@thirdweb-dev/service-utils 0.0.0-dev-ae6f264-20230714181935 → 0.0.0-dev-81d8779-20230714182546
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.dev.js +1 -1
- package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.cjs.prod.js +1 -1
- package/cf-worker/dist/thirdweb-dev-service-utils-cf-worker.esm.js +1 -1
- package/dist/declarations/src/core/authorize/index.d.ts +1 -1
- package/dist/declarations/src/core/authorize/index.d.ts.map +1 -1
- package/dist/declarations/src/core/types.d.ts +1 -1
- package/dist/declarations/src/core/types.d.ts.map +1 -1
- package/dist/{index-ab78c807.cjs.dev.js → index-8a3bbee6.cjs.prod.js} +10 -37
- package/dist/{index-a4e1d99c.esm.js → index-bdbd7887.esm.js} +10 -37
- package/dist/{index-e567dd4f.cjs.prod.js → index-f45a96ee.cjs.dev.js} +10 -37
- package/node/dist/thirdweb-dev-service-utils-node.cjs.dev.js +1 -1
- package/node/dist/thirdweb-dev-service-utils-node.cjs.prod.js +1 -1
- package/node/dist/thirdweb-dev-service-utils-node.esm.js +1 -1
- package/package.json +1 -1
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
|
-
var index = require('../../dist/index-
|
|
5
|
+
var index = require('../../dist/index-f45a96ee.cjs.dev.js');
|
|
6
6
|
var services = require('../../dist/services-a3f36057.cjs.dev.js');
|
|
7
7
|
|
|
8
8
|
const DEFAULT_CACHE_TTL_SECONDS = 60;
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
|
-
var index = require('../../dist/index-
|
|
5
|
+
var index = require('../../dist/index-8a3bbee6.cjs.prod.js');
|
|
6
6
|
var services = require('../../dist/services-9e185105.cjs.prod.js');
|
|
7
7
|
|
|
8
8
|
const DEFAULT_CACHE_TTL_SECONDS = 60;
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { a as authorize } from '../../dist/index-
|
|
1
|
+
import { a as authorize } from '../../dist/index-bdbd7887.esm.js';
|
|
2
2
|
export { b as SERVICES, S as SERVICE_DEFINITIONS, a as SERVICE_NAMES, g as getServiceByName } from '../../dist/services-86283509.esm.js';
|
|
3
3
|
|
|
4
4
|
const DEFAULT_CACHE_TTL_SECONDS = 60;
|
|
@@ -6,7 +6,7 @@ export type AuthorizationInput = {
|
|
|
6
6
|
origin: string | null;
|
|
7
7
|
bundleId: string | null;
|
|
8
8
|
secretKeyHash: string | null;
|
|
9
|
-
targetAddress?: string
|
|
9
|
+
targetAddress?: string;
|
|
10
10
|
};
|
|
11
11
|
type CacheOptions = {
|
|
12
12
|
get: (clientId: string) => Promise<string | null>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"../../../../../src/core/authorize","sources":["index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,iBAAiB,EAElB,kBAAe;AAGhB,OAAO,EAAE,mBAAmB,EAAE,mBAAgB;AAE9C,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"../../../../../src/core/authorize","sources":["index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,iBAAiB,EAElB,kBAAe;AAGhB,OAAO,EAAE,mBAAmB,EAAE,mBAAgB;AAE9C,MAAM,MAAM,kBAAkB,GAAG;IAC/B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,YAAY,GAAG;IAClB,GAAG,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAClD,GAAG,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,cAAc,KAAK,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;IACtE,eAAe,EAAE,MAAM,CAAC;CACzB,CAAC;AASF,wBAAsB,SAAS,CAC7B,QAAQ,EAAE,kBAAkB,EAC5B,aAAa,EAAE,iBAAiB,EAChC,YAAY,CAAC,EAAE,YAAY,GAC1B,OAAO,CAAC,mBAAmB,CAAC,CAoH9B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"../../../../src/core","sources":["types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG;IAE1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"../../../../src/core","sources":["types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,aAAa,GAAG;IAE1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC"}
|
|
@@ -9,7 +9,7 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
9
9
|
const url = new URL(`${apiUrl}/v1/keys/use`);
|
|
10
10
|
url.searchParams.set("clientId", clientId);
|
|
11
11
|
url.searchParams.set("scope", serviceScope);
|
|
12
|
-
const response = await fetch(url.
