@tomei/sso 0.61.0 → 0.61.1

package/src/components/api-key/api-key.ts

@@ -1,448 +1,448 @@
-import { ClassError, ObjectBase } from '@tomei/general';
-import { APIKeyStatusEnum } from '../../enum/api-key.enum';
-import { APIKeyRepository } from './api-key.repository';
-import { IAPIKeyAttr } from '../../interfaces/api-key-attr.interface';
-import { LoginUser } from '../login-user/login-user';
-import { ApplicationConfig } from '@tomei/config';
-import { randomBytes } from 'crypto';
-import { ActionEnum, Activity } from '@tomei/activity-history';
-import { Op } from 'sequelize';
-import { System } from '../system/system';
-
-export class APIKey extends ObjectBase {
-  ObjectId: string;
-  ObjectName: string;
-  ObjectType: 'ApiKey';
-  TableName: 'sso_APIKey';
-
-  ApiKey: string;
-  Name: string;
-  SystemCode: string;
-  Description: string;
-  Status: APIKeyStatusEnum;
-  ExpirationDate: Date;
-  RevokedReason: string;
-  _RevokedById: number;
-  _RevokedAt: Date;
-  _CreatedAt: Date;
-  _CreatedById: number;
-
-  get APIKeyId(): number {
-    return parseInt(this.ObjectId);
-  }
-
-  set APIKeyId(value: number) {
-    this.ObjectId = value.toString();
-  }
-
-  get RevokedById(): number {
-    return this._RevokedById;
-  }
-
-  get RevokedAt(): Date {
-    return this._RevokedAt;
-  }
-
-  get CreatedAt(): Date {
-    return this._CreatedAt;
-  }
-
-  get CreatedById(): number {
-    return this._CreatedById;
-  }
-
-  protected static _Repo = new APIKeyRepository();
-
-  protected constructor(apiKeyAttr?: IAPIKeyAttr) {
-    super();
-    if (apiKeyAttr) {
-      this.APIKeyId = apiKeyAttr.APIKeyId;
-      this.ApiKey = apiKeyAttr.ApiKey;
-      this.Name = apiKeyAttr.Name;
-      this.SystemCode = apiKeyAttr.SystemCode;
-      this.Description = apiKeyAttr.Description;
-      this.Status = apiKeyAttr.Status;
-      this.ExpirationDate = apiKeyAttr.ExpirationDate;
-      this._RevokedById = apiKeyAttr.RevokedById;
-      this._RevokedAt = apiKeyAttr.RevokedAt;
-      this._CreatedAt = apiKeyAttr.CreatedAt;
-      this._CreatedById = apiKeyAttr.CreatedById;
-    }
-  }
-
-  public static async init(ApiKeyId?: number, dbTransaction?: any) {
-    try {
-      if (ApiKeyId) {
-        const apiKeyAttr = await this._Repo.findByPk(
-          ApiKeyId.toString(),
-          dbTransaction,
-        );
-        if (apiKeyAttr) {
-          return new APIKey(apiKeyAttr);
-        } else {
-          throw new ClassError(
-            'APIKey',
-            'APIKeyErrMsgO1',
-            'APIKey not found',
-            'init',
-          );
-        }
-      }
-      return new APIKey();
-    } catch (error) {
-      throw error;
-    }
-  }
-
-  async generate(loginUser: LoginUser, dbTransaction?: any) {
-    //This method generates a new API key and saves it into the database.
-    try {
-      // Part 2: Privilege Checking
-      // Call loginUser.checkPrivileges() method by passing:
-      // SystemCode: <get_from_app_config>
-      // PrivilegeCode: "API_KEY_CREATE"
-      const systemCode =
-        ApplicationConfig.getComponentConfigValue('system-code');
-      const isPrivileged = await loginUser.checkPrivileges(
-        systemCode,
-        'API_KEY_CREATE',
-      );
-
-      if (!isPrivileged) {
-        throw new ClassError(
-          'APIKey',
-          'APIKeyErrMsgO2',
-          'User does not have privilege to generate API key.',
-          'generate',
-        );
-      }
-
-      // Part 3: System Existence Check
-      // Call System.init(dbTransaction, this.SystemCode) to verify the System exists.
-      // If the group does not exist, throw a NotFoundError.
-
-      await System.init(dbTransaction, this.SystemCode);
-
-      // Part 3: Generate API Key
-      // Populate the following attributes:
-      // CreatedById: Set to loginUser.UserId.
