@wazobiatech/auth-middleware 1.0.7 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -11
- package/dist/middlewares/express.helper.d.ts +1 -1
- package/dist/middlewares/express.helper.d.ts.map +1 -1
- package/dist/middlewares/express.helper.js +2 -2
- package/dist/middlewares/express.helper.js.map +1 -1
- package/dist/middlewares/gql.helper.d.ts +56 -7
- package/dist/middlewares/gql.helper.d.ts.map +1 -1
- package/dist/middlewares/gql.helper.js +177 -31
- package/dist/middlewares/gql.helper.js.map +1 -1
- package/dist/middlewares/jwt.guard.d.ts +1 -1
- package/dist/middlewares/jwt.guard.d.ts.map +1 -1
- package/dist/middlewares/jwt.guard.js +23 -22
- package/dist/middlewares/jwt.guard.js.map +1 -1
- package/dist/middlewares/project.guard.d.ts +38 -13
- package/dist/middlewares/project.guard.d.ts.map +1 -1
- package/dist/middlewares/project.guard.js +245 -95
- package/dist/middlewares/project.guard.js.map +1 -1
- package/dist/nestjs/decorators/auth.decorator.d.ts +42 -1
- package/dist/nestjs/decorators/auth.decorator.d.ts.map +1 -1
- package/dist/nestjs/decorators/auth.decorator.js +67 -2
- package/dist/nestjs/decorators/auth.decorator.js.map +1 -1
- package/dist/nestjs/guards/project.guard.d.ts +24 -22
- package/dist/nestjs/guards/project.guard.d.ts.map +1 -1
- package/dist/nestjs/guards/project.guard.js +258 -114
- package/dist/nestjs/guards/project.guard.js.map +1 -1
- package/dist/nestjs/index.d.ts +1 -1
- package/dist/nestjs/index.d.ts.map +1 -1
- package/dist/nestjs/index.js +16 -3
- package/dist/nestjs/index.js.map +1 -1
- package/dist/nestjs/jwt-auth.module.d.ts +6 -0
- package/dist/nestjs/jwt-auth.module.d.ts.map +1 -1
- package/dist/nestjs/jwt-auth.module.js +34 -7
- package/dist/nestjs/jwt-auth.module.js.map +1 -1
- package/dist/nestjs/strategies/jwt-strategy.d.ts +1 -1
- package/dist/nestjs/strategies/jwt-strategy.d.ts.map +1 -1
- package/dist/nestjs/strategies/jwt-strategy.js +31 -59
- package/dist/nestjs/strategies/jwt-strategy.js.map +1 -1
- package/dist/types/jwt-payload.d.ts +93 -20
- package/dist/types/jwt-payload.d.ts.map +1 -1
- package/dist/utils/redis.connection.d.ts +10 -0
- package/dist/utils/redis.connection.d.ts.map +1 -1
- package/dist/utils/redis.connection.js +108 -12
- package/dist/utils/redis.connection.js.map +1 -1
- package/package.json +3 -7
package/README.md
CHANGED
|
@@ -120,7 +120,6 @@ export class UserResolver {
|
|
|
120
120
|
|
|
121
121
|
| Variable | Description | Default | Example |
|
|
122
122
|
|----------|-------------|---------|---------|
|
|
123
|
-
| `NEXUS_ID` | Frontend admin dashboard service ID, Default project UUID for JWKS fallback | `null` | `550e8400-e29b-41d4-a716-446655440000` |
|
|
124
123
|
| `CACHE_EXPIRY_TIME` | Token cache TTL in seconds | `3600` | `7200` |
|
|
125
124
|
| `JWKS_CACHE_TTL` | JWKS public key cache TTL in seconds | `18000` | `21600` |
|
|
126
125
|
|
|
@@ -140,7 +139,6 @@ SIGNATURE_SHARED_SECRET=your-very-secure-256-bit-shared-secret-key
|
|
|
140
139
|
|
|
141
140
|
# Service Configuration
|
|
142
141
|
SERVICE_ID=helios # Current service identifier
|
|
143
|
-
NEXUS_ID=550e8400-e29b-41d4-a716-446655440000 # Frontend admin dashboard ID (optional)
|
|
144
142
|
|
|
145
143
|
# Cache Configuration (Optional - Performance Tuning)
|
|
146
144
|
CACHE_EXPIRY_TIME=3600 # JWT token cache TTL (1 hour)
|
|
@@ -192,13 +190,6 @@ PORT=3000
|
|
|
192
190
|
- Rotate regularly (quarterly recommended)
|
|
193
191
|
- Use strong random generation (crypto.randomBytes(32))
|
|
194
192
|
|
|
195
|
-
#### NEXUS_ID (Optional)
|
|
196
|
-
- **Purpose**: Service identifier for the Nexus frontend admin dashboard
|
|
197
|
-
- **Usage**: Special handling for admin dashboard authentication flows
|
|
198
|
-
- **Format**: UUID v4 format
|
|
199
|
-
- **Required**: Only if your service interacts with the Nexus admin interface
|
|
200
|
-
- **Example**: `550e8400-e29b-41d4-a716-446655440000`
|
|
201
|
-
|
|
202
193
|
#### ATHENS_SERVICE_ID (Optional)
|
|
203
194
|
- **Purpose**: Fallback project UUID when JWT tokens don't specify `project_uuid`
|
|
204
195
|
- **Usage**: JWKS endpoint construction for legacy or system tokens
|
|
@@ -477,7 +468,6 @@ Redis is used extensively for performance optimization:
|
|
|
477
468
|
| **Dolos** | `SERVICE_ID=dolos` | Background processing, async tasks |
|
|
478
469
|
| **Coeus** | `SERVICE_ID=coeus` | Analytics, reporting, data processing |
|
|
479
470
|
| **Udjat** | `SERVICE_ID=udjat` | Monitoring, logging, observability |
|
|
480
|
-
| **Nexus** | Special handling via `NEXUS_ID` | Frontend admin dashboard |
|
|
481
471
|
|
|
482
472
|
## 🛠️ Development
|
|
483
473
|
|
|
@@ -983,4 +973,4 @@ See [CHANGELOG.md](CHANGELOG.md) for complete version history.
