@wacht/backend 1.0.0-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +19 -0
- package/README.md +94 -0
- package/dist/api/ai.d.ts +157 -0
- package/dist/api/ai.d.ts.map +1 -0
- package/dist/api/ai.js +300 -0
- package/dist/api/ai.js.map +1 -0
- package/dist/api/analytics.d.ts +21 -0
- package/dist/api/analytics.d.ts.map +1 -0
- package/dist/api/analytics.js +40 -0
- package/dist/api/analytics.js.map +1 -0
- package/dist/api/api-keys.d.ts +43 -0
- package/dist/api/api-keys.d.ts.map +1 -0
- package/dist/api/api-keys.js +84 -0
- package/dist/api/api-keys.js.map +1 -0
- package/dist/api/gateway.d.ts +66 -0
- package/dist/api/gateway.d.ts.map +1 -0
- package/dist/api/gateway.js +177 -0
- package/dist/api/gateway.js.map +1 -0
- package/dist/api/health.d.ts +8 -0
- package/dist/api/health.d.ts.map +1 -0
- package/dist/api/health.js +12 -0
- package/dist/api/health.js.map +1 -0
- package/dist/api/invitations.d.ts +35 -0
- package/dist/api/invitations.d.ts.map +1 -0
- package/dist/api/invitations.js +76 -0
- package/dist/api/invitations.js.map +1 -0
- package/dist/api/notifications.d.ts +27 -0
- package/dist/api/notifications.d.ts.map +1 -0
- package/dist/api/notifications.js +56 -0
- package/dist/api/notifications.js.map +1 -0
- package/dist/api/organizations.d.ts +59 -0
- package/dist/api/organizations.d.ts.map +1 -0
- package/dist/api/organizations.js +125 -0
- package/dist/api/organizations.js.map +1 -0
- package/dist/api/segments.d.ts +64 -0
- package/dist/api/segments.d.ts.map +1 -0
- package/dist/api/segments.js +101 -0
- package/dist/api/segments.js.map +1 -0
- package/dist/api/settings.d.ts +98 -0
- package/dist/api/settings.d.ts.map +1 -0
- package/dist/api/settings.js +132 -0
- package/dist/api/settings.js.map +1 -0
- package/dist/api/users.d.ts +67 -0
- package/dist/api/users.d.ts.map +1 -0
- package/dist/api/users.js +135 -0
- package/dist/api/users.js.map +1 -0
- package/dist/api/utility.d.ts +9 -0
- package/dist/api/utility.d.ts.map +1 -0
- package/dist/api/utility.js +19 -0
- package/dist/api/utility.js.map +1 -0
- package/dist/api/webhooks.d.ts +106 -0
- package/dist/api/webhooks.d.ts.map +1 -0
- package/dist/api/webhooks.js +209 -0
- package/dist/api/webhooks.js.map +1 -0
- package/dist/api/workspaces.d.ts +57 -0
- package/dist/api/workspaces.d.ts.map +1 -0
- package/dist/api/workspaces.js +122 -0
- package/dist/api/workspaces.js.map +1 -0
- package/dist/client.d.ts +148 -0
- package/dist/client.d.ts.map +1 -0
- package/dist/client.js +299 -0
- package/dist/client.js.map +1 -0
- package/dist/error.d.ts +63 -0
- package/dist/error.d.ts.map +1 -0
- package/dist/error.js +117 -0
- package/dist/error.js.map +1 -0
- package/dist/index.d.ts +98 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +116 -0
- package/dist/index.js.map +1 -0
- package/dist/jwt.d.ts +1 -0
- package/dist/jwt.d.ts.map +1 -0
- package/dist/jwt.js +2 -0
- package/dist/jwt.js.map +1 -0
- package/dist/models/ai.d.ts +218 -0
- package/dist/models/ai.d.ts.map +1 -0
- package/dist/models/ai.js +3 -0
- package/dist/models/ai.js.map +1 -0
- package/dist/models/analytics.d.ts +33 -0
- package/dist/models/analytics.d.ts.map +1 -0
- package/dist/models/analytics.js +3 -0
- package/dist/models/analytics.js.map +1 -0
- package/dist/models/api-key.d.ts +161 -0
- package/dist/models/api-key.d.ts.map +1 -0
- package/dist/models/api-key.js +3 -0
- package/dist/models/api-key.js.map +1 -0
- package/dist/models/b2b-settings.d.ts +54 -0
- package/dist/models/b2b-settings.d.ts.map +1 -0
- package/dist/models/b2b-settings.js +3 -0
- package/dist/models/b2b-settings.js.map +1 -0
- package/dist/models/deployment-restrictions.d.ts +60 -0
- package/dist/models/deployment-restrictions.d.ts.map +1 -0
- package/dist/models/deployment-restrictions.js +3 -0
- package/dist/models/deployment-restrictions.js.map +1 -0
- package/dist/models/index.d.ts +51 -0
- package/dist/models/index.d.ts.map +1 -0
- package/dist/models/index.js +32 -0
- package/dist/models/index.js.map +1 -0
- package/dist/models/jwt-template.d.ts +49 -0
- package/dist/models/jwt-template.d.ts.map +1 -0
- package/dist/models/jwt-template.js +3 -0
- package/dist/models/jwt-template.js.map +1 -0
- package/dist/models/notification.d.ts +58 -0
- package/dist/models/notification.d.ts.map +1 -0
- package/dist/models/notification.js +3 -0
- package/dist/models/notification.js.map +1 -0
- package/dist/models/organization.d.ts +93 -0
- package/dist/models/organization.d.ts.map +1 -0
