@twin.org/api-auth-entity-storage-service 0.0.3-next.8 → 0.9.0-next.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (106) hide show
  1. package/README.md +2 -2
  2. package/dist/es/entities/authenticationAuditEntry.js +101 -0
  3. package/dist/es/entities/authenticationAuditEntry.js.map +1 -0
  4. package/dist/es/entities/authenticationRateEntry.js +37 -0
  5. package/dist/es/entities/authenticationRateEntry.js.map +1 -0
  6. package/dist/es/entities/authenticationUser.js +17 -1
  7. package/dist/es/entities/authenticationUser.js.map +1 -1
  8. package/dist/es/index.js +11 -1
  9. package/dist/es/index.js.map +1 -1
  10. package/dist/es/models/IAuthHeaderProcessorConstructorOptions.js.map +1 -1
  11. package/dist/es/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.js.map +1 -1
  12. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js +4 -0
  13. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js.map +1 -0
  14. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js +2 -0
  15. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js.map +1 -0
  16. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js +2 -0
  17. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js.map +1 -0
  18. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js +2 -0
  19. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js.map +1 -0
  20. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js +0 -2
  21. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js.map +1 -1
  22. package/dist/es/models/IEntityStorageAuthenticationServiceConstructorOptions.js.map +1 -1
  23. package/dist/es/processors/authHeaderProcessor.js +83 -18
  24. package/dist/es/processors/authHeaderProcessor.js.map +1 -1
  25. package/dist/es/restEntryPoints.js +17 -0
  26. package/dist/es/restEntryPoints.js.map +1 -1
  27. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js +362 -0
  28. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js.map +1 -0
  29. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js +174 -0
  30. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js.map +1 -0
  31. package/dist/es/routes/entityStorageAuthenticationRoutes.js +20 -21
  32. package/dist/es/routes/entityStorageAuthenticationRoutes.js.map +1 -1
  33. package/dist/es/schema.js +4 -0
  34. package/dist/es/schema.js.map +1 -1
  35. package/dist/es/services/entityStorageAuthenticationAdminService.js +164 -58
  36. package/dist/es/services/entityStorageAuthenticationAdminService.js.map +1 -1
  37. package/dist/es/services/entityStorageAuthenticationAuditService.js +179 -0
  38. package/dist/es/services/entityStorageAuthenticationAuditService.js.map +1 -0
  39. package/dist/es/services/entityStorageAuthenticationRateService.js +213 -0
  40. package/dist/es/services/entityStorageAuthenticationRateService.js.map +1 -0
  41. package/dist/es/services/entityStorageAuthenticationService.js +200 -19
  42. package/dist/es/services/entityStorageAuthenticationService.js.map +1 -1
  43. package/dist/es/utils/passwordHelper.js +45 -16
  44. package/dist/es/utils/passwordHelper.js.map +1 -1
  45. package/dist/es/utils/tokenHelper.js +57 -25
  46. package/dist/es/utils/tokenHelper.js.map +1 -1
  47. package/dist/types/entities/authenticationAuditEntry.d.ts +49 -0
  48. package/dist/types/entities/authenticationRateEntry.d.ts +17 -0
  49. package/dist/types/entities/authenticationUser.d.ts +8 -0
  50. package/dist/types/index.d.ts +11 -1
  51. package/dist/types/models/IAuthHeaderProcessorConstructorOptions.d.ts +10 -0
  52. package/dist/types/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.d.ts +5 -0
  53. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConfig.d.ts +9 -0
  54. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.d.ts +15 -0
  55. package/dist/types/models/IEntityStorageAuthenticationRateServiceConfig.d.ts +10 -0
  56. package/dist/types/models/IEntityStorageAuthenticationRateServiceConstructorOptions.d.ts +25 -0
  57. package/dist/types/models/IEntityStorageAuthenticationServiceConfig.d.ts +22 -1
  58. package/dist/types/models/IEntityStorageAuthenticationServiceConstructorOptions.d.ts +13 -3
  59. package/dist/types/processors/authHeaderProcessor.d.ts +4 -2
  60. package/dist/types/restEntryPoints.d.ts +3 -0
  61. package/dist/types/routes/entityStorageAuthenticationAdminRoutes.d.ts +61 -0
  62. package/dist/types/routes/entityStorageAuthenticationAuditRoutes.d.ts +29 -0
  63. package/dist/types/services/entityStorageAuthenticationAdminService.d.ts +26 -9
  64. package/dist/types/services/entityStorageAuthenticationAuditService.d.ts +53 -0
  65. package/dist/types/services/entityStorageAuthenticationRateService.d.ts +60 -0
  66. package/dist/types/services/entityStorageAuthenticationService.d.ts +11 -6
  67. package/dist/types/utils/passwordHelper.d.ts +13 -5
  68. package/dist/types/utils/tokenHelper.d.ts +10 -4
  69. package/docs/changelog.md +863 -69
  70. package/docs/examples.md +178 -1
  71. package/docs/reference/classes/AuthHeaderProcessor.md +15 -11
  72. package/docs/reference/classes/AuthenticationAuditEntry.md +101 -0
  73. package/docs/reference/classes/AuthenticationRateEntry.md +37 -0
  74. package/docs/reference/classes/AuthenticationUser.md +21 -5
  75. package/docs/reference/classes/EntityStorageAuthenticationAdminService.md +80 -20
  76. package/docs/reference/classes/EntityStorageAuthenticationAuditService.md +157 -0
  77. package/docs/reference/classes/EntityStorageAuthenticationRateService.md +227 -0
  78. package/docs/reference/classes/EntityStorageAuthenticationService.md +39 -19
  79. package/docs/reference/classes/PasswordHelper.md +37 -12
  80. package/docs/reference/classes/TokenHelper.md +49 -13
  81. package/docs/reference/functions/authenticationAdminCreateUser.md +31 -0
  82. package/docs/reference/functions/authenticationAdminGetUser.md +31 -0
  83. package/docs/reference/functions/authenticationAdminGetUserByIdentity.md +31 -0
  84. package/docs/reference/functions/authenticationAdminRemoveUser.md +31 -0
  85. package/docs/reference/functions/authenticationAdminUpdateUser.md +31 -0
  86. package/docs/reference/functions/authenticationAdminUpdateUserPassword.md +31 -0
  87. package/docs/reference/functions/authenticationAuditCreate.md +31 -0
  88. package/docs/reference/functions/authenticationAuditQuery.md +31 -0
  89. package/docs/reference/functions/generateRestRoutesAuthenticationAdmin.md +25 -0
  90. package/docs/reference/functions/generateRestRoutesAuthenticationAudit.md +25 -0
  91. package/docs/reference/index.md +20 -0
  92. package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md +4 -4
  93. package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md +32 -4
  94. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md +2 -2
  95. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md +18 -4
  96. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConfig.md +11 -0
  97. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md +25 -0
  98. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConfig.md +17 -0
  99. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md +53 -0
  100. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md +61 -5
  101. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md +38 -10
  102. package/docs/reference/variables/restEntryPoints.md +2 -0
  103. package/docs/reference/variables/tagsAuthenticationAdmin.md +5 -0
  104. package/docs/reference/variables/tagsAuthenticationAudit.md +5 -0
  105. package/locales/en.json +23 -6
  106. package/package.json +17 -16
@@ -14,7 +14,7 @@ Helper class for token operations.
14
14
 