|
|
|
983
973
|
- **Slack**: `#authentication` channel
|
|
984
974
|
- **Email**: developers@wazobia.com
|
|
985
975
|
|
|
986
|
-
Built with ❤️ by the Wazobia Platform Team
|
|
976
|
+
Built with ❤️ by the Wazobia Platform Team
|
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
import { NextFunction, Request, Response } from "express";
|
|
2
|
-
export declare function projectAuthMiddleware(): (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
2
|
+
export declare function projectAuthMiddleware(serviceName: string): (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
3
3
|
export declare function jwtAuthMiddleware(): (req: Request, res: Response, next: NextFunction) => Promise<void>;
|
|
4
4
|
//# sourceMappingURL=express.helper.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"express.helper.d.ts","sourceRoot":"","sources":["../../src/middlewares/express.helper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAK1D,wBAAgB,qBAAqB,
|
|
1
|
+
{"version":3,"file":"express.helper.d.ts","sourceRoot":"","sources":["../../src/middlewares/express.helper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAK1D,wBAAgB,qBAAqB,CAAC,WAAW,EAAE,MAAM,IAGzC,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,mBAQ9D;AAED,wBAAgB,iBAAiB,KAGjB,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,mBAQ9D"}
|
|
@@ -4,8 +4,8 @@ exports.projectAuthMiddleware = projectAuthMiddleware;
|
|
|
4
4
|
exports.jwtAuthMiddleware = jwtAuthMiddleware;
|
|
5
5
|
const project_guard_1 = require("./project.guard");
|
|
6
6
|
const jwt_guard_1 = require("./jwt.guard");
|
|
7
|
-
function projectAuthMiddleware() {
|
|
8
|
-
const authMiddleware = new project_guard_1.ProjectAuthMiddleware();
|
|
7
|
+
function projectAuthMiddleware(serviceName) {
|
|
8
|
+
const authMiddleware = new project_guard_1.ProjectAuthMiddleware(serviceName);
|
|
9
9
|
return async (req, res, next) => {
|
|
10
10
|
try {
|
|
11
11
|
await authMiddleware.authenticate(req);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"express.helper.js","sourceRoot":"","sources":["../../src/middlewares/express.helper.ts"],"names":[],"mappings":";;AAKA,sDAWC;AAED,8CAWC;AA5BD,mDAAwD;AAExD,2CAAgD;AAEhD,SAAgB,qBAAqB;
|
|
1
|
+
{"version":3,"file":"express.helper.js","sourceRoot":"","sources":["../../src/middlewares/express.helper.ts"],"names":[],"mappings":";;AAKA,sDAWC;AAED,8CAWC;AA5BD,mDAAwD;AAExD,2CAAgD;AAEhD,SAAgB,qBAAqB,CAAC,WAAmB;IACvD,MAAM,cAAc,GAAG,IAAI,qCAAqB,CAAC,WAAW,CAAC,CAAC;IAE9D,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,IAAI,CAAC;YACH,MAAM,cAAc,CAAC,YAAY,CAAC,GAA2B,CAAC,CAAC;YAC/D,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED,SAAgB,iBAAiB;IAC/B,MAAM,cAAc,GAAG,IAAI,6BAAiB,EAAE,CAAC;IAE/C,OAAO,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/D,IAAI,CAAC;YACH,MAAM,cAAc,CAAC,YAAY,CAAC,GAA2B,CAAC,CAAC;YAC/D,IAAI,EAAE,CAAC;QACT,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -2,13 +2,62 @@ import { GraphQLResolveInfo } from "graphql";
|
|
|
2
2
|
import { GqlContext } from "../types/jwt-payload";
|
|
3
3
|
export declare class GraphQLAuthHelper {
|
|
4
4
|
private projectAuth;
|
|
5
|
-
private
|
|
6
|
-
|
|
7
|
-
|
|
5
|
+
private userAuth;
|
|
6
|
+
constructor(serviceName: string);
|
|
7
|
+
/**
|
|
8
|
+
* Authenticate user token (Authorization header)
|
|
9
|
+
*/
|
|
10
|
+
authenticateUser(context: GqlContext): Promise<void>;
|
|
11
|
+
/**
|
|
12
|
+
* Authenticate project/platform token (x-project-token header)
|
|
13
|
+
*/
|
|
14
|
+
authenticateProject(context: GqlContext): Promise<void>;
|
|
15
|
+
/**
|
|
16
|
+
* Wrapper: Requires project/platform token with optional scopes
|
|
17
|
+
* Use for: Operations that need project or platform context
|
|
18
|
+
*/
|
|
19
|
+
withProjectAuth<TParent, TArgs, TResult>(requiredScopesOrResolver: string[] | ((parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult), resolver?: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
20
|
+
/**
|
|
21
|
+
* Wrapper: Optional project/platform token
|
|
22
|
+
* Use for: Operations that work with or without project context
|
|
23
|
+
*/
|
|
8
24
|
withProjectAuthNoStrict<TParent, TArgs, TResult>(resolver: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
25
|
+
/**
|
|
26
|
+
* Wrapper: Requires user token with optional scopes/permissions
|
|
27
|
+
* Use for: User-specific operations (me, updateMe, deleteMe, etc.)
|
|
28
|
+
*/
|
|
29
|
+
withUserAuth<TParent, TArgs, TResult>(requiredScopesOrResolver: string[] | ((parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult), resolver?: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
30
|
+
/**
|
|
31
|
+
* Wrapper: Optional user token
|
|
32
|
+
* Use for: Operations that work with or without user context
|
|
33
|
+
*/
|
|
34
|
+
withUserAuthNoStrict<TParent, TArgs, TResult>(resolver: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
35
|
+
/**
|
|
36
|
+
* Wrapper: Requires both user AND project tokens with optional scopes for each
|
|
37
|
+
* Use for: Complex operations needing both contexts
|
|
38
|
+
*/
|
|
39
|
+
withCombinedAuth<TParent, TArgs, TResult>(options: {
|
|
40
|
+
projectScopes?: string[];
|
|
41
|
+
userScopes?: string[];
|
|
42
|
+
} | ((parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult), resolver?: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
43
|
+
/**
|
|
44
|
+
* Wrapper: Requires user token, optional project token
|
|
45
|
+
* Use for: User operations that may benefit from project context
|
|
46
|
+
*/
|
|
47
|
+
withCombinedAuthNoProjectStrict<TParent, TArgs, TResult>(options: {
|
|
48
|
+
userScopes?: string[];
|
|
49
|
+
} | ((parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult), resolver?: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
50
|
+
/**
|
|
51
|
+
* Wrapper: Requires project token, optional user token
|
|
52
|
+
* Use for: Project operations that may benefit from user context
|
|
53
|
+
*/
|
|
54
|
+
withCombinedAuthNoUserStrict<TParent, TArgs, TResult>(options: {
|
|
55
|
+
projectScopes?: string[];
|
|
56
|
+
} | ((parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult), resolver?: (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult> | TResult): (parent: TParent, args: TArgs, context: GqlContext, info: GraphQLResolveInfo | null) => Promise<TResult>;
|
|
57
|
+
/**
|
|
58
|
+
* Wrapper: Requires service token with scopes
|
|
59
|
+
* Use for: Service-to-service operations
|
|
60
|
+
*/
|
|
61
|
+
withServiceAuth<TParent = any, TArgs = any, TContext = GqlContext, TReturn = any>(requiredScopes: string[], resolver: (parent: TParent, args: TArgs, context: TContext, info: GraphQLResolveInfo) => Promise<TReturn> | TReturn): (parent: TParent, args: TArgs, context: TContext, info: GraphQLResolveInfo) => Promise<TReturn>;
|
|
13
62
|
}
|
|
14
63
|
