@twin.org/api-auth-entity-storage-service 0.0.1-next.2

package/docs/reference/classes/TokenHelper.md

@@ -0,0 +1,125 @@
+# Class: TokenHelper
+
+Helper class for token operations.
+
+## Constructors
+
+### new TokenHelper()
+
+> **new TokenHelper**(): [`TokenHelper`](TokenHelper.md)
+
+#### Returns
+
+[`TokenHelper`](TokenHelper.md)
+
+## Methods
+
+### createToken()
+
+> `static` **createToken**(`vaultConnector`, `signingKeyName`, `subject`, `ttlMinutes`): `Promise`\<`object`\>
+
+Create a new token.
+
+#### Parameters
+
+• **vaultConnector**: `IVaultConnector`
+
+The vault connector.
+
+• **signingKeyName**: `string`
+
+The signing key name.
+
+• **subject**: `string`
+
+The subject for the token.
+
+• **ttlMinutes**: `number`
+
+The time to live for the token in minutes.
+
+#### Returns
+
+`Promise`\<`object`\>
+
+The new token and its expiry date.
+
+##### token
+
+> **token**: `string`
+
+##### expiry
+
+> **expiry**: `number`
+
+***
+
+### verify()
+
+> `static` **verify**(`vaultConnector`, `signingKeyName`, `token`): `Promise`\<`object`\>
+
+Verify the token.
+
+#### Parameters
+
+• **vaultConnector**: `IVaultConnector`
+
+The vault connector.
+
+• **signingKeyName**: `string`
+
+The signing key name.
+
+• **token**: `undefined` \| `string`
+
+The token to verify.
+
+#### Returns
+
+`Promise`\<`object`\>
+
+The verified details.
+
+##### header
+
+> **header**: `IJwtHeader`
+
+##### payload
+
+> **payload**: `IJwtPayload`
+
+#### Throws
+
+UnauthorizedError if the token is missing, invalid or expired.
+
+***
+
+### extractTokenFromHeaders()
+
+> `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `object`
+
+Extract the auth token from the headers, either from the authorization header or the cookie header.
+
+#### Parameters
+
+• **headers?**: `IHttpHeaders`
+
+The headers to extract the token from.
+
+• **cookieName?**: `string`
+
+The name of the cookie to extract the token from.
+
+#### Returns
+
+`object`
+
+The token if found.
+
+##### token
+
+> **token**: `undefined` \| `string`
+
+##### location
+
+> **location**: `undefined` \| `"authorization"` \| `"cookie"`

package/docs/reference/functions/authenticationLogin.md

@@ -0,0 +1,25 @@
+# Function: authenticationLogin()
+
+> **authenticationLogin**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`ILoginResponse` & `IRestRouteResponseOptions`\>
+
+Login to the server.
+
+## Parameters
+
+• **httpRequestContext**: `IHttpRequestContext`
+
+The request context for the API.
+
+• **componentName**: `string`
+
+The name of the component to use in the routes.
+
+• **request**: `ILoginRequest`
+
+The request.
+
+## Returns
+
+`Promise`\<`ILoginResponse` & `IRestRouteResponseOptions`\>
+
+The response object with additional http response properties.

package/docs/reference/functions/authenticationLogout.md

@@ -0,0 +1,25 @@
+# Function: authenticationLogout()
+
+> **authenticationLogout**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`INoContentResponse` & `IRestRouteResponseOptions`\>
+
+Logout from the server.
+
+## Parameters
+
+• **httpRequestContext**: `IHttpRequestContext`
+
+The request context for the API.
+
+• **componentName**: `string`
+
+The name of the component to use in the routes.
+
+• **request**: `ILogoutRequest`
+
+The request.
+
+## Returns
+
+`Promise`\<`INoContentResponse` & `IRestRouteResponseOptions`\>
+
+The response object with additional http response properties.

