@terreno/api 0.0.17 → 0.0.18

package/dist/githubAuth.test.js

@@ -0,0 +1,351 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
+    return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var bun_test_1 = require("bun:test");
+var mongoose_1 = __importStar(require("mongoose"));
+var passport_local_mongoose_1 = __importDefault(require("passport-local-mongoose"));
+var supertest_1 = __importDefault(require("supertest"));
+var expressServer_1 = require("./expressServer");
+var githubAuth_1 = require("./githubAuth");
+var logger_1 = require("./logger");
+var plugins_1 = require("./plugins");
+// Create schema for GitHub-enabled user
+var testUserSchema = new mongoose_1.Schema({
+    admin: { default: false, type: Boolean },
+    name: String,
+    username: String,
+});
+testUserSchema.plugin(passport_local_mongoose_1.default, {
+    attemptsField: "attempts",
+    interval: 1,
+    limitAttempts: true,
+    maxAttempts: 3,
+    maxInterval: 1,
+    usernameCaseInsensitive: true,
+    usernameField: "email",
+});
+testUserSchema.plugin(plugins_1.createdUpdatedPlugin);
+testUserSchema.plugin(plugins_1.isDisabledPlugin);
+testUserSchema.plugin(githubAuth_1.githubUserPlugin);
+// Get or create model to avoid model redefinition errors
+var GitHubTestUserModel = mongoose_1.default.models.GitHubTestUser || (0, mongoose_1.model)("GitHubTestUser", testUserSchema);
+// Connect to database before tests
+var connectDb = function () { return __awaiter(void 0, void 0, void 0, function () {
+    return __generator(this, function (_a) {
+        switch (_a.label) {
+            case 0:
+                if (!(mongoose_1.default.connection.readyState === 0)) return [3 /*break*/, 2];
+                return [4 /*yield*/, mongoose_1.default
+                        .connect("mongodb://127.0.0.1/terreno?&connectTimeoutMS=360000")
+                        .catch(logger_1.logger.catch)];
+            case 1:
+                _a.sent();
+                _a.label = 2;
+            case 2:
+                process.env.REFRESH_TOKEN_SECRET = "refresh_secret";
+                process.env.TOKEN_SECRET = "secret";
+                process.env.TOKEN_EXPIRES_IN = "30m";
+                process.env.TOKEN_ISSUER = "example.com";
+                process.env.SESSION_SECRET = "session";
+                return [2 /*return*/];
+        }
+    });
+}); };
+(0, bun_test_1.describe)("githubUserPlugin", function () {
+    (0, bun_test_1.it)("adds GitHub fields to schema", function () {
+        var paths = testUserSchema.paths;
+        (0, bun_test_1.expect)(paths.githubId).toBeDefined();
+        (0, bun_test_1.expect)(paths.githubUsername).toBeDefined();
+        (0, bun_test_1.expect)(paths.githubProfileUrl).toBeDefined();
+        (0, bun_test_1.expect)(paths.githubAvatarUrl).toBeDefined();
+    });
+    (0, bun_test_1.it)("githubId is indexed and sparse", function () {
+        var githubIdPath = testUserSchema.path("githubId");
+        (0, bun_test_1.expect)(githubIdPath.options.index).toBe(true);
+        (0, bun_test_1.expect)(githubIdPath.options.sparse).toBe(true);
+        (0, bun_test_1.expect)(githubIdPath.options.unique).toBe(true);
+    });
+});
+(0, bun_test_1.describe)("GitHub auth routes", function () {
+    var app;
+    var agent;
+    (0, bun_test_1.beforeEach)(function () { return __awaiter(void 0, void 0, void 0, function () {
+        function addRoutes(router) {
+            router.get("/test", function (_req, res) { return res.json({ ok: true }); });
+        }
+        var testUser;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    (0, bun_test_1.setSystemTime)();
+                    return [4 /*yield*/, connectDb()];
+                case 1:
+                    _a.sent();
+                    return [4 /*yield*/, GitHubTestUserModel.deleteMany({})];
+                case 2:
+                    _a.sent();
+                    return [4 /*yield*/, GitHubTestUserModel.create({
+                            admin: false,
+                            email: "test@example.com",
+                            name: "Test User",
+                        })];
+                case 3:
+                    testUser = _a.sent();
+                    return [4 /*yield*/, testUser.setPassword("password123")];
+                case 4:
+                    _a.sent();
+                    return [4 /*yield*/, testUser.save()];
+                case 5:
+                    _a.sent();
+                    app = (0, expressServer_1.setupServer)({
+                        addRoutes: addRoutes,
+                        githubAuth: {
+                            allowAccountLinking: true,
+                            callbackURL: "http://localhost:9000/auth/github/callback",
+                            clientId: "test-client-id",
+                            clientSecret: "test-client-secret",
+                        },
+                        skipListen: true,
+                        userModel: GitHubTestUserModel,
+                    });
+                    agent = supertest_1.default.agent(app);
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.afterEach)(function () { return __awaiter(void 0, void 0, void 0, function () {
+        return __generator(this, function (_a) {
+            (0, bun_test_1.setSystemTime)();
+            return [2 /*return*/];
+        });
+    }); });
+    (0, bun_test_1.it)("GET /auth/github redirects to GitHub OAuth", function () { return __awaiter(void 0, void 0, void 0, function () {
+        var res;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, agent.get("/auth/github").expect(302)];
+                case 1:
+                    res = _a.sent();
+                    (0, bun_test_1.expect)(res.headers.location).toContain("github.com");
+                    (0, bun_test_1.expect)(res.headers.location).toContain("client_id=test-client-id");
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.it)("GET /auth/github/failure returns 401", function () { return __awaiter(void 0, void 0, void 0, function () {
+        var res;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, agent.get("/auth/github/failure").expect(401)];
