@tstdl/base 0.90.37 → 0.90.39
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/authentication/authentication.api.d.ts +3 -3
- package/authentication/authentication.api.js +2 -2
- package/authentication/client/authentication.service.d.ts +5 -1
- package/authentication/client/authentication.service.js +45 -7
- package/authentication/server/helper.d.ts +1 -1
- package/authentication/server/helper.js +2 -2
- package/package.json +1 -1
|
@@ -42,8 +42,8 @@ export declare const authenticationApiDefinition: {
|
|
|
42
42
|
resource: string;
|
|
43
43
|
method: "POST";
|
|
44
44
|
parameters: ObjectSchema<{
|
|
45
|
-
data: unknown;
|
|
46
45
|
subject: string;
|
|
46
|
+
data: unknown;
|
|
47
47
|
}>;
|
|
48
48
|
result: ObjectSchema<TokenPayloadBase>;
|
|
49
49
|
credentials: true;
|
|
@@ -137,8 +137,8 @@ export declare function getAuthenticationApiDefinition<AdditionalTokenPayload ex
|
|
|
137
137
|
resource: string;
|
|
138
138
|
method: "POST";
|
|
139
139
|
parameters: ObjectSchema<{
|
|
140
|
-
data: AuthenticationData;
|
|
141
140
|
subject: string;
|
|
141
|
+
data: AuthenticationData;
|
|
142
142
|
}>;
|
|
143
143
|
result: ObjectSchema<TokenPayload<AdditionalTokenPayload>>;
|
|
144
144
|
credentials: true;
|
|
@@ -230,8 +230,8 @@ export declare function getAuthenticationApiEndpointsDefinition<AdditionalTokenP
|
|
|
230
230
|
resource: string;
|
|
231
231
|
method: "POST";
|
|
232
232
|
parameters: ObjectSchema<{
|
|
233
|
-
data: AuthenticationData;
|
|
234
233
|
subject: string;
|
|
234
|
+
data: AuthenticationData;
|
|
235
235
|
}>;
|
|
236
236
|
result: ObjectSchema<TokenPayload<AdditionalTokenPayload>>;
|
|
237
237
|
credentials: true;
|
|
@@ -53,8 +53,8 @@ export function getAuthenticationApiEndpointsDefinition(additionalTokenPayloadSc
|
|
|
53
53
|
resource: 'impersonate',
|
|
54
54
|
method: 'POST',
|
|
55
55
|
parameters: explicitObject({
|
|
56
|
-
|
|
57
|
-
|
|
56
|
+
subject: string(),
|
|
57
|
+
data: authenticationDataSchema
|
|
58
58
|
}),
|
|
59
59
|
result: tokenResultSchema,
|
|
60
60
|
credentials: true,
|
|
@@ -10,7 +10,7 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
|
|
|
10
10
|
private readonly tokenUpdateBus;
|
|
11
11
|
private readonly loggedOutBus;
|
|
12
12
|
private readonly forceRefreshToken;
|
|
13
|
-
private readonly
|
|
13
|
+
private readonly lock;
|
|
14
14
|
private readonly logger;
|
|
15
15
|
private readonly disposeToken;
|
|
16
16
|
readonly error$: import("rxjs").Observable<Error>;
|
|
@@ -29,6 +29,8 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
|
|
|
29
29
|
readonly loggedOut$: import("rxjs").Observable<void>;
|
|
30
30
|
private get authenticationData();
|
|
31
31
|
private set authenticationData(value);
|
|
32
|
+
private get impersonatorAuthenticationData();
|
|
33
|
+
private set impersonatorAuthenticationData(value);
|
|
32
34
|
get definedToken(): TokenPayload<AdditionalTokenPayload>;
|
|
33
35
|
get definedSubject(): string;
|
|
34
36
|
get definedSessionId(): string;
|
|
@@ -43,6 +45,8 @@ export declare class AuthenticationClientService<AdditionalTokenPayload extends
|
|
|
43
45
|
logout(): Promise<void>;
|
|
44
46
|
requestRefresh(data?: AuthenticationData): void;
|
|
45
47
|
refresh(data?: AuthenticationData): Promise<void>;
|
|
48
|
+
