@zcatalyst/auth-admin 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENCE +55 -0
- package/README.md +251 -0
- package/dist-cjs/credential.js +362 -0
- package/dist-cjs/errors.js +10 -0
- package/dist-cjs/index.js +229 -0
- package/dist-es/credential.js +348 -0
- package/dist-es/errors.js +6 -0
- package/dist-es/index.js +219 -0
- package/dist-types/credential.d.ts +288 -0
- package/dist-types/errors.d.ts +10 -0
- package/dist-types/index.d.ts +105 -0
- package/dist-types/ts3.4/credential.d.ts +288 -0
- package/dist-types/ts3.4/errors.d.ts +10 -0
- package/dist-types/ts3.4/index.d.ts +105 -0
- package/package.json +28 -0
package/dist-es/index.js
ADDED
|
@@ -0,0 +1,219 @@
|
|
|
1
|
+
var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
|
|
2
|
+
if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
|
|
3
|
+
if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
|
|
4
|
+
return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
|
|
5
|
+
};
|
|
6
|
+
var _ZCAuth_instances, _ZCAuth_appCollection, _ZCAuth_loadOptionsFromObj, _ZCAuth_loadOptionsFromEnvVar;
|
|
7
|
+
import { CatalystAppError, CatalystError, CONSTANTS, isNonEmptyObject, isNonEmptyString, isNonEmptyStringOrNumber, isNonNullObject, isValidType, ObjectHasProperties } from '@zcatalyst/utils';
|
|
8
|
+
import { AccessTokenCredential, ApplicationCustomCredential, ApplicationDefaultCredential, CatalystCredential, RefreshTokenCredential, TicketCredential } from './credential';
|
|
9
|
+
const { INIT_TYPE, PROJECT_HEADER, DEFAULT_ENV, DEFAULT_APP_NAME, CREDENTIAL_USER, CATALYST_ORIGIN, AUTH_HEADER, COOKIE_HEADER, CREDENTIAL_HEADER, PROJECT_KEY_NAME, ENVIRONMENT_KEY_NAME, ENVIRONMENT, X_ZOHO_CATALYST_ORG_ID } = CONSTANTS;
|
|
10
|
+
let appOptions = {};
|
|
11
|
+
export class ZCAuth {
|
|
12
|
+
constructor() {
|
|
13
|
+
_ZCAuth_instances.add(this);
|
|
14
|
+
this.config = {};
|
|
15
|
+
_ZCAuth_appCollection.set(this, {});
|
|
16
|
+
}
|
|
17
|
+
init(options, { type, appName, scope } = {
|
|
18
|
+
type: 'auto'
|
|
19
|
+
}) {
|
|
20
|
+
switch (type) {
|
|
21
|
+
case INIT_TYPE.advancedio:
|
|
22
|
+
if (!options || typeof options.headers !== 'object') {
|
|
23
|
+
throw new CatalystAppError('INVALID_APP_OPTIONS', 'the options passed to initialize method is not valid', options);
|
|
24
|
+
}
|
|
25
|
+
appOptions = __classPrivateFieldGet(this, _ZCAuth_instances, "m", _ZCAuth_loadOptionsFromObj).call(this, options['headers']);
|
|
26
|
+
appOptions.credential = new CatalystCredential(options['headers'], scope);
|
|
27
|
+
break;
|
|
28
|
+
case INIT_TYPE.basicio:
|
|
29
|
+
if (!options || typeof options.catalystHeaders !== 'object') {
|
|
30
|
+
throw new CatalystAppError('INVALID_APP_OPTIONS', 'the options passed to initialize method is not valid', options);
|
|
31
|
+
}
|
|
32
|
+
appOptions = __classPrivateFieldGet(this, _ZCAuth_instances, "m", _ZCAuth_loadOptionsFromObj).call(this, options['catalystHeaders']);
|
|
33
|
+
appOptions.credential = new CatalystCredential(options['catalystHeaders'], scope);
|
|
34
|
+
break;
|
|
35
|
+
case INIT_TYPE.custom:
|
|
36
|
+
if (!options || !options['credential']) {
|
|
37
|
+
throw new CatalystAppError('INVALID_APP_OPTIONS', 'the options passed to initialize method is not valid', options);
|
|
38
|
+
}
|
|
39
|
+
if (appName && isNonEmptyString(appName) && appName in __classPrivateFieldGet(this, _ZCAuth_appCollection, "f")) {
|
|
40
|
+
throw new CatalystAppError('APP_ALREADY_EXISTS', `The app with name ${appName} already exists. Please use a different name.`, appName);
|
|
41
|
+
}
|
|
42
|
+
appOptions = options;
|
|
43
|
+
appOptions.credential = new ApplicationCustomCredential(options['credential']);
|
|
44
|
+
break;
|
|
45
|
+
default:
|
|
46
|
+
if (options && typeof options.headers === 'object') {
|
|
47
|
+
return this.init(options, { type: INIT_TYPE.advancedio, appName, scope });
|
|
48
|
+
}
|
|
49
|
+
if (options && typeof options.catalystHeaders === 'object') {
|
|
50
|
+
return this.init(options, { type: INIT_TYPE.basicio, appName, scope });
|
|
51
|
+
}
|
|
52
|
+
if (options && options['credential']) {
|
|
53
|
+
return this.init(options, { type: INIT_TYPE.custom, appName, scope });
|
|
54
|
+
}
|
|
55
|
+
throw new CatalystAppError('APP_ERROR', 'Unable to find the type of initialisation. kindly specify one', options);
|
|
56
|
+
}
|
|
57
|
+
const catalystApp = new CatalystApp(appOptions);
|
|
58
|
+
if (appName !== undefined && isNonEmptyString(appName)) {
|
|
59
|
+
__classPrivateFieldGet(this, _ZCAuth_appCollection, "f")[appName] = catalystApp;
|
|
60
|
+
}
|
|
61
|
+
else {
|
|
62
|
+
__classPrivateFieldGet(this, _ZCAuth_appCollection, "f")[DEFAULT_APP_NAME] = catalystApp;
|
|
63
|
+
}
|
|
64
|
+
return catalystApp;
|
|
65
|
+
}
|
|
66
|
+
getDefaultCredentials(appName) {
|
|
67
|
+
if (typeof appName === 'undefined') {
|
|
68
|
+
appName = DEFAULT_APP_NAME;
|
|
69
|
+
}
|
|
70
|
+
if (!isNonEmptyObject(appOptions)) {
|
|
71
|
+
appOptions = __classPrivateFieldGet(this, _ZCAuth_instances, "m", _ZCAuth_loadOptionsFromEnvVar).call(this);
|
|
72
|
+
if (!isNonEmptyObject(appOptions)) {
|
|
73
|
+
throw new CatalystAppError('AUTH_ERROR', 'Unable to get the app credentials, please initialize the app before perform operations.', appOptions);
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
if (typeof appOptions.credential === 'undefined') {
|
|
77
|
+
appOptions.credential = new ApplicationDefaultCredential();
|
|
78
|
+
}
|
|
79
|
+
const app = new CatalystApp(appOptions);
|
|
80
|
+
app.credential.switchUser(CREDENTIAL_USER.admin);
|
|
81
|
+
__classPrivateFieldGet(this, _ZCAuth_appCollection, "f")[appName] = app;
|
|
82
|
+
return app;
|
|
83
|
+
}
|
|
84
|
+
app(appName) {
|
|
85
|
+
if (typeof appName === 'undefined') {
|
|
86
|
+
appName = DEFAULT_APP_NAME;
|
|
87
|
+
}
|
|
88
|
+
if (!isNonEmptyString(appName)) {
|
|
89
|
+
throw new CatalystAppError('INVALID_APP_NAME', 'Invalid app name provided. App name must be a non-empty string.', appName);
|
|
90
|
+
}
|
|
91
|
+
else if (!(appName in __classPrivateFieldGet(this, _ZCAuth_appCollection, "f"))) {
|
|
92
|
+
let errorMessage = appName === DEFAULT_APP_NAME