-      this._CreatedById = loginUser.UserId;
-      // CreatedAt: Set to current date time.
-      this._CreatedAt = new Date();
-      // Generate a unique API key string:
-      // Use a secure random function or crypto module to generate a 64-character hexadecimal string.
-      // Assign the generated string to this.ApiKey.
-      this.ApiKey = randomBytes(64).toString('hex');
-
-      // Part 4: Save API Key to Database
-      // Call APIKey._Repo.create() by passing:
-      // loginUser
-      // dbTransaction
-      // This APIKey instance.
-      const EntityValueAfter: any = {
-        ApiKey: this.ApiKey,
-        Name: this.Name,
-        SystemCode: this.SystemCode,
-        Status: this.Status,
-        Description: this.Description,
-        ExpirationDate: this.ExpirationDate,
-        CreatedAt: this.CreatedAt,
-        CreatedById: this.CreatedById,
-        RevokedAt: this.RevokedAt,
-        RevokedById: this.RevokedById,
-        RevokedReason: this.RevokedReason,
-      };
-
-      const data = await APIKey._Repo.create(EntityValueAfter, {
-        transaction: dbTransaction,
-      });
-      this.APIKeyId = data.APIKeyId;
-      EntityValueAfter.ApiKeyId = data.APIKeyId;
-
-      // Part 5: Record Generate API Key Activity
-      // Initialise EntityValueBefore variable and set to empty object.
-      const EntityValueBefore = {};
-      // Initialise EntityValueAfter variable and set to this APIKey instance.
-      // Instantiate new activity from Activity class, call createId() method, then set:
-      const activity = new Activity();
-      activity.ActivityId = activity.createId();
-      // Action: ActionEnum.Create
-      // Description: "Generate API key."
-      // EntityType: "APIKey"
-      // EntityId: <this.APIKeyId>
-      // EntityValueBefore: EntityValueBefore
-      // EntityValueAfter: EntityValueAfter
-      activity.Action = ActionEnum.CREATE;
-      activity.Description = 'Generate API key.';
-      activity.EntityType = 'APIKey';
-      activity.EntityId = this.ObjectId;
-      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
-      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
-      // Call new activity create method by passing:
-      // dbTransaction
-      // userId: loginUser.ObjectId
-      await activity.create(loginUser.ObjectId, dbTransaction);
-
-      // Part 6: Returns
-      // Translate the created APIKey entity into an object and return the following fields:
-      // ApiKey
-      // Name
-      // Status
-      // ExpirationDate
-      // CreatedAt
-      // CreatedById
-      // InvokedAt
-      // InvokedById
-      return {
-        ApiKey: this.ApiKey,
-        Name: this.Name,
-        Status: this.Status,
-        Description: this.Description,
-        SystemCode: this.SystemCode,
-        ExpirationDate: this.ExpirationDate,
-        CreatedAt: this.CreatedAt,
-        CreatedById: this.CreatedById,
-        RevokedAt: this.RevokedAt,
-        RevokedById: this.RevokedById,
-        RevokedReason: this.RevokedReason,
-      };
-    } catch (error) {
-      throw error;
-    }
-  }
-
-  public static async findAll(
-    pagination: { page: number; limit: number },
-    loginUser: LoginUser,
-    dbTransaction: any,
-    whereOptions: {
-      SystemCode?: string;
-      Status?: APIKeyStatusEnum;
-      ExpirationDate?: {
-        FromDate: Date;
-        ToDate: Date;
-      };
-      CreatedById?: number;
-    },
-    sortOptions?: {
-      SortBy: string;
-      SortOrder: 'ASC' | 'DESC';
-    },
-  ) {
-    try {
-      // Part 1: Privilege Checking
-      // Call the loginUser.checkPrivileges() method by passing:
-      // SystemCode: Retrieved from the application configuration.
-      // PrivilegeCode: 'API_KEY_VIEW'.
-      // Ensure the user has the necessary privileges to view API keys.
-      const systemCode =
-        ApplicationConfig.getComponentConfigValue('system-code');
-      const isPrivileged = await loginUser.checkPrivileges(
-        systemCode,
-        'API_KEY_VIEW',
-      );
-
-      if (!isPrivileged) {
-        throw new ClassError(
-          'APIKey',
-          'APIKeyErrMsgO2',
-          'User does not have privilege to generate API key.',
-          'generate',
-        );
-      }
-
-      // Part 2: Prepare Filters
-      // Ensure that whereOptions includes the necessary filters such as:
-      // Status: Filter for specific API key statuses (e.g., "Active", "Revoked").
