@truetms/truetms-node 0.1.3 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/src/sdk/auth.js +29 -2
- package/dist/src/sdk/auth.js.map +1 -1
- package/index.ts +1 -0
- package/package.json +2 -1
- package/src/sdk/auth.ts +41 -2
package/dist/index.js
CHANGED
|
@@ -22,5 +22,6 @@ const sdk_1 = __importDefault(require("./src/sdk"));
|
|
|
22
22
|
const auth_1 = __importDefault(require("./src/sdk/auth"));
|
|
23
23
|
exports.TrueTMSAuth = auth_1.default;
|
|
24
24
|
exports.default = sdk_1.default;
|
|
25
|
+
__exportStar(require("./src/sdk/auth"), exports);
|
|
25
26
|
__exportStar(require("./src/graphql/generated"), exports);
|
|
26
27
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA,oDAAgC;AAChC,0DAAyC;AAIhC,sBAJF,cAAW,CAIE;AAFpB,kBAAe,aAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA,oDAAgC;AAChC,0DAAyC;AAIhC,sBAJF,cAAW,CAIE;AAFpB,kBAAe,aAAO,CAAC;AAGvB,iDAA+B;AAE/B,0DAAwC"}
|
package/dist/src/sdk/auth.js
CHANGED
|
@@ -12,14 +12,15 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
12
12
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
13
|
};
|
|
14
14
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.exchangeRefreshTokenForAccessToken = exports.trueTmsOpenIdClient = void 0;
|
|
15
|
+
exports.getOrganizationId = exports.exchangeRefreshTokenForAccessToken = exports.trueTmsOpenIdClient = void 0;
|
|
16
16
|
const uuid_1 = require("uuid");
|
|
17
17
|
const apisauce_1 = require("apisauce");
|
|
18
18
|
const jsonwebtoken_1 = __importDefault(require("jsonwebtoken"));
|
|
19
|
+
const jwks_rsa_1 = require("jwks-rsa");
|
|
19
20
|
const truetms_graphql_client_1 = __importDefault(require("../providers/truetms-graphql-client"));
|
|
20
21
|
const _1 = require(".");
|
|
21
22
|
const openIdConnectUrl = process.env.TRUETMS_STAGE === "QA" || process.env.TRUETMS_STAGE === "LOCAL"
|
|
22
|
-
? "https://qa-lynks-keycloak.tecafrik.com/auth/realms/
|
|
23
|
+
? "https://qa-lynks-keycloak.tecafrik.com/auth/realms/truetms/protocol/openid-connect"
|
|
23
24
|
: "https://auth.truetms.com/auth/realms/Lynks/protocol/openid-connect";
|
|
24
25
|
exports.trueTmsOpenIdClient = (0, apisauce_1.create)({
|
|
25
26
|
baseURL: openIdConnectUrl,
|
|
@@ -52,7 +53,10 @@ class TrueTMSAuth {
|
|
|
52
53
|
Authorization: `Bearer ${tokens.access_token}`,
|
|
53
54
|
})).myOrganization;
|
|
54
55
|
return {
|
|
56
|
+
// Same as refresh token, for backwards compatibility
|
|
55
57
|
token: tokens.refresh_token,
|
|
58
|
+
refreshToken: tokens.refresh_token,
|
|
59
|
+
accessToken: tokens.access_token,
|
|
56
60
|
organization: trueTmsOrganization,
|
|
57
61
|
};
|
|
58
62
|
});
|
|
@@ -75,6 +79,27 @@ class TrueTMSAuth {
|
|
|
75
79
|
return body;
|
|
76
80
|
});
|
|
77
81
|
}
|
|
82
|
+
verifyToken(token) {
|
|
83
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
84
|
+
const jwksClient = new jwks_rsa_1.JwksClient({
|
|
85
|
+
jwksUri: `${openIdConnectUrl}/certs`,
|
|
86
|
+
});
|
|
87
|
+
const getKey = (header, callback) => {