15
15
  ## Properties
16
16
 
17
- ### CLASS\_NAME
17
+ ### CLASS\_NAME {#class_name}
18
18
 
19
19
  > `readonly` `static` **CLASS\_NAME**: `string`
20
20
 
@@ -22,9 +22,9 @@ Runtime name for the class.
22
22
 
23
23
  ## Methods
24
24
 
25
- ### createToken()
25
+ ### createToken() {#createtoken}
26
26
 
27
- > `static` **createToken**(`vaultConnector`, `signingKeyName`, `userIdentity`, `organizationIdentity`, `tenantId`, `ttlMinutes`): `Promise`\<\{ `token`: `string`; `expiry`: `number`; \}\>
27
+ > `static` **createToken**(`vaultConnector`, `nodeId`, `signingKeyName`, `userIdentity`, `organizationIdentity`, `tenantId`, `ttlMinutes`, `scope?`, `passwordVersion?`): `Promise`\<\{ `token`: `string`; `expiry`: `number`; \}\>
28
28
 
29
29
  Create a new token.
30
30
 
@@ -36,11 +36,17 @@ Create a new token.
36
36
 
37
37
  The vault connector.
38
38
 
39
+ ##### nodeId
40
+
41
+ `string`
42
+
43
+ The node identifier, embedded as the JWT issuer claim.
44
+
39
45
  ##### signingKeyName
40
46
 
