@twin.org/api-auth-entity-storage-service 0.0.3-next.4 → 0.0.3-next.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (104) hide show
  1. package/README.md +2 -2
  2. package/dist/es/entities/authenticationAuditEntry.js +101 -0
  3. package/dist/es/entities/authenticationAuditEntry.js.map +1 -0
  4. package/dist/es/entities/authenticationRateEntry.js +37 -0
  5. package/dist/es/entities/authenticationRateEntry.js.map +1 -0
  6. package/dist/es/entities/authenticationUser.js +17 -1
  7. package/dist/es/entities/authenticationUser.js.map +1 -1
  8. package/dist/es/index.js +11 -1
  9. package/dist/es/index.js.map +1 -1
  10. package/dist/es/models/IAuthHeaderProcessorConstructorOptions.js.map +1 -1
  11. package/dist/es/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.js.map +1 -1
  12. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js +4 -0
  13. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js.map +1 -0
  14. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js +2 -0
  15. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js.map +1 -0
  16. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js +2 -0
  17. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js.map +1 -0
  18. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js +2 -0
  19. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js.map +1 -0
  20. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js +0 -2
  21. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js.map +1 -1
  22. package/dist/es/models/IEntityStorageAuthenticationServiceConstructorOptions.js.map +1 -1
  23. package/dist/es/processors/authHeaderProcessor.js +62 -10
  24. package/dist/es/processors/authHeaderProcessor.js.map +1 -1
  25. package/dist/es/restEntryPoints.js +14 -0
  26. package/dist/es/restEntryPoints.js.map +1 -1
  27. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js +362 -0
  28. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js.map +1 -0
  29. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js +174 -0
  30. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js.map +1 -0
  31. package/dist/es/routes/entityStorageAuthenticationRoutes.js +20 -21
  32. package/dist/es/routes/entityStorageAuthenticationRoutes.js.map +1 -1
  33. package/dist/es/schema.js +4 -0
  34. package/dist/es/schema.js.map +1 -1
  35. package/dist/es/services/entityStorageAuthenticationAdminService.js +161 -55
  36. package/dist/es/services/entityStorageAuthenticationAdminService.js.map +1 -1
  37. package/dist/es/services/entityStorageAuthenticationAuditService.js +179 -0
  38. package/dist/es/services/entityStorageAuthenticationAuditService.js.map +1 -0
  39. package/dist/es/services/entityStorageAuthenticationRateService.js +202 -0
  40. package/dist/es/services/entityStorageAuthenticationRateService.js.map +1 -0
  41. package/dist/es/services/entityStorageAuthenticationService.js +200 -14
  42. package/dist/es/services/entityStorageAuthenticationService.js.map +1 -1
  43. package/dist/es/utils/passwordHelper.js +45 -16
  44. package/dist/es/utils/passwordHelper.js.map +1 -1
  45. package/dist/es/utils/tokenHelper.js +45 -21
  46. package/dist/es/utils/tokenHelper.js.map +1 -1
  47. package/dist/types/entities/authenticationAuditEntry.d.ts +49 -0
  48. package/dist/types/entities/authenticationRateEntry.d.ts +17 -0
  49. package/dist/types/entities/authenticationUser.d.ts +8 -0
  50. package/dist/types/index.d.ts +11 -1
  51. package/dist/types/models/IAuthHeaderProcessorConstructorOptions.d.ts +14 -0
  52. package/dist/types/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.d.ts +5 -0
  53. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConfig.d.ts +9 -0
  54. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.d.ts +15 -0
  55. package/dist/types/models/IEntityStorageAuthenticationRateServiceConfig.d.ts +10 -0
  56. package/dist/types/models/IEntityStorageAuthenticationRateServiceConstructorOptions.d.ts +20 -0
  57. package/dist/types/models/IEntityStorageAuthenticationServiceConfig.d.ts +22 -1
  58. package/dist/types/models/IEntityStorageAuthenticationServiceConstructorOptions.d.ts +17 -3
  59. package/dist/types/processors/authHeaderProcessor.d.ts +1 -1
  60. package/dist/types/routes/entityStorageAuthenticationAdminRoutes.d.ts +61 -0
  61. package/dist/types/routes/entityStorageAuthenticationAuditRoutes.d.ts +29 -0
  62. package/dist/types/services/entityStorageAuthenticationAdminService.d.ts +23 -6
  63. package/dist/types/services/entityStorageAuthenticationAuditService.d.ts +53 -0
  64. package/dist/types/services/entityStorageAuthenticationRateService.d.ts +60 -0
  65. package/dist/types/services/entityStorageAuthenticationService.d.ts +8 -3
  66. package/dist/types/utils/passwordHelper.d.ts +13 -5
  67. package/dist/types/utils/tokenHelper.d.ts +9 -2
  68. package/docs/changelog.md +674 -64
  69. package/docs/examples.md +178 -1
  70. package/docs/reference/classes/AuthHeaderProcessor.md +10 -10
  71. package/docs/reference/classes/AuthenticationAuditEntry.md +101 -0
  72. package/docs/reference/classes/AuthenticationRateEntry.md +37 -0
