@twin.org/api-auth-entity-storage-service 0.0.1-next.2 → 0.0.1-next.20

package/dist/cjs/index.cjs

@@ -120,12 +120,13 @@ class TokenHelper {
      * @returns The token if found.
      */
     static extractTokenFromHeaders(headers, cookieName) {
-        const cookiesHeader = headers?.cookie;
-        let token;
-        let location;
-        if (core.Is.string(headers?.authorization) && headers.authorization.startsWith("Bearer ")) {
-            token = headers.authorization.slice(7).trim();
-            location = "authorization";
+        const authHeader = headers?.[web.HeaderTypes.Authorization];
+        const cookiesHeader = headers?.[web.HeaderTypes.Cookie];
+        if (core.Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
+            return {
+                token: authHeader.slice(7).trim(),
+                location: "authorization"
+            };
         }
         else if (core.Is.notEmpty(cookiesHeader) && core.Is.stringValue(cookieName)) {
             const cookies = core.Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
@@ -136,17 +137,14 @@ class TokenHelper {
                         .map(c => c.trim())
                         .find(c => c.startsWith(cookieName));
                     if (core.Is.stringValue(accessTokenCookie)) {
-                        token = accessTokenCookie.slice(cookieName.length + 1).trim();
-                        location = "cookie";
-                        break;
+                        return {
+                            token: accessTokenCookie.slice(cookieName.length + 1).trim(),
+                            location: "cookie"
+                        };
                     }
                 }
             }
         }
-        return {
-            token,
-            location
-        };
     }
 }
 
@@ -218,10 +216,10 @@ class AuthHeaderProcessor {
         if (!core.Is.empty(route) && !(route.skipAuth ?? false)) {
             try {
                 const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
-                const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation.token);
+                const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
                 requestIdentity.userIdentity = headerAndPayload.payload?.sub;
-                processorState.authToken = tokenAndLocation.token;
-                processorState.authTokenLocation = tokenAndLocation.location;
+                processorState.authToken = tokenAndLocation?.token;
+                processorState.authTokenLocation = tokenAndLocation?.location;
             }
             catch (err) {
                 const error = core.BaseError.fromError(err);
@@ -246,13 +244,13 @@ class AuthHeaderProcessor {
             if ((responseAuthOperation === "login" || responseAuthOperation === "refresh") &&
                 core.Is.stringValue(response.body?.token)) {
                 response.headers ??= {};
-                response.headers["Set-Cookie"] =
+                response.headers[web.HeaderTypes.SetCookie] =
                     `${this._cookieName}=${response.body.token}; Secure; HttpOnly; SameSite=None; Path=/`;
                 delete response.body.token;
             }
             else if (responseAuthOperation === "logout") {
                 response.headers ??= {};
-                response.headers["Set-Cookie"] =
+                response.headers[web.HeaderTypes.SetCookie] =
                     `${this._cookieName}=; Max-Age=0; Secure; HttpOnly; SameSite=None; Path=/`;
             }
         }
@@ -504,6 +502,10 @@ class PasswordHelper {
  * Implementation of the authentication component using entity storage.
  */
 class EntityStorageAuthenticationService {
+    /**
+     * The namespace supported by the authentication service.
+     */
+    static NAMESPACE = "authentication-entity-storage";
     /**
      * Default TTL in minutes.
      * @internal

package/dist/esm/index.mjs

@@ -2,7 +2,7 @@ import { property, entity, EntitySchemaFactory, EntitySchemaHelper } from '@twin
 import { HttpErrorHelper } from '@twin.org/api-models';
 import { Is, UnauthorizedError, Guards, BaseError, ComponentFactory, Converter, GeneralError } from '@twin.org/core';
 import { VaultConnectorFactory } from '@twin.org/vault-models';
-import { Jwt, JwtAlgorithms, HttpStatusCode } from '@twin.org/web';
+import { Jwt, JwtAlgorithms, HeaderTypes, HttpStatusCode } from '@twin.org/web';
 import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
 import { Blake2b } from '@twin.org/crypto';
 
