@tstdl/base 0.82.6 → 0.82.8

package/authentication/client/module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"module.js","sourceRoot":"","sources":["../../../source/authentication/client/module.ts"],"names":[],"mappings":";;;AACA,+CAAwC;AAExC,yDAAgD;AAEhD,qCAAkF;AAOlF,SAAgB,6BAA6B,CAAC,SAA8C,EAAE;IAC5F,IAAI,IAAA,uBAAS,EAAC,MAAM,CAAC,uBAAuB,CAAC,EAAE;QAC7C,qBAAS,CAAC,iBAAiB,CAAC,kCAAyB,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,uBAAuB,EAAE,CAAC,CAAC;KACtG;IAED,IAAI,IAAA,uBAAS,EAAC,MAAM,CAAC,yBAAyB,CAAC,EAAE;QAC/C,qBAAS,CAAC,QAAQ,CAAC,oCAA2B,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,yBAAyB,EAAE,CAAC,CAAC;KACjG;AACH,CAAC;AARD,sEAQC"}

package/authentication/client/tokens.d.ts

@@ -0,0 +1,4 @@
+import type { ApiClient } from "../../api/client";
+import type { AuthenticationApiDefinition } from '../authentication.api';
+export declare const AUTHENTICATION_API_CLIENT: import("../../container").InjectionToken<ApiClient<AuthenticationApiDefinition<any, any>>, any>;
+export declare const INITIAL_AUTHENTICATION_DATA: import("../../container").InjectionToken<unknown, any>;

package/authentication/client/tokens.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.INITIAL_AUTHENTICATION_DATA = exports.AUTHENTICATION_API_CLIENT = void 0;
+const container_1 = require("../../container");
+exports.AUTHENTICATION_API_CLIENT = (0, container_1.injectionToken)('AUTHENTICATION_API_CLIENT');
+exports.INITIAL_AUTHENTICATION_DATA = (0, container_1.injectionToken)('INITIAL_AUTHENTICATION_DATA');
+//# sourceMappingURL=tokens.js.map

package/authentication/client/tokens.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../../source/authentication/client/tokens.ts"],"names":[],"mappings":";;;AACA,+CAA6C;AAGhC,QAAA,yBAAyB,GAAG,IAAA,0BAAc,EAAmD,2BAA2B,CAAC,CAAC;AAE1H,QAAA,2BAA2B,GAAG,IAAA,0BAAc,EAAC,6BAA6B,CAAC,CAAC"}

package/authentication/index.d.ts

@@ -0,0 +1,2 @@
+export * from './authentication.api';
+export * from './models';

package/authentication/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./authentication.api"), exports);
+__exportStar(require("./models"), exports);
+//# sourceMappingURL=index.js.map

package/authentication/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../source/authentication/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,uDAAqC;AACrC,2CAAyB"}

package/authentication/models/authentication-session.model.d.ts

@@ -5,7 +5,6 @@ export declare class AuthenticationSession {
     begin: number;
     /** timestamp */
     end: number;
-    tokenId: string;
     refreshTokenHashVersion: number;
     refreshTokenSalt: Uint8Array;
     refreshTokenHash: Uint8Array;
@@ -14,7 +13,6 @@ export declare class NewAuthenticationSession {
     subject: string;
     begin: number;
     end: number;
-    tokenId: string;
     refreshTokenHashVersion: number;
     refreshTokenSalt: Uint8Array;
     refreshTokenHash: Uint8Array;

