@twin.org/api-auth-entity-storage-service 0.0.1 → 0.0.2-next.10

package/dist/cjs/index.cjs

@@ -117,9 +117,10 @@ class TokenHelper {
     static extractTokenFromHeaders(headers, cookieName) {
         const authHeader = headers?.[web.HeaderTypes.Authorization];
         const cookiesHeader = headers?.[web.HeaderTypes.Cookie];
-        if (core.Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
+        const bearerToken = web.HeaderHelper.extractBearer(authHeader);
+        if (core.Is.stringValue(bearerToken)) {
             return {
-                token: authHeader.slice(7).trim(),
+                token: bearerToken,
                 location: "authorization"
             };
         }
@@ -149,10 +150,6 @@ class TokenHelper {
  * Handle a JWT token in the authorization header or cookies and validate it to populate request context identity.
  */
 class AuthHeaderProcessor {
-    /**
-     * The namespace supported by the processor.
-     */
-    static NAMESPACE = "auth-header";
     /**
      * The default name for the access token as a cookie.
      * @internal
@@ -194,10 +191,10 @@ class AuthHeaderProcessor {
     /**
      * The service needs to be started when the application is initialized.
      * @param nodeIdentity The identity of the node.
-     * @param nodeLoggingConnectorType The node logging connector type, defaults to "node-logging".
+     * @param nodeLoggingComponentType The node logging component type.
      * @returns Nothing.
      */
-    async start(nodeIdentity, nodeLoggingConnectorType) {
+    async start(nodeIdentity, nodeLoggingComponentType) {
         core.Guards.string(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         this._nodeIdentity = nodeIdentity;
     }
@@ -388,7 +385,41 @@ function generateRestRoutesAuthentication(baseRouteName, componentName) {
             }
         ]
     };
-    return [loginRoute, logoutRoute, refreshTokenRoute];
+    const updatePasswordRoute = {
+        operationId: "authenticationUpdatePassword",
+        summary: "Update the user's password",
+        tag: tagsAuthentication[0].name,
+        method: "PUT",
+        path: `${baseRouteName}/:email/password`,
+        handler: async (httpRequestContext, request) => authenticationUpdatePassword(httpRequestContext, componentName, request),
+        requestType: {
+            type: "IUpdatePasswordRequest",
+            examples: [
+                {
+                    id: "updatePasswordRequestExample",
+                    description: "The request to update the user's password.",
+                    request: {
+                        pathParams: {
+                            email: "john:example.com"
+                        },
+                        body: {
+                            currentPassword: "MyNewPassword123!",
+                            newPassword: "MyNewPassword123!"
+                        }
+                    }
+                }
+            ]
+        },
+        responseType: [
+            {
+                type: "INoContentResponse"
+            },
+            {
+                type: "IUnauthorizedResponse"
+            }
+        ]
+    };
+    return [loginRoute, logoutRoute, refreshTokenRoute, updatePasswordRoute];
 }
 /**
  * Login to the server.
@@ -448,6 +479,23 @@ async function authenticationRefreshToken(httpRequestContext, componentName, req
         body: result
     };
 }
+/**
+ * Update the user's password.
+ * @param httpRequestContext The request context for the API.
+ * @param componentName The name of the component to use in the routes.
+ * @param request The request.
+ * @returns The response object with additional http response properties.
+ */
+async function authenticationUpdatePassword(httpRequestContext, componentName, request) {
+    core.Guards.object(ROUTES_SOURCE, "request", request);
+    core.Guards.object(ROUTES_SOURCE, "request.pathParams", request.pathParams);
+    core.Guards.object(ROUTES_SOURCE, "request.body", request.body);
+    const component = core.ComponentFactory.get(componentName);
+    await component.updatePassword(request.pathParams.email, request.body.currentPassword, request.body.newPassword);
+    return {
+        statusCode: web.HttpStatusCode.noContent
+    };
+}
 