|
|
93
|
+
? 'The default project does not exist. '
|
|
94
|
+
: `project named "${appName}" does not exist. `;
|
|
95
|
+
errorMessage += 'Make sure you call init() before getting the desired app';
|
|
96
|
+
throw new CatalystAppError('no_app', errorMessage, appName);
|
|
97
|
+
}
|
|
98
|
+
return __classPrivateFieldGet(this, _ZCAuth_appCollection, "f")[appName];
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
_ZCAuth_appCollection = new WeakMap(), _ZCAuth_instances = new WeakSet(), _ZCAuth_loadOptionsFromObj = function _ZCAuth_loadOptionsFromObj(obj) {
|
|
102
|
+
const projectId = obj[PROJECT_HEADER.id];
|
|
103
|
+
const projectKey = obj[PROJECT_HEADER.key];
|
|
104
|
+
const environment = obj[PROJECT_HEADER.environment] || DEFAULT_ENV;
|
|
105
|
+
const projectDomain = obj[PROJECT_HEADER.domain] || CATALYST_ORIGIN;
|
|
106
|
+
const projectSecretKey = obj[PROJECT_HEADER.projectSecretKey];
|
|
107
|
+
const origin = obj['host'] && obj['host'].trim()
|
|
108
|
+
? `http://${obj['host']}`
|
|
109
|
+
: `https://${projectDomain}`;
|
|
110
|
+
if (!projectId) {
|
|
111
|
+
throw new CatalystAppError('PROJECT_ERROR', 'Invalid project details. Failed to parse an object.', obj);
|
|
112
|
+
}
|
|
113
|
+
return {
|
|
114
|
+
projectId,
|
|
115
|
+
projectKey,
|
|
116
|
+
environment,
|
|
117
|
+
projectDomain,
|
|
118
|
+
projectSecretKey,
|
|
119
|
+
origin
|
|
120
|
+
};
|
|
121
|
+
}, _ZCAuth_loadOptionsFromEnvVar = function _ZCAuth_loadOptionsFromEnvVar() {
|
|
122
|
+
const projectId = process.env[PROJECT_HEADER.id];
|
|
123
|
+
const projectKey = process.env[PROJECT_HEADER.key];
|
|
124
|
+
const environment = process.env[PROJECT_HEADER.environment] || DEFAULT_ENV;
|
|
125
|
+
const projectDomain = process.env[PROJECT_HEADER.domain] || CATALYST_ORIGIN;
|
|
126
|
+
const projectSecretKey = process.env[PROJECT_HEADER.projectSecretKey];
|
|
127
|
+
if (!isNonEmptyString(!projectId)) {
|
|
128
|
+
return {};
|
|
129
|
+
}
|
|
130
|
+
try {
|
|
131
|
+
return {
|
|
132
|
+
projectId,
|
|
133
|
+
projectKey,
|
|
134
|
+
environment,
|
|
135
|
+
projectDomain,
|
|
136
|
+
projectSecretKey
|
|
137
|
+
};
|
|
138
|
+
}
|
|
139
|
+
catch (err) {
|
|
140
|
+
throw new CatalystAppError('INVALID_APP_OPTIONS', 'Failed to parse app options : ' + err, err);
|
|
141
|
+
}
|
|
142
|
+
};
|
|
143
|
+
export class CatalystApp {
|
|
144
|
+
constructor(options) {
|
|
145
|
+
try {
|
|
146
|
+
isNonNullObject(options, 'options', true);
|
|
147
|
+
ObjectHasProperties(options, ['credential'], 'options', true);
|
|
148
|
+
isNonNullObject(options.credential, 'options.credential', true);
|
|
149
|
+
isValidType(options.credential.getToken, 'function', 'options.credential', true);
|
|
150
|
+
isNonEmptyStringOrNumber(options.project_id || options.projectId, 'projectId', true);
|
|
151
|
+
}
|
|
152
|
+
catch (e) {
|
|
153
|
+
if (e instanceof CatalystError) {
|
|
154
|
+
throw new CatalystAppError(e.code, e.message, e);
|
|
155
|
+
}
|
|
156
|
+
throw e;
|
|
157
|
+
}
|
|
158
|
+
this.credential = options.credential;
|
|
159
|
+