package/docs/reference/functions/authenticationRefreshToken.md

@@ -0,0 +1,25 @@
+# Function: authenticationRefreshToken()
+
+> **authenticationRefreshToken**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`IRefreshTokenResponse` & `IRestRouteResponseOptions`\>
+
+Refresh the login token.
+
+## Parameters
+
+• **httpRequestContext**: `IHttpRequestContext`
+
+The request context for the API.
+
+• **componentName**: `string`
+
+The name of the component to use in the routes.
+
+• **request**: `IRefreshTokenRequest`
+
+The request.
+
+## Returns
+
+`Promise`\<`IRefreshTokenResponse` & `IRestRouteResponseOptions`\>
+
+The response object with additional http response properties.

package/docs/reference/functions/generateRestRoutesAuthentication.md

@@ -0,0 +1,21 @@
+# Function: generateRestRoutesAuthentication()
+
+> **generateRestRoutesAuthentication**(`baseRouteName`, `componentName`): `IRestRoute`[]
+
+The REST routes for authentication.
+
+## Parameters
+
+• **baseRouteName**: `string`
+
+Prefix to prepend to the paths.
+
+• **componentName**: `string`
+
+The name of the component to use in the routes stored in the ComponentFactory.
+
+## Returns
+
+`IRestRoute`[]
+
+The generated routes.

package/docs/reference/functions/initSchema.md

@@ -0,0 +1,9 @@
+# Function: initSchema()
+
+> **initSchema**(): `void`
+
+Initialize the schema for the authentication service.
+
+## Returns
+
+`void`

package/docs/reference/index.md

@@ -0,0 +1,27 @@
+# @twin.org/api-auth-entity-storage-service
+
+## Classes
+
+- [AuthenticationUser](classes/AuthenticationUser.md)
+- [AuthHeaderProcessor](classes/AuthHeaderProcessor.md)
+- [EntityStorageAuthenticationService](classes/EntityStorageAuthenticationService.md)
+- [PasswordHelper](classes/PasswordHelper.md)
+- [TokenHelper](classes/TokenHelper.md)
+
+## Interfaces
+
+- [IAuthHeaderProcessorConfig](interfaces/IAuthHeaderProcessorConfig.md)
+- [IEntityStorageAuthenticationServiceConfig](interfaces/IEntityStorageAuthenticationServiceConfig.md)
+
+## Variables
+
+- [restEntryPoints](variables/restEntryPoints.md)
+- [tagsAuthentication](variables/tagsAuthentication.md)
+
+## Functions
+
+- [generateRestRoutesAuthentication](functions/generateRestRoutesAuthentication.md)
+- [authenticationLogin](functions/authenticationLogin.md)
+- [authenticationLogout](functions/authenticationLogout.md)
+- [authenticationRefreshToken](functions/authenticationRefreshToken.md)
+- [initSchema](functions/initSchema.md)

package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md

@@ -0,0 +1,31 @@
+# Interface: IAuthHeaderProcessorConfig
+
+Configuration for the authentication header processor
+
+## Properties
+
+### signingKeyName?
+
+> `optional` **signingKeyName**: `string`
+
+The name of the key to retrieve from the vault for signing JWT.
+
+#### Default
+
+```ts
+auth-signing
+```
+
+***
+
+### cookieName?
+
+> `optional` **cookieName**: `string`
+
+The name of the cookie to use for the token.
+
+#### Default
+
+```ts
+access_token
+```

package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md

@@ -0,0 +1,31 @@
+# Interface: IEntityStorageAuthenticationServiceConfig
+
+Configuration for the entity storage authentication service.
+
+## Properties
+
+### signingKeyName?
+
+> `optional` **signingKeyName**: `string`
+
+The name of the key to retrieve from the vault for signing JWT.
+
+#### Default
+
+```ts
+auth-signing
+```
+
+***
+
+### defaultTtlMinutes?
+
+> `optional` **defaultTtlMinutes**: `number`
+
+The default time to live for the JWT.
+
+#### Default
+
+```ts
+1440
+```

package/docs/reference/variables/restEntryPoints.md

@@ -0,0 +1,3 @@
+# Variable: restEntryPoints
+
+> `const` **restEntryPoints**: `IRestRouteEntryPoint`[]

package/docs/reference/variables/tagsAuthentication.md

@@ -0,0 +1,5 @@
+# Variable: tagsAuthentication
+
+> `const` **tagsAuthentication**: `ITag`[]
+
+The tag to associate with the routes.

