@verisoft/security-core 18.7.0 → 19.0.0-rc001

package/lib/services/auth-context.service.d.ts

@@ -0,0 +1,15 @@
+import { Store } from '@ngrx/store';
+import { Observable } from 'rxjs';
+import { AuthenticatedUser } from '../models';
+import * as i0 from "@angular/core";
+export declare class AuthContextService {
+    private store;
+    user$: Observable<AuthenticatedUser | undefined>;
+    isAuthenticated$: Observable<boolean>;
+    constructor(store: Store);
+    setUser(user: AuthenticatedUser | undefined): void;
+    hasRequiredPermission(requiredPermissions: string | string[]): Observable<boolean>;
+    hasRequiredRole(requiredPermissions: string | string[]): Observable<boolean>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<AuthContextService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<AuthContextService>;
+}

package/{src/lib/services/index.ts → lib/services/index.d.ts}

@@ -1,7 +1,7 @@
-export * from './auth-context.service';
-export * from './local-storage-token-provider';
-export * from './security-initializer';
-export * from './session-token-provider';
-export * from './token-provider';
-export * from './login.service';
-export * from './logout.service';
+export * from './auth-context.service';
+export * from './local-storage-token-provider';
+export * from './security-initializer';
+export * from './session-token-provider';
+export * from './token-provider';
+export * from './login.service';
+export * from './logout.service';

package/lib/services/local-storage-token-provider.d.ts

@@ -0,0 +1,11 @@
+import { Observable } from 'rxjs';
+import { TokenProvider } from './token-provider';
+import * as i0 from "@angular/core";
+export declare class LocalStorageTokenProvider implements TokenProvider {
+    private config;
+    getToken(): Observable<string | undefined>;
+    setToken(token: string): void;
+    removeToken(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LocalStorageTokenProvider, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LocalStorageTokenProvider>;
+}

package/lib/services/login.service.d.ts

@@ -0,0 +1,10 @@
+import * as i0 from "@angular/core";
+export declare class LoginService {
+    private config;
+    private tokenProvider;
+    private authService;
+    private router;
+    login(token?: string): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LoginService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LoginService>;
+}

package/lib/services/logout.service.d.ts

@@ -0,0 +1,8 @@
+import * as i0 from "@angular/core";
+export declare class LogoutService {
+    private readonly tokenProvider;
+    private readonly authService;
+    logout(): void;
+    static ɵfac: i0.ɵɵFactoryDeclaration<LogoutService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<LogoutService>;
+}

package/lib/services/security-initializer.d.ts

@@ -0,0 +1,5 @@
+import { Router } from '@angular/router';
+import { SecurityConfig } from '../models';
+import { AuthContextService } from './auth-context.service';
+import { TokenProvider } from './token-provider';
+export declare function securityInitializerFactory(tokenProvider: TokenProvider, authService: AuthContextService, config: SecurityConfig, router: Router): () => Promise<unknown>;

package/lib/services/session-token-provider.d.ts

@@ -0,0 +1,9 @@
+import { Observable } from 'rxjs';
+import { TokenProvider } from './token-provider';
+import * as i0 from "@angular/core";
+export declare class SessionStorageTokenProvider implements TokenProvider {
+    private config;
+    getToken(): Observable<string | undefined>;
+    static ɵfac: i0.ɵɵFactoryDeclaration<SessionStorageTokenProvider, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<SessionStorageTokenProvider>;
+}

package/{src/lib/services/token-provider.ts → lib/services/token-provider.d.ts}

@@ -1,5 +1,4 @@
-import { Observable } from "rxjs";
-
-export interface TokenProvider {
-  getToken(): Observable<string | undefined>;
-}
+import { Observable } from "rxjs";
+export interface TokenProvider {
+    getToken(): Observable<string | undefined>;
+}

package/lib/state/actions.d.ts

@@ -0,0 +1,6 @@
+import { AuthenticatedUser } from '../models';
+export declare const setUser: import("@ngrx/store").ActionCreator<"[Auth] Set User", (props: {
+    user: AuthenticatedUser | undefined;
+}) => {
+    user: AuthenticatedUser | undefined;
+} & import("@ngrx/store").Action<"[Auth] Set User">>;