//# sourceMappingURL=gql.helper.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gql.helper.d.ts","sourceRoot":"","sources":["../../src/middlewares/gql.helper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAKlD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,WAAW,
|
|
1
|
+
{"version":3,"file":"gql.helper.d.ts","sourceRoot":"","sources":["../../src/middlewares/gql.helper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAKlD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,WAAW,CAAwB;IAC3C,OAAO,CAAC,QAAQ,CAA2B;gBAE/B,WAAW,EAAE,MAAM;IAK/B;;OAEG;IACG,gBAAgB,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAO1D;;OAEG;IACG,mBAAmB,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAO7D;;;OAGG;IACH,eAAe,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EACrC,wBAAwB,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,EACzJ,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAO3H,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IAwBrB;;;OAGG;IACH,uBAAuB,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAC7C,QAAQ,EAAE,CACR,MAAM,EAAE,OAAO,EACf,IAAI,EAAE,KAAK,EACX,OAAO,EAAE,UAAU,EACnB,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAC5B,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAG7B,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IAYrB;;;OAGG;IACH,YAAY,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAClC,wBAAwB,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,EACzJ,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAO3H,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IAwBrB;;;OAGG;IACH,oBAAoB,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAC1C,QAAQ,EAAE,CACR,MAAM,EAAE,OAAO,EACf,IAAI,EAAE,KAAK,EACX,OAAO,EAAE,UAAU,EACnB,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAC5B,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAG7B,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IAYrB;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EACtC,OAAO,EAAE;QACP,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;KACvB,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,EACxH,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAQ3H,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IAoCrB;;;OAGG;IACH,+BAA+B,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EACrD,OAAO,EAAE;QACP,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;KACvB,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,EACxH,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAM3H,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IA6BrB;;;OAGG;IACH,4BAA4B,CAAC,OAAO,EAAE,KAAK,EAAE,OAAO,EAClD,OAAO,EAAE;QACP,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;KAC1B,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,EACxH,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,GAAG,IAAI,KAAK,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAM3H,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,UAAU,EACnB,MAAM,kBAAkB,GAAG,IAAI,KAC9B,OAAO,CAAC,OAAO,CAAC;IA6BrB;;;OAGG;IACH,eAAe,CAAC,OAAO,GAAG,GAAG,EAAE,KAAK,GAAG,GAAG,EAAE,QAAQ,GAAG,UAAU,EAAE,OAAO,GAAG,GAAG,EAC9E,cAAc,EAAE,MAAM,EAAE,EACxB,QAAQ,EAAE,CACR,MAAM,EAAE,OAAO,EACf,IAAI,EAAE,KAAK,EACX,OAAO,EAAE,QAAQ,EACjB,IAAI,EAAE,kBAAkB,KACrB,OAAO,CAAC,OAAO,CAAC,GAAG,OAAO,IAG7B,QAAQ,OAAO,EACf,MAAM,KAAK,EACX,SAAS,QAAQ,EACjB,MAAM,kBAAkB,KACvB,OAAO,CAAC,OAAO,CAAC;CA0BtB"}
|
|
@@ -3,30 +3,63 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
3
3
|
exports.GraphQLAuthHelper = void 0;
|
|
4
4
|
const jwt_guard_1 = require("./jwt.guard");
|
|
5
5
|
const project_guard_1 = require("./project.guard");
|
|
6
|
-
// GraphQL Middleware Helper
|
|
6
|
+
// GraphQL Middleware Helper for Authentication
|
|
7
7
|
class GraphQLAuthHelper {
|
|
8
|
-
constructor() {
|
|
9
|
-
this.
|
|
10
|
-
|
|
8
|
+
constructor(serviceName) {
|
|
9
|
+
this.userAuth = new jwt_guard_1.JwtAuthMiddleware();
|
|
10
|
+
// Initialize ProjectAuthMiddleware with service name
|
|
11
|
+
this.projectAuth = new project_guard_1.ProjectAuthMiddleware(serviceName);
|
|
11
12
|
}
|
|
12
|
-
|
|
13
|
+
/**
|
|
14
|
+
* Authenticate user token (Authorization header)
|
|
15
|
+
*/
|
|
16
|
+
async authenticateUser(context) {
|
|
13
17
|
if (!context.req) {
|
|
14
18
|
throw new Error('Request context not available');
|
|
15
19
|
}
|
|
16
|
-
await this.
|
|
20
|
+
await this.userAuth.authenticate(context.req);
|
|
17
21
|
}
|
|
18
|
-
|
|
22
|
+
/**
|
|
23
|
+
* Authenticate project/platform token (x-project-token header)
|
|
24
|
+
*/
|
|
25
|
+
async authenticateProject(context) {
|
|
26
|
+
if (!context.req) {
|
|
27
|
+
throw new Error('Request context not available');
|
|
28
|
+
}
|
|
29
|
+
await this.projectAuth.authenticate(context.req);
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Wrapper: Requires project/platform token with optional scopes
|
|
33
|
+
* Use for: Operations that need project or platform context
|
|
34
|
+
*/
|
|
35
|
+
withProjectAuth(requiredScopesOrResolver, resolver) {
|
|
36
|
+
// Support both withProjectAuth(resolver) and withProjectAuth(['scope'], resolver)
|
|
37
|
+
const requiredScopes = Array.isArray(requiredScopesOrResolver) ? requiredScopesOrResolver : [];
|
|
38
|
+
const actualResolver = resolver || requiredScopesOrResolver;
|
|
19
39
|
return async (parent, args, context, info) => {
|
|
20
|
-
await this.
|
|
21
|
-
|
|
40
|
+
await this.authenticateProject(context);
|
|
41
|
+
// Check scopes if required
|
|
42
|
+
if (requiredScopes.length > 0) {
|
|
43
|
+
const req = context.req;
|
|
44
|
+
const tokenScopes = req?.project?.scopes || req?.platform?.scopes || [];
|
|
45
|
+
const hasRequiredScopes = requiredScopes.every(scope => tokenScopes.includes(scope));
|
|
46
|
+
if (!hasRequiredScopes) {
|
|
47
|
+
throw new Error(`Insufficient permissions. Required: ${requiredScopes.join(', ')}, ` +
|
|
48
|
+
`Provided: ${tokenScopes.join(', ')}`);
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
return actualResolver(parent, args, context, info);
|
|
22
52
|
};
|
|
23
53
|
}
|
|
24
|
-
|
|
54
|
+
/**
|
|
55
|
+
* Wrapper: Optional project/platform token
|
|
56
|
+
* Use for: Operations that work with or without project context
|
|
57
|
+
*/
|
|
25
58
|
withProjectAuthNoStrict(resolver) {
|
|
26
59
|
return async (parent, args, context, info) => {
|
|
27
60
|
// Project auth is optional - continues if fails
|
|
28
61
|
try {
|
|
29
|
-
await this.
|
|
62
|
+
await this.authenticateProject(context);
|
|
30
63
|
}
|
|
31
64
|
catch (error) {
|
|
32
65
|
console.warn('Project auth (optional):', error.message);
|
|
@@ -34,46 +67,159 @@ class GraphQLAuthHelper {
|
|
|
34
67
|
return resolver(parent, args, context, info);
|
|
35
68
|
};
|
|
36
69
|
}
|
|
37
|
-
|
|
70
|
+
/**
|
|
71
|
+
* Wrapper: Requires user token with optional scopes/permissions
|
|
72
|
+
* Use for: User-specific operations (me, updateMe, deleteMe, etc.)