 const restEntryPoints = [
     {
@@ -498,11 +546,138 @@ class PasswordHelper {
 /**
  * Implementation of the authentication component using entity storage.
  */
-class EntityStorageAuthenticationService {
+class EntityStorageAuthenticationAdminService {
     /**
-     * The namespace supported by the authentication service.
+     * The minimum password length.
+     * @internal
      */
-    static NAMESPACE = "authentication-entity-storage";
+    static _DEFAULT_MIN_PASSWORD_LENGTH = 8;
+    /**
+     * Runtime name for the class.
+     */
+    CLASS_NAME = "EntityStorageAuthenticationAdminService";
+    /**
+     * The entity storage for users.
+     * @internal
+     */
+    _userEntityStorage;
+    /**
+     * The minimum password length.
+     * @internal
+     */
+    _minPasswordLength;
+    /**
+     * Create a new instance of EntityStorageAuthentication.
+     * @param options The dependencies for the identity connector.
+     */
+    constructor(options) {
+        this._userEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.userEntityStorageType ?? "authentication-user");
+        this._minPasswordLength =
+            options?.config?.minPasswordLength ??
+                EntityStorageAuthenticationAdminService._DEFAULT_MIN_PASSWORD_LENGTH;
+    }
+    /**
+     * Create a login for the user.
+     * @param email The email address for the user.
+     * @param password The password for the user.
+     * @param identity The DID to associate with the account.
+     * @returns Nothing.
+     */
+    async create(email, password, identity) {
+        core.Guards.stringValue(this.CLASS_NAME, "email", email);
+        core.Guards.stringValue(this.CLASS_NAME, "password", password);
+        try {
+            if (password.length < this._minPasswordLength) {
+                throw new core.GeneralError(this.CLASS_NAME, "passwordTooShort", {
+                    minLength: this._minPasswordLength
+                });
+            }
+            const user = await this._userEntityStorage.get(email);
+            if (user) {
+                throw new core.GeneralError(this.CLASS_NAME, "userExists");
+            }
+            const saltBytes = core.RandomHelper.generate(16);
+            const passwordBytes = core.Converter.utf8ToBytes(password);
+            const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+            const newUser = {
+                email,
+                salt: core.Converter.bytesToBase64(saltBytes),
+                password: hashedPassword,
+                identity
+            };
+            await this._userEntityStorage.set(newUser);
+        }
+        catch (error) {
+            throw new core.GeneralError(this.CLASS_NAME, "createUserFailed", undefined, error);
+        }
+    }
+    /**
+     * Remove the current user.
+     * @param email The email address of the user to remove.
+     * @returns Nothing.
+     */
+    async remove(email) {
+        core.Guards.stringValue(this.CLASS_NAME, "email", email);
+        try {
+            const user = await this._userEntityStorage.get(email);
+            if (!user) {
+                throw new core.NotFoundError(this.CLASS_NAME, "userNotFound", email);
+            }
+            await this._userEntityStorage.remove(email);
+        }
+        catch (error) {
+            throw new core.GeneralError(this.CLASS_NAME, "removeUserFailed", undefined, error);
+        }
+    }
+    /**
+     * Update the user's password.
+     * @param email The email address of the user to update.
+     * @param newPassword The new password for the user.
+     * @param currentPassword The current password, optional, if supplied will check against existing.
+     * @returns Nothing.
+     */
+    async updatePassword(email, newPassword, currentPassword) {
+        core.Guards.stringValue(this.CLASS_NAME, "email", email);
+        core.Guards.stringValue(this.CLASS_NAME, "newPassword", newPassword);
+        try {
+            if (newPassword.length < this._minPasswordLength) {
+                throw new core.GeneralError(this.CLASS_NAME, "passwordTooShort", {
+                    minLength: this._minPasswordLength
+                });
+            }
+            const user = await this._userEntityStorage.get(email);
