@telia-ace/alliance-internal-node-utilities 1.0.2-next.0 → 1.0.2-next.1

package/dist/index.cjs

@@ -1,5 +1,802 @@
-"use strict";const nestjsPino=require("nestjs-pino"),expressOpenidConnect=require("express-openid-connect"),jsonwebtoken=require("jsonwebtoken"),common=require("@nestjs/common"),config=require("@nestjs/config"),t=require("slugify"),node_fs=require("node:fs"),node_path=require("node:path"),promises=require("node:stream/promises");function _interopDefaultCompat(e){return e&&typeof e=="object"&&"default"in e?e.default:e}const t__default=_interopDefaultCompat(t);var SharedConfigKeys=(e=>(e.AuthAuthority="AUTH_AUTHORITY",e.AuthCookieName="AUTH_COOKIE_NAME",e.AuthCookieSecret="AUTH_COOKIE_SECRET",e.DbEndpoint="DB_ENDPOINT",e.JwtPrivateKey="JWT_PRIVATE_KEY",e.ServiceLogLevel="SERVICE_LOG_LEVEL",e.ServicePort="SERVICE_PORT",e))(SharedConfigKeys||{}),AllianceHeaders=(e=>(e.TargetUrl="alliance-target-url",e.TargetApp="alliance-target-app",e.TargetWorkspace="alliance-target-workspace",e))(AllianceHeaders||{});function authMiddleware(e,{baseURL:i="https://127.0.0.1",clientSecret:o,clientID:u=" ",authRequired:n=!0,authorizationParams:g={},afterCallback:d}={}){return expressOpenidConnect.auth({baseURL:i,clientSecret:o,clientID:u,authRequired:n,authorizationParams:g,afterCallback:d,issuerBaseURL:`${e.getOrThrow(SharedConfigKeys.AuthAuthority)}/.well-known/openid-configuration`,secret:e.getOrThrow(SharedConfigKeys.AuthCookieSecret),session:{name:e.getOrThrow(SharedConfigKeys.AuthCookieName)},routes:{callback:"/signin-oidc"}})}function createBearerToken({privateKey:e,aud:i,sub:o,name:u,user:n,workspace:g}){return`Bearer ${jsonwebtoken.sign({iss:"Alliance",aud:i,sub:o,name:u,"https://alliance.teliacompany.net/user_type":n.type,"https://alliance.teliacompany.net/user_privileges":n.permissions,"https://alliance.teliacompany.net/workspace":g.slug,"https://alliance.teliacompany.net/workspace_name":g.name,"https://alliance.teliacompany.net/tenant":g.slug,"https://alliance.teliacompany.net/tenant_name":g.name},e,{expiresIn:"1h",algorithm:"RS256"})}`}function getPrivateKey(e){return`-----BEGIN RSA PRIVATE KEY-----
-`+e.getOrThrow(SharedConfigKeys.JwtPrivateKey)+`
------END RSA PRIVATE KEY-----`}function createSystemUserToken(e){return createBearerToken({aud:"system",sub:"system",name:"system",workspace:{slug:"system",name:"system"},user:{type:"system",permissions:[]},privateKey:getPrivateKey(e)})}var GatewayErrorCodes=(e=>(e[e.NoMatchingEndpoint=1e4]="NoMatchingEndpoint",e[e.NoObjectId=10001]="NoObjectId",e[e.NoTargetAppHeader=10002]="NoTargetAppHeader",e[e.NoTargetWorkspaceHeader=10003]="NoTargetWorkspaceHeader",e[e.NoManifestsInCache=10004]="NoManifestsInCache",e[e.NoDevSessionInCache=10005]="NoDevSessionInCache",e[e.NoManifest=10006]="NoManifest",e[e.NoRequestContext=10007]="NoRequestContext",e[e.NoUserInRequestContext=10008]="NoUserInRequestContext",e[e.NoAppInRequestContext=10009]="NoAppInRequestContext",e[e.NoWorkspaceInRequestContext=10010]="NoWorkspaceInRequestContext",e[e.NoManifestInRequestContext=10011]="NoManifestInRequestContext",e[e.NoUserPermissionsInRequestContext=10012]="NoUserPermissionsInRequestContext",e))(GatewayErrorCodes||{}),DatabasesErrorCodes=(e=>(e[e.NoPublicKey=11e3]="NoPublicKey",e[e.NoAuthHeader=11001]="NoAuthHeader",e[e.FailedFileStore=11002]="FailedFileStore",e[e.FailedFileRead=11003]="FailedFileRead",e))(DatabasesErrorCodes||{}),PortalErrorCodes=(e=>(e[e.NoObjectId=12e3]="NoObjectId",e))(PortalErrorCodes||{});const allianceErrors={[1e4]:{httpCode:common.HttpStatus.BAD_REQUEST,message:"Could not find endpoint matching request in app manifest."},[10001]:{httpCode:common.HttpStatus.UNAUTHORIZED,message:"No object id available on authenticated user."},[10002]:{httpCode:common.HttpStatus.BAD_REQUEST,message:`Request missing header '${AllianceHeaders.TargetApp}'.`},[10003]:{httpCode:common.HttpStatus.BAD_REQUEST,message:`Request missing header '${AllianceHeaders.TargetWorkspace}'.`},[10004]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"App manifests missing in cache."},[10005]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No dev session in memory cache."},[10006]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"Could not find manifest for app '{{appSlug}}'."},[10007]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No request context."