-      // ExpirationDate: Filter for expiration date ranges (e.g., { [Op.between]: [fromDate, toDate] }).
-      // CreatedById: Filter by the user who created the API key.
-      const where = {};
-      if (whereOptions) {
-        if (whereOptions.SystemCode) {
-          where['SystemCode'] = whereOptions.SystemCode;
-        }
-        if (whereOptions.Status) {
-          where['Status'] = whereOptions.Status;
-        }
-        if (whereOptions.ExpirationDate) {
-          where['ExpirationDate'] = {
-            [Op.between]: [
-              whereOptions.ExpirationDate.FromDate,
-              whereOptions.ExpirationDate.ToDate,
-            ],
-          };
-        }
-        if (whereOptions.CreatedById) {
-          where['CreatedById'] = whereOptions.CreatedById;
-        }
-      }
-
-      const order = [];
-      if (sortOptions) {
-        // Sort the results based on the provided SortBy and SortOrder.
-        // Ensure that the SortBy field is valid and that the SortOrder is either "ASC" or "DESC".
-        if (sortOptions.SortBy) {
-          order.push([sortOptions.SortBy, sortOptions.SortOrder]);
-        }
-      } else {
-        order.push(['CreatedAt', 'DESC']);
-      }
-
-      let offset = 0;
-      if (pagination) {
-        offset = (pagination.page - 1) * pagination.limit;
-      }
-
-      // Ensure that the pagination object includes the page and limit values.
-      // Use Sequelize's findAll() method with the provided whereOptions, sortOptions, and pagination to retrieve matching API keys.
-      const data = await APIKey._Repo.findAllWithPagination({
-        where,
-        order,
-        offset,
-        limit: pagination.limit,
-        transaction: dbTransaction,
-        distinct: true,
-      });
-
-      // Return the list of API keys including:
-      // ApiKeyId
-      // ApiKey
-      // Name
-      // Status
-      // ExpirationDate
-      // CreatedAt
-      // CreatedById
-      // RevokedAt
-      // RevokedById
-      // RevokedReason
-      // Include pagination information such as:
-      // total: Total number of records,
-      // page: Current page,
-      // limit: Number of records per page.
-
-      return {
-        total: data.count,
-        ApiKeys: data.rows.map((row) => {
-          return {
-            ApiKeyId: row.APIKeyId,
-            ApiKey: row.ApiKey,
-            Name: row.Name,
-            SystemCode: row.SystemCode,
-            Description: row.Description,
-            Status: row.Status,
-            ExpirationDate: row.ExpirationDate,
-            CreatedAt: row.CreatedAt,
-            CreatedById: row.CreatedById,
-            RevokedAt: row.RevokedAt,
-            RevokedById: row.RevokedById,
-            RevokedReason: row.RevokedReason,
-          };
-        }),
-        page: pagination.page,
-        limit: pagination.limit,
-      };
-    } catch (error) {
-      throw error;
-    }
-  }
-
-  public async revoke(
-    apiKey: string,
-    loginUser: LoginUser,
-    dbTransaction: any,
-    reason?: string,
-  ) {
-    try {
-      // Part 1: Prepare Required Params
-      // Ensure apiKey, loginUser, and dbTransaction are provided.
-      // Retrieve the existing API key record from the database using the provided apiKey.
-      const apiKeyRecord = await APIKey._Repo.findOne({
-        where: { ApiKey: apiKey },
-        transaction: dbTransaction,
-      });
-      if (!apiKeyRecord) {
-        throw new ClassError(
-          'APIKey',
-          'APIKeyErrMsgO3',
-          'API key not found.',
-          'revoke',
-        );
-      }
-      const EntityValueBefore = {
-        ...apiKeyRecord.get({ plain: true }),
-      };
-
-      // Part 2: Revoke API Key
-      // Mark the API key as revoked:
-      // Set the Status to "Revoked".
-      apiKeyRecord.Status = APIKeyStatusEnum.REVOKED;
-      // Set the RevokedAt timestamp to the current date and time.\
-      apiKeyRecord.RevokedAt = new Date();
-      // Set the RevokedById to loginUser.UserId.
