@twin.org/api-auth-entity-storage-service 0.0.3-next.8 → 0.9.0-next.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (106) hide show
  1. package/README.md +2 -2
  2. package/dist/es/entities/authenticationAuditEntry.js +101 -0
  3. package/dist/es/entities/authenticationAuditEntry.js.map +1 -0
  4. package/dist/es/entities/authenticationRateEntry.js +37 -0
  5. package/dist/es/entities/authenticationRateEntry.js.map +1 -0
  6. package/dist/es/entities/authenticationUser.js +17 -1
  7. package/dist/es/entities/authenticationUser.js.map +1 -1
  8. package/dist/es/index.js +11 -1
  9. package/dist/es/index.js.map +1 -1
  10. package/dist/es/models/IAuthHeaderProcessorConstructorOptions.js.map +1 -1
  11. package/dist/es/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.js.map +1 -1
  12. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js +4 -0
  13. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js.map +1 -0
  14. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js +2 -0
  15. package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js.map +1 -0
  16. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js +2 -0
  17. package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js.map +1 -0
  18. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js +2 -0
  19. package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js.map +1 -0
  20. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js +0 -2
  21. package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js.map +1 -1
  22. package/dist/es/models/IEntityStorageAuthenticationServiceConstructorOptions.js.map +1 -1
  23. package/dist/es/processors/authHeaderProcessor.js +83 -18
  24. package/dist/es/processors/authHeaderProcessor.js.map +1 -1
  25. package/dist/es/restEntryPoints.js +17 -0
  26. package/dist/es/restEntryPoints.js.map +1 -1
  27. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js +362 -0
  28. package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js.map +1 -0
  29. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js +174 -0
  30. package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js.map +1 -0
  31. package/dist/es/routes/entityStorageAuthenticationRoutes.js +20 -21
  32. package/dist/es/routes/entityStorageAuthenticationRoutes.js.map +1 -1
  33. package/dist/es/schema.js +4 -0
  34. package/dist/es/schema.js.map +1 -1
  35. package/dist/es/services/entityStorageAuthenticationAdminService.js +164 -58
  36. package/dist/es/services/entityStorageAuthenticationAdminService.js.map +1 -1
  37. package/dist/es/services/entityStorageAuthenticationAuditService.js +179 -0
  38. package/dist/es/services/entityStorageAuthenticationAuditService.js.map +1 -0
  39. package/dist/es/services/entityStorageAuthenticationRateService.js +213 -0
  40. package/dist/es/services/entityStorageAuthenticationRateService.js.map +1 -0
  41. package/dist/es/services/entityStorageAuthenticationService.js +200 -19
  42. package/dist/es/services/entityStorageAuthenticationService.js.map +1 -1
  43. package/dist/es/utils/passwordHelper.js +45 -16
  44. package/dist/es/utils/passwordHelper.js.map +1 -1
  45. package/dist/es/utils/tokenHelper.js +57 -25
  46. package/dist/es/utils/tokenHelper.js.map +1 -1
  47. package/dist/types/entities/authenticationAuditEntry.d.ts +49 -0
  48. package/dist/types/entities/authenticationRateEntry.d.ts +17 -0
  49. package/dist/types/entities/authenticationUser.d.ts +8 -0
  50. package/dist/types/index.d.ts +11 -1
  51. package/dist/types/models/IAuthHeaderProcessorConstructorOptions.d.ts +10 -0
  52. package/dist/types/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.d.ts +5 -0
  53. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConfig.d.ts +9 -0
  54. package/dist/types/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.d.ts +15 -0
  55. package/dist/types/models/IEntityStorageAuthenticationRateServiceConfig.d.ts +10 -0
  56. package/dist/types/models/IEntityStorageAuthenticationRateServiceConstructorOptions.d.ts +25 -0
  57. package/dist/types/models/IEntityStorageAuthenticationServiceConfig.d.ts +22 -1
  58. package/dist/types/models/IEntityStorageAuthenticationServiceConstructorOptions.d.ts +13 -3
  59. package/dist/types/processors/authHeaderProcessor.d.ts +4 -2
  60. package/dist/types/restEntryPoints.d.ts +3 -0
  61. package/dist/types/routes/entityStorageAuthenticationAdminRoutes.d.ts +61 -0
  62. package/dist/types/routes/entityStorageAuthenticationAuditRoutes.d.ts +29 -0
