|
+
getClient(clientId: string): Promise<OAuthClient | null>;
|
|
58
|
+
verifyClientSecret(client: OAuthClient, clientSecret: string | null): Promise<boolean>;
|
|
59
|
+
createAuthCode(request: AuthCodeRequest): Promise<AuthCodeData>;
|
|
60
|
+
consumeAuthCode(code: string, clientId: string): Promise<AuthCodeData | null>;
|
|
61
|
+
canImpersonate(params: {
|
|
62
|
+
realUserId: AuthIdentifier;
|
|
63
|
+
effectiveUserId: AuthIdentifier;
|
|
64
|
+
}): Promise<boolean>;
|
|
65
|
+
}
|
|
66
|
+
export {};
|
|
@@ -0,0 +1,135 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.MemAuthStore = void 0;
|
|
4
|
+
const memory_js_1 = require("../oauth/memory.js");
|
|
5
|
+
const memory_js_2 = require("../passkey/memory.js");
|
|
6
|
+
const memory_js_3 = require("../token/memory.js");
|
|
7
|
+
const memory_js_4 = require("../user/memory.js");
|
|
8
|
+
const compat_auth_storage_js_1 = require("./compat-auth-storage.js");
|
|
9
|
+
const DEFAULT_PASSKEY_CONFIG = {
|
|
10
|
+
rpId: 'localhost',
|
|
11
|
+
rpName: 'API Server',
|
|
12
|
+
origins: ['http://localhost:5173'],
|
|
13
|
+
timeoutMs: 5 * 60 * 1000,
|
|
14
|
+
userVerification: 'preferred'
|
|
15
|
+
};
|
|
16
|
+
function isOriginString(origin) {
|
|
17
|
+
return typeof origin === 'string' && origin.trim().length > 0;
|
|
18
|
+
}
|
|
19
|
+
function normalizePasskeyConfig(config = {}) {
|
|
20
|
+
const candidateOrigins = Array.isArray(config.origins) && config.origins.length > 0 ? config.origins.filter(isOriginString) : null;
|
|
21
|
+
return {
|
|
22
|
+
rpId: config.rpId?.trim() || DEFAULT_PASSKEY_CONFIG.rpId,
|
|
23
|
+
rpName: config.rpName?.trim() || DEFAULT_PASSKEY_CONFIG.rpName,
|
|
24
|
+
origins: candidateOrigins ? candidateOrigins.map((origin) => origin.trim()) : DEFAULT_PASSKEY_CONFIG.origins,
|
|
25
|
+
timeoutMs: typeof config.timeoutMs === 'number' && config.timeoutMs > 0
|
|
26
|
+
? config.timeoutMs
|
|
27
|
+
: DEFAULT_PASSKEY_CONFIG.timeoutMs,
|
|
28
|
+
userVerification: config.userVerification ?? DEFAULT_PASSKEY_CONFIG.userVerification
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
class MemAuthStore {
|
|
32
|
+
constructor(params = {}) {
|
|
33
|
+
this.userStore = new memory_js_4.MemoryUserStore({
|
|
34
|
+
toPublic: params.publicUserMapper ?? params.toPublic,
|
|
35
|
+
userIdFactory: params.userIdFactory,
|
|
36
|
+
startingUserId: params.startingUserId,
|
|
37
|
+
bcryptRounds: params.bcryptRounds,
|
|
38
|
+
bcryptPepper: params.passwordPepper
|
|
39
|
+
});
|
|
40
|
+
this.tokenStore = params.tokenStore ?? new memory_js_3.MemoryTokenStore();
|
|
41
|
+
this.oauthStore = new memory_js_1.MemoryOAuthStore({ bcryptRounds: params.bcryptRounds });
|
|
42
|
+
let passkeyStore;
|
|
43
|
+
let passkeyConfig;
|
|
44
|
+
if (params.passkeys !== false) {
|
|
45
|
+
passkeyConfig = normalizePasskeyConfig(params.passkeys ?? {});
|
|
46
|
+
const resolveUser = async (lookup) => {
|
|
47
|
+
const found = await this.userStore.findUser(lookup.userId ?? lookup.login ?? '');
|
|
48
|
+
if (!found) {
|
|
49
|
+
return null;
|
|
50
|
+
}
|
|
51
|
+
const mapper = params.passkeyUserMapper ??
