npm - @wabot-dev/framework - Versions diffs - 0.1.0-beta.7 → 0.1.0-beta.71 - Mend

@wabot-dev/framework 0.1.0-beta.7 → 0.1.0-beta.71

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

package/dist/src/addon/async/pg/PgJobRepository.js ADDED Viewed

@@ -0,0 +1,26 @@
+import { __decorate, __metadata } from 'tslib';
+import { Pool } from 'pg';
+import { singleton } from '../../../core/injection/index.js';
+import { PgCrudRepository } from '../../../feature/pg/PgCrudRepository.js';
+import '../../../feature/async/CommandMetadataStore.js';
+import '../../../feature/async/Async.js';
+import { Job } from '../../../feature/async/Job.js';
+import '../../../feature/async/JobRepository.js';
+import '../../../feature/async/JobRunner.js';
+import '../../../feature/async/JobsEventsHub.js';
+let PgJobRepository = class PgJobRepository extends PgCrudRepository {
+    constructor(pool) {
+        super(pool, {
+            schema: 'wabot',
+            table: 'job',
+            constructor: Job,
+        });
+    }
+};
+PgJobRepository = __decorate([
+    singleton(),
+    __metadata("design:paramtypes", [Pool])
+], PgJobRepository);
+export { PgJobRepository };

package/dist/src/addon/auth/api-key/@apiKeyConnectionGuard.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { connectionMiddleware } from '../../../feature/socket-controller/metadata/@connectionMiddleware.js';
+import '../../../core/injection/index.js';
+import '../../../feature/socket-controller/metadata/SocketControllerMetadataStore.js';
+import 'path';
+import 'debug';
+import '../../../feature/socket/SocketServerProvider.js';
+import '../../../core/validation/metadata/ValidationMetadataStore.js';
+import { ApiKeyConnectionGuardMiddleware } from './ApiKeyConnectionGuardMiddleware.js';
+function apiKeyConnectionGuard() {
+    return function (target, propertyKey) {
+        connectionMiddleware(ApiKeyConnectionGuardMiddleware)(target, propertyKey);
+    };
+}
+export { apiKeyConnectionGuard };

package/dist/src/addon/auth/api-key/@apiKeyGuard.js ADDED Viewed

@@ -0,0 +1,17 @@
+import '../../../core/injection/index.js';
+import '../../../feature/rest-controller/metadata/RestControllerMetadataStore.js';
+import { middleware } from '../../../feature/rest-controller/metadata/@middleware.js';
+import 'debug';
+import '../../../core/validation/metadata/ValidationMetadataStore.js';
+import '../../../feature/express/ExpressProvider.js';
+import 'express';
+import 'path';
+import { ApiKeyGuardMiddleware } from './ApiKeyGuardMiddleware.js';
+function apiKeyGuard() {
+    return function (target, propertyKey) {
+        middleware(ApiKeyGuardMiddleware)(target, propertyKey);
+    };
+}
+export { apiKeyGuard };

package/dist/src/addon/auth/api-key/ApiKey.js ADDED Viewed

@@ -0,0 +1,53 @@
+import { Entity } from '../../../core/entity/Entity.js';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { Password } from '../../../core/password/Password.js';
+class ApiKey extends Entity {
+    get authInfo() {
+        return this.data.authInfo;
+    }
+    setAuthInfo(authInfo) {
+        this.data.authInfo = authInfo;
+    }
+    generatePassword() {
+        if (this.data.passwordHash) {
+            throw new Error('This api key, already has a secret');
+        }
+        const password = Password.generate(64);
+        this.data.passwordHash = Password.hash({ password: password });
+        return password;
+    }
+    isValidPassword(password) {
+        if (!this.data.passwordHash)
+            return false;
+        return Password.isValid({ password: password, hash: this.data.passwordHash });
+    }
+    validatePassword(password) {
+        if (!this.isValidPassword(password)) {
+            throw new CustomError({ message: 'invalid api key', httpCode: 401 });
+        }
+    }
+    static inflate(secret) {
+        try {
+            const json = Buffer.from(secret, 'base64').toString('utf-8');
+            const data = JSON.parse(json);
+            if (!data.id || !data.pass) {
+                throw new Error('invalid secret structure');
+            }
+            return data;
+        }
+        catch (err) {
+            throw new Error('fail to inflate secret: ' + err.message);
+        }
+    }
+    static deflate(data) {
+        const { id, pass } = data;
+        if (!id || !pass) {
+            throw new Error('id and pass required');
+        }
+        const json = JSON.stringify({ id, pass });
+        return Buffer.from(json, 'utf-8').toString('base64');
+    }
+}
+export { ApiKey };

