@twin.org/api-auth-entity-storage-service 0.0.3-next.8 → 0.9.0-next.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -2
- package/dist/es/entities/authenticationAuditEntry.js +101 -0
- package/dist/es/entities/authenticationAuditEntry.js.map +1 -0
- package/dist/es/entities/authenticationRateEntry.js +37 -0
- package/dist/es/entities/authenticationRateEntry.js.map +1 -0
- package/dist/es/entities/authenticationUser.js +17 -1
- package/dist/es/entities/authenticationUser.js.map +1 -1
- package/dist/es/index.js +11 -1
- package/dist/es/index.js.map +1 -1
- package/dist/es/models/IAuthHeaderProcessorConstructorOptions.js.map +1 -1
- package/dist/es/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.js.map +1 -1
- package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js +4 -0
- package/dist/es/models/IEntityStorageAuthenticationAuditServiceConfig.js.map +1 -0
- package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js +2 -0
- package/dist/es/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.js.map +1 -0
- package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js +2 -0
- package/dist/es/models/IEntityStorageAuthenticationRateServiceConfig.js.map +1 -0
- package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js +2 -0
- package/dist/es/models/IEntityStorageAuthenticationRateServiceConstructorOptions.js.map +1 -0
- package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js +0 -2
- package/dist/es/models/IEntityStorageAuthenticationServiceConfig.js.map +1 -1
- package/dist/es/models/IEntityStorageAuthenticationServiceConstructorOptions.js.map +1 -1
- package/dist/es/processors/authHeaderProcessor.js +83 -18
- package/dist/es/processors/authHeaderProcessor.js.map +1 -1
- package/dist/es/restEntryPoints.js +17 -0
- package/dist/es/restEntryPoints.js.map +1 -1
- package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js +362 -0
- package/dist/es/routes/entityStorageAuthenticationAdminRoutes.js.map +1 -0
- package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js +174 -0
- package/dist/es/routes/entityStorageAuthenticationAuditRoutes.js.map +1 -0
- package/dist/es/routes/entityStorageAuthenticationRoutes.js +20 -21
- package/dist/es/routes/entityStorageAuthenticationRoutes.js.map +1 -1
- package/dist/es/schema.js +4 -0
- package/dist/es/schema.js.map +1 -1
- package/dist/es/services/entityStorageAuthenticationAdminService.js +164 -58
- package/dist/es/services/entityStorageAuthenticationAdminService.js.map +1 -1
- package/dist/es/services/entityStorageAuthenticationAuditService.js +179 -0
- package/dist/es/services/entityStorageAuthenticationAuditService.js.map +1 -0
- package/dist/es/services/entityStorageAuthenticationRateService.js +213 -0
- package/dist/es/services/entityStorageAuthenticationRateService.js.map +1 -0
- package/dist/es/services/entityStorageAuthenticationService.js +200 -19
- package/dist/es/services/entityStorageAuthenticationService.js.map +1 -1
- package/dist/es/utils/passwordHelper.js +45 -16
- package/dist/es/utils/passwordHelper.js.map +1 -1
- package/dist/es/utils/tokenHelper.js +57 -25
- package/dist/es/utils/tokenHelper.js.map +1 -1
- package/dist/types/entities/authenticationAuditEntry.d.ts +49 -0
- package/dist/types/entities/authenticationRateEntry.d.ts +17 -0
- package/dist/types/entities/authenticationUser.d.ts +8 -0
- package/dist/types/index.d.ts +11 -1
- package/dist/types/models/IAuthHeaderProcessorConstructorOptions.d.ts +10 -0
- package/dist/types/models/IEntityStorageAuthenticationAdminServiceConstructorOptions.d.ts +5 -0
- package/dist/types/models/IEntityStorageAuthenticationAuditServiceConfig.d.ts +9 -0
- package/dist/types/models/IEntityStorageAuthenticationAuditServiceConstructorOptions.d.ts +15 -0
- package/dist/types/models/IEntityStorageAuthenticationRateServiceConfig.d.ts +10 -0
- package/dist/types/models/IEntityStorageAuthenticationRateServiceConstructorOptions.d.ts +25 -0