41
47
  `string`
42
48
 
43
- The signing key name.
49
+ The signing key name, embedded as the JWT key identifier.
44
50
 
45
51
  ##### userIdentity
46
52
 
@@ -50,15 +56,15 @@ The subject for the token.
50
56
 
51
57
  ##### organizationIdentity
52
58
 
53
- The organization for the token.
59
+ `string` \| `undefined`
54
60
 
55
- `string` | `undefined`
61
+ The organization for the token.
56
62
 
57
63
  ##### tenantId
58
64
 
59
- The tenant id for the token.
65
+ `string` \| `undefined`
60
66
 
61
- `string` | `undefined`
67
+ The tenant id for the token.
62
68
 
63
69
  ##### ttlMinutes
64
70
 
@@ -66,6 +72,18 @@ The tenant id for the token.
66
72
 
67
73
  The time to live for the token in minutes.
68
74
 
75
+ ##### scope?
76
+
77
+ `string`
78
+
79
+ The scopes for the token.
80
+
81
+ ##### passwordVersion?
82
+
83
+ `number`
84
+
85
+ The user's current password version counter, embedded in the token so that a password change invalidates existing tokens.
86
+
69
87
  #### Returns
70
88
 
71
89
  `Promise`\<\{ `token`: `string`; `expiry`: `number`; \}\>
@@ -74,9 +92,9 @@ The new token and its expiry date.
74
92
 
75
93
  ***
76
94
 
77
- ### verify()
95
+ ### verify() {#verify}
78
96
 
79
- > `static` **verify**(`vaultConnector`, `signingKeyName`, `token`): `Promise`\<\{ `header`: `JWTHeaderParameters`; `payload`: `JWTPayload`; \}\>
97
+ > `static` **verify**(`vaultConnector`, `nodeId`, `signingKeyName`, `token`, `requiredScopes?`, `verifyUser?`): `Promise`\<\{ `header`: `JWTHeaderParameters`; `payload`: `JWTPayload`; \}\>
80
98
 
81
99
  Verify the token.
82
100
 
@@ -88,17 +106,35 @@ Verify the token.
88
106
 
89
107
  The vault connector.
90
108
 
109
+ ##### nodeId
110
+
111
+ `string`
112
+
113
+ The node identifier, expected to match the JWT issuer claim.
114
+
91
115
  ##### signingKeyName
92
116
 
93
117
  `string`
94
118
 
95
- The signing key name.
119
+ The signing key name, expected to match the JWT key identifier.
96
120
 
97
121
  ##### token
98
122
 
123
+ `string` \| `undefined`
124
+
99
125
  The token to verify.
100
126
 
101
- `string` | `undefined`
127
+ ##### requiredScopes?
128
+
129
+ `string`[]
130
+
131
+ The required scopes.
132
+
133
+ ##### verifyUser?
134
+
135
+ (`sub`, `org`, `tid`, `passwordVersion`) => `Promise`\<`string`[]\>
136
+
137
+ A function to verify the user identity and organization. The password version counter embedded in the token (pver claim) is passed so callers can detect if the password has changed since the token was issued.
102
138
 
103
139
  #### Returns
104
140
 
@@ -112,7 +148,7 @@ UnauthorizedError if the token is missing, invalid or expired.
112
148
 
113
149
  ***
114
150
 
115
- ### extractTokenFromHeaders()
151
+ ### extractTokenFromHeaders() {#extracttokenfromheaders}
116
152
 
117
153
  > `static` **extractTokenFromHeaders**(`headers?`, `cookieName?`): \{ `token`: `string`; `location`: `"authorization"` \| `"cookie"`; \} \| `undefined`
118
154
 
