@tsed/oidc-provider 8.11.0 → 8.11.2-rc.1

package/src/decorators/grantId.ts

@@ -1,10 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-
-import {INTERACTION_GRANT_ID, INTERACTION_PARAMS} from "../constants/constants.js";
-
-export function GrantId(): ParameterDecorator {
-  return useDecorators(Context(INTERACTION_GRANT_ID));
-}
-
-export type GrantId = string;

package/src/decorators/interaction.spec.ts

@@ -1,27 +0,0 @@
-import {Store} from "@tsed/core";
-import {GlobalProviders} from "@tsed/di";
-
-import {INTERACTION_OPTIONS} from "../constants/constants.js";
-import {OidcInteractionMethods} from "../domain/OidcInteractionMethods.js";
-import {Interaction} from "./interaction.js";
-
-describe("@Interaction", () => {
-  it("should create an interaction", () => {
-    @Interaction({
-      name: "login",
-      requestable: true,
-      priority: 0
-    })
-    class CustomInteraction implements OidcInteractionMethods {}
-
-    const store = Store.from(CustomInteraction);
-    const provider = GlobalProviders.get(CustomInteraction)!;
-
-    expect(provider.subType).toEqual("interaction");
-    expect(store.get(INTERACTION_OPTIONS)).toEqual({
-      name: "login",
-      requestable: true,
-      priority: 0
-    });
-  });
-});

package/src/decorators/interaction.ts

@@ -1,18 +0,0 @@
-import {StoreMerge, useDecorators} from "@tsed/core";
-import {Controller} from "@tsed/di";
-
-import {INTERACTION, INTERACTION_OPTIONS} from "../constants/constants.js";
-import {OidcInteractionOptions} from "../domain/OidcInteractionOptions.js";
-
-/**
- * @Oidc
- */
-export function Interaction(options: OidcInteractionOptions): ClassDecorator {
-  return useDecorators(
-    Controller({
-      path: "/",
-      subType: INTERACTION
-    }),
-    StoreMerge(INTERACTION_OPTIONS, options)
-  );
-}

package/src/decorators/interactions.spec.ts

@@ -1,23 +0,0 @@
-import "../../test/app/controllers/oidc/InteractionsCtrl.js";
-
-import {PlatformTest} from "@tsed/platform-http/testing";
-
-describe("@Interactions", () => {
-  beforeEach(() =>
-    PlatformTest.create({
-      oidc: {
-        options: {
-          claims: {}
-        }
-      } as any
-    })
-  );
-  afterEach(() => PlatformTest.create());
-  it("should create interactions", () => {
-    PlatformTest.injector.resolveConfiguration();
-
-    const oidc = PlatformTest.injector.settings.get("oidc");
-
-    expect(oidc.options.claims).toEqual({});
-  });
-});

package/src/decorators/interactions.ts

@@ -1,21 +0,0 @@
-import {Type, useDecorators} from "@tsed/core";
-import {Controller} from "@tsed/di";
-import {UseBefore} from "@tsed/platform-middlewares";
-
-import {INTERACTIONS} from "../constants/constants.js";
-import {OidcInteractionMiddleware} from "../middlewares/OidcInteractionMiddleware.js";
-import {NoCache} from "./noCache.js";
-
-export interface InteractionsOptions {
-  path: string;
-  children: Type<any>[];
-}
-
-export function Interactions(options: InteractionsOptions): ClassDecorator {
-  const {path} = options;
-  return useDecorators(
-    Controller({path, children: options.children, subType: INTERACTIONS}),
-    NoCache(),
-    UseBefore(OidcInteractionMiddleware)
-  );
-}

package/src/decorators/noCache.ts

@@ -1,7 +0,0 @@
-import {UseBefore} from "@tsed/platform-middlewares";
-
-import {OidcNoCacheMiddleware} from "../middlewares/OidcNoCacheMiddleware.js";
-
-export function NoCache(): ClassDecorator {
-  return UseBefore(OidcNoCacheMiddleware) as ClassDecorator;
-}