|
|
73
|
+
*/
|
|
74
|
+
withUserAuth(requiredScopesOrResolver, resolver) {
|
|
75
|
+
// Support both withUserAuth(resolver) and withUserAuth(['scope'], resolver)
|
|
76
|
+
const requiredScopes = Array.isArray(requiredScopesOrResolver) ? requiredScopesOrResolver : [];
|
|
77
|
+
const actualResolver = resolver || requiredScopesOrResolver;
|
|
38
78
|
return async (parent, args, context, info) => {
|
|
39
|
-
await this.
|
|
40
|
-
|
|
79
|
+
await this.authenticateUser(context);
|
|
80
|
+
// Check scopes/permissions if required
|
|
81
|
+
if (requiredScopes.length > 0) {
|
|
82
|
+
const req = context.req;
|
|
83
|
+
const userPermissions = req?.user?.permissions || [];
|
|
84
|
+
const hasRequiredScopes = requiredScopes.every(scope => userPermissions.includes(scope));
|
|
85
|
+
if (!hasRequiredScopes) {
|
|
86
|
+
throw new Error(`Insufficient permissions. Required: ${requiredScopes.join(', ')}, ` +
|
|
87
|
+
`Provided: ${userPermissions.join(', ')}`);
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
return actualResolver(parent, args, context, info);
|
|
41
91
|
};
|
|
42
92
|
}
|
|
43
|
-
|
|
44
|
-
|
|
93
|
+
/**
|
|
94
|
+
* Wrapper: Optional user token
|
|
95
|
+
* Use for: Operations that work with or without user context
|
|
96
|
+
*/
|
|
97
|
+
withUserAuthNoStrict(resolver) {
|
|
45
98
|
return async (parent, args, context, info) => {
|
|
46
|
-
//
|
|
99
|
+
// User auth is optional - continues if fails
|
|
47
100
|
try {
|
|
48
|
-
await this.
|
|
101
|
+
await this.authenticateUser(context);
|
|
49
102
|
}
|
|
50
103
|
catch (error) {
|
|
51
|
-
|
|
52
|
-
console.warn('JWT auth (optional):', error.message);
|
|
104
|
+
console.warn('User auth (optional):', error.message);
|
|
53
105
|
}
|
|
54
106
|
return resolver(parent, args, context, info);
|
|
55
107
|
};
|
|
56
108
|
}
|
|
57
|
-
|
|
109
|
+
/**
|
|
110
|
+
* Wrapper: Requires both user AND project tokens with optional scopes for each
|
|
111
|
+
* Use for: Complex operations needing both contexts
|
|
112
|
+
*/
|
|
113
|
+
withCombinedAuth(options, resolver) {
|
|
114
|
+
// Support both withCombinedAuth(resolver) and withCombinedAuth({scopes}, resolver)
|
|
115
|
+
const projectScopes = typeof options === 'object' && !('then' in options) ? (options.projectScopes || []) : [];
|
|
116
|
+
const userScopes = typeof options === 'object' && !('then' in options) ? (options.userScopes || []) : [];
|
|
117
|
+
const actualResolver = resolver || options;
|
|
58
118
|
return async (parent, args, context, info) => {
|
|
59
|
-
await this.
|
|
60
|
-
await this.
|
|
61
|
-
|
|
119
|
+
await this.authenticateUser(context);
|
|
120
|
+
await this.authenticateProject(context);
|
|
121
|
+
const req = context.req;
|
|
122
|
+
// Check project scopes
|
|
123
|
+
if (projectScopes.length > 0) {
|
|
124
|
+
const tokenScopes = req?.project?.scopes || req?.platform?.scopes || [];
|
|
125
|
+
const hasProjectScopes = projectScopes.every(scope => tokenScopes.includes(scope));
|
|
126
|
+
if (!hasProjectScopes) {
|
|
127
|
+
throw new Error(`Insufficient project permissions. Required: ${projectScopes.join(', ')}, ` +
|
|
128
|
+
`Provided: ${tokenScopes.join(', ')}`);
|
|
129
|
+
}
|
|
130
|
+
}
|
|
131
|
+
// Check user scopes
|
|
132
|
+
if (userScopes.length > 0) {
|
|
133
|
+
const userPermissions = req?.user?.permissions || [];
|
|
134
|
+
const hasUserScopes = userScopes.every(scope => userPermissions.includes(scope));
|
|
135
|
+
if (!hasUserScopes) {
|
|
136
|
+
throw new Error(`Insufficient user permissions. Required: ${userScopes.join(', ')}, ` +
|
|
137
|
+
`Provided: ${userPermissions.join(', ')}`);
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
return actualResolver(parent, args, context, info);
|
|
62
141
|
};
|
|
63
142
|
}
|
|
64
|
-
|
|
65
|
-
|
|
143
|
+
/**
|
|
144
|
+
* Wrapper: Requires user token, optional project token
|
|
145
|
+
* Use for: User operations that may benefit from project context
|
|
146
|
+
*/
|
|
147
|
+
withCombinedAuthNoProjectStrict(options, resolver) {
|
|
148
|
+
const userScopes = typeof options === 'object' && !('then' in options) ? (options.userScopes || []) : [];
|
|
149
|
+
const actualResolver = resolver || options;
|
|
66
150
|
return async (parent, args, context, info) => {
|
|
67
|
-
//
|
|
68
|
-
await this.
|
|
69
|
-
//
|
|
151
|
+
// User is required
|
|
152
|
+
await this.authenticateUser(context);
|
|
153
|
+
// Check user scopes
|
|
154
|
+
if (userScopes.length > 0) {
|
|
155
|
+
const req = context.req;
|
|
156
|
+
const userPermissions = req?.user?.permissions || [];
|
|
157
|
+
const hasUserScopes = userScopes.every(scope => userPermissions.includes(scope));
|
|
158
|
+
if (!hasUserScopes) {
|
|
159
|
+
throw new Error(`Insufficient user permissions. Required: ${userScopes.join(', ')}, ` +
|
|
160
|
+
`Provided: ${userPermissions.join(', ')}`);
|
|
161
|
+
}
|
|
162
|
+
}
|
|
163
|
+
// Project auth is optional
|
|
70
164
|
try {
|
|
71
|
-
await this.