package/dist/src/addon/auth/api-key/ApiKeyConnectionGuardMiddleware.js ADDED Viewed

@@ -0,0 +1,54 @@
+import { __decorate, __metadata } from 'tslib';
+import { Auth } from '../../../core/auth/Auth.js';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { injectable } from '../../../core/injection/index.js';
+import { ApiKeyRepository } from './ApiKeyRepository.js';
+let ApiKeyConnectionGuardMiddleware = class ApiKeyConnectionGuardMiddleware {
+    apiKeyRepository;
+    auth;
+    constructor(apiKeyRepository, auth) {
+        this.apiKeyRepository = apiKeyRepository;
+        this.auth = auth;
+    }
+    async handle(socket, container) {
+        if (!socket.handshake.auth.token) {
+            let authorization = socket.handshake.headers['Authorization'] ?? socket.handshake.headers['authorization'];
+            if (Array.isArray(authorization)) {
+                authorization = authorization[0];
+            }
+            if (authorization) {
+                const [prefix, token] = authorization.split(' ');
+                if (prefix.toLowerCase() !== 'api-key' || !token) {
+                    throw new CustomError({
+                        httpCode: 401,
+                        message: 'Authorization should be an Api-Key',
+                    });
+                }
+                socket.handshake.auth.token = token;
+            }
+        }
+        let keySecret = socket.handshake.auth.token;
+        if (!keySecret) {
+            throw new CustomError({ httpCode: 401, message: 'Token not available' });
+        }
+        try {
+            const authInfo = await this.apiKeyRepository.findAuthInfo(keySecret);
+            this.auth.assign(authInfo);
+        }
+        catch (err) {
+            throw new CustomError({
+                httpCode: 401,
+                message: err instanceof Error ? `Invalid token: ${err.message}` : 'Invalid token',
+                cause: err instanceof Error ? err : undefined,
+            });
+        }
+    }
+};
+ApiKeyConnectionGuardMiddleware = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [ApiKeyRepository,
+        Auth])
+], ApiKeyConnectionGuardMiddleware);
+export { ApiKeyConnectionGuardMiddleware };

package/dist/src/addon/auth/api-key/ApiKeyGuardMiddleware.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { __decorate, __metadata } from 'tslib';
+import { injectable } from '../../../core/injection/index.js';
+import { Auth } from '../../../core/auth/Auth.js';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { ApiKeyRepository } from './ApiKeyRepository.js';
+import { ApiKey } from './ApiKey.js';
+let ApiKeyGuardMiddleware = class ApiKeyGuardMiddleware {
+    apiKeyRepository;
+    auth;
+    constructor(apiKeyRepository, auth) {
+        this.apiKeyRepository = apiKeyRepository;
+        this.auth = auth;
+    }
+    async handle(req, res, container) {
+        const authorization = req.header('Authorization');
+        if (!authorization) {
+            throw new CustomError({ httpCode: 401, message: 'Authorization header not available' });
+        }
+        const [keyPrefix, keySecret] = authorization.split(' ');
+        if (keyPrefix.toLowerCase() !== 'api-key' || !keySecret) {
+            throw new CustomError({ httpCode: 401, message: 'Authorization should be an Api-Key' });
+        }
+        try {
+            const keyData = ApiKey.inflate(keySecret);
+            const apiKey = await this.apiKeyRepository.findOrThrow(keyData.id);
+            apiKey.validatePassword(keyData.pass);
+            this.auth.assign(apiKey.authInfo);
+        }
+        catch (err) {
+            throw new CustomError({
+                httpCode: 401,
+                message: err instanceof Error ? `Invalid token: ${err.message}` : 'Invalid token',
+                cause: err instanceof Error ? err : undefined,
+            });
+        }
+    }
+};
+ApiKeyGuardMiddleware = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [ApiKeyRepository,
+        Auth])
+], ApiKeyGuardMiddleware);
+export { ApiKeyGuardMiddleware };