@@ -118,12 +118,13 @@ class TokenHelper {
      * @returns The token if found.
      */
     static extractTokenFromHeaders(headers, cookieName) {
-        const cookiesHeader = headers?.cookie;
-        let token;
-        let location;
-        if (Is.string(headers?.authorization) && headers.authorization.startsWith("Bearer ")) {
-            token = headers.authorization.slice(7).trim();
-            location = "authorization";
+        const authHeader = headers?.[HeaderTypes.Authorization];
+        const cookiesHeader = headers?.[HeaderTypes.Cookie];
+        if (Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
+            return {
+                token: authHeader.slice(7).trim(),
+                location: "authorization"
+            };
         }
         else if (Is.notEmpty(cookiesHeader) && Is.stringValue(cookieName)) {
             const cookies = Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
@@ -134,17 +135,14 @@ class TokenHelper {
                         .map(c => c.trim())
                         .find(c => c.startsWith(cookieName));
                     if (Is.stringValue(accessTokenCookie)) {
-                        token = accessTokenCookie.slice(cookieName.length + 1).trim();
-                        location = "cookie";
-                        break;
+                        return {
+                            token: accessTokenCookie.slice(cookieName.length + 1).trim(),
+                            location: "cookie"
+                        };
                     }
                 }
             }
         }
-        return {
-            token,
-            location
-        };
     }
 }
 
@@ -216,10 +214,10 @@ class AuthHeaderProcessor {
         if (!Is.empty(route) && !(route.skipAuth ?? false)) {
             try {
                 const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
-                const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation.token);
+                const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
                 requestIdentity.userIdentity = headerAndPayload.payload?.sub;
-                processorState.authToken = tokenAndLocation.token;
-                processorState.authTokenLocation = tokenAndLocation.location;
+                processorState.authToken = tokenAndLocation?.token;
+                processorState.authTokenLocation = tokenAndLocation?.location;
             }
             catch (err) {
                 const error = BaseError.fromError(err);
@@ -244,13 +242,13 @@ class AuthHeaderProcessor {
             if ((responseAuthOperation === "login" || responseAuthOperation === "refresh") &&
                 Is.stringValue(response.body?.token)) {
                 response.headers ??= {};
-                response.headers["Set-Cookie"] =
+                response.headers[HeaderTypes.SetCookie] =
                     `${this._cookieName}=${response.body.token}; Secure; HttpOnly; SameSite=None; Path=/`;
                 delete response.body.token;
             }
             else if (responseAuthOperation === "logout") {
                 response.headers ??= {};
-                response.headers["Set-Cookie"] =
+                response.headers[HeaderTypes.SetCookie] =
                     `${this._cookieName}=; Max-Age=0; Secure; HttpOnly; SameSite=None; Path=/`;
             }
         }
@@ -502,6 +500,10 @@ class PasswordHelper {
  * Implementation of the authentication component using entity storage.
  */
 class EntityStorageAuthenticationService {
+    /**
+     * The namespace supported by the authentication service.
+     */
+    static NAMESPACE = "authentication-entity-storage";
     /**
      * Default TTL in minutes.
      * @internal