|
|
165
|
+
await this.authenticateProject(context);
|
|
72
166
|
}
|
|
73
167
|
catch (error) {
|
|
74
|
-
// Optional: Log for debugging
|
|
75
168
|
console.warn('Project auth (optional):', error.message);
|
|
76
169
|
}
|
|
170
|
+
return actualResolver(parent, args, context, info);
|
|
171
|
+
};
|
|
172
|
+
}
|
|
173
|
+
/**
|
|
174
|
+
* Wrapper: Requires project token, optional user token
|
|
175
|
+
* Use for: Project operations that may benefit from user context
|
|
176
|
+
*/
|
|
177
|
+
withCombinedAuthNoUserStrict(options, resolver) {
|
|
178
|
+
const projectScopes = typeof options === 'object' && !('then' in options) ? (options.projectScopes || []) : [];
|
|
179
|
+
const actualResolver = resolver || options;
|
|
180
|
+
return async (parent, args, context, info) => {
|
|
181
|
+
// Project is required
|
|
182
|
+
await this.authenticateProject(context);
|
|
183
|
+
// Check project scopes
|
|
184
|
+
if (projectScopes.length > 0) {
|
|
185
|
+
const req = context.req;
|
|
186
|
+
const tokenScopes = req?.project?.scopes || req?.platform?.scopes || [];
|
|
187
|
+
const hasProjectScopes = projectScopes.every(scope => tokenScopes.includes(scope));
|
|
188
|
+
if (!hasProjectScopes) {
|
|
189
|
+
throw new Error(`Insufficient project permissions. Required: ${projectScopes.join(', ')}, ` +
|
|
190
|
+
`Provided: ${tokenScopes.join(', ')}`);
|
|
191
|
+
}
|
|
192
|
+
}
|
|
193
|
+
// User auth is optional
|
|
194
|
+
try {
|
|
195
|
+
await this.authenticateUser(context);
|
|
196
|
+
}
|
|
197
|
+
catch (error) {
|
|
198
|
+
console.warn('User auth (optional):', error.message);
|
|
199
|
+
}
|
|
200
|
+
return actualResolver(parent, args, context, info);
|
|
201
|
+
};
|
|
202
|
+
}
|
|
203
|
+
/**
|
|
204
|
+
* Wrapper: Requires service token with scopes
|
|
205
|
+
* Use for: Service-to-service operations
|
|
206
|
+
*/
|
|
207
|
+
withServiceAuth(requiredScopes, resolver) {
|
|
208
|
+
return async (parent, args, context, info) => {
|
|
209
|
+
// Pass the full context (not just req) to authenticateProject
|
|
210
|
+
await this.authenticateProject(context);
|
|
211
|
+
// Check if it's a service token
|
|
212
|
+
const req = context.req;
|
|
213
|
+
if (!req || !req.service) {
|
|
214
|
+
throw new Error('This operation requires service authentication');
|
|
215
|
+
}
|
|
216
|
+
// Check scopes
|
|
217
|
+
const serviceScopes = req.service.scopes;
|
|
218
|
+
const hasRequiredScopes = requiredScopes.every(scope => serviceScopes.includes(scope));
|
|
219
|
+
if (!hasRequiredScopes) {
|
|
220
|
+
throw new Error(`Insufficient permissions. Required: ${requiredScopes.join(', ')}, ` +
|
|
221
|
+
`Provided: ${serviceScopes.join(', ')}`);
|
|
222
|
+
}
|
|
77
223
|
return resolver(parent, args, context, info);
|
|
78
224
|
};
|
|
79
225
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gql.helper.js","sourceRoot":"","sources":["../../src/middlewares/gql.helper.ts"],"names":[],"mappings":";;;AAEA,2CAAgD;AAChD,mDAAwD;AAExD
|
|
1
|
+
{"version":3,"file":"gql.helper.js","sourceRoot":"","sources":["../../src/middlewares/gql.helper.ts"],"names":[],"mappings":";;;AAEA,2CAAgD;AAChD,mDAAwD;AAExD,+CAA+C;AAC/C,MAAa,iBAAiB;IAI5B,YAAY,WAAmB;QAFvB,aAAQ,GAAG,IAAI,6BAAiB,EAAE,CAAC;QAGzC,qDAAqD;QACrD,IAAI,CAAC,WAAW,GAAG,IAAI,qCAAqB,CAAC,WAAW,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAAmB;QACxC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CAAC,OAAmB;QAC3C,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAED;;;OAGG;IACH,eAAe,CACb,wBAAyJ,EACzJ,QAA6H;QAE7H,kFAAkF;QAClF,MAAM,cAAc,GAAG,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/F,MAAM,cAAc,GAAG,QAAQ,IAAK,wBAAgC,CAAC;QAErE,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAExC,2BAA2B;YAC3B,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;gBACxB,MAAM,WAAW,GAAG,GAAG,EAAE,OAAO,EAAE,MAAM,IAAI,GAAG,EAAE,QAAQ,EAAE,MAAM,IAAI,EAAE,CAAC;gBAExE,MAAM,iBAAiB,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CACrD,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC5B,CAAC;gBAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CACb,uCAAuC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBACpE,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,uBAAuB,CACrB,QAK+B;QAE/B,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,gDAAgD;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAC1C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC1D,CAAC;YAED,OAAO,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QAC/C,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,YAAY,CACV,wBAAyJ,EACzJ,QAA6H;QAE7H,4EAA4E;QAC5E,MAAM,cAAc,GAAG,KAAK,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/F,MAAM,cAAc,GAAG,QAAQ,IAAK,wBAAgC,CAAC;QAErE,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAErC,uCAAuC;YACvC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;gBACxB,MAAM,eAAe,GAAG,GAAG,EAAE,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC;gBAErD,MAAM,iBAAiB,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CACrD,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAChC,CAAC;gBAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,MAAM,IAAI,KAAK,CACb,uCAAuC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBACpE,aAAa,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1C,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,oBAAoB,CAClB,QAK+B;QAE/B,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,6CAA6C;YAC7C,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACvC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC;YAED,OAAO,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QAC/C,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,gBAAgB,CACd,OAGwH,EACxH,QAA6H;QAE7H,mFAAmF;QACnF,MAAM,aAAa,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/G,MAAM,UAAU,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACzG,MAAM,cAAc,GAAG,QAAQ,IAAK,OAAe,CAAC;QAEpD,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACrC,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAExC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;YAExB,uBAAuB;YACvB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,WAAW,GAAG,GAAG,EAAE,OAAO,EAAE,MAAM,IAAI,GAAG,EAAE,QAAQ,EAAE,MAAM,IAAI,EAAE,CAAC;gBACxE,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEnF,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBACtB,MAAM,IAAI,KAAK,CACb,+CAA+C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBAC3E,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,oBAAoB;YACpB,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,eAAe,GAAG,GAAG,EAAE,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC;gBACrD,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEjF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CACb,4CAA4C,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBACrE,aAAa,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1C,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,+BAA+B,CAC7B,OAEwH,EACxH,QAA6H;QAE7H,MAAM,UAAU,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACzG,MAAM,cAAc,GAAG,QAAQ,IAAK,OAAe,CAAC;QAEpD,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,mBAAmB;YACnB,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAErC,oBAAoB;YACpB,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;gBACxB,MAAM,eAAe,GAAG,GAAG,EAAE,IAAI,EAAE,WAAW,IAAI,EAAE,CAAC;gBACrD,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEjF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CACb,4CAA4C,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBACrE,aAAa,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1C,