|
|
52
|
+
((user) => ({
|
|
53
|
+
id: user.user_id,
|
|
54
|
+
login: user.login,
|
|
55
|
+
displayName: user.login
|
|
56
|
+
}));
|
|
57
|
+
return mapper(found);
|
|
58
|
+
};
|
|
59
|
+
passkeyStore = new memory_js_2.MemoryPasskeyStore({ resolveUser });
|
|
60
|
+
this.passkeyStore = passkeyStore;
|
|
61
|
+
}
|
|
62
|
+
this.adapter = new compat_auth_storage_js_1.AuthStorageAdapter({
|
|
63
|
+
userStore: this.userStore,
|
|
64
|
+
tokenStore: this.tokenStore,
|
|
65
|
+
passkeys: passkeyStore && passkeyConfig ? { store: passkeyStore, config: passkeyConfig } : undefined,
|
|
66
|
+
oauthStore: this.oauthStore,
|
|
67
|
+
canImpersonate: params.canImpersonate
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
async initialise() {
|
|
71
|
+
return;
|
|
72
|
+
}
|
|
73
|
+
async close() {
|
|
74
|
+
return;
|
|
75
|
+
}
|
|
76
|
+
async getUser(identifier) {
|
|
77
|
+
return this.adapter.getUser(identifier);
|
|
78
|
+
}
|
|
79
|
+
getUserPasswordHash(user) {
|
|
80
|
+
return this.adapter.getUserPasswordHash(user);
|
|
81
|
+
}
|
|
82
|
+
getUserId(user) {
|
|
83
|
+
return this.adapter.getUserId(user);
|
|
84
|
+
}
|
|
85
|
+
filterUser(user) {
|
|
86
|
+
return this.adapter.filterUser(user);
|
|
87
|
+
}
|
|
88
|
+
async verifyPassword(password, hash) {
|
|
89
|
+
return this.adapter.verifyPassword(password, hash);
|
|
90
|
+
}
|
|
91
|
+
async storeToken(data) {
|
|
92
|
+
return this.adapter.storeToken(data);
|
|
93
|
+
}
|
|
94
|
+
async getToken(query, opts) {
|
|
95
|
+
const normalized = {
|
|
96
|
+
...query,
|
|
97
|
+
userId: query.userId !== undefined && query.userId !== null ? String(query.userId) : undefined,
|
|
98
|
+
ruid: query.ruid !== undefined && query.ruid !== null ? String(query.ruid) : undefined
|
|
99
|
+
};
|
|
100
|
+
return this.adapter.getToken(normalized, opts);
|
|
101
|
+
}
|
|
102
|
+
async deleteToken(query) {
|
|
103
|
+
const normalized = {
|
|
104
|
+
...query,
|
|
105
|
+
userId: query.userId !== undefined && query.userId !== null ? String(query.userId) : undefined,
|
|
106
|
+
ruid: query.ruid !== undefined && query.ruid !== null ? String(query.ruid) : undefined
|
|
107
|
+
};
|
|
108
|
+
return this.adapter.deleteToken(normalized);
|
|
109
|
+
}
|
|
110
|
+
async updateToken(updates) {
|
|
111
|
+
return this.adapter.updateToken(updates);
|
|
112
|
+
}
|
|
113
|
+
async createPasskeyChallenge(params) {
|
|
114
|
+
return this.adapter.createPasskeyChallenge(params);
|
|
115
|
+
}
|
|
116
|
+