},[10008]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No user in request context."},[10009]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No app in request context."},[10010]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No workspace in request context."},[10011]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No manifest in request context."},[10012]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"No user permissions in request context."},[11e3]:{httpCode:common.HttpStatus.UNAUTHORIZED,message:"No public key available to decode JWT."},[11001]:{httpCode:common.HttpStatus.UNAUTHORIZED,message:"No authorization header found."},[11002]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"Error storing file."},[11003]:{httpCode:common.HttpStatus.INTERNAL_SERVER_ERROR,message:"Error reading file."},[12e3]:{httpCode:common.HttpStatus.UNAUTHORIZED,message:"No object id found in user claims."}};function p(e,i){return Object.entries(i).reduce((o,[u,n])=>o.replaceAll(`{{${u}}}`,n),e)}class AllianceException extends common.HttpException{constructor(i,o={}){const{message:u,httpCode:n}=allianceErrors[i];super(p(u,o),n),this.code=i,this.info=`https://github.com/telia-company/ace-alliance-sdk/wiki/error-codes#${i}`}}var c=Object.defineProperty,a$2=Object.getOwnPropertyDescriptor,r=(e,i,o,u)=>{for(var n=u>1?void 0:u?a$2(i,o):i,g=e.length-1,d;g>=0;g--)(d=e[g])&&(n=(u?d(i,o,n):d(n))||n);return u&&n&&c(i,o,n),n};exports.AllianceExceptionFilter=class{catch(i,o){const u=o.switchToHttp().getResponse(),n=i.getStatus();u.status&&u.status(n).json({httpCode:n,code:i.code,info:i.info,message:i.message})}},exports.AllianceExceptionFilter=r([common.Catch(AllianceException)],exports.AllianceExceptionFilter);var f=Object.defineProperty,s=Object.getOwnPropertyDescriptor,a$1=(e,i,o,u)=>{for(var n=u>1?void 0:u?s(i,o):i,g=e.length-1,d;g>=0;g--)(d=e[g])&&(n=(u?d(i,o,n):d(n))||n);return u&&n&&f(i,o,n),n},l$1=(e,i)=>(o,u)=>i(o,u,e);exports.LoggerService=class{constructor(i){this.logger=i,this.log=(...o)=>this.logger.info(...o),this.trace=(...o)=>this.logger.trace(...o),this.debug=(...o)=>this.logger.debug(...o),this.info=(...o)=>this.logger.info(...o),this.warn=(...o)=>this.logger.warn(...o),this.error=(...o)=>this.logger.error(...o),this.fatal=(...o)=>this.logger.fatal(...o)}},exports.LoggerService=a$1([common.Injectable(),l$1(0,nestjsPino.InjectPinoLogger())],exports.LoggerService);var l=Object.defineProperty,m=Object.getOwnPropertyDescriptor,a=(e,i,o,u)=>{for(var n=u>1?void 0:u?m(i,o):i,g=e.length-1,d;g>=0;g--)(d=e[g])&&(n=(u?d(i,o,n):d(n))||n);return u&&n&&l(i,o,n),n};exports.LoggerModule=class{static forRoot({logLevel:i,redact:o=!0}={}){return{module:exports.LoggerModule,controllers:[],imports:[nestjsPino.LoggerModule.forRootAsync({imports:[config.ConfigModule],inject:[config.ConfigService],useFactory:async u=>({pinoHttp:{level:i||u.get(SharedConfigKeys.ServiceLogLevel)||"silent",redact:o?["authorization","headers.authorization","req.headers.authorization","req.remoteAddress","req.remotePort"]:[],transport:{target:"pino-pretty",options:{colorize:!0,colorizeObjects:!0}}}})})],global:!0,providers:[exports.LoggerService],exports:[]}}},exports.LoggerModule=a([common.Module({providers:[exports.LoggerService],exports:[exports.LoggerService]})],exports.LoggerModule);function slugify(e){return t__default(e,{strict:!0,replacement:"-",lower:!0})}function viteCssImportPlugin(e,i=!1){return{name:"vite-plugin-css-import",apply:"build",enforce:"post",writeBundle:async(o,u)=>{const n=Object.keys(u).filter(R=>R.endsWith(".css"));if(!n.length)return;const g=node_path.resolve(process.cwd(),`${e}-temp.js`),d=node_path.resolve(process.cwd(),`${e}.js`),N=n.reduce((R,E)=>{if(i){const C=node_path.dirname(d),A=node_path.relative(C,E);return`${R}import "${A.replaceAll("\\","/")}";
-`}return`${R}import "./${E}";
-`},""),h=node_fs.createWriteStream(g);h.write(N,"utf8");const S=node_fs.createReadStream(d);await promises.pipeline(S,h),node_fs.rmSync(d,{force:!0}),node_fs.renameSync(g,d),h.end()}}}exports.LoggerErrorInterceptor=nestjsPino.LoggerErrorInterceptor,exports.AllianceException=AllianceException,exports.AllianceHeaders=AllianceHeaders,exports.DatabasesErrorCodes=DatabasesErrorCodes,exports.GatewayErrorCodes=GatewayErrorCodes,exports.PortalErrorCodes=PortalErrorCodes,exports.SharedConfigKeys=SharedConfigKeys,exports.authMiddleware=authMiddleware,exports.createBearerToken=createBearerToken,exports.createSystemUserToken=createSystemUserToken,exports.getPrivateKey=getPrivateKey,exports.slugify=slugify,exports.viteCssImportPlugin=viteCssImportPlugin;