+                case 1:
+                    res = _a.sent();
+                    (0, bun_test_1.expect)(res.body.message).toBe("GitHub authentication failed");
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.it)("DELETE /auth/github/unlink requires authentication", function () { return __awaiter(void 0, void 0, void 0, function () {
+        var res;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, agent.delete("/auth/github/unlink").expect(401)];
+                case 1:
+                    res = _a.sent();
+                    (0, bun_test_1.expect)(res.body).toBeDefined();
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.it)("DELETE /auth/github/unlink works when authenticated with password", function () { return __awaiter(void 0, void 0, void 0, function () {
+        var loginRes, user, res, updatedUser;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, agent
+                        .post("/auth/login")
+                        .send({ email: "test@example.com", password: "password123" })
+                        .expect(200)];
+                case 1:
+                    loginRes = _a.sent();
+                    return [4 /*yield*/, GitHubTestUserModel.findOne({ email: "test@example.com" })];
+                case 2:
+                    user = _a.sent();
+                    if (!user) return [3 /*break*/, 4];
+                    user.githubId = "99999";
+                    user.githubUsername = "testghuser";
+                    return [4 /*yield*/, user.save()];
+                case 3:
+                    _a.sent();
+                    _a.label = 4;
+                case 4: return [4 /*yield*/, agent
+                        .delete("/auth/github/unlink")
+                        .set("authorization", "Bearer ".concat(loginRes.body.data.token))
+                        .expect(200)];
+                case 5:
+                    res = _a.sent();
+                    (0, bun_test_1.expect)(res.body.data.message).toBe("GitHub account unlinked successfully");
+                    return [4 /*yield*/, GitHubTestUserModel.findOne({ email: "test@example.com" })];
+                case 6:
+                    updatedUser = _a.sent();
+                    (0, bun_test_1.expect)(updatedUser.githubId).toBeUndefined();
+                    (0, bun_test_1.expect)(updatedUser.githubUsername).toBeUndefined();
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.it)("user can have both password and GitHub auth", function () { return __awaiter(void 0, void 0, void 0, function () {
+        var user, res, updatedUser;
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, GitHubTestUserModel.findOne({ email: "test@example.com" })];
+                case 1:
+                    user = _a.sent();
+                    (0, bun_test_1.expect)(user).toBeDefined();
+                    if (!user) {
+                        return [2 /*return*/];
+                    }
+                    // Link GitHub
+                    user.githubId = "88888";
+                    user.githubUsername = "linkeduser";
+                    return [4 /*yield*/, user.save()];
+                case 2:
+                    _a.sent();
+                    return [4 /*yield*/, agent
+                            .post("/auth/login")
+                            .send({ email: "test@example.com", password: "password123" })
+                            .expect(200)];
+                case 3:
+                    res = _a.sent();
+                    (0, bun_test_1.expect)(res.body.data.token).toBeDefined();
+                    return [4 /*yield*/, GitHubTestUserModel.findOne({ email: "test@example.com" })];
+                case 4:
+                    updatedUser = _a.sent();
+                    (0, bun_test_1.expect)(updatedUser).toBeDefined();
+                    (0, bun_test_1.expect)(updatedUser.githubId).toBe("88888");
+                    (0, bun_test_1.expect)(updatedUser.githubUsername).toBe("linkeduser");
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+});
+(0, bun_test_1.describe)("GitHub auth disabled", function () {
+    var app;
+    var agent;
+    (0, bun_test_1.beforeEach)(function () { return __awaiter(void 0, void 0, void 0, function () {
+        function addRoutes(router) {
+            router.get("/test", function (_req, res) { return res.json({ ok: true }); });
+        }
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0:
+                    (0, bun_test_1.setSystemTime)();
+                    return [4 /*yield*/, connectDb()];
+                case 1:
+                    _a.sent();
+                    return [4 /*yield*/, GitHubTestUserModel.deleteMany({})];
+                case 2:
+                    _a.sent();
+                    // Setup server WITHOUT GitHub auth
+                    app = (0, expressServer_1.setupServer)({
+                        addRoutes: addRoutes,
+                        skipListen: true,
+                        userModel: GitHubTestUserModel,
+                    });
+                    agent = supertest_1.default.agent(app);
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+    (0, bun_test_1.afterEach)(function () { return __awaiter(void 0, void 0, void 0, function () {
+        return __generator(this, function (_a) {
+            (0, bun_test_1.setSystemTime)();
+            return [2 /*return*/];
+        });
+    }); });
+    (0, bun_test_1.it)("GitHub routes are not available when githubAuth is not configured", function () { return __awaiter(void 0, void 0, void 0, function () {
+        return __generator(this, function (_a) {
+            switch (_a.label) {
+                case 0: return [4 /*yield*/, agent.get("/auth/github").expect(404)];
+                case 1:
+                    _a.sent();
+                    return [4 /*yield*/, agent.get("/auth/github/callback").expect(404)];
+                case 2:
+                    _a.sent();
+                    return [4 /*yield*/, agent.delete("/auth/github/unlink").expect(404)];
+                case 3:
+                    _a.sent();
+                    return [2 /*return*/];
+            }
+        });
+    }); });
+});