  73. package/docs/reference/classes/AuthenticationUser.md +21 -5
  74. package/docs/reference/classes/EntityStorageAuthenticationAdminService.md +78 -18
  75. package/docs/reference/classes/EntityStorageAuthenticationAuditService.md +157 -0
  76. package/docs/reference/classes/EntityStorageAuthenticationRateService.md +227 -0
  77. package/docs/reference/classes/EntityStorageAuthenticationService.md +36 -16
  78. package/docs/reference/classes/PasswordHelper.md +37 -12
  79. package/docs/reference/classes/TokenHelper.md +44 -8
  80. package/docs/reference/functions/authenticationAdminCreateUser.md +31 -0
  81. package/docs/reference/functions/authenticationAdminGetUser.md +31 -0
  82. package/docs/reference/functions/authenticationAdminGetUserByIdentity.md +31 -0
  83. package/docs/reference/functions/authenticationAdminRemoveUser.md +31 -0
  84. package/docs/reference/functions/authenticationAdminUpdateUser.md +31 -0
  85. package/docs/reference/functions/authenticationAdminUpdateUserPassword.md +31 -0
  86. package/docs/reference/functions/authenticationAuditCreate.md +31 -0
  87. package/docs/reference/functions/authenticationAuditQuery.md +31 -0
  88. package/docs/reference/functions/generateRestRoutesAuthenticationAdmin.md +25 -0
  89. package/docs/reference/functions/generateRestRoutesAuthenticationAudit.md +25 -0
  90. package/docs/reference/index.md +20 -0
  91. package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md +4 -4
  92. package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md +40 -4
  93. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md +2 -2
  94. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md +18 -4
  95. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConfig.md +11 -0
  96. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md +25 -0
  97. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConfig.md +17 -0
  98. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md +39 -0
  99. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md +61 -5
  100. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md +46 -10
  101. package/docs/reference/variables/tagsAuthenticationAdmin.md +5 -0
  102. package/docs/reference/variables/tagsAuthenticationAudit.md +5 -0
  103. package/locales/en.json +17 -3
  104. package/package.json +8 -7
package/dist/types/utils/tokenHelper.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import type { IUrlTransformerComponent } from "@twin.org/api-models";
1
2
  import { type IVaultConnector } from "@twin.org/vault-models";
2
3
  import { type IHttpHeaders, type IJwtHeader, type IJwtPayload } from "@twin.org/web";
3
4
  /**
@@ -11,13 +12,17 @@ export declare class TokenHelper {
11
12
  /**
12
13
  * Create a new token.
13
14
  * @param vaultConnector The vault connector.
15
+ * @param urlTransformerComponent The URL transformer component, used to encrypt the tenant ID for inclusion in the token.
14
16
  * @param signingKeyName The signing key name.
15
17
  * @param userIdentity The subject for the token.
16
18
  * @param organizationIdentity The organization for the token.
19
+ * @param tenantId The tenant id for the token.
17
20
  * @param ttlMinutes The time to live for the token in minutes.
21
+ * @param scope The scopes for the token.
22
+ * @param passwordVersion The user's current password version counter, embedded in the token so that a password change invalidates existing tokens.
18
23
  * @returns The new token and its expiry date.
19
24
  */
20
- static createToken(vaultConnector: IVaultConnector, signingKeyName: string, userIdentity: string, organizationIdentity: string | undefined, ttlMinutes: number): Promise<{
25
+ static createToken(vaultConnector: IVaultConnector, urlTransformerComponent: IUrlTransformerComponent, signingKeyName: string, userIdentity: string, organizationIdentity: string | undefined, tenantId: string | undefined, ttlMinutes: number, scope?: string, passwordVersion?: number): Promise<{
21
26
  token: string;
22
27
  expiry: number;
23
28
  }>;
@@ -26,10 +31,12 @@ export declare class TokenHelper {
26
31
  * @param vaultConnector The vault connector.
27
32
  * @param signingKeyName The signing key name.
28
33
  * @param token The token to verify.
34
+ * @param requiredScopes The required scopes.
35
+ * @param verifyUser A function to verify the user identity and organization. The password version counter embedded in the token (pver claim) is passed so callers can detect if the password has changed since the token was issued.
29
36
  * @returns The verified details.
30
37
  * @throws UnauthorizedError if the token is missing, invalid or expired.
31
38
  */
32
- static verify(vaultConnector: IVaultConnector, signingKeyName: string, token: string | undefined): Promise<{
39
+ static verify(vaultConnector: IVaultConnector, signingKeyName: string, token: string | undefined, requiredScopes?: string[], verifyUser?: (userIdentity: string, organizationIdentity: string, encryptedTenantId: string | undefined, passwordVersion: number | undefined) => Promise<string[]>): Promise<{
33
40
  header: IJwtHeader;
34
41
  payload: IJwtPayload;
35
42
  }>;