npm - @tstdl/base - Versions diffs - 0.93.1 → 0.93.3 - Mend

@tstdl/base 0.93.1 → 0.93.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (181) hide show

package/audit/drizzle/meta/0000_snapshot.json ADDED Viewed

@@ -0,0 +1,195 @@
+{
+  "id": "8f6c87f8-1692-49bd-9bd4-09dc9d0bdcd4",
+  "prevId": "00000000-0000-0000-0000-000000000000",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "audit.event": {
+      "name": "event",
+      "schema": "audit",
+      "columns": {
+        "id": {
+          "name": "id",
+          "type": "uuid",
+          "primaryKey": true,
+          "notNull": true,
+          "default": "gen_random_uuid()"
+        },
+        "timestamp": {
+          "name": "timestamp",
+          "type": "timestamp with time zone",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "tenant_id": {
+          "name": "tenant_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "correlation_id": {
+          "name": "correlation_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "module": {
+          "name": "module",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "action": {
+          "name": "action",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "outcome": {
+          "name": "outcome",
+          "type": "audit_outcome",
+          "typeSchema": "audit",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "severity": {
+          "name": "severity",
+          "type": "audit_severity",
+          "typeSchema": "audit",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "actor_type": {
+          "name": "actor_type",
+          "type": "actor_type",
+          "typeSchema": "audit",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "actor": {
+          "name": "actor",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "impersonator_type": {
+          "name": "impersonator_type",
+          "type": "actor_type",
+          "typeSchema": "audit",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "impersonator": {
+          "name": "impersonator",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "target_type": {
+          "name": "target_type",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "target_id": {
+          "name": "target_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "network_path": {
+          "name": "network_path",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": true
+        },
+        "network_ip_address": {
+          "name": "network_ip_address",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "network_user_agent": {
+          "name": "network_user_agent",
+          "type": "text",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "network_session_id": {
+          "name": "network_session_id",
+          "type": "uuid",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "changes_before": {
+          "name": "changes_before",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "changes_after": {
+          "name": "changes_after",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        },
+        "details": {
+          "name": "details",
+          "type": "jsonb",
+          "primaryKey": false,
+          "notNull": false
+        }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": {},
+      "policies": {},
+      "checkConstraints": {},
+      "isRLSEnabled": false
+    }
+  },
+  "enums": {
+    "audit.actor_type": {
+      "name": "actor_type",
+      "schema": "audit",
+      "values": [
+        "anonymous",
+        "system",
+        "api-key",
+        "user"
+      ]
+    },
+    "audit.audit_outcome": {
+      "name": "audit_outcome",
+      "schema": "audit",
+      "values": [
+        "pending",
+        "success",
+        "cancelled",
+        "failure",
+        "denied"
+      ]
+    },
+    "audit.audit_severity": {
+      "name": "audit_severity",
+      "schema": "audit",
+      "values": [
+        "info",
+        "warn",
+        "error",
+        "critical"
+      ]
+    }
+  },
+  "schemas": {},
+  "sequences": {},
+  "roles": {},
+  "policies": {},
+  "views": {},
+  "_meta": {
+    "columns": {},
+    "schemas": {},
+    "tables": {}
+  }
+}

package/audit/drizzle/meta/_journal.json ADDED Viewed

@@ -0,0 +1,13 @@
+{
+  "version": "7",
+  "dialect": "postgresql",
+  "entries": [
+    {
+      "idx": 0,
+      "version": "7",
+      "when": 1758041172363,
+      "tag": "0000_bored_stick",
+      "breakpoints": true
+    }
+  ]
+}

package/audit/drizzle.config.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ declare const _default: import("drizzle-kit").Config;
2	+ export default _default;

package/audit/drizzle.config.js ADDED Viewed

@@ -0,0 +1,11 @@
+import { relative, resolve } from 'node:path';
+import { defineConfig } from 'drizzle-kit';
+export default defineConfig({
+    dialect: 'postgresql',
+    out: relative('./', resolve(__dirname, './drizzle/').replace('dist', 'source')),
+    schema: resolve(__dirname, './schemas.js'),
+    migrations: {
+        schema: 'audit',
+        table: '_migrations',
+    },
+});

