npm - @things-factory/auth-base - Versions diffs - 5.0.7 → 5.0.11 - Mend

@things-factory/auth-base 5.0.7 → 5.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (219) hide show

package/server/router/oauth2/oauth2-authorize-router.ts CHANGED Viewed

@@ -1,10 +1,9 @@
 import Router from 'koa-router'
 import { getRepository } from 'typeorm'
 import { Application } from '../../service/application/application'
 import { NonClient, server as oauth2orizeServer } from './oauth2-server'
-const debug = require('debug')('things-factory:auth-base:oauth2-authorize-router')
 export const oauth2AuthorizeRouter = new Router()
 // user authorization endpoint
@@ -34,8 +33,6 @@ oauth2AuthorizeRouter.get(
     //   return false
     // }
-    debug('authorize fetch client', clientID, redirectURI, client)
     return [client || NonClient, redirectURI]
   }),
   async function (context, next) {
@@ -45,13 +42,10 @@ oauth2AuthorizeRouter.get(
     let elementScript: string = '/oauth2/oauth2-decision-page.js'
     if (oauth2.client.id === NonClient.id) {
-      debug('authorize client not found : will render not found error in the decision page')
       pageElement = 'oauth2-decision-error'
       elementScript = '/oauth2/oauth2-decision-error-page.js'
     }
-    debug('authorize render page', oauth2)
     try {
       await context.render('oauth2-page', {
         pageElement,
@@ -74,7 +68,6 @@ oauth2AuthorizeRouter.get(
       //   availableScopes
       // })
     } catch (e) {
-      debug('render decision page error', e)
       throw e
     }
   }

package/server/router/oauth2/oauth2-router.ts CHANGED Viewed

@@ -22,15 +22,11 @@ declare global {
   }
 }
-const debug = require('debug')('things-factory:auth-base:oauth2-router')
 export const oauth2Router = new Router()
 passport.use(
   'oauth2-client-password',
   new ClientPasswordStrategy({}, (clientId, clientSecret, done) => {
-    debug('oauth2-client-password', clientId, clientSecret)
     getRepository(Application)
       .findOne({
         appKey: clientId
@@ -122,8 +118,6 @@ oauth2Router.post('/refresh-token', async (context, next) => {
 oauth2Router.get('/profile', jwtAuthenticateMiddleware, async (context, next) => {
   const { user, domain } = context.state
-  debug('getting user/application profile', user, domain)
   const { name, description, email, userType: type, locale } = user
   const { name: domainName, subdomain, brandName, brandImage, contentImage, timezone } = domain || {}

package/server/router/oauth2/oauth2-server.ts CHANGED Viewed

@@ -9,7 +9,6 @@ import { Role } from '../../service/role/role'
 import { User, UserStatus } from '../../service/user/user'
 const crypto = require('crypto')
-const debug = require('debug')('things-factory:auth-base:oauth2-server')
 export const NOTFOUND = 'NOTFOUND'
 export const NonClient = {
@@ -33,18 +32,15 @@ export const server = oauth2orize.createServer()
 // the client by ID from the database.
 server.serializeClient(async function (client) {
-  debug('serialze', client)
   return client.id
 })
 server.deserializeClient(async function (id) {
   if (id == NOTFOUND) {
-    debug('deserialize - not found')
     return {}
   }
   const application = await getRepository(Application).findOne(id)
-  debug('deserialize', id, application)
   return application
 })
@@ -81,9 +77,7 @@ server.exchange(
     try {
       /* authorization code */
       var decoded: any = Application.verifyAuthCode(code)
-      debug('exchange code - decoded', decoded)
     } catch (e) {
-      debug('exchange code', e)
       return false
     }
     let { email, appKey, subdomain, scopes } = decoded
@@ -93,12 +87,9 @@ server.exchange(
     })
     if (!application) {
-      debug('exchange code', 'application is not exist')
       return false
     }
-    debug('exchange code - application', application)
     /* DONT-FORGET uncomment after test */
     // if (redirectUrl !== application.redirectUrl && redirectUrl.indexOf(application.redirectUrl) != 0) {
     //   logger.error(
@@ -179,7 +170,6 @@ server.exchange(
     try {
       /* refresh token */
       var decoded: any = Application.verifyAuthCode(refreshToken)
-      debug('exchange refresh-token - decoded', decoded)
     } catch (e) {
       logger.error(e)
       return false
@@ -203,8 +193,6 @@ server.exchange(
       return false
     }
-    debug('exchange refresh-token - application', application?.name)
     if (Date.now() > expires_in * 1000) {
       logger.error('refresh token is expired')
       return false

