@tomei/sso 0.40.4 → 0.41.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tomei/sso",
-  "version": "0.40.4",
+  "version": "0.41.0",
   "description": "Tomei SSO Package",
   "main": "dist/index.js",
   "scripts": {

package/src/components/api-key/api-key.ts

@@ -328,4 +328,104 @@ export class APIKey extends ObjectBase {
       throw error;
     }
   }
+
+  public async revoke(
+    apiKey: string,
+    loginUser: LoginUser,
+    dbTransaction: any,
+    reason?: string,
+  ) {
+    try {
+      // Part 1: Prepare Required Params
+      // Ensure apiKey, loginUser, and dbTransaction are provided.
+      // Retrieve the existing API key record from the database using the provided apiKey.
+      const apiKeyRecord = await APIKey._Repo.findOne({
+        where: { ApiKey: apiKey },
+        transaction: dbTransaction,
+      });
+      if (!apiKeyRecord) {
+        throw new ClassError(
+          'APIKey',
+          'APIKeyErrMsgO3',
+          'API key not found.',
+          'revoke',
+        );
+      }
+      const EntityValueBefore = {
+        ...apiKeyRecord.get({ plain: true }),
+      };
+
+      // Part 2: Revoke API Key
+      // Mark the API key as revoked:
+      // Set the Status to "Revoked".
+      apiKeyRecord.Status = APIKeyStatusEnum.REVOKED;
+      // Set the RevokedAt timestamp to the current date and time.\
+      apiKeyRecord.RevokedAt = new Date();
+      // Set the RevokedById to loginUser.UserId.
+      apiKeyRecord.RevokedById = loginUser.UserId;
+      // Optionally, set the revocation reason:
+      // If the reason parameter is provided, store it in the RevokedReason attribute.
+      if (reason) {
+        apiKeyRecord.RevokedReason = reason;
+      }
+
+      // Part 3: Save API Key to Database
+      // Call APIKey._Repo.update() by passing:
+      // The updated APIKey instance
+      // dbTransaction.
+      await APIKey._Repo.update(
+        {
+          ...apiKeyRecord.get({ plain: true }),
+        },
+        {
+          where: { APIKeyId: apiKeyRecord.APIKeyId },
+          transaction: dbTransaction,
+        },
+      );
+
+      // Part 4: Record Update API Key Activity
+      // Initialise EntityValueBefore variable and set to empty object.
+      // Initialise EntityValueAfter variable and set to this APIKey instance.
+      const EntityValueAfter = {
+        ...apiKeyRecord.get({ plain: true }),
+      };
+      // Instantiate new activity from Activity class, call createId() method, then set:
+      // Action: ActionEnum.Create
+      // Description: "Revoke API key."
+      // EntityType: "APIKey"
+      // EntityId: <this.APIKeyId>
+      // EntityValueBefore: EntityValueBefore
+      // EntityValueAfter: EntityValueAfter
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Revoke API key.';
+      activity.EntityType = 'APIKey';
+      activity.EntityId = apiKeyRecord.APIKeyId.toString();
+      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
+      // Call new activity create method by passing:
+      // dbTransaction
+      // userId: loginUser.ObjectId
+      await activity.create(loginUser.ObjectId, dbTransaction);
+
+      // Part 5: Returns
+      // Translate the updated APIKey entity into an object and return the following fields:
+      // ApiKey
+      // Status: "Revoked"
+      // RevokedAt
+      // RevokedById
+      // RevokedByName
+      // RevokedReason
+      return {
+        ApiKey: apiKeyRecord.ApiKey,
+        Status: apiKeyRecord.Status,
+        RevokedAt: apiKeyRecord.RevokedAt,
+        RevokedById: apiKeyRecord.RevokedById,
+        RevokedReason: apiKeyRecord.RevokedReason,
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
 }