package/authentication/models/authentication-session.model.js

@@ -18,7 +18,6 @@ class AuthenticationSession {
     begin;
     /** timestamp */
     end;
-    tokenId;
     refreshTokenHashVersion;
     refreshTokenSalt;
     refreshTokenHash;
@@ -39,10 +38,6 @@ __decorate([
     (0, schema_1.Property)(),
     __metadata("design:type", Number)
 ], AuthenticationSession.prototype, "end", void 0);
-__decorate([
-    (0, schema_1.Property)(),
-    __metadata("design:type", String)
-], AuthenticationSession.prototype, "tokenId", void 0);
 __decorate([
     (0, schema_1.Property)(),
     __metadata("design:type", Number)
@@ -60,7 +55,6 @@ class NewAuthenticationSession {
     subject;
     begin;
     end;
-    tokenId;
     refreshTokenHashVersion;
     refreshTokenSalt;
     refreshTokenHash;
@@ -77,10 +71,6 @@ __decorate([
     (0, schema_1.Property)(),
     __metadata("design:type", Number)
 ], NewAuthenticationSession.prototype, "end", void 0);
-__decorate([
-    (0, schema_1.Property)(),
-    __metadata("design:type", String)
-], NewAuthenticationSession.prototype, "tokenId", void 0);
 __decorate([
     (0, schema_1.Property)(),
     __metadata("design:type", Number)

package/authentication/models/authentication-session.model.js.map

@@ -1 +1 @@
-{"version":3,"file":"authentication-session.model.js","sourceRoot":"","sources":["../../../source/authentication/models/authentication-session.model.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAoC;AAEpC,MAAa,qBAAqB;IAEhC,EAAE,CAAS;IAGX,OAAO,CAAS;IAEhB,gBAAgB;IAEhB,KAAK,CAAS;IAEd,gBAAgB;IAEhB,GAAG,CAAS;IAGZ,OAAO,CAAS;IAGhB,uBAAuB,CAAS;IAGhC,gBAAgB,CAAa;IAG7B,gBAAgB,CAAa;CAC9B;AAzBC;IAAC,IAAA,iBAAQ,GAAE;;iDACA;AAEX;IAAC,IAAA,iBAAQ,GAAE;;sDACK;AAGhB;IAAC,IAAA,iBAAQ,GAAE;;oDACG;AAGd;IAAC,IAAA,iBAAQ,GAAE;;kDACC;AAEZ;IAAC,IAAA,iBAAQ,GAAE;;sDACK;AAEhB;IAAC,IAAA,iBAAQ,GAAE;;sEACqB;AAEhC;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;+DAAC;AAE7B;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;+DAAC;AAzB/B,sDA0BC;AAED,MAAa,wBAAwB;IAEnC,OAAO,CAAS;IAGhB,KAAK,CAAS;IAGd,GAAG,CAAS;IAGZ,OAAO,CAAS;IAGhB,uBAAuB,CAAS;IAGhC,gBAAgB,CAAa;IAG7B,gBAAgB,CAAa;CAC9B;AApBC;IAAC,IAAA,iBAAQ,GAAE;;yDACK;AAEhB;IAAC,IAAA,iBAAQ,GAAE;;uDACG;AAEd;IAAC,IAAA,iBAAQ,GAAE;;qDACC;AAEZ;IAAC,IAAA,iBAAQ,GAAE;;yDACK;AAEhB;IAAC,IAAA,iBAAQ,GAAE;;yEACqB;AAEhC;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;kEAAC;AAE7B;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;kEAAC;AApB/B,4DAqBC"}
+{"version":3,"file":"authentication-session.model.js","sourceRoot":"","sources":["../../../source/authentication/models/authentication-session.model.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,yCAAoC;AAEpC,MAAa,qBAAqB;IAEhC,EAAE,CAAS;IAGX,OAAO,CAAS;IAEhB,gBAAgB;IAEhB,KAAK,CAAS;IAEd,gBAAgB;IAEhB,GAAG,CAAS;IAGZ,uBAAuB,CAAS;IAGhC,gBAAgB,CAAa;IAG7B,gBAAgB,CAAa;CAC9B;AAtBC;IAAC,IAAA,iBAAQ,GAAE;;iDACA;AAEX;IAAC,IAAA,iBAAQ,GAAE;;sDACK;AAGhB;IAAC,IAAA,iBAAQ,GAAE;;oDACG;AAGd;IAAC,IAAA,iBAAQ,GAAE;;kDACC;AAEZ;IAAC,IAAA,iBAAQ,GAAE;;sEACqB;AAEhC;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;+DAAC;AAE7B;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;+DAAC;AAtB/B,sDAuBC;AAED,MAAa,wBAAwB;IAEnC,OAAO,CAAS;IAGhB,KAAK,CAAS;IAGd,GAAG,CAAS;IAGZ,uBAAuB,CAAS;IAGhC,gBAAgB,CAAa;IAG7B,gBAAgB,CAAa;CAC9B;AAjBC;IAAC,IAAA,iBAAQ,GAAE;;yDACK;AAEhB;IAAC,IAAA,iBAAQ,GAAE;;uDACG;AAEd;IAAC,IAAA,iBAAQ,GAAE;;qDACC;AAEZ;IAAC,IAAA,iBAAQ,GAAE;;yEACqB;AAEhC;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;kEAAC;AAE7B;IAAC,IAAA,iBAAQ,GAAE;8BACO,UAAU;kEAAC;AAjB/B,4DAkBC"}