package/src/decorators/oidcCtx.spec.ts

@@ -1,17 +0,0 @@
-import {JsonParameterStore} from "@tsed/schema";
-
-import {INTERACTION_CONTEXT} from "../constants/constants.js";
-import {OidcCtx} from "./oidcCtx.js";
-
-describe("@OidcCtx", () => {
-  it("should inject uid", () => {
-    class MyInteraction {
-      $prompt(@OidcCtx() oidcCtx: OidcCtx) {}
-    }
-
-    const entity = JsonParameterStore.get(MyInteraction, "$prompt", 0);
-
-    expect(entity.paramType).toEqual("$CTX");
-    expect(entity.expression).toEqual(INTERACTION_CONTEXT);
-  });
-});

package/src/decorators/oidcCtx.ts

@@ -1,11 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-
-import {INTERACTION_CONTEXT} from "../constants/constants.js";
-import {OidcInteractionContext} from "../services/OidcInteractionContext.js";
-
-export function OidcCtx(): ParameterDecorator {
-  return useDecorators(Context(INTERACTION_CONTEXT));
-}
-
-export type OidcCtx = OidcInteractionContext;

package/src/decorators/oidcSession.spec.ts

@@ -1,17 +0,0 @@
-import {JsonParameterStore} from "@tsed/schema";
-
-import {INTERACTION_SESSION} from "../constants/constants.js";
-import {OidcSession} from "./oidcSession.js";
-
-describe("@OidcSession", () => {
-  it("should inject uid", () => {
-    class MyInteraction {
-      $prompt(@OidcSession() session: OidcSession) {}
-    }
-
-    const entity = JsonParameterStore.get(MyInteraction, "$prompt", 0);
-
-    expect(entity.paramType).toEqual("$CTX");
-    expect(entity.expression).toEqual(INTERACTION_SESSION);
-  });
-});

package/src/decorators/oidcSession.ts

@@ -1,14 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-import type {default as Provider} from "oidc-provider";
-
-import {INTERACTION_SESSION} from "../constants/constants.js";
-
-/**
- * @decorator
- */
-export function OidcSession(expression?: string): ParameterDecorator {
-  return useDecorators(Context([INTERACTION_SESSION, expression].filter(Boolean).join(".")));
-}
-
-export type OidcSession = InstanceType<Provider["Session"]>;

package/src/decorators/params.spec.ts

@@ -1,17 +0,0 @@
-import {JsonParameterStore} from "@tsed/schema";
-
-import {INTERACTION_PARAMS} from "../constants/constants.js";
-import {Params} from "./params.js";
-
-describe("@Params", () => {
-  it("should inject uid", () => {
-    class MyInteraction {
-      $prompt(@Params() params: Params) {}
-    }
-
-    const entity = JsonParameterStore.get(MyInteraction, "$prompt", 0);
-
-    expect(entity.paramType).toEqual("$CTX");
-    expect(entity.expression).toEqual(INTERACTION_PARAMS);
-  });
-});

package/src/decorators/params.ts

@@ -1,10 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-
-import {INTERACTION_PARAMS} from "../constants/constants.js";
-
-export function Params(expression?: string): ParameterDecorator {
-  return useDecorators(Context([INTERACTION_PARAMS, expression].filter(Boolean).join(".")));
-}
-
-export type Params = Record<string, any>;

package/src/decorators/prompt.spec.ts

@@ -1,17 +0,0 @@
-import {JsonParameterStore} from "@tsed/schema";
-
-import {INTERACTION_PROMPT} from "../constants/constants.js";
-import {Prompt} from "./prompt.js";
-
-describe("@Prompt", () => {
-  it("should inject uid", () => {
-    class MyInteraction {
-      $prompt(@Prompt() uid: Prompt) {}
-    }
-
-    const entity = JsonParameterStore.get(MyInteraction, "$prompt", 0);
-
-    expect(entity.paramType).toEqual("$CTX");
-    expect(entity.expression).toEqual(INTERACTION_PROMPT);
-  });
-});