- package/dist/types/models/IEntityStorageAuthenticationServiceConfig.d.ts +22 -1
- package/dist/types/models/IEntityStorageAuthenticationServiceConstructorOptions.d.ts +13 -3
- package/dist/types/processors/authHeaderProcessor.d.ts +4 -2
- package/dist/types/restEntryPoints.d.ts +3 -0
- package/dist/types/routes/entityStorageAuthenticationAdminRoutes.d.ts +61 -0
- package/dist/types/routes/entityStorageAuthenticationAuditRoutes.d.ts +29 -0
- package/dist/types/services/entityStorageAuthenticationAdminService.d.ts +26 -9
- package/dist/types/services/entityStorageAuthenticationAuditService.d.ts +53 -0
- package/dist/types/services/entityStorageAuthenticationRateService.d.ts +60 -0
- package/dist/types/services/entityStorageAuthenticationService.d.ts +11 -6
- package/dist/types/utils/passwordHelper.d.ts +13 -5
- package/dist/types/utils/tokenHelper.d.ts +10 -4
- package/docs/changelog.md +863 -69
- package/docs/examples.md +178 -1
- package/docs/reference/classes/AuthHeaderProcessor.md +15 -11
- package/docs/reference/classes/AuthenticationAuditEntry.md +101 -0
- package/docs/reference/classes/AuthenticationRateEntry.md +37 -0
- package/docs/reference/classes/AuthenticationUser.md +21 -5
- package/docs/reference/classes/EntityStorageAuthenticationAdminService.md +80 -20
- package/docs/reference/classes/EntityStorageAuthenticationAuditService.md +157 -0
- package/docs/reference/classes/EntityStorageAuthenticationRateService.md +227 -0
- package/docs/reference/classes/EntityStorageAuthenticationService.md +39 -19
- package/docs/reference/classes/PasswordHelper.md +37 -12
- package/docs/reference/classes/TokenHelper.md +49 -13
- package/docs/reference/functions/authenticationAdminCreateUser.md +31 -0
- package/docs/reference/functions/authenticationAdminGetUser.md +31 -0
- package/docs/reference/functions/authenticationAdminGetUserByIdentity.md +31 -0
- package/docs/reference/functions/authenticationAdminRemoveUser.md +31 -0
- package/docs/reference/functions/authenticationAdminUpdateUser.md +31 -0
- package/docs/reference/functions/authenticationAdminUpdateUserPassword.md +31 -0
- package/docs/reference/functions/authenticationAuditCreate.md +31 -0
- package/docs/reference/functions/authenticationAuditQuery.md +31 -0
- package/docs/reference/functions/generateRestRoutesAuthenticationAdmin.md +25 -0
- package/docs/reference/functions/generateRestRoutesAuthenticationAudit.md +25 -0
- package/docs/reference/index.md +20 -0
- package/docs/reference/interfaces/IAuthHeaderProcessorConfig.md +4 -4
- package/docs/reference/interfaces/IAuthHeaderProcessorConstructorOptions.md +32 -4
- package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConfig.md +2 -2
- package/docs/reference/interfaces/IEntityStorageAuthenticationAdminServiceConstructorOptions.md +18 -4
- package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConfig.md +11 -0
- package/docs/reference/interfaces/IEntityStorageAuthenticationAuditServiceConstructorOptions.md +25 -0
- package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConfig.md +17 -0
- package/docs/reference/interfaces/IEntityStorageAuthenticationRateServiceConstructorOptions.md +53 -0
- package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConfig.md +61 -5
- package/docs/reference/interfaces/IEntityStorageAuthenticationServiceConstructorOptions.md +38 -10
- package/docs/reference/variables/restEntryPoints.md +2 -0
- package/docs/reference/variables/tagsAuthenticationAdmin.md +5 -0
- package/docs/reference/variables/tagsAuthenticationAudit.md +5 -0
- package/locales/en.json +23 -6
- package/package.json +17 -16
package/docs/examples.md
CHANGED
|
@@ -1 +1,178 @@
|
|
|
1
|
-
#
|
|
1
|
+
# Auth Entity Storage Service Examples
|
|
2
|
+
|
|
3
|
+
These snippets show how to wire authentication services into your component container and apply token processing in request pipelines.