+'use strict';
+
+const nestjsPino = require('nestjs-pino');
+const expressOpenidConnect = require('express-openid-connect');
+const jsonwebtoken = require('jsonwebtoken');
+const jsonschema = require('jsonschema');
+const node_path = require('node:path');
+const node_fs = require('node:fs');
+const common = require('@nestjs/common');
+const config = require('@nestjs/config');
+const _slugify = require('slugify');
+const promises = require('node:stream/promises');
+
+function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e.default : e; }
+
+const _slugify__default = /*#__PURE__*/_interopDefaultCompat(_slugify);
+
+var SharedConfigKeys = /* @__PURE__ */ ((SharedConfigKeys2) => {
+  SharedConfigKeys2["AuthAuthority"] = "AUTH_AUTHORITY";
+  SharedConfigKeys2["AuthCookieName"] = "AUTH_COOKIE_NAME";
+  SharedConfigKeys2["AuthCookieSecret"] = "AUTH_COOKIE_SECRET";
+  SharedConfigKeys2["DbEndpoint"] = "DB_ENDPOINT";
+  SharedConfigKeys2["JwtPrivateKey"] = "JWT_PRIVATE_KEY";
+  SharedConfigKeys2["ServiceLogLevel"] = "SERVICE_LOG_LEVEL";
+  SharedConfigKeys2["ServicePort"] = "SERVICE_PORT";
+  return SharedConfigKeys2;
+})(SharedConfigKeys || {});
+
+var AllianceHeaders = /* @__PURE__ */ ((AllianceHeaders2) => {
+  AllianceHeaders2["TargetUrl"] = "alliance-target-url";
+  AllianceHeaders2["TargetApp"] = "alliance-target-app";
+  AllianceHeaders2["TargetWorkspace"] = "alliance-target-workspace";
+  return AllianceHeaders2;
+})(AllianceHeaders || {});
+
+function authMiddleware(configService, {
+  baseURL = "https://127.0.0.1",
+  clientSecret,
+  clientID = " ",
+  authRequired = true,
+  authorizationParams = {},
+  afterCallback
+} = {}) {
+  return expressOpenidConnect.auth({
+    baseURL,
+    clientSecret,
+    clientID,
+    authRequired,
+    authorizationParams,
+    afterCallback,
+    issuerBaseURL: `${configService.getOrThrow(
+      SharedConfigKeys.AuthAuthority
+    )}/.well-known/openid-configuration`,
+    secret: configService.getOrThrow(SharedConfigKeys.AuthCookieSecret),
+    session: {
+      name: configService.getOrThrow(SharedConfigKeys.AuthCookieName)
+    },
+    routes: {
+      callback: "/signin-oidc"
+    }
+  });
+}
+
+function createBearerToken({
+  privateKey,
+  aud,
+  sub,
+  name,
+  user,
+  workspace
+}) {
+  const jwt = jsonwebtoken.sign(
+    {
+      iss: "Alliance",
+      aud,
+      sub,
+      name,
+      "https://alliance.teliacompany.net/user_type": user.type,
+      "https://alliance.teliacompany.net/user_privileges": user.permissions,
+      "https://alliance.teliacompany.net/workspace": workspace.slug,
+      "https://alliance.teliacompany.net/workspace_name": workspace.name,
+      "https://alliance.teliacompany.net/tenant": workspace.slug,
+      "https://alliance.teliacompany.net/tenant_name": workspace.name
+    },
+    privateKey,
+    {
+      expiresIn: "1h",
+      algorithm: "RS256"
+    }
+  );
+  return `Bearer ${jwt}`;
+}
+function getPrivateKey(configService) {
+  const privateKey = configService.getOrThrow(SharedConfigKeys.JwtPrivateKey);
+  return "-----BEGIN RSA PRIVATE KEY-----\n" + privateKey + "\n-----END RSA PRIVATE KEY-----";
+}
+function createSystemUserToken(configService) {
+  return createBearerToken({
+    aud: "system",
+    sub: "system",
+    name: "system",
+    workspace: {
+      slug: "system",
+      name: "system"
+    },
+    user: {
+      type: "system",
+      permissions: []
+    },
+    privateKey: getPrivateKey(configService)
+  });
+}
+
+function generateCookiePolicyHtml(appManifests) {
+  const cookiePolicyTableRows = [];
+  for (const appName in appManifests) {
+    const manifest = appManifests[appName];
+    if (!manifest.storage) {
+      continue;
+    }
+    for (const [key, value] of Object.entries(manifest.storage)) {
+      const tableRow = createCookiePolicyTableRow(key, value);
+      cookiePolicyTableRows.push(tableRow);
+    }
+  }
+  return cookiePolicyHtml.replace("{APP_COOKIES}", cookiePolicyTableRows.join(""));
+}
+function createCookiePolicyTableRow(key, claimEntry) {
+  const rows = ["<tr>"];
+  const { category, purpose, lifespan } = claimEntry;