package/dist/types/processors/authHeaderProcessor.d.ts

@@ -1,9 +1,9 @@
-import { type IHttpRequestIdentity, type IHttpResponse, type IHttpRestRouteProcessor, type IHttpServerRequest, type IRestRoute } from "@twin.org/api-models";
+import { type IBaseRoute, type IBaseRouteProcessor, type IHttpRequestIdentity, type IHttpResponse, type IHttpServerRequest } from "@twin.org/api-models";
 import type { IAuthHeaderProcessorConfig } from "../models/IAuthHeaderProcessorConfig";
 /**
  * Handle a JWT token in the authorization header or cookies and validate it to populate request context identity.
  */
-export declare class AuthHeaderProcessor implements IHttpRestRouteProcessor {
+export declare class AuthHeaderProcessor implements IBaseRouteProcessor {
     /**
      * Runtime name for the class.
      */
@@ -33,7 +33,7 @@ export declare class AuthHeaderProcessor implements IHttpRestRouteProcessor {
      * @param requestIdentity The identity context for the request.
      * @param processorState The state handed through the processors.
      */
-    pre(request: IHttpServerRequest, response: IHttpResponse, route: IRestRoute | undefined, requestIdentity: IHttpRequestIdentity, processorState: {
+    pre(request: IHttpServerRequest, response: IHttpResponse, route: IBaseRoute | undefined, requestIdentity: IHttpRequestIdentity, processorState: {
         [id: string]: unknown;
     }): Promise<void>;
     /**
@@ -44,7 +44,7 @@ export declare class AuthHeaderProcessor implements IHttpRestRouteProcessor {
      * @param requestIdentity The identity context for the request.
      * @param processorState The state handed through the processors.
      */
-    post(request: IHttpServerRequest, response: IHttpResponse, route: IRestRoute | undefined, requestIdentity: IHttpRequestIdentity, processorState: {
+    post(request: IHttpServerRequest, response: IHttpResponse, route: IBaseRoute | undefined, requestIdentity: IHttpRequestIdentity, processorState: {
         [id: string]: unknown;
     }): Promise<void>;
 }

package/dist/types/services/entityStorageAuthenticationService.d.ts

@@ -4,6 +4,10 @@ import type { IEntityStorageAuthenticationServiceConfig } from "../models/IEntit
  * Implementation of the authentication component using entity storage.
  */
 export declare class EntityStorageAuthenticationService implements IAuthenticationComponent {
+    /**
+     * The namespace supported by the authentication service.
+     */
+    static readonly NAMESPACE: string;
     /**
      * Runtime name for the class.
      */

package/dist/types/utils/tokenHelper.d.ts

@@ -35,7 +35,7 @@ export declare class TokenHelper {
      * @returns The token if found.
      */
     static extractTokenFromHeaders(headers?: IHttpHeaders, cookieName?: string): {
-        token: string | undefined;
-        location: "authorization" | "cookie" | undefined;
-    };
+        token: string;
+        location: "authorization" | "cookie";
+    } | undefined;
 }

package/docs/changelog.md

@@ -1,5 +1,5 @@
 # @twin.org/api-auth-entity-storage-service - Changelog
 
-## v0.0.1-next.2
+## v0.0.1-next.20
 
 - Initial Release

package/docs/reference/classes/AuthHeaderProcessor.md

@@ -4,7 +4,7 @@ Handle a JWT token in the authorization header or cookies and validate it to pop
 
 ## Implements
 
-- `IHttpRestRouteProcessor`
+- `IBaseRouteProcessor`
 
 ## Constructors
 
@@ -42,7 +42,7 @@ Runtime name for the class.
 
 #### Implementation of
 
-`IHttpRestRouteProcessor.CLASS_NAME`
+`IBaseRouteProcessor.CLASS_NAME`
 
 ## Methods
 
@@ -70,7 +70,7 @@ Nothing.
 
 #### Implementation of
 
-`IHttpRestRouteProcessor.start`
+`IBaseRouteProcessor.start`
 
 ***
 
@@ -90,7 +90,7 @@ The incoming request.
 
 The outgoing response.
 
-• **route**: `undefined` \| `IRestRoute`\<`any`, `any`\>
+• **route**: `undefined` \| `IBaseRoute`
 
 The route to process.
 
@@ -108,7 +108,7 @@ The state handed through the processors.
 
 #### Implementation of
 
-`IHttpRestRouteProcessor.pre`
+`IBaseRouteProcessor.pre`
 
 ***
 
@@ -128,7 +128,7 @@ The incoming request.
 
 The outgoing response.
 
-• **route**: `undefined` \| `IRestRoute`\<`any`, `any`\>
+• **route**: `undefined` \| `IBaseRoute`
 
 The route to process.
 