package/audit/index.d.ts CHANGED Viewed

@@ -1,3 +1,5 @@
-export * from './auditor.js';
 export * from './audit.model.js';
+export * from './auditor.js';
+export * from './module.js';
+export * from './schemas.js';
 export * from './types.js';

package/audit/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
-export * from './auditor.js';
 export * from './audit.model.js';
+export * from './auditor.js';
+export * from './module.js';
+export * from './schemas.js';
 export * from './types.js';

package/audit/module.d.ts ADDED Viewed

@@ -0,0 +1,22 @@
+import { type DatabaseConfig } from '../orm/server/index.js';
+/**
+ * Configuration for {@link configureAuditServer}.
+ */
+export declare class AuditModuleConfig {
+    /**
+     * Database configuration for audit module.
+     * If not provided, the global database configuration is used.
+     */
+    database?: DatabaseConfig;
+}
+/**
+ * Configures audit server services.
+ * @param config Configuration.
+ */
+export declare function configureAuditServer(config: AuditModuleConfig): void;
+/**
+ * Migrates the audit database schema to the latest version.
+ * It uses the database connection provided with {@link configureAuditServer},
+ * or falls back to the globally configured database if no specific configuration is provided.
+ */
+export declare function migrateAuditSchema(): Promise<void>;

package/audit/module.js ADDED Viewed

@@ -0,0 +1,33 @@
+import { inject, Injector } from '../injector/index.js';
+import { Database, migrate } from '../orm/server/index.js';
+/**
+ * Configuration for {@link configureAuditServer}.
+ */
+export class AuditModuleConfig {
+    /**
+     * Database configuration for audit module.
+     * If not provided, the global database configuration is used.
+     */
+    database;
+}
+/**
+ * Configures audit server services.
+ * @param config Configuration.
+ */
+export function configureAuditServer(config) {
+    Injector.register(AuditModuleConfig, { useValue: config });
+}
+/**
+ * Migrates the audit database schema to the latest version.
+ * It uses the database connection provided with {@link configureAuditServer},
+ * or falls back to the globally configured database if no specific configuration is provided.
+ */
+export async function migrateAuditSchema() {
+    const connection = inject(AuditModuleConfig, undefined, { optional: true })?.database?.connection;
+    const database = inject(Database, connection);
+    await migrate(database, {
+        migrationsSchema: 'audit',
+        migrationsTable: '_migrations',
+        migrationsFolder: import.meta.resolve('./drizzle').replace('file://', ''),
+    });
+}

package/audit/schemas.d.ts ADDED Viewed

@@ -0,0 +1,6 @@
+import { AuditEvent } from './audit.model.js';
+export declare const auditSchema: import("../orm/server/index.js").DatabaseSchema<"audit">;
+export declare const auditOutcome: import("drizzle-orm/pg-core").PgEnum<["pending", "success", "cancelled", "failure", "denied"]>;
+export declare const auditSeverity: import("drizzle-orm/pg-core").PgEnum<["error", "warn", "info", "critical"]>;
+export declare const actorType: import("drizzle-orm/pg-core").PgEnum<["user", "anonymous", "system", "api-key"]>;
+export declare const auditEvent: import("../orm/server/types.js").PgTableFromType<typeof AuditEvent, "audit">;

package/audit/schemas.js ADDED Viewed

@@ -0,0 +1,8 @@
+import { databaseSchema } from '../orm/server/index.js';
+import { AuditEvent } from './audit.model.js';
+import { ActorType, AuditOutcome, AuditSeverity } from './types.js';
+export const auditSchema = databaseSchema('audit');
+export const auditOutcome = auditSchema.getEnum(AuditOutcome);
+export const auditSeverity = auditSchema.getEnum(AuditSeverity);
+export const actorType = auditSchema.getEnum(ActorType);
+export const auditEvent = auditSchema.getTable(AuditEvent);

package/audit/types.d.ts CHANGED Viewed

@@ -15,8 +15,9 @@ export declare const AuditOutcome: {
 };
 export type AuditOutcome = EnumType<typeof AuditOutcome>;
 export declare const ActorType: {
-    readonly User: "user";
+    readonly Anonymous: "anonymous";
     readonly System: "system";
     readonly ApiKey: "api-key";
+    readonly User: "user";
 };
 export type ActorType = EnumType<typeof ActorType>;

