@twin.org/api-auth-entity-storage-service 0.0.1-next.5 → 0.0.1-next.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +14 -16
- package/dist/esm/index.mjs +15 -17
- package/dist/types/utils/tokenHelper.d.ts +3 -3
- package/docs/changelog.md +1 -1
- package/docs/reference/classes/TokenHelper.md +2 -10
- package/package.json +4 -4
package/dist/cjs/index.cjs
CHANGED
@@ -120,12 +120,13 @@ class TokenHelper {
|
|
120
120
|
* @returns The token if found.
|
121
121
|
*/
|
122
122
|
static extractTokenFromHeaders(headers, cookieName) {
|
123
|
-
const
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
123
|
+
const authHeader = headers?.[web.HeaderTypes.Authorization];
|
124
|
+
const cookiesHeader = headers?.[web.HeaderTypes.Cookie];
|
125
|
+
if (core.Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
|
126
|
+
return {
|
127
|
+
token: authHeader.slice(7).trim(),
|
128
|
+
location: "authorization"
|
129
|
+
};
|
129
130
|
}
|
130
131
|
else if (core.Is.notEmpty(cookiesHeader) && core.Is.stringValue(cookieName)) {
|
131
132
|
const cookies = core.Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
|
@@ -136,17 +137,14 @@ class TokenHelper {
|
|
136
137
|
.map(c => c.trim())
|
137
138
|
.find(c => c.startsWith(cookieName));
|
138
139
|
if (core.Is.stringValue(accessTokenCookie)) {
|
139
|
-
|
140
|
-
|
141
|
-
|
140
|
+
return {
|
141
|
+
token: accessTokenCookie.slice(cookieName.length + 1).trim(),
|
142
|
+
location: "cookie"
|
143
|
+
};
|
142
144
|
}
|
143
145
|
}
|
144
146
|
}
|
145
147
|
}
|
146
|
-
return {
|
147
|
-
token,
|
148
|
-
location
|
149
|
-
};
|
150
148
|
}
|
151
149
|
}
|
152
150
|
|
@@ -218,10 +216,10 @@ class AuthHeaderProcessor {
|
|
218
216
|
if (!core.Is.empty(route) && !(route.skipAuth ?? false)) {
|
219
217
|
try {
|
220
218
|
const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
|
221
|
-
const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation
|
219
|
+
const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
|
222
220
|
requestIdentity.userIdentity = headerAndPayload.payload?.sub;
|
223
|
-
processorState.authToken = tokenAndLocation
|
224
|
-
processorState.authTokenLocation = tokenAndLocation
|
221
|
+
processorState.authToken = tokenAndLocation?.token;
|
222
|
+
processorState.authTokenLocation = tokenAndLocation?.location;
|
225
223
|
}
|
226
224
|
catch (err) {
|
227
225
|
const error = core.BaseError.fromError(err);
|
package/dist/esm/index.mjs
CHANGED
@@ -2,7 +2,7 @@ import { property, entity, EntitySchemaFactory, EntitySchemaHelper } from '@twin
|
|
2
2
|
import { HttpErrorHelper } from '@twin.org/api-models';
|
3
3
|
import { Is, UnauthorizedError, Guards, BaseError, ComponentFactory, Converter, GeneralError } from '@twin.org/core';
|
4
4
|
import { VaultConnectorFactory } from '@twin.org/vault-models';
|
5
|
-
import { Jwt, JwtAlgorithms, HttpStatusCode } from '@twin.org/web';
|
5
|
+
import { Jwt, JwtAlgorithms, HeaderTypes, HttpStatusCode } from '@twin.org/web';
|
6
6
|
import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
|
7
7
|
import { Blake2b } from '@twin.org/crypto';
|
8
8
|
|
@@ -118,12 +118,13 @@ class TokenHelper {
|
|
118
118
|
* @returns The token if found.