package/src/decorators/prompt.ts

@@ -1,11 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-import type {PromptDetail as P} from "oidc-provider";
-
-import {INTERACTION_PROMPT} from "../constants/constants.js";
-
-export function Prompt(): ParameterDecorator {
-  return useDecorators(Context(INTERACTION_PROMPT));
-}
-
-export type Prompt = P;

package/src/decorators/uid.spec.ts

@@ -1,17 +0,0 @@
-import {JsonParameterStore} from "@tsed/schema";
-
-import {INTERACTION_UID} from "../constants/constants.js";
-import {Uid} from "./uid.js";
-
-describe("@Uid", () => {
-  it("should inject uid", () => {
-    class MyInteraction {
-      $prompt(@Uid() uid: string) {}
-    }
-
-    const entity = JsonParameterStore.get(MyInteraction, "$prompt", 0);
-
-    expect(entity.paramType).toEqual("$CTX");
-    expect(entity.expression).toEqual(INTERACTION_UID);
-  });
-});

package/src/decorators/uid.ts

@@ -1,10 +0,0 @@
-import {useDecorators} from "@tsed/core";
-import {Context} from "@tsed/platform-params";
-
-import {INTERACTION_UID} from "../constants/constants.js";
-
-export function Uid(): ParameterDecorator {
-  return useDecorators(Context(INTERACTION_UID));
-}
-
-export type Uid = string;

package/src/domain/InteractionMethods.ts

@@ -1,11 +0,0 @@
-import type {CanBePromise, interactionPolicy, KoaContextWithOIDC, UnknownObject} from "oidc-provider";
-
-export interface InteractionMethods {
-  details?: (ctx: KoaContextWithOIDC) => CanBePromise<UnknownObject>;
-  checks?: () => interactionPolicy.Check[];
-  $onCreate?: (prompt: interactionPolicy.Prompt) => void | Promise<void>;
-  /**
-   * @param args Injectable parameters
-   */
-  $prompt?: (...args: any[]) => any | Promise<any>;
-}

package/src/domain/OidcAccountsMethods.ts

@@ -1,10 +0,0 @@
-import type {Account, default as Provider} from "oidc-provider";
-
-import {AccessToken, AuthorizationCode, BackchannelAuthenticationRequest, DeviceCode} from "./interfaces.js";
-
-export interface OidcAccountsMethods {
-  findAccount(
-    id: string,
-    token: AuthorizationCode | AccessToken | DeviceCode | BackchannelAuthenticationRequest | undefined
-  ): Promise<Account | undefined>;
-}

package/src/domain/OidcBadInteractionName.ts

@@ -1,3 +0,0 @@
-import {BadRequest} from "@tsed/exceptions";
-
-export class OidcBadInteractionName extends BadRequest {}

package/src/domain/OidcInteractionMethods.ts

@@ -1,3 +0,0 @@
-export interface OidcInteractionMethods {
-  $prompts?(...args: unknown[]): void | unknown | Promise<unknown>;
-}

package/src/domain/OidcInteractionOptions.ts

@@ -1,8 +0,0 @@
-import type {CanBePromise, interactionPolicy, KoaContextWithOIDC, UnknownObject} from "oidc-provider";
-export interface OidcInteractionOptions {
-  name: string;
-  requestable?: boolean | undefined;
-  priority?: number;
-  details?: (ctx: KoaContextWithOIDC) => CanBePromise<UnknownObject>;
-  checks?: interactionPolicy.Check[];
-}

package/src/domain/OidcInteractionPromptProps.ts

@@ -1,11 +0,0 @@
-import type {UnknownObject} from "oidc-provider";
-
-import {OidcClient} from "./interfaces.js";
-
-export type OidcInteractionPromptProps<Props = Record<string, any>> = {
-  client: OidcClient;
-  uid: string;
-  grantId: string;
-  details: UnknownObject;
-  params: Record<string, any>;
-} & Props;