+            if (!user) {
+                throw new core.NotFoundError(this.CLASS_NAME, "userNotFound", email);
+            }
+            if (core.Is.stringValue(currentPassword)) {
+                const saltBytes = core.Converter.base64ToBytes(user.salt);
+                const passwordBytes = core.Converter.utf8ToBytes(currentPassword);
+                const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+                if (hashedPassword !== user.password) {
+                    throw new core.GeneralError(this.CLASS_NAME, "currentPasswordMismatch");
+                }
+            }
+            const saltBytes = core.RandomHelper.generate(16);
+            const passwordBytes = core.Converter.utf8ToBytes(newPassword);
+            const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+            const updatedUser = {
+                email,
+                salt: core.Converter.bytesToBase64(saltBytes),
+                password: hashedPassword,
+                identity: user.identity
+            };
+            await this._userEntityStorage.set(updatedUser);
+        }
+        catch (error) {
+            throw new core.GeneralError(this.CLASS_NAME, "updatePasswordFailed", undefined, error);
+        }
+    }
+}
+
+/**
+ * Implementation of the authentication component using entity storage.
+ */
+class EntityStorageAuthenticationService {
     /**
      * Default TTL in minutes.
      * @internal
@@ -512,6 +687,11 @@ class EntityStorageAuthenticationService {
      * Runtime name for the class.
      */
     CLASS_NAME = "EntityStorageAuthenticationService";
+    /**
+     * The user admin service.
+     * @internal
+     */
+    _authenticationAdminService;
     /**
      * The entity storage for users.
      * @internal
@@ -544,6 +724,7 @@ class EntityStorageAuthenticationService {
     constructor(options) {
         this._userEntityStorage = entityStorageModels.EntityStorageConnectorFactory.get(options?.userEntityStorageType ?? "authentication-user");
         this._vaultConnector = vaultModels.VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
+        this._authenticationAdminService = core.ComponentFactory.get(options?.authenticationAdminServiceType ?? "authentication-admin");
         this._signingKeyName = options?.config?.signingKeyName ?? "auth-signing";
         this._defaultTtlMinutes =
             options?.config?.defaultTtlMinutes ?? EntityStorageAuthenticationService._DEFAULT_TTL_MINUTES;
@@ -551,10 +732,10 @@ class EntityStorageAuthenticationService {
     /**
      * The service needs to be started when the application is initialized.
      * @param nodeIdentity The identity of the node.
-     * @param nodeLoggingConnectorType The node logging connector type, defaults to "node-logging".
+     * @param nodeLoggingComponentType The node logging component type.
      * @returns Nothing.
      */
-    async start(nodeIdentity, nodeLoggingConnectorType) {
+    async start(nodeIdentity, nodeLoggingComponentType) {
         core.Guards.string(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         this._nodeIdentity = nodeIdentity;
     }
@@ -582,7 +763,7 @@ class EntityStorageAuthenticationService {
             return tokenAndExpiry;
         }
         catch (error) {
-            throw new core.UnauthorizedError(this.CLASS_NAME, "loginFailed", error);
+            throw new core.UnauthorizedError(this.CLASS_NAME, "loginFailed", undefined, error);
         }
     }
     /**
@@ -604,15 +785,27 @@ class EntityStorageAuthenticationService {
         const refreshTokenAndExpiry = await TokenHelper.createToken(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, headerAndPayload.payload.sub ?? "", this._defaultTtlMinutes);
         return refreshTokenAndExpiry;
     }
+    /**
+     * Update the user's password.
+     * @param email The email address of the user to update.
+     * @param currentPassword The current password for the user.
+     * @param newPassword The new password for the user.
+     * @returns Nothing.
+     */
+    async updatePassword(email, currentPassword, newPassword) {
+        return this._authenticationAdminService.updatePassword(email, newPassword, currentPassword);
+    }
 }
 