+  rows.push(`<td>${key}</td>`);
+  rows.push(`<td>${category}</td>`);
+  rows.push(`<td>${purpose}</td>`);
+  rows.push(`<td>${lifespan}</td>`);
+  rows.push("</tr>");
+  return rows.join("");
+}
+const cookiePolicyHtml = `
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>ACE Alliance - Cookie Policy</title>
+        <link
+            rel="icon"
+            href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAGcElEQVRYha2Xe4xUVx3HP7/fPTOzDLO7sw8RlzWlZEtp2dCy0qIVWltKU/UPDZH6ijXWEK2odPcPa2qbhpi2kSa7blSStsFUjNq0lWCMaVMx8rAm22IJMJRHCqFC6BJ22eEx+5p7z88/7sywC7uwgCe5mXsz5/y+j/M753eOcJ2tK5sDyBrME2gBmkBq43/tnMERgXdAjrbn518yXq4RNA3cB/J54HNiMhfEicm4oAYghmHexN4Dew5k01giUybQlc1h0CbI9zC+Imi9mCAIYhoHsnI4KcNjYoDhxWPxsxFY1Z5vHQVwVwSu3Qdid4E8rSb3i6mqKYwBjpWX1V/QZBiYYWIIiifCw8Mm/vS7L/W237FqJno58M5srgmxP4npjsAHDwTeaeAdagGBdwQWoBYgFqCmqGlMqvTE3+U+ipbeE+ngB42Lde6kDnRmcwisAHlBfdBYCYxStp3y7xjTJ51RA0XxgGCkasQFSfkW8NQlBDqzORVYK6ZPqAU6ThUyqd0TN7mQDRZ/CULzvVVeRO68xIGubE6BbjH9oVqA+thaQccpvjLwRDTit2RG/fxVGR3sLc4ELuRAV90+gJ/G4K4EHpRs1wr7qwW/uH36uaxPzwz0xNZhHUfAzJZgsjZWrqXEiTP9WlRP1Bb+pCacs2KaCwvmD/5+cLhCoCubU0G61QJXyWYkVv9/Av/UEzVh2+PVDmDPr875ob4oD6UcMLhfTdqU8dket+sDD6rwS7vrfMs30i4qRhzfMhwe3FhwQG+FgMDKytIyKe1o1zffZlB3swvve7mehgVJZ95zatdouG31gHpvoHYUwHVmc4AsqoCXYK9HtzhYsDoTLnqyRl1a1QxOvjMavrmyT4sFr6hhsA/AZUbqKKTy9ZfCXhuFpntS4WfWZWloTcTTa8bh14fCrY/2a3E4UlOLt2jYCeCGE+cBBuPhdk2gZjDjjmS46KkampelnEhMPhwy3/PkGb/vhXPO4zGJ60KyTo5nPpk8wg5wPz57M13Z3PuGzRtTxEovV3BBoXlZKrytvZqmpSknKhVCJ3tGwu2rBxjYHzrEymUZw9Py0LQtD6yb7aG8CoR/mNgKs1LHEomJ4M2M9McDf9PX0n7eI9OpbXEVxQCFE5F/d+0Zf+iPgy7e/GPDjVj9rGXJcO7D6b+yLu7vABavrd10/O8jz5/cFqXNFBGr1HYzQ0SoviEIm5dXceOXpvGJpSkNEjJuGy+ciPzu7nN+/4aCRkM2vsaUrM/coH7ed9Ond3WffbPyF8CxQ/1Y5F8b/C9fHthlFPvFB05JNzqtvSnBxxYmmN4UVCwe60b/7mK4d/15Dr82qH50fHkva/fiSc00v/SlGr97fX79ytdb1owjAHDwX71tVbWuJ9OQdMl0gmTKESQUVWGsxQDD/ZE/snnIH/xdgVP/KU5yqCnBi2f6bPF3b6jxe17Mhx9sKizsyLceKPeqDP7bF/rfa2xLvHrLN6sfmr08o0GDqAaCIYRD3g/sD/1Hb49w7K1hev89otEoTi6To+V5n3l3Mryru1r3vpjn8KbCZjU5MLbfuBCd2VyzIHsTgauZ3pAkkXIanScc6Tf1RfRiJyYHN4Iq/O2PZ/zc71Rpz89P+30bz4QmdltHvvXQpARKJB5R0w0XSvL4cjwV+FnLU+HiZ2tUpxtbf9Tnj20vOJPo2fZ8688u7n3pmdB42Yt/xUuESVQ+yVJexZNtVmbQ2JYIH9zcGC5/pd71Hxjxm5f1cnzboDPx7xs8M9G4CSV1ZnOZICE7GNXbKweTMU7EA6USoemeVLhgTYame1Nu4MBI2PN0ng+3DDovIZFG5w37bEe+dc+UCQC8/ZtjzX07i/88saU4J8yLXiAhaCC+fn7Sz/7iNFq+mqZ6TuD6do+Gu7vPcuQvBRf62LlIQ2/Y1zvyra9OhnPZSf1g58k5I6ftDSnqnNFTaOACqmclfP0tSa3KBjrc5/2Hbwz7Q38ocHLniDM8XjxeIrxG3rA16vXXj529dVKMK2bVL2fkmhrmJ/9cPy91Z2ZGwhMqQx95TudC8gdCZx4obbMVAhqNGvaoCr99bKD1svGntK4647vg84J8X021PBXlK5gJGJWr11GDb3fkW7dPJfaUi3539iARxSUCz4AsERMVpHwDxMTyhq0HftGRbz071bhXfeooXVJvBR4EbgSGgR6Bt9qvArjc/gfZzPoCTDB+AgAAAABJRU5ErkJggg=="
+        />
+        <style>
+            @charset "UTF-8";
+            @import 'https://cdn.voca.teliacompany.com/fonts/TeliaSansV10/TeliaSans.css';
+            @import 'https://fonts.googleapis.com/css?family=Reenie+Beanie';
+
+            body {
+                font-family: TeliaSans, Helvetica, Arial, Lucida Grande, sans-serif;
+            }
+
+            body > div {
+                max-width: 1000px;
+                margin: 0 auto;
+                padding: 0 40px 40px;
+            }
+        </style>
+    </head>
+
+    <body>
+        <div>
+            <h1>Cookie Policy</h1>
+            <p>
+                On our websites, we use cookies and other similar technologies. You can choose
+                whether you want to allow our websites to store cookies on your computer or not. You
+                can change your choices at any time.
+            </p>
+
+            <h2>Your consent is required</h2>
+            <p>
+                You choose whether you want to accept cookies on your device or not. Your consent is
+                required for the use of cookies, but not for such cookies that are necessary to
+                enable the service that you as a user have requested. If you do not accept our use
+                of cookies, or if you have previously approved our use and have changed your mind,
+                you can return to your cookie settings at any time and change your choices. You do
+                this by clicking on the cookie button/link. You may also need to change the settings
+                in your browser and manually delete cookies to clear your device of previously
+                stored cookies.
