@telia-ace/alliance-internal-node-utilities 1.0.3-next.0 → 1.0.3-next.2

package/CHANGELOG.md

@@ -1,5 +1,17 @@
 # @telia-ace/alliance-internal-node-utilities
 
+## 1.0.3-next.2
+
+### Patch Changes
+
+-   f2aafe4: Store user session in Redis cache to avoid hitting cookie size limits (https://github.com/telia-company/ace-alliance-sdk/issues/377).
+
+## 1.0.3-next.1
+
+### Patch Changes
+
+-   ba11e1f: Remove unused error codes.
+
 ## 1.0.3-next.0
 
 ### Patch Changes

package/dist/auth/auth.middleware.d.ts

@@ -8,6 +8,7 @@ type Settings = {
     authRequired?: ConfigParams['authRequired'];
     authorizationParams?: ConfigParams['authorizationParams'];
     afterCallback?: ConfigParams['afterCallback'];
+    issuerBaseURL?: ConfigParams['issuerBaseURL'];
 };
-export declare function authMiddleware(configService: ConfigService, { baseURL, clientSecret, clientID, authRequired, authorizationParams, afterCallback, }?: Settings): RequestHandler;
+export declare function authMiddleware(configService: ConfigService, { baseURL, clientSecret, clientID, authRequired, authorizationParams, afterCallback, issuerBaseURL, }?: Settings): RequestHandler;
 export {};

package/dist/constants/config.d.ts

@@ -1,9 +1,9 @@
 export declare enum SharedConfigKeys {
-    AuthAuthority = "AUTH_AUTHORITY",
     AuthCookieName = "AUTH_COOKIE_NAME",
     AuthCookieSecret = "AUTH_COOKIE_SECRET",
     DbEndpoint = "DB_ENDPOINT",
     JwtPrivateKey = "JWT_PRIVATE_KEY",
     ServiceLogLevel = "SERVICE_LOG_LEVEL",
-    ServicePort = "SERVICE_PORT"
+    ServicePort = "SERVICE_PORT",
+    RedisHost = "REDIS_HOST"
 }

package/dist/exceptions/alliance-gql.exception.d.ts

@@ -0,0 +1,7 @@
+import { GraphQLError } from 'graphql';
+import { ErrorCodes } from './codes';
+export declare class AllianceGqlException extends GraphQLError {
+    info: string;
+    code: ErrorCodes;
+    constructor(code: ErrorCodes, variables?: Record<string, string>, extensions?: any);
+}

package/dist/exceptions/codes.d.ts

@@ -1,6 +1,5 @@
 import { HttpStatus } from '@nestjs/common';
 export declare enum GatewayErrorCodes {
-    NoMatchingEndpoint = 10000,
     NoObjectId = 10001,
     NoTargetAppHeader = 10002,
     NoTargetWorkspaceHeader = 10003,
@@ -11,7 +10,6 @@ export declare enum GatewayErrorCodes {
     NoUserInRequestContext = 10008,
     NoAppInRequestContext = 10009,
     NoWorkspaceInRequestContext = 10010,
-    NoManifestInRequestContext = 10011,
     NoUserPermissionsInRequestContext = 10012,
     WorkspacePermissionDenied = 10013
 }
@@ -20,7 +18,8 @@ export declare enum DatabasesErrorCodes {
     NoAuthHeader = 11001,
     FailedFileStore = 11002,
     FailedFileRead = 11003,
-    NoRecord = 11004
+    NoRecord = 11004,
+    UniqueConstrain = 11005
 }
 export declare enum PortalErrorCodes {
     NoObjectId = 12000

package/dist/exceptions/index.d.ts

@@ -1,3 +1,4 @@
+export * from './alliance-gql.exception';
 export * from './alliance.exception';
 export * from './codes';
 export * from './exception.filter';

package/dist/index.cjs

@@ -1,11 +1,14 @@
 'use strict';
 
