@twin.org/api-auth-entity-storage-service 0.0.1-next.5 → 0.0.1-next.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -120,12 +120,13 @@ class TokenHelper {
120
120
  * @returns The token if found.
121
121
  */
122
122
  static extractTokenFromHeaders(headers, cookieName) {
123
- const cookiesHeader = headers?.cookie;
124
- let token;
125
- let location;
126
- if (core.Is.string(headers?.authorization) && headers.authorization.startsWith("Bearer ")) {
127
- token = headers.authorization.slice(7).trim();
128
- location = "authorization";
123
+ const authHeader = headers?.[web.HeaderTypes.Authorization];
124
+ const cookiesHeader = headers?.[web.HeaderTypes.Cookie];
125
+ if (core.Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
126
+ return {
127
+ token: authHeader.slice(7).trim(),
128
+ location: "authorization"
129
+ };
129
130
  }
130
131
  else if (core.Is.notEmpty(cookiesHeader) && core.Is.stringValue(cookieName)) {
131
132
  const cookies = core.Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
@@ -136,17 +137,14 @@ class TokenHelper {
136
137
  .map(c => c.trim())
137
138
  .find(c => c.startsWith(cookieName));
138
139
  if (core.Is.stringValue(accessTokenCookie)) {
139
- token = accessTokenCookie.slice(cookieName.length + 1).trim();
140
- location = "cookie";
141
- break;
140
+ return {
141
+ token: accessTokenCookie.slice(cookieName.length + 1).trim(),
142
+ location: "cookie"
143
+ };
142
144
  }
143
145
  }
144
146
  }
145
147
  }
146
- return {
147
- token,
148
- location
149
- };
150
148
  }
151
149
  }
152
150
 
@@ -218,10 +216,10 @@ class AuthHeaderProcessor {
218
216
  if (!core.Is.empty(route) && !(route.skipAuth ?? false)) {
219
217
  try {
220
218
  const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
221
- const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation.token);
219
+ const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
222
220
  requestIdentity.userIdentity = headerAndPayload.payload?.sub;
223
- processorState.authToken = tokenAndLocation.token;
224
- processorState.authTokenLocation = tokenAndLocation.location;
221
+ processorState.authToken = tokenAndLocation?.token;
222
+ processorState.authTokenLocation = tokenAndLocation?.location;
225
223
  }
226
224
  catch (err) {
227
225
  const error = core.BaseError.fromError(err);
@@ -2,7 +2,7 @@ import { property, entity, EntitySchemaFactory, EntitySchemaHelper } from '@twin
2
2
  import { HttpErrorHelper } from '@twin.org/api-models';
3
3
  import { Is, UnauthorizedError, Guards, BaseError, ComponentFactory, Converter, GeneralError } from '@twin.org/core';
4
4
  import { VaultConnectorFactory } from '@twin.org/vault-models';
5
- import { Jwt, JwtAlgorithms, HttpStatusCode } from '@twin.org/web';
5
+ import { Jwt, JwtAlgorithms, HeaderTypes, HttpStatusCode } from '@twin.org/web';
6
6
  import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
7
7
  import { Blake2b } from '@twin.org/crypto';
8
8
 
@@ -118,12 +118,13 @@ class TokenHelper {
118
118
  * @returns The token if found.
119
119
  */
120
120
  static extractTokenFromHeaders(headers, cookieName) {
121
- const cookiesHeader = headers?.cookie;
122
- let token;
123
- let location;
124
- if (Is.string(headers?.authorization) && headers.authorization.startsWith("Bearer ")) {
125
- token = headers.authorization.slice(7).trim();
126
- location = "authorization";
121
+ const authHeader = headers?.[HeaderTypes.Authorization];
122
+ const cookiesHeader = headers?.[HeaderTypes.Cookie];
123
+ if (Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
124
+ return {
125
+ token: authHeader.slice(7).trim(),
126
+ location: "authorization"
127
+ };
127
128
  }
128
129
  else if (Is.notEmpty(cookiesHeader) && Is.stringValue(cookieName)) {
129
130
  const cookies = Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
@@ -134,17 +135,14 @@ class TokenHelper {
134
135
  .map(c => c.trim())
135
136
  .find(c => c.startsWith(cookieName));
136
137
  if (Is.stringValue(accessTokenCookie)) {
137
- token = accessTokenCookie.slice(cookieName.length + 1).trim();
138
- location = "cookie";
139
- break;
138
+ return {
139
+ token: accessTokenCookie.slice(cookieName.length + 1).trim(),
140
+ location: "cookie"
141
+ };
140
142
  }
141
143
  }
142
144
  }
143
145
  }
144
- return {
145
- token,
146
- location
147
- };
148
146
  }
149
147
  }
150
148
 