package/locales/en.json

@@ -0,0 +1,18 @@
+{
+	"error": {
+		"entityStorageAuthenticationService": {
+			"loginFailed": "Login failed",
+			"refreshFailed": "Refresh failed",
+			"userNotFound": "The user with the specified e-mail could not be found",
+			"passwordMismatch": "The password does not match the user's password"
+		},
+		"entityStorageAuthenticationProcessor": {
+			"initializeFailed": "The JSON Web token authentication processor could not be initialized"
+		},
+		"tokenHelper": {
+			"missing": "The JSON Web token could not be found in the authorization header",
+			"invalid": "The JSON Web token signature could not be validated",
+			"expired": "The JSON Web token has expired"
+		}
+	}
+}

package/package.json

@@ -0,0 +1,73 @@
+{
+	"name": "@twin.org/api-auth-entity-storage-service",
+	"version": "0.0.1-next.2",
+	"description": "Auth Entity Storage contract implementation and REST endpoint definitions",
+	"repository": {
+		"type": "git",
+		"url": "git+https://github.com/twinfoundation/api.git",
+		"directory": "packages/api-auth-entity-storage-service"
+	},
+	"author": "martyn.janes@iota.org",
+	"license": "Apache-2.0",
+	"type": "module",
+	"engines": {
+		"node": ">=20.0.0"
+	},
+	"scripts": {
+		"clean": "rimraf dist coverage",
+		"build": "tspc",
+		"test": "vitest --run --config ./vitest.config.ts --no-cache",
+		"coverage": "vitest --run --coverage --config ./vitest.config.ts --no-cache",
+		"bundle:esm": "rollup --config rollup.config.mjs --environment MODULE:esm",
+		"bundle:cjs": "rollup --config rollup.config.mjs --environment MODULE:cjs",
+		"bundle": "npm run bundle:esm && npm run bundle:cjs",
+		"docs:clean": "rimraf docs/reference",
+		"docs:generate": "typedoc",
+		"docs": "npm run docs:clean && npm run docs:generate",
+		"dist": "npm run clean && npm run build && npm run test && npm run bundle && npm run docs"
+	},
+	"dependencies": {
+		"@twin.org/api-auth-entity-storage-models": "0.0.1-next.2",
+		"@twin.org/api-core": "0.0.1-next.2",
+		"@twin.org/api-models": "0.0.1-next.2",
+		"@twin.org/core": "next",
+		"@twin.org/crypto": "next",
+		"@twin.org/entity": "next",
+		"@twin.org/entity-storage-models": "next",
+		"@twin.org/logging-models": "next",
+		"@twin.org/nameof": "next",
+		"@twin.org/vault-models": "next",
+		"@twin.org/web": "next"
+	},
+	"devDependencies": {
+		"@twin.org/nameof-transformer": "next",
+		"@vitest/coverage-v8": "2.1.1",
+		"@types/node": "22.5.5",
+		"copyfiles": "2.4.1",
+		"rimraf": "6.0.1",
+		"rollup": "4.21.3",
+		"rollup-plugin-typescript2": "0.36.0",
+		"ts-patch": "3.2.1",
+		"typedoc": "0.26.7",
+		"typedoc-plugin-markdown": "4.2.7",
+		"typescript": "5.6.2",
+		"vitest": "2.1.1"
+	},
+	"main": "./dist/cjs/index.cjs",
+	"module": "./dist/esm/index.mjs",
+	"types": "./dist/types/index.d.ts",
+	"exports": {
+		".": {
+			"require": "./dist/cjs/index.cjs",
+			"import": "./dist/esm/index.mjs",
+			"types": "./dist/types/index.d.ts"
+		}
+	},
+	"files": [
+		"dist/cjs",
+		"dist/esm",
+		"dist/types",
+		"locales",
+		"docs"
+	]
+}