@wazobiatech/auth-middleware 1.0.7 → 1.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -11
- package/dist/middlewares/express.helper.d.ts +1 -1
- package/dist/middlewares/express.helper.d.ts.map +1 -1
- package/dist/middlewares/express.helper.js +2 -2
- package/dist/middlewares/express.helper.js.map +1 -1
- package/dist/middlewares/gql.helper.d.ts +56 -7
- package/dist/middlewares/gql.helper.d.ts.map +1 -1
- package/dist/middlewares/gql.helper.js +177 -31
- package/dist/middlewares/gql.helper.js.map +1 -1
- package/dist/middlewares/jwt.guard.d.ts +1 -1
- package/dist/middlewares/jwt.guard.d.ts.map +1 -1
- package/dist/middlewares/jwt.guard.js +23 -22
- package/dist/middlewares/jwt.guard.js.map +1 -1
- package/dist/middlewares/project.guard.d.ts +38 -13
- package/dist/middlewares/project.guard.d.ts.map +1 -1
- package/dist/middlewares/project.guard.js +245 -95
- package/dist/middlewares/project.guard.js.map +1 -1
- package/dist/nestjs/decorators/auth.decorator.d.ts +42 -1
- package/dist/nestjs/decorators/auth.decorator.d.ts.map +1 -1
- package/dist/nestjs/decorators/auth.decorator.js +67 -2
- package/dist/nestjs/decorators/auth.decorator.js.map +1 -1
- package/dist/nestjs/guards/project.guard.d.ts +24 -22
- package/dist/nestjs/guards/project.guard.d.ts.map +1 -1
- package/dist/nestjs/guards/project.guard.js +258 -114
- package/dist/nestjs/guards/project.guard.js.map +1 -1
- package/dist/nestjs/index.d.ts +1 -1
- package/dist/nestjs/index.d.ts.map +1 -1
- package/dist/nestjs/index.js +16 -3
- package/dist/nestjs/index.js.map +1 -1
- package/dist/nestjs/jwt-auth.module.d.ts +6 -0
- package/dist/nestjs/jwt-auth.module.d.ts.map +1 -1
- package/dist/nestjs/jwt-auth.module.js +34 -7
- package/dist/nestjs/jwt-auth.module.js.map +1 -1
- package/dist/nestjs/strategies/jwt-strategy.d.ts +1 -1
- package/dist/nestjs/strategies/jwt-strategy.d.ts.map +1 -1
- package/dist/nestjs/strategies/jwt-strategy.js +31 -59
- package/dist/nestjs/strategies/jwt-strategy.js.map +1 -1
- package/dist/types/jwt-payload.d.ts +93 -20
- package/dist/types/jwt-payload.d.ts.map +1 -1
- package/dist/utils/redis.connection.d.ts +10 -0
- package/dist/utils/redis.connection.d.ts.map +1 -1
- package/dist/utils/redis.connection.js +108 -12
- package/dist/utils/redis.connection.js.map +1 -1
- package/package.json +3 -7
|
@@ -5,21 +5,48 @@ var __decorate = (this && this.__decorate) || function (decorators, target, key,
|
|
|
5
5
|
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
|
|
6
6
|
return c > 3 && r && Object.defineProperty(target, key, r), r;
|
|
7
7
|
};
|
|
8
|
+
var JwtAuthModule_1;
|
|
8
9
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
10
|
exports.JwtAuthModule = void 0;
|
|
11
|
+
exports.getServiceName = getServiceName;
|
|
12
|
+
// auth.module.ts
|
|
10
13
|
const common_1 = require("@nestjs/common");
|
|
11
14
|
const passport_1 = require("@nestjs/passport");
|
|
15
|
+
const core_1 = require("@nestjs/core");
|
|
12
16
|
const jwt_guard_1 = require("./guards/jwt-guard");
|
|
13
17
|
const jwt_strategy_1 = require("./strategies/jwt-strategy");
|
|
14
|
-
|
|
18
|
+
const project_guard_1 = require("./guards/project.guard");
|
|
19
|
+
// Static variable to hold service name
|
|
20
|
+
let SERVICE_NAME_VALUE;
|
|
21
|
+
function getServiceName() {
|
|
22
|
+
return SERVICE_NAME_VALUE;
|
|
23
|
+
}
|
|
24
|
+
let JwtAuthModule = JwtAuthModule_1 = class JwtAuthModule {
|
|
25
|
+
static forRoot(options) {
|
|
26
|
+
SERVICE_NAME_VALUE = options.serviceName;
|
|
27
|
+
return {
|
|
28
|
+
global: true,
|
|
29
|
+
module: JwtAuthModule_1,
|
|
30
|
+
imports: [passport_1.PassportModule.register({ defaultStrategy: 'jwt' })],
|
|
31
|
+
providers: [
|
|
32
|
+
jwt_strategy_1.JwtStrategy,
|
|
33
|
+
jwt_guard_1.JwtAuthGuard,
|
|
34
|
+
project_guard_1.ProjectAuthGuard,
|
|
35
|
+
core_1.Reflector, // ✅ Keep Reflector here - it's needed!