package/authentication/models/index.d.ts

@@ -1,3 +1,4 @@
 export * from './authentication-credentials.model';
 export * from './authentication-session.model';
 export * from './token-payload-base.model';
+export * from './token.model';

package/authentication/models/index.js

@@ -17,4 +17,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./authentication-credentials.model"), exports);
 __exportStar(require("./authentication-session.model"), exports);
 __exportStar(require("./token-payload-base.model"), exports);
+__exportStar(require("./token.model"), exports);
 //# sourceMappingURL=index.js.map

package/authentication/models/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../source/authentication/models/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,qEAAmD;AACnD,iEAA+C;AAC/C,6DAA2C"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../source/authentication/models/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,qEAAmD;AACnD,iEAA+C;AAC/C,6DAA2C;AAC3C,gDAA8B"}

package/authentication/models/token-payload-base.model.d.ts

@@ -1,5 +1,12 @@
 export declare class TokenPayloadBase {
+    /** token id */
     jti: string;
+    /** issue timestamp in seconds */
     iat: number;
+    /** expiration timestamp in seconds */
     exp: number;
+    /** refresh token expiration timestamp in seconds */
+    refreshTokenExp: number;
+    sessionId: string;
+    subject: string;
 }

package/authentication/models/token-payload-base.model.js

@@ -12,9 +12,16 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.TokenPayloadBase = void 0;
 const property_1 = require("../../schema/decorators/property");
 class TokenPayloadBase {
+    /** token id */
     jti;
+    /** issue timestamp in seconds */
     iat;
+    /** expiration timestamp in seconds */
     exp;
+    /** refresh token expiration timestamp in seconds */
+    refreshTokenExp;
+    sessionId;
+    subject;
 }
 __decorate([
     (0, property_1.Property)(),
@@ -28,5 +35,17 @@ __decorate([
     (0, property_1.Property)(),
     __metadata("design:type", Number)
 ], TokenPayloadBase.prototype, "exp", void 0);
+__decorate([
+    (0, property_1.Property)(),
+    __metadata("design:type", Number)
+], TokenPayloadBase.prototype, "refreshTokenExp", void 0);
+__decorate([
+    (0, property_1.Property)(),
+    __metadata("design:type", String)
+], TokenPayloadBase.prototype, "sessionId", void 0);
+__decorate([
+    (0, property_1.Property)(),
+    __metadata("design:type", String)
+], TokenPayloadBase.prototype, "subject", void 0);
 exports.TokenPayloadBase = TokenPayloadBase;
 //# sourceMappingURL=token-payload-base.model.js.map