-      apiKeyRecord.RevokedById = loginUser.UserId;
-      // Optionally, set the revocation reason:
-      // If the reason parameter is provided, store it in the RevokedReason attribute.
-      if (reason) {
-        apiKeyRecord.RevokedReason = reason;
-      }
-
-      // Part 3: Save API Key to Database
-      // Call APIKey._Repo.update() by passing:
-      // The updated APIKey instance
-      // dbTransaction.
-      await APIKey._Repo.update(
-        {
-          ...apiKeyRecord.get({ plain: true }),
-        },
-        {
-          where: { APIKeyId: apiKeyRecord.APIKeyId },
-          transaction: dbTransaction,
-        },
-      );
-
-      // Part 4: Record Update API Key Activity
-      // Initialise EntityValueBefore variable and set to empty object.
-      // Initialise EntityValueAfter variable and set to this APIKey instance.
-      const EntityValueAfter = {
-        ...apiKeyRecord.get({ plain: true }),
-      };
-      // Instantiate new activity from Activity class, call createId() method, then set:
-      // Action: ActionEnum.Create
-      // Description: "Revoke API key."
-      // EntityType: "APIKey"
-      // EntityId: <this.APIKeyId>
-      // EntityValueBefore: EntityValueBefore
-      // EntityValueAfter: EntityValueAfter
-      const activity = new Activity();
-      activity.ActivityId = activity.createId();
-      activity.Action = ActionEnum.UPDATE;
-      activity.Description = 'Revoke API key.';
-      activity.EntityType = 'APIKey';
-      activity.EntityId = apiKeyRecord.APIKeyId.toString();
-      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
-      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
-      // Call new activity create method by passing:
-      // dbTransaction
-      // userId: loginUser.ObjectId
-      await activity.create(loginUser.ObjectId, dbTransaction);
-
-      // Part 5: Returns
-      // Translate the updated APIKey entity into an object and return the following fields:
-      // ApiKey
-      // Status: "Revoked"
-      // RevokedAt
-      // RevokedById
-      // RevokedByName
-      // RevokedReason
-      return {
-        ApiKey: apiKeyRecord.ApiKey,
-        Status: apiKeyRecord.Status,
-        RevokedAt: apiKeyRecord.RevokedAt,
-        RevokedById: apiKeyRecord.RevokedById,
-        RevokedReason: apiKeyRecord.RevokedReason,
-      };
-    } catch (error) {
-      throw error;
-    }
-  }
-}
+import { ClassError, ObjectBase } from '@tomei/general';
+import { APIKeyStatusEnum } from '../../enum/api-key.enum';
+import { APIKeyRepository } from './api-key.repository';
+import { IAPIKeyAttr } from '../../interfaces/api-key-attr.interface';
+import { LoginUser } from '../login-user/login-user';
+import { ApplicationConfig } from '@tomei/config';
+import { randomBytes } from 'crypto';
+import { ActionEnum, Activity } from '@tomei/activity-history';
+import { Op } from 'sequelize';
+import { System } from '../system/system';
+
+export class APIKey extends ObjectBase {
+  ObjectId: string;
+  ObjectName: string;
+  ObjectType: 'ApiKey';
+  TableName: 'sso_APIKey';
+
+  ApiKey: string;
+  Name: string;
+  SystemCode: string;
+  Description: string;
+  Status: APIKeyStatusEnum;
+  ExpirationDate: Date;
+  RevokedReason: string;
+  _RevokedById: number;
+  _RevokedAt: Date;
+  _CreatedAt: Date;
+  _CreatedById: number;
+
+  get APIKeyId(): number {
+    return parseInt(this.ObjectId);
+  }
+
+  set APIKeyId(value: number) {
+    this.ObjectId = value.toString();
+  }
+
+  get RevokedById(): number {
+    return this._RevokedById;
+  }
+
+  get RevokedAt(): Date {
+    return this._RevokedAt;
+  }
+
+  get CreatedAt(): Date {
+    return this._CreatedAt;
+  }
+
+  get CreatedById(): number {
+    return this._CreatedById;
+  }
+
+  protected static _Repo = new APIKeyRepository();
+
+  protected constructor(apiKeyAttr?: IAPIKeyAttr) {
+    super();
+    if (apiKeyAttr) {
+      this.APIKeyId = apiKeyAttr.APIKeyId;
+      this.ApiKey = apiKeyAttr.ApiKey;
+      this.Name = apiKeyAttr.Name;
+      this.SystemCode = apiKeyAttr.SystemCode;
+      this.Description = apiKeyAttr.Description;
+      this.Status = apiKeyAttr.Status;
+      this.ExpirationDate = apiKeyAttr.ExpirationDate;
+      this._RevokedById = apiKeyAttr.RevokedById;
+      this._RevokedAt = apiKeyAttr.RevokedAt;
+      this._CreatedAt = apiKeyAttr.CreatedAt;
+      this._CreatedById = apiKeyAttr.CreatedById;
+    }
+  }
+
+  public static async init(ApiKeyId?: number, dbTransaction?: any) {
+    try {
+      if (ApiKeyId) {
+        const apiKeyAttr = await this._Repo.findByPk(
+          ApiKeyId.toString(),
+          dbTransaction,
+        );
+        if (apiKeyAttr) {
+          return new APIKey(apiKeyAttr);
+        } else {
+          throw new ClassError(
+            'APIKey',
+            'APIKeyErrMsgO1',
+            'APIKey not found',
+            'init',
+          );
+        }
+      }
+      return new APIKey();
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  async generate(loginUser: LoginUser, dbTransaction?: any) {
+    //This method generates a new API key and saves it into the database.