package/audit/types.js CHANGED Viewed

@@ -13,7 +13,8 @@ export const AuditOutcome = defineEnum('AuditOutcome', {
     Denied: 'denied',
 });
 export const ActorType = defineEnum('ActorType', {
-    User: 'user',
+    Anonymous: 'anonymous',
     System: 'system',
     ApiKey: 'api-key',
+    User: 'user',
 });

package/authentication/models/authentication-credentials.model.js CHANGED Viewed

@@ -7,8 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-import { Table } from '../../orm/decorators.js';
-import { Entity, Unique } from '../../orm/index.js';
+import { Entity, Table, Unique } from '../../orm/index.js';
 import { Integer, StringProperty, Uint8ArrayProperty } from '../../schema/index.js';
 let AuthenticationCredentials = class AuthenticationCredentials extends Entity {
     subject;

package/authentication/models/authentication-session.model.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-import { Entity } from '../../orm/entity.js';
-import { Timestamp } from '../../orm/types.js';
+import type { Timestamp } from '../../orm/index.js';
+import { Entity } from '../../orm/index.js';
 export declare class AuthenticationSession extends Entity {
     subject: string;
     begin: Timestamp;

package/authentication/models/authentication-session.model.js CHANGED Viewed

@@ -7,9 +7,7 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
 var __metadata = (this && this.__metadata) || function (k, v) {
     if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
 };
-import { Table } from '../../orm/decorators.js';
-import { Entity } from '../../orm/entity.js';
-import { Timestamp } from '../../orm/types.js';
+import { Entity, Table, TimestampProperty } from '../../orm/index.js';
 import { Integer, StringProperty, Uint8ArrayProperty } from '../../schema/index.js';
 let AuthenticationSession = class AuthenticationSession extends Entity {
     subject;
@@ -30,11 +28,11 @@ __decorate([
     __metadata("design:type", String)
 ], AuthenticationSession.prototype, "subject", void 0);
 __decorate([
-    Timestamp(),
+    TimestampProperty(),
     __metadata("design:type", Number)
 ], AuthenticationSession.prototype, "begin", void 0);
 __decorate([
-    Timestamp(),
+    TimestampProperty(),
     __metadata("design:type", Number)
 ], AuthenticationSession.prototype, "end", void 0);
 __decorate([

package/authentication/models/index.d.ts CHANGED Viewed

@@ -1,7 +1,6 @@
 export * from './authentication-credentials.model.js';
 export * from './authentication-session.model.js';
 export * from './init-secret-reset-data.model.js';
-export * from './schemas.js';
 export * from './secret-check-result.model.js';
 export * from './token-payload-base.model.js';
 export * from './token.model.js';

package/authentication/models/index.js CHANGED Viewed

@@ -1,7 +1,6 @@
 export * from './authentication-credentials.model.js';
 export * from './authentication-session.model.js';
 export * from './init-secret-reset-data.model.js';
-export * from './schemas.js';
 export * from './secret-check-result.model.js';
 export * from './token-payload-base.model.js';
 export * from './token.model.js';

package/authentication/server/authentication-api-request-token.provider.d.ts CHANGED Viewed

@@ -2,10 +2,10 @@ import type { ApiRequestData } from '../../api/index.js';
 import { ApiRequestTokenProvider } from '../../api/server/api-request-token.provider.js';
 import { AuthenticationService } from './authentication.service.js';
 /**
- * Provides the token for an API request from the authorization header.
+ * Provides the info for an API request from the authorization header.
  */
 export declare class AuthenticationApiRequestTokenProvider extends ApiRequestTokenProvider {
     private readonly authenticationService;
     constructor(authenticationService: AuthenticationService);
-    getToken<T>(data: ApiRequestData): Promise<T>;
+    tryGetToken<T>(data: ApiRequestData): Promise<T | null>;
 }

package/authentication/server/authentication-api-request-token.provider.js CHANGED Viewed

