npm - @twin.org/api-auth-entity-storage-service - Versions diffs - 0.0.3-next.20 → 0.0.3-next.22 - Mend

@twin.org/api-auth-entity-storage-service 0.0.3-next.20 → 0.0.3-next.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md CHANGED Viewed

@@ -1,6 +1,6 @@
-# TWIN Auth Entity Storage Service
+# TWIN API Auth Entity Storage Service
-Auth Entity Storage contract implementation and REST endpoint definitions.
+This package provides an authentication service implementation and REST routes backed by entity storage.
 ## Installation

package/docs/changelog.md CHANGED Viewed

@@ -1,4 +1,36 @@
-# @twin.org/api-auth-entity-storage-service - Changelog
+# Changelog
+## [0.0.3-next.22](https://github.com/twinfoundation/api/compare/api-auth-entity-storage-service-v0.0.3-next.21...api-auth-entity-storage-service-v0.0.3-next.22) (2026-03-27)
+### Miscellaneous Chores
+* **api-auth-entity-storage-service:** Synchronize repo versions
+### Dependencies
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/api-auth-entity-storage-models bumped from 0.0.3-next.21 to 0.0.3-next.22
+    * @twin.org/api-core bumped from 0.0.3-next.21 to 0.0.3-next.22
+    * @twin.org/api-models bumped from 0.0.3-next.21 to 0.0.3-next.22
+## [0.0.3-next.21](https://github.com/twinfoundation/api/compare/api-auth-entity-storage-service-v0.0.3-next.20...api-auth-entity-storage-service-v0.0.3-next.21) (2026-03-11)
+### Miscellaneous Chores
+* **api-auth-entity-storage-service:** Synchronize repo versions
+### Dependencies
+* The following workspace dependencies were updated
+  * dependencies
+    * @twin.org/api-auth-entity-storage-models bumped from 0.0.3-next.20 to 0.0.3-next.21
+    * @twin.org/api-core bumped from 0.0.3-next.20 to 0.0.3-next.21
+    * @twin.org/api-models bumped from 0.0.3-next.20 to 0.0.3-next.21
 ## [0.0.3-next.20](https://github.com/twinfoundation/api/compare/api-auth-entity-storage-service-v0.0.3-next.19...api-auth-entity-storage-service-v0.0.3-next.20) (2026-02-09)

package/docs/examples.md CHANGED Viewed

@@ -1 +1,88 @@
-# @twin.org/api-auth-entity-storage-service - Examples
+# Auth Entity Storage Service Examples
+These snippets show how to wire authentication services into your component container and apply token processing in request pipelines.
+## EntityStorageAuthenticationAdminService
+```typescript
+import { EntityStorageAuthenticationAdminService } from '@twin.org/api-auth-entity-storage-service';
+const adminService = new EntityStorageAuthenticationAdminService();
+console.log(adminService.className()); // EntityStorageAuthenticationAdminService
+await adminService.create({
+  email: 'owner@example.org',
+  password: 'StartPassword123',
+  userIdentity: 'did:example:owner',
+  organizationIdentity: 'did:example:org',
+  scope: ['admin']
+});
+await adminService.update({
+  email: 'owner@example.org',
+  scope: ['admin', 'security']
+});
+await adminService.updatePassword('owner@example.org', 'StartPassword124', 'StartPassword123');
+const fromIdentity = await adminService.getByIdentity('did:example:owner');
+console.log(fromIdentity.scope.length); // 2
+```
+```typescript
+import { EntityStorageAuthenticationAdminService } from '@twin.org/api-auth-entity-storage-service';
+const adminService = new EntityStorageAuthenticationAdminService();
+const user = await adminService.get('owner@example.org');
+await adminService.remove(user.email);
+console.log(user.email); // owner@example.org
+```
+## EntityStorageAuthenticationService
+```typescript
+import { EntityStorageAuthenticationService } from '@twin.org/api-auth-entity-storage-service';
+const authService = new EntityStorageAuthenticationService();
+await authService.start('default');
+console.log(authService.className()); // EntityStorageAuthenticationService
+const loginResult = await authService.login('alice@example.org', 'correct-horse-battery-staple');
+const refreshResult = await authService.refresh(loginResult.token);
+await authService.updatePassword('correct-horse-battery-staple', 'correct-horse-battery-staple-2');
+await authService.logout(refreshResult.token);
+console.log(refreshResult.expiry > 0); // true
+```
+## AuthHeaderProcessor
+```typescript
+import { AuthHeaderProcessor } from '@twin.org/api-auth-entity-storage-service';
+const processor = new AuthHeaderProcessor();
+await processor.start('default');
+console.log(processor.className()); // AuthHeaderProcessor
+const request = {
+  method: 'get',
+  url: '/info',
+  headers: {
+    authorization: 'Bearer token-value'
+  }
+};
+const response = {};
+const contextIds = {};
+const processorState: { [id: string]: unknown } = {};
+await processor.pre(request, response, { skipAuth: false }, contextIds, processorState);
+await processor.post(request, response, { skipAuth: false }, contextIds, processorState);
+```