 exports.AuthHeaderProcessor = AuthHeaderProcessor;
+exports.EntityStorageAuthenticationAdminService = EntityStorageAuthenticationAdminService;
 exports.EntityStorageAuthenticationService = EntityStorageAuthenticationService;
 exports.PasswordHelper = PasswordHelper;
 exports.TokenHelper = TokenHelper;
 exports.authenticationLogin = authenticationLogin;
 exports.authenticationLogout = authenticationLogout;
 exports.authenticationRefreshToken = authenticationRefreshToken;
+exports.authenticationUpdatePassword = authenticationUpdatePassword;
 exports.generateRestRoutesAuthentication = generateRestRoutesAuthentication;
 exports.initSchema = initSchema;
 exports.restEntryPoints = restEntryPoints;

package/dist/esm/index.mjs

@@ -1,8 +1,8 @@
 import { property, entity, EntitySchemaFactory, EntitySchemaHelper } from '@twin.org/entity';
 import { HttpErrorHelper } from '@twin.org/api-models';
-import { Is, UnauthorizedError, Guards, BaseError, ComponentFactory, Converter, GeneralError } from '@twin.org/core';
+import { Is, UnauthorizedError, Guards, BaseError, ComponentFactory, Converter, GeneralError, RandomHelper, NotFoundError } from '@twin.org/core';
 import { VaultConnectorHelper, VaultConnectorFactory } from '@twin.org/vault-models';
-import { Jwt, HeaderTypes, HttpStatusCode } from '@twin.org/web';
+import { Jwt, HeaderTypes, HeaderHelper, HttpStatusCode } from '@twin.org/web';
 import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
 import { Blake2b } from '@twin.org/crypto';
 
@@ -115,9 +115,10 @@ class TokenHelper {
     static extractTokenFromHeaders(headers, cookieName) {
         const authHeader = headers?.[HeaderTypes.Authorization];
         const cookiesHeader = headers?.[HeaderTypes.Cookie];
-        if (Is.string(authHeader) && authHeader.startsWith("Bearer ")) {
+        const bearerToken = HeaderHelper.extractBearer(authHeader);
+        if (Is.stringValue(bearerToken)) {
             return {
-                token: authHeader.slice(7).trim(),
+                token: bearerToken,
                 location: "authorization"
             };
         }
@@ -147,10 +148,6 @@ class TokenHelper {
  * Handle a JWT token in the authorization header or cookies and validate it to populate request context identity.
  */
 class AuthHeaderProcessor {
-    /**
-     * The namespace supported by the processor.
-     */
-    static NAMESPACE = "auth-header";
     /**
      * The default name for the access token as a cookie.
      * @internal
@@ -192,10 +189,10 @@ class AuthHeaderProcessor {
     /**
      * The service needs to be started when the application is initialized.
      * @param nodeIdentity The identity of the node.
-     * @param nodeLoggingConnectorType The node logging connector type, defaults to "node-logging".
+     * @param nodeLoggingComponentType The node logging component type.
      * @returns Nothing.
      */
-    async start(nodeIdentity, nodeLoggingConnectorType) {
+    async start(nodeIdentity, nodeLoggingComponentType) {
         Guards.string(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         this._nodeIdentity = nodeIdentity;
     }
@@ -386,7 +383,41 @@ function generateRestRoutesAuthentication(baseRouteName, componentName) {
             }
         ]
     };
-    return [loginRoute, logoutRoute, refreshTokenRoute];
+    const updatePasswordRoute = {
+        operationId: "authenticationUpdatePassword",
+        summary: "Update the user's password",
+        tag: tagsAuthentication[0].name,
+        method: "PUT",
+        path: `${baseRouteName}/:email/password`,
+        handler: async (httpRequestContext, request) => authenticationUpdatePassword(httpRequestContext, componentName, request),
+        requestType: {
+            type: "IUpdatePasswordRequest",
+            examples: [
+                {
+                    id: "updatePasswordRequestExample",
+                    description: "The request to update the user's password.",
+                    request: {
+                        pathParams: {
+                            email: "john:example.com"
+                        },
+                        body: {
+                            currentPassword: "MyNewPassword123!",
+                            newPassword: "MyNewPassword123!"
+                        }
+                    }
+                }
+            ]
+        },
+        responseType: [
+            {
+                type: "INoContentResponse"
+            },
+            {
+                type: "IUnauthorizedResponse"
+            }
+        ]
+    };
+    return [loginRoute, logoutRoute, refreshTokenRoute, updatePasswordRoute];
 }
 /**
  * Login to the server.
@@ -446,6 +477,23 @@ async function authenticationRefreshToken(httpRequestContext, componentName, req
         body: result
     };
 }
+/**
+ * Update the user's password.
+ * @param httpRequestContext The request context for the API.
+ * @param componentName The name of the component to use in the routes.
+ * @param request The request.
+ * @returns The response object with additional http response properties.
+ */
+async function authenticationUpdatePassword(httpRequestContext, componentName, request) {
+    Guards.object(ROUTES_SOURCE, "request", request);
+    Guards.object(ROUTES_SOURCE, "request.pathParams", request.pathParams);
+    Guards.object(ROUTES_SOURCE, "request.body", request.body);
+    const component = ComponentFactory.get(componentName);
+    await component.updatePassword(request.pathParams.email, request.body.currentPassword, request.body.newPassword);
+    return {
+        statusCode: HttpStatusCode.noContent
+    };
+}
 