impersonate(subject: string, data?: AuthenticationData): Promise<void>;
|
|
49
|
+
unimpersonate(data?: AuthenticationData): Promise<void>;
|
|
46
50
|
initResetSecret(subject: string, data: AdditionalInitSecretResetData): Promise<void>;
|
|
47
51
|
resetSecret(token: string, newSecret: string): Promise<void>;
|
|
48
52
|
checkSecret(secret: string): Promise<SecretCheckResult>;
|
|
@@ -30,6 +30,7 @@ import { assertDefinedPass, isDefined, isNullOrUndefined, isString, isUndefined
|
|
|
30
30
|
import { AUTHENTICATION_API_CLIENT, INITIAL_AUTHENTICATION_DATA } from './tokens.js';
|
|
31
31
|
const tokenStorageKey = 'AuthenticationService:token';
|
|
32
32
|
const authenticationDataStorageKey = 'AuthenticationService:authentication-data';
|
|
33
|
+
const impersonatorAuthenticationDataStorageKey = 'AuthenticationService:impersonator-authentication-data';
|
|
33
34
|
const tokenUpdateBusName = 'AuthenticationService:tokenUpdate';
|
|
34
35
|
const loggedOutBusName = 'AuthenticationService:loggedOut';
|
|
35
36
|
const refreshLockResource = 'AuthenticationService:refresh';
|
|
@@ -39,7 +40,7 @@ let AuthenticationClientService = class AuthenticationClientService {
|
|
|
39
40
|
tokenUpdateBus = inject((MessageBus), tokenUpdateBusName);
|
|
40
41
|
loggedOutBus = inject((MessageBus), loggedOutBusName);
|
|
41
42
|
forceRefreshToken = new CancellationToken();
|
|
42
|
-
|
|
43
|
+
lock = inject(Lock, refreshLockResource);
|
|
43
44
|
logger = inject(Logger, 'AuthenticationService');
|
|
44
45
|
disposeToken = new CancellationToken();
|
|
45
46
|
error$ = this.errorSubject.asObservable();
|
|
@@ -69,6 +70,19 @@ let AuthenticationClientService = class AuthenticationClientService {
|
|
|
69
70
|
localStorage.setItem(authenticationDataStorageKey, json);
|
|
70
71
|
}
|
|
71
72
|
}
|
|
73
|
+
get impersonatorAuthenticationData() {
|
|
74
|
+
const data = localStorage.getItem(impersonatorAuthenticationDataStorageKey);
|
|
75
|
+
return isNullOrUndefined(data) ? undefined : JSON.parse(data);
|
|
76
|
+
}
|
|
77
|
+
set impersonatorAuthenticationData(data) {
|
|
78
|
+
if (isUndefined(data)) {
|
|
79
|
+
localStorage.removeItem(impersonatorAuthenticationDataStorageKey);
|
|
80
|
+
}
|
|
81
|
+
else {
|
|
82
|
+
const json = JSON.stringify(data);
|
|
83
|
+
localStorage.setItem(impersonatorAuthenticationDataStorageKey, json);
|
|
84
|
+
}
|
|
85
|
+
}
|
|
72
86
|
get definedToken() {
|
|
73
87
|
return assertDefinedPass(this.token(), 'No token available.');
|
|
74
88
|
}
|
|
@@ -144,6 +158,35 @@ let AuthenticationClientService = class AuthenticationClientService {
|
|
|
144
158
|
throw error;
|
|
145
159
|
}
|
|
146
160
|
}
|
|
161
|
+
async impersonate(subject, data) {
|
|
162
|
+
await this.lock.use(10000, true, async () => {
|
|
163
|
+
this.impersonatorAuthenticationData = this.authenticationData;
|
|
164
|
+
this.authenticationData = data;
|
|
165
|
+
try {
|
|
166
|
+
const token = await this.client.impersonate({ subject, data: data });
|
|
167
|
+
this.setNewToken(token);
|
|
168
|
+
}
|
|
169
|
+
catch (error) {
|
|
170
|
+
await this.handleRefreshError(error);
|
|
171
|
+
throw error;
|
|
172
|
+
}
|
|
173
|
+
});
|
|
174
|
+
}
|
|
175
|
+
async unimpersonate(data) {
|
|
176
|
+
await this.lock.use(10000, true, async () => {
|
|
177
|
+