async verifyPasskeyResponse(params) {
|
|
117
|
+
return this.adapter.verifyPasskeyResponse(params);
|
|
118
|
+
}
|
|
119
|
+
async getClient(clientId) {
|
|
120
|
+
return this.adapter.getClient(clientId);
|
|
121
|
+
}
|
|
122
|
+
async verifyClientSecret(client, clientSecret) {
|
|
123
|
+
return this.adapter.verifyClientSecret(client, clientSecret);
|
|
124
|
+
}
|
|
125
|
+
async createAuthCode(request) {
|
|
126
|
+
return this.adapter.createAuthCode(request);
|
|
127
|
+
}
|
|
128
|
+
async consumeAuthCode(code, clientId) {
|
|
129
|
+
return this.adapter.consumeAuthCode(code, clientId);
|
|
130
|
+
}
|
|
131
|
+
async canImpersonate(params) {
|
|
132
|
+
return this.adapter.canImpersonate(params);
|
|
133
|
+
}
|
|
134
|
+
}
|
|
135
|
+
exports.MemAuthStore = MemAuthStore;
|
|
@@ -1,20 +1,20 @@
|
|
|
1
|
-
import { ApiModule } from '
|
|
2
|
-
import type { ApiRequest } from '
|
|
3
|
-
import type {
|
|
1
|
+
import { ApiModule } from '../api-module.js';
|
|
2
|
+
import type { ApiRequest } from '../api-server-base.js';
|
|
3
|
+
import type { Token, TokenPair } from '../token/types.js';
|
|
4
4
|
export interface AuthProviderModule<UserRow = unknown> {
|
|
5
5
|
readonly moduleType: 'auth';
|
|
6
6
|
readonly namespace: string;
|
|
7
|
-
issueTokens(apiReq: ApiRequest, user: UserRow, metadata?:
|
|
7
|
+
issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: Partial<Token> & {
|
|
8
8
|
expires?: Date;
|
|
9
|
-
}): Promise<
|
|
9
|
+
}): Promise<TokenPair>;
|
|
10
10
|
}
|
|
11
11
|
export declare abstract class BaseAuthModule<UserRow = unknown> extends ApiModule<any> implements AuthProviderModule<UserRow> {
|
|
12
12
|
readonly moduleType: "auth";
|
|
13
13
|
protected constructor(opts: {
|
|
14
14
|
namespace: string;
|
|
15
15
|
});
|
|
16
|
-
abstract issueTokens(apiReq: ApiRequest, user: UserRow, metadata?:
|
|
16
|
+
abstract issueTokens(apiReq: ApiRequest, user: UserRow, metadata?: Partial<Token> & {
|
|
17
17
|
expires?: Date;
|
|
18
|
-
}): Promise<
|
|
18
|
+
}): Promise<TokenPair>;
|
|
19
19
|
}
|
|
20
20
|
export declare const nullAuthModule: AuthProviderModule<unknown>;
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.nullAuthModule = exports.BaseAuthModule = void 0;
|
|
4
|
-
const api_module_js_1 = require("
|
|
4
|
+
const api_module_js_1 = require("../api-module.js");
|
|
5
5
|
// Handy base that you can extend when wiring a real auth module. Subclasses
|
|
6
6
|
// must supply a namespace via the constructor and implement token issuance.