|
|
12
|
+
const response = await fetch(url.href, {
|
|
13
13
|
method: "GET",
|
|
14
14
|
headers: {
|
|
15
15
|
"x-service-api-key": serviceApiKey,
|
|
@@ -25,12 +25,10 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
25
25
|
function authorizeClient(authOptions, apiKeyMeta) {
|
|
26
26
|
const {
|
|
27
27
|
origin,
|
|
28
|
-
bundleId,
|
|
29
28
|
secretKeyHash: providedSecretHash
|
|
30
29
|
} = authOptions;
|
|
31
30
|
const {
|
|
32
31
|
domains,
|
|
33
|
-
bundleIds,
|
|
34
32
|
secretHash
|
|
35
33
|
} = apiKeyMeta;
|
|
36
34
|
if (providedSecretHash) {
|
|
@@ -80,28 +78,7 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
80
78
|
};
|
|
81
79
|
}
|
|
82
80
|
|
|
83
|
-
// validate
|
|
84
|
-
if (bundleId) {
|
|
85
|
-
if (
|
|
86
|
-
// find matching bundle id, or if all bundles allowed
|
|
87
|
-
bundleIds.find(b => {
|
|
88
|
-
if (b === "*") {
|
|
89
|
-
return true;
|
|
90
|
-
}
|
|
91
|
-
return b === bundleId;
|
|
92
|
-
})) {
|
|
93
|
-
return {
|
|
94
|
-
authorized: true,
|
|
95
|
-
apiKeyMeta
|
|
96
|
-
};
|
|
97
|
-
}
|
|
98
|
-
return {
|
|
99
|
-
authorized: false,
|
|
100
|
-
errorMessage: "The bundle is not authorized for this key.",
|
|
101
|
-
errorCode: "BUNDLE_UNAUTHORIZED",
|
|
102
|
-
status: 401
|
|
103
|
-
};
|
|
104
|
-
}
|
|
81
|
+
// FIXME: validate bundle id
|
|
105
82
|
return {
|
|
106
83
|
authorized: false,
|
|
107
84
|
errorMessage: "The keys are invalid.",
|
|
@@ -110,10 +87,12 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
110
87
|
};
|
|
111
88
|
}
|
|
112
89
|
|
|
113
|
-
function authorizeService(
|
|
90
|
+
function authorizeService(apikeyMetadata, serviceConfig, authorizationPayload) {
|
|
114
91
|
const {
|
|
115
92
|
services
|
|
116
|
-
} =
|
|
93
|
+
} = apikeyMetadata;
|
|
94
|
+
// const { serviceTargetAddresses, serviceAction } = validations;
|
|
95
|
+
|
|
117
96
|
// validate services
|
|
118
97
|
const service = services.find(srv => srv.name === serviceConfig.serviceScope);
|
|
119
98
|
if (!service) {
|
|
@@ -141,17 +120,11 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
141
120
|
// validate service target addresses
|
|
142
121
|
// the service has to pass in the target address for this to be validated
|
|
143
122
|
if (authorizationPayload?.targetAddress) {
|
|
144
|
-
const
|
|
145
|
-
if (
|
|
146
|
-
return {
|
|
147
|
-
authorized: true,
|
|
148
|
-
apiKeyMeta: apiKeyMetadata
|
|
149
|
-
};
|
|
150
|
-
}
|
|
151
|
-
if (targetAddresses.some(ta => !service.targetAddresses.includes(ta))) {
|
|
123
|
+
const isTargetAddressAllowed = service.targetAddresses.includes(authorizationPayload.targetAddress);
|
|
124
|
+
if (!isTargetAddressAllowed) {
|
|
152
125
|
return {
|
|
153
126
|
authorized: false,
|
|
154
|
-
errorMessage: `The service "${serviceConfig.serviceScope}" target address is not authorized for this key.`,
|
|
127
|
+
errorMessage: `The service "${serviceConfig.serviceScope}" target address "${authorizationPayload.targetAddress}" is not authorized for this key.`,
|
|
155
128
|
errorCode: "SERVICE_TARGET_ADDRESS_UNAUTHORIZED",
|
|
156
129
|
status: 403
|
|
157
130
|
};
|
|
@@ -159,7 +132,7 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
159
132
|
}
|
|
160
133
|
return {
|
|
161
134
|
authorized: true,
|
|
162
|
-
apiKeyMeta:
|
|
135
|
+
apiKeyMeta: apikeyMetadata
|
|
163
136
|
};
|
|
164
137
|
}
|
|
165
138
|
|
|
@@ -7,7 +7,7 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
7
7
|
const url = new URL(`${apiUrl}/v1/keys/use`);
|
|
8
8
|
url.searchParams.set("clientId", clientId);
|
|
9
9
|
url.searchParams.set("scope", serviceScope);
|
|
10
|
-
const response = await fetch(url.