package/src/domain/OidcSettings.ts

@@ -1,72 +0,0 @@
-import type {Adapter} from "@tsed/adapters";
-import type {Type} from "@tsed/core";
-import type {JwksKeyParameters} from "@tsed/jwks";
-import type {Configuration} from "oidc-provider";
-
-import type {OidcAccountsMethods} from "./OidcAccountsMethods.js";
-
-export interface OidcSettings extends Configuration {
-  /**
-   * force the secure cookie. By default, in dev mode it's disabled and in production it's enabled.
-   */
-  secureCookies?: boolean;
-  /**
-   * Path on which the oidc-provider instance is mounted.
-   */
-  path?: string;
-  /**
-   * Issuer URI. By default, Ts.ED create issuer with http://localhost:${httpPort}
-   */
-  issuer?: string;
-  /**
-   * Path to store jwks keys.
-   */
-  jwksPath?: string;
-  /**
-   * Generate jwks from given certificates
-   */
-  certificates?: JwksKeyParameters[];
-  /**
-   * Secure keys.
-   */
-  secureKey?: string[];
-  /**
-   * Enable proxy.
-   */
-  proxy?: boolean;
-  /**
-   * Allow redirect_uri on HTTP protocol and localhost domain.
-   */
-  allowHttpLocalhost?: boolean;
-  /**
-   * Injectable service to manage accounts.
-   */
-  Accounts?: Type<OidcAccountsMethods>;
-  /**
-   * Injectable adapter to manage database connexion.
-   */
-  Adapter?: Type<Adapter>;
-  /**
-   * Use the connection name for the OIDCRedisAdapter.
-   */
-  connectionName?: string;
-
-  plugins?: TsED.OIDCPluginSettings;
-
-  render?: {
-    /**
-     * By default ["clientSecret"] is omitted
-     */
-    omitClientProps?: string[];
-  };
-}
-
-declare global {
-  namespace TsED {
-    interface OIDCPluginSettings {}
-
-    interface Configuration {
-      oidc: OidcSettings;
-    }
-  }
-}

package/src/domain/interfaces.ts

@@ -1,13 +0,0 @@
-import type {default as Provider, interactionPolicy} from "oidc-provider";
-
-export type OIDCContext = InstanceType<Provider["OIDCContext"]>;
-export type OidcClient = InstanceType<Provider["Client"]>;
-export type DefaultPolicy = interactionPolicy.DefaultPolicy;
-export type AuthorizationCode = InstanceType<Provider["AuthorizationCode"]>;
-export type AccessToken = InstanceType<Provider["AccessToken"]>;
-export type ClientCredentials = InstanceType<Provider["ClientCredentials"]>;
-export type DeviceCode = InstanceType<Provider["DeviceCode"]>;
-export type RefreshToken = InstanceType<Provider["RefreshToken"]>;
-export type BackchannelAuthenticationRequest = InstanceType<Provider["BackchannelAuthenticationRequest"]>;
-export type Grant = InstanceType<Provider["Grant"]>;
-export type OidcInteraction = InstanceType<Provider["Interaction"]>;