|
|
36
|
+
],
|
|
37
|
+
exports: [
|
|
38
|
+
jwt_guard_1.JwtAuthGuard,
|
|
39
|
+
project_guard_1.ProjectAuthGuard,
|
|
40
|
+
passport_1.PassportModule,
|
|
41
|
+
jwt_strategy_1.JwtStrategy,
|
|
42
|
+
core_1.Reflector // ✅ Export Reflector too
|
|
43
|
+
]
|
|
44
|
+
};
|
|
45
|
+
}
|
|
15
46
|
};
|
|
16
47
|
exports.JwtAuthModule = JwtAuthModule;
|
|
17
|
-
exports.JwtAuthModule = JwtAuthModule = __decorate([
|
|
48
|
+
exports.JwtAuthModule = JwtAuthModule = JwtAuthModule_1 = __decorate([
|
|
18
49
|
(0, common_1.Global)(),
|
|
19
|
-
(0, common_1.Module)({
|
|
20
|
-
imports: [passport_1.PassportModule.register({ defaultStrategy: 'jwt' })],
|
|
21
|
-
providers: [jwt_strategy_1.JwtStrategy, jwt_guard_1.JwtAuthGuard],
|
|
22
|
-
exports: [jwt_guard_1.JwtAuthGuard, passport_1.PassportModule],
|
|
23
|
-
})
|
|
50
|
+
(0, common_1.Module)({})
|
|
24
51
|
], JwtAuthModule);
|
|
25
52
|
//# sourceMappingURL=jwt-auth.module.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-auth.module.js","sourceRoot":"","sources":["../../src/nestjs/jwt-auth.module.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-auth.module.js","sourceRoot":"","sources":["../../src/nestjs/jwt-auth.module.ts"],"names":[],"mappings":";;;;;;;;;;AAeA,wCAEC;AAjBD,iBAAiB;AACjB,2CAA+D;AAC/D,+CAAkD;AAClD,uCAAyC;AACzC,kDAAkD;AAClD,4DAAwD;AACxD,0DAA0D;AAM1D,uCAAuC;AACvC,IAAI,kBAA0B,CAAC;AAE/B,SAAgB,cAAc;IAC5B,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAIM,IAAM,aAAa,qBAAnB,MAAM,aAAa;IACxB,MAAM,CAAC,OAAO,CAAC,OAA6B;QAC1C,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC;QAEzC,OAAO;YACL,MAAM,EAAE,IAAI;YACZ,MAAM,EAAE,eAAa;YACrB,OAAO,EAAE,CAAC,yBAAc,CAAC,QAAQ,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC,CAAC;YAC9D,SAAS,EAAE;gBACT,0BAAW;gBACX,wBAAY;gBACZ,gCAAgB;gBAChB,gBAAS,EAAE,uCAAuC;aACnD;YACD,OAAO,EAAE;gBACP,wBAAY;gBACZ,gCAAgB;gBAChB,yBAAc;gBACd,0BAAW;gBACX,gBAAS,CAAC,yBAAyB;aACpC;SACF,CAAC;IACJ,CAAC;CACF,CAAA;AAvBY,sCAAa;wBAAb,aAAa;IAFzB,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,aAAa,CAuBzB"}
|
|
@@ -9,7 +9,7 @@ export declare class JwtStrategy extends JwtStrategy_base {
|
|
|
9
9
|
private expectedIssuer;
|
|
10
10
|
private jwksCache;
|
|
11
11
|
constructor();
|
|
12
|
-
private
|
|
12
|
+
private decodeJWTTokenForTenantId;
|
|
13
13
|
private getJwksUriAndPath;
|
|
14
14
|
private fetchJWKS;
|
|
15
15
|
private getSigningKey;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-strategy.d.ts","sourceRoot":"","sources":["../../../src/nestjs/strategies/jwt-strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AAGpD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAE/D,OAAO,eAAe,CAAC;;;;AAEvB,qBACa,WAAY,SAAQ,gBAA0B;IACzD,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,SAAS,CAGH;;
|
|
1
|
+
{"version":3,"file":"jwt-strategy.d.ts","sourceRoot":"","sources":["../../../src/nestjs/strategies/jwt-strategy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAc,QAAQ,EAAE,MAAM,cAAc,CAAC;AAGpD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAGlC,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAE/D,OAAO,eAAe,CAAC;;;;AAEvB,qBACa,WAAY,SAAQ,gBAA0B;IACzD,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,SAAS,CAGH;;IA4Bd,OAAO,CAAC,yBAAyB;IAoCjC,OAAO,CAAC,iBAAiB;YAOX,SAAS;YA0ET,aAAa;IA6D3B,OAAO,CAAC,mBAAmB;YAWb,mBAAmB;YAuBnB,cAAc;IAoC5B,OAAO,CAAC,0BAA0B;IAe5B,QAAQ,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;CA6EzE"}
|
|
@@ -61,7 +61,6 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
61
61
|
jwtFromRequest: passport_jwt_1.ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
62
62
|
ignoreExpiration: false,
|
|
63
63
|
secretOrKeyProvider: (request, rawJwtToken, done) => {
|
|
64
|
-
// Store the raw token in the request object instead of instance variable
|
|
65
64
|
request.rawJwtToken = rawJwtToken;
|
|
66
65
|
this.getSigningKey(rawJwtToken)
|
|
67
66
|
.then((key) => {
|
|
@@ -72,30 +71,32 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
72
71
|
});
|
|
73
72
|
},
|
|
74
73
|
algorithms: ['RS512'],
|
|
75
|
-
passReqToCallback: true,
|
|
74
|
+
passReqToCallback: true,
|
|
76
75
|
});
|
|
77
76
|
this.jwksCache = new Map();
|
|
78
77
|
const domain = process.env?.MERCURY_BASE_URL ?? 'http://localhost:4000';
|
|
79
78
|
this.expectedIssuer = domain;
|
|
80
79
|
}
|
|
81
|
-
|
|
80
|
+
decodeJWTTokenForTenantId(rawJwtToken) {
|
|
82
81
|
try {
|
|
83
|
-
// Validate JWT structure first
|
|
84
82
|
const parts = rawJwtToken.split('.');
|
|
85
83
|
if (parts.length !== 3) {
|
|
86
84
|
return null;
|
|
87
85
|
}
|
|
88
|
-
// Decode without verification (we just need the payload for project_uuid)
|
|
89
86
|
const decoded = jsonwebtoken.decode(rawJwtToken);
|
|
90
87
|
if (!decoded) {
|
|
91
88
|
return null;
|
|
92
89
|
}
|
|
93
|
-
|
|
90
|
+
if (typeof decoded === 'object' &&
|
|
91
|
+
decoded !== null &&
|
|
92
|
+
'tenant_id' in decoded) {
|
|
93
|
+
return decoded.tenant_id || null;
|
|
94
|
+
}
|
|
95
|
+
// Fallback to project_uuid for backward compatibility
|
|
94
96
|
if (typeof decoded === 'object' &&
|
|
95
97
|
decoded !== null &&
|
|
96
98
|
'project_uuid' in decoded) {
|
|
97
|
-
|
|
98
|
-
return projectUuid;
|
|
99
|
+
return decoded.project_uuid || null;
|
|
99
100
|
}
|
|
100
101
|
return null;
|
|
101
102
|
}
|
|
@@ -103,20 +104,9 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
103
104
|
return null;
|
|
104
105
|
}
|
|
105
106
|
}
|
|
106
|
-
getJwksUriAndPath(
|
|
107
|
+
getJwksUriAndPath(tenantId) {
|
|
107
108
|
const domain = process.env?.MERCURY_BASE_URL ?? 'localhost';
|
|
108
|
-
let path
|
|
109
|
-
if (projectUuid) {
|
|
110
|
-
path = `auth/projects/${projectUuid}/.well-known/jwks.json`;
|
|
111
|
-
}
|
|
112
|
-
else {
|
|
113
|
-
// Fallback to default project UUID from environment
|
|
114
|
-
const defaultProjectUuid = process.env?.NEXUS_ID;
|
|
115
|
-
if (!defaultProjectUuid) {
|
|
116
|
-
throw new common_1.UnauthorizedException('No project UUID found in token and no default project UUID configured');