 const restEntryPoints = [
     {
@@ -496,11 +544,138 @@ class PasswordHelper {
 /**
  * Implementation of the authentication component using entity storage.
  */
-class EntityStorageAuthenticationService {
+class EntityStorageAuthenticationAdminService {
     /**
-     * The namespace supported by the authentication service.
+     * The minimum password length.
+     * @internal
      */
-    static NAMESPACE = "authentication-entity-storage";
+    static _DEFAULT_MIN_PASSWORD_LENGTH = 8;
+    /**
+     * Runtime name for the class.
+     */
+    CLASS_NAME = "EntityStorageAuthenticationAdminService";
+    /**
+     * The entity storage for users.
+     * @internal
+     */
+    _userEntityStorage;
+    /**
+     * The minimum password length.
+     * @internal
+     */
+    _minPasswordLength;
+    /**
+     * Create a new instance of EntityStorageAuthentication.
+     * @param options The dependencies for the identity connector.
+     */
+    constructor(options) {
+        this._userEntityStorage = EntityStorageConnectorFactory.get(options?.userEntityStorageType ?? "authentication-user");
+        this._minPasswordLength =
+            options?.config?.minPasswordLength ??
+                EntityStorageAuthenticationAdminService._DEFAULT_MIN_PASSWORD_LENGTH;
+    }
+    /**
+     * Create a login for the user.
+     * @param email The email address for the user.
+     * @param password The password for the user.
+     * @param identity The DID to associate with the account.
+     * @returns Nothing.
+     */
+    async create(email, password, identity) {
+        Guards.stringValue(this.CLASS_NAME, "email", email);
+        Guards.stringValue(this.CLASS_NAME, "password", password);
+        try {
+            if (password.length < this._minPasswordLength) {
+                throw new GeneralError(this.CLASS_NAME, "passwordTooShort", {
+                    minLength: this._minPasswordLength
+                });
+            }
+            const user = await this._userEntityStorage.get(email);
+            if (user) {
+                throw new GeneralError(this.CLASS_NAME, "userExists");
+            }
+            const saltBytes = RandomHelper.generate(16);
+            const passwordBytes = Converter.utf8ToBytes(password);
+            const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+            const newUser = {
+                email,
+                salt: Converter.bytesToBase64(saltBytes),
+                password: hashedPassword,
+                identity
+            };
+            await this._userEntityStorage.set(newUser);
+        }
+        catch (error) {
+            throw new GeneralError(this.CLASS_NAME, "createUserFailed", undefined, error);
+        }
+    }
+    /**
+     * Remove the current user.
+     * @param email The email address of the user to remove.
+     * @returns Nothing.
+     */
+    async remove(email) {
+        Guards.stringValue(this.CLASS_NAME, "email", email);
+        try {
+            const user = await this._userEntityStorage.get(email);
+            if (!user) {
+                throw new NotFoundError(this.CLASS_NAME, "userNotFound", email);
+            }
+            await this._userEntityStorage.remove(email);
+        }
+        catch (error) {
+            throw new GeneralError(this.CLASS_NAME, "removeUserFailed", undefined, error);
+        }
+    }
+    /**
+     * Update the user's password.
+     * @param email The email address of the user to update.
+     * @param newPassword The new password for the user.
+     * @param currentPassword The current password, optional, if supplied will check against existing.
+     * @returns Nothing.
+     */
+    async updatePassword(email, newPassword, currentPassword) {
+        Guards.stringValue(this.CLASS_NAME, "email", email);
+        Guards.stringValue(this.CLASS_NAME, "newPassword", newPassword);
+        try {
+            if (newPassword.length < this._minPasswordLength) {
+                throw new GeneralError(this.CLASS_NAME, "passwordTooShort", {
+                    minLength: this._minPasswordLength
+                });
+            }
+            const user = await this._userEntityStorage.get(email);