package/authentication/models/token-payload-base.model.js.map

@@ -1 +1 @@
-{"version":3,"file":"token-payload-base.model.js","sourceRoot":"","sources":["../../../source/authentication/models/token-payload-base.model.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,+DAAwD;AAExD,MAAa,gBAAgB;IAE3B,GAAG,CAAS;IAGZ,GAAG,CAAS;IAGZ,GAAG,CAAS;CACb;AARC;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AAEZ;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AAEZ;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AARd,4CASC"}
+{"version":3,"file":"token-payload-base.model.js","sourceRoot":"","sources":["../../../source/authentication/models/token-payload-base.model.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,+DAAwD;AAExD,MAAa,gBAAgB;IAC3B,eAAe;IAEf,GAAG,CAAS;IAEZ,iCAAiC;IAEjC,GAAG,CAAS;IAEZ,sCAAsC;IAEtC,GAAG,CAAS;IAEZ,oDAAoD;IAEpD,eAAe,CAAS;IAGxB,SAAS,CAAS;IAGlB,OAAO,CAAS;CACjB;AApBC;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AAGZ;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AAGZ;IAAC,IAAA,mBAAQ,GAAE;;6CACC;AAGZ;IAAC,IAAA,mBAAQ,GAAE;;yDACa;AAExB;IAAC,IAAA,mBAAQ,GAAE;;mDACO;AAElB;IAAC,IAAA,mBAAQ,GAAE;;iDACK;AArBlB,4CAsBC"}

package/authentication/models/token.model.d.ts

@@ -0,0 +1,16 @@
+import type { Record } from "../../types";
+import type { JwtToken, JwtTokenHeader } from "../../utils/jwt";
+import type { TokenPayloadBase } from '../models';
+export type TokenHeader = {
+    v: number;
+};
+export type Token<AdditionalTokenPayload = Record<never>> = JwtToken<AdditionalTokenPayload & TokenPayloadBase, JwtTokenHeader<TokenHeader>>;
+export type TokenPayload<T> = T & TokenPayloadBase;
+export type RefreshTokenPayload = {
+    /** expiration timestamp in seconds */
+    exp: number;
+    subject: string;
+    sessionId: string;
+    secret: string;
+};
+export type RefreshToken = JwtToken<RefreshTokenPayload>;

package/authentication/models/token.model.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=token.model.js.map

package/authentication/models/token.model.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.model.js","sourceRoot":"","sources":["../../../source/authentication/models/token.model.ts"],"names":[],"mappings":""}

package/authentication/{authentication-credentials.repository.d.ts → server/authentication-credentials.repository.d.ts}

@@ -1,5 +1,5 @@
-import type { AuthenticationCredentials, NewAuthenticationCredentials } from './models';
+import type { AuthenticationCredentials, NewAuthenticationCredentials } from '../models';
 export declare abstract class AuthenticationCredentialsRepository {
-    abstract tryLoad(subject: string): Promise<AuthenticationCredentials | undefined>;
+    abstract tryLoadBySubject(subject: string): Promise<AuthenticationCredentials | undefined>;
     abstract save(credentials: NewAuthenticationCredentials | AuthenticationCredentials): Promise<void>;
 }

package/authentication/{authentication-credentials.repository.js → server/authentication-credentials.repository.js}

@@ -7,7 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthenticationCredentialsRepository = void 0;
-const reflection_1 = require("../reflection");
+const reflection_1 = require("../../reflection");
 let AuthenticationCredentialsRepository = class AuthenticationCredentialsRepository {
 };
 AuthenticationCredentialsRepository = __decorate([

package/authentication/server/authentication-credentials.repository.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authentication-credentials.repository.js","sourceRoot":"","sources":["../../../source/authentication/server/authentication-credentials.repository.ts"],"names":[],"mappings":";;;;;;;;;AAAA,iDAAqC;AAI9B,IAAe,mCAAmC,GAAlD,MAAe,mCAAmC;CAGxD,CAAA;AAHqB,mCAAmC;IADxD,IAAA,kBAAK,GAAE;GACc,mCAAmC,CAGxD;AAHqB,kFAAmC"}

package/authentication/{authentication-session.repository.d.ts → server/authentication-session.repository.d.ts}