- package/dist/models/organization.js +3 -0
- package/dist/models/organization.js.map +1 -0
- package/dist/models/segment.d.ts +44 -0
- package/dist/models/segment.d.ts.map +1 -0
- package/dist/models/segment.js +3 -0
- package/dist/models/segment.js.map +1 -0
- package/dist/models/user.d.ts +177 -0
- package/dist/models/user.d.ts.map +1 -0
- package/dist/models/user.js +3 -0
- package/dist/models/user.js.map +1 -0
- package/dist/models/webhook.d.ts +194 -0
- package/dist/models/webhook.d.ts.map +1 -0
- package/dist/models/webhook.js +3 -0
- package/dist/models/webhook.js.map +1 -0
- package/dist/models/workspace.d.ts +93 -0
- package/dist/models/workspace.d.ts.map +1 -0
- package/dist/models/workspace.js +3 -0
- package/dist/models/workspace.js.map +1 -0
- package/dist/server-auth.d.ts +84 -0
- package/dist/server-auth.d.ts.map +1 -0
- package/dist/server-auth.js +405 -0
- package/dist/server-auth.js.map +1 -0
- package/package.json +45 -0
|
@@ -0,0 +1,405 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.WachtAuthError = void 0;
|
|
4
|
+
exports.parseFrontendApiUrlFromPublishableKey = parseFrontendApiUrlFromPublishableKey;
|
|
5
|
+
exports.toSessionPrincipalIdentity = toSessionPrincipalIdentity;
|
|
6
|
+
exports.toSessionPrincipalMetadata = toSessionPrincipalMetadata;
|
|
7
|
+
exports.verifyAuthToken = verifyAuthToken;
|
|
8
|
+
exports.getAuthFromToken = getAuthFromToken;
|
|
9
|
+
exports.requireAuthFromToken = requireAuthFromToken;
|
|
10
|
+
exports.getAuth = getAuth;
|
|
11
|
+
exports.requireAuth = requireAuth;
|
|
12
|
+
exports.authenticateRequest = authenticateRequest;
|
|
13
|
+
exports.authFromHeaders = authFromHeaders;
|
|
14
|
+
const jose_1 = require("jose");
|
|
15
|
+
class WachtAuthError extends Error {
|
|
16
|
+
constructor(code, status, message, options) {
|
|
17
|
+
super(message);
|
|
18
|
+
this.name = "WachtAuthError";
|
|
19
|
+
this.code = code;
|
|
20
|
+
this.status = status;
|
|
21
|
+
this.redirectUrl = options?.redirectUrl;
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
exports.WachtAuthError = WachtAuthError;
|
|
25
|
+
const AUTH_HEADER = "x-wacht-auth";
|
|
26
|
+
const PUBLIC_KEY_CACHE_TTL_MS = 5 * 60 * 1000;
|
|
27
|
+
const publicKeyCache = new Map();
|
|
28
|
+
function decodeBase64(input) {
|
|
29
|
+
if (typeof atob === "function") {
|
|
30
|
+
return atob(input);
|
|
31
|
+
}
|
|
32
|
+
if (typeof Buffer !== "undefined") {
|
|
33
|
+
return Buffer.from(input, "base64").toString("utf-8");
|
|
34
|
+
}
|
|
35
|
+
throw new Error("No base64 decoder available in this runtime.");
|
|
36
|
+
}
|
|
37
|
+
function decodeBase64Url(input) {
|
|
38
|
+
const normalized = input.replace(/-/g, "+").replace(/_/g, "/");
|
|
39
|
+
const padded = normalized.padEnd(normalized.length + ((4 - (normalized.length % 4)) % 4), "=");
|
|
40
|
+
return decodeBase64(padded);
|
|
41
|
+
}
|
|
42
|
+
function decodeBase64UrlToBytes(input) {
|
|
43
|
+
const normalized = input.replace(/-/g, "+").replace(/_/g, "/");
|
|
44
|
+
const padded = normalized.padEnd(normalized.length + ((4 - (normalized.length % 4)) % 4), "=");
|
|
45
|
+
const raw = decodeBase64(padded);
|
|
46
|
+
return Uint8Array.from(raw, (char) => char.charCodeAt(0));
|
|
47
|
+
}
|
|
48
|
+
function toArrayBuffer(bytes) {
|
|
49
|
+
return bytes.buffer.slice(bytes.byteOffset, bytes.byteOffset + bytes.byteLength);
|
|
50
|
+
}
|
|
51
|
+
function decodeJwtPayload(token) {
|
|
52
|
+
try {
|
|
53
|
+
const parts = token.split(".");
|
|
54
|
+
if (parts.length !== 3)
|
|
55
|
+
return null;
|
|
56
|
+
const payloadText = decodeBase64Url(parts[1]);
|
|
57
|
+
return JSON.parse(payloadText);
|
|
58
|
+
}
|
|
59
|
+
catch {
|
|
60
|
+
return null;
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
function decodeJwtHeader(token) {
|
|
64
|
+
try {
|
|
65
|
+
const parts = token.split(".");
|
|
66
|
+
if (parts.length !== 3)
|
|
67
|
+
return null;
|
|
68
|
+
return JSON.parse(decodeBase64Url(parts[0]));
|
|
69
|
+
}
|
|
70
|
+
catch {
|
|
71
|
+
return null;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
function getTokenFromAuthorizationHeader(request) {
|
|
75
|
+
const authHeader = request.headers.get("authorization");
|
|
76
|
+
if (!authHeader?.startsWith("Bearer "))
|
|
77
|
+
return null;
|
|
78
|
+
return authHeader.substring(7).trim();
|
|
79
|
+
}
|
|
80
|
+
function getFrontendApiUrl(_request, options) {
|
|
81
|
+