+            if (!user) {
+                throw new NotFoundError(this.CLASS_NAME, "userNotFound", email);
+            }
+            if (Is.stringValue(currentPassword)) {
+                const saltBytes = Converter.base64ToBytes(user.salt);
+                const passwordBytes = Converter.utf8ToBytes(currentPassword);
+                const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+                if (hashedPassword !== user.password) {
+                    throw new GeneralError(this.CLASS_NAME, "currentPasswordMismatch");
+                }
+            }
+            const saltBytes = RandomHelper.generate(16);
+            const passwordBytes = Converter.utf8ToBytes(newPassword);
+            const hashedPassword = await PasswordHelper.hashPassword(passwordBytes, saltBytes);
+            const updatedUser = {
+                email,
+                salt: Converter.bytesToBase64(saltBytes),
+                password: hashedPassword,
+                identity: user.identity
+            };
+            await this._userEntityStorage.set(updatedUser);
+        }
+        catch (error) {
+            throw new GeneralError(this.CLASS_NAME, "updatePasswordFailed", undefined, error);
+        }
+    }
+}
+
+/**
+ * Implementation of the authentication component using entity storage.
+ */
+class EntityStorageAuthenticationService {
     /**
      * Default TTL in minutes.
      * @internal
@@ -510,6 +685,11 @@ class EntityStorageAuthenticationService {
      * Runtime name for the class.
      */
     CLASS_NAME = "EntityStorageAuthenticationService";
+    /**
+     * The user admin service.
+     * @internal
+     */
+    _authenticationAdminService;
     /**
      * The entity storage for users.
      * @internal
@@ -542,6 +722,7 @@ class EntityStorageAuthenticationService {
     constructor(options) {
         this._userEntityStorage = EntityStorageConnectorFactory.get(options?.userEntityStorageType ?? "authentication-user");
         this._vaultConnector = VaultConnectorFactory.get(options?.vaultConnectorType ?? "vault");
+        this._authenticationAdminService = ComponentFactory.get(options?.authenticationAdminServiceType ?? "authentication-admin");
         this._signingKeyName = options?.config?.signingKeyName ?? "auth-signing";
         this._defaultTtlMinutes =
             options?.config?.defaultTtlMinutes ?? EntityStorageAuthenticationService._DEFAULT_TTL_MINUTES;
@@ -549,10 +730,10 @@ class EntityStorageAuthenticationService {
     /**
      * The service needs to be started when the application is initialized.
      * @param nodeIdentity The identity of the node.
-     * @param nodeLoggingConnectorType The node logging connector type, defaults to "node-logging".
+     * @param nodeLoggingComponentType The node logging component type.
      * @returns Nothing.
      */
-    async start(nodeIdentity, nodeLoggingConnectorType) {
+    async start(nodeIdentity, nodeLoggingComponentType) {
         Guards.string(this.CLASS_NAME, "nodeIdentity", nodeIdentity);
         this._nodeIdentity = nodeIdentity;
     }
@@ -580,7 +761,7 @@ class EntityStorageAuthenticationService {
             return tokenAndExpiry;
         }
         catch (error) {
-            throw new UnauthorizedError(this.CLASS_NAME, "loginFailed", error);
+            throw new UnauthorizedError(this.CLASS_NAME, "loginFailed", undefined, error);
         }
     }
     /**
@@ -602,6 +783,16 @@ class EntityStorageAuthenticationService {
         const refreshTokenAndExpiry = await TokenHelper.createToken(this._vaultConnector, `${this._nodeIdentity}/${this._signingKeyName}`, headerAndPayload.payload.sub ?? "", this._defaultTtlMinutes);
         return refreshTokenAndExpiry;
     }
+    /**
+     * Update the user's password.
+     * @param email The email address of the user to update.
+     * @param currentPassword The current password for the user.
+     * @param newPassword The new password for the user.
+     * @returns Nothing.
+     */
+    async updatePassword(email, currentPassword, newPassword) {
+        return this._authenticationAdminService.updatePassword(email, newPassword, currentPassword);
+    }
 }
 
