@toa.io/extensions.exposition 1.0.0-alpha.97 → 1.0.0-alpha.98

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/components/identity.federation/manifest.toa.yaml +13 -10
  2. package/components/identity.federation/operations/authenticate.js +8 -2
  3. package/components/identity.federation/operations/authenticate.js.map +1 -1
  4. package/components/identity.federation/operations/tsconfig.tsbuildinfo +1 -1
  5. package/components/identity.federation/operations/types/configuration.d.ts +1 -0
  6. package/components/identity.federation/source/authenticate.ts +11 -2
  7. package/components/identity.federation/source/types/configuration.ts +1 -0
  8. package/documentation/access.md +6 -5
  9. package/documentation/identity.md +11 -2
  10. package/features/{auth.claim.feature → auth.claims.feature} +7 -7
  11. package/features/authorities.federation.feature +7 -10
  12. package/features/identity.federation.feature +8 -3
  13. package/package.json +2 -2
  14. package/source/directives/auth/Authorization.ts +3 -3
  15. package/source/directives/auth/Federation.ts +7 -7
  16. package/transpiled/directives/auth/Authorization.js +3 -3
  17. package/transpiled/directives/auth/Authorization.js.map +1 -1
  18. package/transpiled/directives/auth/Federation.d.ts +2 -2
  19. package/transpiled/directives/auth/Federation.js +2 -2
  20. package/transpiled/directives/auth/Federation.js.map +1 -1
  21. package/transpiled/tsconfig.tsbuildinfo +1 -1
package/features/{auth.claim.feature → auth.claims.feature} RENAMED
@@ -16,7 +16,7 @@ Feature: Federated identity authentication
16
16
  """yaml
17
17
  /:
18
18
  GET:
19
- auth:claim:
19
+ auth:claims:
20
20
  iss: http://localhost:44444
21
21
  aud: test
22
22
  sub: Bob
@@ -39,7 +39,7 @@ Feature: Federated identity authentication
39
39
  """yaml
40
40
  /:
41
41
  GET:
42
- auth:claim:
42
+ auth:claims:
43
43
  sub: Bob
44
44
  dev:stub: ok
45
45
  """
@@ -60,7 +60,7 @@ Feature: Federated identity authentication
60
60
  """yaml
61
61
  /:
62
62
  GET:
63
- auth:claim:
63
+ auth:claims:
64
64
  iss: http://localhost:44444
65
65
  aud: test
66
66
  dev:stub: ok
@@ -82,7 +82,7 @@ Feature: Federated identity authentication
82
82
  """yaml
83
83
  /:
84
84
  GET:
85
- auth:claim:
85
+ auth:claims:
86
86
  iss: http://localhost:44444
87
87
  sub: Alice
88
88
  dev:stub: ok
@@ -104,7 +104,7 @@ Feature: Federated identity authentication
104
104
  """yaml
105
105
  /:
106
106
  GET:
107
- auth:claim:
107
+ auth:claims:
108
108
  iss: http://localhost:44444
109
109
  aud: goalkeepers
110
110
  dev:stub: ok
@@ -129,7 +129,7 @@ Feature: Federated identity authentication
129
129
  /:
130
130
  /:id:
131
131
  GET:
132
- auth:claim:
132
+ auth:claims:
133
133
  aud: :authority
134
134
  sub: /:id
135
135
  dev:stub: ok
@@ -152,7 +152,7 @@ Feature: Federated identity authentication
152
152
  /:
153
153
  /:id:
154
154
  GET:
155
- auth:claim:
155
+ auth:claims:
156
156
  iss: :domain
157
157
  sub: /:id
158
158
  dev:stub: ok
package/features/authorities.federation.feature CHANGED
@@ -7,6 +7,7 @@ Feature: OIDC tokens with authorities
7
7
  """yaml
8
8
  trust:
9
9
  - iss: http://localhost:44444
10
+ implicit: true
10
11
  """
11
12
 
12
13
 
@@ -27,31 +28,27 @@ Feature: OIDC tokens with authorities
27
28
  # create identities
28
29
  When the following request is received:
29
30
  """
30
- POST /identity/federation/ HTTP/1.1
31
+ GET /identity/ HTTP/1.1
31
32
  host: the.one.com
33
+ authorization: Bearer ${{ One.id_token }}
32
34
  accept: application/yaml
33
- content-type: application/yaml
34
-
35
- token: ${{ One.id_token }}
36
35
  """
37
36
  Then the following reply is sent:
38
37
  """
39
- 201 Created
38
+ 200 OK
40
39
 