+    try {
+      // Part 2: Privilege Checking
+      // Call loginUser.checkPrivileges() method by passing:
+      // SystemCode: <get_from_app_config>
+      // PrivilegeCode: "API_KEY_CREATE"
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'API_KEY_CREATE',
+      );
+
+      if (!isPrivileged) {
+        throw new ClassError(
+          'APIKey',
+          'APIKeyErrMsgO2',
+          'User does not have privilege to generate API key.',
+          'generate',
+        );
+      }
+
+      // Part 3: System Existence Check
+      // Call System.init(dbTransaction, this.SystemCode) to verify the System exists.
+      // If the group does not exist, throw a NotFoundError.
+
+      await System.init(dbTransaction, this.SystemCode);
+
+      // Part 3: Generate API Key
+      // Populate the following attributes:
+      // CreatedById: Set to loginUser.UserId.
+      this._CreatedById = loginUser.UserId;
+      // CreatedAt: Set to current date time.
+      this._CreatedAt = new Date();
+      // Generate a unique API key string:
+      // Use a secure random function or crypto module to generate a 64-character hexadecimal string.
+      // Assign the generated string to this.ApiKey.
+      this.ApiKey = randomBytes(64).toString('hex');
+
+      // Part 4: Save API Key to Database
+      // Call APIKey._Repo.create() by passing:
+      // loginUser
+      // dbTransaction
+      // This APIKey instance.
+      const EntityValueAfter: any = {
+        ApiKey: this.ApiKey,
+        Name: this.Name,
+        SystemCode: this.SystemCode,
+        Status: this.Status,
+        Description: this.Description,
+        ExpirationDate: this.ExpirationDate,
+        CreatedAt: this.CreatedAt,
+        CreatedById: this.CreatedById,
+        RevokedAt: this.RevokedAt,
+        RevokedById: this.RevokedById,
+        RevokedReason: this.RevokedReason,
+      };
+
+      const data = await APIKey._Repo.create(EntityValueAfter, {
+        transaction: dbTransaction,
+      });
+      this.APIKeyId = data.APIKeyId;
+      EntityValueAfter.ApiKeyId = data.APIKeyId;
+
+      // Part 5: Record Generate API Key Activity
+      // Initialise EntityValueBefore variable and set to empty object.
+      const EntityValueBefore = {};
+      // Initialise EntityValueAfter variable and set to this APIKey instance.
+      // Instantiate new activity from Activity class, call createId() method, then set:
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      // Action: ActionEnum.Create
+      // Description: "Generate API key."