|
|
117
|
-
}
|
|
118
|
-
path = `auth/projects/${defaultProjectUuid}/.well-known/jwks.json`;
|
|
119
|
-
}
|
|
109
|
+
let path = `auth/projects/${tenantId}/.well-known/jwks.json`;
|
|
120
110
|
const uri = `${domain}/${path}`;
|
|
121
111
|
return { uri, path };
|
|
122
112
|
}
|
|
@@ -136,32 +126,27 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
136
126
|
'X-Signature': signature,
|
|
137
127
|
};
|
|
138
128
|
const response = await axios_1.default.get(jwksUri, {
|
|
139
|
-
timeout: 10000,
|
|
129
|
+
timeout: 10000,
|
|
140
130
|
headers,
|
|
141
131
|
});
|
|
142
132
|
if (!response.data || !response.data.keys) {
|
|
143
133
|
throw new Error('Invalid JWKS response: missing keys');
|
|
144
134
|
}
|
|
145
|
-
// Handle both standard JWKS format and your custom format
|
|
146
135
|
let jwksData;
|
|
147
136
|
if (Array.isArray(response.data.keys)) {
|
|
148
|
-
// Standard JWKS format: { "keys": [key1, key2, ...] }
|
|
149
137
|
jwksData = response.data;
|
|
150
138
|
}
|
|
151
139
|
else {
|
|
152
140
|
jwksData = {
|
|
153
|
-
keys: [response.data.keys],
|
|
141
|
+
keys: [response.data.keys],
|
|
154
142
|
};
|
|
155
143
|
}
|
|
156
|
-
// Create keystore from normalized JWKS data
|
|
157
144
|
const keyStore = await jose.JWK.asKeyStore(jwksData);
|
|
158
145
|
return keyStore;
|
|
159
146
|
}
|
|
160
147
|
catch (error) {
|
|
161
|
-
// Type guard for axios errors
|
|
162
148
|
if (axios_1.default.isAxiosError(error)) {
|
|
163
149
|
const axiosError = error;
|
|
164
|
-
// Handle network errors
|
|
165
150
|
if (axiosError.code === 'ENOTFOUND') {
|
|
166
151
|
throw new common_1.UnauthorizedException('JWKS endpoint not reachable');
|
|
167
152
|
}
|
|
@@ -181,7 +166,6 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
181
166
|
}
|
|
182
167
|
}
|
|
183
168
|
else {
|
|
184
|
-
// Handle non-axios errors
|
|
185
169
|
const errorMessage = error instanceof Error ? error.message : String(error);
|
|
186
170
|
throw new common_1.UnauthorizedException(`Failed to fetch JWKS: ${errorMessage}`);
|
|
187
171
|
}
|
|
@@ -189,30 +173,24 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
189
173
|
}
|
|
190
174
|
async getSigningKey(rawJwtToken) {
|
|
191
175
|
try {
|
|
192
|
-
// Validate JWT format
|
|
193
176
|
const parts = rawJwtToken.split('.');
|
|
194
177
|
if (parts.length !== 3) {
|
|
195
178
|
throw new Error(`Invalid JWT format: expected 3 parts, got ${parts.length}`);
|
|
196
179
|
}
|
|
197
|
-
// Parse JWT header to get key ID
|
|
198
180
|
const headerBase64 = parts[0];
|
|
199
181
|
const headerJson = Buffer.from(headerBase64, 'base64').toString();
|
|
200
182
|
const header = JSON.parse(headerJson);
|
|
201
183
|
if (!header.kid) {
|
|
202
184
|
throw new Error('Missing key ID (kid) in token header');
|
|
203
185
|
}
|
|
204
|
-
|
|
205
|
-
const
|
|
206
|
-
const
|
|
207
|
-
// Create cache key based on project UUID (or 'default' if no project)
|
|
208
|
-
const cacheKey = projectUuid || 'default';
|
|
209
|
-
// Check cache and refresh if needed
|
|
186
|
+
const tenantId = this.decodeJWTTokenForTenantId(rawJwtToken);
|
|
187
|
+
const { uri: jwksUri, path } = this.getJwksUriAndPath(tenantId);
|
|
188
|
+
const cacheKey = tenantId || 'default';
|
|
210
189
|
const cachedEntry = this.jwksCache.get(cacheKey);
|
|
211
190
|
let keyStore;
|
|
212
191
|
if (!cachedEntry || Date.now() > cachedEntry.expiry) {
|
|
213
192
|
keyStore = await this.fetchJWKS(jwksUri, path);
|
|
214
|
-
|
|
215
|
-
const expiryTime = Date.now() + 600000;
|
|
193
|
+
const expiryTime = Date.now() + 600000; // 10 minutes
|
|
216
194
|
this.jwksCache.set(cacheKey, {
|
|
217
195
|
keyStore: keyStore,
|
|
218
196
|
expiry: expiryTime,
|
|
@@ -221,12 +199,10 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
221
199
|
else {
|
|
222
200
|
keyStore = cachedEntry.keyStore;
|
|
223
201
|
}
|
|
224
|
-
// Find the key in the keystore
|
|
225
202
|
const key = keyStore.get(header.kid);
|
|
226
203
|
if (!key) {
|
|
227
|
-
throw new Error(`Key ${header.kid} not found in JWKS for
|
|
204
|
+
throw new Error(`Key ${header.kid} not found in JWKS for tenant ${tenantId || 'default'}`);
|
|
228
205
|
}
|
|
229
|
-
// Convert to PEM format (public key only)
|
|
230
206
|
const publicKey = key.toPEM(false);
|
|
231
207
|
return publicKey;
|
|
232
208
|
}
|
|
@@ -236,7 +212,6 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
236
212
|
}
|
|
237
213
|
}
|
|
238
214
|
createTokenCacheKey(rawToken) {
|
|
239
|
-
// Create a more unique cache key using token hash + first 32 chars
|
|
240
215
|
const tokenHash = crypto
|
|
241
216
|
.createHash('sha256')
|
|
242
217
|
.update(rawToken)
|
|
@@ -248,13 +223,12 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
248
223
|
async cacheValidatedToken(payload, rawToken) {
|
|
249
224
|
try {
|
|
250
225
|
const redis = await redis_connection_1.default.getInstance();
|
|
251
|
-
const cacheExpiryTime = process.env?.CACHE_EXPIRY_TIME || 3600;
|
|
226
|
+
const cacheExpiryTime = process.env?.CACHE_EXPIRY_TIME || 3600;
|
|
252
227
|
const cacheKey = this.createTokenCacheKey(rawToken);
|
|
253
|
-
// Cache the validated payload with additional metadata for debugging
|
|
254
228
|
const cacheData = {
|
|
255
229
|
payload,
|
|
256
230
|
cachedAt: Date.now(),
|
|
257
|
-
tokenPreview: rawToken.substring(0, 50) + '...',
|
|
231
|
+
tokenPreview: rawToken.substring(0, 50) + '...',
|
|
258
232
|
};
|
|
259
233
|
const cacheDataString = JSON.stringify(cacheData);
|
|
260
234
|
await redis.set(cacheKey, cacheDataString, {
|
|
@@ -270,15 +244,12 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
270
244
|
const cachedData = await redis.get(cacheKey);
|
|
271
245
|
if (cachedData && typeof cachedData === 'string') {
|
|
272
246
|
const { payload, cachedAt } = JSON.parse(cachedData);
|
|
273
|
-
// Validate cached payload structure BEFORE using it
|
|
274
247
|
if (!payload || !payload.sub || !payload.sub.uuid || !payload.sub.email) {