@@ -9,10 +9,11 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 };
 import { ApiRequestTokenProvider } from '../../api/server/api-request-token.provider.js';
 import { Singleton } from '../../injector/decorators.js';
+import { isUndefined } from '../../utils/type-guards.js';
 import { AuthenticationService } from './authentication.service.js';
 import { tryGetAuthorizationTokenStringFromRequest } from './helper.js';
 /**
- * Provides the token for an API request from the authorization header.
+ * Provides the info for an API request from the authorization header.
  */
 let AuthenticationApiRequestTokenProvider = class AuthenticationApiRequestTokenProvider extends ApiRequestTokenProvider {
     authenticationService;
@@ -20,10 +21,12 @@ let AuthenticationApiRequestTokenProvider = class AuthenticationApiRequestTokenP
         super();
         this.authenticationService = authenticationService;
     }
-    async getToken(data) {
-        const tokenString = tryGetAuthorizationTokenStringFromRequest(data.request) ?? '';
-        const token = await this.authenticationService.validateToken(tokenString);
-        return token;
+    async tryGetToken(data) {
+        const tokenString = tryGetAuthorizationTokenStringFromRequest(data.request);
+        if (isUndefined(tokenString)) {
+            return null;
+        }
+        return await this.authenticationService.validateToken(tokenString);
     }
 };
 AuthenticationApiRequestTokenProvider = __decorate([

package/authentication/server/authentication.api-controller.d.ts CHANGED Viewed

@@ -20,47 +20,47 @@ export declare class AuthenticationApiController<AdditionalTokenPayload extends
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    login({ parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'login'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'login'>>;
+    login({ parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'login'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'login'>>;
     /**
      * Refresh a token.
      * @param request The request context.
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    refresh({ request, parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'refresh'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'refresh'>>;
+    refresh({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'refresh'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'refresh'>>;
     /**
      * Impersonate a subject.
      * @param request The request context.
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    impersonate({ request, parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'impersonate'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'impersonate'>>;
+    impersonate({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'impersonate'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'impersonate'>>;
     /**
      * Unimpersonate a subject.
      * @param request The request context.
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    unimpersonate({ request, parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'unimpersonate'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'unimpersonate'>>;
+    unimpersonate({ request, parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'unimpersonate'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'unimpersonate'>>;
     /**
      * End a session.
      * @param request The request context.
      * @returns 'ok' if the session was ended.
      */
-    endSession({ request }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'endSession'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'endSession'>>;
-    changeSecret({ parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'changeSecret'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'changeSecret'>>;
+    endSession({ request, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'endSession'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'endSession'>>;
+    changeSecret({ parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'changeSecret'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'changeSecret'>>;
     /**
      * Initialize a secret reset.
      * @param parameters The parameters for the request.
      * @returns 'ok' if the secret reset was initialized.
      */
-    initSecretReset({ parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'initSecretReset'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'initSecretReset'>>;
+    initSecretReset({ parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'initSecretReset'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'initSecretReset'>>;
     /**
      * Reset a secret.
      * @param parameters The parameters for the request.
      * @returns 'ok' if the secret was reset.
      */
-    resetSecret({ parameters }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'resetSecret'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'resetSecret'>>;
+    resetSecret({ parameters, getAuditor }: ApiRequestContext<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'resetSecret'>): Promise<ApiServerResult<AuthenticationApiDefinition<AdditionalTokenPayload, AuthenticationData, AdditionalInitSecretResetData>, 'resetSecret'>>;
     /**
      * Check a secret.
      * @param parameters The parameters for the request.