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,2BAA2B;YAC3B,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAC1C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC1D,CAAC;YAED,OAAO,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,4BAA4B,CAC1B,OAEwH,EACxH,QAA6H;QAE7H,MAAM,aAAa,GAAG,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/G,MAAM,cAAc,GAAG,QAAQ,IAAK,OAAe,CAAC;QAEpD,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAmB,EACnB,IAA+B,EACb,EAAE;YACpB,sBAAsB;YACtB,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC;YAExC,uBAAuB;YACvB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;gBACxB,MAAM,WAAW,GAAG,GAAG,EAAE,OAAO,EAAE,MAAM,IAAI,GAAG,EAAE,QAAQ,EAAE,MAAM,IAAI,EAAE,CAAC;gBACxE,MAAM,gBAAgB,GAAG,aAAa,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEnF,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBACtB,MAAM,IAAI,KAAK,CACb,+CAA+C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBAC3E,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtC,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,wBAAwB;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACvC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,uBAAuB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC;YAED,OAAO,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,eAAe,CACb,cAAwB,EACxB,QAK+B;QAE/B,OAAO,KAAK,EACV,MAAe,EACf,IAAW,EACX,OAAiB,EACjB,IAAwB,EACN,EAAE;YACpB,8DAA8D;YAC9D,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAqB,CAAC,CAAC;YAEtD,gCAAgC;YAChC,MAAM,GAAG,GAAI,OAAe,CAAC,GAAG,CAAC;YACjC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;YACpE,CAAC;YAED,eAAe;YACf,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC;YACzC,MAAM,iBAAiB,GAAG,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CACrD,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC9B,CAAC;YAEF,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CACb,uCAAuC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;oBACpE,aAAa,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACxC,CAAC;YACJ,CAAC;YAED,OAAO,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QAC/C,CAAC,CAAC;IACJ,CAAC;CACF;AA5WD,8CA4WC"}
|
|
@@ -4,7 +4,7 @@ export declare class JwtAuthMiddleware {
|
|
|
4
4
|
private jwksCache;
|
|
5
5
|
constructor();
|
|
6
6
|
authenticate(req: AuthenticatedRequest): Promise<void>;
|
|
7
|
-
private
|
|
7
|
+
private decodeJWTTokenForTenantId;
|
|
8
8
|
private getJwksUriAndPath;
|
|
9
9
|
private fetchJWKS;
|
|
10
10
|
private getSigningKey;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.guard.d.ts","sourceRoot":"","sources":["../../src/middlewares/jwt.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EAGrB,MAAM,sBAAsB,CAAC;AAQ9B,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,SAAS,CAGH;;IAOR,YAAY,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt.guard.d.ts","sourceRoot":"","sources":["../../src/middlewares/jwt.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EAGrB,MAAM,sBAAsB,CAAC;AAQ9B,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,SAAS,CAGH;;IAOR,YAAY,CAAC,GAAG,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC;IA8B5D,OAAO,CAAC,yBAAyB;IAuBjC,OAAO,CAAC,iBAAiB;YAaX,SAAS;YAwET,aAAa;IA0D3B,OAAO,CAAC,mBAAmB;YAWb,mBAAmB;YAoBnB,cAAc;YAqCd,QAAQ;CAqFvB"}
|
|
@@ -65,13 +65,18 @@ class JwtAuthMiddleware {
|
|
|
65
65
|
const publicKey = await this.getSigningKey(token);
|
|
66
66
|
// Validate token
|
|
67
67
|
const user = await this.validate(token, publicKey);
|
|
68
|
-
req.user =
|
|
68
|
+
req.user = {
|
|
69
|
+
...user,
|
|
70
|
+
tenant_id: user.tenant_id,
|
|
71
|
+
permissions: user.permissions || [],
|
|
72
|
+
token_id: user.token_id
|
|
73
|
+
};
|
|
69
74
|
}
|
|
70
75
|
catch (error) {
|
|
71
76
|
throw new Error(`Invalid JWT token: ${error.message}`);
|
|
72
77
|
}
|
|
73
78
|
}
|
|
74
|
-
|
|
79
|
+
decodeJWTTokenForTenantId(rawJwtToken) {
|
|
75
80
|
try {
|
|
76
81
|
const parts = rawJwtToken.split('.');
|
|
77
82
|
if (parts.length !== 3) {
|
|
@@ -81,9 +86,9 @@ class JwtAuthMiddleware {
|
|
|
81
86
|
if (!decoded) {
|
|
82
87
|
return null;
|
|
83
88
|
}
|
|
84
|
-
if (typeof decoded === 'object' && decoded !== null && '
|
|
85
|
-
const
|
|
86
|
-
return
|
|
89
|
+
if (typeof decoded === 'object' && decoded !== null && 'tenant_id' in decoded) {
|
|
90
|
+
const tenantId = decoded.tenant_id || null;
|
|
91
|
+
return tenantId;
|
|
87
92
|
}
|
|
88
93
|
return null;
|
|
89
94
|
}
|
|
@@ -91,21 +96,11 @@ class JwtAuthMiddleware {
|
|
|
91
96
|
return null;
|
|
92
97
|
}
|
|
93
98
|
}
|
|
94
|
-
getJwksUriAndPath(
|
|
99
|
+
getJwksUriAndPath(tenant_id) {
|
|
95
100
|
const domain = process.env.MERCURY_BASE_URL || 'http://localhost:4000';
|
|
96
101
|
console.log('JWKS Debug - MERCURY_BASE_URL:', domain);
|
|
97
|
-
console.log('JWKS Debug -
|
|
98
|
-
let path
|
|
99
|
-
if (projectUuid) {
|
|
100
|
-
path = `auth/projects/${projectUuid}/.well-known/jwks.json`;
|
|
101
|
-
}
|
|
102
|
-
else {
|
|
103
|
-
const defaultProjectUuid = process.env.NEXUS_ID;
|
|
104
|
-
if (!defaultProjectUuid) {
|
|
105
|
-
throw new Error('No project UUID found in token and no default project UUID configured');
|
|
106
|
-
}
|
|
107
|
-
path = `auth/projects/${defaultProjectUuid}/.well-known/jwks.json`;
|
|
108
|
-
}
|
|
102
|
+
console.log('JWKS Debug - tenantId:', tenant_id);
|
|
103
|
+
let path = `auth/projects/${tenant_id}/.well-known/jwks.json`;
|
|
109
104
|
const uri = `${domain}/${path}`;
|
|
110
105
|
console.log('JWKS Debug - Constructed URI:', uri);
|
|
111
106
|
return { uri, path };
|
|
@@ -183,9 +178,9 @@ class JwtAuthMiddleware {
|
|
|
183
178
|
if (!header.kid) {
|
|
184
179
|
throw new Error('Missing key ID (kid) in token header');
|
|
185
180
|
}
|
|
186
|
-
const
|
|
187
|
-
const { uri: jwksUri, path } = this.getJwksUriAndPath(
|
|
188
|
-
const cacheKey =
|
|
181
|
+
const tenantId = this.decodeJWTTokenForTenantId(rawJwtToken);
|
|
182
|
+
const { uri: jwksUri, path } = this.getJwksUriAndPath(tenantId);
|
|
183
|
+
const cacheKey = tenantId || 'default';
|
|
189
184
|
const cachedEntry = this.jwksCache.get(cacheKey);
|
|
190
185
|
let keyStore;
|
|
191
186
|
if (!cachedEntry || Date.now() > cachedEntry.expiry) {
|
|
@@ -201,7 +196,7 @@ class JwtAuthMiddleware {
|
|
|
201
196
|
}
|
|
202
197
|
const key = keyStore.get(header.kid);
|
|
203
198
|
if (!key) {
|
|
204
|
-
throw new Error(`Key ${header.kid} not found in JWKS for
|
|
199
|
+
throw new Error(`Key ${header.kid} not found in JWKS for tenant ${tenantId || 'default'}`);
|
|
205
200
|
}
|
|
206
201
|
const publicKey = key.toPEM(false);
|
|
207
202
|
return publicKey;
|
|
@@ -275,6 +270,9 @@ class JwtAuthMiddleware {
|
|
|
275
270
|
uuid: cachedPayload.sub.uuid,
|
|
276
271
|
email: cachedPayload.sub.email,
|
|
277
272
|
name: cachedPayload.sub.name,
|
|
273
|
+
tenant_id: cachedPayload.project_uuid || cachedPayload.tenant_id || undefined,
|
|
274
|
+
permissions: cachedPayload.permissions || [],
|
|
275
|
+
token_id: cachedPayload.jti || '',
|
|
278
276
|
};
|
|
279
277
|
}
|
|
280
278
|
try {
|
|
@@ -324,6 +322,9 @@ class JwtAuthMiddleware {
|
|
|
324
322
|
uuid: payload.sub.uuid,
|
|
325
323
|
email: payload.sub.email,
|
|
326
324
|
name: payload.sub.name,
|
|
325
|
+
tenant_id: payload.project_uuid || undefined,
|
|
326
|
+
scopes: [],
|
|
327
|
+
token_id: payload.jti || '',
|
|
327
328
|
};
|
|
328
329
|
return authUser;
|
|
329
330