|
|
4
|
+
|
|
5
|
+
## EntityStorageAuthenticationAdminService
|
|
6
|
+
|
|
7
|
+
```typescript
|
|
8
|
+
import { EntityStorageAuthenticationAdminService } from '@twin.org/api-auth-entity-storage-service';
|
|
9
|
+
|
|
10
|
+
const adminService = new EntityStorageAuthenticationAdminService();
|
|
11
|
+
|
|
12
|
+
console.log(adminService.className()); // EntityStorageAuthenticationAdminService
|
|
13
|
+
|
|
14
|
+
await adminService.create({
|
|
15
|
+
email: 'owner@example.org',
|
|
16
|
+
password: 'StartPassword123',
|
|
17
|
+
userIdentity: 'did:example:owner',
|
|
18
|
+
organizationIdentity: 'did:example:org',
|
|
19
|
+
scope: ['admin']
|
|
20
|
+
});
|
|
21
|
+
|
|
22
|
+
await adminService.update({
|
|
23
|
+
email: 'owner@example.org',
|
|
24
|
+
scope: ['admin', 'security']
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
await adminService.updatePassword('owner@example.org', 'StartPassword124', 'StartPassword123');
|
|
28
|
+
|
|
29
|
+
const fromIdentity = await adminService.getByIdentity('did:example:owner');
|
|
30
|
+
console.log(fromIdentity.scope.length); // 2
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
```typescript
|
|
34
|
+
import { EntityStorageAuthenticationAdminService } from '@twin.org/api-auth-entity-storage-service';
|
|
35
|
+
|
|
36
|
+
const adminService = new EntityStorageAuthenticationAdminService();
|
|
37
|
+
const user = await adminService.get('owner@example.org');
|
|
38
|
+
await adminService.remove(user.email);
|
|
39
|
+
|
|
40
|
+
console.log(user.email); // owner@example.org
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
## EntityStorageAuthenticationService
|
|
44
|
+
|
|
45
|
+
```typescript
|
|
46
|
+
import { EntityStorageAuthenticationService } from '@twin.org/api-auth-entity-storage-service';
|
|
47
|
+
|
|
48
|
+
const authService = new EntityStorageAuthenticationService();
|
|
49
|
+
|
|
50
|
+
await authService.start('default');
|
|
51
|
+
console.log(authService.className()); // EntityStorageAuthenticationService
|
|
52
|
+
|
|
53
|
+
const loginResult = await authService.login('alice@example.org', 'correct-horse-battery-staple');
|
|
54
|
+
|
|
55
|
+
const refreshResult = await authService.refresh(loginResult.token);
|
|
56
|
+
|
|
57
|
+
await authService.updatePassword('correct-horse-battery-staple', 'correct-horse-battery-staple-2');
|
|
58
|
+
|
|
59
|
+
await authService.logout(refreshResult.token);
|
|
60
|
+
console.log(refreshResult.expiry > 0); // true
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
## EntityStorageAuthenticationRateService
|
|
64
|
+
|
|
65
|
+
```typescript
|
|
66
|
+
import { EntityStorageAuthenticationRateService } from '@twin.org/api-auth-entity-storage-service';
|
|
67
|
+
import { BaseError, GeneralError } from '@twin.org/core';
|
|
68
|
+
import { TooManyRequestsError } from '@twin.org/api-models';
|
|
69
|
+
|
|
70
|
+
const rateService = new EntityStorageAuthenticationRateService({
|
|
71
|
+
config: {
|
|
72
|
+
cleanupIntervalMinutes: 5
|
|
73
|
+
}
|
|
74
|
+
});
|
|
75
|
+
|
|
76
|
+
console.log(rateService.className()); // EntityStorageAuthenticationRateService
|
|
77
|
+
|
|
78
|
+
await rateService.registerAction('login', {
|
|
79
|
+
maxAttempts: 3,
|
|
80
|
+
windowMinutes: 15
|
|
81
|
+
});
|
|
82
|
+
|
|
83
|
+
await rateService.start('default');
|
|
84
|
+
|
|
85
|
+
await rateService.check('login', 'alice@example.org');
|
|
86
|
+
await rateService.check('login', 'alice@example.org');
|
|
87
|
+
await rateService.check('login', 'alice@example.org');
|
|
88
|
+
|
|
89
|
+
try {
|
|
90
|
+
await rateService.check('login', 'alice@example.org');
|
|
91
|
+
} catch (error) {
|
|
92
|
+
if (BaseError.isErrorName(error, TooManyRequestsError.CLASS_NAME)) {
|
|
93
|
+
const tooMany = error as TooManyRequestsError;
|
|
94
|
+