this.config = {
|
|
160
|
+
projectId: (options.project_id || options.projectId),
|
|
161
|
+
projectKey: (options.project_key || options.projectKey),
|
|
162
|
+
projectDomain: (options.project_domain || options.projectDomain),
|
|
163
|
+
environment: options.environment || DEFAULT_ENV,
|
|
164
|
+
projectSecretKey: (options.project_secret_key || options.projectSecretKey),
|
|
165
|
+
origin: options.origin || CATALYST_ORIGIN
|
|
166
|
+
};
|
|
167
|
+
}
|
|
168
|
+
setOauthHeader(headers, token) {
|
|
169
|
+
headers[AUTH_HEADER] = 'Zoho-oauthtoken ' + token;
|
|
170
|
+
}
|
|
171
|
+
setTicketHeader(headers, token) {
|
|
172
|
+
headers[AUTH_HEADER] = 'Zoho-ticket ' + token;
|
|
173
|
+
}
|
|
174
|
+
async authenticateRequest(req) {
|
|
175
|
+
const headers = Object.assign({}, req.headers);
|
|
176
|
+
if (this.credential instanceof AccessTokenCredential ||
|
|
177
|
+
this.credential instanceof RefreshTokenCredential) {
|
|
178
|
+
const token = await this.credential.getToken();
|
|
179
|
+
this.setOauthHeader(headers, token.access_token);
|
|
180
|
+
req.headers = headers;
|
|
181
|
+
return;
|
|
182
|
+
}
|
|
183
|
+
if (this.credential instanceof TicketCredential) {
|
|
184
|
+
const token = await this.credential.getToken();
|
|
185
|
+
this.setTicketHeader(headers, token.ticket);
|
|
186
|
+
req.headers = headers;
|
|
187
|
+
return;
|
|
188
|
+
}
|
|
189
|
+
if (this.credential instanceof CatalystCredential ||
|
|
190
|
+
this.credential instanceof ApplicationDefaultCredential) {
|
|
191
|
+
const token = (await this.credential.getToken());
|
|
192
|
+
if (isNonEmptyString(token.access_token)) {
|
|
193
|
+
this.setOauthHeader(headers, token.access_token);
|
|
194
|
+
}
|
|
195
|
+
else if (isNonEmptyString(token.ticket)) {
|
|
196
|
+
this.setTicketHeader(headers, token.ticket);
|
|
197
|
+
}
|
|
198
|
+
else if (isNonEmptyString(token.cookie)) {
|
|
199
|
+
headers[COOKIE_HEADER] = token.cookie;
|
|
200
|
+
headers[CREDENTIAL_HEADER.zcsrf] = token.zcrf_header;
|
|
201
|
+
}
|
|
202
|
+
req.headers = headers;
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
}
|
|
206
|
+
export function addDefaultAppHeaders(headers, values) {
|
|
207
|
+
headers[PROJECT_KEY_NAME] = values?.projectKey;
|
|
208
|
+
headers[ENVIRONMENT_KEY_NAME] = values?.environment;
|
|
209
|
+
headers[ENVIRONMENT] = values?.environment;
|
|
210
|
+
if (isNonEmptyString(process.env.X_ZOHO_CATALYST_ORG_ID)) {
|
|
211
|
+
headers[X_ZOHO_CATALYST_ORG_ID] = process.env.X_ZOHO_CATALYST_ORG_ID;
|
|
212
|
+
}
|
|
213
|
+
if (isNonEmptyString(values?.projectSecretKey)) {
|
|
214
|
+
headers[PROJECT_HEADER.projectSecretKey] = values?.projectSecretKey;
|
|
215
|
+
}
|
|
216
|
+
return headers;
|
|
217
|
+
}
|
|
218
|
+
export { AccessTokenCredential, Credential, RefreshTokenCredential, TicketCredential } from './credential';
|
|
219
|
+
export { CatalystAppError };
|
|
@@ -0,0 +1,288 @@
|
|
|
1
|
+
export declare const globalValue: {};
|
|
2
|
+
export declare abstract class Credential {
|
|
3
|
+
/**
|
|
4
|
+
* Returns the credential token payload.