@@ -146,4 +146,4 @@ The state handed through the processors.
 
 #### Implementation of
 
-`IHttpRestRouteProcessor.post`
+`IBaseRouteProcessor.post`

package/docs/reference/classes/EntityStorageAuthenticationService.md

@@ -38,6 +38,14 @@ The configuration for the authentication.
 
 ## Properties
 
+### NAMESPACE
+
+> `readonly` `static` **NAMESPACE**: `string` = `"authentication-entity-storage"`
+
+The namespace supported by the authentication service.
+
+***
+
 ### CLASS\_NAME
 
 > `readonly` **CLASS\_NAME**: `string`

package/docs/reference/classes/TokenHelper.md

@@ -96,7 +96,7 @@ UnauthorizedError if the token is missing, invalid or expired.
 
 ### extractTokenFromHeaders()
 
-> `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `object`
+> `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `undefined` \| `object`
 
 Extract the auth token from the headers, either from the authorization header or the cookie header.
 
@@ -112,14 +112,6 @@ The name of the cookie to extract the token from.
 
 #### Returns
 
-`object`
+`undefined` \| `object`
 
 The token if found.
-
-##### token
-
-> **token**: `undefined` \| `string`
-
-##### location
-
-> **location**: `undefined` \| `"authorization"` \| `"cookie"`

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@twin.org/api-auth-entity-storage-service",
-	"version": "0.0.1-next.2",
+	"version": "0.0.1-next.20",
 	"description": "Auth Entity Storage contract implementation and REST endpoint definitions",
 	"repository": {
 		"type": "git",
@@ -13,23 +13,10 @@
 	"engines": {
 		"node": ">=20.0.0"
 	},
-	"scripts": {
-		"clean": "rimraf dist coverage",
-		"build": "tspc",
-		"test": "vitest --run --config ./vitest.config.ts --no-cache",
-		"coverage": "vitest --run --coverage --config ./vitest.config.ts --no-cache",
-		"bundle:esm": "rollup --config rollup.config.mjs --environment MODULE:esm",
-		"bundle:cjs": "rollup --config rollup.config.mjs --environment MODULE:cjs",
-		"bundle": "npm run bundle:esm && npm run bundle:cjs",
-		"docs:clean": "rimraf docs/reference",
-		"docs:generate": "typedoc",
-		"docs": "npm run docs:clean && npm run docs:generate",
-		"dist": "npm run clean && npm run build && npm run test && npm run bundle && npm run docs"
-	},
 	"dependencies": {
-		"@twin.org/api-auth-entity-storage-models": "0.0.1-next.2",
-		"@twin.org/api-core": "0.0.1-next.2",
-		"@twin.org/api-models": "0.0.1-next.2",
+		"@twin.org/api-auth-entity-storage-models": "0.0.1-next.20",
+		"@twin.org/api-core": "0.0.1-next.20",
+		"@twin.org/api-models": "0.0.1-next.20",
 		"@twin.org/core": "next",
 		"@twin.org/crypto": "next",
 		"@twin.org/entity": "next",
@@ -39,20 +26,6 @@
 		"@twin.org/vault-models": "next",
 		"@twin.org/web": "next"
 	},
-	"devDependencies": {
-		"@twin.org/nameof-transformer": "next",
-		"@vitest/coverage-v8": "2.1.1",
-		"@types/node": "22.5.5",
-		"copyfiles": "2.4.1",
-		"rimraf": "6.0.1",
-		"rollup": "4.21.3",
-		"rollup-plugin-typescript2": "0.36.0",
-		"ts-patch": "3.2.1",
-		"typedoc": "0.26.7",
-		"typedoc-plugin-markdown": "4.2.7",
-		"typescript": "5.6.2",
-		"vitest": "2.1.1"
-	},
 	"main": "./dist/cjs/index.cjs",
 	"module": "./dist/esm/index.mjs",
 	"types": "./dist/types/index.d.ts",