41
40
  id: ${{ One.id }}
42
41
  """
43
42
  When the following request is received:
44
43
  """
45
- POST /identity/federation/ HTTP/1.1
44
+ GET /identity/ HTTP/1.1
45
+ authorization: Bearer ${{ Two.id_token }}
46
46
  host: the.two.com
47
47
  accept: application/yaml
48
- content-type: application/yaml
49
-
50
- token: ${{ Two.id_token }}
51
48
  """
52
49
  Then the following reply is sent:
53
50
  """
54
- 201 Created
51
+ 200 OK
55
52
 
56
53
  id: ${{ Two.id }}
57
54
  """
package/features/identity.federation.feature CHANGED
@@ -5,11 +5,12 @@ Feature: Identity Federation
5
5
  Given the `identity.federation` database is empty
6
6
  And local IDP is running
7
7
 
8
- Scenario: Getting identity for a new user
8
+ Scenario: Asymmetric tokens
9
9
  Given the `identity.federation` configuration:
10
10
  """yaml
11
11
  trust:
12
12
  - iss: http://localhost:44444
13
+ implicit: true
13
14
  """
14
15
  And the IDP token for User is issued
15
16
  When the following request is received:
@@ -56,7 +57,7 @@ Feature: Identity Federation
56
57
  id: ${{ User.id }}
57
58
  """
58
59
 
59
- Scenario: Getting identity for a user with symmetric tokens
60
+ Scenario: Symmetric tokens
60
61
  Given the `identity.federation` configuration:
61
62
  """yaml
62
63
  trust:
@@ -64,6 +65,7 @@ Feature: Identity Federation
64
65
  secrets:
65
66
  HS384:
66
67
  k1: the-secret
68
+ implicit: true
67
69
  """
68
70
  And the IDP HS384 token for GoodUser is issued with following secret:
69
71
  """
@@ -157,7 +159,7 @@ Feature: Identity Federation
157
159
  """
158
160
  Then the following reply is sent:
159
161
  """
160
- 409 Conflict
162
+ 403 Forbidden
161
163
  """
162
164
 
163
165
  Scenario: Granting a `system` role to a Principal
@@ -168,6 +170,7 @@ Feature: Identity Federation
168
170
  principal:
169
171
  iss: http://localhost:44444
170
172
  sub: root
173
+ implicit: true
171
174
  """
172
175
  And the IDP token for root is issued
173
176
 
@@ -188,6 +191,8 @@ Feature: Identity Federation
188
191
  id: ${{ root.id }}
189
192
  """
190
193
 
194
+ Then after 0.1 seconds
195
+
191
196
  # check the role
192
197
  When the following request is received:
193
198
  """
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@toa.io/extensions.exposition",
3
- "version": "1.0.0-alpha.97",
3
+ "version": "1.0.0-alpha.98",
4
4
  "description": "Toa Exposition",
5
5
  "author": "temich <tema.gurtovoy@gmail.com>",
6
6
  "homepage": "https://github.com/toa-io/toa#readme",
@@ -58,5 +58,5 @@
58
58
  "@types/negotiator": "0.6.1",
59
59
  "jest-esbuild": "0.3.0"
60
60
  },
61
- "gitHead": "ba59260d70dc1671ce547667f3caa55bb439e0ee"
61
+ "gitHead": "5cc9f6ba26a1fa718dc080914279bb89a00d39f1"
62
62
  }
package/source/directives/auth/Authorization.ts CHANGED
@@ -65,9 +65,9 @@ export class Authorization implements DirectiveFamily<Directive, Extension> {
65
65
  * If the provided credentials already exist,
66
66
  * the inception will cause a unique constraint violation on the settle stage.
67
67
  */
68
- const inception = directives.reduce((yes, directive) => yes || directive instanceof Incept, false)
68
+ // const inception = directives.reduce((yes, directive) => yes || directive instanceof Incept, false)
69
69
 