+            </p>
+
+            <h2>What are cookies?</h2>
+            <p>
+                A cookie is a small text file that is stored on your computer by the web browser
+                while browsing a website. When we refer to cookies (\u201Ccookies\u201D) in this policy, other
+                similar technologies and tools that retrieve and store information in your browser,
+                and in some cases forward such information to third parties, in a manner similar to
+                cookies. Examples are pixels, local storage, session storage and fingerprinting.
+            </p>
+            <p>
+                The websites will \u201Cremember\u201D and \u201Crecognize\u201D you. This can be done by placing
+                cookies in three different ways;
+            </p>
+            <ul>
+                <li>The session ends, ie until you close the window in your browser.</li>
+                <li>
+                    Time-limited, ie the cookie has a predetermined lifespan. The time may vary
+                    between different cookies.
+                </li>
+                <li>
+                    Until further notice, ie the information remains until you choose to delete it
+                    yourself. This applies to local storage.
+                </li>
+            </ul>
+            <p>You can always go into your browser and delete already stored cookies yourself.</p>
+
+            <h3>Third Party Cookies</h3>
+            <p>
+                We use third-party cookies on our websites. Third-party cookies are stored by
+                someone other than the person responsible for the website, in this case by a company
+                other than Telia.
+            </p>
+            <p>
+                Telia uses external platforms to communicate digitally, these include the Google
+                Marketing Platform and others. The platforms use both first- and third-party cookies
+                as well as similar techniques to advertise and follow up the results of the
+                advertising.
+            </p>
+            <p>
+                A third-party cookie can be used by several websites to understand and track how you
+                browse between different websites. Telia receives information from these cookies,
+                but the information can also be used for other purposes determined by third parties.
+                Third-party cookies found on our website are covered by each third-party privacy
+                policy. Feel free to read these to understand what other purposes the information
+                can be used for. Links are in our Cookie Table.
+            </p>
+            <p>
+                For information about which third-party cookies are used on our websites, see our
+                Cookie Table. For more information on how Telia handles personal data in connection
+                with transfers to third parties, read our Privacy Policy.
+            </p>
+
+            <h2>Cookies on our websites</h2>
+            <p>
+                In order for you to have better control over which cookies are used on the websites,
+                and thus be able to more easily decide how cookies should be used when you visit our
+                websites, we have identified four different categories of cookies. These categories
+                are defined based on the purposes for the use of the cookies.
+            </p>
+            <p>
+                In our Cookie Table, you can also see which category each cookie belongs to, for
+                what purposes it is used and for how long it is active.
+            </p>
+            <p>
+                We have identified the following four categories of cookies. All categories contain
+                cookies which means that data is shared with third parties.
+            </p>
+
+            <h3>Necessary</h3>
+            <p>
+                These cookies are needed for our app to work in a secure and correct way. Necessary
+                cookies enable you to use our app and us to provide the service you request.
+                Necessary cookies make basic functions of the app possible, for example, identifying
+                you when you log into My Telia, detecting repeated failed login attempts,
+                identifying where you are in the buying process and remembering the items put into
+                your shopping basket.
+            </p>
+
+            <h3>Functionality</h3>
+            <p>
+                These cookies let us to enable some useful functionalities to make the user
+                experience better, for example, to remember your login details and settings.
+            </p>
+
+            <h3>Analytics</h3>
+            <p>
+                These cookies give us information about how you use our app and allow us to improve
+                the user experience.
+            </p>
+
+            <h3>Marketing</h3>
+            <p>
+                These cookies help us and our partners to display personalized and relevant ads
+                based on your browsing behavior on our website and in our app, even when you later
+                visit other (third parties\u2019) websites. These cookies are used to evaluate the
+                effectiveness of our marketingcampaigns, as well as for targeted marketing and
+                profiling, regardless of which device(s) you have used. Information collected for
+                this purpose may also be combined with other customer and traffic data we have about
+                you, if you have given your consent that we may use your traffic data for marketing
+                purpose and have not objected to the use of your customer data for marketing
+                purposes.
+            </p>
+
+            <h2>Manage settings</h2>
+            <p>
+                We save your cookie consent for 12 months. Then we will ask you again. Please note
+                that some cookies have a lifespan that exceeds these 12 months. You may therefore
+                need to change the settings in your browser and manually delete all cookies.
+            </p>
+            <p>
+                More information on how to turn off cookies can be found in the instructions for
+                your browser.
+            </p>
+            <ul>
+                <li>
+                    <a
+                        href="https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&amp;hl=en"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Google Chrome</a
+                    >
+                </li>
+                <li>
+                    <a
+                        href="https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Microsoft Edge</a
+                    >
+                </li>
+                <li>
+                    <a
+                        href="https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Mozilla Firefox</a
+                    >
+                </li>
+                <li>
+                    <a
+                        href="https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Microsoft Internet Explorer</a
+                    >
+                </li>
+                <li>
+                    <a
+                        href="https://www.opera.com/help/tutorials/security/privacy/"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Opera</a
+                    >
+                </li>
+                <li>
+                    <a
+                        href="https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac"
+                        target="_blank"
+                        rel="noopener noreferrer"
+                        >Apple Safari</a
+                    >
+                </li>
+            </ul>
+
+            <h3>Do Not Track-signals</h3>
+            <p>
+                If you have chosen to turn on the Do Not Track function in your browser, we will not
+                automatically place cookies for marketing on your device. You make other choices in
+                your cookie settings.
+            </p>
+
+            <h3>If you block cookies</h3>
+            <p>
+                If you choose not to accept our use of cookies, the functionality and performance of
+                our websites may deteriorate as certain functions are dependent on cookies. A
+                blocking of cookies can therefore mean that the websites\u2019 services do not work as
+                they should.