package/docs/reference/classes/AuthHeaderProcessor.md CHANGED Viewed

@@ -28,7 +28,7 @@ Options for the processor.
 ## Properties
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 > `readonly` `static` **CLASS\_NAME**: `string`
@@ -36,7 +36,7 @@ Runtime name for the class.
 ## Methods
-### className()
+### className() {#classname}
 > **className**(): `string`
@@ -54,7 +54,7 @@ The class name of the component.
 ***
-### start()
+### start() {#start}
 > **start**(`nodeLoggingComponentType?`): `Promise`\<`void`\>
@@ -80,7 +80,7 @@ Nothing.
 ***
-### pre()
+### pre() {#pre}
 > **pre**(`request`, `response`, `route`, `contextIds`, `processorState`): `Promise`\<`void`\>
@@ -102,9 +102,9 @@ The outgoing response.
 ##### route
-The route to process.
+`IBaseRoute` \| `undefined`
-`IBaseRoute` | `undefined`
+The route to process.
 ##### contextIds
@@ -126,7 +126,7 @@ The state handed through the processors.
 ***
-### post()
+### post() {#post}
 > **post**(`request`, `response`, `route`, `contextIds`, `processorState`): `Promise`\<`void`\>
@@ -148,9 +148,9 @@ The outgoing response.
 ##### route
-The route to process.
+`IBaseRoute` \| `undefined`
-`IBaseRoute` | `undefined`
+The route to process.
 ##### contextIds

package/docs/reference/classes/AuthenticationUser.md CHANGED Viewed

@@ -14,7 +14,7 @@ Class defining the storage for user login credentials.
 ## Properties
-### email
+### email {#email}
 > **email**: `string`
@@ -22,7 +22,7 @@ The user e-mail address.
 ***
-### password
+### password {#password}
 > **password**: `string`
@@ -30,7 +30,7 @@ The encrypted password for the user.
 ***
-### salt
+### salt {#salt}
 > **salt**: `string`
@@ -38,7 +38,7 @@ The salt for the password.
 ***
-### identity
+### identity {#identity}
 > **identity**: `string`
@@ -46,7 +46,7 @@ The user identity.
 ***
-### organization
+### organization {#organization}
 > **organization**: `string`
@@ -54,7 +54,7 @@ The users organization.
 ***
-### scope
+### scope {#scope}
 > **scope**: `string`

package/docs/reference/classes/EntityStorageAuthenticationAdminService.md CHANGED Viewed

@@ -28,7 +28,7 @@ The dependencies for the identity connector.
 ## Properties
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 > `readonly` `static` **CLASS\_NAME**: `string`
@@ -36,7 +36,7 @@ Runtime name for the class.
 ## Methods
-### className()
+### className() {#classname}
 > **className**(): `string`
@@ -54,7 +54,7 @@ The class name of the component.
 ***
-### create()
+### create() {#create}
 > **create**(`user`): `Promise`\<`void`\>
@@ -80,7 +80,7 @@ Nothing.
 ***
-### update()
+### update() {#update}
 > **update**(`user`): `Promise`\<`void`\>
@@ -106,7 +106,7 @@ Nothing.
 ***
-### get()
+### get() {#get}
 > **get**(`email`): `Promise`\<`Omit`\<`IAuthenticationUser`, `"salt"` \| `"password"`\>\>
@@ -132,7 +132,7 @@ The user details.
 ***
-### getByIdentity()
+### getByIdentity() {#getbyidentity}
 > **getByIdentity**(`identity`): `Promise`\<`Omit`\<`IAuthenticationUser`, `"salt"` \| `"password"`\>\>
@@ -158,7 +158,7 @@ The user details.
 ***
-### remove()
+### remove() {#remove}
 > **remove**(`email`): `Promise`\<`void`\>
@@ -184,7 +184,7 @@ Nothing.
 ***
-### updatePassword()
+### updatePassword() {#updatepassword}
 > **updatePassword**(`email`, `newPassword`, `currentPassword?`): `Promise`\<`void`\>

package/docs/reference/classes/EntityStorageAuthenticationService.md CHANGED Viewed