  63. package/dist/types/services/entityStorageAuthenticationAdminService.d.ts +26 -9
  64. package/dist/types/services/entityStorageAuthenticationAuditService.d.ts +53 -0
  65. package/dist/types/services/entityStorageAuthenticationRateService.d.ts +60 -0
  66. package/dist/types/services/entityStorageAuthenticationService.d.ts +11 -6
  67. package/dist/types/utils/passwordHelper.d.ts +13 -5
  68. package/dist/types/utils/tokenHelper.d.ts +10 -4
  69. package/docs/changelog.md +863 -69
  70. package/docs/examples.md +178 -1
  71. package/docs/reference/classes/AuthHeaderProcessor.md +15 -11
  72. package/docs/reference/classes/AuthenticationAuditEntry.md +101 -0
  73. package/docs/reference/classes/AuthenticationRateEntry.md +37 -0
  74. package/docs/reference/classes/AuthenticationUser.md +21 -5
  75. package/docs/reference/classes/EntityStorageAuthenticationAdminService.md +80 -20
  76. package/docs/reference/classes/EntityStorageAuthenticationAuditService.md +157 -0
  77. package/docs/reference/classes/EntityStorageAuthenticationRateService.md +227 -0
  78. package/docs/reference/classes/EntityStorageAuthenticationService.md +39 -19
  79. package/docs/reference/classes/PasswordHelper.md +37 -12
  80. package/docs/reference/classes/TokenHelper.md +49 -13
  81. package/docs/reference/functions/authenticationAdminCreateUser.md +31 -0
  82. package/docs/reference/functions/authenticationAdminGetUser.md +31 -0
  83. package/docs/reference/functions/authenticationAdminGetUserByIdentity.md +31 -0
  84. package/docs/reference/functions/authenticationAdminRemoveUser.md +31 -0
  85. package/docs/reference/functions/authenticationAdminUpdateUser.md +31 -0
  86. package/docs/reference/functions/authenticationAdminUpdateUserPassword.md +31 -0
  87. package/docs/reference/functions/authenticationAuditCreate.md +31 -0
  88. package/docs/reference/functions/authenticationAuditQuery.md +31 -0
  89. package/docs/reference/functions/generateRestRoutesAuthenticationAdmin.md +25 -0
  90. package/docs/reference/functions/generateRestRoutesAuthenticationAudit.md +25 -0
  91. package/docs/reference/index.md +20 -0
  92. package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md +4 -4
  93. package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md +32 -4
  94. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md +2 -2
  95. package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md +18 -4
  96. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConfig.md +11 -0
  97. package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md +25 -0
  98. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConfig.md +17 -0
  99. package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md +53 -0
  100. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md +61 -5
  101. package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md +38 -10
  102. package/docs/reference/variables/restEntryPoints.md +2 -0
  103. package/docs/reference/variables/tagsAuthenticationAdmin.md +5 -0
  104. package/docs/reference/variables/tagsAuthenticationAudit.md +5 -0
  105. package/locales/en.json +23 -6
  106. package/package.json +17 -16
@@ -0,0 +1,53 @@
1
+ # Interface: IEntityStorageAuthenticationRateServiceConstructorOptions
2
+
3
+ Options for the EntityStorageAuthenticationRateService constructor.
4
+
5
+ ## Properties
6
+
7
+ ### authenticationRateEntryStorageType? {#authenticationrateentrystoragetype}
8
+
9
+ > `optional` **authenticationRateEntryStorageType?**: `string`
10
+
11
+ The entity storage for authentication rate entries.
12
+
13
+ #### Default
14
+
15
+ ```ts
16
+ authentication-rate-entry
17
+ ```
18
+
19
+ ***
20
+
21
+ ### taskSchedulerComponentType? {#taskschedulercomponenttype}
22
+
23
+ > `optional` **taskSchedulerComponentType?**: `string`
24
+
25
+ The task scheduler component type.
26
+
27
+ #### Default
28
+
29
+ ```ts
30
+ task-scheduler
31
+ ```
32
+
33
+ ***
34
+
35
+ ### platformComponentType? {#platformcomponenttype}
36
+
37
+ > `optional` **platformComponentType?**: `string`
38
+
39
+ The platform component type, used to run the periodic cleanup per tenant.
40
+
41
+ #### Default
42
+
43
+ ```ts
44
+ platform
45
+ ```
46
+
47
+ ***
48
+
49
+ ### config? {#config}
50
+
51
+ > `optional` **config?**: [`IEntityStorageAuthenticationRateServiceConfig`](IEntityStorageAuthenticationRateServiceConfig.md)
52
+
53
+ The configuration for the authentication rate service.
@@ -4,9 +4,9 @@ Configuration for the entity storage authentication service.
4
4
 