package/dist/src/addon/auth/api-key/ApiKeyRepository.js ADDED Viewed

@@ -0,0 +1,35 @@
+import { ApiKey } from './ApiKey.js';
+class ApiKeyRepository {
+    findAuthInfo(secret) {
+        throw new Error('Method not implemented.');
+    }
+    find(id) {
+        throw new Error('Method not implemented.');
+    }
+    findOrThrow(id) {
+        throw new Error('Method not implemented.');
+    }
+    create(item) {
+        throw new Error('Method not implemented.');
+    }
+    generate(req) {
+        throw new Error('Method not implemented.');
+    }
+    static async generate(repository, req) {
+        const apiKey = new ApiKey(req);
+        const pass = apiKey.generatePassword();
+        await repository.create(apiKey);
+        const id = apiKey.id;
+        const secret = ApiKey.deflate({ id, pass });
+        return { id, secret };
+    }
+    static async findAuthInfo(repository, secret) {
+        const { id, pass } = ApiKey.inflate(secret);
+        const apiKey = await repository.findOrThrow(id);
+        apiKey.validatePassword(pass);
+        return apiKey.authInfo;
+    }
+}
+export { ApiKeyRepository };

package/dist/src/addon/auth/api-key/PgApiKeyRepository.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { __decorate, __metadata } from 'tslib';
+import { ApiKey } from './ApiKey.js';
+import { Pool } from 'pg';
+import { PgCrudRepository } from '../../../feature/pg/PgCrudRepository.js';
+import { singleton } from 'tsyringe';
+import { ApiKeyRepository } from './ApiKeyRepository.js';
+let PgApiKeyRepository = class PgApiKeyRepository extends PgCrudRepository {
+    constructor(pool) {
+        super(pool, {
+            schema: 'wabot',
+            table: 'api_key',
+            constructor: ApiKey,
+        });
+    }
+    findAuthInfo(secret) {
+        return ApiKeyRepository.findAuthInfo(this, secret);
+    }
+    async generate(req) {
+        return ApiKeyRepository.generate(this, req);
+    }
+};
+PgApiKeyRepository = __decorate([
+    singleton(),
+    __metadata("design:paramtypes", [Pool])
+], PgApiKeyRepository);
+export { PgApiKeyRepository };

package/dist/src/addon/auth/api-key/RemoteApiKeyRepository.js ADDED Viewed

@@ -0,0 +1,42 @@
+import { ApiKeyRepository } from './ApiKeyRepository.js';
+class RemoteApiKeyRepository {
+    fetcher;
+    cacheSeconds;
+    cache = new Map();
+    constructor(fetcher, cacheSeconds) {
+        this.fetcher = fetcher;
+        this.cacheSeconds = cacheSeconds;
+    }
+    async find(id) {
+        const now = Date.now();
+        const cached = this.cache.get(id);
+        if (cached && cached.expiresAt > now) {
+            return cached.value;
+        }
+        const result = await this.fetcher(id);
+        this.cache.set(id, {
+            value: result,
+            expiresAt: now + this.cacheSeconds * 1000,
+        });
+        return result;
+    }
+    async findOrThrow(id) {
+        const result = await this.find(id);
+        if (!result) {
+            throw new Error(`API key with ID '${id}' not found.`);
+        }
+        return result;
+    }
+    findAuthInfo(secret) {
+        return ApiKeyRepository.findAuthInfo(this, secret);
+    }
+    create(item) {
+        throw new Error('Method not implemented.');
+    }
+    async generate(req) {
+        throw new Error('Method not implemented.');
+    }
+}
+export { RemoteApiKeyRepository };