@@ -28,7 +28,7 @@ The dependencies for the identity connector.
 ## Properties
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 > `readonly` `static` **CLASS\_NAME**: `string`
@@ -36,7 +36,7 @@ Runtime name for the class.
 ## Methods
-### className()
+### className() {#classname}
 > **className**(): `string`
@@ -54,7 +54,7 @@ The class name of the component.
 ***
-### start()
+### start() {#start}
 > **start**(`nodeLoggingComponentType?`): `Promise`\<`void`\>
@@ -80,7 +80,7 @@ Nothing.
 ***
-### login()
+### login() {#login}
 > **login**(`email`, `password`): `Promise`\<\{ `token?`: `string`; `expiry`: `number`; \}\>
@@ -112,7 +112,7 @@ The authentication token for the user, if it uses a mechanism with public access
 ***
-### logout()
+### logout() {#logout}
 > **logout**(`token?`): `Promise`\<`void`\>
@@ -138,7 +138,7 @@ Nothing.
 ***
-### refresh()
+### refresh() {#refresh}
 > **refresh**(`token?`): `Promise`\<\{ `token?`: `string`; `expiry`: `number`; \}\>
@@ -164,7 +164,7 @@ The refreshed token, if it uses a mechanism with public access.
 ***
-### updatePassword()
+### updatePassword() {#updatepassword}
 > **updatePassword**(`currentPassword`, `newPassword`): `Promise`\<`void`\>

package/docs/reference/classes/TokenHelper.md CHANGED Viewed

@@ -14,7 +14,7 @@ Helper class for token operations.
 ## Properties
-### CLASS\_NAME
+### CLASS\_NAME {#class_name}
 > `readonly` `static` **CLASS\_NAME**: `string`
@@ -22,7 +22,7 @@ Runtime name for the class.
 ## Methods
-### createToken()
+### createToken() {#createtoken}
 > `static` **createToken**(`vaultConnector`, `signingKeyName`, `userIdentity`, `organizationIdentity`, `tenantId`, `ttlMinutes`, `scope?`): `Promise`\<\{ `token`: `string`; `expiry`: `number`; \}\>
@@ -50,15 +50,15 @@ The subject for the token.
 ##### organizationIdentity
-The organization for the token.
+`string` \| `undefined`
-`string` | `undefined`
+The organization for the token.
 ##### tenantId
-The tenant id for the token.
+`string` \| `undefined`
-`string` | `undefined`
+The tenant id for the token.
 ##### ttlMinutes
@@ -80,7 +80,7 @@ The new token and its expiry date.
 ***
-### verify()
+### verify() {#verify}
 > `static` **verify**(`vaultConnector`, `signingKeyName`, `token`, `requiredScopes?`): `Promise`\<\{ `header`: `JWTHeaderParameters`; `payload`: `JWTPayload`; \}\>
@@ -102,9 +102,9 @@ The signing key name.
 ##### token
-The token to verify.
+`string` \| `undefined`
-`string` | `undefined`
+The token to verify.
 ##### requiredScopes?
@@ -124,7 +124,7 @@ UnauthorizedError if the token is missing, invalid or expired.
 ***
-### extractTokenFromHeaders()
+### extractTokenFromHeaders() {#extracttokenfromheaders}
 > `static` **extractTokenFromHeaders**(`headers?`, `cookieName?`): \{ `token`: `string`; `location`: `"authorization"` \| `"cookie"`; \} \| `undefined`

package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md CHANGED Viewed

@@ -4,9 +4,9 @@ Configuration for the authentication header processor
 ## Properties
-### signingKeyName?
+### signingKeyName? {#signingkeyname}
-> `optional` **signingKeyName**: `string`
+> `optional` **signingKeyName?**: `string`
 The name of the key to retrieve from the vault for signing JWT.
@@ -18,9 +18,9 @@ auth-signing
 ***
-### cookieName?
+### cookieName? {#cookiename}
-> `optional` **cookieName**: `string`
+> `optional` **cookieName?**: `string`
 The name of the cookie to use for the token.