const parsedFromPublishableKey = parseFrontendApiUrlFromPublishableKey(options.publishableKey || readPublishableKeyFromEnv());
|
|
82
|
+
if (parsedFromPublishableKey) {
|
|
83
|
+
return parsedFromPublishableKey;
|
|
84
|
+
}
|
|
85
|
+
throw new Error("Unable to derive frontend API URL from publishable key. Set WACHT_PUBLISHABLE_KEY or NEXT_PUBLIC_WACHT_PUBLISHABLE_KEY.");
|
|
86
|
+
}
|
|
87
|
+
function readPublishableKeyFromEnv() {
|
|
88
|
+
if (typeof process === "undefined" || !process.env)
|
|
89
|
+
return undefined;
|
|
90
|
+
return process.env.NEXT_PUBLIC_WACHT_PUBLISHABLE_KEY || process.env.WACHT_PUBLISHABLE_KEY;
|
|
91
|
+
}
|
|
92
|
+
function parseFrontendApiUrlFromPublishableKey(publishableKey) {
|
|
93
|
+
if (!publishableKey)
|
|
94
|
+
return null;
|
|
95
|
+
const value = publishableKey.trim();
|
|
96
|
+
const prefixes = ["pk_test_", "pk_live_"];
|
|
97
|
+
const prefix = prefixes.find((candidate) => value.startsWith(candidate));
|
|
98
|
+
if (!prefix)
|
|
99
|
+
return null;
|
|
100
|
+
const encoded = value.slice(prefix.length);
|
|
101
|
+
if (!encoded)
|
|
102
|
+
return null;
|
|
103
|
+
try {
|
|
104
|
+
const decoded = decodeBase64(encoded);
|
|
105
|
+
const url = new URL(decoded);
|
|
106
|
+
return url.origin.replace(/\/$/, "");
|
|
107
|
+
}
|
|
108
|
+
catch {
|
|
109
|
+
return null;
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
function pemToSpkiArrayBuffer(publicKeyPem) {
|
|
113
|
+
const pemBody = publicKeyPem
|
|
114
|
+
.replace("-----BEGIN PUBLIC KEY-----", "")
|
|
115
|
+
.replace("-----END PUBLIC KEY-----", "")
|
|
116
|
+
.replace(/\s+/g, "");
|
|
117
|
+
const decoded = decodeBase64(pemBody);
|
|
118
|
+
const bytes = Uint8Array.from(decoded, (char) => char.charCodeAt(0));
|
|
119
|
+
return toArrayBuffer(bytes);
|
|
120
|
+
}
|
|
121
|
+
function trimLeadingZeros(bytes) {
|
|
122
|
+
let index = 0;
|
|
123
|
+
while (index < bytes.length - 1 && bytes[index] === 0) {
|
|
124
|
+
index += 1;
|
|
125
|
+
}
|
|
126
|
+
return bytes.subarray(index);
|
|
127
|
+
}
|
|
128
|
+
function joseToDerEcdsaSignature(signature) {
|
|
129
|
+
const half = Math.floor(signature.length / 2);
|
|
130
|
+
const r = trimLeadingZeros(signature.subarray(0, half));
|
|
131
|
+
const s = trimLeadingZeros(signature.subarray(half));
|
|
132
|
+
const rNeedsPad = (r[0] & 0x80) !== 0;
|
|
133
|
+
const sNeedsPad = (s[0] & 0x80) !== 0;
|
|
134
|
+
const rLength = r.length + (rNeedsPad ? 1 : 0);
|
|
135
|
+
const sLength = s.length + (sNeedsPad ? 1 : 0);
|
|
136
|
+
const totalLength = 2 + rLength + 2 + sLength;
|
|
137
|
+
const der = new Uint8Array(2 + totalLength);
|
|
138
|
+
let offset = 0;
|
|
139
|
+
der[offset++] = 0x30;
|
|
140
|
+
der[offset++] = totalLength;
|
|
141
|
+
der[offset++] = 0x02;
|
|
142
|
+
der[offset++] = rLength;
|
|
143
|
+
if (rNeedsPad)
|
|
144
|
+
der[offset++] = 0x00;
|
|
145
|
+
der.set(r, offset);
|
|
146
|
+
offset += r.length;
|
|
147
|
+
der[offset++] = 0x02;
|
|
148
|
+
der[offset++] = sLength;
|
|
149
|
+
if (sNeedsPad)
|
|
150
|
+
der[offset++] = 0x00;
|
|
151
|
+
der.set(s, offset);
|
|
152
|
+
return der;
|
|
153
|
+
}
|
|
154
|
+
function resolveHashAlgorithm(alg) {
|
|
155
|
+
if (alg.endsWith("256"))
|
|
156
|
+
return "SHA-256";
|
|
157
|
+
if (alg.endsWith("384"))
|
|
158
|
+
return "SHA-384";
|
|
159
|
+
if (alg.endsWith("512"))
|
|
160
|
+
return "SHA-512";
|
|
161
|
+
return "SHA-256";
|
|
162
|
+
}
|
|
163
|
+
function getSubtleCrypto() {
|
|
164
|
+
const cryptoObj = globalThis.crypto;
|
|
165
|
+
if (cryptoObj?.subtle) {
|
|
166
|
+
return cryptoObj.subtle;
|
|
167
|
+
}
|
|
168
|
+
return null;
|
|
169
|
+
}
|
|
170
|
+
async function verifyJwtSignature(token, publicKeyPem) {
|
|
171
|
+
const header = decodeJwtHeader(token);
|
|
172
|
+
const payload = decodeJwtPayload(token);
|
|
173
|
+
if (!header?.alg || !payload)
|
|
174
|
+
return null;
|
|
175
|
+
try {
|
|
176
|
+
const key = await (0, jose_1.importSPKI)(publicKeyPem, header.alg);
|
|
177
|
+
await (0, jose_1.compactVerify)(token, key, { algorithms: [header.alg] });
|
|
178
|
+
return payload;
|
|
179
|
+
}
|
|
180
|
+
catch {
|
|
181
|
+
return null;
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
async function fetchPublicKeyPem(frontendApiUrl) {
|
|
185
|
+
const cached = publicKeyCache.get(frontendApiUrl);
|
|
186
|
+
if (cached && cached.expiresAt > Date.now()) {
|
|
187
|
+
return cached.value;
|
|
188
|
+
}
|
|
189
|
+
const response = await fetch(`${frontendApiUrl}/.well-known/jwk`, {
|
|
190
|
+