|
|
10
|
+
const response = await fetch(url.href, {
|
|
11
11
|
method: "GET",
|
|
12
12
|
headers: {
|
|
13
13
|
"x-service-api-key": serviceApiKey,
|
|
@@ -23,12 +23,10 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
23
23
|
function authorizeClient(authOptions, apiKeyMeta) {
|
|
24
24
|
const {
|
|
25
25
|
origin,
|
|
26
|
-
bundleId,
|
|
27
26
|
secretKeyHash: providedSecretHash
|
|
28
27
|
} = authOptions;
|
|
29
28
|
const {
|
|
30
29
|
domains,
|
|
31
|
-
bundleIds,
|
|
32
30
|
secretHash
|
|
33
31
|
} = apiKeyMeta;
|
|
34
32
|
if (providedSecretHash) {
|
|
@@ -78,28 +76,7 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
78
76
|
};
|
|
79
77
|
}
|
|
80
78
|
|
|
81
|
-
// validate
|
|
82
|
-
if (bundleId) {
|
|
83
|
-
if (
|
|
84
|
-
// find matching bundle id, or if all bundles allowed
|
|
85
|
-
bundleIds.find(b => {
|
|
86
|
-
if (b === "*") {
|
|
87
|
-
return true;
|
|
88
|
-
}
|
|
89
|
-
return b === bundleId;
|
|
90
|
-
})) {
|
|
91
|
-
return {
|
|
92
|
-
authorized: true,
|
|
93
|
-
apiKeyMeta
|
|
94
|
-
};
|
|
95
|
-
}
|
|
96
|
-
return {
|
|
97
|
-
authorized: false,
|
|
98
|
-
errorMessage: "The bundle is not authorized for this key.",
|
|
99
|
-
errorCode: "BUNDLE_UNAUTHORIZED",
|
|
100
|
-
status: 401
|
|
101
|
-
};
|
|
102
|
-
}
|
|
79
|
+
// FIXME: validate bundle id
|
|
103
80
|
return {
|
|
104
81
|
authorized: false,
|
|
105
82
|
errorMessage: "The keys are invalid.",
|
|
@@ -108,10 +85,12 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
108
85
|
};
|
|
109
86
|
}
|
|
110
87
|
|
|
111
|
-
function authorizeService(
|
|
88
|
+
function authorizeService(apikeyMetadata, serviceConfig, authorizationPayload) {
|
|
112
89
|
const {
|
|
113
90
|
services
|
|
114
|
-
} =
|
|
91
|
+
} = apikeyMetadata;
|
|
92
|
+
// const { serviceTargetAddresses, serviceAction } = validations;
|
|
93
|
+
|
|
115
94
|
// validate services
|
|
116
95
|
const service = services.find(srv => srv.name === serviceConfig.serviceScope);
|
|
117
96
|
if (!service) {
|
|
@@ -139,17 +118,11 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
139
118
|
// validate service target addresses
|
|
140
119
|
// the service has to pass in the target address for this to be validated
|
|
141
120
|
if (authorizationPayload?.targetAddress) {
|
|
142
|
-
const
|
|
143
|
-
if (
|
|
144
|
-
return {
|
|
145
|
-
authorized: true,
|
|
146
|
-
apiKeyMeta: apiKeyMetadata
|
|
147
|
-
};
|
|
148
|
-
}
|
|
149
|
-
if (targetAddresses.some(ta => !service.targetAddresses.includes(ta))) {
|
|
121
|
+
const isTargetAddressAllowed = service.targetAddresses.includes(authorizationPayload.targetAddress);
|
|
122
|
+
if (!isTargetAddressAllowed) {
|
|
150
123
|
return {
|
|
151
124
|
authorized: false,
|
|
152
|
-