|
|
7
7
|
class BaseAuthModule extends api_module_js_1.ApiModule {
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import { Sequelize, type SyncOptions } from 'sequelize';
|
|
2
|
+
import { SequelizeOAuthStore, type SequelizeOAuthStoreOptions } from '../oauth/sequelize.js';
|
|
3
|
+
import { SequelizePasskeyStore } from '../passkey/sequelize.js';
|
|
4
|
+
import { type SequelizeTokenStoreOptions } from '../token/sequelize.js';
|
|
5
|
+
import { SequelizeUserStore, type AuthUserAttributes, GenericUserModel, GenericUserModelStatic } from '../user/sequelize.js';
|
|
6
|
+
import type { AuthIdentifier, AuthStorage } from './types.js';
|
|
7
|
+
import type { AuthCodeData, AuthCodeRequest, OAuthClient } from '../oauth/types.js';
|
|
8
|
+
import type { PasskeyChallenge, PasskeyChallengeParams, PasskeyServiceConfig, PasskeyUserDescriptor, PasskeyVerificationParams, PasskeyVerificationResult } from '../passkey/types.js';
|
|
9
|
+
import type { TokenStore } from '../token/base.js';
|
|
10
|
+
import type { Token } from '../token/types.js';
|
|
11
|
+
interface PasskeyOptions extends Partial<PasskeyServiceConfig> {
|
|
12
|
+
enabled?: boolean;
|
|
13
|
+
}
|
|
14
|
+
export interface SqlAuthStoreParams<UserAttributes extends AuthUserAttributes = AuthUserAttributes, PublicUserShape extends Omit<UserAttributes, 'password'> = Omit<UserAttributes, 'password'>> {
|
|
15
|
+
sequelize: Sequelize;
|
|
16
|
+
syncOptions?: SyncOptions;
|
|
17
|
+
bcryptRounds?: number;
|
|
18
|
+
passwordPepper?: string;
|
|
19
|
+
userModel?: GenericUserModelStatic;
|
|
20
|
+
userModelFactory?: (sequelize: Sequelize) => GenericUserModelStatic;
|
|
21
|
+
userRecordMapper?: (model: GenericUserModel) => UserAttributes;
|
|
22
|
+
publicUserMapper?: (user: UserAttributes) => PublicUserShape;
|
|
23
|
+
passkeyUserMapper?: (user: UserAttributes) => PasskeyUserDescriptor;
|
|
24
|
+
passkeys?: false | PasskeyOptions;
|
|
25
|
+
canImpersonate?: (params: {
|
|
26
|
+
realUserId: AuthIdentifier;
|
|
27
|
+
effectiveUserId: AuthIdentifier;
|
|
28
|
+
}) => boolean | Promise<boolean>;
|
|
29
|
+
tokenStore?: TokenStore;
|
|
30
|
+
tokenStoreOptions?: Omit<SequelizeTokenStoreOptions, 'sequelize'>;
|
|
31
|
+
oauthStoreOptions?: Omit<SequelizeOAuthStoreOptions, 'sequelize'>;
|
|
32
|
+
}
|
|
33
|
+
export declare class SqlAuthStore<UserAttributes extends AuthUserAttributes = AuthUserAttributes, PublicUserShape extends Omit<UserAttributes, 'password'> = Omit<UserAttributes, 'password'>> implements AuthStorage<UserAttributes, PublicUserShape> {
|
|
34
|
+
readonly userStore: SequelizeUserStore<UserAttributes, PublicUserShape>;
|
|
35
|
+
readonly tokenStore: TokenStore;
|
|
36
|
+
readonly passkeyStore?: SequelizePasskeyStore;
|
|
37
|
+
readonly oauthStore: SequelizeOAuthStore;
|
|
38
|
+
private readonly adapter;
|
|
39
|
+
private readonly sequelize;
|
|
40
|
+
private closed;
|
|
41
|
+
private readonly syncOptions?;
|
|
42
|
+