method: "GET",
|
|
191
|
+
headers: {
|
|
192
|
+
Accept: "application/json",
|
|
193
|
+
},
|
|
194
|
+
});
|
|
195
|
+
if (!response.ok)
|
|
196
|
+
return null;
|
|
197
|
+
const body = (await response.json());
|
|
198
|
+
const publicKey = body?.data?.public_key;
|
|
199
|
+
if (!publicKey)
|
|
200
|
+
return null;
|
|
201
|
+
publicKeyCache.set(frontendApiUrl, {
|
|
202
|
+
value: publicKey,
|
|
203
|
+
expiresAt: Date.now() + PUBLIC_KEY_CACHE_TTL_MS,
|
|
204
|
+
});
|
|
205
|
+
return publicKey;
|
|
206
|
+
}
|
|
207
|
+
function hasValidTimeClaims(payload, options) {
|
|
208
|
+
const now = Math.floor(Date.now() / 1000);
|
|
209
|
+
const skewSeconds = Math.floor((options.clockSkewInMs || 0) / 1000);
|
|
210
|
+
if (payload.exp && payload.exp < now - skewSeconds) {
|
|
211
|
+
return false;
|
|
212
|
+
}
|
|
213
|
+
if (payload.nbf && payload.nbf > now + skewSeconds) {
|
|
214
|
+
return false;
|
|
215
|
+
}
|
|
216
|
+
return true;
|
|
217
|
+
}
|
|
218
|
+
function hasValidIssuerClaim(payload, frontendApiUrl, options) {
|
|
219
|
+
const requiredIssuer = options.requiredIssuer || frontendApiUrl;
|
|
220
|
+
if (!requiredIssuer)
|
|
221
|
+
return true;
|
|
222
|
+
if (!payload.iss)
|
|
223
|
+
return false;
|
|
224
|
+
return payload.iss === requiredIssuer;
|
|
225
|
+
}
|
|
226
|
+
function createAuth(payload, options) {
|
|
227
|
+
const organizationPermissions = payload?.organization_permissions || payload?.permissions?.organization || [];
|
|
228
|
+
const workspacePermissions = payload?.workspace_permissions || payload?.permissions?.workspace || [];
|
|
229
|
+
return {
|
|
230
|
+
userId: payload?.sub || null,
|
|
231
|
+
sessionId: payload?.session_id || payload?.sid || null,
|
|
232
|
+
organizationId: payload?.organization || null,
|
|
233
|
+
workspaceId: payload?.workspace || null,
|
|
234
|
+
organizationPermissions,
|
|
235
|
+
workspacePermissions,
|
|
236
|
+
protect: async (protectOptions) => {
|
|
237
|
+
if (!payload?.sub) {
|
|
238
|
+
throw new WachtAuthError("unauthenticated", 401, "Unauthorized", protectOptions?.redirectUrl ? { redirectUrl: protectOptions.redirectUrl } : undefined);
|
|
239
|
+
}
|
|
240
|
+
if (protectOptions?.organizationId && payload.organization !== protectOptions.organizationId) {
|
|
241
|
+
throw new WachtAuthError("forbidden", 403, "Forbidden");
|
|
242
|
+
}
|
|
243
|
+
if (protectOptions?.workspaceId && payload.workspace !== protectOptions.workspaceId) {
|
|
244
|
+
throw new WachtAuthError("forbidden", 403, "Forbidden");
|
|
245
|
+
}
|
|
246
|
+
if (protectOptions?.permission) {
|
|
247
|
+
const required = Array.isArray(protectOptions.permission)
|
|
248
|
+
? protectOptions.permission
|
|
249
|
+
: [protectOptions.permission];
|
|
250
|
+
const hasPermission = required.some((permission) => {
|
|
251
|
+
if (organizationPermissions.includes(permission))
|
|
252
|
+
return true;
|
|
253
|
+
if (workspacePermissions.includes(permission))
|
|
254
|
+
return true;
|
|
255
|
+
return false;
|
|
256
|
+
});
|
|
257
|
+
if (!hasPermission) {
|
|
258
|
+
throw new WachtAuthError("forbidden", 403, "Forbidden");
|
|
259
|
+
}
|
|
260
|
+
}
|
|
261
|
+
},
|
|
262
|
+
has: (check) => {
|
|
263
|
+
if (!payload?.sub)
|
|
264
|
+
return false;
|
|
265
|
+
if (check.organizationId && payload.organization !== check.organizationId)
|
|
266
|
+
return false;
|
|
267
|
+
if (check.workspaceId && payload.workspace !== check.workspaceId)
|
|
268
|
+
return false;
|
|
269
|
+
if (!check.permission)
|
|
270
|
+
return true;
|
|
271
|
+
const required = Array.isArray(check.permission) ? check.permission : [check.permission];
|
|
272
|
+
return required.some((permission) => {
|
|
273
|
+
if (organizationPermissions.includes(permission))
|
|
274
|
+
return true;
|
|
275
|
+
if (workspacePermissions.includes(permission))
|
|
276
|
+
return true;
|
|
277
|
+
return false;
|
|
278
|
+
});
|
|
279
|
+
},
|
|
280
|
+
};
|
|
281
|
+
}
|
|
282
|
+
function toSessionPrincipalIdentity(auth) {
|
|
283
|
+
if (!auth.userId)
|
|
284
|
+
return null;
|
|
285
|
+
return {
|
|
286
|
+
principal_type: "session_token",
|
|
287
|
+
user_id: auth.userId,
|
|
288
|
+
session_id: auth.sessionId,
|
|
289
|
+
organization_id: auth.organizationId,
|
|
290
|
+
workspace_id: auth.workspaceId,
|
|
291
|
+
};
|
|
292
|
+
}
|
|
293
|
+
function toSessionPrincipalMetadata(auth) {
|
|
294
|
+
if (!auth.userId)
|
|
295
|
+
return null;
|
|
296
|
+