package/lib/state/feature.d.ts

@@ -0,0 +1,7 @@
+export declare const SECURITY_FEATURE_NAME = "SECURITY";
+export declare const SecurityFeature: {
+    name: "SECURITY";
+    reducer: import("@ngrx/store").ActionReducer<import("@verisoft/security-core").AuthState, import("@ngrx/store").Action<string>>;
+    selectSECURITYState: import("@ngrx/store").MemoizedSelector<Record<string, any>, import("@verisoft/security-core").AuthState, (featureState: import("@verisoft/security-core").AuthState) => import("@verisoft/security-core").AuthState>;
+    selectUser: import("@ngrx/store").MemoizedSelector<Record<string, any>, import("@verisoft/security-core").AuthenticatedUser | undefined, (featureState: import("@verisoft/security-core").AuthState) => import("@verisoft/security-core").AuthenticatedUser | undefined>;
+};

package/{src/lib/state/index.ts → lib/state/index.d.ts}

@@ -1,4 +1,4 @@
-export * from './actions';
-export * from './state';
-export * from './reducers';
-export * from './selectors';
+export * from './actions';
+export * from './state';
+export * from './reducers';
+export * from './selectors';

package/lib/state/reducers.d.ts

@@ -0,0 +1 @@
+export declare const authReducer: import("@ngrx/store").ActionReducer<import("./state").AuthState, import("@ngrx/store").Action<string>>;

package/lib/state/selectors.d.ts

@@ -0,0 +1,2 @@
+export declare const selectIsAuthenticated: import("@ngrx/store").MemoizedSelector<Record<string, any>, boolean, (s1: import("@verisoft/security-core").AuthenticatedUser | undefined) => boolean>;
+export declare const selectUser: import("@ngrx/store").MemoizedSelector<Record<string, any>, import("@verisoft/security-core").AuthenticatedUser | undefined, (featureState: import("@verisoft/security-core").AuthState) => import("@verisoft/security-core").AuthenticatedUser | undefined>;

package/lib/state/state.d.ts

@@ -0,0 +1,5 @@
+import { AuthenticatedUser } from '../models';
+export interface AuthState {
+    user: AuthenticatedUser | undefined;
+}
+export declare const initialState: AuthState;

package/package.json

@@ -1,11 +1,28 @@
-{
-  "name": "@verisoft/security-core",
-  "version": "18.7.0",
-  "peerDependencies": {
-    "@angular/core": "^18.2.0",
-    "rxjs": "~7.8.0",
-    "@angular/router": "18.2.8",
-    "@ngrx/store": "18.0.2"
-  },
-  "sideEffects": false
-}
+{
+  "name": "@verisoft/security-core",
+  "version": "19.0.0-rc001",
+  "peerDependencies": {
+    "@angular/core": "19.2.9",
+    "@angular/router": "19.2.9",
+    "@ngrx/store": "19.2.1",
+    "rxjs": "~7.8.0"
+  },
+  "sideEffects": false,
+  "publishConfig": {
+    "access": "public"
+  },
+  "module": "fesm2022/verisoft-security-core.mjs",
+  "typings": "index.d.ts",
+  "exports": {
+    "./package.json": {
+      "default": "./package.json"
+    },
+    ".": {
+      "types": "./index.d.ts",
+      "default": "./fesm2022/verisoft-security-core.mjs"
+    }
+  },
+  "dependencies": {
+    "tslib": "^2.3.0"
+  }
+}

package/.eslintrc.json

@@ -1,48 +0,0 @@
-{
-  "extends": ["../../../../.eslintrc.base.json"],
-  "ignorePatterns": ["!**/*"],
-  "overrides": [
-    {
-      "files": ["*.ts"],
-      "extends": [
-        "plugin:@nx/angular",
-        "plugin:@angular-eslint/template/process-inline-templates"
-      ],
-      "rules": {
-        "@angular-eslint/directive-selector": [
-          "error",
-          {
-            "type": "attribute",
-            "prefix": "",
-            "style": "camelCase"
-          }
-        ],
-        "@angular-eslint/component-selector": [
-          "error",
-          {
-            "type": "element",
-            "prefix": "v-sec",
-            "style": "kebab-case"
-          }
-        ]
-      }
-    },
-    {
-      "files": ["*.html"],
-      "extends": ["plugin:@nx/angular-template"],
-      "rules": {}
-    },
-    {
-      "files": ["*.json"],
-      "parser": "jsonc-eslint-parser",
-      "rules": {
-        "@nx/dependency-checks": [
-          "error",
-          {
-            "ignoredFiles": ["{projectRoot}/eslint.config.{js,cjs,mjs}"]
-          }
-        ]
-      }
-    }
-  ]
-}