@@ -1,8 +1,7 @@
-import type { NewEntity } from "../database";
-import type { AuthenticationSession } from './models';
+import type { NewEntity } from "../../database";
+import type { AuthenticationSession } from '../models';
 export type AuthenticationSessionExtendData = {
     end: number;
-    tokenId: string;
     refreshTokenHashVersion: number;
     refreshTokenSalt: Uint8Array;
     refreshTokenHash: Uint8Array;

package/authentication/server/authentication-session.repository.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authentication-session.repository.js","sourceRoot":"","sources":["../../../source/authentication/server/authentication-session.repository.ts"],"names":[],"mappings":";;;AAUA,MAAsB,+BAA+B;CAQpD;AARD,0EAQC"}

package/authentication/server/authentication-token-payload.provider.d.ts

@@ -0,0 +1,3 @@
+export declare abstract class AuthenticationTokenPayloadProvider<TokenPayload = any, AuthenticationData = any> {
+    abstract getTokenPayload(subject: string, authenticationData: AuthenticationData): TokenPayload | Promise<TokenPayload>;
+}

package/authentication/{authentication-token-payload.provider.js → server/authentication-token-payload.provider.js}

@@ -7,7 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AuthenticationTokenPayloadProvider = void 0;
-const reflection_1 = require("../reflection");
+const reflection_1 = require("../../reflection");
 let AuthenticationTokenPayloadProvider = class AuthenticationTokenPayloadProvider {
 };
 AuthenticationTokenPayloadProvider = __decorate([

package/authentication/server/authentication-token-payload.provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authentication-token-payload.provider.js","sourceRoot":"","sources":["../../../source/authentication/server/authentication-token-payload.provider.ts"],"names":[],"mappings":";;;;;;;;;AAAA,iDAAqC;AAG9B,IAAe,kCAAkC,GAAjD,MAAe,kCAAkC;CAEvD,CAAA;AAFqB,kCAAkC;IADvD,IAAA,kBAAK,GAAE;GACc,kCAAkC,CAEvD;AAFqB,gFAAkC"}

package/authentication/server/authentication.api-controller.d.ts

@@ -0,0 +1,13 @@
+import type { ApiController, ApiRequestData, ApiServerResult } from "../../api/types";
+import type { AuthenticationApiDefinition } from '../authentication.api';
+import type { TokenPayloadBase } from '../models';
+import { AuthenticationService } from './authentication.service';
+export declare class AuthenticationApiController<TokenPayload extends TokenPayloadBase, AuthenticationData> implements ApiController<AuthenticationApiDefinition<TokenPayload, AuthenticationData>> {
+    readonly authenticationService: AuthenticationService<TokenPayload, AuthenticationData>;
+    constructor(authenticationService: AuthenticationService<TokenPayload, AuthenticationData>);
+    token({ parameters }: ApiRequestData<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'token'>): Promise<ApiServerResult<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'token'>>;
+    refresh({ request, parameters }: ApiRequestData<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'refresh'>): Promise<ApiServerResult<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'refresh'>>;
+    endSession({ request }: ApiRequestData<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'endSession'>): Promise<ApiServerResult<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'endSession'>>;
+    timestamp(): ApiServerResult<AuthenticationApiDefinition<TokenPayload, AuthenticationData>, 'timestamp'>;
+    private getAuthenticationResponse;
+}