5
5
  ## Properties
6
6
 
7
- ### signingKeyName?
7
+ ### signingKeyName? {#signingkeyname}
8
8
 
9
- > `optional` **signingKeyName**: `string`
9
+ > `optional` **signingKeyName?**: `string`
10
10
 
11
11
  The name of the key to retrieve from the vault for signing JWT.
12
12
 
@@ -18,14 +18,70 @@ auth-signing
18
18
 
19
19
  ***
20
20
 
21
- ### defaultTtlMinutes?
21
+ ### defaultTtlMinutes? {#defaultttlminutes}
22
22
 
23
- > `optional` **defaultTtlMinutes**: `number`
23
+ > `optional` **defaultTtlMinutes?**: `number`
24
24
 
25
25
  The default time to live for the JWT.
26
26
 
27
27
  #### Default
28
28
 
29
29
  ```ts
30
- 1440
30
+ 60
31
+ ```
32
+
33
+ ***
34
+
35
+ ### minPasswordLength? {#minpasswordlength}
36
+
37
+ > `optional` **minPasswordLength?**: `number`
38
+
39
+ The minimum password length for new password validation.
40
+
41
+ #### Default
42
+
43
+ ```ts
44
+ 8
45
+ ```
46
+
47
+ ***
48
+
49
+ ### loginRateLimit? {#loginratelimit}
50
+
51
+ > `optional` **loginRateLimit?**: `IAuthenticationRateActionConfig`
52
+
53
+ Optional override for login failure rate limit.
54
+
55
+ #### Default
56
+
57
+ ```ts
58
+ { maxAttempts: 5, windowMinutes: 15 }
59
+ ```
60
+
61
+ ***
62
+
63
+ ### passwordChangeRateLimit? {#passwordchangeratelimit}
64
+
65
+ > `optional` **passwordChangeRateLimit?**: `IAuthenticationRateActionConfig`
66
+
67
+ Optional override for password change rate limit.
68
+
69
+ #### Default
70
+
71
+ ```ts
72
+ { maxAttempts: 5, windowMinutes: 15 }
73
+ ```
74
+
75
+ ***
76
+
77
+ ### tokenRefreshRateLimit? {#tokenrefreshratelimit}
78
+
79
+ > `optional` **tokenRefreshRateLimit?**: `IAuthenticationRateActionConfig`
80
+
81
+ Optional override for token refresh rate limit.
82
+
83
+ #### Default
84
+
85
+ ```ts
86
+ { maxAttempts: 30, windowMinutes: 60 }
31
87
  ```
@@ -4,9 +4,9 @@ Options for the EntityStorageAuthenticationService constructor.
4
4
 
5
5
  ## Properties
6
6
 
7
- ### userEntityStorageType?
7
+ ### userEntityStorageType? {#userentitystoragetype}
8
8
 
9
- > `optional` **userEntityStorageType**: `string`
9
+ > `optional` **userEntityStorageType?**: `string`
10
10
 
11
11
  The entity storage for the users.
12
12
 
@@ -18,9 +18,9 @@ authentication-user
18
18
 
19
19
  ***
20
20
 
21
- ### vaultConnectorType?
21
+ ### vaultConnectorType? {#vaultconnectortype}
22
22
 
23
- > `optional` **vaultConnectorType**: `string`
23
+ > `optional` **vaultConnectorType?**: `string`
24
24
 