const newData = data ?? this.impersonatorAuthenticationData;
|
|
178
|
+
try {
|
|
179
|
+
const token = await this.client.unimpersonate({ data: newData });
|
|
180
|
+
this.authenticationData = newData;
|
|
181
|
+
this.impersonatorAuthenticationData = undefined;
|
|
182
|
+
this.setNewToken(token);
|
|
183
|
+
}
|
|
184
|
+
catch (error) {
|
|
185
|
+
await this.handleRefreshError(error);
|
|
186
|
+
throw error;
|
|
187
|
+
}
|
|
188
|
+
});
|
|
189
|
+
}
|
|
147
190
|
async initResetSecret(subject, data) {
|
|
148
191
|
await this.client.initSecretReset({ subject, data });
|
|
149
192
|
}
|
|
@@ -180,12 +223,7 @@ let AuthenticationClientService = class AuthenticationClientService {
|
|
|
180
223
|
async refreshLoop() {
|
|
181
224
|
while (this.disposeToken.isUnset) {
|
|
182
225
|
try {
|
|
183
|
-
|
|
184
|
-
await this.refreshLock.use(0, false, async () => this.refreshLoopIteration());
|
|
185
|
-
}
|
|
186
|
-
else {
|
|
187
|
-
await this.refreshLoopIteration();
|
|
188
|
-
}
|
|
226
|
+
await this.lock.use(0, false, async () => this.refreshLoopIteration());
|
|
189
227
|
await firstValueFrom(race([timer(2500), this.disposeToken, this.forceRefreshToken]));
|
|
190
228
|
}
|
|
191
229
|
catch {
|
|
@@ -7,7 +7,7 @@ import type { RefreshToken, SecretResetToken, Token } from '../models/index.js';
|
|
|
7
7
|
* @param cookieName (default "authorization")
|
|
8
8
|
* @returns token string
|
|
9
9
|
*/
|
|
10
|
-
export declare function tryGetAuthorizationTokenStringFromRequest(request: HttpServerRequest, cookieName?: string,
|
|
10
|
+
export declare function tryGetAuthorizationTokenStringFromRequest(request: HttpServerRequest, cookieName?: string, fromCookieOnly?: boolean): string | undefined;
|
|
11
11
|
export declare function tryGetTokenFromRequest<AdditionalTokenPayload extends Record = Record<never>>(request: HttpServerRequest, tokenVersion: number, secret: string | BinaryData): Promise<Token<AdditionalTokenPayload> | undefined>;
|
|
12
12
|
export declare function getTokenFromRequest<AdditionalTokenPayload extends Record = Record<never>>(request: HttpServerRequest, tokenVersion: number, secret: string | BinaryData): Promise<Token<AdditionalTokenPayload>>;
|
|
13
13
|
export declare function getTokenFromString<AdditionalTokenPayload extends Record = Record<never>>(tokenString: string, tokenVersion: number, secret: string | BinaryData): Promise<Token<AdditionalTokenPayload>>;
|
|
@@ -9,8 +9,8 @@ import { isArray, isDefined, isUndefined } from '../../utils/type-guards.js';
|
|
|
9
9
|
* @param cookieName (default "authorization")
|
|
10
10
|
* @returns token string
|
|
11
11
|
*/
|
|
12
|
-
export function tryGetAuthorizationTokenStringFromRequest(request, cookieName = 'authorization',
|
|
13
|
-
const authorizationHeaders =
|
|
12
|
+
export function tryGetAuthorizationTokenStringFromRequest(request, cookieName = 'authorization', fromCookieOnly = false) {
|
|
13
|
+
const authorizationHeaders = (fromCookieOnly || (cookieName.toLocaleLowerCase() != 'authorization')) ? undefined : request.headers.tryGet('Authorization');
|
|
14
14
|
const authorizationString = (isArray(authorizationHeaders) ? authorizationHeaders[0] : authorizationHeaders)
|
|
15
15
|
?? request.cookies.tryGet(cookieName);
|
|
16
16
|
if (isDefined(authorizationString)) {
|