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminCreateUser()
2
+
3
+ > **authenticationAdminCreateUser**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`ICreatedResponse`\>
4
+
5
+ Create a new user.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserCreateRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`ICreatedResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminGetUser()
2
+
3
+ > **authenticationAdminGetUser**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`IAdminUserGetResponse`\>
4
+
5
+ Get an existing user.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserGetRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`IAdminUserGetResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminGetUserByIdentity()
2
+
3
+ > **authenticationAdminGetUserByIdentity**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`IAdminUserGetResponse`\>
4
+
5
+ Get an existing user by identity.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserGetByIdentityRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`IAdminUserGetResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminRemoveUser()
2
+
3
+ > **authenticationAdminRemoveUser**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`INoContentResponse`\>
4
+
5
+ Remove an existing user.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserRemoveRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`INoContentResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminUpdateUser()
2
+
3
+ > **authenticationAdminUpdateUser**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`INoContentResponse`\>
4
+
5
+ Update an existing user.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserUpdateRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`INoContentResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAdminUpdateUserPassword()
2
+
3
+ > **authenticationAdminUpdateUserPassword**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`INoContentResponse`\>
4
+
5
+ Update an existing user password.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAdminUserUpdatePasswordRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`INoContentResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAuditCreate()
2
+
3
+ > **authenticationAuditCreate**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`ICreatedResponse`\>
4
+
5
+ Create an authentication audit entry.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAuditCreateRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`ICreatedResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,31 @@
1
+ # Function: authenticationAuditQuery()
2
+
3
+ > **authenticationAuditQuery**(`httpRequestContext`, `componentName`, `request`): `Promise`\<`IAuditQueryResponse`\>
4
+
5
+ Query authentication audit entries.
6
+
7
+ ## Parameters
8
+
9
+ ### httpRequestContext
10
+
11
+ `IHttpRequestContext`
12
+
13
+ The request context for the API.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes.
20
+
21
+ ### request
22
+
23
+ `IAuditQueryRequest`
24
+
25
+ The request.
26
+
27
+ ## Returns
28
+
29
+ `Promise`\<`IAuditQueryResponse`\>
30
+
31
+ The response object with additional http response properties.
@@ -0,0 +1,25 @@
1
+ # Function: generateRestRoutesAuthenticationAdmin()
2
+
3
+ > **generateRestRoutesAuthenticationAdmin**(`baseRouteName`, `componentName`): `IRestRoute`\<`any`, `any`\>[]
4
+
5
+ The REST routes for authentication admin.
6
+
7
+ ## Parameters
8
+
9
+ ### baseRouteName
10
+
11
+ `string`
12
+
13
+ Prefix to prepend to the paths.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes stored in the ComponentFactory.
20
+
21
+ ## Returns
22
+
23
+ `IRestRoute`\<`any`, `any`\>[]
24
+
25
+ The generated routes.
@@ -0,0 +1,25 @@
1
+ # Function: generateRestRoutesAuthenticationAudit()
2
+
3
+ > **generateRestRoutesAuthenticationAudit**(`baseRouteName`, `componentName`): `IRestRoute`\<`any`, `any`\>[]
4
+
5
+ The REST routes for authentication audit.
6
+
7
+ ## Parameters
8
+
9
+ ### baseRouteName
10
+
11
+ `string`
12
+
13
+ Prefix to prepend to the paths.
14
+
15
+ ### componentName
16
+
17
+ `string`
18
+
19
+ The name of the component to use in the routes stored in the ComponentFactory.
20
+
21
+ ## Returns
22
+
23
+ `IRestRoute`\<`any`, `any`\>[]
24
+
25
+ The generated routes.
@@ -2,9 +2,13 @@
2
2
 
3
3
  ## Classes
4
4
 
5
+ - [AuthenticationAuditEntry](classes/AuthenticationAuditEntry.md)
6
+ - [AuthenticationRateEntry](classes/AuthenticationRateEntry.md)
5
7
  - [AuthenticationUser](classes/AuthenticationUser.md)
6
8
  - [AuthHeaderProcessor](classes/AuthHeaderProcessor.md)
7
9
  - [EntityStorageAuthenticationAdminService](classes/EntityStorageAuthenticationAdminService.md)
10
+ - [EntityStorageAuthenticationAuditService](classes/EntityStorageAuthenticationAuditService.md)
11
+ - [EntityStorageAuthenticationRateService](classes/EntityStorageAuthenticationRateService.md)
8
12
  - [EntityStorageAuthenticationService](classes/EntityStorageAuthenticationService.md)
9
13
  - [PasswordHelper](classes/PasswordHelper.md)
10
14
  - [TokenHelper](classes/TokenHelper.md)
@@ -15,16 +19,32 @@
15
19
  - [IAuthHeaderProcessorConstructorOptions](interfaces/IAuthHeaderProcessorConstructorOptions.md)
16
20
  - [IEntityStorageAuthenticationAdminServiceConfig](interfaces/IEntityStorageAuthenticationAdminServiceConfig.md)
17
21
  - [IEntityStorageAuthenticationAdminServiceConstructorOptions](interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md)
22
+ - [IEntityStorageAuthenticationAuditServiceConfig](interfaces/IEntityStorageAuthenticationAuditServiceConfig.md)
23
+ - [IEntityStorageAuthenticationAuditServiceConstructorOptions](interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md)
24
+ - [IEntityStorageAuthenticationRateServiceConfig](interfaces/IEntityStorageAuthenticationRateServiceConfig.md)
25
+ - [IEntityStorageAuthenticationRateServiceConstructorOptions](interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md)
18
26
  - [IEntityStorageAuthenticationServiceConfig](interfaces/IEntityStorageAuthenticationServiceConfig.md)
19
27
  - [IEntityStorageAuthenticationServiceConstructorOptions](interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md)
20
28
 