@@ -216,10 +214,10 @@ class AuthHeaderProcessor {
216
214
  if (!Is.empty(route) && !(route.skipAuth ?? false)) {
217
215
  try {
218
216
  const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
219
- const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation.token);
217
+ const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
220
218
  requestIdentity.userIdentity = headerAndPayload.payload?.sub;
221
- processorState.authToken = tokenAndLocation.token;
222
- processorState.authTokenLocation = tokenAndLocation.location;
219
+ processorState.authToken = tokenAndLocation?.token;
220
+ processorState.authTokenLocation = tokenAndLocation?.location;
223
221
  }
224
222
  catch (err) {
225
223
  const error = BaseError.fromError(err);
@@ -35,7 +35,7 @@ export declare class TokenHelper {
35
35
  * @returns The token if found.
36
36
  */
37
37
  static extractTokenFromHeaders(headers?: IHttpHeaders, cookieName?: string): {
38
- token: string | undefined;
39
- location: "authorization" | "cookie" | undefined;
40
- };
38
+ token: string;
39
+ location: "authorization" | "cookie";
40
+ } | undefined;
41
41
  }
package/docs/changelog.md CHANGED
@@ -1,5 +1,5 @@
1
1
  # @twin.org/api-auth-entity-storage-service - Changelog
2
2
 
3
- ## v0.0.1-next.5
3
+ ## v0.0.1-next.7
4
4
 
5
5
  - Initial Release
@@ -96,7 +96,7 @@ UnauthorizedError if the token is missing, invalid or expired.
96
96
 
97
97
  ### extractTokenFromHeaders()
98
98
 
99
- > `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `object`
99
+ > `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `undefined` \| `object`
100
100
 
101
101
  Extract the auth token from the headers, either from the authorization header or the cookie header.
102
102
 
@@ -112,14 +112,6 @@ The name of the cookie to extract the token from.
112
112
 
113
113
  #### Returns
114
114
 
115
- `object`
115
+ `undefined` \| `object`
116
116
 
117
117
  The token if found.
118
-
119
- ##### token
120
-
121
- > **token**: `undefined` \| `string`
122
-
123
- ##### location
124
-
125
- > **location**: `undefined` \| `"authorization"` \| `"cookie"`
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@twin.org/api-auth-entity-storage-service",
3
- "version": "0.0.1-next.5",
3
+ "version": "0.0.1-next.7",
4
4
  "description": "Auth Entity Storage contract implementation and REST endpoint definitions",
5
5
  "repository": {
6
6
  "type": "git",
@@ -14,9 +14,9 @@
14
14
  "node": ">=20.0.0"
15
15
  },
16
16
  "dependencies": {
17
- "@twin.org/api-auth-entity-storage-models": "0.0.1-next.5",
18
- "@twin.org/api-core": "0.0.1-next.5",
19
- "@twin.org/api-models": "0.0.1-next.5",
17
+ "@twin.org/api-auth-entity-storage-models": "0.0.1-next.7",
18
+ "@twin.org/api-core": "0.0.1-next.7",
19
+ "@twin.org/api-models": "0.0.1-next.7",
20
20
  "@twin.org/core": "next",
21
21
  "@twin.org/crypto": "next",
22
22
  "@twin.org/entity": "next",