constructor(params: SqlAuthStoreParams<UserAttributes, PublicUserShape>);
|
|
43
|
+
initialise(withSync?: boolean): Promise<void>;
|
|
44
|
+
close(): Promise<void>;
|
|
45
|
+
getUser(identifier: AuthIdentifier): Promise<UserAttributes | null>;
|
|
46
|
+
getUserPasswordHash(user: UserAttributes): string;
|
|
47
|
+
getUserId(user: UserAttributes): AuthIdentifier;
|
|
48
|
+
filterUser(user: UserAttributes): PublicUserShape;
|
|
49
|
+
verifyPassword(password: string, hash: string): Promise<boolean>;
|
|
50
|
+
storeToken(data: Token): Promise<void>;
|
|
51
|
+
getToken(query: Partial<Token> & {
|
|
52
|
+
userId?: AuthIdentifier;
|
|
53
|
+
ruid?: AuthIdentifier;
|
|
54
|
+
}, opts?: {
|
|
55
|
+
includeExpired?: boolean;
|
|
56
|
+
}): Promise<Token | null>;
|
|
57
|
+
deleteToken(query: Partial<Token> & {
|
|
58
|
+
userId?: AuthIdentifier;
|
|
59
|
+
ruid?: AuthIdentifier;
|
|
60
|
+
}): Promise<number>;
|
|
61
|
+
updateToken(updates: Partial<Token> & {
|
|
62
|
+
refreshToken: string;
|
|
63
|
+
}): Promise<boolean>;
|
|
64
|
+
createPasskeyChallenge(params: PasskeyChallengeParams): Promise<PasskeyChallenge>;
|
|
65
|
+
verifyPasskeyResponse(params: PasskeyVerificationParams): Promise<PasskeyVerificationResult>;
|
|
66
|
+
getClient(clientId: string): Promise<OAuthClient | null>;
|
|
67
|
+
verifyClientSecret(client: OAuthClient, clientSecret: string | null): Promise<boolean>;
|
|
68
|
+
createAuthCode(request: AuthCodeRequest): Promise<AuthCodeData>;
|
|
69
|
+
consumeAuthCode(code: string, clientId: string): Promise<AuthCodeData | null>;
|
|
70
|
+
canImpersonate(params: {
|
|
71
|
+
realUserId: AuthIdentifier;
|
|
72
|
+
effectiveUserId: AuthIdentifier;
|
|
73
|
+
}): Promise<boolean>;
|
|
74
|
+
}
|
|
75
|
+
export {};
|
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.SqlAuthStore = void 0;
|
|
4
|
+
const sequelize_js_1 = require("../oauth/sequelize.js");
|
|
5
|
+
const sequelize_js_2 = require("../passkey/sequelize.js");
|
|
6
|
+
const sequelize_js_3 = require("../token/sequelize.js");
|
|
7
|
+
const sequelize_js_4 = require("../user/sequelize.js");
|
|
8
|
+
const compat_auth_storage_js_1 = require("./compat-auth-storage.js");
|
|
9
|
+
const DEFAULT_PASSKEY_CONFIG = {
|
|
10
|
+
rpId: 'localhost',
|
|
11
|
+
rpName: 'API Server',
|
|
12
|
+
origins: ['http://localhost:5173'],
|
|
13
|
+
timeoutMs: 5 * 60 * 1000,
|
|
14
|
+
userVerification: 'preferred'
|
|
15
|
+
};
|
|
16
|
+
function isOriginString(origin) {
|
|
17
|
+
return typeof origin === 'string' && origin.trim().length > 0;
|
|
18
|
+
}
|
|
19
|
+
function normalizePasskeyConfig(config = {}) {
|
|
20
|
+
const candidateOrigins = Array.isArray(config.origins) && config.origins.length > 0 ? config.origins.filter(isOriginString) : null;
|
|
21
|
+
return {
|
|
22
|
+
rpId: config.rpId?.trim() || DEFAULT_PASSKEY_CONFIG.rpId,
|
|
23
|
+
rpName: config.rpName?.trim() || DEFAULT_PASSKEY_CONFIG.rpName,
|
|
24
|
+