 const nestjsPino = require('nestjs-pino');
+const RedisStore = require('connect-redis');
 const expressOpenidConnect = require('express-openid-connect');
+const redis = require('redis');
 const jsonwebtoken = require('jsonwebtoken');
 const jsonschema = require('jsonschema');
 const node_path = require('node:path');
 const node_fs = require('node:fs');
+const graphql = require('graphql');
 const common = require('@nestjs/common');
 const config = require('@nestjs/config');
 const _slugify = require('slugify');
@@ -13,16 +16,17 @@ const promises = require('node:stream/promises');
 
 function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e.default : e; }
 
+const RedisStore__default = /*#__PURE__*/_interopDefaultCompat(RedisStore);
 const _slugify__default = /*#__PURE__*/_interopDefaultCompat(_slugify);
 
 var SharedConfigKeys = /* @__PURE__ */ ((SharedConfigKeys2) => {
-  SharedConfigKeys2["AuthAuthority"] = "AUTH_AUTHORITY";
   SharedConfigKeys2["AuthCookieName"] = "AUTH_COOKIE_NAME";
   SharedConfigKeys2["AuthCookieSecret"] = "AUTH_COOKIE_SECRET";
   SharedConfigKeys2["DbEndpoint"] = "DB_ENDPOINT";
   SharedConfigKeys2["JwtPrivateKey"] = "JWT_PRIVATE_KEY";
   SharedConfigKeys2["ServiceLogLevel"] = "SERVICE_LOG_LEVEL";
   SharedConfigKeys2["ServicePort"] = "SERVICE_PORT";
+  SharedConfigKeys2["RedisHost"] = "REDIS_HOST";
   return SharedConfigKeys2;
 })(SharedConfigKeys || {});
 
@@ -39,8 +43,16 @@ function authMiddleware(configService, {
   clientID = " ",
   authRequired = true,
   authorizationParams = {},
-  afterCallback
+  afterCallback,
+  issuerBaseURL = "https://127.0.0.1"
 } = {}) {
+  const redisClient = redis.createClient({
+    url: configService.getOrThrow(SharedConfigKeys.RedisHost)
+  });
+  redisClient.connect().catch(console.error);
+  const redisStore = new RedisStore__default({
+    client: redisClient
+  });
   return expressOpenidConnect.auth({
     baseURL,
     clientSecret,
@@ -48,12 +60,11 @@ function authMiddleware(configService, {
     authRequired,
     authorizationParams,
     afterCallback,
-    issuerBaseURL: `${configService.getOrThrow(
-      SharedConfigKeys.AuthAuthority
-    )}/.well-known/openid-configuration`,
+    issuerBaseURL,
     secret: configService.getOrThrow(SharedConfigKeys.AuthCookieSecret),
     session: {
-      name: configService.getOrThrow(SharedConfigKeys.AuthCookieName)
+      name: configService.getOrThrow(SharedConfigKeys.AuthCookieName),
+      store: redisStore
     },
     routes: {
       callback: "/signin-oidc"
@@ -519,7 +530,6 @@ ${errors.join(
 }
 