|
|
5
|
+
*
|
|
6
|
+
* @returns The getToken result.
|
|
7
|
+
*
|
|
8
|
+
* @example
|
|
9
|
+
* ```ts
|
|
10
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
11
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
12
|
+
* // Use Credential.getToken in a Node request handler.
|
|
13
|
+
* ```
|
|
14
|
+
*/
|
|
15
|
+
abstract getToken(): Promise<{
|
|
16
|
+
[x: string]: string;
|
|
17
|
+
}>;
|
|
18
|
+
/**
|
|
19
|
+
* Returns the current credential scope.
|
|
20
|
+
*
|
|
21
|
+
* @returns The getCurrentUser result.
|
|
22
|
+
*
|
|
23
|
+
* @example
|
|
24
|
+
* ```ts
|
|
25
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
26
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
27
|
+
* // Use Credential.getCurrentUser in a Node request handler.
|
|
28
|
+
* ```
|
|
29
|
+
*/
|
|
30
|
+
getCurrentUser(): string;
|
|
31
|
+
/**
|
|
32
|
+
* Switches the active credential scope.
|
|
33
|
+
*
|
|
34
|
+
* @param _givenUser - The _givenUser value.
|
|
35
|
+
* @returns The switchUser result.
|
|
36
|
+
*
|
|
37
|
+
* @example
|
|
38
|
+
* ```ts
|
|
39
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
40
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
41
|
+
* // Use Credential.switchUser in a Node request handler.
|
|
42
|
+
* ```
|
|
43
|
+
*/
|
|
44
|
+
switchUser(_givenUser?: string): string | null;
|
|
45
|
+
/**
|
|
46
|
+
* Returns the effective user type.
|
|
47
|
+
*
|
|
48
|
+
* @returns The getCurrentUserType result.
|
|
49
|
+
*
|
|
50
|
+
* @example
|
|
51
|
+
* ```ts
|
|
52
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
53
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
54
|
+
* // Use Credential.getCurrentUserType in a Node request handler.
|
|
55
|
+
* ```
|
|
56
|
+
*/
|
|
57
|
+
getCurrentUserType(): string;
|
|
58
|
+
}
|
|
59
|
+
export declare class RefreshTokenCredential extends Credential {
|
|
60
|
+
refreshToken: string;
|
|
61
|
+
clientId: string;
|
|
62
|
+
clientSecret: string;
|
|
63
|
+
cachedToken: {
|
|
64
|
+
access_token: string;
|
|
65
|
+
expires_in: number;
|
|
66
|
+
} | null;
|
|
67
|
+
/**
|
|
68
|
+
* Creates a RefreshTokenCredential instance.
|
|
69
|
+
* @param refreshObj - The refreshObj value.
|
|
70
|
+
*/
|
|
71
|
+
constructor(refreshObj: {
|
|
72
|
+
[x: string]: string;
|
|
73
|
+
});
|
|
74
|
+
/**
|
|
75
|
+
* Returns the credential token payload.
|
|
76
|
+
*
|
|
77
|
+
* @returns The getToken result.
|
|
78
|
+
*
|
|
79
|
+
* @example
|
|
80
|
+
* ```ts
|
|
81
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
82
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
83
|
+
* // Use RefreshTokenCredential.getToken in a Node request handler.
|
|
84
|
+
* ```
|
|
85
|
+
*/
|
|
86
|
+
getToken(): Promise<{
|
|
87
|
+
['access_token']: string;
|
|
88
|
+
}>;
|
|
89
|
+
}
|
|
90
|
+
export declare class AccessTokenCredential extends Credential {
|
|
91
|
+
accessToken: string;
|
|
92
|
+
/**
|
|
93
|
+
* Creates a AccessTokenCredential instance.