package/authentication/server/authentication.api-controller.js

@@ -0,0 +1,65 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthenticationApiController = void 0;
+const server_1 = require("../../api/server");
+const unauthorized_error_1 = require("../../error/unauthorized.error");
+const server_2 = require("../../http/server");
+const date_time_1 = require("../../utils/date-time");
+const authentication_api_1 = require("../authentication.api");
+const authentication_service_1 = require("./authentication.service");
+const helper_1 = require("./helper");
+let AuthenticationApiController = class AuthenticationApiController {
+    authenticationService;
+    constructor(authenticationService) {
+        this.authenticationService = authenticationService;
+    }
+    async token({ parameters }) {
+        const authenticationResult = await this.authenticationService.authenticate(parameters.subject, parameters.secret);
+        if (!authenticationResult.success) {
+            throw new unauthorized_error_1.UnauthorizedError('Invalid credentials.');
+        }
+        const result = await this.authenticationService.getToken(authenticationResult.subject, parameters.data);
+        return this.getAuthenticationResponse(result);
+    }
+    async refresh({ request, parameters }) {
+        const tokenString = (0, helper_1.tryGetAuthorizationTokenStringFromRequest)(request, 'refreshToken') ?? '';
+        const result = await this.authenticationService.refresh(tokenString, parameters.data);
+        return this.getAuthenticationResponse(result);
+    }
+    async endSession({ request }) {
+        const tokenString = (0, helper_1.tryGetAuthorizationTokenStringFromRequest)(request) ?? '';
+        const token = await this.authenticationService.validateToken(tokenString);
+        await this.authenticationService.endSession(token.payload.sessionId);
+        return 'ok';
+    }
+    timestamp() {
+        return (0, date_time_1.currentTimestamp)();
+    }
+    getAuthenticationResponse({ token, jsonToken, refreshToken }) {
+        const result = jsonToken.payload;
+        return new server_2.HttpServerResponse({
+            cookies: {
+                authorization: { value: `Bearer ${token}`, httpOnly: true, secure: true, sameSite: 'strict', expires: jsonToken.payload.refreshTokenExp * 1000 },
+                refreshToken: { value: `Bearer ${refreshToken}`, httpOnly: true, secure: true, sameSite: 'strict', expires: jsonToken.payload.refreshTokenExp * 1000 }
+            },
+            body: {
+                json: result
+            }
+        });
+    }
+};
+AuthenticationApiController = __decorate([
+    (0, server_1.apiController)(authentication_api_1.authenticationApiDefinition),
+    __metadata("design:paramtypes", [authentication_service_1.AuthenticationService])
+], AuthenticationApiController);
+exports.AuthenticationApiController = AuthenticationApiController;
+//# sourceMappingURL=authentication.api-controller.js.map

package/authentication/server/authentication.api-controller.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authentication.api-controller.js","sourceRoot":"","sources":["../../../source/authentication/server/authentication.api-controller.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,6CAA6C;AAE7C,uEAA+D;AAC/D,8CAAmD;AACnD,qDAAqD;AAErD,8DAAoE;AAGpE,qEAAiE;AACjE,qCAAqE;AAG9D,IAAM,2BAA2B,GAAjC,MAAM,2BAA2B;IAC7B,qBAAqB,CAA0D;IAExF,YAAY,qBAA8E;QACxF,IAAI,CAAC,qBAAqB,GAAG,qBAAqB,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,EAAE,UAAU,EAA0F;QAChH,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,YAAY,CAAC,UAAU,CAAC,OAAO,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;QAElH,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE;YACjC,MAAM,IAAI,sCAAiB,CAAC,sBAAsB,CAAC,CAAC;SACrD;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,oBAAoB,CAAC,OAAO,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;QAExG,OAAO,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,UAAU,EAA4F;QAC7H,MAAM,WAAW,GAAG,IAAA,kDAAyC,EAAC,OAAO,EAAE,cAAc,CAAC,IAAI,EAAE,CAAC;QAC7F,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtF,OAAO,IAAI,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,EAAE,OAAO,EAA+F;QACvH,MAAM,WAAW,GAAG,IAAA,kDAAyC,EAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAC7E,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAC1E,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAErE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,SAAS;QACP,OAAO,IAAA,4BAAgB,GAAE,CAAC;IAC5B,CAAC;IAEO,yBAAyB,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY,EAA6B;QAC7F,MAAM,MAAM,GAA4F,SAAS,CAAC,OAAO,CAAC;QAE1H,OAAO,IAAI,2BAAkB,CAAC;YAC5B,OAAO,EAAE;gBACP,aAAa,EAAE,EAAE,KAAK,EAAE,UAAU,KAAK,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,eAAe,GAAG,IAAI,EAAE;gBAChJ,YAAY,EAAE,EAAE,KAAK,EAAE,UAAU,YAAY,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC,eAAe,GAAG,IAAI,EAAE;aACvJ;YACD,IAAI,EAAE;gBACJ,IAAI,EAAE,MAAM;aACb;SACF,CAAC,CAAC;IACL,CAAC;CACF,CAAA;AAnDY,2BAA2B;IADvC,IAAA,sBAAa,EAAC,gDAA2B,CAAC;qCAIN,8CAAqB;GAH7C,2BAA2B,CAmDvC;AAnDY,kEAA2B"}

package/authentication/{authentication.service.d.ts → server/authentication.service.d.ts}