|
|
275
248
|
await redis.del(cacheKey);
|
|
276
249
|
return null;
|
|
277
250
|
}
|
|
278
|
-
// Double check expiration (in case cache TTL and token TTL differ)
|
|
279
251
|
const now = Math.floor(Date.now() / 1000);
|
|
280
252
|
if (payload.exp && payload.exp < now) {
|
|
281
|
-
// Token expired, remove from cache
|
|
282
253
|
await redis.del(cacheKey);
|
|
283
254
|
return null;
|
|
284
255
|
}
|
|
@@ -287,7 +258,6 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
287
258
|
return null;
|
|
288
259
|
}
|
|
289
260
|
catch (error) {
|
|
290
|
-
// Clean up potentially corrupted cache entry
|
|
291
261
|
try {
|
|
292
262
|
const cacheKey = this.createTokenCacheKey(rawToken);
|
|
293
263
|
const redis = await redis_connection_1.default.getInstance();
|
|
@@ -297,14 +267,11 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
297
267
|
return null;
|
|
298
268
|
}
|
|
299
269
|
}
|
|
300
|
-
// Extract raw token from request instead of using instance variable
|
|
301
270
|
extractRawTokenFromRequest(request) {
|
|
302
|
-
// Check if we stored it during secretOrKeyProvider
|
|
303
271
|
if (request.rawJwtToken) {
|
|
304
272
|
const token = request.rawJwtToken;
|
|
305
273
|
return token;
|
|
306
274
|
}
|
|
307
|
-
// Fallback: extract from Authorization header
|
|
308
275
|
const authHeader = request.headers.authorization;
|
|
309
276
|
if (authHeader && authHeader.startsWith('Bearer ')) {
|
|
310
277
|
const token = authHeader.substring(7);
|
|
@@ -312,19 +279,20 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
312
279
|
}
|
|
313
280
|
return null;
|
|
314
281
|
}
|
|
315
|
-
// Modified validate method - now receives the request object
|
|
316
282
|
async validate(request, payload) {
|
|
317
|
-
// Get the raw token from the request instead of instance variable
|
|
318
283
|
const rawToken = this.extractRawTokenFromRequest(request);
|
|
319
|
-
//
|
|
284
|
+
// Try cache first
|
|
320
285
|
if (rawToken) {
|
|
321
286
|
const cachedPayload = await this.getCachedToken(rawToken);
|
|
322
287
|
if (cachedPayload) {
|
|
323
|
-
// Return cleaned user object from cache
|
|
324
288
|
const user = {
|
|
325
289
|
uuid: cachedPayload.sub.uuid,
|
|
326
290
|
email: cachedPayload.sub.email,
|
|
327
291
|
name: cachedPayload.sub.name,
|
|
292
|
+
tenant_id: cachedPayload.project_uuid || cachedPayload.tenant_id || undefined,
|
|
293
|
+
project_uuid: cachedPayload.project_uuid || cachedPayload.tenant_id || undefined,
|
|
294
|
+
permissions: cachedPayload.permissions || [], // ← Include permissions
|
|
295
|
+
token_id: cachedPayload.jti || '',
|
|
328
296
|
};
|
|
329
297
|
return user;
|
|
330
298
|
}
|
|
@@ -333,7 +301,7 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
333
301
|
if (payload.iss !== process.env?.MERCURY_BASE_URL) {
|
|
334
302
|
throw new common_1.UnauthorizedException(`Invalid issuer. Expected: ${this.expectedIssuer}, Got: ${payload.iss}`);
|
|
335
303
|
}
|
|
336
|
-
// Validate subject
|
|
304
|
+
// Validate subject
|
|
337
305
|
if (!payload.sub) {
|
|
338
306
|
throw new common_1.UnauthorizedException('Missing subject (userUuid)');
|
|
339
307
|
}
|
|
@@ -364,12 +332,16 @@ let JwtStrategy = class JwtStrategy extends (0, passport_1.PassportStrategy)(pas
|
|
|
364
332
|
if (rawToken) {
|
|
365
333
|
await this.cacheValidatedToken(payload, rawToken);
|
|
366
334
|
}
|
|
335
|
+
// Return user with permissions
|
|
367
336
|
const user = {
|
|
368
337
|
uuid: payload.sub.uuid,
|
|
369
338
|
email: payload.sub.email,
|
|
370
339
|
name: payload.sub.name,
|
|
340
|
+
tenant_id: payload.project_uuid || payload.tenant_id || undefined,
|
|
341
|
+
project_uuid: payload.project_uuid || payload.tenant_id || undefined,
|
|
342
|
+
permissions: payload.permissions || [], // ← Extract from JWT
|
|
343
|
+
token_id: payload.jti || '',
|
|
371
344
|
};
|
|
372
|
-
// Return cleaned user object (this becomes req.user)
|
|
373
345
|
return user;
|
|
374
346
|
}
|
|
375
347
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-strategy.js","sourceRoot":"","sources":["../../../src/nestjs/strategies/jwt-strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAAmE;AACnE,+CAAoD;AACpD,+CAAoD;AACpD,gDAAkC;AAClC,kDAA0C;AAE1C,+CAAiC;AACjC,oFAAkE;AAElE,2DAA6C;AAC7C,yBAAuB;AAGhB,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAOzD;QACE,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,mBAAmB,EAAE,CACnB,OAAgB,EAChB,WAAmB,EACnB,IAA2D,EAC3D,EAAE;gBACF,yEAAyE;gBACxE,OAAe,CAAC,WAAW,GAAG,WAAW,CAAC;gBAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC;qBAC5B,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;oBACZ,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBAClB,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;oBACtB,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;gBACzB,CAAC,CAAC,CAAC;YACP,CAAC;YACD,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,iBAAiB,EAAE,IAAI,EAAE,wDAAwD;SAClF,CAAC,CAAC;QA1BG,cAAS,GAGb,IAAI,GAAG,EAAE,CAAC;QAyBZ,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,IAAI,uBAAuB,CAAC;QACxE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;IAC/B,CAAC;IAEO,4BAA4B,CAAC,WAAmB;QACtD,IAAI,CAAC;YACH,+BAA+B;YAC/B,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC;YACd,CAAC;YACD,0EAA0E;YAC1E,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEjD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YACD,mDAAmD;YACnD,IACE,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,KAAK,IAAI;gBAChB,cAAc,IAAI,OAAO,EACzB,CAAC;gBACD,MAAM,WAAW,GAAI,OAAqC,CAAC,YAAY,IAAI,IAAI,CAAC;gBAChF,OAAO,WAAW,CAAC;YACrB,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,WAA0B;QAClD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,IAAI,WAAW,CAAC;QAC5D,IAAI,IAAY,CAAC;QAEjB,IAAI,WAAW,EAAE,CAAC;YAChB,IAAI,GAAG,iBAAiB,WAAW,wBAAwB,CAAC;QAC9D,CAAC;aAAM,CAAC;YACN,oDAAoD;YACpD,MAAM,kBAAkB,GAAG,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC;YACjD,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