errorMessage: `The service "${serviceConfig.serviceScope}" target address is not authorized for this key.`,
|
|
125
|
+
errorMessage: `The service "${serviceConfig.serviceScope}" target address "${authorizationPayload.targetAddress}" is not authorized for this key.`,
|
|
153
126
|
errorCode: "SERVICE_TARGET_ADDRESS_UNAUTHORIZED",
|
|
154
127
|
status: 403
|
|
155
128
|
};
|
|
@@ -157,7 +130,7 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
157
130
|
}
|
|
158
131
|
return {
|
|
159
132
|
authorized: true,
|
|
160
|
-
apiKeyMeta:
|
|
133
|
+
apiKeyMeta: apikeyMetadata
|
|
161
134
|
};
|
|
162
135
|
}
|
|
163
136
|
|
|
@@ -9,7 +9,7 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
9
9
|
const url = new URL(`${apiUrl}/v1/keys/use`);
|
|
10
10
|
url.searchParams.set("clientId", clientId);
|
|
11
11
|
url.searchParams.set("scope", serviceScope);
|
|
12
|
-
const response = await fetch(url.
|
|
12
|
+
const response = await fetch(url.href, {
|
|
13
13
|
method: "GET",
|
|
14
14
|
headers: {
|
|
15
15
|
"x-service-api-key": serviceApiKey,
|
|
@@ -25,12 +25,10 @@ async function fetchKeyMetadataFromApi(clientId, config) {
|
|
|
25
25
|
function authorizeClient(authOptions, apiKeyMeta) {
|
|
26
26
|
const {
|
|
27
27
|
origin,
|
|
28
|
-
bundleId,
|
|
29
28
|
secretKeyHash: providedSecretHash
|
|
30
29
|
} = authOptions;
|
|
31
30
|
const {
|
|
32
31
|
domains,
|
|
33
|
-
bundleIds,
|
|
34
32
|
secretHash
|
|
35
33
|
} = apiKeyMeta;
|
|
36
34
|
if (providedSecretHash) {
|
|
@@ -80,28 +78,7 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
80
78
|
};
|
|
81
79
|
}
|
|
82
80
|
|
|
83
|
-
// validate
|
|
84
|
-
if (bundleId) {
|
|
85
|
-
if (
|
|
86
|
-
// find matching bundle id, or if all bundles allowed
|
|
87
|
-
bundleIds.find(b => {
|
|
88
|
-
if (b === "*") {
|
|
89
|
-
return true;
|
|
90
|
-
}
|
|
91
|
-
return b === bundleId;
|
|
92
|
-
})) {
|
|
93
|
-
return {
|
|
94
|
-
authorized: true,
|
|
95
|
-
apiKeyMeta
|
|
96
|
-
};
|
|
97
|
-
}
|
|
98
|
-
return {
|
|
99
|
-
authorized: false,
|
|
100
|
-
errorMessage: "The bundle is not authorized for this key.",
|
|
101
|
-
errorCode: "BUNDLE_UNAUTHORIZED",
|
|
102
|
-
status: 401
|
|
103
|
-
};
|
|
104
|
-
}
|
|
81
|
+
// FIXME: validate bundle id
|
|
105
82
|
return {
|
|
106
83
|
authorized: false,
|
|
107
84
|
errorMessage: "The keys are invalid.",
|
|
@@ -110,10 +87,12 @@ function authorizeClient(authOptions, apiKeyMeta) {
|
|
|
110
87
|
};
|
|
111
88
|
}
|
|
112
89
|
|
|
113
|
-
function authorizeService(
|
|
90
|
+
function authorizeService(apikeyMetadata, serviceConfig, authorizationPayload) {
|
|
114
91
|
const {
|
|
115
92
|
services
|
|
116
|
-
} =
|
|
93
|
+
} = apikeyMetadata;
|
|
94
|
+
// const { serviceTargetAddresses, serviceAction } = validations;
|
|
95
|
+
|
|
117
96
|
// validate services
|
|
118
97