const permissionsChecked = Array.from(new Set([...auth.organizationPermissions, ...auth.workspacePermissions]));
|
|
297
|
+
return {
|
|
298
|
+
principal_type: "session_token",
|
|
299
|
+
permissions_checked: permissionsChecked,
|
|
300
|
+
organization_permissions: auth.organizationPermissions,
|
|
301
|
+
workspace_permissions: auth.workspacePermissions,
|
|
302
|
+
scopes: [],
|
|
303
|
+
resource: null,
|
|
304
|
+
expires_at: null,
|
|
305
|
+
};
|
|
306
|
+
}
|
|
307
|
+
async function verifyAuthToken(token, options = {}) {
|
|
308
|
+
const frontendApiUrl = getFrontendApiUrl(new Request("https://wacht.invalid"), options);
|
|
309
|
+
const publicKeyPem = await fetchPublicKeyPem(frontendApiUrl);
|
|
310
|
+
if (!publicKeyPem) {
|
|
311
|
+
return null;
|
|
312
|
+
}
|
|
313
|
+
const payload = await verifyJwtSignature(token, publicKeyPem);
|
|
314
|
+
if (!payload) {
|
|
315
|
+
return null;
|
|
316
|
+
}
|
|
317
|
+
const timeValid = hasValidTimeClaims(payload, options);
|
|
318
|
+
if (!timeValid) {
|
|
319
|
+
return null;
|
|
320
|
+
}
|
|
321
|
+
const issuerValid = hasValidIssuerClaim(payload, frontendApiUrl, options);
|
|
322
|
+
if (!issuerValid) {
|
|
323
|
+
return null;
|
|
324
|
+
}
|
|
325
|
+
return payload;
|
|
326
|
+
}
|
|
327
|
+
async function getAuthFromToken(token, options = {}) {
|
|
328
|
+
if (!token)
|
|
329
|
+
return createAuth(null, options);
|
|
330
|
+
const payload = await verifyAuthToken(token, options);
|
|
331
|
+
return createAuth(payload, options);
|
|
332
|
+
}
|
|
333
|
+
async function requireAuthFromToken(token, options = {}) {
|
|
334
|
+
const auth = await getAuthFromToken(token, options);
|
|
335
|
+
await auth.protect();
|
|
336
|
+
return auth;
|
|
337
|
+
}
|
|
338
|
+
async function getAuth(request, options = {}) {
|
|
339
|
+
const token = getTokenFromAuthorizationHeader(request);
|
|
340
|
+
const payload = token ? await verifyAuthToken(token, options) : null;
|
|
341
|
+
return createAuth(payload, options);
|
|
342
|
+
}
|
|
343
|
+
async function requireAuth(request, options = {}) {
|
|
344
|
+
const authState = await getAuth(request, options);
|
|
345
|
+
await authState.protect();
|
|
346
|
+
return authState;
|
|
347
|
+
}
|
|
348
|
+
async function authenticateRequest(request, options = {}) {
|
|
349
|
+
const auth = await getAuth(request, options);
|
|
350
|
+
const headers = new Headers();
|
|
351
|
+
headers.set(AUTH_HEADER, JSON.stringify({
|
|
352
|
+
userId: auth.userId,
|
|
353
|
+
sessionId: auth.sessionId,
|
|
354
|
+
organizationId: auth.organizationId,
|
|
355
|
+
workspaceId: auth.workspaceId,
|
|
356
|
+
organizationPermissions: auth.organizationPermissions,
|
|
357
|
+
workspacePermissions: auth.workspacePermissions,
|
|
358
|
+
}));
|
|
359
|
+
return { auth, headers };
|
|
360
|
+
}
|
|
361
|
+
function authFromHeaders(headers) {
|
|
362
|
+
const authHeader = headers.get(AUTH_HEADER);
|
|
363
|
+
if (!authHeader) {
|
|
364
|
+
return {
|
|
365
|
+
userId: null,
|
|
366
|
+
sessionId: null,
|
|
367
|
+
organizationId: null,
|
|
368
|
+
workspaceId: null,
|
|
369
|
+
organizationPermissions: [],
|
|
370
|
+
workspacePermissions: [],
|
|
371
|
+
protect: async () => {
|
|
372
|
+
throw new Error("Cannot use protect() in this context.");
|
|
373
|
+
},
|
|
374
|
+
has: () => false,
|
|
375
|
+
};
|
|
376
|
+
}
|
|
377
|
+
const authData = JSON.parse(authHeader);
|
|
378
|
+
return {
|
|
379
|
+
...authData,
|
|
380
|
+
protect: async () => {
|
|
381
|
+
throw new Error("Cannot use protect() in this context.");
|
|
382
|
+
},
|
|
383
|
+
has: (check) => {
|
|
384
|
+
if (!authData.userId)
|
|
385
|
+
return false;
|
|
386
|
+
if (check.organizationId && authData.organizationId !== check.organizationId)
|
|
387
|
+
return false;
|
|
388
|
+
if (check.workspaceId && authData.workspaceId !== check.workspaceId)
|
|
389
|
+
return false;
|
|
390
|
+
if (!check.permission)
|
|
391
|
+
return true;
|
|
392
|
+
const requiredPermissions = Array.isArray(check.permission)
|
|
393
|
+
? check.permission
|
|
394
|
+
: [check.permission];
|
|
395
|
+
return requiredPermissions.some((permission) => {
|
|
396
|
+
if (authData.organizationPermissions?.includes(permission))
|
|
397
|
+
return true;
|
|
398
|
+
if (authData.workspacePermissions?.includes(permission))
|
|
399
|
+
return true;
|
|
400
|
+
return false;
|
|
401
|
+
});
|
|
402
|
+
},
|
|
403
|
+
};
|
|
404
|
+
}
|
|
405
|
+