|
|
88
|
+
jwksClient.getSigningKey(header.kid, (err, key) => {
|
|
89
|
+
const signingKey = key.publicKey || key.rsaPublicKey;
|
|
90
|
+
callback(null, signingKey);
|
|
91
|
+
});
|
|
92
|
+
};
|
|
93
|
+
return new Promise((resolve, reject) => {
|
|
94
|
+
jsonwebtoken_1.default.verify(token, getKey, {}, (err, decoded) => {
|
|
95
|
+
if (err) {
|
|
96
|
+
reject(err);
|
|
97
|
+
}
|
|
98
|
+
resolve(decoded);
|
|
99
|
+
});
|
|
100
|
+
});
|
|
101
|
+
});
|
|
102
|
+
}
|
|
78
103
|
}
|
|
79
104
|
exports.default = TrueTMSAuth;
|
|
80
105
|
const accessTokenCache = {};
|
|
@@ -115,4 +140,6 @@ function exchangeRefreshTokenForAccessToken(refreshToken, clientId, clientSecret
|
|
|
115
140
|
});
|
|
116
141
|
}
|
|
117
142
|
exports.exchangeRefreshTokenForAccessToken = exchangeRefreshTokenForAccessToken;
|
|
143
|
+
const getOrganizationId = (user) => Object.keys(user.organization || {})[0];
|
|
144
|
+
exports.getOrganizationId = getOrganizationId;
|
|
118
145
|
//# sourceMappingURL=auth.js.map
|
package/dist/src/sdk/auth.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/sdk/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,+BAAkC;AAElC,uCAAkC;AAClC,
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/sdk/auth.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,+BAAkC;AAElC,uCAAkC;AAClC,gEAAwD;AACxD,uCAAsC;AAEtC,iGAAuE;AACvE,wBAAwD;AAExD,MAAM,gBAAgB,GACpB,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,OAAO;IACzE,CAAC,CAAC,oFAAoF;IACtF,CAAC,CAAC,oEAAoE,CAAC;AAE9D,QAAA,mBAAmB,GAAG,IAAA,iBAAM,EAAC;IACxC,OAAO,EAAE,gBAAgB;CAC1B,CAAC,CAAC;AAEH,MAAqB,WAAW;IAC9B,YACU,OAEP;QAFO,YAAO,GAAP,OAAO,CAEd;QAmFH,sBAAiB,GAAG,IAAA,sBAAmB,EACrC,gCAAoB,CAAC,iBAAiB,CACvC,CAAC;IApFC,CAAC;IAEE,WAAW,CAAC,GAAY,EAAE,GAAa;;YAC3C,MAAM,KAAK,GAAG,IAAA,SAAI,GAAE,CAAC;YACrB,MAAM,KAAK,GAAG,IAAA,SAAI,GAAE,CAAC;YACrB,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC3B,GAAG,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC3B,GAAG,CAAC,QAAQ,CACV,GAAG,gBAAgB,mBAAmB,IAAI,CAAC,OAAO,CAAC,QAAQ,iBAAiB,IAAI,CAAC,OAAO,CAAC,WAAW,UAAU,KAAK,6EAA6E,KAAK,cAAc,CACpN,CAAC;QACJ,CAAC;KAAA;IAEK,YAAY,CAAC,GAAY,EAAE,GAAa;;YAC5C,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,KAAK,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE;gBACzC,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;aACnC;YACD,MAAM,iBAAiB,GAAG,GAAG,CAAC,KAAK,CAAC,IAAc,CAAC;YACnD,IAAI,CAAC,iBAAiB,EAAE;gBACtB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;aAC1C;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,iBAAiB,CAAC,CAAC;YAClE,MAAM,mBAAmB,GAAG,CAC1B,MAAM,gCAAoB,CAAC,iBAAiB,CAC1C,EAAE,EACF;gBACE,aAAa,EAAE,UAAU,MAAM,CAAC,YAAY,EAAE;aAC/C,CACF,CACF,CAAC,cAAc,CAAC;YACjB,OAAO;gBACL,qDAAqD;gBACrD,KAAK,EAAE,MAAM,CAAC,aAAa;gBAC3B,YAAY,EAAE,MAAM,CAAC,aAAa;gBAClC,WAAW,EAAE,MAAM,CAAC,YAAY;gBAChC,YAAY,EAAE,mBAAmB;aAClC,CAAC;QACJ,CAAC;KAAA;IAEK,oBAAoB,CAAC,IAAY;;YACrC,MAAM,aAAa,GAAG,MAAM,2BAAmB,CAAC,IAAI,CAIlD,QAAQ,EACR,sCAAsC,IAAI,cAAc,IAAI,CAAC,OAAO,CAAC,QAAQ,kBAAkB,IAAI,CAAC,OAAO,CAAC,YAAY,iBAAiB,IAAI,CAAC,OAAO,CAAC,WAAW,uBAAuB,EACxL;gBACE,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;iBACpD;aACF,CACF,CAAC;YACF,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE;gBACrB,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;aAC5D;YACD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC;YAChC,IAAI,CAAC,IAAI,EAAE;gBACT,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;aACvE;YACD,OAAO,IAAI,CAAC;QACd,CAAC;KAAA;IAEK,WAAW,CAAC,KAAa;;YAC7B,MAAM,UAAU,GAAG,IAAI,qBAAU,CAAC;gBAChC,OAAO,EAAE,GAAG,gBAAgB,QAAQ;aACrC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,CAAC,MAAW,EAAE,QAAa,EAAE,EAAE;gBAC5C,UAAU,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAQ,EAAE,GAAQ,EAAE,EAAE;oBAC1D,MAAM,UAAU,GAAG,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,YAAY,CAAC;oBACrD,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBAC7B,CAAC,CAAC,CAAC;YACL,CAAC,CAAC;YACF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBACrC,sBAAY,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,OAAO,EAAE,EAAE;oBACtD,IAAI,GAAG,EAAE;wBACP,MAAM,CAAC,GAAG,CAAC,CAAC;qBACb;oBACD,OAAO,CAAC,OAA4B,CAAC,CAAC;gBACxC,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;KAAA;CAKF;AA1FD,8BA0FC;AAED,MAAM,gBAAgB,GAA0C,EAAE,CAAC;AAEnE,SAAsB,kCAAkC,CACtD,YAAoB,EACpB,QAAgB,EAChB,YAAoB;;QAEpB,MAAM,WAAW,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,WAAW,EAAE;YACf,MAAM,YAAY,GAAG,sBAAY,CAAC,MAAM,CAAC,WAAW,EAAE;gBACpD,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;YACH,IAAI,YAAY,IAAI,OAAO,YAAY,CAAC,GAAG,KAAK,QAAQ,EAAE;gBACxD,IAAI,YAAY,CAAC,GAAG,GAAG,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE;oBACzC,OAAO,gBAAgB,CAAC,YAAY,CAAC,CAAC;iBACvC;aACF;iBAAM;gBACL,OAAO;oBACL,YAAY,EAAE,gBAAgB,CAAC,YAAY,CAAC;oBAC5C,aAAa,EAAE,YAAY;iBAC5B,CAAC;aACH;SACF;QACD,MAAM,aAAa,GAAG,MAAM,2BAAmB,CAAC,IAAI,CAIlD,QAAQ,EACR,0CAA0C,YAAY,cAAc,QAAQ,kBAAkB,YAAY,EAAE,EAC5G;YACE,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;SACF,CACF,CAAC;QACF,IAAI,CAAC,aAAa,CAAC,EAAE,EAAE;YACrB,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;SAC5D;QACD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC;QAChC,IAAI,CAAC,IAAI,EAAE;YACT,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;SACvE;QACD,gBAAgB,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC;QACnD,OAAO,IAAI,CAAC;IACd,CAAC;CAAA;AA3CD,gFA2CC;AAaM,MAAM,iBAAiB,GAAG,CAC/B,IAAuB,EACH,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAFpD,QAAA,iBAAiB,qBAEmC"}
|
package/index.ts
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@truetms/truetms-node",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.2.0",
|
|
4
4
|
"description": "Integrate with TrueTMS APIs from NodeJS",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -48,6 +48,7 @@
|
|
|
48
48
|
"graphql-request": "^5.1.0",
|
|
49
49
|
"graphql-tag": "^2.12.6",
|
|
50
50
|
"jsonwebtoken": "^9.0.0",
|
|
51
|
+
"jwks-rsa": "^3.0.1",
|
|
51
52
|
"uuid": "^9.0.0"
|
|
52
53
|
}
|
|
53
54
|
}
|