console.log(tooMany.properties?.retryAfterSeconds); // 900
|
|
95
|
+
console.log(tooMany.properties?.nextRequestTime); // 2026-04-13T10:15:00.000Z
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
await rateService.clear('login', 'alice@example.org');
|
|
100
|
+
await rateService.unregisterAction('login');
|
|
101
|
+
|
|
102
|
+
try {
|
|
103
|
+
await rateService.check('login', 'alice@example.org');
|
|
104
|
+
} catch (error) {
|
|
105
|
+
if (BaseError.isErrorName(error, GeneralError.CLASS_NAME)) {
|
|
106
|
+
console.log((error as GeneralError).name); // GeneralError
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
|
|
110
|
+
await rateService.stop('default');
|
|
111
|
+
```
|
|
112
|
+
|
|
113
|
+
## EntityStorageAuthenticationAuditService
|
|
114
|
+
|
|
115
|
+
```typescript
|
|
116
|
+
import { EntityStorageAuthenticationAuditService } from '@twin.org/api-auth-entity-storage-service';
|
|
117
|
+
|
|
118
|
+
const auditService = new EntityStorageAuthenticationAuditService({
|
|
119
|
+
config: {
|
|
120
|
+
ipHashSalt: 'StrongServerSideSaltForAuditHashing123'
|
|
121
|
+
}
|
|
122
|
+
});
|
|
123
|
+
|
|
124
|
+
console.log(auditService.className()); // EntityStorageAuthenticationAuditService
|
|
125
|
+
|
|
126
|
+
const createdAuditId = await auditService.create({
|
|
127
|
+
event: 'login-failure',
|
|
128
|
+
actorId: 'did:example:user:alice',
|
|
129
|
+
nodeId: 'did:example:node:eu-west-1',
|
|
130
|
+
organizationId: 'did:example:org:core',
|
|
131
|
+
tenantId: 'did:example:tenant:alpha',
|
|
132
|
+
data: {
|
|
133
|
+
reason: 'invalid-password'
|
|
134
|
+
}
|
|
135
|
+
});
|
|
136
|
+
|
|
137
|
+
const auditPage = await auditService.query(
|
|
138
|
+
{
|
|
139
|
+
actorId: 'did:example:user:alice',
|
|
140
|
+
event: 'login-failure',
|
|
141
|
+
startDate: '2026-04-01T00:00:00.000Z',
|
|
142
|
+
endDate: '2026-04-30T23:59:59.999Z'
|
|
143
|
+
},
|
|
144
|
+
undefined,
|
|
145
|
+
50
|
|
146
|
+
);
|
|
147
|
+
|
|
148
|
+
console.log(createdAuditId); // 018f2f67bb9d4a0caad8386f56df85ce
|
|
149
|
+
console.log(auditPage.entries.length); // 1
|
|
150
|
+
console.log(auditPage.cursor); // eyJpZCI6IjAxOGYyZjY3YmI5ZDRhMGNhYWQ4Mzg2ZjU2ZGY4NWNlIn0=
|
|
151
|
+
```
|
|
152
|
+
|
|
153
|
+
## AuthHeaderProcessor
|
|
154
|
+
|
|
155
|
+
```typescript
|
|
156
|
+
import { AuthHeaderProcessor } from '@twin.org/api-auth-entity-storage-service';
|
|
157
|
+
|
|
158
|
+
const processor = new AuthHeaderProcessor();
|
|
159
|
+
|
|
160
|
+
await processor.start('default');
|
|
161
|
+
console.log(processor.className()); // AuthHeaderProcessor
|
|
162
|
+
|
|
163
|
+
const request = {
|
|
164
|
+
method: 'get',
|
|
165
|
+
url: '/info',
|
|
166
|
+
headers: {
|
|
167
|
+
authorization: 'Bearer token-value'
|
|
168
|
+
}
|
|
169
|
+
};
|
|
170
|
+
|
|
171
|
+
const response = {};
|
|
172
|
+
const contextIds = {};
|
|
173
|
+
const processorState: { [id: string]: unknown } = {};
|
|
174
|
+
|
|
175
|
+
await processor.pre(request, response, { skipAuth: false }, contextIds, processorState);
|
|
176
|
+
|
|
177
|
+
await processor.post(request, response, { skipAuth: false }, contextIds, processorState);
|
|
178
|
+
```
|
|
@@ -12,7 +12,7 @@ Handle a JWT token in the authorization header or cookies and validate it to pop
|
|
|
12
12
|
|
|
13
13
|
> **new AuthHeaderProcessor**(`options?`): `AuthHeaderProcessor`
|
|
14
14
|
|
|
15
|
-
Create a new instance of
|
|
15
|
+
Create a new instance of AuthHeaderProcessor.
|
|
16
16
|
|
|
17
17
|
#### Parameters
|
|
18
18
|
|
|
@@ -28,7 +28,7 @@ Options for the processor.
|
|
|
28
28
|
|
|
29
29
|
## Properties
|
|
30
30
|
|
|
31
|
-
### CLASS\_NAME
|
|
31
|
+
### CLASS\_NAME {#class_name}
|
|
32
32
|
|
|
33
33
|
> `readonly` `static` **CLASS\_NAME**: `string`
|
|
34
34
|
|
|
@@ -36,7 +36,7 @@ Runtime name for the class.