//# sourceMappingURL=server-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"server-auth.js","sourceRoot":"","sources":["../src/server-auth.ts"],"names":[],"mappings":";;;AA6KA,sFAoBC;AAgMD,gEAWC;AAED,gEAgBC;AAED,0CA2BC;AAED,4CAOC;AAED,oDAOC;AAED,0BAIC;AAED,kCAIC;AAED,kDAmBC;AAED,0CAwCC;AAxhBD,+BAAiD;AAsDjD,MAAa,cAAe,SAAQ,KAAK;IAKvC,YACE,IAAqC,EACrC,MAAc,EACd,OAAe,EACf,OAAkC;QAElC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;QAC7B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,WAAW,GAAG,OAAO,EAAE,WAAW,CAAC;IAC1C,CAAC;CACF;AAjBD,wCAiBC;AAuBD,MAAM,WAAW,GAAG,cAAc,CAAC;AACnC,MAAM,uBAAuB,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAC9C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAgD,CAAC;AAE/E,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,OAAO,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IAED,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/F,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAa;IAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/F,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACjC,OAAO,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa,CAAC,KAAiB;IACtC,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,GAAG,KAAK,CAAC,UAAU,CAAgB,CAAC;AAClG,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpC,MAAM,WAAW,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,WAAW,CAAe,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACpC,OAAO,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAc,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,+BAA+B,CAAC,OAAgB;IACvD,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACxD,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IACpD,OAAO,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAiB,EAAE,OAA2B;IACvE,MAAM,wBAAwB,GAAG,qCAAqC,CACpE,OAAO,CAAC,cAAc,IAAI,yBAAyB,EAAE,CACtD,CAAC;IACF,IAAI,wBAAwB,EAAE,CAAC;QAC7B,OAAO,wBAAwB,CAAC;IAClC,CAAC;IAED,MAAM,IAAI,KAAK,CACb,yHAAyH,CAC1H,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB;IAChC,IAAI,OAAO,OAAO,KAAK,WAAW,IAAI,CAAC,OAAO,CAAC,GAAG;QAAE,OAAO,SAAS,CAAC;IACrE,OAAO,OAAO,CAAC,GAAG,CAAC,iCAAiC,IAAI,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;AAC5F,CAAC;AAED,SAAgB,qCAAqC,CACnD,cAAuB;IAEvB,IAAI,CAAC,cAAc;QAAE,OAAO,IAAI,CAAC;IAEjC,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,CAAC;IACpC,MAAM,QAAQ,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;IACzE,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAEzB,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QAC7B,OAAO,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,YAAoB;IAChD,MAAM,OAAO,GAAG,YAAY;SACzB,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC;SACzC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC;SACvC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACvB,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACtC,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IACrE,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAiB;IACzC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,KAAK,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,KAAK,IAAI,CAAC,CAAC;IACb,CAAC;IACD,OAAO,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,uBAAuB,CAAC,SAAqB;IACpD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC9C,MAAM,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;IACxD,MAAM,CAAC,GAAG,gBAAgB,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAErD,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAEtC,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,MAAM,WAAW,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,GAAG,OAAO,CAAC;IAE9C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;IAC5C,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;IACrB,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,WAAW,CAAC;IAC5B,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;IACrB,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,OAAO,CAAC;IACxB,IAAI,SAAS;QAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACnB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;IACnB,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;IACrB,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,OAAO,CAAC;IACxB,IAAI,SAAS;QAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACnB,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAW;IACvC,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC1C,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC1C,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC1C,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,eAAe;IACtB,