+            </p>
+
+            <h3>Your security with us</h3>
+            <p>
+                If you want to read more about your rights and how we protect your privacy, go to
+                our privacy policy for
+                <a
+                    href="https://www.telia.se/dam/jcr:df2eeb83-50ce-4383-89fc-0613f7615796/Integritetspolicy-privatkunder.pdf"
+                    >private customers</a
+                >
+                (C2B) or
+                <a
+                    href="https://www.telia.se/dam/jcr:95b2b4a5-82ca-436b-90e0-873e0a864118/Telia-integritetspolicy-foretag.pdf"
+                    >corporate customers</a
+                >
+                (B2B). You are always welcome to contact us at
+                <a href="mailto:dpo-se@teliacompany.com">dpo-se@teliacompany.com</a> if you have any
+                questions.
+            </p>
+            <p>Our cookie policy may change in the future.</p>
+            <p>
+                More information about cookies can be found at the Swedish Post and Telecom
+                Authority (PTS).
+            </p>
+
+            <h2>Our Cookie Table</h2>
+            <p>
+                Below, you will find a list of the cookies and similar technologies that we use on
+                this website. These cookies are stored on your device by us.
+            </p>
+            <table>
+                <thead>
+                    <tr>
+                        <th>Cookie</th>
+                        <th>Category</th>
+                        <th>Purpose</th>
+                        <th>Lifespan</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <tr>
+                        <td>alliance-session-v1</td>
+                        <td>necessary</td>
+                        <td>Contains the authenticated user.</td>
+                        <td>1 day</td>
+                    </tr>
+                    {APP_COOKIES}
+                </tbody>
+            </table>
+            <style>
+                table {
+                    width: 100%;
+                    border: 1px solid rgba(0, 0, 0, 0.15);
+                }
+                th, td {
+                    text-align: left;
+                    padding: 3px;
+                }
+            </style>
+        </div>
+    </body>
+</html>
+`;
+
+function getJsonSchemas() {
+  const frameworkDistDirPath = node_path.resolve(
+    process.cwd(),
+    "node_modules",
+    "@telia-ace/alliance-framework",
+    "dist"
+  );
+  const appConfigSchemaPath = node_path.resolve(frameworkDistDirPath, "config.schema.json");
+  const appManifestSchemaPath = node_path.resolve(frameworkDistDirPath, "manifest.schema.json");
+  const appConfigSchemaFile = node_fs.readFileSync(appConfigSchemaPath).toString();
+  const appManifestSchemaFile = node_fs.readFileSync(appManifestSchemaPath).toString();
+  const appConfig = JSON.parse(appConfigSchemaFile);
+  const appManifest = JSON.parse(appManifestSchemaFile);
+  return {
+    appConfig,
+    appManifest
+  };
+}
+
+async function createTempModuleAndImport(moduleString, fileName) {
+  const file = node_path.resolve(process.cwd(), `${fileName}.mjs`);
+  node_fs.writeFileSync(file, moduleString);
+  const importedModule = await import(`file:///${file}`);
+  node_fs.rmSync(file, { force: true });
+  return importedModule;
+}
+async function getAppManifests(apps) {
+  const moduleStringParts = [];
+  const manifestImportVariables = [];
+  for (const packageName of apps) {
+    const manifestImportVariable = `app${apps.indexOf(packageName)}`;
+    manifestImportVariables.push(manifestImportVariable);
+    moduleStringParts.push(`import ${manifestImportVariable} from '${packageName}/manifest';`);
+  }
+  moduleStringParts.push(`export default [${manifestImportVariables.join(", ")}];`);
+  const result = await createTempModuleAndImport(
+    moduleStringParts.join("\n"),
+    "app-manifests"
+  );
+  return result.default;
+}
+
+function getPkgJson() {
+  const packageJson = node_path.resolve(process.cwd(), "package.json");
+  const pkgJsonFile = node_fs.readFileSync(packageJson).toString();
+  return JSON.parse(pkgJsonFile);
+}
+async function getManifests(pkgJson) {
+  if (!pkgJson || !pkgJson.alliance || !pkgJson.alliance.apps) {
+    throw new Error("Alliance apps not defined in package.json.");
+  }
+  const manifestArray = await getAppManifests(pkgJson.alliance.apps);
+  return manifestArray.reduce((acc, curr) => {
+    acc[curr.name] = curr;
+    return acc;
+  }, {});
+}
+
+const PUBLIC_DIR_NAME = "public";
+const MANIFESTS_FILE_NAME = "manifests.json";
+const COOKIE_POLICY_FILE_NAME = "cookie-policy.html";
+const APP_CONFIG_SCHEMA_FILE_NAME = "config.schema.json";
+const APP_MANIFEST_SCHEMA_FILE_NAME = "manifest.schema.json";
+async function createPublicDistributionFiles() {
+  const pkgJson = getPkgJson();
+  const manifests = await getManifests(pkgJson);
+  const schemas = getJsonSchemas();
+  for (const appName in manifests) {
+    const manifest = manifests[appName];
+    const validationResult = jsonschema.validate(manifest, schemas.appManifest);
+    if (validationResult.errors.length) {
+      const errors = validationResult.errors.map((e) => JSON.stringify(e, null, 2));
+      throw new Error(
+        `Validation of app manifest for app '${appName}' failed with the following errors:
+${errors.join(
+          "\n"
+        )}`
+      );
+    }
+  }
+  const publicDirPath = node_path.resolve(process.cwd(), PUBLIC_DIR_NAME);