+      // EntityType: "APIKey"
+      // EntityId: <this.APIKeyId>
+      // EntityValueBefore: EntityValueBefore
+      // EntityValueAfter: EntityValueAfter
+      activity.Action = ActionEnum.CREATE;
+      activity.Description = 'Generate API key.';
+      activity.EntityType = 'APIKey';
+      activity.EntityId = this.ObjectId;
+      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
+      // Call new activity create method by passing:
+      // dbTransaction
+      // userId: loginUser.ObjectId
+      await activity.create(loginUser.ObjectId, dbTransaction);
+
+      // Part 6: Returns
+      // Translate the created APIKey entity into an object and return the following fields:
+      // ApiKey
+      // Name
+      // Status
+      // ExpirationDate
+      // CreatedAt
+      // CreatedById
+      // InvokedAt
+      // InvokedById
+      return {
+        ApiKey: this.ApiKey,
+        Name: this.Name,
+        Status: this.Status,
+        Description: this.Description,
+        SystemCode: this.SystemCode,
+        ExpirationDate: this.ExpirationDate,
+        CreatedAt: this.CreatedAt,
+        CreatedById: this.CreatedById,
+        RevokedAt: this.RevokedAt,
+        RevokedById: this.RevokedById,
+        RevokedReason: this.RevokedReason,
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  public static async findAll(
+    pagination: { page: number; limit: number },
+    loginUser: LoginUser,
+    dbTransaction: any,
+    whereOptions: {
+      SystemCode?: string;
+      Status?: APIKeyStatusEnum;
+      ExpirationDate?: {
+        FromDate: Date;
+        ToDate: Date;
+      };
+      CreatedById?: number;
+    },
+    sortOptions?: {
+      SortBy: string;
+      SortOrder: 'ASC' | 'DESC';
+    },
+  ) {
+    try {
+      // Part 1: Privilege Checking
+      // Call the loginUser.checkPrivileges() method by passing:
+      // SystemCode: Retrieved from the application configuration.
+      // PrivilegeCode: 'API_KEY_VIEW'.
+      // Ensure the user has the necessary privileges to view API keys.
+      const systemCode =
+        ApplicationConfig.getComponentConfigValue('system-code');
+      const isPrivileged = await loginUser.checkPrivileges(
+        systemCode,
+        'API_KEY_VIEW',
+      );
+
+      if (!isPrivileged) {
+        throw new ClassError(
+          'APIKey',
+          'APIKeyErrMsgO2',
+          'User does not have privilege to generate API key.',
+          'generate',
+        );
+      }
+
+      // Part 2: Prepare Filters
+      // Ensure that whereOptions includes the necessary filters such as:
+      // Status: Filter for specific API key statuses (e.g., "Active", "Revoked").
+      // ExpirationDate: Filter for expiration date ranges (e.g., { [Op.between]: [fromDate, toDate] }).
+      // CreatedById: Filter by the user who created the API key.
+      const where = {};
+      if (whereOptions) {
+        if (whereOptions.SystemCode) {
+          where['SystemCode'] = whereOptions.SystemCode;
+        }
+        if (whereOptions.Status) {
+          where['Status'] = whereOptions.Status;
+        }
+        if (whereOptions.ExpirationDate) {
+          where['ExpirationDate'] = {
+            [Op.between]: [
+              whereOptions.ExpirationDate.FromDate,
+              whereOptions.ExpirationDate.ToDate,
+            ],
+          };
+        }
+        if (whereOptions.CreatedById) {
+          where['CreatedById'] = whereOptions.CreatedById;
+        }
+      }
+
+      const order = [];
+      if (sortOptions) {
+        // Sort the results based on the provided SortBy and SortOrder.
+        // Ensure that the SortBy field is valid and that the SortOrder is either "ASC" or "DESC".
+        if (sortOptions.SortBy) {
+          order.push([sortOptions.SortBy, sortOptions.SortOrder]);
+        }
+      } else {
+        order.push(['CreatedAt', 'DESC']);
+      }
+
+      let offset = 0;
+      if (pagination) {
+        offset = (pagination.page - 1) * pagination.limit;
+      }
+
+      // Ensure that the pagination object includes the page and limit values.
+      // Use Sequelize's findAll() method with the provided whereOptions, sortOptions, and pagination to retrieve matching API keys.
+      const data = await APIKey._Repo.findAllWithPagination({
+        where,
+        order,
+        offset,
+        limit: pagination.limit,
+        transaction: dbTransaction,
+        distinct: true,
+      });
+
+      // Return the list of API keys including:
+      // ApiKeyId
+      // ApiKey
+      // Name
+      // Status
+      // ExpirationDate
+      // CreatedAt
+      // CreatedById
+      // RevokedAt
+      // RevokedById
+      // RevokedReason
+      // Include pagination information such as:
+      // total: Total number of records,
+      // page: Current page,
+      // limit: Number of records per page.