package/server/router/path-base-domain-router.ts CHANGED Viewed

@@ -1,12 +1,8 @@
 import Router from 'koa-router'
-const debug = require('debug')('things-factory:auth-base:path-base-domain-router')
 export const pathBaseDomainRouter = new Router()
 /* browser history fallback 을 위한 라우터. */
 pathBaseDomainRouter.get('/(.*)', async (context, next) => {
-  debug('get:/(.*)', context.path)
   await next()
 })

package/server/router/site-root-router.ts CHANGED Viewed

@@ -1,11 +1,11 @@
-import { Domain, domainMiddleware } from '@things-factory/shell'
 import Router from 'koa-router'
 import passport from 'passport'
+import { Domain, domainMiddleware } from '@things-factory/shell'
 import { User } from '../service/user/user'
 import { getUserDomains } from '../utils/get-user-domains'
-const debug = require('debug')('things-factory:auth-base:site-root-router')
 export const siteRootRouter = new Router()
 async function findAuth(context, next) {
@@ -14,9 +14,7 @@ async function findAuth(context, next) {
       try {
         const user = await User.checkAuth(decoded)
         context.state.user = user
-      } catch (e) {
-        debug('not signed in', e)
-      }
+      } catch (e) {}
     }
     await next()
@@ -25,24 +23,19 @@ async function findAuth(context, next) {
 siteRootRouter.get('/', findAuth, domainMiddleware, async (context, next) => {
   const { user, domain } = context.state
-  debug('get:/', user?.email, domain?.subdomain)
   const subdomain = domain?.subdomain
   if (user && subdomain) {
     const userDomains: Domain[] = await getUserDomains(user)
     if (userDomains.find(userDomain => userDomain.subdomain == subdomain)) {
-      debug('get:/', user.email, subdomain, 'user have access right to the subdomain. so, redirect to business-home')
       return await next()
     }
-    debug('get:/', user.email, subdomain, "user doesn't have access right to the subdomain. so, redirect to checkin")
     return context.redirect(`/auth/checkin/${subdomain}`)
   }
   if (user && !subdomain) {
-    debug('get:/', user?.email, 'redirect to checkin')
     context.redirect('/auth/checkin')
     return

