@tstdl/base 0.84.16 → 0.84.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/authentication/server/authentication.service.d.ts +12 -1
  2. package/authentication/server/authentication.service.js +7 -7
  3. package/package.json +1 -1
package/authentication/server/authentication.service.d.ts CHANGED
@@ -8,6 +8,17 @@ import { AuthenticationSecretResetHandler } from './authentication-secret-reset.
8
8
  import { AuthenticationSessionRepository } from './authentication-session.repository.js';
9
9
  import { AuthenticationSubjectResolver } from './authentication-subject.resolver.js';
10
10
  import { AuthenticationTokenPayloadProvider } from './authentication-token-payload.provider.js';
11
+ export type CreateTokenData<AdditionalTokenPayload extends Record> = {
12
+ tokenVersion?: number;
13
+ jwtId?: string;
14
+ issuedAt?: number;
15
+ expiration?: number;
16
+ additionalTokenPayload: AdditionalTokenPayload;
17
+ subject: string;
18
+ sessionId: string;
19
+ refreshTokenExpiration: number;
20
+ timestamp: number;
21
+ };
11
22
  export declare class AuthenticationServiceOptions {
12
23
  /**
13
24
  * Secrets used for signing tokens and refreshTokens
@@ -81,7 +92,7 @@ export declare class AuthenticationService<AdditionalTokenPayload extends Record
81
92
  validateSecretResetToken(token: string): Promise<SecretResetToken>;
82
93
  resolveSubject(subject: string): Promise<string>;
83
94
  /** Creates a token without session or refresh token and is not saved in database */
84
- createToken(additionalTokenPayload: AdditionalTokenPayload, subject: string, sessionId: string, refreshTokenExpiration: number, timestamp: number): Promise<CreateTokenResult<AdditionalTokenPayload>>;
95
+ createToken({ tokenVersion, jwtId, issuedAt, expiration, additionalTokenPayload, subject, sessionId, refreshTokenExpiration, timestamp }: CreateTokenData<AdditionalTokenPayload>): Promise<CreateTokenResult<AdditionalTokenPayload>>;
85
96
  /** Creates a refresh token without session or something else. */
86
97
  createRefreshToken(subject: string, sessionId: string, expirationTimestamp: number): Promise<CreateRefreshTokenResult>;
87
98
  private createSecretResetToken;
package/authentication/server/authentication.service.js CHANGED
@@ -155,7 +155,7 @@ let AuthenticationService = class AuthenticationService2 {
155
155
  refreshTokenHash: new Uint8Array()
156
156
  });
157
157
  const tokenPayload = await this.tokenPayloadProvider?.getTokenPayload(actualSubject, authenticationData, { action: import_authentication_token_payload_provider.GetTokenPayloadContextAction.GetToken });
158
- const { token, jsonToken } = await this.createToken(tokenPayload, actualSubject, session.id, end, now);
158
+ const { token, jsonToken } = await this.createToken({ additionalTokenPayload: tokenPayload, subject: actualSubject, sessionId: session.id, refreshTokenExpiration: end, timestamp: now });
159
159
  const refreshToken = await this.createRefreshToken(actualSubject, session.id, end);
160
160
  await this.sessionRepository.extend(session.id, {
161
161
  end,
@@ -183,7 +183,7 @@ let AuthenticationService = class AuthenticationService2 {
183
183
  const now = (0, import_date_time.currentTimestamp)();
184
184
  const newEnd = now + this.refreshTokenTimeToLive;
185
185
  const tokenPayload = await this.tokenPayloadProvider?.getTokenPayload(session.subject, authenticationData, { action: import_authentication_token_payload_provider.GetTokenPayloadContextAction.Refresh });
186
- const { token, jsonToken } = await this.createToken(tokenPayload, session.subject, sessionId, newEnd, now);
186
+ const { token, jsonToken } = await this.createToken({ additionalTokenPayload: tokenPayload, subject: session.subject, sessionId, refreshTokenExpiration: newEnd, timestamp: now });
187
187
  const newRefreshToken = await this.createRefreshToken(validatedToken.payload.subject, sessionId, newEnd);
188
188
  await this.sessionRepository.extend(sessionId, {
189
189
  end: newEnd,
@@ -225,16 +225,16 @@ let AuthenticationService = class AuthenticationService2 {
225
225
  return this.subjectResolver?.resolveSubject(subject) ?? subject;
226
226
  }
227
227
  /** Creates a token without session or refresh token and is not saved in database */
228
- async createToken(additionalTokenPayload, subject, sessionId, refreshTokenExpiration, timestamp) {
228
+ async createToken({ tokenVersion, jwtId, issuedAt, expiration, additionalTokenPayload, subject, sessionId, refreshTokenExpiration, timestamp }) {
229
229
  const header = {
230
- v: this.tokenVersion,
230
+ v: tokenVersion ?? this.tokenVersion,
231
231
  alg: "HS256",
232
232
  typ: "JWT"
233
233
  };
234
234
  const payload = {
235
- jti: (0, import_random.getRandomString)(24, import_alphabet.Alphabet.LowerUpperCaseNumbers),
236
- iat: (0, import_date_time.timestampToTimestampSeconds)(timestamp),
237
- exp: (0, import_date_time.timestampToTimestampSeconds)(timestamp + this.tokenTimeToLive),
235
+ jti: jwtId ?? (0, import_random.getRandomString)(24, import_alphabet.Alphabet.LowerUpperCaseNumbers),
236
+ iat: issuedAt ?? (0, import_date_time.timestampToTimestampSeconds)(timestamp),
237
+ exp: expiration ?? (0, import_date_time.timestampToTimestampSeconds)(timestamp + this.tokenTimeToLive),
238
238
  refreshTokenExp: (0, import_date_time.timestampToTimestampSeconds)(refreshTokenExpiration),
239
239
  sessionId,
240
240
  subject,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@tstdl/base",
3
- "version": "0.84.16",
3
+ "version": "0.84.18",
4
4
  "author": "Patrick Hein",
5
5
  "publishConfig": {
6
6
  "access": "public"