package/src/index.ts

@@ -1,33 +0,0 @@
-/**
- * @file Automatically generated by @tsed/barrels.
- */
-export * from "./constants/constants.js";
-export * from "./decorators/grantId.js";
-export * from "./decorators/interaction.js";
-export * from "./decorators/interactions.js";
-export * from "./decorators/noCache.js";
-export * from "./decorators/oidcCtx.js";
-export * from "./decorators/oidcSession.js";
-export * from "./decorators/params.js";
-export * from "./decorators/prompt.js";
-export * from "./decorators/uid.js";
-export * from "./domain/InteractionMethods.js";
-export * from "./domain/interfaces.js";
-export * from "./domain/OidcAccountsMethods.js";
-export * from "./domain/OidcBadInteractionName.js";
-export * from "./domain/OidcInteractionMethods.js";
-export * from "./domain/OidcInteractionOptions.js";
-export * from "./domain/OidcInteractionPromptProps.js";
-export * from "./domain/OidcSettings.js";
-export * from "./middlewares/OidcInteractionMiddleware.js";
-export * from "./middlewares/OidcNoCacheMiddleware.js";
-export * from "./middlewares/OidcSecureMiddleware.js";
-export * from "./OidcModule.js";
-export * from "./services/OidcAdapters.js";
-export * from "./services/OidcInteractionContext.js";
-export * from "./services/OidcInteractions.js";
-export * from "./services/OidcJwks.js";
-export * from "./services/OidcPolicy.js";
-export * from "./services/OidcProvider.js";
-export * from "./utils/debug.js";
-export * from "./utils/events.js";

package/src/middlewares/OidcInteractionMiddleware.spec.ts

@@ -1,40 +0,0 @@
-import {faker} from "@faker-js/faker";
-import {PlatformTest} from "@tsed/platform-http/testing";
-
-import {
-  INTERACTION_CONTEXT,
-  INTERACTION_DETAILS,
-  INTERACTION_PARAMS,
-  INTERACTION_PROMPT,
-  INTERACTION_SESSION,
-  INTERACTION_UID
-} from "../constants/constants.js";
-import {OidcInteractionContext} from "../services/OidcInteractionContext.js";
-import {OidcInteractionMiddleware} from "./OidcInteractionMiddleware.js";
-
-describe("OidcInteractionMiddleware", () => {
-  beforeEach(() => PlatformTest.create());
-  afterEach(() => PlatformTest.reset());
-  it("should create interaction details and store it to the context", async () => {
-    const interactionDetails = {
-      uid: faker.string.uuid(),
-      prompt: {},
-      params: {},
-      session: {}
-    };
-    const oidcInteractionContext = {
-      interactionDetails: vi.fn().mockReturnValue(interactionDetails)
-    };
-
-    const middleware = await PlatformTest.invoke<OidcInteractionMiddleware>(OidcInteractionMiddleware, [
-      {
-        token: OidcInteractionContext,
-        use: oidcInteractionContext
-      }
-    ]);
-
-    await middleware.use();
-
-    expect(oidcInteractionContext.interactionDetails).toHaveBeenCalledWith();
-  });
-});

package/src/middlewares/OidcInteractionMiddleware.ts

@@ -1,14 +0,0 @@
-import {Inject} from "@tsed/di";
-import {Middleware} from "@tsed/platform-middlewares";
-
-import {OidcInteractionContext} from "../services/OidcInteractionContext.js";
-
-@Middleware()
-export class OidcInteractionMiddleware {
-  @Inject()
-  protected oidcInteractionContext: OidcInteractionContext;
-
-  async use() {
-    await this.oidcInteractionContext.interactionDetails();
-  }
-}

package/src/middlewares/OidcNoCacheMiddleware.spec.ts

@@ -1,18 +0,0 @@
-import {PlatformTest} from "@tsed/platform-http/testing";
-
-import {OidcNoCacheMiddleware} from "./OidcNoCacheMiddleware.js";
-
-describe("OidcNoCacheMiddleware", () => {
-  beforeEach(() => PlatformTest.create());
-  afterEach(() => PlatformTest.reset());
-  it("should add headers", () => {
-    const middleware = PlatformTest.get<OidcNoCacheMiddleware>(OidcNoCacheMiddleware);
-    const ctx = PlatformTest.createRequestContext();
-    vi.spyOn(ctx.response, "setHeader").mockReturnThis();
-
-    middleware.use(ctx);
-
-    expect(ctx.response.setHeader).toHaveBeenCalledWith("Pragma", "no-cache");
-    expect(ctx.response.setHeader).toHaveBeenCalledWith("Cache-Control", "no-cache, no-store");
-  });
-});