,MAAM,IAAI,8BAAqB,CAC7B,uEAAuE,CACxE,CAAC;YACJ,CAAC;YAED,IAAI,GAAG,iBAAiB,kBAAkB,wBAAwB,CAAC;QACrE,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC;QAChC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACvB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,IAAY;QACnD,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxC,MAAM,cAAc,GAAG,KAAK,GAAG,IAAI,IAAI,EAAE,GAAG,SAAS,CAAC;YACtD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,EAAE,uBAAuB,CAAC;YAE1D,MAAM,SAAS,GAAG,MAAM;iBACrB,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;iBAClC,MAAM,CAAC,cAAc,CAAC;iBACtB,MAAM,CAAC,KAAK,CAAC,CAAC;YAEjB,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,YAAY,EAAE,0BAA0B;gBACxC,aAAa,EAAE,SAAS;gBACxB,aAAa,EAAE,SAAS;aACzB,CAAC;YACF,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAE7B,OAAO,EAAE;gBACV,OAAO,EAAE,KAAK,EAAE,oBAAoB;gBACpC,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACzD,CAAC;YAED,0DAA0D;YAC1D,IAAI,QAAkC,CAAC;YAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtC,sDAAsD;gBACtD,QAAQ,GAAG,QAAQ,CAAC,IAAgC,CAAC;YACvD,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG;oBACT,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,qCAAqC;iBAClE,CAAC;YACJ,CAAC;YACD,4CAA4C;YAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAErD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,8BAA8B;YAC9B,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAmB,CAAC;gBAEvC,wBAAwB;gBACxB,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,8BAAqB,CAAC,6BAA6B,CAAC,CAAC;gBACjE,CAAC;qBAAM,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBAC3C,MAAM,IAAI,8BAAqB,CAAC,uBAAuB,CAAC,CAAC;gBAC3D,CAAC;qBAAM,IACL,UAAU,CAAC,IAAI,KAAK,eAAe;oBACnC,UAAU,CAAC,IAAI,KAAK,iCAAiC,EACrD,CAAC;oBACD,MAAM,IAAI,8BAAqB,CAC7B,0CAA0C,CAC3C,CAAC;gBACJ,CAAC;qBAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;oBACvC,MAAM,IAAI,8BAAqB,CAC7B,0BAA0B,UAAU,CAAC,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,CAC1F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,IAAI,eAAe,CAAC;oBACtD,MAAM,IAAI,8BAAqB,CAAC,yBAAyB,OAAO,EAAE,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,0BAA0B;gBAC1B,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACzD,MAAM,IAAI,8BAAqB,CAC7B,yBAAyB,YAAY,EAAE,CACxC,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC7C,IAAI,CAAC;YACH,sBAAsB;YACtB,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CACb,6CAA6C,KAAK,CAAC,MAAM,EAAE,CAC5D,CAAC;YACJ,CAAC;YAOD,iCAAiC;YACjC,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YAClE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAc,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,kCAAkC;YAClC,MAAM,WAAW,GAAG,IAAI,CAAC,4BAA4B,CAAC,WAAW,CAAC,CAAC;YACnE,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAEnE,sEAAsE;YACtE,MAAM,QAAQ,GAAG,WAAW,IAAI,SAAS,CAAC;YAE1C,oCAAoC;YACpC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,QAA2B,CAAC;YAEhC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC;gBACpD,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBAE/C,uBAAuB;gBACvB,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;gBAEvC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC3B,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,UAAU;iBACnB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;YAClC,CAAC;YAED,+BAA+B;YAC/B,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAA6B,CAAC;YAEjE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CACb,OAAO,MAAM,CAAC,GAAG,kCAAkC,WAAW,IAAI,SAAS,EAAE,CAC9E,CAAC;YACJ,CAAC;YAED,0CAA0C;YAC1C,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAEnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzD,MAAM,IAAI,8BAAqB,CAC7B,8BAA8B,YAAY,EAAE,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB;QAC1C,mEAAmE;QACnE,MAAM,SAAS,GAAG,MAAM;aACrB,UAAU,CAAC,QAAQ,CAAC;aACpB,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpB,MAAM,QAAQ,GAAG,mBAAmB,SAAS,EAAE,CAAC;QAChD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAC/B,OAAmB,EACnB,QAAgB;QAEhB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,EAAE,iBAAiB,IAAI,IAAI,CAAC,CAAC,iBAAiB;YACjF,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAEpD,qEAAqE;YACrE,MAAM,SAAS,GAAG;gBAChB,OAAO;gBACP,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE;gBACpB,YAAY,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,EAAE,gBAAgB;aAClE,CAAC;YAEF,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,eAAe,EAAE;gBACzC,EAAE,EAAE,eAAyB;aAC9B,CAAC,CAAC;QAEL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC,CAAA,CAAC;IACpB,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,QAAgB;QAC3C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC7C,IAAI,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACjD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAGlD,CAAC;gBAEF,oDAAoD;gBACpD,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;oBACxE,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,mEAAmE;gBACnE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAC1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;oBACrC,mCAAmC;oBACnC,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,OAAO,CAAC;YACjB,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YAEf,6CAA6C;YAC7C,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACpD,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC,CAAA,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,oEAAoE;IAC5D,0BAA0B,CAAC,OAAgB;QACjD,mDAAmD;QACnD,IAAK,OAAe,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,KAAK,GAAI,OAAe,CAAC,WAAW,CAAC;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,8CAA8C;QAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAEjD,IAAI,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACnD,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,QAAQ,CAAC,OAAgB,EAAE,OAAmB;QAClD,kEAAkE;QAClE,MAAM,QAAQ,GAAG,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;QAE1D,wDAAwD;QACxD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC1D,IAAI,aAAa,EAAE,CAAC;gBAClB,wCAAwC;gBACxC,MAAM,IAAI,GAAG;oBACX,