package/server/routes.ts CHANGED Viewed

@@ -1,25 +1,24 @@
+import session from 'koa-session'
 import { config } from '@things-factory/env'
 import { domainAuthenticateMiddleware, jwtAuthenticateMiddleware } from './middlewares'
 import {
-  authSignupRouter,
+  authCheckinRouter,
   authPrivateProcessRouter,
   authPublicProcessRouter,
   authSigninRouter,
-  pathBaseDomainRouter,
-  siteRootRouter,
+  authSignupRouter,
+  oauth2AuthorizeRouter,
   oauth2Router,
-  authCheckinRouter,
-  oauth2AuthorizeRouter
+  pathBaseDomainRouter,
+  siteRootRouter
 } from './router'
-import session from 'koa-session'
 import { SECRET } from './utils/get-secret'
 const isPathBaseDomain = !config.get('subdomain') && !config.get('useVirtualHostBasedDomain')
-const debug = require('debug')('things-factory:auth-base:routes')
 process.on('bootstrap-module-global-public-route' as any, (app, globalPublicRouter) => {
-  debug('bootstrap-module-global-public-route')
   globalPublicRouter.use(siteRootRouter.routes(), siteRootRouter.allowedMethods())
   globalPublicRouter.use(authPublicProcessRouter.routes(), authPublicProcessRouter.allowedMethods())
 })
@@ -33,8 +32,6 @@ process.on('bootstrap-module-global-private-route' as any, (app, globalPrivateRo
 })
 process.on('bootstrap-module-domain-public-route' as any, (app, domainPublicRouter) => {
-  debug('bootstrap-module-domain-public-route')
   /* domainPublicRouter based nested-routers */
   domainPublicRouter.use(authSigninRouter.routes(), authSigninRouter.allowedMethods())
   domainPublicRouter.use(authSignupRouter.routes(), authSignupRouter.allowedMethods())
@@ -71,8 +68,6 @@ process.on('bootstrap-module-domain-private-route' as any, (app, domainPrivateRo
   // '(.[^.]+)' 은 '', '/'는 제외하고, '/xxx', '/yyy/zzz' 등 모두를 포함하지만, path에 '.'가 있는 경우는 제외한다.
   // (테스트는 여기서 : http://forbeslindesay.github.io/express-route-tester/)
   domainPrivateRouter.get('(.[^.]+)', async (context, next) => {
-    const { path } = context
-    debug('get:(.[^.]+)', path)
     await next()
   })
 })

package/server/service/app-binding/app-binding-mutation.ts CHANGED Viewed

@@ -1,9 +1,8 @@
-import { AppBinding } from './app-binding'
-import { Resolver, Mutation, Arg, Ctx } from 'type-graphql'
-import { User } from '../user/user'
+import { Arg, Ctx, Mutation, Resolver } from 'type-graphql'
 import { getRepository } from 'typeorm'
-const debug = require('debug')('things-factory:auth-base:delete-app-binding')
+import { User } from '../user/user'
+import { AppBinding } from './app-binding'
 @Resolver(AppBinding)
 export class AppBindingMutation {
@@ -11,8 +10,6 @@ export class AppBindingMutation {
   async deleteAppBinding(@Arg('id') id: string, @Ctx() context: any) {
     const { domain } = context.state
-    debug('user', id)
     // TODO 이 사용자가 이 도메인에 속한 사용자인지 확인해야함.
     // TODO 다른 도메인에도 포함되어있다면, domains-users 관게와 해당 도메인 관련 정보만 삭제해야 함.
     await getRepository(User).delete({

package/server/service/app-binding/app-binding-query.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import { Arg, Args, Ctx, FieldResolver, Query, Resolver, Root } from 'type-graphql'
 import { getRepository, SelectQueryBuilder } from 'typeorm'
-import { buildQuery, convertListParams, ListParam } from '@things-factory/shell'
+import { buildQuery, ListParam } from '@things-factory/shell'
 import { buildDomainUsersQueryBuilder } from '../../utils/get-domain-users'
 import { Application } from '../application/application'
@@ -20,15 +20,16 @@ export class AppBindingQuery {
     return await getRepository(User).findOne({ id, userType: 'application' })
   }
+  /* TODO optimize query */
   @Query(returns => AppBindingList)
   async appBindings(@Args() params: ListParam, @Ctx() context: any): Promise<UserList> {
     const { domain } = context.state
-    const convertedParams = convertListParams(params)
-    convertedParams.where = {
-      ...convertedParams.where,
-      userType: 'application'
-    }
+    // const convertedParams = convertListParams(params)
+    // convertedParams.where = {
+    //   ...convertedParams.where,
+    //   userType: 'application'
+    // } as any
     const alias: string = 'USER'
     const qb: SelectQueryBuilder<User> = buildDomainUsersQueryBuilder(domain.id, alias)