package/dist/src/addon/auth/jwt/@jwtConnectionGuard.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { connectionMiddleware } from '../../../feature/socket-controller/metadata/@connectionMiddleware.js';
+import '../../../core/injection/index.js';
+import '../../../feature/socket-controller/metadata/SocketControllerMetadataStore.js';
+import 'path';
+import 'debug';
+import '../../../feature/socket/SocketServerProvider.js';
+import '../../../core/validation/metadata/ValidationMetadataStore.js';
+import { JwtConnectionGuardMiddleware } from './JwtConnectionGuardMiddleware.js';
+function jwtConnectionGuard() {
+    return function (target, propertyKey) {
+        connectionMiddleware(JwtConnectionGuardMiddleware)(target, propertyKey);
+    };
+}
+export { jwtConnectionGuard };

package/dist/src/addon/auth/jwt/@jwtGuard.js ADDED Viewed

@@ -0,0 +1,17 @@
+import '../../../core/injection/index.js';
+import '../../../feature/rest-controller/metadata/RestControllerMetadataStore.js';
+import { middleware } from '../../../feature/rest-controller/metadata/@middleware.js';
+import 'debug';
+import '../../../core/validation/metadata/ValidationMetadataStore.js';
+import '../../../feature/express/ExpressProvider.js';
+import 'express';
+import 'path';
+import { JwtGuardMiddleware } from './JwtGuardMiddleware.js';
+function jwtGuard() {
+    return function (target, propertyKey) {
+        middleware(JwtGuardMiddleware)(target, propertyKey);
+    };
+}
+export { jwtGuard };

package/dist/src/addon/auth/jwt/Jwt.js ADDED Viewed

@@ -0,0 +1,53 @@
+import { __decorate, __metadata } from 'tslib';
+import { JwtSigner } from './JwtSigner.js';
+import { JwtRefreshTokenRepository } from './JwtRefreshTokenRepository.js';
+import { JwtRefreshToken } from './JwtRefreshToken.js';
+import { injectable } from '../../../core/injection/index.js';
+import { Auth } from '../../../core/auth/Auth.js';
+import { JwtConfig } from './JwtConfig.js';
+let Jwt = class Jwt {
+    auth;
+    jwtSigner;
+    jwtRefreshTokenRepository;
+    config;
+    constructor(auth, jwtSigner, jwtRefreshTokenRepository, config) {
+        this.auth = auth;
+        this.jwtSigner = jwtSigner;
+        this.jwtRefreshTokenRepository = jwtRefreshTokenRepository;
+        this.config = config;
+    }
+    async createToken() {
+        const authInfo = this.auth.require();
+        const refreshToken = new JwtRefreshToken({
+            authInfo,
+            expirationTime: new Date().getTime() + this.config.refreshExpirationSeconds * 1000,
+        });
+        const refreshPassword = refreshToken.generatePassword();
+        await this.jwtRefreshTokenRepository.create(refreshToken);
+        const access = await this.jwtSigner.signAccessToken(refreshToken);
+        const refresh = {
+            token: JwtRefreshToken.deflate({ id: refreshToken.id, pass: refreshPassword }),
+            expiration: new Date(refreshToken.expirationTime),
+        };
+        return {
+            access,
+            refresh,
+        };
+    }
+    async refreshToken(refreshSecret) {
+        const { id, pass } = JwtRefreshToken.inflate(refreshSecret);
+        const refreshToken = await this.jwtRefreshTokenRepository.findOrThrow(id);
+        refreshToken.validatePassword(pass);
+        return this.jwtSigner.signAccessToken(refreshToken);
+    }
+};
+Jwt = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [Auth,
+        JwtSigner,
+        JwtRefreshTokenRepository,
+        JwtConfig])
+], Jwt);
+export { Jwt };