package/dist/index.d.ts

@@ -2,6 +2,7 @@ export * from "./api";
 export * from "./auth";
 export * from "./errors";
 export * from "./expressServer";
+export * from "./githubAuth";
 export * from "./logger";
 export * from "./middleware";
 export * from "./notifiers";

package/dist/index.js

@@ -18,6 +18,7 @@ __exportStar(require("./api"), exports);
 __exportStar(require("./auth"), exports);
 __exportStar(require("./errors"), exports);
 __exportStar(require("./expressServer"), exports);
+__exportStar(require("./githubAuth"), exports);
 __exportStar(require("./logger"), exports);
 __exportStar(require("./middleware"), exports);
 __exportStar(require("./notifiers"), exports);

package/dist/logger.js

@@ -87,7 +87,7 @@ exports.logger = exports.winstonLogger = void 0;
 exports.setupLogging = setupLogging;
 var node_fs_1 = __importDefault(require("node:fs"));
 var node_util_1 = require("node:util");
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var winston_1 = __importDefault(require("winston"));
 function isPrimitive(val) {
     return val === null || (typeof val !== "object" && typeof val !== "function");

package/dist/middleware.js

@@ -34,7 +34,7 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.sentryAppVersionMiddleware = sentryAppVersionMiddleware;
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 /**
  * Express middleware that captures the app version from the request header
  * and adds it as a tag to the current Sentry scope.