package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md CHANGED Viewed

@@ -4,9 +4,9 @@ Options for the AuthHeaderProcessor constructor.
 ## Properties
-### vaultConnectorType?
+### vaultConnectorType? {#vaultconnectortype}
-> `optional` **vaultConnectorType**: `string`
+> `optional` **vaultConnectorType?**: `string`
 The vault for the private keys.
@@ -18,8 +18,8 @@ vault
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
+> `optional` **config?**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
 The configuration for the processor.

package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md CHANGED Viewed

@@ -4,9 +4,9 @@ Configuration for the entity storage authentication admin service.
 ## Properties
-### minPasswordLength?
+### minPasswordLength? {#minpasswordlength}
-> `optional` **minPasswordLength**: `number`
+> `optional` **minPasswordLength?**: `number`
 The minimum password length.

package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md CHANGED Viewed

@@ -4,9 +4,9 @@ Options for the EntityStorageAuthenticationAdminService constructor.
 ## Properties
-### userEntityStorageType?
+### userEntityStorageType? {#userentitystoragetype}
-> `optional` **userEntityStorageType**: `string`
+> `optional` **userEntityStorageType?**: `string`
 The entity storage for the users.
@@ -18,8 +18,8 @@ authentication-user
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
+> `optional` **config?**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
 The configuration for the authentication.

package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md CHANGED Viewed

@@ -4,9 +4,9 @@ Configuration for the entity storage authentication service.
 ## Properties
-### signingKeyName?
+### signingKeyName? {#signingkeyname}
-> `optional` **signingKeyName**: `string`
+> `optional` **signingKeyName?**: `string`
 The name of the key to retrieve from the vault for signing JWT.
@@ -18,9 +18,9 @@ auth-signing
 ***
-### defaultTtlMinutes?
+### defaultTtlMinutes? {#defaultttlminutes}
-> `optional` **defaultTtlMinutes**: `number`
+> `optional` **defaultTtlMinutes?**: `number`
 The default time to live for the JWT.

package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md CHANGED Viewed

@@ -4,9 +4,9 @@ Options for the EntityStorageAuthenticationService constructor.
 ## Properties
-### userEntityStorageType?
+### userEntityStorageType? {#userentitystoragetype}
-> `optional` **userEntityStorageType**: `string`
+> `optional` **userEntityStorageType?**: `string`
 The entity storage for the users.
@@ -18,9 +18,9 @@ authentication-user
 ***
-### vaultConnectorType?
+### vaultConnectorType? {#vaultconnectortype}
-> `optional` **vaultConnectorType**: `string`
+> `optional` **vaultConnectorType?**: `string`
 The vault for the private keys.
@@ -32,9 +32,9 @@ vault
 ***
-### authenticationAdminServiceType?
+### authenticationAdminServiceType? {#authenticationadminservicetype}
-> `optional` **authenticationAdminServiceType**: `string`
+> `optional` **authenticationAdminServiceType?**: `string`
 The admin service.
@@ -46,8 +46,8 @@ authentication-admin
 ***
-### config?
+### config? {#config}
-> `optional` **config**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
+> `optional` **config?**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
 The configuration for the authentication.

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
 	"name": "@twin.org/api-auth-entity-storage-service",
-	"version": "0.0.3-next.20",
-	"description": "Auth Entity Storage contract implementation and REST endpoint definitions",
+	"version": "0.0.3-next.22",
+	"description": "Authentication service implementation and REST routes backed by entity storage.",
 	"repository": {
 		"type": "git",
 		"url": "git+https://github.com/twinfoundation/api.git",
@@ -14,9 +14,9 @@
 		"node": ">=20.0.0"
 	},
 	"dependencies": {
-		"@twin.org/api-auth-entity-storage-models": "0.0.3-next.20",
-		"@twin.org/api-core": "0.0.3-next.20",
-		"@twin.org/api-models": "0.0.3-next.20",
+		"@twin.org/api-auth-entity-storage-models": "0.0.3-next.22",
+		"@twin.org/api-core": "0.0.3-next.22",
+		"@twin.org/api-models": "0.0.3-next.22",
 		"@twin.org/context": "next",
 		"@twin.org/core": "next",
 		"@twin.org/crypto": "next",