|
|
|
36
36
|
|
|
37
37
|
## Methods
|
|
38
38
|
|
|
39
|
-
### className()
|
|
39
|
+
### className() {#classname}
|
|
40
40
|
|
|
41
41
|
> **className**(): `string`
|
|
42
42
|
|
|
@@ -54,7 +54,7 @@ The class name of the component.
|
|
|
54
54
|
|
|
55
55
|
***
|
|
56
56
|
|
|
57
|
-
### start()
|
|
57
|
+
### start() {#start}
|
|
58
58
|
|
|
59
59
|
> **start**(`nodeLoggingComponentType?`): `Promise`\<`void`\>
|
|
60
60
|
|
|
@@ -72,7 +72,7 @@ The node logging component type.
|
|
|
72
72
|
|
|
73
73
|
`Promise`\<`void`\>
|
|
74
74
|
|
|
75
|
-
|
|
75
|
+
A promise that resolves when the node identity and organization ID have been cached.
|
|
76
76
|
|
|
77
77
|
#### Implementation of
|
|
78
78
|
|
|
@@ -80,7 +80,7 @@ Nothing.
|
|
|
80
80
|
|
|
81
81
|
***
|
|
82
82
|
|
|
83
|
-
### pre()
|
|
83
|
+
### pre() {#pre}
|
|
84
84
|
|
|
85
85
|
> **pre**(`request`, `response`, `route`, `contextIds`, `processorState`): `Promise`\<`void`\>
|
|
86
86
|
|
|
@@ -102,9 +102,9 @@ The outgoing response.
|
|
|
102
102
|
|
|
103
103
|
##### route
|
|
104
104
|
|
|
105
|
-
|
|
105
|
+
`IBaseRoute` \| `undefined`
|
|
106
106
|
|
|
107
|
-
|
|
107
|
+
The route to process.
|
|
108
108
|
|
|
109
109
|
##### contextIds
|
|
110
110
|
|
|
@@ -120,13 +120,15 @@ The state handed through the processors.
|
|
|
120
120
|
|
|
121
121
|
`Promise`\<`void`\>
|
|
122
122
|
|
|
123
|
+
A promise that resolves when the JWT has been verified and the context populated, or an error response set.
|
|
124
|
+
|
|
123
125
|
#### Implementation of
|
|
124
126
|
|
|
125
127
|
`IBaseRouteProcessor.pre`
|
|
126
128
|
|
|
127
129
|
***
|
|
128
130
|
|
|
129
|
-
### post()
|
|
131
|
+
### post() {#post}
|
|
130
132
|
|
|
131
133
|
> **post**(`request`, `response`, `route`, `contextIds`, `processorState`): `Promise`\<`void`\>
|
|
132
134
|
|
|
@@ -148,9 +150,9 @@ The outgoing response.
|
|
|
148
150
|
|
|
149
151
|
##### route
|
|
150
152
|
|
|
151
|
-
|
|
153
|
+
`IBaseRoute` \| `undefined`
|
|
152
154
|
|
|
153
|
-
|
|
155
|
+
The route to process.
|
|
154
156
|
|
|
155
157
|
##### contextIds
|
|
156
158
|
|
|
@@ -166,6 +168,8 @@ The state handed through the processors.
|
|
|
166
168
|
|
|
167
169
|
`Promise`\<`void`\>
|
|
168
170
|
|
|
171
|
+
A promise that resolves when the Set-Cookie header has been applied to the response if required.
|
|
172
|
+
|
|
169
173
|
#### Implementation of
|
|
170
174
|
|
|
171
175
|
`IBaseRouteProcessor.post`
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
# Class: AuthenticationAuditEntry
|
|
2
|
+
|
|
3
|
+
Class defining the storage for authentication audit entries.
|
|
4
|
+
|
|
5
|
+
## Constructors
|
|
6
|
+
|
|
7
|
+
### Constructor
|
|
8
|
+
|
|
9
|
+
> **new AuthenticationAuditEntry**(): `AuthenticationAuditEntry`
|
|
10
|
+
|
|
11
|
+
#### Returns
|
|
12
|
+
|
|
13
|
+
`AuthenticationAuditEntry`
|
|
14
|
+
|
|
15
|
+
## Properties
|
|
16
|
+
|
|
17
|
+
### id {#id}
|
|
18
|
+
|
|
19
|
+
> **id**: `string`
|
|
20
|
+
|
|
21
|
+
The unique identifier for the audit entry.
|
|
22
|
+
|
|
23
|
+
***
|
|
24
|
+
|
|
25
|
+
### dateCreated {#datecreated}
|
|
26
|
+
|
|
27
|
+
> **dateCreated**: `string`
|
|
28
|
+
|
|
29
|
+
The timestamp of the audit entry in ISO 8601 format.