package/dist/notifiers/googleChatNotifier.js

@@ -73,7 +73,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.sendToGoogleChat = sendToGoogleChat;
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var errors_1 = require("../errors");
 var logger_1 = require("../logger");

package/dist/notifiers/googleChatNotifier.test.js

@@ -100,7 +100,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 var bun_test_1 = require("bun:test");
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var googleChatNotifier_1 = require("./googleChatNotifier");
 (0, bun_test_1.describe)("sendToGoogleChat", function () {

package/dist/notifiers/slackNotifier.js

@@ -73,7 +73,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.sendToSlack = sendToSlack;
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var errors_1 = require("../errors");
 var logger_1 = require("../logger");

package/dist/notifiers/slackNotifier.test.js

@@ -100,7 +100,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 var bun_test_1 = require("bun:test");
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var slackNotifier_1 = require("./slackNotifier");
 (0, bun_test_1.describe)("sendToSlack", function () {

package/dist/notifiers/zoomNotifier.js

@@ -73,7 +73,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.sendToZoom = sendToZoom;
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var errors_1 = require("../errors");
 var logger_1 = require("../logger");

package/dist/notifiers/zoomNotifier.test.js

@@ -100,7 +100,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 var bun_test_1 = require("bun:test");
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var axios_1 = __importDefault(require("axios"));
 var zoomNotifier_1 = require("./zoomNotifier");
 (0, bun_test_1.describe)("sendToZoom", function () {

package/dist/permissions.js

@@ -87,7 +87,7 @@ exports.Permissions = exports.OwnerQueryFilter = void 0;
 exports.checkPermissions = checkPermissions;
 exports.permissionMiddleware = permissionMiddleware;
 // Defaults closed
-var Sentry = __importStar(require("@sentry/node"));
+var Sentry = __importStar(require("@sentry/bun"));
 var mongoose_1 = __importDefault(require("mongoose"));
 var api_1 = require("./api");
 var errors_1 = require("./errors");

package/dist/tests/bunSetup.js

@@ -162,8 +162,8 @@ captureConsoleMethod("debug");
 (0, bun_test_1.afterEach)(function () {
     logs = [];
 });
-// Mock @sentry/node module
-bun_test_1.mock.module("@sentry/node", function () {
+// Mock @sentry/bun module
+bun_test_1.mock.module("@sentry/bun", function () {
     var mockFn = function () { return (0, bun_test_1.mock)(function () { }); };
     // Mock Scope
     var mockScope = {

package/package.json

@@ -4,7 +4,7 @@
     "url": "https://github.com/FlourishHealth/terreno/issues"
   },
   "dependencies": {
-    "@sentry/node": "^10.25.0",
+    "@sentry/bun": "^10.25.0",
     "@sentry/profiling-node": "^10.25.0",
     "@types/qs": "^6.14.0",
     "@wesleytodd/openapi": "^1.1.0",
@@ -23,6 +23,7 @@
     "on-finished": "^2.3.0",
     "passport": "^0.7.0",
     "passport-anonymous": "^1.0.1",
+    "passport-github2": "^0.1.12",
     "passport-jwt": "^4.0.0",
     "passport-local": "^1.0.0",
     "passport-local-mongoose": "^9.0.1",
@@ -44,6 +45,7 @@
     "@types/on-finished": "^2.3.4",
     "@types/passport": "^1.0.17",
     "@types/passport-anonymous": "^1.0.5",
+    "@types/passport-github2": "^1.2.9",
     "@types/passport-jwt": "^4.0.1",
     "@types/passport-local": "^1.0.38",
     "@types/sinon": "^17.0.4",
@@ -85,5 +87,5 @@
     "updateSnapshot": "bun test --update-snapshots"
   },
   "types": "dist/index.d.ts",
-  "version": "0.0.17"
+  "version": "0.0.18"
 }

package/src/api.query.test.ts

@@ -1,5 +1,5 @@
 import {beforeEach, describe, expect, it} from "bun:test";
-import * as Sentry from "@sentry/node";
+import * as Sentry from "@sentry/bun";
 import type express from "express";
 import qs from "qs";
 import supertest from "supertest";