21
29
  ## Variables
22
30
 
23
31
  - [restEntryPoints](variables/restEntryPoints.md)
32
+ - [tagsAuthenticationAdmin](variables/tagsAuthenticationAdmin.md)
33
+ - [tagsAuthenticationAudit](variables/tagsAuthenticationAudit.md)
24
34
  - [tagsAuthentication](variables/tagsAuthentication.md)
25
35
 
26
36
  ## Functions
27
37
 
38
+ - [generateRestRoutesAuthenticationAdmin](functions/generateRestRoutesAuthenticationAdmin.md)
39
+ - [authenticationAdminCreateUser](functions/authenticationAdminCreateUser.md)
40
+ - [authenticationAdminUpdateUser](functions/authenticationAdminUpdateUser.md)
41
+ - [authenticationAdminUpdateUserPassword](functions/authenticationAdminUpdateUserPassword.md)
42
+ - [authenticationAdminGetUser](functions/authenticationAdminGetUser.md)
43
+ - [authenticationAdminGetUserByIdentity](functions/authenticationAdminGetUserByIdentity.md)
44
+ - [authenticationAdminRemoveUser](functions/authenticationAdminRemoveUser.md)
45
+ - [generateRestRoutesAuthenticationAudit](functions/generateRestRoutesAuthenticationAudit.md)
46
+ - [authenticationAuditCreate](functions/authenticationAuditCreate.md)
47
+ - [authenticationAuditQuery](functions/authenticationAuditQuery.md)
28
48
  - [generateRestRoutesAuthentication](functions/generateRestRoutesAuthentication.md)
29
49
  - [authenticationLogin](functions/authenticationLogin.md)
30
50
  - [authenticationLogout](functions/authenticationLogout.md)
@@ -4,9 +4,9 @@ Configuration for the authentication header processor
4
4
 
5
5
  ## Properties
6
6
 
7
- ### signingKeyName?
7
+ ### signingKeyName? {#signingkeyname}
8
8
 
9
- > `optional` **signingKeyName**: `string`
9
+ > `optional` **signingKeyName?**: `string`
10
10
 
11
11
  The name of the key to retrieve from the vault for signing JWT.
12
12
 
@@ -18,9 +18,9 @@ auth-signing
18
18
 
19
19
  ***
20
20
 
21
- ### cookieName?
21
+ ### cookieName? {#cookiename}
22
22
 
23
- > `optional` **cookieName**: `string`
23
+ > `optional` **cookieName?**: `string`
24
24
 
25
25
  The name of the cookie to use for the token.
26
26
 
@@ -4,9 +4,23 @@ Options for the AuthHeaderProcessor constructor.
4
4
 
5
5
  ## Properties
6
6
 
7
- ### vaultConnectorType?
7
+ ### userEntityStorageType? {#userentitystoragetype}
8
8
 
9
- > `optional` **vaultConnectorType**: `string`
9
+ > `optional` **userEntityStorageType?**: `string`
10
+
11
+ The entity storage for users.
12
+
13
+ #### Default
14
+
15
+ ```ts
16
+ authentication-user
17
+ ```
18
+
19
+ ***
20
+
21
+ ### vaultConnectorType? {#vaultconnectortype}
22
+
23
+ > `optional` **vaultConnectorType?**: `string`
10
24
 