origins: candidateOrigins ? candidateOrigins.map((origin) => origin.trim()) : DEFAULT_PASSKEY_CONFIG.origins,
|
|
25
|
+
timeoutMs: typeof config.timeoutMs === 'number' && config.timeoutMs > 0
|
|
26
|
+
? config.timeoutMs
|
|
27
|
+
: DEFAULT_PASSKEY_CONFIG.timeoutMs,
|
|
28
|
+
userVerification: config.userVerification ?? DEFAULT_PASSKEY_CONFIG.userVerification
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
class SqlAuthStore {
|
|
32
|
+
constructor(params) {
|
|
33
|
+
this.closed = false;
|
|
34
|
+
if (!params?.sequelize) {
|
|
35
|
+
throw new Error('SqlAuthStore requires an initialised Sequelize instance');
|
|
36
|
+
}
|
|
37
|
+
this.sequelize = params.sequelize;
|
|
38
|
+
this.syncOptions = params.syncOptions;
|
|
39
|
+
this.userStore = new sequelize_js_4.SequelizeUserStore({
|
|
40
|
+
sequelize: this.sequelize,
|
|
41
|
+
userModel: params.userModel,
|
|
42
|
+
userModelFactory: params.userModelFactory,
|
|
43
|
+
recordMapper: params.userRecordMapper,
|
|
44
|
+
toPublic: params.publicUserMapper,
|
|
45
|
+
bcryptRounds: params.bcryptRounds,
|
|
46
|
+
bcryptPepper: params.passwordPepper
|
|
47
|
+
});
|
|
48
|
+
this.tokenStore =
|
|
49
|
+
params.tokenStore ?? new sequelize_js_3.SequelizeTokenStore({ sequelize: this.sequelize, ...params.tokenStoreOptions });
|
|
50
|
+
this.oauthStore = new sequelize_js_1.SequelizeOAuthStore({
|
|
51
|
+
sequelize: this.sequelize,
|
|
52
|
+
...params.oauthStoreOptions,
|
|
53
|
+
bcryptRounds: params.bcryptRounds
|
|
54
|
+
});
|
|
55
|
+
let passkeyStore;
|
|
56
|
+
let passkeyConfig;
|
|
57
|
+
if (params.passkeys !== false) {
|
|
58
|
+
passkeyConfig = normalizePasskeyConfig(params.passkeys ?? {});
|
|
59
|
+
const resolveUser = async (lookup) => {
|
|
60
|
+
const found = await this.userStore.findUser(lookup.userId ?? lookup.login ?? '');
|
|
61
|
+
if (!found) {
|
|
62
|
+
return null;
|
|
63
|
+
}
|
|
64
|
+
const mapper = params.passkeyUserMapper ??
|
|
65
|
+
((user) => ({
|
|
66
|
+
id: (this.userStore.getUserId(user) ?? user['user_id']),
|
|
67
|
+
login: user.login ?? String(this.userStore.getUserId(user)),
|
|
68
|
+
displayName: user.login ?? String(this.userStore.getUserId(user))
|
|
69
|
+
}));
|
|
70
|
+
return mapper(found);
|
|
71
|
+
};
|
|
72
|
+
passkeyStore = new sequelize_js_2.SequelizePasskeyStore({ sequelize: this.sequelize, resolveUser });
|
|
73
|
+
this.passkeyStore = passkeyStore;
|
|
74
|
+
}
|
|
75
|
+
this.adapter = new compat_auth_storage_js_1.AuthStorageAdapter({
|
|
76
|
+
userStore: this.userStore,
|
|
77
|
+
tokenStore: this.tokenStore,
|
|
78
|
+
passkeys: passkeyStore && passkeyConfig ? { store: passkeyStore, config: passkeyConfig } : undefined,
|
|
79
|
+
oauthStore: this.oauthStore,
|
|
80
|
+
canImpersonate: params.canImpersonate
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
async initialise(withSync = false) {
|
|
84
|
+
await this.sequelize.authenticate();
|
|
85
|
+
if (withSync) {
|
|
86
|
+
await this.sequelize.sync(this.syncOptions);