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.guard.js","sourceRoot":"","sources":["../../src/middlewares/jwt.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA,iFAA+D;AAC/D,2DAA6C;AAC7C,+CAAiC;AACjC,gDAAkC;AAClC,kDAA0C;AAE1C,gDAAgD;AAChD,MAAa,iBAAiB;IAO5B;QALQ,cAAS,GAGb,IAAI,GAAG,EAAE,CAAC;QAGZ,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,uBAAuB,CAAC;QACvE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAyB;QAC1C,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC;YAC5C,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC,UAAU,CAAC;QAEf,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,CAAC;YACH,4BAA4B;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAClD,iBAAiB;YACjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YACnD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;QAClB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAEO,4BAA4B,CAAC,WAAmB;QACtD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,IAAI,IAAI,cAAc,IAAI,OAAO,EAAE,CAAC;gBACjF,MAAM,WAAW,GAAI,OAAqC,CAAC,YAAY,IAAI,IAAI,CAAC;gBAChF,OAAO,WAAW,CAAC;YACrB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,WAA0B;QAIlD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,uBAAuB,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,WAAW,CAAC,CAAC;QACtD,IAAI,IAAY,CAAC;QAEjB,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,GAAG,iBAAiB,WAAW,wBAAwB,CAAC;QAC9D,CAAC;aAAM,CAAC;YACN,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAChD,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CACb,uEAAuE,CACxE,CAAC;YACJ,CAAC;YAED,IAAI,GAAG,iBAAiB,kBAAkB,wBAAwB,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;QAClD,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACvB,CAAC;IAEO,KAAK,CAAC,SAAS,CACrB,OAAe,EACf,IAAY;QAEZ,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxC,MAAM,cAAc,GAAG,KAAK,GAAG,IAAI,IAAI,EAAE,GAAG,SAAS,CAAC;YACtD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE,CAAC;YAE/D,MAAM,SAAS,GAAG,MAAM;iBACrB,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;iBAClC,MAAM,CAAC,cAAc,CAAC;iBACtB,MAAM,CAAC,KAAK,CAAC,CAAC;YAEjB,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,YAAY,EAAE,uBAAuB;gBACrC,aAAa,EAAE,SAAS;gBACxB,aAAa,EAAE,SAAS;aACzB,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAE7B,OAAO,EAAE;gBACV,OAAO,EAAE,KAAK;gBACd,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACzD,CAAC;YAED,IAAI,QAAkC,CAAC;YAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtC,QAAQ,GAAG,QAAQ,CAAC,IAAgC,CAAC;YACvD,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG;oBACT,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;iBAC3B,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAErD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAmB,CAAC;gBACvC,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACjD,CAAC;qBAAM,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBAC3C,CAAC;qBAAM,IACL,UAAU,CAAC,IAAI,KAAK,eAAe;oBACnC,UAAU,CAAC,IAAI,KAAK,iCAAiC,EACrD,CAAC;oBACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBAC9D,CAAC;qBAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CACb,0BAA0B,UAAU,CAAC,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,CAC1F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,IAAI,eAAe,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,EAAE,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5E,MAAM,IAAI,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC7C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC/E,CAAC;YAOD,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAE9B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YAElE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAc,CAAC;YACnD,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,WAAW,GAAG,IAAI,CAAC,4BAA4B,CAAC,WAAW,CAAC,CAAC;YACnE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAEnE,MAAM,QAAQ,GAAG,WAAW,IAAI,SAAS,CAAC;YAE1C,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,QAA2B,CAAC;YAEhC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC;gBACpD,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC,aAAa;gBAErD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC3B,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,UAAU;iBACnB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;YAClC,CAAC;YAED,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAA6B,CAAC;YAEjE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CACb,OAAO,MAAM,CAAC,GAAG,kCAAkC,WAAW,IAAI,SAAS,EAAE,CAC9E,CAAC;YACJ,CAAC;YAED,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,8BAA8B,YAAY,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB;QAC1C,MAAM,SAAS,GAAG,MAAM;aACrB,UAAU,CAAC,QAAQ,CAAC;aACpB,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpB,MAAM,QAAQ,GAAG,mBAAmB,SAAS,EAAE,CAAC;QAChD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAC/B,OAAmB,EACnB,QAAgB;QAGhB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,CAAC;YAE1E,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YAE9C,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,EAAE;gBACvC,EAAE,EAAE,eAAe;aACpB,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,QAAgB;QAC3C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEhD,IAAI,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAe,CAAC;gBACxD,oCAAoC;gBACpC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;oBAC5D,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;oBACrC,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACpD,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,OAAO,CAAC,KAAK,CAAC,sDAAsD,EAAE,YAAY,CAAC,CAAC;YACtF,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,QAAQ,CACpB,QAAgB,EAChB,SAAiB;QAEjB,oBAAoB;QACpB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAC1D,IAAI,aAAa,EAAE,CAAC;YAClB,OAAO;gBACL,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;gBAC5B,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,KAAK;gBAC9B,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;aAC7B,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,wCAAwC;YACxC,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE;gBACxD,UAAU,EAAE,CAAC,OAAO,CAAC;gBACrB,gBAAgB,EAAE,KAAK;aACxB,CAAC,CAAC;YAEH,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtD,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzC,CAAC;YAED,MAAM,OAAO,GAAG,QAAiC,CAAC;YAElD,iCAAiC;YACjC,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAClD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAED,kBAAkB;YAClB,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,CAAC,cAAc,UAAU,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3F,CAAC;YAED,sBAAsB;YACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;YACnC,CAAC;YAED,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzC,CAAC;YAED,mCAAmC;YACnC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;oBACzD,MAAM,aAAa,GAAG,iBAAiB,OAAO,CAAC,GAAG,EAAE,CAAC;oBACrD,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;oBAGjD,IAAI,SAAS,EAAE,CAAC;wBACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAc,EAAE,CAAC;oBACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBAC5E,MAAM,IAAI,KAAK,CAAC,gBAAgB,YAAY,EAAE,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YAED,4BAA4B;YAC5B,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAElD,MAAM,QAAQ,GAAG;gBACf,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;gBACtB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;gBACxB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;aACvB,CAAC;YAEF,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;CACF;AA3WD,8CA2WC"}
|
|
1
|
+