 var GatewayErrorCodes = /* @__PURE__ */ ((GatewayErrorCodes2) => {
-  GatewayErrorCodes2[GatewayErrorCodes2["NoMatchingEndpoint"] = 1e4] = "NoMatchingEndpoint";
   GatewayErrorCodes2[GatewayErrorCodes2["NoObjectId"] = 10001] = "NoObjectId";
   GatewayErrorCodes2[GatewayErrorCodes2["NoTargetAppHeader"] = 10002] = "NoTargetAppHeader";
   GatewayErrorCodes2[GatewayErrorCodes2["NoTargetWorkspaceHeader"] = 10003] = "NoTargetWorkspaceHeader";
@@ -530,7 +540,6 @@ var GatewayErrorCodes = /* @__PURE__ */ ((GatewayErrorCodes2) => {
   GatewayErrorCodes2[GatewayErrorCodes2["NoUserInRequestContext"] = 10008] = "NoUserInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoAppInRequestContext"] = 10009] = "NoAppInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoWorkspaceInRequestContext"] = 10010] = "NoWorkspaceInRequestContext";
-  GatewayErrorCodes2[GatewayErrorCodes2["NoManifestInRequestContext"] = 10011] = "NoManifestInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoUserPermissionsInRequestContext"] = 10012] = "NoUserPermissionsInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["WorkspacePermissionDenied"] = 10013] = "WorkspacePermissionDenied";
   return GatewayErrorCodes2;
@@ -541,6 +550,7 @@ var DatabasesErrorCodes = /* @__PURE__ */ ((DatabasesErrorCodes2) => {
   DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileStore"] = 11002] = "FailedFileStore";
   DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileRead"] = 11003] = "FailedFileRead";
   DatabasesErrorCodes2[DatabasesErrorCodes2["NoRecord"] = 11004] = "NoRecord";
+  DatabasesErrorCodes2[DatabasesErrorCodes2["UniqueConstrain"] = 11005] = "UniqueConstrain";
   return DatabasesErrorCodes2;
 })(DatabasesErrorCodes || {});
 var PortalErrorCodes = /* @__PURE__ */ ((PortalErrorCodes2) => {
@@ -549,10 +559,6 @@ var PortalErrorCodes = /* @__PURE__ */ ((PortalErrorCodes2) => {
 })(PortalErrorCodes || {});
 const allianceErrors = {
   // gateway
-  [1e4 /* NoMatchingEndpoint */]: {
-    httpCode: common.HttpStatus.BAD_REQUEST,
-    message: "Could not find endpoint matching request in app manifest."
-  },
   [10001 /* NoObjectId */]: {
     httpCode: common.HttpStatus.UNAUTHORIZED,
     message: "No object id available on authenticated user."
@@ -593,10 +599,6 @@ const allianceErrors = {
     httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
     message: "No workspace in request context."
   },
-  [10011 /* NoManifestInRequestContext */]: {
-    httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
-    message: "No manifest in request context."
-  },
   [10012 /* NoUserPermissionsInRequestContext */]: {
     httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
     message: "No user permissions in request context."
@@ -626,6 +628,10 @@ const allianceErrors = {
     httpCode: common.HttpStatus.INTERNAL_SERVER_ERROR,
     message: "Missing database record."
   },
+  [11005 /* UniqueConstrain */]: {
+    httpCode: common.HttpStatus.CONFLICT,
+    message: "Field has to be unique."
+  },
   // portal
   [12e3 /* NoObjectId */]: {
     httpCode: common.HttpStatus.UNAUTHORIZED,
@@ -633,6 +639,22 @@ const allianceErrors = {
   }
 };
 
+function parseTemplates$1(message, variables) {
+  return Object.entries(variables).reduce((acc, [key, value]) => {
+    return acc.replaceAll(`{{${key}}}`, value);
+  }, message);
+}
+class AllianceGqlException extends graphql.GraphQLError {
+  constructor(code, variables = {}, extensions) {
+    const { message } = allianceErrors[code];
+    super(parseTemplates$1(message, variables), {
+      extensions
+    });
+    this.code = code;
+    this.info = `https://github.com/telia-company/ace-alliance-sdk/wiki/error-codes#${code}`;
+  }
+}
+
 function parseTemplates(message, variables) {
   return Object.entries(variables).reduce((acc, [key, value]) => {
     return acc.replaceAll(`{{${key}}}`, value);
@@ -727,13 +749,7 @@ exports.LoggerModule = class LoggerModule {
           useFactory: async (configService) => ({
             pinoHttp: {
               level: logLevel || configService.get(SharedConfigKeys.ServiceLogLevel) || "silent",
-              redact: redact ? [
-                "authorization",
-                "headers.authorization",
-                "req.headers.authorization",
-                "req.remoteAddress",
-                "req.remotePort"
-              ] : [],
+              redact: redact ? ["authorization", "headers.authorization", "req", "res"] : [],
               transport: {
                 target: "pino-pretty",
                 options: {
@@ -797,6 +813,7 @@ function viteCssImportPlugin(outFilePath, relativePath = false) {
 