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC;IACpC,IAAI,SAAS,EAAE,MAAM,EAAE,CAAC;QACtB,OAAO,SAAS,CAAC,MAAM,CAAC;IAC1B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,KAAa,EACb,YAAoB;IAEpB,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACxC,IAAI,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,IAAA,iBAAU,EAAC,YAAY,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC;QACvD,MAAM,IAAA,oBAAa,EAAC,KAAK,EAAE,GAAG,EAAE,EAAE,UAAU,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9D,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,cAAsB;IACrD,MAAM,MAAM,GAAG,cAAc,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAClD,IAAI,MAAM,IAAI,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAC5C,OAAO,MAAM,CAAC,KAAK,CAAC;IACtB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,cAAc,kBAAkB,EAAE;QAChE,MAAM,EAAE,KAAK;QACb,OAAO,EAAE;YACP,MAAM,EAAE,kBAAkB;SAC3B;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE;QAAE,OAAO,IAAI,CAAC;IAC9B,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAuC,CAAC;IAC3E,MAAM,SAAS,GAAG,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC;IACzC,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE5B,cAAc,CAAC,GAAG,CAAC,cAAc,EAAE;QACjC,KAAK,EAAE,SAAS;QAChB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,uBAAuB;KAChD,CAAC,CAAC;IACH,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAmB,EAAE,OAA2B;IAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,aAAa,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAEpE,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,GAAC,WAAW,EAAE,CAAC;QACjD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,GAAC,WAAW,EAAE,CAAC;QACjD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAC1B,OAAmB,EACnB,cAAsB,EACtB,OAA2B;IAE3B,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,cAAc,CAAC;IAChE,IAAI,CAAC,cAAc;QAAE,OAAO,IAAI,CAAC;IACjC,IAAI,CAAC,OAAO,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IAC/B,OAAO,OAAO,CAAC,GAAG,KAAK,cAAc,CAAC;AACxC,CAAC;AAED,SAAS,UAAU,CACjB,OAA0B,EAC1B,OAA2B;IAE3B,MAAM,uBAAuB,GAAG,OAAO,EAAE,wBAAwB,IAAI,OAAO,EAAE,WAAW,EAAE,YAAY,IAAI,EAAE,CAAC;IAC9G,MAAM,oBAAoB,GAAG,OAAO,EAAE,qBAAqB,IAAI,OAAO,EAAE,WAAW,EAAE,SAAS,IAAI,EAAE,CAAC;IAErG,OAAO;QACL,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,IAAI;QAC5B,SAAS,EAAE,OAAO,EAAE,UAAU,IAAI,OAAO,EAAE,GAAG,IAAI,IAAI;QACtD,cAAc,EAAE,OAAO,EAAE,YAAY,IAAI,IAAI;QAC7C,WAAW,EAAE,OAAO,EAAE,SAAS,IAAI,IAAI;QACvC,uBAAuB;QACvB,oBAAoB;QACpB,OAAO,EAAE,KAAK,EAAE,cAA+B,EAAE,EAAE;YACjD,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC;gBAClB,MAAM,IAAI,cAAc,CACtB,iBAAiB,EACjB,GAAG,EACH,cAAc,EACd,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CACtF,CAAC;YACJ,CAAC;YAED,IAAI,cAAc,EAAE,cAAc,IAAI,OAAO,CAAC,YAAY,KAAK,cAAc,CAAC,cAAc,EAAE,CAAC;gBAC7F,MAAM,IAAI,cAAc,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,cAAc,EAAE,WAAW,IAAI,OAAO,CAAC,SAAS,KAAK,cAAc,CAAC,WAAW,EAAE,CAAC;gBACpF,MAAM,IAAI,cAAc,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,cAAc,EAAE,UAAU,EAAE,CAAC;gBAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC;oBACvD,CAAC,CAAC,cAAc,CAAC,UAAU;oBAC3B,CAAC,CAAC,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;gBAEhC,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE;oBACjD,IAAI,uBAAuB,CAAC,QAAQ,CAAC,UAAU,CAAC;wBAAE,OAAO,IAAI,CAAC;oBAC9D,IAAI,oBAAoB,CAAC,QAAQ,CAAC,UAAU,CAAC;wBAAE,OAAO,IAAI,CAAC;oBAC3D,OAAO,KAAK,CAAC;gBACf,CAAC,CAAC,CAAC;gBAEH,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,cAAc,CAAC,WAAW,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;QACH,CAAC;QACD,GAAG,EAAE,CAAC,KAAsB,EAAE,EAAE;YAC9B,IAAI,CAAC,OAAO,EAAE,GAAG;gBAAE,OAAO,KAAK,CAAC;YAChC,IAAI,KAAK,CAAC,cAAc,IAAI,OAAO,CAAC,YAAY,KAAK,KAAK,CAAC,cAAc;gBAAE,OAAO,KAAK,CAAC;YACxF,IAAI,KAAK,CAAC,WAAW,IAAI,OAAO,CAAC,SAAS,KAAK,KAAK,CAAC,WAAW;gBAAE,OAAO,KAAK,CAAC;YAC/E,IAAI,CAAC,KAAK,CAAC,UAAU;gBAAE,OAAO,IAAI,CAAC;YAEnC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACzF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE;gBAClC,IAAI,uBAAuB,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAC9D,IAAI,oBAAoB,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAgB,0BAA0B,CACxC,IAAgF;IAEhF,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC9B,OAAO;QACL,cAAc,EAAE,eAAe;QAC/B,OAAO,EAAE,IAAI,CAAC,MAAM;QACpB,UAAU,EAAE,IAAI,CAAC,SAAS;QAC1B,eAAe,EAAE,IAAI,CAAC,cAAc;QACpC,YAAY,EAAE,IAAI,CAAC,WAAW;KAC/B,CAAC;AACJ,CAAC;AAED,SAAgB,0BAA0B,CACxC,IAAoF;IAEpF,IAAI,CAAC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IAC9B,