-export { AuthHeaderProcessor, AuthenticationUser, EntityStorageAuthenticationService, PasswordHelper, TokenHelper, authenticationLogin, authenticationLogout, authenticationRefreshToken, generateRestRoutesAuthentication, initSchema, restEntryPoints, tagsAuthentication };
+export { AuthHeaderProcessor, AuthenticationUser, EntityStorageAuthenticationAdminService, EntityStorageAuthenticationService, PasswordHelper, TokenHelper, authenticationLogin, authenticationLogout, authenticationRefreshToken, authenticationUpdatePassword, generateRestRoutesAuthentication, initSchema, restEntryPoints, tagsAuthentication };

package/dist/types/index.d.ts

@@ -1,12 +1,15 @@
 export * from "./entities/authenticationUser";
 export * from "./models/IAuthHeaderProcessorConfig";
 export * from "./models/IAuthHeaderProcessorConstructorOptions";
+export * from "./models/IEntityStorageAuthenticationAdminServiceConfig";
+export * from "./models/IEntityStorageAuthenticationAdminServiceConstructorOptions";
 export * from "./models/IEntityStorageAuthenticationServiceConfig";
 export * from "./models/IEntityStorageAuthenticationServiceConstructorOptions";
 export * from "./processors/authHeaderProcessor";
 export * from "./restEntryPoints";
 export * from "./routes/entityStorageAuthenticationRoutes";
 export * from "./schema";
+export * from "./services/entityStorageAuthenticationAdminService";
 export * from "./services/entityStorageAuthenticationService";
 export * from "./utils/passwordHelper";
 export * from "./utils/tokenHelper";

package/dist/types/models/IEntityStorageAuthenticationAdminServiceConfig.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Configuration for the entity storage authentication admin service.
+ */
+export interface IEntityStorageAuthenticationAdminServiceConfig {
+    /**
+     * The minimum password length.
+     * @default 8
+     */
+    minPasswordLength?: number;
+}

package/dist/types/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.d.ts

@@ -0,0 +1,15 @@
+import type { IEntityStorageAuthenticationAdminServiceConfig } from "./IEntityStorageAuthenticationAdminServiceConfig";
+/**
+ * Options for the EntityStorageAuthenticationAdminService constructor.
+ */
+export interface IEntityStorageAuthenticationAdminServiceConstructorOptions {
+    /**
+     * The entity storage for the users.
+     * @default authentication-user
+     */
+    userEntityStorageType?: string;
+    /**
+     * The configuration for the authentication.
+     */
+    config?: IEntityStorageAuthenticationAdminServiceConfig;
+}

package/dist/types/models/IEntityStorageAuthenticationServiceConstructorOptions.d.ts

@@ -13,6 +13,11 @@ export interface IEntityStorageAuthenticationServiceConstructorOptions {
      * @default vault
      */
     vaultConnectorType?: string;
+    /**
+     * The admin service.
+     * @default authentication-admin
+     */
+    authenticationAdminServiceType?: string;
     /**
      * The configuration for the authentication.
      */