+  if (!node_fs.existsSync(publicDirPath)) {
+    node_fs.mkdirSync(publicDirPath);
+  }
+  const manifestsFilePath = node_path.resolve(publicDirPath, MANIFESTS_FILE_NAME);
+  node_fs.writeFileSync(manifestsFilePath, JSON.stringify(manifests));
+  const cookiePolicyFilePath = node_path.resolve(publicDirPath, COOKIE_POLICY_FILE_NAME);
+  node_fs.writeFileSync(cookiePolicyFilePath, generateCookiePolicyHtml(manifests));
+  const appConfigSchemaFilePath = node_path.resolve(publicDirPath, APP_CONFIG_SCHEMA_FILE_NAME);
+  const appManifestSchemaFilePath = node_path.resolve(publicDirPath, APP_MANIFEST_SCHEMA_FILE_NAME);
+  node_fs.writeFileSync(appConfigSchemaFilePath, JSON.stringify(schemas.appConfig));
+  node_fs.writeFileSync(appManifestSchemaFilePath, JSON.stringify(schemas.appManifest));
+}
+
+var GatewayErrorCodes = /* @__PURE__ */ ((GatewayErrorCodes2) => {
+  GatewayErrorCodes2[GatewayErrorCodes2["NoMatchingEndpoint"] = 1e4] = "NoMatchingEndpoint";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoObjectId"] = 10001] = "NoObjectId";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoTargetAppHeader"] = 10002] = "NoTargetAppHeader";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoTargetWorkspaceHeader"] = 10003] = "NoTargetWorkspaceHeader";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoManifestsInCache"] = 10004] = "NoManifestsInCache";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoDevSessionInCache"] = 10005] = "NoDevSessionInCache";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoManifest"] = 10006] = "NoManifest";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoRequestContext"] = 10007] = "NoRequestContext";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoUserInRequestContext"] = 10008] = "NoUserInRequestContext";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoAppInRequestContext"] = 10009] = "NoAppInRequestContext";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoWorkspaceInRequestContext"] = 10010] = "NoWorkspaceInRequestContext";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoManifestInRequestContext"] = 10011] = "NoManifestInRequestContext";
+  GatewayErrorCodes2[GatewayErrorCodes2["NoUserPermissionsInRequestContext"] = 10012] = "NoUserPermissionsInRequestContext";
+  return GatewayErrorCodes2;
+})(GatewayErrorCodes || {});
+var DatabasesErrorCodes = /* @__PURE__ */ ((DatabasesErrorCodes2) => {
+  DatabasesErrorCodes2[DatabasesErrorCodes2["NoPublicKey"] = 11e3] = "NoPublicKey";
+  DatabasesErrorCodes2[DatabasesErrorCodes2["NoAuthHeader"] = 11001] = "NoAuthHeader";
+  DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileStore"] = 11002] = "FailedFileStore";
+  DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileRead"] = 11003] = "FailedFileRead";
+  return DatabasesErrorCodes2;
+})(DatabasesErrorCodes || {});
+var PortalErrorCodes = /* @__PURE__ */ ((PortalErrorCodes2) => {
+  PortalErrorCodes2[PortalErrorCodes2["NoObjectId"] = 12e3] = "NoObjectId";
+  return PortalErrorCodes2;
+})(PortalErrorCodes || {});
+const allianceErrors = {
+  // gateway
+  [1e4 /* NoMatchingEndpoint */]: {
+    httpCode: common.HttpStatus.BAD_REQUEST,
+    message: "Could not find endpoint matching request in app manifest."
+  },
+  [10001 /* NoObjectId */]: {
+    httpCode: common.HttpStatus.UNAUTHORIZED,
+    message: "No object id available on authenticated user."
+  },
+  [10002 /* NoTargetAppHeader */]: {
+    httpCode: common.HttpStatus.BAD_REQUEST,
+    message: `Request missing header '${AllianceHeaders.TargetApp}'.`
+  },
+  [10003 /* NoTargetWorkspaceHeader */]: {
+    httpCode: common.HttpStatus.BAD_REQUEST,
+    message: `Request missing header '${AllianceHeaders.TargetWorkspace}'.`
+  },
+  [10004 /* NoManifestsInCache */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "App manifests missing in cache."
+  },
+  [10005 /* NoDevSessionInCache */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No dev session in memory cache."
+  },
+  [10006 /* NoManifest */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "Could not find manifest for app '{{appSlug}}'."
+  },
+  [10007 /* NoRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No request context."
+  },
+  [10008 /* NoUserInRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No user in request context."
+  },
+  [10009 /* NoAppInRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No app in request context."
+  },
+  [10010 /* NoWorkspaceInRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No workspace in request context."
+  },
+  [10011 /* NoManifestInRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No manifest in request context."
+  },
+  [10012 /* NoUserPermissionsInRequestContext */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "No user permissions in request context."
+  },
+  // databases
+  [11e3 /* NoPublicKey */]: {
+    httpCode: common.HttpStatus.UNAUTHORIZED,
+    message: "No public key available to decode JWT."
+  },
+  [11001 /* NoAuthHeader */]: {
+    httpCode: common.HttpStatus.UNAUTHORIZED,
+    message: "No authorization header found."
+  },
+  [11002 /* FailedFileStore */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "Error storing file."
+  },
+  [11003 /* FailedFileRead */]: {
+    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
+    message: "Error reading file."
+  },
+  // portal
+  [12e3 /* NoObjectId */]: {
+    httpCode: common.HttpStatus.UNAUTHORIZED,
+    message: "No object id found in user claims."