|
|
94
|
+
* @param accessObj - The accessObj value.
|
|
95
|
+
*/
|
|
96
|
+
constructor(accessObj: Record<string, string>);
|
|
97
|
+
/**
|
|
98
|
+
* Returns the credential token payload.
|
|
99
|
+
*
|
|
100
|
+
* @returns The getToken result.
|
|
101
|
+
*
|
|
102
|
+
* @example
|
|
103
|
+
* ```ts
|
|
104
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
105
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
106
|
+
* // Use AccessTokenCredential.getToken in a Node request handler.
|
|
107
|
+
* ```
|
|
108
|
+
*/
|
|
109
|
+
getToken(): Promise<{
|
|
110
|
+
access_token: string;
|
|
111
|
+
}>;
|
|
112
|
+
}
|
|
113
|
+
export declare class TicketCredential extends Credential {
|
|
114
|
+
ticket: string;
|
|
115
|
+
/**
|
|
116
|
+
* Creates a TicketCredential instance.
|
|
117
|
+
* @param ticketObj - The ticketObj value.
|
|
118
|
+
*/
|
|
119
|
+
constructor(ticketObj: {
|
|
120
|
+
[x: string]: string;
|
|
121
|
+
});
|
|
122
|
+
/**
|
|
123
|
+
* Returns the credential token payload.
|
|
124
|
+
*
|
|
125
|
+
* @returns The getToken result.
|
|
126
|
+
*
|
|
127
|
+
* @example
|
|
128
|
+
* ```ts
|
|
129
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
130
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
131
|
+
* // Use TicketCredential.getToken in a Node request handler.
|
|
132
|
+
* ```
|
|
133
|
+
*/
|
|
134
|
+
getToken(): Promise<{
|
|
135
|
+
['ticket']: string;
|
|
136
|
+
}>;
|
|
137
|
+
}
|
|
138
|
+
export declare class CookieCredential extends Credential {
|
|
139
|
+
cookie: string;
|
|
140
|
+
cookieObj: {
|
|
141
|
+
[x: string]: string;
|
|
142
|
+
};
|
|
143
|
+
/**
|
|
144
|
+
* Creates a CookieCredential instance.
|
|
145
|
+
* @param cookieObj - The cookieObj value.
|
|
146
|
+
*/
|
|
147
|
+
constructor(cookieObj: {
|
|
148
|
+
[x: string]: string;
|
|
149
|
+
});
|
|
150
|
+
private getAsObject;
|
|
151
|
+
private getZCSRFHeader;
|
|
152
|
+
/**
|
|
153
|
+
* Returns the credential token payload.
|
|
154
|
+
*
|
|
155
|
+
* @returns The getToken result.
|
|
156
|
+
*
|
|
157
|
+
* @example
|
|
158
|
+
* ```ts
|
|
159
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
160
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
161
|
+
* // Use CookieCredential.getToken in a Node request handler.
|
|
162
|
+
* ```
|
|
163
|
+
*/
|
|
164
|
+
getToken(): Promise<{
|
|
165
|
+
['cookie']: string;
|
|
166
|
+
['zcrf_header']: string;
|
|
167
|
+
}>;
|
|
168
|
+
}
|
|
169
|
+
export declare class CatalystCredential extends Credential {
|
|
170
|
+
adminCredType: string;
|
|
171
|
+
userCredType: string | undefined;
|
|
172
|
+
adminToken: string;
|
|
173
|
+
userToken: string | undefined;
|
|
174
|
+
adminCred: TicketCredential | AccessTokenCredential;
|
|
175
|
+
userCred: TicketCredential | AccessTokenCredential | CookieCredential | undefined;
|
|
176
|
+
cookieStr: string | undefined;
|
|
177
|
+
scope: string;
|
|
178
|
+
userType: string;
|
|
179
|
+
/**
|
|
180
|
+
* Creates a CatalystCredential instance.
|
|
181
|
+
* @param credObj - The credObj value.
|
|
182
|
+
* @param scope - The scope value.