70
- input.identity = inception ? null : await this.resolve(input.authority, input.request.headers.authorization)
70
+ input.identity = await this.resolve(input.authority, input.request.headers.authorization)
71
71
 
72
72
  for (const directive of directives) {
73
73
  const allow = await directive.authorize(input.identity, input, parameters)
@@ -162,7 +162,7 @@ const constructors: Record<string, new (value: any, argument?: any) => Directive
162
162
  scheme: Scheme,
163
163
  echo: Echo,
164
164
  delegate: Delegate,
165
- claim: Federation
165
+ claims: Federation
166
166
  }
167
167
 
168
168
  const REMOTES: Remote[] = ['basic', 'federation', 'tokens', 'roles', 'bans']
package/source/directives/auth/Federation.ts CHANGED
@@ -3,20 +3,20 @@ import type { Directive, Identity, Input } from './types'
3
3
  import type { Parameter } from '../../RTD'
4
4
 
5
5
  export class Federation implements Directive {
6
- private readonly matchers: Array<[keyof Claim, Matcher]>
6
+ private readonly matchers: Array<[keyof Claims, Matcher]>
7
7
 
8
8
  public constructor (options: Options) {
9
- this.matchers = (Object.entries(options) as Array<[keyof Claim, string]>)
9
+ this.matchers = (Object.entries(options) as Array<[keyof Claims, string]>)
10
10
  .map(([key, value]) => [key, toMatcher(value)])
11
11
 
12
12
  assert.ok(this.matchers.length > 0, 'auth:claim requires at least one property defined')
13
13
  }
14
14
 
15
15
  public authorize (identity: Identity | null, context: Input, parameters: Parameter[]): boolean {
16
- if (identity === null || !('claim' in identity))
16
+ if (identity === null || !('claims' in identity))
17
17
  return false
18
18
 
19
- const claim = (identity as FederatedIdentity).claim
19
+ const claim = (identity as FederatedIdentity).claims
20
20
 
21
21
  for (const [key, match] of this.matchers)
22
22
  if (!match(claim[key], context, parameters))
@@ -69,16 +69,16 @@ function codomain (iss: string, context: Input): boolean {
69
69
 
70
70
  type Matcher = (value: string | string[], context: Input, parameters: Parameter[]) => boolean
71
71
 
72
- interface Claim {
72
+ interface Claims {
73
73
  iss: string
74
74
  sub: string
75
75
  aud: string | string[]
76
76
  }
77
77
 
78
- interface Options extends Partial<Claim> {
78
+ interface Options extends Partial<Claims> {
79
79
  iss: string
80
80
  }
81
81
 