25
25
  The vault for the private keys.
26
26
 
@@ -32,22 +32,50 @@ vault
32
32
 
33
33
  ***
34
34
 
35
- ### authenticationAdminServiceType?
35
+ ### authenticationAuditServiceType? {#authenticationauditservicetype}
36
36
 
37
- > `optional` **authenticationAdminServiceType**: `string`
37
+ > `optional` **authenticationAuditServiceType?**: `string`
38
38
 
39
- The admin service.
39
+ The audit service.
40
40
 
41
41
  #### Default
42
42
 
43
43
  ```ts
44
- authentication-admin
44
+ authentication-audit
45
45
  ```
46
46
 
47
47
  ***
48
48
 
49
- ### config?
49
+ ### authenticationRateServiceType? {#authenticationrateservicetype}
50
50
 
51
- > `optional` **config**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
51
+ > `optional` **authenticationRateServiceType?**: `string`
52
+
53
+ The rate service.
54
+
55
+ #### Default
56
+
57
+ ```ts
58
+ authentication-rate
59
+ ```
60
+
61
+ ***
62
+
63
+ ### tenantAdminComponentType? {#tenantadmincomponenttype}
64
+
65
+ > `optional` **tenantAdminComponentType?**: `string`
66
+
67
+ The component to retrieve tenant information.
68
+
69
+ #### Default
70
+
71
+ ```ts
72
+ tenant-admin
73
+ ```
74
+
75
+ ***
76
+
77
+ ### config? {#config}
78
+
79
+ > `optional` **config?**: [`IEntityStorageAuthenticationServiceConfig`](IEntityStorageAuthenticationServiceConfig.md)
52
80
 
53
81
  The configuration for the authentication.
@@ -1,3 +1,5 @@
1
1
  # Variable: restEntryPoints
2
2
 