package/src/middlewares/OidcNoCacheMiddleware.ts

@@ -1,10 +0,0 @@
-import {Middleware, MiddlewareMethods} from "@tsed/platform-middlewares";
-import {Context} from "@tsed/platform-params";
-
-@Middleware()
-export class OidcNoCacheMiddleware implements MiddlewareMethods {
-  use(@Context() ctx: Context) {
-    ctx.response.setHeader("Pragma", "no-cache");
-    ctx.response.setHeader("Cache-Control", "no-cache, no-store");
-  }
-}

package/src/middlewares/OidcSecureMiddleware.spec.ts

@@ -1,106 +0,0 @@
-import {PlatformTest} from "@tsed/platform-http/testing";
-
-import {OidcSecureMiddleware} from "./OidcSecureMiddleware.js";
-
-describe("OidcSecureMiddleware", () => {
-  beforeEach(() => PlatformTest.create());
-  afterEach(() => PlatformTest.reset());
-
-  it("should check if the request is not secure on GET verb", async () => {
-    const middleware = await PlatformTest.invoke<OidcSecureMiddleware>(OidcSecureMiddleware);
-    const request = PlatformTest.createRequest({
-      secure: false,
-      method: "GET",
-      url: "/path",
-      headers: {
-        host: "host"
-      }
-    });
-
-    const ctx = PlatformTest.createRequestContext({
-      event: {
-        request
-      }
-    });
-    vi.spyOn(ctx.response, "redirect").mockReturnValue(undefined as any);
-
-    middleware.use(ctx);
-
-    expect(ctx.response.redirect).toHaveBeenCalledWith(302, "https://host/path");
-  });
-
-  it("should check if the request is not secure on HEAD verb", async () => {
-    const middleware = await PlatformTest.invoke<OidcSecureMiddleware>(OidcSecureMiddleware);
-    const ctx = PlatformTest.createRequestContext({
-      event: {
-        request: PlatformTest.createRequest({
-          secure: false,
-          method: "GET",
-          url: "/path",
-          headers: {
-            host: "host"
-          }
-        })
-      }
-    });
-
-    vi.spyOn(ctx.response, "redirect").mockReturnValue(undefined as any);
-
-    middleware.use(ctx);
-
-    expect(ctx.response.redirect).toHaveBeenCalledWith(302, "https://host/path");
-  });
-
-  it("should check if the request is not secure on POST verb", async () => {
-    const middleware = await PlatformTest.invoke<OidcSecureMiddleware>(OidcSecureMiddleware);
-    const ctx = PlatformTest.createRequestContext({
-      event: {
-        request: PlatformTest.createRequest({
-          secure: false,
-          method: "POST",
-          url: "/path",
-          headers: {
-            host: "host"
-          }
-        })
-      }
-    });
-
-    let actualError: any;
-    try {
-      middleware.use(ctx);
-    } catch (er) {
-      actualError = er;
-    }
-
-    expect(actualError.status).toEqual(400);
-    expect(actualError.message).toEqual("InvalidRequest");
-    expect(actualError.body).toEqual({
-      error: "invalid_request",
-      error_description: "Do yourself a favor and only use https"
-    });
-  });
-
-  it("should check if the request is secure on GET verb", async () => {
-    const middleware = await PlatformTest.invoke<OidcSecureMiddleware>(OidcSecureMiddleware);
-
-    const ctx = PlatformTest.createRequestContext({
-      event: {
-        request: PlatformTest.createRequest({
-          secure: true,
-          method: "GET",
-          url: "/path",
-          headers: {
-            host: "host"
-          }
-        })
-      }
-    });
-
-    vi.spyOn(ctx.response, "redirect").mockReturnValue(undefined as any);
-
-    middleware.use(ctx);
-
-    expect(ctx.response.redirect).not.toHaveBeenCalled();
-  });
-});