 exports.LoggerErrorInterceptor = nestjsPino.LoggerErrorInterceptor;
 exports.AllianceException = AllianceException;
+exports.AllianceGqlException = AllianceGqlException;
 exports.AllianceHeaders = AllianceHeaders;
 exports.DatabasesErrorCodes = DatabasesErrorCodes;
 exports.GatewayErrorCodes = GatewayErrorCodes;

package/dist/index.d.ts

@@ -2,7 +2,7 @@ export { LoggerErrorInterceptor } from 'nestjs-pino';
 export { authMiddleware, createBearerToken, createSystemUserToken, getPrivateKey } from './auth';
 export { AllianceHeaders, SharedConfigKeys } from './constants';
 export { createPublicDistributionFiles } from './distribution';
-export { AllianceException, AllianceExceptionFilter, DatabasesErrorCodes, GatewayErrorCodes, PortalErrorCodes, } from './exceptions';
+export { AllianceException, AllianceExceptionFilter, AllianceGqlException, DatabasesErrorCodes, GatewayErrorCodes, PortalErrorCodes, } from './exceptions';
 export { getAppManifests } from './get-app-manifests';
 export { LoggerModule, LoggerService } from './logging';
 export { slugify } from './slugify';

package/dist/index.mjs

@@ -1,23 +1,26 @@
 import { InjectPinoLogger, LoggerModule as LoggerModule$1 } from 'nestjs-pino';
 export { LoggerErrorInterceptor } from 'nestjs-pino';
+import RedisStore from 'connect-redis';
 import { auth } from 'express-openid-connect';
+import { createClient } from 'redis';
 import { sign } from 'jsonwebtoken';
 import { validate } from 'jsonschema';
 import { resolve, dirname, relative } from 'node:path';
 import { readFileSync, writeFileSync, rmSync, existsSync, mkdirSync, createWriteStream, createReadStream, renameSync } from 'node:fs';
+import { GraphQLError } from 'graphql';
 import { HttpStatus, HttpException, Catch, Injectable, Module } from '@nestjs/common';
 import { ConfigModule, ConfigService } from '@nestjs/config';
 import _slugify from 'slugify';
 import { pipeline } from 'node:stream/promises';
 
 var SharedConfigKeys = /* @__PURE__ */ ((SharedConfigKeys2) => {
-  SharedConfigKeys2["AuthAuthority"] = "AUTH_AUTHORITY";
   SharedConfigKeys2["AuthCookieName"] = "AUTH_COOKIE_NAME";
   SharedConfigKeys2["AuthCookieSecret"] = "AUTH_COOKIE_SECRET";
   SharedConfigKeys2["DbEndpoint"] = "DB_ENDPOINT";
   SharedConfigKeys2["JwtPrivateKey"] = "JWT_PRIVATE_KEY";
   SharedConfigKeys2["ServiceLogLevel"] = "SERVICE_LOG_LEVEL";
   SharedConfigKeys2["ServicePort"] = "SERVICE_PORT";
+  SharedConfigKeys2["RedisHost"] = "REDIS_HOST";
   return SharedConfigKeys2;
 })(SharedConfigKeys || {});
 
@@ -34,8 +37,16 @@ function authMiddleware(configService, {
   clientID = " ",
   authRequired = true,
   authorizationParams = {},
-  afterCallback
+  afterCallback,
+  issuerBaseURL = "https://127.0.0.1"
 } = {}) {
+  const redisClient = createClient({
+    url: configService.getOrThrow(SharedConfigKeys.RedisHost)
+  });
+  redisClient.connect().catch(console.error);
+  const redisStore = new RedisStore({
+    client: redisClient
+  });
   return auth({
     baseURL,
     clientSecret,
@@ -43,12 +54,11 @@ function authMiddleware(configService, {
     authRequired,
     authorizationParams,
     afterCallback,
-    issuerBaseURL: `${configService.getOrThrow(
-      SharedConfigKeys.AuthAuthority
-    )}/.well-known/openid-configuration`,
+    issuerBaseURL,
     secret: configService.getOrThrow(SharedConfigKeys.AuthCookieSecret),
     session: {
-      name: configService.getOrThrow(SharedConfigKeys.AuthCookieName)
+      name: configService.getOrThrow(SharedConfigKeys.AuthCookieName),
+      store: redisStore
     },
     routes: {
       callback: "/signin-oidc"
@@ -514,7 +524,6 @@ ${errors.join(
 }
 