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
async close() {
|
|
90
|
+
if (this.closed) {
|
|
91
|
+
return;
|
|
92
|
+
}
|
|
93
|
+
this.closed = true;
|
|
94
|
+
try {
|
|
95
|
+
await this.sequelize.close();
|
|
96
|
+
}
|
|
97
|
+
catch (error) {
|
|
98
|
+
const message = error?.message ?? '';
|
|
99
|
+
if (!/closed/i.test(message)) {
|
|
100
|
+
throw error;
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
finally {
|
|
104
|
+
this.sequelize.close = async () => { };
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
async getUser(identifier) {
|
|
108
|
+
return this.adapter.getUser(identifier);
|
|
109
|
+
}
|
|
110
|
+
getUserPasswordHash(user) {
|
|
111
|
+
return this.adapter.getUserPasswordHash(user);
|
|
112
|
+
}
|
|
113
|
+
getUserId(user) {
|
|
114
|
+
return this.adapter.getUserId(user);
|
|
115
|
+
}
|
|
116
|
+
filterUser(user) {
|
|
117
|
+
return this.adapter.filterUser(user);
|
|
118
|
+
}
|
|
119
|
+
async verifyPassword(password, hash) {
|
|
120
|
+
return this.adapter.verifyPassword(password, hash);
|
|
121
|
+
}
|
|
122
|
+
async storeToken(data) {
|
|
123
|
+
return this.adapter.storeToken(data);
|
|
124
|
+
}
|
|
125
|
+
async getToken(query, opts) {
|
|
126
|
+
const normalized = {
|
|
127
|
+
...query,
|
|
128
|
+
userId: query.userId !== undefined && query.userId !== null ? String(query.userId) : undefined,
|
|
129
|
+
ruid: query.ruid !== undefined && query.ruid !== null ? String(query.ruid) : undefined
|
|
130
|
+
};
|
|
131
|
+
return this.adapter.getToken(normalized, opts);
|
|
132
|
+
}
|
|
133
|
+
async deleteToken(query) {
|
|
134
|
+
const normalized = {
|
|
135
|
+
...query,
|
|
136
|
+
userId: query.userId !== undefined && query.userId !== null ? String(query.userId) : undefined,
|
|
137
|
+
ruid: query.ruid !== undefined && query.ruid !== null ? String(query.ruid) : undefined
|
|
138
|
+
};
|
|
139
|
+
return this.adapter.deleteToken(normalized);
|
|
140
|
+
}
|
|
141
|
+
async updateToken(updates) {
|
|
142
|
+
return this.adapter.updateToken(updates);
|
|
143
|
+
}
|
|
144
|
+
async createPasskeyChallenge(params) {
|
|
145
|
+
return this.adapter.createPasskeyChallenge(params);
|
|
146
|
+
}
|
|
147
|
+
async verifyPasskeyResponse(params) {
|
|
148
|
+
return this.adapter.verifyPasskeyResponse(params);
|
|
149
|
+
}
|
|
150
|
+
async getClient(clientId) {
|
|
151
|
+
return this.adapter.getClient(clientId);
|
|
152
|
+
}
|
|
153
|
+
async verifyClientSecret(client, clientSecret) {
|
|
154
|
+
return this.adapter.verifyClientSecret(client, clientSecret);
|
|
155
|
+
}
|
|
156
|
+
async createAuthCode(request) {
|
|
157
|
+
return this.adapter.createAuthCode(request);
|
|
158
|
+
}
|
|
159
|
+
async consumeAuthCode(code, clientId) {
|
|
160
|
+
return this.adapter.consumeAuthCode(code, clientId);
|
|
161
|
+
}
|
|
162
|
+
async canImpersonate(params) {
|
|
163
|
+
return this.adapter.canImpersonate(params);
|
|
164
|
+
}
|
|
165
|
+
}
|
|
166
|
+
exports.SqlAuthStore = SqlAuthStore;
|