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;oBAC5B,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,KAAK;oBAC9B,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;iBAC7B,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,IAAI,OAAO,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,gBAAgB,EAAE,CAAC;YAClD,MAAM,IAAI,8BAAqB,CAC7B,6BAA6B,IAAI,CAAC,cAAc,UAAU,OAAO,CAAC,GAAG,EAAE,CACxE,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,8BAAqB,CAAC,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,sBAAsB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,IAAI,8BAAqB,CAAC,eAAe,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,mCAAmC;QACnC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBAEzD,MAAM,aAAa,GAAG,iBAAiB,OAAO,CAAC,GAAG,EAAE,CAAC;gBACrD,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAEjD,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;YAAC,OAAO,KAAc,EAAE,CAAC;gBACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5E,MAAM,IAAI,8BAAqB,CAAC,gBAAgB,YAAY,EAAE,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,IAAI,GAAG;YACX,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;YACtB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;YACxB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;SACvB,CAAC;QAEF,qDAAqD;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AAhZY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;;GACA,WAAW,CAgZvB"}
|
|
1
|
+
{"version":3,"file":"jwt-strategy.js","sourceRoot":"","sources":["../../../src/nestjs/strategies/jwt-strategy.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,2CAAmE;AACnE,+CAAoD;AACpD,+CAAoD;AACpD,gDAAkC;AAClC,kDAA0C;AAE1C,+CAAiC;AACjC,oFAAkE;AAElE,2DAA6C;AAC7C,yBAAuB;AAGhB,IAAM,WAAW,GAAjB,MAAM,WAAY,SAAQ,IAAA,2BAAgB,EAAC,uBAAQ,CAAC;IAOzD;QACE,KAAK,CAAC;YACJ,cAAc,EAAE,yBAAU,CAAC,2BAA2B,EAAE;YACxD,gBAAgB,EAAE,KAAK;YACvB,mBAAmB,EAAE,CACnB,OAAgB,EAChB,WAAmB,EACnB,IAA2D,EAC3D,EAAE;gBACD,OAAe,CAAC,WAAW,GAAG,WAAW,CAAC;gBAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC;qBAC5B,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;oBACZ,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBAClB,CAAC,CAAC;qBACD,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;oBACtB,IAAI,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;gBACzB,CAAC,CAAC,CAAC;YACP,CAAC;YACD,UAAU,EAAE,CAAC,OAAO,CAAC;YACrB,iBAAiB,EAAE,IAAI;SACxB,CAAC,CAAC;QAzBG,cAAS,GAGb,IAAI,GAAG,EAAE,CAAC;QAwBZ,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,IAAI,uBAAuB,CAAC;QACxE,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC;IAC/B,CAAC;IAEO,yBAAyB,CAAC,WAAmB;QACnD,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEjD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IACE,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,KAAK,IAAI;gBAChB,WAAW,IAAI,OAAO,EACtB,CAAC;gBACD,OAAQ,OAAkC,CAAC,SAAS,IAAI,IAAI,CAAC;YAC/D,CAAC;YAED,sDAAsD;YACtD,IACE,OAAO,OAAO,KAAK,QAAQ;gBAC3B,OAAO,KAAK,IAAI;gBAChB,cAAc,IAAI,OAAO,EACzB,CAAC;gBACD,OAAQ,OAAqC,CAAC,YAAY,IAAI,IAAI,CAAC;YACrE,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,iBAAiB,CAAC,QAAuB;QAC/C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,IAAI,WAAW,CAAC;QAC5D,IAAI,IAAI,GAAW,iBAAiB,QAAQ,wBAAwB,CAAC;QACrE,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,IAAI,EAAE,CAAC;QAChC,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACvB,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,OAAe,EAAE,IAAY;QACnD,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC;YACxC,MAAM,cAAc,GAAG,KAAK,GAAG,IAAI,IAAI,EAAE,GAAG,SAAS,CAAC;YACtD,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,EAAE,uBAAuB,CAAC;YAE1D,MAAM,SAAS,GAAG,MAAM;iBACrB,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;iBAClC,MAAM,CAAC,cAAc,CAAC;iBACtB,MAAM,CAAC,KAAK,CAAC,CAAC;YAEjB,MAAM,OAAO,GAAG;gBACd,MAAM,EAAE,kBAAkB;gBAC1B,YAAY,EAAE,0BAA0B;gBACxC,aAAa,EAAE,SAAS;gBACxB,aAAa,EAAE,SAAS;aACzB,CAAC;YAEF,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAE7B,OAAO,EAAE;gBACV,OAAO,EAAE,KAAK;gBACd,OAAO;aACR,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;YACzD,CAAC;YAED,IAAI,QAAkC,CAAC;YAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtC,QAAQ,GAAG,QAAQ,CAAC,IAAgC,CAAC;YACvD,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG;oBACT,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;iBAC3B,CAAC;YACJ,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YACrD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAmB,CAAC;gBAEvC,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBACpC,MAAM,IAAI,8BAAqB,CAAC,6BAA6B,CAAC,CAAC;gBACjE,CAAC;qBAAM,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;oBAC3C,MAAM,IAAI,8BAAqB,CAAC,uBAAuB,CAAC,CAAC;gBAC3D,CAAC;qBAAM,IACL,UAAU,CAAC,IAAI,KAAK,eAAe;oBACnC,UAAU,CAAC,IAAI,KAAK,iCAAiC,EACrD,CAAC;oBACD,MAAM,IAAI,8BAAqB,CAC7B,0CAA0C,CAC3C,CAAC;gBACJ,CAAC;qBAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;oBACvC,MAAM,IAAI,8BAAqB,CAC7B,0BAA0B,UAAU,CAAC,QAAQ,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,UAAU,EAAE,CAC1F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,IAAI,eAAe,CAAC;oBACtD,MAAM,IAAI,8BAAqB,CAAC,yBAAyB,OAAO,EAAE,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACzD,MAAM,IAAI,8BAAqB,CAC7B,yBAAyB,YAAY,EAAE,CACxC,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC7C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,MAAM,IAAI,KAAK,CACb,6CAA6C,KAAK,CAAC,MAAM,EAAE,CAC5D,CAAC;YACJ,CAAC;YAOD,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAC9B,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YAClE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAc,CAAC;YAEnD,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBAChB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,QAAQ,GAAG,IAAI,CAAC,yBAAyB,CAAC,WAAW,CAAC,CAAC;YAC7D,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAEhE,MAAM,QAAQ,GAAG,QAAQ,IAAI,SAAS,CAAC;YACvC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAEjD,IAAI,QAA2B,CAAC;YAEhC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC;gBACpD,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