|
|
30
|
+
|
|
31
|
+
***
|
|
32
|
+
|
|
33
|
+
### event {#event}
|
|
34
|
+
|
|
35
|
+
> **event**: `string`
|
|
36
|
+
|
|
37
|
+
The audit event that occurred.
|
|
38
|
+
|
|
39
|
+
***
|
|
40
|
+
|
|
41
|
+
### actorId? {#actorid}
|
|
42
|
+
|
|
43
|
+
> `optional` **actorId?**: `string`
|
|
44
|
+
|
|
45
|
+
The actor identifier, could be e-mail, username, or other unique identifier.
|
|
46
|
+
|
|
47
|
+
***
|
|
48
|
+
|
|
49
|
+
### nodeId? {#nodeid}
|
|
50
|
+
|
|
51
|
+
> `optional` **nodeId?**: `string`
|
|
52
|
+
|
|
53
|
+
The node identifier associated with the audit entry, if applicable.
|
|
54
|
+
|
|
55
|
+
***
|
|
56
|
+
|
|
57
|
+
### organizationId? {#organizationid}
|
|
58
|
+
|
|
59
|
+
> `optional` **organizationId?**: `string`
|
|
60
|
+
|
|
61
|
+
The organization identifier associated with the audit entry, if applicable.
|
|
62
|
+
|
|
63
|
+
***
|
|
64
|
+
|
|
65
|
+
### tenantId? {#tenantid}
|
|
66
|
+
|
|
67
|
+
> `optional` **tenantId?**: `string`
|
|
68
|
+
|
|
69
|
+
The tenant identifier associated with the audit entry, if applicable.
|
|
70
|
+
|
|
71
|
+
***
|
|
72
|
+
|
|
73
|
+
### ipAddressHashes? {#ipaddresshashes}
|
|
74
|
+
|
|
75
|
+
> `optional` **ipAddressHashes?**: `string`[]
|
|
76
|
+
|
|
77
|
+
The hashed IP addresses of the client.
|
|
78
|
+
|
|
79
|
+
***
|
|
80
|
+
|
|
81
|
+
### userAgent? {#useragent}
|
|
82
|
+
|
|
83
|
+
> `optional` **userAgent?**: `string`
|
|
84
|
+
|
|
85
|
+
The user agent string of the client.
|
|
86
|
+
|
|
87
|
+
***
|
|
88
|
+
|
|
89
|
+
### correlationId? {#correlationid}
|
|
90
|
+
|
|
91
|
+
> `optional` **correlationId?**: `string`
|
|
92
|
+
|
|
93
|
+
The correlation ID for request tracing.
|
|
94
|
+
|
|
95
|
+
***
|
|
96
|
+
|
|
97
|
+
### data? {#data}
|
|
98
|
+
|
|
99
|
+
> `optional` **data?**: `unknown`
|
|
100
|
+
|
|
101
|
+
Additional data related to the audit entry, such as IP address, user agent, etc.
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
# Class: AuthenticationRateEntry
|
|
2
|
+
|
|
3
|
+
Class defining the storage for authentication rate entries.
|
|
4
|
+
|
|
5
|
+
## Constructors
|
|
6
|
+
|
|
7
|
+
### Constructor
|
|
8
|
+
|
|
9
|
+
> **new AuthenticationRateEntry**(): `AuthenticationRateEntry`
|
|
10
|
+
|
|
11
|
+
#### Returns
|
|
12
|
+
|
|
13
|
+
`AuthenticationRateEntry`
|
|
14
|
+
|
|
15
|
+
## Properties
|
|
16
|
+
|
|
17
|
+
### id {#id}
|
|
18
|
+
|
|
19
|
+
> **id**: `string`
|
|
20
|
+
|
|
21
|
+
The id for the rate entry.
|
|
22
|
+
|
|
23
|
+
***
|
|
24
|
+
|
|
25
|
+
### timestamps {#timestamps}
|
|
26
|
+
|
|
27
|
+
> **timestamps**: `string`[]
|
|
28
|
+
|
|
29
|
+
Array of ISO date strings representing timestamps of failed attempts.
|
|
30
|
+
|
|
31
|
+
***
|
|
32
|
+
|
|
33
|
+
### dateModified {#datemodified}
|
|
34
|
+
|
|
35
|
+
> **dateModified**: `string`
|
|
36
|
+
|
|
37
|
+
Last modification time in ISO date format.
|
|
@@ -14,7 +14,7 @@ Class defining the storage for user login credentials.