package/src/sdk/auth.ts
CHANGED
|
@@ -1,14 +1,15 @@
|
|
|
1
1
|
import { v4 as uuid } from "uuid";
|
|
2
2
|
import { Request, Response } from "express";
|
|
3
3
|
import { create } from "apisauce";
|
|
4
|
-
import jsonwebtoken from "jsonwebtoken";
|
|
4
|
+
import jsonwebtoken, { JwtPayload } from "jsonwebtoken";
|
|
5
|
+
import { JwksClient } from "jwks-rsa";
|
|
5
6
|
|
|
6
7
|
import trueTmsGraphqlClient from "../providers/truetms-graphql-client";
|
|
7
8
|
import { authenticateApiCall, TrueTMSOptions } from ".";
|
|
8
9
|
|
|
9
10
|
const openIdConnectUrl =
|
|
10
11
|
process.env.TRUETMS_STAGE === "QA" || process.env.TRUETMS_STAGE === "LOCAL"
|
|
11
|
-
? "https://qa-lynks-keycloak.tecafrik.com/auth/realms/
|
|
12
|
+
? "https://qa-lynks-keycloak.tecafrik.com/auth/realms/truetms/protocol/openid-connect"
|
|
12
13
|
: "https://auth.truetms.com/auth/realms/Lynks/protocol/openid-connect";
|
|
13
14
|
|
|
14
15
|
export const trueTmsOpenIdClient = create({
|
|
@@ -50,7 +51,10 @@ export default class TrueTMSAuth {
|
|
|
50
51
|
)
|
|
51
52
|
).myOrganization;
|
|
52
53
|
return {
|
|
54
|
+
// Same as refresh token, for backwards compatibility
|
|
53
55
|
token: tokens.refresh_token,
|
|
56
|
+
refreshToken: tokens.refresh_token,
|
|
57
|
+
accessToken: tokens.access_token,
|
|
54
58
|
organization: trueTmsOrganization,
|
|
55
59
|
};
|
|
56
60
|
}
|
|
@@ -79,6 +83,26 @@ export default class TrueTMSAuth {
|
|
|
79
83
|
return body;
|
|
80
84
|
}
|
|
81
85
|
|
|
86
|
+
async verifyToken(token: string): Promise<TrueTmsJwtPayload> {
|
|
87
|
+
const jwksClient = new JwksClient({
|
|
88
|
+
jwksUri: `${openIdConnectUrl}/certs`,
|
|
89
|
+
});
|
|
90
|
+
const getKey = (header: any, callback: any) => {
|
|
91
|
+
jwksClient.getSigningKey(header.kid, (err: any, key: any) => {
|
|
92
|
+
const signingKey = key.publicKey || key.rsaPublicKey;
|
|
93
|
+
callback(null, signingKey);
|
|
94
|
+
});
|
|
95
|
+
};
|
|
96
|
+
return new Promise((resolve, reject) => {
|
|
97
|
+
jsonwebtoken.verify(token, getKey, {}, (err, decoded) => {
|
|
98
|
+
if (err) {
|
|
99
|
+
reject(err);
|
|
100
|
+
}
|
|
101
|
+
resolve(decoded as TrueTmsJwtPayload);
|
|
102
|
+
});
|
|
103
|
+
});
|
|
104
|
+
}
|
|
105
|
+
|
|
82
106
|
getMyOrganization = authenticateApiCall(
|
|
83
107
|
trueTmsGraphqlClient.getMyOrganization
|
|
84
108
|
);
|
|
@@ -130,3 +154,18 @@ export async function exchangeRefreshTokenForAccessToken(
|
|
|
130
154
|
accessTokenCache[refreshToken] = body.access_token;
|
|
131
155
|
return body;
|
|
132
156
|
}
|
|
157
|
+
|
|
158
|
+
export type TrueTmsJwtPayload = JwtPayload & {
|
|
159
|
+
organization?: {
|
|
160
|
+
[key: string]:
|
|
161
|
+
| {
|
|
162
|
+
name: string;
|
|
163
|
+
roles: string[];
|
|
164
|
+
}
|
|
165
|
+
| undefined;
|
|
166
|
+
};
|
|
167
|
+
};
|
|
168
|
+
|
|
169
|
+
export const getOrganizationId = (
|
|
170
|
+
user: TrueTmsJwtPayload
|
|
171
|
+
): string | undefined => Object.keys(user.organization || {})[0];
|