+
+      return {
+        total: data.count,
+        ApiKeys: data.rows.map((row) => {
+          return {
+            ApiKeyId: row.APIKeyId,
+            ApiKey: row.ApiKey,
+            Name: row.Name,
+            SystemCode: row.SystemCode,
+            Description: row.Description,
+            Status: row.Status,
+            ExpirationDate: row.ExpirationDate,
+            CreatedAt: row.CreatedAt,
+            CreatedById: row.CreatedById,
+            RevokedAt: row.RevokedAt,
+            RevokedById: row.RevokedById,
+            RevokedReason: row.RevokedReason,
+          };
+        }),
+        page: pagination.page,
+        limit: pagination.limit,
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
+
+  public async revoke(
+    apiKey: string,
+    loginUser: LoginUser,
+    dbTransaction: any,
+    reason?: string,
+  ) {
+    try {
+      // Part 1: Prepare Required Params
+      // Ensure apiKey, loginUser, and dbTransaction are provided.
+      // Retrieve the existing API key record from the database using the provided apiKey.
+      const apiKeyRecord = await APIKey._Repo.findOne({
+        where: { ApiKey: apiKey },
+        transaction: dbTransaction,
+      });
+      if (!apiKeyRecord) {
+        throw new ClassError(
+          'APIKey',
+          'APIKeyErrMsgO3',
+          'API key not found.',
+          'revoke',
+        );
+      }
+      const EntityValueBefore = {
+        ...apiKeyRecord.get({ plain: true }),
+      };
+
+      // Part 2: Revoke API Key
+      // Mark the API key as revoked:
+      // Set the Status to "Revoked".
+      apiKeyRecord.Status = APIKeyStatusEnum.REVOKED;
+      // Set the RevokedAt timestamp to the current date and time.\
+      apiKeyRecord.RevokedAt = new Date();
+      // Set the RevokedById to loginUser.UserId.
+      apiKeyRecord.RevokedById = loginUser.UserId;
+      // Optionally, set the revocation reason:
+      // If the reason parameter is provided, store it in the RevokedReason attribute.
+      if (reason) {
+        apiKeyRecord.RevokedReason = reason;
+      }
+
+      // Part 3: Save API Key to Database
+      // Call APIKey._Repo.update() by passing:
+      // The updated APIKey instance
+      // dbTransaction.
+      await APIKey._Repo.update(
+        {
+          ...apiKeyRecord.get({ plain: true }),
+        },
+        {
+          where: { APIKeyId: apiKeyRecord.APIKeyId },
+          transaction: dbTransaction,
+        },
+      );
+
+      // Part 4: Record Update API Key Activity
+      // Initialise EntityValueBefore variable and set to empty object.
+      // Initialise EntityValueAfter variable and set to this APIKey instance.
+      const EntityValueAfter = {
+        ...apiKeyRecord.get({ plain: true }),
+      };
+      // Instantiate new activity from Activity class, call createId() method, then set:
+      // Action: ActionEnum.Create
+      // Description: "Revoke API key."
+      // EntityType: "APIKey"
+      // EntityId: <this.APIKeyId>
+      // EntityValueBefore: EntityValueBefore
+      // EntityValueAfter: EntityValueAfter
+      const activity = new Activity();
+      activity.ActivityId = activity.createId();
+      activity.Action = ActionEnum.UPDATE;
+      activity.Description = 'Revoke API key.';
+      activity.EntityType = 'APIKey';
+      activity.EntityId = apiKeyRecord.APIKeyId.toString();
+      activity.EntityValueBefore = JSON.stringify(EntityValueBefore);
+      activity.EntityValueAfter = JSON.stringify(EntityValueAfter);
+      // Call new activity create method by passing:
+      // dbTransaction
+      // userId: loginUser.ObjectId
+      await activity.create(loginUser.ObjectId, dbTransaction);
+
+      // Part 5: Returns
+      // Translate the updated APIKey entity into an object and return the following fields:
+      // ApiKey
+      // Status: "Revoked"
+      // RevokedAt
+      // RevokedById
+      // RevokedByName
+      // RevokedReason
+      return {
+        ApiKey: apiKeyRecord.ApiKey,
+        Status: apiKeyRecord.Status,
+        RevokedAt: apiKeyRecord.RevokedAt,
+        RevokedById: apiKeyRecord.RevokedById,
+        RevokedReason: apiKeyRecord.RevokedReason,
+      };
+    } catch (error) {
+      throw error;
+    }
+  }
+}