,CAAC,aAAa;gBAErD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;oBAC3B,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,UAAU;iBACnB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;YAClC,CAAC;YAED,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAA6B,CAAC;YAEjE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CACb,OAAO,MAAM,CAAC,GAAG,iCAAiC,QAAQ,IAAI,SAAS,EAAE,CAC1E,CAAC;YACJ,CAAC;YAED,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACnC,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACzD,MAAM,IAAI,8BAAqB,CAC7B,8BAA8B,YAAY,EAAE,CAC7C,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB;QAC1C,MAAM,SAAS,GAAG,MAAM;aACrB,UAAU,CAAC,QAAQ,CAAC;aACpB,MAAM,CAAC,QAAQ,CAAC;aAChB,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpB,MAAM,QAAQ,GAAG,mBAAmB,SAAS,EAAE,CAAC;QAChD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAC/B,OAAmB,EACnB,QAAgB;QAEhB,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,EAAE,iBAAiB,IAAI,IAAI,CAAC;YAC/D,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YAEpD,MAAM,SAAS,GAAG;gBAChB,OAAO;gBACP,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE;gBACpB,YAAY,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;aAChD,CAAC;YAEF,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,eAAe,EAAE;gBACzC,EAAE,EAAE,eAAyB;aAC9B,CAAC,CAAC;QAEL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC;IACrB,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,QAAgB;QAC3C,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;YACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAE7C,IAAI,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;gBACjD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAGlD,CAAC;gBAEF,IAAI,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC;oBACxE,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;gBAC1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;oBACrC,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBAC1B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,OAAO,CAAC;YACjB,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBACpD,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5B,CAAC;YAAC,OAAO,YAAY,EAAE,CAAC,CAAC,CAAC;YAC1B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,0BAA0B,CAAC,OAAgB;QACjD,IAAK,OAAe,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,KAAK,GAAI,OAAe,CAAC,WAAW,CAAC;YAC3C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAEjD,IAAI,UAAU,IAAI,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACnD,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAgB,EAAE,OAAmB;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC;QAE1D,kBAAkB;QAClB,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC1D,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,IAAI,GAAG;oBACX,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;oBAC5B,KAAK,EAAE,aAAa,CAAC,GAAG,CAAC,KAAK;oBAC9B,IAAI,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI;oBAC5B,SAAS,EAAE,aAAa,CAAC,YAAY,IAAI,aAAa,CAAC,SAAS,IAAI,SAAS;oBAC7E,YAAY,EAAE,aAAa,CAAC,YAAY,IAAI,aAAa,CAAC,SAAS,IAAI,SAAS;oBAChF,WAAW,EAAE,aAAa,CAAC,WAAW,IAAI,EAAE,EAAE,wBAAwB;oBACtE,QAAQ,EAAE,aAAa,CAAC,GAAG,IAAI,EAAE;iBAClC,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,IAAI,OAAO,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,gBAAgB,EAAE,CAAC;YAClD,MAAM,IAAI,8BAAqB,CAC7B,6BAA6B,IAAI,CAAC,cAAc,UAAU,OAAO,CAAC,GAAG,EAAE,CACxE,CAAC;QACJ,CAAC;QAED,mBAAmB;QACnB,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,8BAAqB,CAAC,4BAA4B,CAAC,CAAC;QAChE,CAAC;QAED,sBAAsB;QACtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,IAAI,8BAAqB,CAAC,eAAe,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;QACzD,CAAC;QAED,mCAAmC;QACnC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,0BAAsB,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,aAAa,GAAG,iBAAiB,OAAO,CAAC,GAAG,EAAE,CAAC;gBACrD,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;gBAEjD,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,IAAI,8BAAqB,CAAC,wBAAwB,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;YAAC,OAAO,KAAc,EAAE,CAAC;gBACxB,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC5E,MAAM,IAAI,8BAAqB,CAAC,gBAAgB,YAAY,EAAE,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACpD,CAAC;QAED,+BAA+B;QAC/B,MAAM,IAAI,GAAG;YACX,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;YACtB,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;YACxB,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,IAAI;YACtB,SAAS,EAAE,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,SAAS,IAAI,SAAS;YACjE,YAAY,EAAE,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,SAAS,IAAI,SAAS;YACpE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,EAAE,EAAE,qBAAqB;YAC7D,QAAQ,EAAE,OAAO,CAAC,GAAG,IAAI,EAAE;SAC5B,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAA;AArXY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;;GACA,WAAW,CAqXvB"}
|
|
@@ -1,14 +1,96 @@
|
|
|
1
1
|
import { Request } from 'express';
|
|
2
2
|
export interface AuthenticatedRequest extends Request {
|
|
3
|
+
platform?: PlatformContext;
|
|
3
4
|
project?: ProjectContext;
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
email: string;
|
|
7
|
-
};
|
|
5
|
+
service?: ServiceContext;
|
|
6
|
+
user?: AuthUser;
|
|
8
7
|
}
|
|
9
8
|
export interface GqlContext {
|
|
10
9
|
req: AuthenticatedRequest;
|
|
11
10
|
}
|
|
11
|
+
export interface PlatformTokenPayload {
|
|
12
|
+
tenant_id: string;
|
|
13
|
+
secret_version: number;
|
|
14
|
+
token_id: string;
|
|
15
|
+
type: 'platform';
|
|
16
|
+
scopes: string[];
|
|
17
|
+
iat: number;
|
|
18
|
+
nbf: number;
|
|
19
|
+
exp: number;
|
|
20
|
+
iss: string;
|
|
21
|
+
aud: string;
|
|
22
|
+
}
|
|
23
|
+
export interface ProjectTokenPayload {
|
|
24
|
+
tenant_id: string;
|
|
25
|
+
secret_version: number;
|
|
26
|
+
enabled_services: string[];
|
|
27
|
+
token_id: string;
|
|
28
|
+
type: 'project';
|
|
29
|
+
scopes: string[];
|
|
30
|
+
iat: number;
|
|
31
|
+
nbf: number;
|
|
32
|
+
exp: number;
|