package/jest.config.ts

@@ -1,21 +0,0 @@
-export default {
-  displayName: 'security-core',
-  preset: '../../../../jest.preset.js',
-  setupFilesAfterEnv: ['<rootDir>/src/test-setup.ts'],
-  coverageDirectory: '../../../../coverage/src/libs/security/core',
-  transform: {
-    '^.+\\.(ts|mjs|js|html)$': [
-      'jest-preset-angular',
-      {
-        tsconfig: '<rootDir>/tsconfig.spec.json',
-        stringifyContentPathRegex: '\\.(html|svg)$',
-      },
-    ],
-  },
-  transformIgnorePatterns: ['node_modules/(?!.*\\.mjs$)'],
-  snapshotSerializers: [
-    'jest-preset-angular/build/serializers/no-ng-attributes',
-    'jest-preset-angular/build/serializers/ng-snapshot',
-    'jest-preset-angular/build/serializers/html-comment',
-  ],
-};

package/ng-package.json

@@ -1,7 +0,0 @@
-{
-  "$schema": "../../../../node_modules/ng-packagr/ng-package.schema.json",
-  "dest": "../../../../dist/src/libs/security/core",
-  "lib": {
-    "entryFile": "src/index.ts"
-  }
-}

package/project.json

@@ -1,36 +0,0 @@
-{
-  "name": "security-core",
-  "$schema": "../../../../node_modules/nx/schemas/project-schema.json",
-  "sourceRoot": "src/libs/security/core/src",
-  "prefix": "lib",
-  "projectType": "library",
-  "tags": [],
-  "targets": {
-    "build": {
-      "executor": "@nx/angular:package",
-      "outputs": ["{workspaceRoot}/dist/{projectRoot}"],
-      "options": {
-        "project": "src/libs/security/core/ng-package.json"
-      },
-      "configurations": {
-        "production": {
-          "tsConfig": "src/libs/security/core/tsconfig.lib.prod.json"
-        },
-        "development": {
-          "tsConfig": "src/libs/security/core/tsconfig.lib.json"
-        }
-      },
-      "defaultConfiguration": "production"
-    },
-    "test": {
-      "executor": "@nx/jest:jest",
-      "outputs": ["{workspaceRoot}/coverage/{projectRoot}"],
-      "options": {
-        "jestConfig": "src/libs/security/core/jest.config.ts"
-      }
-    },
-    "lint": {
-      "executor": "@nx/eslint:lint"
-    }
-  }
-}

package/src/index.ts

@@ -1 +0,0 @@
-export * from './lib';

package/src/lib/directives/has-permission.directive.ts

@@ -1,54 +0,0 @@
-import {
-  Directive,
-  Input,
-  TemplateRef,
-  ViewContainerRef,
-  OnDestroy,
-} from '@angular/core';
-import { distinctUntilChanged, Subscription } from 'rxjs';
-import { AuthContextService } from '../services';
-
-@Directive({
-  standalone: true,
-  selector: '[hasPermission]',
-})
-export class HasPermissionDirective<T> implements OnDestroy {
-  private requiredPermissions: string | string[] = '';
-  private sub?: Subscription;
-
-  constructor(
-    private templateRef: TemplateRef<T>,
-    private viewContainer: ViewContainerRef,
-    private authContext: AuthContextService
-  ) {}
-
-  @Input()
-  set hasPermission(value: string | string[]) {
-    this.requiredPermissions = value;
-    this.updateView();
-  }
-
-  ngOnDestroy(): void {
-    this.unregister();
-  }
-
-  private unregister() {
-    this.sub?.unsubscribe();
-  }
-
-  private updateView(): void {
-    this.unregister();
-    if (this.requiredPermissions || this.requiredPermissions.length) {
-      this.sub = this.authContext
-        .hasRequiredPermission(this.requiredPermissions)
-        .pipe(distinctUntilChanged())
-        .subscribe((hasPerm) => {
-          if (hasPerm) {
-            this.viewContainer.createEmbeddedView(this.templateRef);
-          } else {
-            this.viewContainer.clear();
-          }
-        });
-    }
-  }
-}