 var GatewayErrorCodes = /* @__PURE__ */ ((GatewayErrorCodes2) => {
-  GatewayErrorCodes2[GatewayErrorCodes2["NoMatchingEndpoint"] = 1e4] = "NoMatchingEndpoint";
   GatewayErrorCodes2[GatewayErrorCodes2["NoObjectId"] = 10001] = "NoObjectId";
   GatewayErrorCodes2[GatewayErrorCodes2["NoTargetAppHeader"] = 10002] = "NoTargetAppHeader";
   GatewayErrorCodes2[GatewayErrorCodes2["NoTargetWorkspaceHeader"] = 10003] = "NoTargetWorkspaceHeader";
@@ -525,7 +534,6 @@ var GatewayErrorCodes = /* @__PURE__ */ ((GatewayErrorCodes2) => {
   GatewayErrorCodes2[GatewayErrorCodes2["NoUserInRequestContext"] = 10008] = "NoUserInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoAppInRequestContext"] = 10009] = "NoAppInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoWorkspaceInRequestContext"] = 10010] = "NoWorkspaceInRequestContext";
-  GatewayErrorCodes2[GatewayErrorCodes2["NoManifestInRequestContext"] = 10011] = "NoManifestInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["NoUserPermissionsInRequestContext"] = 10012] = "NoUserPermissionsInRequestContext";
   GatewayErrorCodes2[GatewayErrorCodes2["WorkspacePermissionDenied"] = 10013] = "WorkspacePermissionDenied";
   return GatewayErrorCodes2;
@@ -536,6 +544,7 @@ var DatabasesErrorCodes = /* @__PURE__ */ ((DatabasesErrorCodes2) => {
   DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileStore"] = 11002] = "FailedFileStore";
   DatabasesErrorCodes2[DatabasesErrorCodes2["FailedFileRead"] = 11003] = "FailedFileRead";
   DatabasesErrorCodes2[DatabasesErrorCodes2["NoRecord"] = 11004] = "NoRecord";
+  DatabasesErrorCodes2[DatabasesErrorCodes2["UniqueConstrain"] = 11005] = "UniqueConstrain";
   return DatabasesErrorCodes2;
 })(DatabasesErrorCodes || {});
 var PortalErrorCodes = /* @__PURE__ */ ((PortalErrorCodes2) => {
@@ -544,10 +553,6 @@ var PortalErrorCodes = /* @__PURE__ */ ((PortalErrorCodes2) => {
 })(PortalErrorCodes || {});
 const allianceErrors = {
   // gateway
-  [1e4 /* NoMatchingEndpoint */]: {
-    httpCode: HttpStatus.BAD_REQUEST,
-    message: "Could not find endpoint matching request in app manifest."
-  },
   [10001 /* NoObjectId */]: {
     httpCode: HttpStatus.UNAUTHORIZED,
     message: "No object id available on authenticated user."
@@ -588,10 +593,6 @@ const allianceErrors = {
     httpCode: HttpStatus.INTERNAL_SERVER_ERROR,
     message: "No workspace in request context."
   },
-  [10011 /* NoManifestInRequestContext */]: {
-    httpCode: HttpStatus.INTERNAL_SERVER_ERROR,
-    message: "No manifest in request context."
-  },
   [10012 /* NoUserPermissionsInRequestContext */]: {
     httpCode: HttpStatus.INTERNAL_SERVER_ERROR,
     message: "No user permissions in request context."
@@ -621,6 +622,10 @@ const allianceErrors = {
     httpCode: HttpStatus.INTERNAL_SERVER_ERROR,
     message: "Missing database record."
   },
+  [11005 /* UniqueConstrain */]: {
+    httpCode: HttpStatus.CONFLICT,
+    message: "Field has to be unique."
+  },
   // portal
   [12e3 /* NoObjectId */]: {
     httpCode: HttpStatus.UNAUTHORIZED,
@@ -628,6 +633,22 @@ const allianceErrors = {
   }
 };
 