package/dist/src/addon/auth/jwt/JwtAccessAndRefreshTokenDto.js ADDED Viewed

@@ -0,0 +1,20 @@
+import { __decorate, __metadata } from 'tslib';
+import { isModel } from '../../../core/validation/metadata/@isModel.js';
+import '../../../core/injection/index.js';
+import '../../../core/validation/metadata/ValidationMetadataStore.js';
+import { JwtTokenDto } from './JwtTokenDto.js';
+class JwtAccessAndRefreshTokenDto {
+    access;
+    refresh;
+}
+__decorate([
+    isModel(JwtTokenDto),
+    __metadata("design:type", JwtTokenDto)
+], JwtAccessAndRefreshTokenDto.prototype, "access", void 0);
+__decorate([
+    isModel(JwtTokenDto),
+    __metadata("design:type", JwtTokenDto)
+], JwtAccessAndRefreshTokenDto.prototype, "refresh", void 0);
+export { JwtAccessAndRefreshTokenDto };

package/dist/src/addon/auth/jwt/JwtConfig.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { __decorate, __metadata } from 'tslib';
+import { Env } from '../../../core/env/Env.js';
+import { singleton } from '../../../core/injection/index.js';
+let JwtConfig = class JwtConfig {
+    secretOrPublicKey;
+    secretOrPrivateKey;
+    algorithm;
+    accessExpirationSeconds;
+    refreshExpirationSeconds;
+    constructor(env) {
+        this.algorithm = env.requireString('JWT_ALGORITHM', { default: 'HS256' });
+        this.secretOrPublicKey = env.requireString('JWT_SECRET');
+        this.secretOrPrivateKey = env.requireString('JWT_SECRET');
+        this.accessExpirationSeconds = env.requireNumber('JWT_ACCESS_EXPIRATION_SECONDS', {
+            default: 10 * 60,
+        });
+        this.refreshExpirationSeconds = env.requireNumber('JWT_REFRESH_EXPIRATION_SECONDS', {
+            default: 365 * 24 * 3600,
+        });
+    }
+};
+JwtConfig = __decorate([
+    singleton(),
+    __metadata("design:paramtypes", [Env])
+], JwtConfig);
+export { JwtConfig };

package/dist/src/addon/auth/jwt/JwtConnectionGuardMiddleware.js ADDED Viewed

@@ -0,0 +1,57 @@
+import { __decorate, __metadata } from 'tslib';
+import jwt from 'jsonwebtoken';
+import { injectable } from '../../../core/injection/index.js';
+import { Auth } from '../../../core/auth/Auth.js';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { JwtConfig } from './JwtConfig.js';
+let JwtConnectionGuardMiddleware = class JwtConnectionGuardMiddleware {
+    config;
+    auth;
+    constructor(config, auth) {
+        this.config = config;
+        this.auth = auth;
+    }
+    async handle(socket, container) {
+        if (!socket.handshake.auth.token) {
+            let authorization = socket.handshake.headers['Authorization'] ?? socket.handshake.headers['authorization'];
+            if (Array.isArray(authorization)) {
+                authorization = authorization[0];
+            }
+            if (authorization) {
+                const [prefix, token] = authorization.split(' ');
+                if (prefix.toLowerCase() !== 'bearer' || !token) {
+                    throw new CustomError({
+                        httpCode: 401,
+                        message: 'Authorization should be a bearer token',
+                    });
+                }
+                socket.handshake.auth.token = token;
+            }
+        }
+        let token = socket.handshake.auth.token;
+        if (!token) {
+            throw new CustomError({ httpCode: 401, message: 'Token not available' });
+        }
+        try {
+            const jwtPayload = jwt.verify(token, this.config.secretOrPublicKey, {
+                algorithms: [this.config.algorithm],
+            });
+            this.auth.assign(jwtPayload);
+        }
+        catch (err) {
+            throw new CustomError({
+                httpCode: 401,
+                message: err instanceof Error ? `Invalid token: ${err.message}` : 'Invalid token',
+                cause: err instanceof Error ? err : undefined,
+            });
+        }
+    }
+};
+JwtConnectionGuardMiddleware = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [JwtConfig,
+        Auth])
+], JwtConnectionGuardMiddleware);
+export { JwtConnectionGuardMiddleware };