3
3
  > `const` **restEntryPoints**: `IRestRouteEntryPoint`[]
4
+
5
+ REST entry points for the authentication, authentication admin, and authentication audit services.
@@ -0,0 +1,5 @@
1
+ # Variable: tagsAuthenticationAdmin
2
+
3
+ > `const` **tagsAuthenticationAdmin**: `ITag`[]
4
+
5
+ The tag to associate with the routes.
@@ -0,0 +1,5 @@
1
+ # Variable: tagsAuthenticationAudit
2
+
3
+ > `const` **tagsAuthenticationAudit**: `ITag`[]
4
+
5
+ The tag to associate with the routes.
package/locales/en.json CHANGED
@@ -3,25 +3,42 @@
3
3
  "entityStorageAuthenticationService": {
4
4
  "loginFailed": "Login failed",
5
5
  "userNotFound": "The user with the specified e-mail could not be found",
6
- "passwordMismatch": "The password does not match the user's password"
6
+ "passwordMismatch": "The password does not match the user's password",
7
+ "nodeIdNotSet": "The node ID has not been set"
7
8
  },
8
9
  "entityStorageAuthenticationAdminService": {
9
10
  "userExists": "The user with the specified e-mail already exists",
10
11
  "createUserFailed": "Creating the user failed",
12
+ "getUserFailed": "Getting the user failed",
13
+ "updateUserFailed": "Updating the user failed",
11
14
  "removeUserFailed": "Removing the user failed",
12
15
  "updatePasswordFailed": "Updating the user's password failed",
13
- "passwordTooShort": "The password is too short, it must be at least {minLength} characters long",
14
- "userNotFound": "The user with the specified e-mail could not be found \"{notFoundId}\"",
16
+ "userNotFound": "The user with the specified e-mail could not be found \"{notFoundId}\""
17
+ },
18
+ "authHeaderProcessor": {
19
+ "nodeIdNotSet": "The node ID has not been set"
20
+ },
21
+ "passwordHelper": {
15
22
  "currentPasswordMismatch": "The current password is incorrect"
16
23
  },
24
+ "entityStorageAuthenticationRateService": {
25
+ "actionConfigMissing": "No rate-limit configuration exists for action \"{action}\".",
26
+ "rateLimitExceeded": "The rate limit for action \"{action}\" has been exceeded. Retry after {retryAfterSeconds} seconds."
27
+ },
17
28
  "tokenHelper": {
18
29
  "missing": "The JSON Web token could not be found in the authorization header",
30
+ "headerKeyIdMismatch": "The JSON Web token key identifier does not match the expected signing key",
31
+ "payloadIssuerMismatch": "The JSON Web token issuer does not match the expected signing key",
19
32
  "payloadMissingSubject": "The JSON Web token payload does not contain a subject",
20
33
  "payloadMissingOrganization": "The JSON Web token payload does not contain an organization",
21
- "expired": "The JSON Web token has expired"
34
+ "expired": "The JSON Web token has expired",
35
+ "insufficientScopes": "The JSON Web token does not have the required scopes to access this resource",
36
+ "userNotVerified": "The user associated with the JSON Web token could not be verified",
37
+ "organizationNotVerified": "The organization associated with the JSON Web token could not be verified",
38
+ "tenantNotVerified": "The tenant associated with the JSON Web token could not be verified"
22
39
  },
23
- "authHeaderProcessor": {
24
- "tenantIdMismatch": "The tenant ID in the token does not match the tenant ID in the context"
40
+ "validation": {
41
+ "saltEntropyTooLow": "Salt must have at least 8 unique characters for sufficient entropy."
25
42
  }
26
43
  }
27
44
  }
package/package.json CHANGED
@@ -1,10 +1,10 @@
1
1
  {
2
2
  "name": "@twin.org/api-auth-entity-storage-service",
3
- "version": "0.0.3-next.8",
4
- "description": "Auth Entity Storage contract implementation and REST endpoint definitions",
3
+ "version": "0.9.0-next.1",
4
+ "description": "Authentication service implementation and REST routes backed by entity storage.",
5
5
  "repository": {
6
6
  "type": "git",
7
- "url": "git+https://github.com/twinfoundation/api.git",
7
+ "url": "git+https://github.com/iotaledger/twin-api.git",
8
8
  "directory": "packages/api-auth-entity-storage-service"
9
9
  },
10
10
  "author": "martyn.janes@iota.org",
@@ -14,18 +14,19 @@
14
14
  "node": ">=20.0.0"
15
15
  },
16
16
  "dependencies": {
17
- "@twin.org/api-auth-entity-storage-models": "0.0.3-next.8",
18
- "@twin.org/api-core": "0.0.3-next.8",
19
- "@twin.org/api-models": "0.0.3-next.8",
20
- "@twin.org/context": "next",
21
- "@twin.org/core": "next",
22
- "@twin.org/crypto": "next",
23
- "@twin.org/entity": "next",
24
- "@twin.org/entity-storage-models": "next",
25
- "@twin.org/logging-models": "next",
26
- "@twin.org/nameof": "next",
27
- "@twin.org/vault-models": "next",
28
- "@twin.org/web": "next"
17
+ "@twin.org/api-auth-entity-storage-models": "0.9.0-next.1",
18
+ "@twin.org/api-core": "0.9.0-next.1",
19
+ "@twin.org/api-models": "0.9.0-next.1",
20
+ "@twin.org/background-task-models": "0.0.3-next.13",
21
+ "@twin.org/context": "0.9.0-next.1",
22
+ "@twin.org/core": "0.9.0-next.1",
23
+ "@twin.org/crypto": "0.9.0-next.1",
24
+ "@twin.org/entity": "0.9.0-next.1",
25
+ "@twin.org/entity-storage-models": "0.0.3-next.33",
26
+ "@twin.org/logging-models": "0.0.3-next.8",
27
+ "@twin.org/nameof": "0.9.0-next.1",
28
+ "@twin.org/vault-models": "0.0.3-next.9",
29
+ "@twin.org/web": "0.9.0-next.1"
29
30
  },
30
31
  "main": "./dist/es/index.js",
31
32
  "types": "./dist/types/index.d.ts",
@@ -58,7 +59,7 @@
58
59
  "business-logic"
59
60
  ],
60
61
  "bugs": {
61
- "url": "git+https://github.com/twinfoundation/api/issues"
62
+ "url": "git+https://github.com/iotaledger/twin-api/issues"
62
63
  },
63
64
  "homepage": "https://twindev.org"
64
65
  }