package/src/lib/directives/has-role.directive.ts

@@ -1,54 +0,0 @@
-import {
-  Directive,
-  Input,
-  TemplateRef,
-  ViewContainerRef,
-  OnDestroy,
-} from '@angular/core';
-import { distinctUntilChanged, Subscription } from 'rxjs';
-import { AuthContextService } from '../services';
-
-@Directive({
-  standalone: true,
-  selector: '[hasRole]',
-})
-export class HasRoleDirective<T> implements OnDestroy {
-  private requiredRoles: string | string[] | undefined;
-  private sub?: Subscription;
-
-  constructor(
-    private templateRef: TemplateRef<T>,
-    private viewContainer: ViewContainerRef,
-    private authContext: AuthContextService
-  ) {}
-
-  @Input()
-  set hasRole(value: string | string[]) {
-    this.requiredRoles = value;
-    this.updateView();
-  }
-
-  ngOnDestroy(): void {
-    this.unregister();
-  }
-
-  private unregister() {
-    this.sub?.unsubscribe();
-  }
-
-  private updateView(): void {
-    this.unregister();
-    if (this.requiredRoles || this.requiredRoles?.length) {
-      this.sub = this.authContext
-        .hasRequiredRole(this.requiredRoles)
-        .pipe(distinctUntilChanged())
-        .subscribe((hasRole) => {
-          if (hasRole) {
-            this.viewContainer.createEmbeddedView(this.templateRef);
-          } else {
-            this.viewContainer.clear();
-          }
-        });
-    }
-  }
-}

package/src/lib/guards/auth.guard.ts

@@ -1,55 +0,0 @@
-import { inject, Injectable } from '@angular/core';
-import {
-  ActivatedRouteSnapshot,
-  CanActivate,
-  CanActivateChild,
-  Router,
-  UrlTree,
-} from '@angular/router';
-import { map, Observable, of, switchMap } from 'rxjs';
-import { SecurityConfig } from '../models';
-import { hasRequiredPermission } from '../models/functions';
-import { SECURITY_CONFIG } from '../provider';
-import { AuthContextService } from '../services';
-
-@Injectable({
-  providedIn: 'root',
-})
-export class AuthGuard implements CanActivate, CanActivateChild {
-  private config = inject<SecurityConfig>(SECURITY_CONFIG);
-  private router = inject(Router);
-  private authContext = inject(AuthContextService);
-
-  canActivate(route: ActivatedRouteSnapshot): Observable<boolean | UrlTree> {
-    return this.checkPermissionsAndRolesAndNavigate(route, this.config.notAuthorizedPage);
-  }
-
-  canActivateChild(
-    childRoute: ActivatedRouteSnapshot
-  ): Observable<boolean | UrlTree> {
-    return this.checkPermissionsAndRolesAndNavigate(childRoute, this.config.notAuthorizedPage);
-  }
-
-  private checkPermissionsAndRolesAndNavigate(
-    route: ActivatedRouteSnapshot,
-    notAuthorizedUrl: string | undefined
-  ): Observable<boolean | UrlTree> {
-    const requiredPermissions = route.data['permissions'] as | string | string[] | undefined;
-    const requiredRoles = route.data['roles'] as string | string[] | undefined;
-
-    return this.authContext.user$.pipe(
-      map(
-        (user) => user &&
-          (!requiredPermissions ||
-            hasRequiredPermission(user, requiredPermissions)) &&
-          (!requiredRoles || hasRequiredPermission(user, requiredRoles))
-      ),
-      switchMap((hasPermission) => {
-        if (!hasPermission && notAuthorizedUrl) {
-          return of(this.router.parseUrl(notAuthorizedUrl));
-        }
-        return of(!!hasPermission);
-      })
-    );
-  }
-}