{"version":3,"file":"jwt.guard.js","sourceRoot":"","sources":["../../src/middlewares/jwt.guard.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAKA,iFAA+D;AAC/D,2DAA6C;AAC7C,+CAAiC;AACjC,gDAAkC;AAClC,kDAA0C;AAE1C,gDAAgD;AAChD,MAAa,iBAAiB;IAO5B;QALQ,cAAS,GAGb,IAAI,GAAG,EAAE,CAAC;QAGZ,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,uBAAuB,CAAC;QACvE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAyB;QAC1C,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC;YAC5C,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;YACrB,CAAC,CAAC,UAAU,CAAC;QAEf,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACvC,CAAC;QAED,IAAI,CAAC;YACH,4BAA4B;YAC5B,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAClD,iBAAiB;YACjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;YACnD,GAAG,CAAC,IAAI,GAAG;gBACT,GAAG,IAAI;gBACP,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;gBACnC,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,sBAAsB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAEO,yBAAyB,CAAC,WAAmB;QACnD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,IAAI,IAAI,WAAW,IAAI,OAAO,EAAE,CAAC;gBAC9E,MAAM,QAAQ,GAAI,OAAkC,CAAC,SAAS,IAAI,IAAI,CAAC;gBACvE,OAAO,QAAQ,CAAC;YAClB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,SAAwB;QAIhD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,uBAAuB,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;QACjD,IAAI,IAAI,GAAW,iBAAiB,SAAS,wBAAwB,CAAC;QACtE,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,+BAA+B,EAAE,GAAG,CAAC,CAAC;QAClD,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACvB,CAAC;IAEO,KAAK,CAAC,SAAS,CACrB,OAAe,EACf,IAAY;QAEZ,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxC,MAAM,cAAc,GAAG,KAAK,GAAG,IAAI,IAAI,EAAE,GAAG,SAAS,CAAC;YACtD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,EAAE,CAAC;YAE/D,MAAM,SAAS,GAAG,MAAM;iBACrB,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;iBAClC,MAAM,CAAC,cAAc,CAAC;iBACtB,MAAM,CAAC,KAAK,CAAC,CAAC;YAEjB,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,YAAY,EAAE,uBAAuB;gBACrC,aAAa,EAAE,SAAS;gBACxB,aAAa,EAAE,SAAS;aACzB,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAE7B,OAAO,EAAE;gBACV,OAAO,EAAE,KAAK;gBACd,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACzD,CAAC;YAED,IAAI,QAAkC,CAAC;YAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtC,QAAQ,GAAG,QAAQ,CAAC,IAAgC,CAAC;YACvD,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG;oBACT,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;iBAC3B,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAErD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAmB,CAAC;gBACvC,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;gBACjD,CAAC;qBAAM,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;gBAC3C,CAAC;qBAAM,IACL,UAAU,CAAC,IAAI,KAAK,eAAe;oBACnC,UAAU,CAAC,IAAI,KAAK,iCAAiC,EACrD,CAAC;oBACD,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBAC9D,CAAC;qBAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CACb,0BAA0B,UAAU,CAAC,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,CAC1F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,IAAI,eAAe,CAAC;oBACtD,MAAM,IAAI,KAAK,CAAC,yBAAyB,OAAO,EAAE,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5E,MAAM,IAAI,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC7C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CAAC,6CAA6C,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC/E,CAAC;YAOD,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAE9B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YAElE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAc,CAAC;YACnD,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;YAC7D,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAEhE,MAAM,QAAQ,GAAG,QAAQ,IAAI,SAAS,CAAC;YAEvC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,QAA2B,CAAC;YAEhC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC;gBACpD,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC,aAAa;gBAErD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC3B,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,UAAU;iBACnB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;YAClC,CAAC;YAED,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAA6B,CAAC;YAEjE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CACb,OAAO,MAAM,CAAC,GAAG,iCAAiC,QAAQ,IAAI,SAAS,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,8BAA8B,YAAY,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB;QAC1C,MAAM,SAAS,GAAG,MAAM;aACrB,UAAU,CAAC,QAAQ,CAAC;aACpB,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpB,MAAM,QAAQ,GAAG,mBAAmB,SAAS,EAAE,CAAC;QAChD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAC/B,OAAmB,EACnB,QAAgB;QAGhB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,MAAM,CAAC,CAAC;YAE1E,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YAE9C,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,EAAE;gBACvC,EAAE,EAAE,eAAe;aACpB,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,QAAgB;QAC3C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEhD,IAAI,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;gBACvD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAe,CAAC;gBACxD,oCAAoC;gBACpC,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;oBAC5D,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;oBACrC,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACpD,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC;gBACtB,OAAO,CAAC,KAAK,CAAC,sDAAsD,EAAE,YAAY,CAAC,CAAC;YACtF,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,QAAQ,CACpB,QAAgB,EAChB,SAAiB;QAEjB,oBAAoB;QACpB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QAC1D,IAAI,aAAa,EAAE,CAAC;YAClB,OAAO;gBACL,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;gBAC5B,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,KAAK;gBAC9B,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;gBAE5B,SAAS,EAAE,aAAa,CAAC,YAAY,IAAI,aAAa,CAAC,SAAS,IAAI,SAAS;gBAC7E,WAAW,EAAE,aAAa,CAAC,WAAW,IAAI,EAAE;gBAC5C,QAAQ,EAAE,aAAa,CAAC,GAAG,IAAI,EAAE;aAClC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC;YACH,wCAAwC;YACxC,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE;gBACxD,UAAU,EAAE,CAAC,OAAO,CAAC;gBACrB,gBAAgB,EAAE,KAAK;aACxB,CAAC,CAAC;YAEH,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtD,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzC,CAAC;YAED,MAAM,OAAO,GAAG,QAAiC,CAAC;YAElD,iCAAiC;YACjC,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAClD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAED,kBAAkB;YAClB,IAAI,OAAO,CAAC,GAAG,KAAK,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,6BAA6B,IAAI,CAAC,cAAc,UAAU,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3F,CAAC;YAED,sBAAsB;YACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;YACnC,CAAC;YAED,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;gBACrC,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzC,CAAC;YAED,mCAAmC;YACnC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;oBACzD,MAAM,aAAa,GAAG,iBAAiB,OAAO,CAAC,GAAG,EAAE,CAAC;oBACrD,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;oBAGjD,IAAI,SAAS,EAAE,CAAC;wBACd,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAc,EAAE,CAAC;oBACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBAC5E,MAAM,IAAI,KAAK,CAAC,gBAAgB,YAAY,EAAE,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;YAED,4BAA4B;YAC5B,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAElD,MAAM,QAAQ,GAAG;gBACf,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;gBACtB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;gBACxB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;gBACtB,SAAS,EAAE,OAAO,CAAC,YAAY,IAAI,SAAS;gBAC5C,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE,OAAO,CAAC,GAAG,IAAI,EAAE;aAC5B,CAAC;YAEF,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;CACF;AAzWD,8CAyWC"}
|