package/server/service/appliance/appliance-mutation.ts CHANGED Viewed

@@ -7,8 +7,6 @@ import { AppliancePatch, NewAppliance } from './appliance-types'
 const crypto = require('crypto')
-const debug = require('debug')('things-factory:auth-base:appliance')
 @Resolver(Appliance)
 export class ApplianceMutation {
   @Mutation(returns => Appliance, { description: 'To create new appliance' })
@@ -69,10 +67,7 @@ export class ApplianceMutation {
       context.throw(401, 'appliance is not allowed for this domain')
     }
-    debug('appiance user', appuser)
     appuser.password = Appliance.generateAccessToken(domain, appuser, appliance)
-    debug('access token', appuser.password)
     await getRepository(User).save(appuser)

package/server/service/application/application-mutation.ts CHANGED Viewed

@@ -1,10 +1,9 @@
-import { Resolver, Mutation, Arg, Ctx } from 'type-graphql'
+import { Arg, Ctx, Mutation, Resolver } from 'type-graphql'
 import { getRepository } from 'typeorm'
 import { User } from '../user/user'
 import { Application } from './application'
-import { ApplicationPatch, NewApplication, AccessToken } from './application-types'
-const debug = require('debug')('things-factory:auth-base:renew-application-access-token')
+import { AccessToken, ApplicationPatch, NewApplication } from './application-types'
 @Resolver(Application)
 export class ApplicationMutation {
@@ -48,7 +47,6 @@ export class ApplicationMutation {
   async renewApplicationAccessToken(@Arg('id') id: string, @Ctx() context: any, @Arg('scope') scope?: string) {
     const { domain } = context.state
-    debug('renew-application-access-token', 'started')
     var appuser: User = await getRepository(User).findOne({
       id,
       userType: 'application'
@@ -63,7 +61,6 @@ export class ApplicationMutation {
     if (!application) {
       throw new Error('application not found')
     }
-    debug('application', application?.name)
     var accessToken = Application.generateAccessToken(domain, appuser, application.appSecret, scope || '')
     var refreshToken = Application.generateRefreshToken(domain, appuser, application.appSecret, scope || '')

package/server/service/granted-role/granted-role-mutation.ts CHANGED Viewed

@@ -58,7 +58,7 @@ export class GrantedRoleMutation {
       let havingRefusedRoleCustomers: User[] = await getCustomerUsersByRoles(customerDomain, nonGrantedRoles, tx)
       havingRefusedRoleCustomers = havingRefusedRoleCustomers.map((customerUser: User) => {
-        const customerDomains: Domain = customerUser.domains
+        const customerDomains: Domain[] = customerUser.domains
         const customerDomainIds: string[] = customerDomains.map((domain: Domain) => domain.id)
         if (customerDomainIds.indexOf(domain.id) >= 0) {
           // Case for customer user is a member of current domain.

package/server/service/privilege/privilege-directive.ts CHANGED Viewed

@@ -6,8 +6,6 @@ import { getDirective, MapperKind, mapSchema } from '@graphql-tools/utils'
 import { User } from '../user/user'
-const debug = require('debug')('things-factory:auth-base:directive-privilege')
 process['PRIVILEGES'] = {}
 const DIRECTIVE = 'privilege'

package/server/service/privilege/privilege-mutation.ts CHANGED Viewed

@@ -1,5 +1,6 @@
-import { Resolver, Mutation, Arg, Ctx } from 'type-graphql'
+import { Arg, Ctx, Mutation, Resolver } from 'type-graphql'
 import { getRepository } from 'typeorm'
 import { Role } from '../role/role'
 import { Privilege } from './privilege'
 import { NewPrivilege, PrivilegePatch } from './privilege-types'
@@ -34,9 +35,9 @@ export class PrivilegeMutation {
     const roleIds = privilege.roles.map(role => role.id)
     if (patch.roles && patch.roles.length) {
-      patch.roles.forEach((roleId: string) => {
-        if (!roleIds.includes(roleId)) {
-          roleIds.push(roleId)
+      patch.roles.forEach(({ id }) => {
+        if (!roleIds.includes(id)) {
+          roleIds.push(id)
         }
       })
     }