package/authentication/server/authentication.api-controller.js CHANGED Viewed

@@ -33,8 +33,8 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    async login({ parameters }) {
-        const result = await this.authenticationService.login(parameters.subject, parameters.secret, parameters.data);
+    async login({ parameters, getAuditor }) {
+        const result = await this.authenticationService.login(parameters.subject, parameters.secret, parameters.data, await getAuditor());
         return this.getTokenResponse(result);
     }
     /**
@@ -43,9 +43,9 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    async refresh({ request, parameters }) {
+    async refresh({ request, parameters, getAuditor }) {
         const refreshTokenString = tryGetAuthorizationTokenStringFromRequest(request, 'refreshToken') ?? '';
-        const result = await this.authenticationService.refresh(refreshTokenString, parameters.data);
+        const result = await this.authenticationService.refresh(refreshTokenString, parameters.data, undefined, await getAuditor());
         return this.getTokenResponse(result);
     }
     /**
@@ -54,10 +54,10 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    async impersonate({ request, parameters }) {
+    async impersonate({ request, parameters, getAuditor }) {
         const tokenString = tryGetAuthorizationTokenStringFromRequest(request) ?? '';
         const refreshTokenString = tryGetAuthorizationTokenStringFromRequest(request, 'refreshToken') ?? '';
-        const impersonatorResult = await this.authenticationService.impersonate(tokenString, refreshTokenString, parameters.subject, parameters.data);
+        const impersonatorResult = await this.authenticationService.impersonate(tokenString, refreshTokenString, parameters.subject, parameters.data, await getAuditor());
         return this.getTokenResponse(impersonatorResult);
     }
     /**
@@ -66,9 +66,9 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns The token result.
      */
-    async unimpersonate({ request, parameters }) {
+    async unimpersonate({ request, parameters, getAuditor }) {
         const impersonatorRefreshTokenString = tryGetAuthorizationTokenStringFromRequest(request, 'impersonatorRefreshToken') ?? '';
-        const result = await this.authenticationService.refresh(impersonatorRefreshTokenString, parameters.data, { omitImpersonator: true });
+        const result = await this.authenticationService.unimpersonate(impersonatorRefreshTokenString, parameters.data, await getAuditor());
         return this.getTokenResponse(result);
     }
     /**
@@ -76,7 +76,7 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param request The request context.
      * @returns 'ok' if the session was ended.
      */
-    async endSession({ request }) {
+    async endSession({ request, getAuditor }) {
         let sessionId;
         try {
             const tokenString = tryGetAuthorizationTokenStringFromRequest(request) ?? '';
@@ -93,7 +93,7 @@ let AuthenticationApiController = class AuthenticationApiController {
                 throw error;
             }
         }
-        await this.authenticationService.endSession(sessionId);
+        await this.authenticationService.endSession(sessionId, await getAuditor());
         const result = 'ok';
         return new HttpServerResponse({
             cookies: {
@@ -106,8 +106,8 @@ let AuthenticationApiController = class AuthenticationApiController {
             },
         });
     }
-    async changeSecret({ parameters }) {
-        await this.authenticationService.changeSecret(parameters.subject, parameters.currentSecret, parameters.newSecret);
+    async changeSecret({ parameters, getAuditor }) {
+        await this.authenticationService.changeSecret(parameters.subject, parameters.currentSecret, parameters.newSecret, await getAuditor());
         return 'ok';
     }
     /**
@@ -115,8 +115,8 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns 'ok' if the secret reset was initialized.
      */
-    async initSecretReset({ parameters }) {
-        await this.authenticationService.initSecretReset(parameters.subject, parameters.data);
+    async initSecretReset({ parameters, getAuditor }) {
+        await this.authenticationService.initSecretReset(parameters.subject, parameters.data, await getAuditor());
         return 'ok';
     }
     /**
@@ -124,8 +124,8 @@ let AuthenticationApiController = class AuthenticationApiController {
      * @param parameters The parameters for the request.
      * @returns 'ok' if the secret was reset.
      */
-    async resetSecret({ parameters }) {
-        await this.authenticationService.resetSecret(parameters.token, parameters.newSecret);
+    async resetSecret({ parameters, getAuditor }) {
+        await this.authenticationService.resetSecret(parameters.token, parameters.newSecret, await getAuditor());
         return 'ok';
     }
     /**

package/authentication/server/authentication.audit.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+export type AuthenticationAuditEvents = {
+    'login-success': {
+        sessionId: string;
+    };
+    'login-failure': {
+        providedSubject: string;
+    };
+    'logout': {
+        sessionId: string;
+    };
+    'refresh-success': {
+        sessionId: string;
+    };
+    'refresh-failure': {
+        reason: string;
+    };
+    'impersonate-success': {
+        impersonatedSubject: string;
+    };
+    'impersonate-failure': {
+        impersonatedSubject: string;
+        reason: string;
+    };
+    'unimpersonate-success': {};
+    'change-secret-success': {};
+    'change-secret-failure': {
+        providedSubject: string;
+    };
+    'init-secret-reset': {};
+    'reset-secret-success': {};
+    'reset-secret-failure': {
+        reason: string;
+    };
+};

package/authentication/server/authentication.audit.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};