|
const service = services.find(srv => srv.name === serviceConfig.serviceScope);
|
|
119
98
|
if (!service) {
|
|
@@ -141,17 +120,11 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
141
120
|
// validate service target addresses
|
|
142
121
|
// the service has to pass in the target address for this to be validated
|
|
143
122
|
if (authorizationPayload?.targetAddress) {
|
|
144
|
-
const
|
|
145
|
-
if (
|
|
146
|
-
return {
|
|
147
|
-
authorized: true,
|
|
148
|
-
apiKeyMeta: apiKeyMetadata
|
|
149
|
-
};
|
|
150
|
-
}
|
|
151
|
-
if (targetAddresses.some(ta => !service.targetAddresses.includes(ta))) {
|
|
123
|
+
const isTargetAddressAllowed = service.targetAddresses.includes(authorizationPayload.targetAddress);
|
|
124
|
+
if (!isTargetAddressAllowed) {
|
|
152
125
|
return {
|
|
153
126
|
authorized: false,
|
|
154
|
-
errorMessage: `The service "${serviceConfig.serviceScope}" target address is not authorized for this key.`,
|
|
127
|
+
errorMessage: `The service "${serviceConfig.serviceScope}" target address "${authorizationPayload.targetAddress}" is not authorized for this key.`,
|
|
155
128
|
errorCode: "SERVICE_TARGET_ADDRESS_UNAUTHORIZED",
|
|
156
129
|
status: 403
|
|
157
130
|
};
|
|
@@ -159,7 +132,7 @@ function authorizeService(apiKeyMetadata, serviceConfig, authorizationPayload) {
|
|
|
159
132
|
}
|
|
160
133
|
return {
|
|
161
134
|
authorized: true,
|
|
162
|
-
apiKeyMeta:
|
|
135
|
+
apiKeyMeta: apikeyMetadata
|
|
163
136
|
};
|
|
164
137
|
}
|
|
165
138
|
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
5
|
var node_crypto = require('node:crypto');
|
|
6
|
-
var index = require('../../dist/index-
|
|
6
|
+
var index = require('../../dist/index-f45a96ee.cjs.dev.js');
|
|
7
7
|
var services = require('../../dist/services-a3f36057.cjs.dev.js');
|
|
8
8
|
|
|
9
9
|
async function authorizeNode(authInput, serviceConfig) {
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, '__esModule', { value: true });
|
|
4
4
|
|
|
5
5
|
var node_crypto = require('node:crypto');
|
|
6
|
-
var index = require('../../dist/index-
|
|
6
|
+
var index = require('../../dist/index-8a3bbee6.cjs.prod.js');
|
|
7
7
|
var services = require('../../dist/services-9e185105.cjs.prod.js');
|
|
8
8
|
|
|
9
9
|
async function authorizeNode(authInput, serviceConfig) {
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { createHash } from 'node:crypto';
|
|
2
|
-
import { a as authorize } from '../../dist/index-
|
|
2
|
+
import { a as authorize } from '../../dist/index-bdbd7887.esm.js';
|
|
3
3
|
export { b as SERVICES, S as SERVICE_DEFINITIONS, a as SERVICE_NAMES, g as getServiceByName } from '../../dist/services-86283509.esm.js';
|
|
4
4
|
|
|
5
5
|
async function authorizeNode(authInput, serviceConfig) {
|
package/package.json
CHANGED