@@ -1,14 +1,12 @@
-import type { JwtToken, JwtTokenHeader } from "../utils/jwt";
+import type { AfterResolve } from "../../container";
+import { afterResolve } from "../../container";
+import type { Record } from "../../types";
+import type { RefreshToken, Token } from '../models';
 import { AuthenticationCredentialsRepository } from './authentication-credentials.repository';
 import { AuthenticationSessionRepository } from './authentication-session.repository';
 import { AuthenticationTokenPayloadProvider } from './authentication-token-payload.provider';
-import type { TokenPayloadBase } from './models';
-export type Token<AdditionalTokenPayload> = JwtToken<AdditionalTokenPayload & TokenPayloadBase, JwtTokenHeader<TokenHeader>>;
-export type TokenHeader = {
-    v: number;
-};
 export type AuthenticationServiceOptions = {
-    /** Secret used for signing tokens */
+    /** Secret used for signing tokens and refreshTokens */
     secret: string;
     /** Token version, forces refresh on mismatch (useful if payload changes) */
     version?: number;
@@ -18,10 +16,18 @@ export type AuthenticationServiceOptions = {
     sessionTimeToLive?: number;
 };
 export type AuthenticationResult = {
+    success: true;
+    subject: string;
+} | {
+    success: false;
+    subject?: undefined;
+};
+export type TokenResult<AdditionalTokenPayload = Record<never>> = {
     token: string;
+    jsonToken: Token<AdditionalTokenPayload>;
     refreshToken: string;
 };
-export declare class AuthenticationService<AdditionalTokenPayload, AdditionalAuthenticationData> {
+export declare class AuthenticationService<AdditionalTokenPayload = Record<never>, AdditionalAuthenticationData = Record<never>> implements AfterResolve {
     private readonly credentialsRepository;
     private readonly sessionRepository;
     private readonly tokenPayloadProviderService;
@@ -29,14 +35,20 @@ export declare class AuthenticationService<AdditionalTokenPayload, AdditionalAut
     private readonly tokenVersion;
     private readonly tokenTimeToLive;
     private readonly sessionTimeToLive;
+    private derivedTokenSigningSecret;
+    private derivedRefreshTokenSigningSecret;
     constructor(credentialsService: AuthenticationCredentialsRepository, sessionRepository: AuthenticationSessionRepository, tokenPayloadProviderService: AuthenticationTokenPayloadProvider<AdditionalTokenPayload, AdditionalAuthenticationData>, options: AuthenticationServiceOptions);
+    [afterResolve](): Promise<void>;
+    initialize(): Promise<void>;
     setCredentials(subject: string, secret: string): Promise<void>;
-    authenticate(subject: string, secret: string): Promise<boolean>;
-    getToken(subject: string, secret: string, additionalAuthenticationData: AdditionalAuthenticationData): Promise<AuthenticationResult>;
+    authenticate(subject: string, secret: string): Promise<AuthenticationResult>;
+    getToken(subject: string, additionalAuthenticationData: AdditionalAuthenticationData): Promise<TokenResult<AdditionalTokenPayload>>;
     endSession(sessionId: string): Promise<void>;
-    refresh(sessionId: string, refreshToken: string, additionalAuthenticationData: AdditionalAuthenticationData): Promise<AuthenticationResult>;
+    refresh(refreshToken: string, additionalAuthenticationData: AdditionalAuthenticationData): Promise<TokenResult<AdditionalTokenPayload>>;
     validateToken(token: string): Promise<Token<AdditionalTokenPayload>>;
+    validateRefreshToken(token: string): Promise<RefreshToken>;
     private createToken;
     private createRefreshToken;
+    private deriveSigningSecrets;
     private getHash;
 }