|
33
|
+
iss: string;
|
|
34
|
+
aud: string;
|
|
35
|
+
}
|
|
36
|
+
export interface UserTokenPayload {
|
|
37
|
+
user_id: string;
|
|
38
|
+
tenant_id: string;
|
|
39
|
+
token_id: string;
|
|
40
|
+
type: 'user';
|
|
41
|
+
scopes: string[];
|
|
42
|
+
iat: number;
|
|
43
|
+
nbf: number;
|
|
44
|
+
exp: number;
|
|
45
|
+
iss: string;
|
|
46
|
+
aud: string;
|
|
47
|
+
jti?: string;
|
|
48
|
+
}
|
|
49
|
+
export interface ServiceContext {
|
|
50
|
+
client_id: string;
|
|
51
|
+
service_name: string;
|
|
52
|
+
scopes: string[];
|
|
53
|
+
token_id: string;
|
|
54
|
+
issued_at: number;
|
|
55
|
+
expires_at: number;
|
|
56
|
+
}
|
|
57
|
+
export interface ServiceTokenPayload {
|
|
58
|
+
type: 'service';
|
|
59
|
+
client_id: string;
|
|
60
|
+
service_name: string;
|
|
61
|
+
scope: string;
|
|
62
|
+
jti: string;
|
|
63
|
+
iat: number;
|
|
64
|
+
nbf: number;
|
|
65
|
+
exp: number;
|
|
66
|
+
iss: string;
|
|
67
|
+
aud: string;
|
|
68
|
+
}
|
|
69
|
+
export interface PlatformContext {
|
|
70
|
+
tenant_id: string;
|
|
71
|
+
project_uuid: string;
|
|
72
|
+
scopes: string[];
|
|
73
|
+
token_id: string;
|
|
74
|
+
expires_at: number;
|
|
75
|
+
}
|
|
76
|
+
export interface ProjectContext {
|
|
77
|
+
tenant_id: string;
|
|
78
|
+
project_uuid: string;
|
|
79
|
+
enabled_services: string[];
|
|
80
|
+
scopes: string[];
|
|
81
|
+
secret_version: number;
|
|
82
|
+
token_id: string;
|
|
83
|
+
expires_at: number;
|
|
84
|
+
}
|
|
85
|
+
export interface ServiceContext {
|
|
86
|
+
client_id: string;
|
|
87
|
+
service_name: string;
|
|
88
|
+
scopes: string[];
|
|
89
|
+
expires_at: number;
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* @deprecated Use PlatformTokenPayload, ProjectTokenPayload, UserTokenPayload, or ServiceTokenPayload instead
|
|
93
|
+
*/
|
|
12
94
|
export interface JwtPayload {
|
|
13
95
|
sub?: {
|
|
14
96
|
uuid: string;
|
|
@@ -16,6 +98,9 @@ export interface JwtPayload {
|
|
|
16
98
|
name: string;
|
|
17
99
|
};
|
|
18
100
|
project_uuid?: string;
|
|
101
|
+
permissions?: string[];
|
|
102
|
+
scopes?: string[];
|
|
103
|
+
tenant_id?: string;
|
|
19
104
|
type: string;
|
|
20
105
|
iss: string;
|
|
21
106
|
aud: string;
|
|
@@ -28,21 +113,9 @@ export interface AuthUser {
|
|
|
28
113
|
uuid: string;
|
|
29
114
|
email: string;
|
|
30
115
|
name: string;
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
secret_version: number;
|
|
36
|
-
token_id: string;
|
|
37
|
-
expires_at: number;
|
|
38
|
-
}
|
|
39
|
-
export interface ProjectTokenPayload {
|
|
40
|
-
project_uuid: string;
|
|
41
|
-
secret_version: number;
|
|
42
|
-
enabled_services: string[];
|
|
43
|
-
token_id: string;
|
|
44
|
-
iat: number;
|
|
45
|
-
exp: number;
|
|
46
|
-
type: 'project';
|
|
116
|
+
tenant_id?: string;
|
|
117
|
+
permissions?: string[];
|
|
118
|
+
role?: string;
|
|
119
|
+
token_id?: string;
|
|
47
120
|
}
|
|
48
121
|
//# sourceMappingURL=jwt-payload.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-payload.d.ts","sourceRoot":"","sources":["../../src/types/jwt-payload.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"jwt-payload.d.ts","sourceRoot":"","sources":["../../src/types/jwt-payload.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAIlC,MAAM,WAAW,oBAAqB,SAAQ,OAAO;IACnD,QAAQ,CAAC,EAAE,eAAe,CAAC;IAC3B,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,IAAI,CAAC,EAAE,QAAQ,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,oBAAoB,CAAC;CAC3B;AAID,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,UAAU,CAAC;IACjB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,SAAS,CAAC;IAChB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,SAAS,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAID,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAKD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,CAAC,EAAE;QACJ,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAGD,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IAEb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB"}
|
|
@@ -4,9 +4,19 @@ type RedisClient = ReturnType<typeof createClient>;
|
|
|
4
4
|
declare class RedisConnectionManager {
|
|
5
5
|
private static instance;
|
|
6
6
|
private static connecting;
|
|
7
|
+
private static isShuttingDown;
|
|
7
8
|
private constructor();
|
|
8
9
|
static getInstance(): Promise<RedisClient>;
|
|
9
10
|
static closeConnection(): Promise<void>;
|
|
11
|
+
/**
|
|
12
|
+
* Get connection status without triggering a new connection
|
|
13
|
+
*/
|
|
14
|
+
static isConnected(): boolean;
|
|
15
|
+
/**
|
|
16
|
+
* Setup graceful shutdown handlers for common termination signals
|
|
17
|
+
*/
|
|
18
|
+
private static shutdownPromise;
|
|
19
|
+
static setupGracefulShutdown(): void;
|
|
10
20
|
}
|
|
11
21
|
export default RedisConnectionManager;
|
|
12
22
|
//# sourceMappingURL=redis.connection.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redis.connection.d.ts","sourceRoot":"","sources":["../../src/utils/redis.connection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AACrC,OAAO,eAAe,CAAC;AAEvB,KAAK,WAAW,GAAG,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;AAEnD,cAAM,sBAAsB;IAC1B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAA4B;IACnD,OAAO,CAAC,MAAM,CAAC,UAAU,CAAqC;
|
|
1
|
+
{"version":3,"file":"redis.connection.d.ts","sourceRoot":"","sources":["../../src/utils/redis.connection.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,OAAO,CAAC;AACrC,OAAO,eAAe,CAAC;AAEvB,KAAK,WAAW,GAAG,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;AAEnD,cAAM,sBAAsB;IAC1B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAA4B;IACnD,OAAO,CAAC,MAAM,CAAC,UAAU,CAAqC;IAC9D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAS;IAEtC,OAAO;WAEa,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC;WAgGnC,eAAe,IAAI,OAAO,CAAC,IAAI,CAAC;IAgCpD;;OAEG;WACW,WAAW,IAAI,OAAO;IAIpC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe,CAA8B;WAE9C,qBAAqB,IAAI,IAAI;CA0B5C;AAED,eAAe,sBAAsB,CAAC"}
|