|
|
|
14
14
|
|
|
15
15
|
## Properties
|
|
16
16
|
|
|
17
|
-
### email
|
|
17
|
+
### email {#email}
|
|
18
18
|
|
|
19
19
|
> **email**: `string`
|
|
20
20
|
|
|
@@ -22,7 +22,7 @@ The user e-mail address.
|
|
|
22
22
|
|
|
23
23
|
***
|
|
24
24
|
|
|
25
|
-
### password
|
|
25
|
+
### password {#password}
|
|
26
26
|
|
|
27
27
|
> **password**: `string`
|
|
28
28
|
|
|
@@ -30,7 +30,7 @@ The encrypted password for the user.
|
|
|
30
30
|
|
|
31
31
|
***
|
|
32
32
|
|
|
33
|
-
### salt
|
|
33
|
+
### salt {#salt}
|
|
34
34
|
|
|
35
35
|
> **salt**: `string`
|
|
36
36
|
|
|
@@ -38,7 +38,7 @@ The salt for the password.
|
|
|
38
38
|
|
|
39
39
|
***
|
|
40
40
|
|
|
41
|
-
### identity
|
|
41
|
+
### identity {#identity}
|
|
42
42
|
|
|
43
43
|
> **identity**: `string`
|
|
44
44
|
|
|
@@ -46,8 +46,24 @@ The user identity.
|
|
|
46
46
|
|
|
47
47
|
***
|
|
48
48
|
|
|
49
|
-
### organization
|
|
49
|
+
### organization {#organization}
|
|
50
50
|
|
|
51
51
|
> **organization**: `string`
|
|
52
52
|
|
|
53
53
|
The users organization.
|
|
54
|
+
|
|
55
|
+
***
|
|
56
|
+
|
|
57
|
+
### scope {#scope}
|
|
58
|
+
|
|
59
|
+
> **scope**: `string`
|
|
60
|
+
|
|
61
|
+
The scope assigned to the user, comma separated.
|
|
62
|
+
|
|
63
|
+
***
|
|
64
|
+
|
|
65
|
+
### passwordVersion? {#passwordversion}
|
|
66
|
+
|
|
67
|
+
> `optional` **passwordVersion?**: `number`
|
|
68
|
+
|
|
69
|
+
The password version counter, incremented on every password change to invalidate existing tokens.
|
|
@@ -28,7 +28,7 @@ The dependencies for the identity connector.
|
|
|
28
28
|
|
|
29
29
|
## Properties
|
|
30
30
|
|
|
31
|
-
### CLASS\_NAME
|
|
31
|
+
### CLASS\_NAME {#class_name}
|
|
32
32
|
|
|
33
33
|
> `readonly` `static` **CLASS\_NAME**: `string`
|
|
34
34
|
|
|
@@ -36,7 +36,7 @@ Runtime name for the class.
|
|
|
36
36
|
|
|
37
37
|
## Methods
|
|
38
38
|
|
|
39
|
-
### className()
|
|
39
|
+
### className() {#classname}
|
|
40
40
|
|
|
41
41
|
> **className**(): `string`
|
|
42
42
|
|
|
@@ -54,51 +54,111 @@ The class name of the component.
|
|
|
54
54
|
|
|
55
55
|
***
|
|
56
56
|
|
|
57
|
-
### create()
|
|
57
|
+
### create() {#create}
|
|
58
58
|
|
|
59
|
-
> **create**(`
|
|
59
|
+
> **create**(`user`): `Promise`\<`void`\>
|
|
60
60
|
|
|
61
61
|
Create a login for the user.
|
|
62
62
|
|
|
63
63
|
#### Parameters
|
|
64
64
|
|
|
65
|
+
##### user
|
|
66
|
+
|
|
67
|
+
`IAuthenticationUser` & `object`
|
|
68
|
+
|
|
69
|
+
The user to create.
|
|
70
|
+
|
|
71
|
+
#### Returns
|
|
72
|
+
|
|
73
|
+
`Promise`\<`void`\>
|
|
74
|
+
|
|
75
|
+
A promise that resolves when the user account has been created and the audit entry recorded.
|
|
76
|
+
|
|
77
|
+
#### Implementation of
|
|
78
|
+
|
|
79
|
+
`IAuthenticationAdminComponent.create`
|
|
80
|
+
|
|
81
|
+
***
|
|
82
|
+
|
|
83
|
+
### update() {#update}
|
|
84
|
+
|
|
85
|
+
> **update**(`user`): `Promise`\<`void`\>
|
|
86
|
+
|
|
87
|
+
Update a login for the user.