|
|
183
|
+
*/
|
|
184
|
+
constructor(credObj: Record<string, string | undefined>, scope?: string);
|
|
185
|
+
/** @override * @returns The getToken result.
|
|
186
|
+
*
|
|
187
|
+
* @example
|
|
188
|
+
* ```ts
|
|
189
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
190
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
191
|
+
* // Use CatalystCredential.getToken in a Node request handler.
|
|
192
|
+
* ```
|
|
193
|
+
*/
|
|
194
|
+
getToken(): Promise<{
|
|
195
|
+
access_token?: string;
|
|
196
|
+
ticket?: string;
|
|
197
|
+
cookie?: string;
|
|
198
|
+
zcrf_header?: string;
|
|
199
|
+
}>;
|
|
200
|
+
/** @override * @returns The getScope result.
|
|
201
|
+
*
|
|
202
|
+
* @example
|
|
203
|
+
* ```ts
|
|
204
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
205
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
206
|
+
* // Use CatalystCredential.getScope in a Node request handler.
|
|
207
|
+
* ```
|
|
208
|
+
*/
|
|
209
|
+
getScope(): string;
|
|
210
|
+
/** @override * @returns The getCurrentUser result.
|
|
211
|
+
*
|
|
212
|
+
* @example
|
|
213
|
+
* ```ts
|
|
214
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
215
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
216
|
+
* // Use CatalystCredential.getCurrentUser in a Node request handler.
|
|
217
|
+
* ```
|
|
218
|
+
*/
|
|
219
|
+
getCurrentUser(): string;
|
|
220
|
+
/** @override * @returns The getCurrentUserType result.
|
|
221
|
+
*
|
|
222
|
+
* @example
|
|
223
|
+
* ```ts
|
|
224
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
225
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
226
|
+
* // Use CatalystCredential.getCurrentUserType in a Node request handler.
|
|
227
|
+
* ```
|
|
228
|
+
*/
|
|
229
|
+
getCurrentUserType(): string;
|
|
230
|
+
/** @override * @param givenUser - The givenUser value.
|
|
231
|
+
* @returns The switchUser result.
|
|
232
|
+
*
|
|
233
|
+
* @example
|
|
234
|
+
* ```ts
|
|
235
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
236
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
237
|
+
* // Use CatalystCredential.switchUser in a Node request handler.
|
|
238
|
+
* ```
|
|
239
|
+
*/
|
|
240
|
+
switchUser(givenUser?: string): string;
|
|
241
|
+
}
|
|
242
|
+
export declare class ApplicationDefaultCredential extends Credential {
|
|
243
|
+
credential: RefreshTokenCredential | AccessTokenCredential | TicketCredential;
|
|
244
|
+
/**
|
|
245
|
+
* Creates a ApplicationDefaultCredential instance.
|
|
246
|
+
*/
|
|
247
|
+
constructor();
|
|
248
|
+
/**
|
|
249
|
+
* Returns the credential token payload.
|
|
250
|
+
*
|
|
251
|
+
* @returns The getToken result.
|
|
252
|
+
*
|
|
253
|
+
* @example
|
|
254
|
+
* ```ts
|
|
255
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
256
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
257
|
+
* // Use ApplicationDefaultCredential.getToken in a Node request handler.
|
|
258
|
+
* ```
|
|
259
|
+
*/
|
|
260
|
+
getToken(): Promise<{
|
|
261
|
+
access_token?: string;
|
|
262
|
+
ticket?: string;
|
|
263
|
+
}>;
|
|
264
|
+
}
|
|
265
|
+
export declare class ApplicationCustomCredential extends Credential {
|
|
266
|
+
credential: RefreshTokenCredential | AccessTokenCredential | TicketCredential;
|
|
267
|
+
/**
|
|
268
|
+
* Creates a ApplicationCustomCredential instance.
|
|
269
|
+
* @param credObj - The credObj value.
|
|
270
|
+
*/
|
|
271
|
+
constructor(credObj?: Record<string, string>);
|
|
272
|
+
/**
|
|
273
|
+
* Returns the credential token payload.
|
|
274
|
+
*
|
|
275
|
+
* @returns The getToken result.