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CACnC,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,uBAAuB,EAAE,GAAG,IAAI,CAAC,oBAAoB,CAAC,CAAC,CACzE,CAAC;IACF,OAAO;QACL,cAAc,EAAE,eAAe;QAC/B,mBAAmB,EAAE,kBAAkB;QACvC,wBAAwB,EAAE,IAAI,CAAC,uBAAuB;QACtD,qBAAqB,EAAE,IAAI,CAAC,oBAAoB;QAChD,MAAM,EAAE,EAAE;QACV,QAAQ,EAAE,IAAI;QACd,UAAU,EAAE,IAAI;KACjB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,KAAa,EACb,UAA8B,EAAE;IAEhC,MAAM,cAAc,GAAG,iBAAiB,CAAC,IAAI,OAAO,CAAC,uBAAuB,CAAC,EAAE,OAAO,CAAC,CAAC;IAExF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,cAAc,CAAC,CAAC;IAC7D,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IAC9D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;IAC1E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAEM,KAAK,UAAU,gBAAgB,CACpC,KAAgC,EAChC,UAA8B,EAAE;IAEhC,IAAI,CAAC,KAAK;QAAE,OAAO,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACtD,OAAO,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,KAAgC,EAChC,UAA8B,EAAE;IAEhC,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;IACrB,OAAO,IAAI,CAAC;AACd,CAAC;AAEM,KAAK,UAAU,OAAO,CAAC,OAAgB,EAAE,UAA8B,EAAE;IAC9E,MAAM,KAAK,GAAG,+BAA+B,CAAC,OAAO,CAAC,CAAC;IACvD,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACrE,OAAO,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,OAAgB,EAAE,UAA8B,EAAE;IAClF,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,MAAM,SAAS,CAAC,OAAO,EAAE,CAAC;IAC1B,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,OAAgB,EAChB,UAA8B,EAAE;IAEhC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAE9B,OAAO,CAAC,GAAG,CACT,WAAW,EACX,IAAI,CAAC,SAAS,CAAC;QACb,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,uBAAuB,EAAE,IAAI,CAAC,uBAAuB;QACrD,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;KAChD,CAAC,CACH,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC3B,CAAC;AAED,SAAgB,eAAe,CAAC,OAAgB;IAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC5C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,SAAS,EAAE,IAAI;YACf,cAAc,EAAE,IAAI;YACpB,WAAW,EAAE,IAAI;YACjB,uBAAuB,EAAE,EAAE;YAC3B,oBAAoB,EAAE,EAAE;YACxB,OAAO,EAAE,KAAK,IAAI,EAAE;gBAClB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;YAC3D,CAAC;YACD,GAAG,EAAE,GAAG,EAAE,CAAC,KAAK;SACjB,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAuC,CAAC;IAE9E,OAAO;QACL,GAAG,QAAQ;QACX,OAAO,EAAE,KAAK,IAAI,EAAE;YAClB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,GAAG,EAAE,CAAC,KAAsB,EAAE,EAAE;YAC9B,IAAI,CAAC,QAAQ,CAAC,MAAM;gBAAE,OAAO,KAAK,CAAC;YACnC,IAAI,KAAK,CAAC,cAAc,IAAI,QAAQ,CAAC,cAAc,KAAK,KAAK,CAAC,cAAc;gBAAE,OAAO,KAAK,CAAC;YAC3F,IAAI,KAAK,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW,KAAK,KAAK,CAAC,WAAW;gBAAE,OAAO,KAAK,CAAC;YAClF,IAAI,CAAC,KAAK,CAAC,UAAU;gBAAE,OAAO,IAAI,CAAC;YAEnC,MAAM,mBAAmB,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC;gBACzD,CAAC,CAAC,KAAK,CAAC,UAAU;gBAClB,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;YACvB,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,EAAE;gBAC7C,IAAI,QAAQ,CAAC,uBAAuB,EAAE,QAAQ,CAAC,UAAU,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACxE,IAAI,QAAQ,CAAC,oBAAoB,EAAE,QAAQ,CAAC,UAAU,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACrE,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@wacht/backend",
|
|
3
|
+
"version": "1.0.0-beta.0",
|
|
4
|
+
"description": "Wacht Backend SDK for JavaScript/TypeScript",
|
|
5
|
+
"main": "dist/index.js",
|
|
6
|
+
"types": "dist/index.d.ts",
|
|
7
|
+
"files": [
|
|
8
|
+
"dist"
|
|
9
|
+
],
|
|
10
|
+
"keywords": [
|
|
11
|
+
"wacht",
|
|
12
|
+
"sdk",
|
|
13
|
+
"backend",
|
|
14
|
+
"authentication",
|
|
15
|
+
"api"
|
|
16
|
+
],
|
|
17
|
+
"author": "Wacht",
|
|
18
|
+
"license": "Apache-2.0",
|
|
19
|
+
"dependencies": {
|
|
20
|
+
"jose": "^4.15.9"
|
|
21
|
+
},
|
|
22
|
+
"devDependencies": {
|
|
23
|
+
"@types/node": "^20.0.0",
|
|
24
|
+
"@vitest/coverage-v8": "^1.0.0",
|
|
25
|
+
"prettier": "^3.2.0",
|
|
26
|
+
"typescript": "^5.3.0",
|
|
27
|
+
"vitest": "^1.0.0"
|
|
28
|
+
},
|
|
29
|
+
"repository": {
|
|
30
|
+
"type": "git",
|
|
31
|
+
"url": "https://github.com/wacht/sdk"
|
|
32
|
+
},
|
|
33
|
+
"engines": {
|
|
34
|
+
"node": ">=16.0.0"
|
|
35
|
+
},
|
|
36
|
+
"scripts": {
|
|
37
|
+
"build": "tsc",
|
|
38
|
+
"build:watch": "tsc --watch",
|
|
39
|
+
"test": "vitest",
|
|
40
|
+
"test:watch": "vitest --watch",
|
|
41
|
+
"test:coverage": "vitest --coverage",
|
|
42
|
+
"lint": "eslint src --ext .ts",
|
|
43
|
+
"format": "prettier --write \"src/**/*.ts\""
|
|
44
|
+
}
|
|
45
|
+
}
|