11
25
  The vault for the private keys.
12
26
 
@@ -18,8 +32,22 @@ vault
18
32
 
19
33
  ***
20
34
 
21
- ### config?
35
+ ### tenantAdminComponentType? {#tenantadmincomponenttype}
36
+
37
+ > `optional` **tenantAdminComponentType?**: `string`
38
+
39
+ The component to retrieve tenant information.
40
+
41
+ #### Default
42
+
43
+ ```ts
44
+ tenant-admin
45
+ ```
46
+
47
+ ***
48
+
49
+ ### config? {#config}
22
50
 
23
- > `optional` **config**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
51
+ > `optional` **config?**: [`IAuthHeaderProcessorConfig`](IAuthHeaderProcessorConfig.md)
24
52
 
25
53
  The configuration for the processor.
@@ -4,9 +4,9 @@ Configuration for the entity storage authentication admin service.
4
4
 
5
5
  ## Properties
6
6
 
7
- ### minPasswordLength?
7
+ ### minPasswordLength? {#minpasswordlength}
8
8
 
9
- > `optional` **minPasswordLength**: `number`
9
+ > `optional` **minPasswordLength?**: `number`
10
10
 
11
11
  The minimum password length.
12
12
 
@@ -4,9 +4,9 @@ Options for the EntityStorageAuthenticationAdminService constructor.
4
4
 
5
5
  ## Properties
6
6
 
7
- ### userEntityStorageType?
7
+ ### userEntityStorageType? {#userentitystoragetype}
8
8
 
9
- > `optional` **userEntityStorageType**: `string`
9
+ > `optional` **userEntityStorageType?**: `string`
10
10
 
11
11
  The entity storage for the users.
12
12
 
@@ -18,8 +18,22 @@ authentication-user
18
18
 
19
19
  ***
20
20
 
21
- ### config?
21
+ ### authenticationAuditServiceType? {#authenticationauditservicetype}
22
22
 
23
- > `optional` **config**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
23
+ > `optional` **authenticationAuditServiceType?**: `string`
24
+
25
+ The audit service.
26
+
27
+ #### Default
28
+
29
+ ```ts
30
+ authentication-audit
31
+ ```
32
+
33
+ ***
34
+
35
+ ### config? {#config}
36
+
37
+ > `optional` **config?**: [`IEntityStorageAuthenticationAdminServiceConfig`](IEntityStorageAuthenticationAdminServiceConfig.md)
24
38
 
25
39
  The configuration for the authentication.
@@ -0,0 +1,11 @@
1
+ # Interface: IEntityStorageAuthenticationAuditServiceConfig
2
+
3
+ Config for the EntityStorageAuthenticationAuditService constructor.
4
+
5
+ ## Properties
6
+
7
+ ### ipHashSalt? {#iphashsalt}
8
+
9
+ > `optional` **ipHashSalt?**: `string`
10
+
11
+ The server-side salt for hashing IP addresses in audit logs, if configured.
@@ -0,0 +1,25 @@
1
+ # Interface: IEntityStorageAuthenticationAuditServiceConstructorOptions
2
+
3
+ Options for the EntityStorageAuthenticationAuditService constructor.
4
+
5
+ ## Properties
6
+
7
+ ### authenticationAuditEntryStorageType? {#authenticationauditentrystoragetype}
8
+
9
+ > `optional` **authenticationAuditEntryStorageType?**: `string`
10
+
11
+ The entity storage for the audit entries.
12
+
13
+ #### Default
14
+
15
+ ```ts
16
+ authentication-audit-entry
17
+ ```
18
+
19
+ ***
20
+
21
+ ### config? {#config}
22
+
23
+ > `optional` **config?**: [`IEntityStorageAuthenticationAuditServiceConfig`](IEntityStorageAuthenticationAuditServiceConfig.md)
24
+
25
+ The configuration for the authentication audit service.
@@ -0,0 +1,17 @@
1
+ # Interface: IEntityStorageAuthenticationRateServiceConfig
2
+
3
+ Configuration for the entity storage authentication rate service.
4
+
5
+ ## Properties
6
+
7
+ ### cleanupIntervalMinutes? {#cleanupintervalminutes}
8
+
9
+ > `optional` **cleanupIntervalMinutes?**: `number`
10
+
11
+ Interval between cleanup runs in minutes.
12
+
13
+ #### Default
14
+
15
+ ```ts
16
+ 5
17
+ ```