+function parseTemplates$1(message, variables) {
+  return Object.entries(variables).reduce((acc, [key, value]) => {
+    return acc.replaceAll(`{{${key}}}`, value);
+  }, message);
+}
+class AllianceGqlException extends GraphQLError {
+  constructor(code, variables = {}, extensions) {
+    const { message } = allianceErrors[code];
+    super(parseTemplates$1(message, variables), {
+      extensions
+    });
+    this.code = code;
+    this.info = `https://github.com/telia-company/ace-alliance-sdk/wiki/error-codes#${code}`;
+  }
+}
+
 function parseTemplates(message, variables) {
   return Object.entries(variables).reduce((acc, [key, value]) => {
     return acc.replaceAll(`{{${key}}}`, value);
@@ -722,13 +743,7 @@ let LoggerModule = class {
           useFactory: async (configService) => ({
             pinoHttp: {
               level: logLevel || configService.get(SharedConfigKeys.ServiceLogLevel) || "silent",
-              redact: redact ? [
-                "authorization",
-                "headers.authorization",
-                "req.headers.authorization",
-                "req.remoteAddress",
-                "req.remotePort"
-              ] : [],
+              redact: redact ? ["authorization", "headers.authorization", "req", "res"] : [],
               transport: {
                 target: "pino-pretty",
                 options: {
@@ -790,4 +805,4 @@ function viteCssImportPlugin(outFilePath, relativePath = false) {
   };
 }
 
-export { AllianceException, AllianceExceptionFilter, AllianceHeaders, DatabasesErrorCodes, GatewayErrorCodes, LoggerModule, LoggerService, PortalErrorCodes, SharedConfigKeys, authMiddleware, createBearerToken, createPublicDistributionFiles, createSystemUserToken, getAppManifests, getPrivateKey, slugify, viteCssImportPlugin };
+export { AllianceException, AllianceExceptionFilter, AllianceGqlException, AllianceHeaders, DatabasesErrorCodes, GatewayErrorCodes, LoggerModule, LoggerService, PortalErrorCodes, SharedConfigKeys, authMiddleware, createBearerToken, createPublicDistributionFiles, createSystemUserToken, getAppManifests, getPrivateKey, slugify, viteCssImportPlugin };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@telia-ace/alliance-internal-node-utilities",
-  "version": "1.0.3-next.0",
+  "version": "1.0.3-next.2",
   "description": "Utilities used internally by packages developed by team Alliance.",
   "license": "SEE LICENSE IN LICENSE.txt",
   "author": "Telia Company AB",
@@ -16,16 +16,21 @@
   "dependencies": {
     "@nestjs/common": "^10.1.0",
     "@nestjs/config": "^3.0.0",
+    "connect-redis": "^7.1.0",
     "express-openid-connect": "^2.16.0",
+    "express-session": "^1.17.3",
+    "graphql": "^16.7.1",
     "jsonschema": "^1.4.1",
     "jsonwebtoken": "^9.0.1",
     "nestjs-pino": "^3.3.0",
     "pino-http": "^8.3.3",
     "pino-pretty": "^10.1.0",
+    "redis": "^4.6.8",
     "slugify": "^1.6.6"
   },
   "devDependencies": {
     "@types/express": "^4.17.17",
+    "@types/express-session": "^1.17.1",
     "@types/jsonwebtoken": "^9.0.2",
     "@types/node": "^20.4.2",
     "minimist": "^1.2.8",