82
82
  interface FederatedIdentity extends Identity {
83
- claim: Claim
83
+ claims: Claims
84
84
  }
package/transpiled/directives/auth/Authorization.js CHANGED
@@ -64,8 +64,8 @@ class Authorization {
64
64
  * If the provided credentials already exist,
65
65
  * the inception will cause a unique constraint violation on the settle stage.
66
66
  */
67
- const inception = directives.reduce((yes, directive) => yes || directive instanceof Incept_1.Incept, false);
68
- input.identity = inception ? null : await this.resolve(input.authority, input.request.headers.authorization);
67
+ // const inception = directives.reduce((yes, directive) => yes || directive instanceof Incept, false)
68
+ input.identity = await this.resolve(input.authority, input.request.headers.authorization);
69
69
  for (const directive of directives) {
70
70
  const allow = await directive.authorize(input.identity, input, parameters);
71
71
  if (allow)
@@ -133,7 +133,7 @@ const constructors = {
133
133
  scheme: Scheme_1.Scheme,
134
134
  echo: Echo_1.Echo,
135
135
  delegate: Delegate_1.Delegate,
136
- claim: Federation_1.Federation
136
+ claims: Federation_1.Federation
137
137
  };
138
138
  const REMOTES = ['basic', 'federation', 'tokens', 'roles', 'bans'];
139
139
  //# sourceMappingURL=Authorization.js.map
package/transpiled/directives/auth/Authorization.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Authorization.js","sourceRoot":"","sources":["../../../source/directives/auth/Authorization.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,yCAAiC;AACjC,iDAAkC;AAClC,2CAAuC;AACvC,6BAAyB;AACzB,iCAA6B;AAC7B,iCAA6B;AAC7B,qCAAiC;AACjC,iCAA6B;AAC7B,qCAAiC;AACjC,yCAAqC;AACrC,6CAAyC;AACzC,mCAA+B;AAC/B,uCAA8C;AAiB9C,MAAa,aAAa;IACR,OAAO,GAAa,CAAC,MAAM,CAAC,CAAA;IAC5B,IAAI,GAAW,MAAM,CAAA;IACrB,SAAS,GAAY,IAAI,CAAA;IAExB,OAAO,GAAG,EAAwB,CAAA;IAClC,SAAS,GAAG,EAA0B,CAAA;IAC/C,MAAM,GAAqB,IAAI,CAAA;IAC/B,IAAI,GAAqB,IAAI,CAAA;IAE9B,MAAM,CAAE,IAAY,EAAE,KAAU,EAAE,OAAgB;QACvD,qBAAM,CAAC,EAAE,CAAC,IAAI,IAAI,YAAY,EAC5B,mBAAmB,IAAI,sBAAsB,CAAC,CAAA;QAEhD,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;QAEhC,KAAK,MAAM,IAAI,IAAI,OAAO;YACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;QAE7D,OAAO,IAAA,iBAAK,EAAC,KAAK,EAChB,WAAI,EAAE,GAAG,EAAE,CAAC,IAAI,WAAI,CAAC,KAA0B,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EACtE,WAAI,EAAE,GAAG,EAAE,CAAC,IAAI,WAAI,CAAC,KAA+B,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAC7E,eAAM,EAAE,GAAG,EAAE,CAAC,IAAI,eAAM,CAAC,KAAe,EAAE,IAAI,CAAC,SAAS,CAAC,EACzD,mBAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,mBAAQ,CAAC,KAAe,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EACnE,GAAG,EAAE,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3B,CAAC;IAEM,KAAK,CAAC,SAAS,CAAE,UAAuB,EAC7C,KAAY,EACZ,UAAuB;QACvB;;;;;;WAMG;QACH,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,SAAS,EAAE,EAAE,CAAC,GAAG,IAAI,SAAS,YAAY,eAAM,EAAE,KAAK,CAAC,CAAA;QAElG,KAAK,CAAC,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;QAE5G,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;YAE1E,IAAI,KAAK;gBACP,OAAO,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAA;QACpD,CAAC;QAED,IAAI,KAAK,CAAC,QAAQ,KAAK,IAAI;YACzB,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAA;;YAE7B,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,CAAA;IAC9B,CAAC;IAEM,KAAK,CAAC,MAAM,CAAE,UAAuB,EAC1C,KAAY,EACZ,QAA8B;QAC9B,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CACnD,SAAS,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;QAEvC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAA;QAE/B,IAAI,QAAQ,KAAK,IAAI;YACnB,OAAM;QAER,IAAI,QAAQ,CAAC,MAAM,KAAK,iBAAO,IAAI,CAAC,QAAQ,CAAC,OAAO;YAClD,OAAM;QAER,gDAAgD;QAChD,IAAI,QAAQ,CAAC,KAAK,KAAK,SAAS;YAC9B,MAAM,WAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;QAEhD,IAAI,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAA;QAE3C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAS,SAAS,EAAE;YACxD,KAAK,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,QAAQ,EAAE;SAChD,CAAC,CAAA;QAEF,MAAM,aAAa,GAAG,SAAS,KAAK,EAAE,CAAA;QAEtC,QAAQ,CAAC,OAAO,KAAK,IAAI,OAAO,EAAE,CAAA;QAClC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,aAAa,CAAC,CAAA;IACtD,CAAC;IAEO,KAAK,CAAC,OAAO,CAAE,SAAiB,EAAE,aAAiC;QACzE,IAAI,aAAa,KAAK,SAAS;YAC7B,OAAO,IAAI,CAAA;QAEb,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,IAAA,aAAK,EAAC,aAAa,CAAC,CAAA;QAClD,MAAM,QAAQ,GAAG,mBAAS,CAAC,MAAM,CAAC,CAAA;QAElC,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC;YAC/B,MAAM,IAAI,IAAI,CAAC,YAAY,CAAC,kCAAkC,MAAM,GAAG,CAAC,CAAA;QAE1E,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;QAEvD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAuB,cAAc,EAAE;YACrF,KAAK,EAAE;gBACL,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAA;QAEF,IAAI,MAAM,YAAY,KAAK;YACzB,OAAO,IAAI,CAAA;QAEb,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAA;QAEhC,IAAI,MAAM,KAAK,iBAAO,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAAE,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAA;QAEtF,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAA;QACxB,QAAQ,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAA;QAEjC,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,KAAK,CAAC,MAAM,CAAE,QAAkB;QACtC,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAA;QAEvC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAM,SAAS,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAElF,OAAO,GAAG,CAAC,MAAM,CAAA;IACnB,CAAC;CACF;AA3HD,sCA2HC;AAED,MAAM,YAAY,GAAkE;IAClF,SAAS,EAAE,qBAAS;IACpB,EAAE,EAAE,OAAE;IACN,IAAI,EAAE,WAAI;IACV,IAAI,EAAE,WAAI;IACV,MAAM,EAAE,eAAM;IACd,MAAM,EAAE,eAAM;IACd,IAAI,EAAE,WAAI;IACV,QAAQ,EAAE,mBAAQ;IAClB,KAAK,EAAE,uBAAU;CAClB,CAAA;AAED,MAAM,OAAO,GAAa,CAAC,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA"}
1
+ {"version":3,"file":"Authorization.js","sourceRoot":"","sources":["../../../source/directives/auth/Authorization.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8DAAgC;AAChC,yCAAiC;AACjC,iDAAkC;AAClC,2CAAuC;AACvC,6BAAyB;AACzB,iCAA6B;AAC7B,iCAA6B;AAC7B,qCAAiC;AACjC,iCAA6B;AAC7B,qCAAiC;AACjC,yCAAqC;AACrC,6CAAyC;AACzC,mCAA+B;AAC/B,uCAA8C;AAiB9C,MAAa,aAAa;IACR,OAAO,GAAa,CAAC,MAAM,CAAC,CAAA;IAC5B,IAAI,GAAW,MAAM,CAAA;IACrB,SAAS,GAAY,IAAI,CAAA;IAExB,OAAO,GAAG,EAAwB,CAAA;IAClC,SAAS,GAAG,EAA0B,CAAA;IAC/C,MAAM,GAAqB,IAAI,CAAA;IAC/B,IAAI,GAAqB,IAAI,CAAA;IAE9B,MAAM,CAAE,IAAY,EAAE,KAAU,EAAE,OAAgB;QACvD,qBAAM,CAAC,EAAE,CAAC,IAAI,IAAI,YAAY,EAC5B,mBAAmB,IAAI,sBAAsB,CAAC,CAAA;QAEhD,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;QAEhC,KAAK,MAAM,IAAI,IAAI,OAAO;YACxB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;QAE7D,OAAO,IAAA,iBAAK,EAAC,KAAK,EAChB,WAAI,EAAE,GAAG,EAAE,CAAC,IAAI,WAAI,CAAC,KAA0B,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EACtE,WAAI,EAAE,GAAG,EAAE,CAAC,IAAI,WAAI,CAAC,KAA+B,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAC7E,eAAM,EAAE,GAAG,EAAE,CAAC,IAAI,eAAM,CAAC,KAAe,EAAE,IAAI,CAAC,SAAS,CAAC,EACzD,mBAAQ,EAAE,GAAG,EAAE,CAAC,IAAI,mBAAQ,CAAC,KAAe,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EACnE,GAAG,EAAE,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAA;IAC3B,CAAC;IAEM,KAAK,CAAC,SAAS,CAAE,UAAuB,EAC7C,KAAY,EACZ,UAAuB;QACvB;;;;;;WAMG;QACH,qGAAqG;QAErG,KAAK,CAAC,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAA;QAEzF,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;YAE1E,IAAI,KAAK;gBACP,OAAO,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAA;QACpD,CAAC;QAED,IAAI,KAAK,CAAC,QAAQ,KAAK,IAAI;YACzB,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAA;;YAE7B,MAAM,IAAI,IAAI,CAAC,SAAS,EAAE,CAAA;IAC9B,CAAC;IAEM,KAAK,CAAC,MAAM,CAAE,UAAuB,EAC1C,KAAY,EACZ,QAA8B;QAC9B,MAAM,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE,CACnD,SAAS,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAA;QAEvC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAA;QAE/B,IAAI,QAAQ,KAAK,IAAI;YACnB,OAAM;QAER,IAAI,QAAQ,CAAC,MAAM,KAAK,iBAAO,IAAI,CAAC,QAAQ,CAAC,OAAO;YAClD,OAAM;QAER,gDAAgD;QAChD,IAAI,QAAQ,CAAC,KAAK,KAAK,SAAS;YAC9B,MAAM,WAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;QAEhD,IAAI,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,MAAM,CAAA;QAE3C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAS,SAAS,EAAE;YACxD,KAAK,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,QAAQ,EAAE;SAChD,CAAC,CAAA;QAEF,MAAM,aAAa,GAAG,SAAS,KAAK,EAAE,CAAA;QAEtC,QAAQ,CAAC,OAAO,KAAK,IAAI,OAAO,EAAE,CAAA;QAClC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,aAAa,CAAC,CAAA;IACtD,CAAC;IAEO,KAAK,CAAC,OAAO,CAAE,SAAiB,EAAE,aAAiC;QACzE,IAAI,aAAa,KAAK,SAAS;YAC7B,OAAO,IAAI,CAAA;QAEb,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,IAAA,aAAK,EAAC,aAAa,CAAC,CAAA;QAClD,MAAM,QAAQ,GAAG,mBAAS,CAAC,MAAM,CAAC,CAAA;QAElC,IAAI,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC;YAC/B,MAAM,IAAI,IAAI,CAAC,YAAY,CAAC,kCAAkC,MAAM,GAAG,CAAC,CAAA;QAE1E,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;QAEvD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,CAAuB,cAAc,EAAE;YACrF,KAAK,EAAE;gBACL,SAAS;gBACT,WAAW;aACZ;SACF,CAAC,CAAA;QAEF,IAAI,MAAM,YAAY,KAAK;YACzB,OAAO,IAAI,CAAA;QAEb,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAA;QAEhC,IAAI,MAAM,KAAK,iBAAO,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAAE,MAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAA;QAEtF,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAA;QACxB,QAAQ,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAA;QAEjC,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,KAAK,CAAC,MAAM,CAAE,QAAkB;QACtC,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAA;QAEvC,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAM,SAAS,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAElF,OAAO,GAAG,CAAC,MAAM,CAAA;IACnB,CAAC;CACF;AA3HD,sCA2HC;AAED,MAAM,YAAY,GAAkE;IAClF,SAAS,EAAE,qBAAS;IACpB,EAAE,EAAE,OAAE;IACN,IAAI,EAAE,WAAI;IACV,IAAI,EAAE,WAAI;IACV,MAAM,EAAE,eAAM;IACd,MAAM,EAAE,eAAM;IACd,IAAI,EAAE,WAAI;IACV,QAAQ,EAAE,mBAAQ;IAClB,MAAM,EAAE,uBAAU;CACnB,CAAA;AAED,MAAM,OAAO,GAAa,CAAC,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAA"}
package/transpiled/directives/auth/Federation.d.ts CHANGED
@@ -5,12 +5,12 @@ export declare class Federation implements Directive {
5
5
  constructor(options: Options);
6
6
  authorize(identity: Identity | null, context: Input, parameters: Parameter[]): boolean;
7
7
  }
8
- interface Claim {
8
+ interface Claims {
9
9
  iss: string;
10
10
  sub: string;
11
11
  aud: string | string[];
12
12
  }
13
- interface Options extends Partial<Claim> {
13
+ interface Options extends Partial<Claims> {
14
14
  iss: string;
15
15
  }
16
16
  export {};
package/transpiled/directives/auth/Federation.js CHANGED
@@ -13,9 +13,9 @@ class Federation {
13
13
  node_assert_1.default.ok(this.matchers.length > 0, 'auth:claim requires at least one property defined');
14
14
  }
15
15
  authorize(identity, context, parameters) {
16
- if (identity === null || !('claim' in identity))
16
+ if (identity === null || !('claims' in identity))
17
17
  return false;
18
- const claim = identity.claim;
18
+ const claim = identity.claims;
19
19
  for (const [key, match] of this.matchers)
20
20
  if (!match(claim[key], context, parameters))
21
21
  return false;