|
|
88
|
+
|
|
89
|
+
#### Parameters
|
|
90
|
+
|
|
91
|
+
##### user
|
|
92
|
+
|
|
93
|
+
`Partial`\<`IAuthenticationUser`\>
|
|
94
|
+
|
|
95
|
+
The user to update.
|
|
96
|
+
|
|
97
|
+
#### Returns
|
|
98
|
+
|
|
99
|
+
`Promise`\<`void`\>
|
|
100
|
+
|
|
101
|
+
A promise that resolves when the user account has been updated and the audit entry recorded.
|
|
102
|
+
|
|
103
|
+
#### Implementation of
|
|
104
|
+
|
|
105
|
+
`IAuthenticationAdminComponent.update`
|
|
106
|
+
|
|
107
|
+
***
|
|
108
|
+
|
|
109
|
+
### get() {#get}
|
|
110
|
+
|
|
111
|
+
> **get**(`email`): `Promise`\<`IAuthenticationUser`\>
|
|
112
|
+
|
|
113
|
+
Get a user by email.
|
|
114
|
+
|
|
115
|
+
#### Parameters
|
|
116
|
+
|
|
65
117
|
##### email
|
|
66
118
|
|
|
67
119
|
`string`
|
|
68
120
|
|
|
69
|
-
The email address
|
|
121
|
+
The email address of the user to get.
|
|
70
122
|
|
|
71
|
-
|
|
123
|
+
#### Returns
|
|
72
124
|
|
|
73
|
-
`
|
|
125
|
+
`Promise`\<`IAuthenticationUser`\>
|
|
126
|
+
|
|
127
|
+
The user details.
|
|
74
128
|
|
|
75
|
-
|
|
129
|
+
#### Implementation of
|
|
76
130
|
|
|
77
|
-
|
|
131
|
+
`IAuthenticationAdminComponent.get`
|
|
78
132
|
|
|
79
|
-
|
|
133
|
+
***
|
|
80
134
|
|
|
81
|
-
|
|
135
|
+
### getByIdentity() {#getbyidentity}
|
|
82
136
|
|
|
83
|
-
|
|
137
|
+
> **getByIdentity**(`identity`): `Promise`\<`IAuthenticationUser`\>
|
|
138
|
+
|
|
139
|
+
Get a user by identity.
|
|
140
|
+
|
|
141
|
+
#### Parameters
|
|
142
|
+
|
|
143
|
+
##### identity
|
|
84
144
|
|
|
85
145
|
`string`
|
|
86
146
|
|
|
87
|
-
The
|
|
147
|
+
The identity of the user to get.
|
|
88
148
|
|
|
89
149
|
#### Returns
|
|
90
150
|
|
|
91
|
-
`Promise`\<`
|
|
151
|
+
`Promise`\<`IAuthenticationUser`\>
|
|
92
152
|
|
|
93
|
-
|
|
153
|
+
The user details.
|
|
94
154
|
|
|
95
155
|
#### Implementation of
|
|
96
156
|
|
|
97
|
-
`IAuthenticationAdminComponent.
|
|
157
|
+
`IAuthenticationAdminComponent.getByIdentity`
|
|
98
158
|
|
|
99
159
|
***
|
|
100
160
|
|
|
101
|
-
### remove()
|
|
161
|
+
### remove() {#remove}
|
|
102
162
|
|
|
103
163
|
> **remove**(`email`): `Promise`\<`void`\>
|
|
104
164
|
|
|
@@ -116,7 +176,7 @@ The email address of the user to remove.
|
|
|
116
176
|
|
|
117
177
|
`Promise`\<`void`\>
|
|
118
178
|
|
|
119
|
-
|
|
179
|
+
A promise that resolves when the user account has been removed and the audit entry recorded.
|
|
120
180
|
|
|
121
181
|
#### Implementation of
|
|
122
182
|
|
|
@@ -124,7 +184,7 @@ Nothing.
|
|
|
124
184
|
|
|
125
185
|
***
|
|
126
186
|
|
|
127
|
-
### updatePassword()
|
|
187
|
+
### updatePassword() {#updatepassword}
|
|
128
188
|
|
|
129
189
|
> **updatePassword**(`email`, `newPassword`, `currentPassword?`): `Promise`\<`void`\>
|
|
130
190
|
|
|
@@ -154,7 +214,7 @@ The current password, optional, if supplied will check against existing.
|
|
|
154
214
|
|
|
155
215
|
`Promise`\<`void`\>
|
|
156
216
|
|
|
157
|
-
|
|
217
|
+
A promise that resolves when the password has been updated.
|
|
158
218
|
|
|
159
219
|
#### Implementation of
|
|
160
220
|
|