+  }
+};
+
+function parseTemplates(message, variables) {
+  return Object.entries(variables).reduce((acc, [key, value]) => {
+    return acc.replaceAll(`{{${key}}}`, value);
+  }, message);
+}
+class AllianceException extends common.HttpException {
+  constructor(code, variables = {}) {
+    const { message, httpCode } = allianceErrors[code];
+    super(parseTemplates(message, variables), httpCode);
+    this.code = code;
+    this.info = `https://github.com/telia-company/ace-alliance-sdk/wiki/error-codes#${code}`;
+  }
+}
+
+var __defProp$2 = Object.defineProperty;
+var __getOwnPropDesc$2 = Object.getOwnPropertyDescriptor;
+var __decorateClass$2 = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc$2(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result)
+    __defProp$2(target, key, result);
+  return result;
+};
+exports.AllianceExceptionFilter = class AllianceExceptionFilter {
+  catch(exception, host) {
+    const ctx = host.switchToHttp();
+    const response = ctx.getResponse();
+    const status = exception.getStatus();
+    response.status && response.status(status).json({
+      httpCode: status,
+      code: exception.code,
+      info: exception.info,
+      message: exception.message
+    });
+  }
+};
+exports.AllianceExceptionFilter = __decorateClass$2([
+  common.Catch(AllianceException)
+], exports.AllianceExceptionFilter);
+
+var __defProp$1 = Object.defineProperty;
+var __getOwnPropDesc$1 = Object.getOwnPropertyDescriptor;
+var __decorateClass$1 = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc$1(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result)
+    __defProp$1(target, key, result);
+  return result;
+};
+var __decorateParam = (index, decorator) => (target, key) => decorator(target, key, index);
+exports.LoggerService = class LoggerService {
+  constructor(logger) {
+    this.logger = logger;
+    this.log = (...args) => this.logger.info(...args);
+    this.trace = (...args) => this.logger.trace(...args);
+    this.debug = (...args) => this.logger.debug(...args);
+    this.info = (...args) => this.logger.info(...args);
+    this.warn = (...args) => this.logger.warn(...args);
+    this.error = (...args) => this.logger.error(...args);
+    this.fatal = (...args) => this.logger.fatal(...args);
+  }
+};
+exports.LoggerService = __decorateClass$1([
+  common.Injectable(),
+  __decorateParam(0, nestjsPino.InjectPinoLogger())
+], exports.LoggerService);
+
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __decorateClass = (decorators, target, key, kind) => {
+  var result = kind > 1 ? void 0 : kind ? __getOwnPropDesc(target, key) : target;
+  for (var i = decorators.length - 1, decorator; i >= 0; i--)
+    if (decorator = decorators[i])
+      result = (kind ? decorator(target, key, result) : decorator(result)) || result;
+  if (kind && result)
+    __defProp(target, key, result);
+  return result;
+};
+exports.LoggerModule = class LoggerModule {
+  static forRoot({ logLevel, redact = true } = {}) {
+    return {
+      module: exports.LoggerModule,
+      controllers: [],
+      imports: [
+        nestjsPino.LoggerModule.forRootAsync({
+          imports: [config.ConfigModule],
+          inject: [config.ConfigService],
+          useFactory: async (configService) => ({
+            pinoHttp: {
+              level: logLevel || configService.get(SharedConfigKeys.ServiceLogLevel) || "silent",
+              redact: redact ? [
+                "authorization",
+                "headers.authorization",
+                "req.headers.authorization",
+                "req.remoteAddress",
+                "req.remotePort"
+              ] : [],
+              transport: {
+                target: "pino-pretty",
+                options: {
+                  colorize: true,
+                  colorizeObjects: true
+                }
+              }
+            }
+          })
+        })
+      ],
+      global: true,
+      providers: [exports.LoggerService],
+      exports: []
+    };
+  }
+};
+exports.LoggerModule = __decorateClass([
+  common.Module({
+    providers: [exports.LoggerService],
+    exports: [exports.LoggerService]
+  })
+], exports.LoggerModule);
+
+function slugify(name) {
+  return _slugify__default(name, { strict: true, replacement: "-", lower: true });
+}
+
+function viteCssImportPlugin(outFilePath, relativePath = false) {
+  return {
+    name: "vite-plugin-css-import",
+    apply: "build",
+    enforce: "post",
+    writeBundle: async (_, bundle) => {
+      const cssFiles = Object.keys(bundle).filter((fileName) => fileName.endsWith(".css"));
+      if (!cssFiles.length) {
+        return;
+      }
+      const tempTargetFilePath = node_path.resolve(process.cwd(), `${outFilePath}-temp.js`);
+      const targetFilePath = node_path.resolve(process.cwd(), `${outFilePath}.js`);
+      const cssImportStatement = cssFiles.reduce((acc, cssFile) => {
+        if (relativePath) {
+          const targetDirname = node_path.dirname(targetFilePath);
+          const relativePath2 = node_path.relative(targetDirname, cssFile);
+          return `${acc}import "${relativePath2.replaceAll("\\", "/")}";
+`;
+        }
+        return `${acc}import "./${cssFile}";
+`;
+      }, "");
+      const writeStream = node_fs.createWriteStream(tempTargetFilePath);
+      writeStream.write(cssImportStatement, "utf8");
+      const readStream = node_fs.createReadStream(targetFilePath);
+      await promises.pipeline(readStream, writeStream);
+      node_fs.rmSync(targetFilePath, { force: true });
+      node_fs.renameSync(tempTargetFilePath, targetFilePath);
+      writeStream.end();
+    }
+  };
+}
+
+exports.LoggerErrorInterceptor = nestjsPino.LoggerErrorInterceptor;
+exports.AllianceException = AllianceException;
+exports.AllianceHeaders = AllianceHeaders;
+exports.DatabasesErrorCodes = DatabasesErrorCodes;
+exports.GatewayErrorCodes = GatewayErrorCodes;
+exports.PortalErrorCodes = PortalErrorCodes;
+exports.SharedConfigKeys = SharedConfigKeys;
+exports.authMiddleware = authMiddleware;
+exports.createBearerToken = createBearerToken;
+exports.createPublicDistributionFiles = createPublicDistributionFiles;
+exports.createSystemUserToken = createSystemUserToken;
+exports.getAppManifests = getAppManifests;
+exports.getPrivateKey = getPrivateKey;
+exports.slugify = slugify;
+exports.viteCssImportPlugin = viteCssImportPlugin;