|
119
119
|
*/
|
120
120
|
static extractTokenFromHeaders(headers, cookieName) {
|
121
|
-
const
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
121
|
+
const authHeader = headers?.[HeaderTypes.Authorization];
|
122
|
+
const cookiesHeader = headers?.[HeaderTypes.Cookie];
|
123
|
+
if (Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
|
124
|
+
return {
|
125
|
+
token: authHeader.slice(7).trim(),
|
126
|
+
location: "authorization"
|
127
|
+
};
|
127
128
|
}
|
128
129
|
else if (Is.notEmpty(cookiesHeader) && Is.stringValue(cookieName)) {
|
129
130
|
const cookies = Is.arrayValue(cookiesHeader) ? cookiesHeader : [cookiesHeader];
|
@@ -134,17 +135,14 @@ class TokenHelper {
|
|
134
135
|
.map(c => c.trim())
|
135
136
|
.find(c => c.startsWith(cookieName));
|
136
137
|
if (Is.stringValue(accessTokenCookie)) {
|
137
|
-
|
138
|
-
|
139
|
-
|
138
|
+
return {
|
139
|
+
token: accessTokenCookie.slice(cookieName.length + 1).trim(),
|
140
|
+
location: "cookie"
|
141
|
+
};
|
140
142
|
}
|
141
143
|
}
|
142
144
|
}
|
143
145
|
}
|
144
|
-
return {
|
145
|
-
token,
|
146
|
-
location
|
147
|
-
};
|
148
146
|
}
|
149
147
|
}
|
150
148
|
|
@@ -216,10 +214,10 @@ class AuthHeaderProcessor {
|
|
216
214
|
if (!Is.empty(route) && !(route.skipAuth ?? false)) {
|
217
215
|
try {
|
218
216
|
const tokenAndLocation = TokenHelper.extractTokenFromHeaders(request.headers, this._cookieName);
|
219
|
-
const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation
|
217
|
+
const headerAndPayload = await TokenHelper.verify(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, tokenAndLocation?.token);
|
220
218
|
requestIdentity.userIdentity = headerAndPayload.payload?.sub;
|
221
|
-
processorState.authToken = tokenAndLocation
|
222
|
-
processorState.authTokenLocation = tokenAndLocation
|
219
|
+
processorState.authToken = tokenAndLocation?.token;
|
220
|
+
processorState.authTokenLocation = tokenAndLocation?.location;
|
223
221
|
}
|
224
222
|
catch (err) {
|
225
223
|
const error = BaseError.fromError(err);
|
@@ -35,7 +35,7 @@ export declare class TokenHelper {
|
|
35
35
|
* @returns The token if found.
|
36
36
|
*/
|
37
37
|
static extractTokenFromHeaders(headers?: IHttpHeaders, cookieName?: string): {
|
38
|
-
token: string
|
39
|
-
location: "authorization" | "cookie"
|
40
|
-
};
|
38
|
+
token: string;
|
39
|
+
location: "authorization" | "cookie";
|
40
|
+
} | undefined;
|
41
41
|
}
|
package/docs/changelog.md
CHANGED
@@ -96,7 +96,7 @@ UnauthorizedError if the token is missing, invalid or expired.
|
|
96
96
|
|
97
97
|
### extractTokenFromHeaders()
|
98
98
|
|
99
|
-
> `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `object`
|
99
|
+
> `static` **extractTokenFromHeaders**(`headers`?, `cookieName`?): `undefined` \| `object`
|
100
100
|
|
101
101
|
Extract the auth token from the headers, either from the authorization header or the cookie header.
|
102
102
|
|
@@ -112,14 +112,6 @@ The name of the cookie to extract the token from.
|
|
112
112
|
|
113
113
|
#### Returns
|
114
114
|
|
115
|
-
`object`
|
115
|
+
`undefined` \| `object`
|
116
116
|
|
117
117
|
The token if found.
|
118
|
-
|
119
|
-
##### token
|
120
|
-
|
121
|
-
> **token**: `undefined` \| `string`
|
122
|
-
|
123
|
-
##### location
|
124
|
-
|
125
|
-
> **location**: `undefined` \| `"authorization"` \| `"cookie"`
|
package/package.json
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
{
|
2
2
|
"name": "@twin.org/api-auth-entity-storage-service",
|
3
|
-
"version": "0.0.1-next.
|
3
|
+
"version": "0.0.1-next.7",
|
4
4
|
"description": "Auth Entity Storage contract implementation and REST endpoint definitions",
|
5
5
|
"repository": {
|
6
6
|
"type": "git",
|
@@ -14,9 +14,9 @@
|
|
14
14
|
"node": ">=20.0.0"
|
15
15
|
},
|
16
16
|
"dependencies": {
|
17
|
-
"@twin.org/api-auth-entity-storage-models": "0.0.1-next.
|
18
|
-
"@twin.org/api-core": "0.0.1-next.
|
19
|
-
"@twin.org/api-models": "0.0.1-next.
|
17
|
+
"@twin.org/api-auth-entity-storage-models": "0.0.1-next.7",
|
18
|
+
"@twin.org/api-core": "0.0.1-next.7",
|
19
|
+
"@twin.org/api-models": "0.0.1-next.7",
|
20
20
|
"@twin.org/core": "next",
|
21
21
|
"@twin.org/crypto": "next",
|
22
22
|
"@twin.org/entity": "next",
|