package/dist/src/addon/auth/jwt/JwtGuardMiddleware.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { __decorate, __metadata } from 'tslib';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { injectable } from '../../../core/injection/index.js';
+import jwt from 'jsonwebtoken';
+import { Auth } from '../../../core/auth/Auth.js';
+import { JwtConfig } from './JwtConfig.js';
+let JwtGuardMiddleware = class JwtGuardMiddleware {
+    config;
+    auth;
+    constructor(config, auth) {
+        this.config = config;
+        this.auth = auth;
+    }
+    async handle(req, res, container) {
+        const authorization = req.header('Authorization');
+        if (!authorization) {
+            throw new CustomError({ httpCode: 401, message: 'Authorization header not available' });
+        }
+        const [bearer, token] = authorization.split(' ');
+        if (bearer.toLowerCase() !== 'bearer' || !token) {
+            throw new CustomError({ httpCode: 401, message: 'Authorization should be a bearer token' });
+        }
+        try {
+            const jwtPayload = jwt.verify(token, this.config.secretOrPublicKey, {
+                algorithms: [this.config.algorithm],
+            });
+            this.auth.assign(jwtPayload);
+        }
+        catch (err) {
+            throw new CustomError({
+                httpCode: 401,
+                message: err instanceof Error ? `Invalid token: ${err.message}` : 'Invalid token',
+                cause: err instanceof Error ? err : undefined,
+            });
+        }
+    }
+};
+JwtGuardMiddleware = __decorate([
+    injectable(),
+    __metadata("design:paramtypes", [JwtConfig,
+        Auth])
+], JwtGuardMiddleware);
+export { JwtGuardMiddleware };

package/dist/src/addon/auth/jwt/JwtRefreshToken.js ADDED Viewed

@@ -0,0 +1,56 @@
+import { Entity } from '../../../core/entity/Entity.js';
+import { CustomError } from '../../../core/error/CustomError.js';
+import { Password } from '../../../core/password/Password.js';
+class JwtRefreshToken extends Entity {
+    get authInfo() {
+        return this.data.authInfo;
+    }
+    get expirationTime() {
+        return new Date(this.data.expirationTime);
+    }
+    generatePassword() {
+        if (this.data.passwordHash) {
+            throw new Error('This api key, already has a secret');
+        }
+        const password = Password.generate(64);
+        this.data.passwordHash = Password.hash({ password: password });
+        return password;
+    }
+    isValidPassword(password) {
+        if (new Date().getTime() > this.data.expirationTime) {
+            return false;
+        }
+        if (!this.data.passwordHash)
+            return false;
+        return Password.isValid({ password: password, hash: this.data.passwordHash });
+    }
+    validatePassword(password) {
+        if (!this.isValidPassword(password)) {
+            throw new CustomError({ message: 'Invalid Api key', httpCode: 401 });
+        }
+    }
+    static inflate(secret) {
+        try {
+            const json = Buffer.from(secret, 'base64').toString('utf-8');
+            const data = JSON.parse(json);
+            if (!data.id || !data.pass) {
+                throw new Error('invalid secret structure');
+            }
+            return data;
+        }
+        catch (err) {
+            throw new Error('fail to inflate secret: ' + err.message);
+        }
+    }
+    static deflate(data) {
+        const { id, pass } = data;
+        if (!id || !pass) {
+            throw new Error('id and pass required');
+        }
+        const json = JSON.stringify({ id, pass });
+        return Buffer.from(json, 'utf-8').toString('base64');
+    }
+}
+export { JwtRefreshToken };

package/dist/src/addon/auth/jwt/JwtRefreshTokenRepository.js ADDED Viewed

@@ -0,0 +1,25 @@
+class JwtRefreshTokenRepository {
+    find(id) {
+        throw new Error('Method not implemented.');
+    }
+    findOrThrow(id) {
+        throw new Error('Method not implemented.');
+    }
+    findByIds(ids) {
+        throw new Error('Method not implemented.');
+    }
+    findAll(id) {
+        throw new Error('Method not implemented.');
+    }
+    create(item) {
+        throw new Error('Method not implemented.');
+    }
+    update(item) {
+        throw new Error('Method not implemented.');
+    }
+    delete(item) {
+        throw new Error('Method not implemented.');
+    }
+}
+export { JwtRefreshTokenRepository };