package/transpiled/directives/auth/Federation.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"Federation.js","sourceRoot":"","sources":["../../../source/directives/auth/Federation.ts"],"names":[],"mappings":";;;;;;AAAA,8DAAgC;AAIhC,MAAa,UAAU;IACJ,QAAQ,CAA+B;IAExD,YAAoB,OAAgB;QAClC,IAAI,CAAC,QAAQ,GAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAkC;aACtE,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEjD,qBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,mDAAmD,CAAC,CAAA;IAC1F,CAAC;IAEM,SAAS,CAAE,QAAyB,EAAE,OAAc,EAAE,UAAuB;QAClF,IAAI,QAAQ,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,IAAI,QAAQ,CAAC;YAC7C,OAAO,KAAK,CAAA;QAEd,MAAM,KAAK,GAAI,QAA8B,CAAC,KAAK,CAAA;QAEnD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC;gBACzC,OAAO,KAAK,CAAA;QAEhB,OAAO,IAAI,CAAA;IACb,CAAC;CACF;AAtBD,gCAsBC;AAED,SAAS,SAAS,CAAE,UAAkB;IACpC,IAAI,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAgB,CAAA;QAE9C,IAAI,GAAG,KAAK,WAAW;YACrB,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QAEzD,IAAI,GAAG,KAAK,QAAQ;YAClB,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;gBACxB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACzB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;oBAC7C,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;YAC9B,CAAC,CAAA;QAEH,MAAM,IAAI,KAAK,CAAC,gCAAgC,UAAU,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,OAAO,CAAC,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,CAAC,UAAU;aACxC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IACpF,CAAC;IAED,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;AAC9C,CAAC;AAED,SAAS,OAAO,CAAE,KAAwB,EAAE,SAAiB;IAC3D,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QACzB,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC3B,CAAC,CAAC,KAAK,KAAK,SAAS,CAAA;AACzB,CAAC;AAED,SAAS,QAAQ,CAAE,GAAW,EAAE,OAAc;IAC5C,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAA;IACtC,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAE5D,OAAO,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAA;AAC/D,CAAC"}
1
+ {"version":3,"file":"Federation.js","sourceRoot":"","sources":["../../../source/directives/auth/Federation.ts"],"names":[],"mappings":";;;;;;AAAA,8DAAgC;AAIhC,MAAa,UAAU;IACJ,QAAQ,CAAgC;IAEzD,YAAoB,OAAgB;QAClC,IAAI,CAAC,QAAQ,GAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAmC;aACvE,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEjD,qBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,mDAAmD,CAAC,CAAA;IAC1F,CAAC;IAEM,SAAS,CAAE,QAAyB,EAAE,OAAc,EAAE,UAAuB;QAClF,IAAI,QAAQ,KAAK,IAAI,IAAI,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC;YAC9C,OAAO,KAAK,CAAA;QAEd,MAAM,KAAK,GAAI,QAA8B,CAAC,MAAM,CAAA;QAEpD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ;YACtC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,UAAU,CAAC;gBACzC,OAAO,KAAK,CAAA;QAEhB,OAAO,IAAI,CAAA;IACb,CAAC;CACF;AAtBD,gCAsBC;AAED,SAAS,SAAS,CAAE,UAAkB;IACpC,IAAI,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAgB,CAAA;QAE9C,IAAI,GAAG,KAAK,WAAW;YACrB,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;QAEzD,IAAI,GAAG,KAAK,QAAQ;YAClB,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;gBACxB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACzB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;oBAC7C,CAAC,CAAC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,CAAA;YAC9B,CAAC,CAAA;QAEH,MAAM,IAAI,KAAK,CAAC,gCAAgC,UAAU,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QAEhC,OAAO,CAAC,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,CAAC,UAAU;aACxC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,KAAK,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,CAAA;IACpF,CAAC;IAED,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;AAC9C,CAAC;AAED,SAAS,OAAO,CAAE,KAAwB,EAAE,SAAiB;IAC3D,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QACzB,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC3B,CAAC,CAAC,KAAK,KAAK,SAAS,CAAA;AACzB,CAAC;AAED,SAAS,QAAQ,CAAE,GAAW,EAAE,OAAc;IAC5C,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAA;IACtC,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAE5D,OAAO,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,QAAQ,CAAA;AAC/D,CAAC"}