package/src/lib/models/functions.spec.ts

@@ -1,159 +0,0 @@
-import { AuthenticatedUser } from './authenticated-user.model';
-import {
-  convertJWTToUser,
-  hasRequiredPermission,
-  hasRequiredRole,
-} from './functions';
-
-describe('Permissions Utils', () => {
-  let user: AuthenticatedUser;
-
-  beforeEach(() => {
-    user = {
-      userName: 'testUser',
-      email: 'test@email.cz',
-      displayName: 'Test User',
-      permissions: ['READ', 'WRITE', 'DELETE_USER'],
-      roles: ['ADMIN', 'USER'],
-    };
-  });
-
-  describe('hasRequiredPermission', () => {
-    it('should return false if user is undefined', () => {
-      expect(hasRequiredPermission(undefined, 'READ')).toBe(false);
-    });
-
-    it('should return false if user.permissions is undefined', () => {
-      const noPermissionsUser: AuthenticatedUser = {
-        ...user,
-        permissions: undefined,
-      };
-      expect(hasRequiredPermission(noPermissionsUser, 'READ')).toBe(false);
-    });
-
-    it('should return true for a single permission the user has', () => {
-      expect(hasRequiredPermission(user, 'READ')).toBe(true);
-    });
-
-    it('should return false for a single permission the user does not have', () => {
-      expect(hasRequiredPermission(user, 'UNKNOWN')).toBe(false);
-    });
-
-    it('should return true for comma-delimited permissions if user has ALL', () => {
-      expect(hasRequiredPermission(user, 'READ,WRITE')).toBe(true);
-    });
-
-    it('should return false for comma-delimited permissions if missing one', () => {
-      expect(hasRequiredPermission(user, 'READ,UPDATE_USER')).toBe(false);
-    });
-
-    it('should return true if user has ANY of the permissions in the array', () => {
-      expect(hasRequiredPermission(user, ['READ', 'UPDATE_USER'])).toBe(true);
-    });
-
-    it('should return false if user does not have ANY of the permissions in the array', () => {
-      expect(hasRequiredPermission(user, ['UPDATE_USER', 'CREATE_POST'])).toBe(
-        false
-      );
-    });
-  });
-
-  describe('hasRequiredRole', () => {
-    it('should return false if user is undefined', () => {
-      expect(hasRequiredRole(undefined, 'ADMIN')).toBe(false);
-    });
-
-    it('should return false if user.roles is undefined', () => {
-      const noRolesUser: AuthenticatedUser = { ...user, roles: undefined };
-      expect(hasRequiredRole(noRolesUser, 'ADMIN')).toBe(false);
-    });
-
-    it('should return true for a single role the user has', () => {
-      expect(hasRequiredRole(user, 'ADMIN')).toBe(true);
-    });
-
-    it('should return false for a single role the user does not have', () => {
-      expect(hasRequiredRole(user, 'MANAGER')).toBe(false);
-    });
-
-    it('should return true for comma-delimited roles if user has ALL', () => {
-      // user has 'ADMIN' and 'USER'
-      expect(hasRequiredRole(user, 'ADMIN,USER')).toBe(true);
-    });
-
-    it('should return false for comma-delimited roles if missing one', () => {
-      // user has 'ADMIN' and 'USER' but not 'MANAGER'
-      expect(hasRequiredRole(user, 'ADMIN,MANAGER')).toBe(false);
-    });
-
-    it('should return true if user has ANY of the roles in the array', () => {
-      expect(hasRequiredRole(user, ['USER', 'MANAGER'])).toBe(true);
-    });
-
-    it('should return false if user does not have ANY of the roles in the array', () => {
-      expect(hasRequiredRole(user, ['GUEST', 'MANAGER'])).toBe(false);
-    });
-  });
-
-  describe('convertJWTToUser', () => {
-    it('should return undefined if base64Token is undefined', () => {
-      expect(convertJWTToUser(undefined)).toBeUndefined();
-    });
-
-    it('should return undefined if base64Token is invalid', () => {
-      expect(convertJWTToUser('invalid.token')).toBeUndefined();
-    });
-
-    it('should return undefined if payload does not contain userName', () => {
-      const token =
-        btoa('header') + '.' + btoa(JSON.stringify({})) + '.signature';
-      expect(convertJWTToUser(token)).toBeUndefined();
-    });
-
-    it('should return a user object if payload contains userName', () => {
-      const payload = {
-        sub: 'testUser',
-        email: 'test@example.com',
-        name: 'Test User',
-        role: 'ADMIN',
-        permission: 'READ',
-      };
-      const token =
-        btoa('header') + '.' + btoa(JSON.stringify(payload)) + '.signature';
-      const user = convertJWTToUser(token);
-      expect(user).toEqual({
-        userName: 'testUser',
-        email: 'test@example.com',
-        displayName: 'Test User',
-        roles: ['ADMIN'],
-        permissions: ['READ'],
-      });
-    });
-
-    it('should return a user object if payload contains nameid', () => {
-      const payload = {
-        nameid: 'testUser',
-        email: 'test@example.com',
-        name: 'Test User',
-        role: 'ADMIN',
-        permission: 'READ',
-      };
-      const token =
-        btoa('header') + '.' + btoa(JSON.stringify(payload)) + '.signature';
-      const user = convertJWTToUser(token);
-      expect(user).toEqual({
-        userName: 'testUser',
-        email: 'test@example.com',
-        displayName: 'Test User',
-        roles: ['ADMIN'],
-        permissions: ['READ'],
-      });
-    });
-
-    it('should return undefined if an error occurs during parsing', () => {
-      const token =
-        btoa('header') + '.' + btoa('invalidPayload') + '.signature';
-      expect(convertJWTToUser(token)).toBeUndefined();
-    });
-  });
-});