|
|
276
|
+
*
|
|
277
|
+
* @example
|
|
278
|
+
* ```ts
|
|
279
|
+
* import { zcAuth } from '@zcatalyst/auth-admin';
|
|
280
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
281
|
+
* // Use ApplicationCustomCredential.getToken in a Node request handler.
|
|
282
|
+
* ```
|
|
283
|
+
*/
|
|
284
|
+
getToken(): Promise<{
|
|
285
|
+
access_token?: string;
|
|
286
|
+
ticket?: string;
|
|
287
|
+
}>;
|
|
288
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { PrefixedCatalystError } from '@zcatalyst/utils';
|
|
2
|
+
export declare class CatalystAuthError extends PrefixedCatalystError {
|
|
3
|
+
/**
|
|
4
|
+
* Creates a CatalystAuthError instance.
|
|
5
|
+
* @param code - The code value.
|
|
6
|
+
* @param message - The message value.
|
|
7
|
+
* @param value - The value value.
|
|
8
|
+
*/
|
|
9
|
+
constructor(code: string, message: string, value?: unknown);
|
|
10
|
+
}
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Catalyst Authentication for Node.js (admin scope) — initializes a CatalystApp from a request and exposes server-side identity APIs.
|
|
3
|
+
*
|
|
4
|
+
* @packageDocumentation
|
|
5
|
+
*/
|
|
6
|
+
import { CatalystAppError, ICatalystAppConfig } from '@zcatalyst/utils';
|
|
7
|
+
import { Credential } from './credential';
|
|
8
|
+
export declare class ZCAuth {
|
|
9
|
+
#private;
|
|
10
|
+
config: Record<string, string | number | Credential | Object>;
|
|
11
|
+
/**
|
|
12
|
+
* Initializes and stores a Catalyst app instance from request headers or custom credentials.
|
|
13
|
+
*
|
|
14
|
+
* @param options - The initialization or request options.
|
|
15
|
+
* @param options - The initialization or request options.
|
|
16
|
+
* @param options.type - The initialization type.
|
|
17
|
+
* @param options.appName - The registered Catalyst app name.
|
|
18
|
+
* @param options.scope - The credential scope to use.
|
|
19
|
+
* @returns The initialized Catalyst app instance.
|
|
20
|
+
* @throws {CatalystAppError} when app initialization or validation fails.
|
|
21
|
+
*
|
|
22
|
+
* @example
|
|
23
|
+
* ```ts
|
|
24
|
+
* import { zcAuth, ZCAuth } from '@zcatalyst/auth-admin';
|
|
25
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
26
|
+
* const result = app; // use ZCAuth.init in a Node request handler
|
|
27
|
+
* ```
|
|
28
|
+
*/
|
|
29
|
+
init(options: Record<string, string | number>, { type, appName, scope }?: {
|
|
30
|
+
type?: string;
|
|
31
|
+
appName?: string;
|
|
32
|
+
scope?: 'admin' | 'user';
|
|
33
|
+
}): CatalystApp;
|
|
34
|
+
/**
|
|
35
|
+
* Returns a Catalyst app initialized from default credentials.
|
|
36
|
+
*
|
|
37
|
+
* @param appName - The registered Catalyst app name.
|
|
38
|
+
* @returns The initialized default Catalyst app instance.
|
|
39
|
+
* @throws {CatalystAppError} when app initialization or validation fails.
|
|
40
|
+
*
|
|
41
|
+
* @example
|
|
42
|
+
* ```ts
|
|
43
|
+
* import { zcAuth, ZCAuth } from '@zcatalyst/auth-admin';
|
|
44
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
45
|
+
* const result = app; // use ZCAuth.getDefaultCredentials in a Node request handler
|
|
46
|
+
* ```
|
|
47
|
+
*/
|
|
48
|
+
getDefaultCredentials(appName?: string): CatalystApp;
|
|
49
|
+
/**
|
|
50
|
+
* Returns a previously initialized Catalyst app by name.
|
|
51
|
+
*
|
|
52
|
+
* @param appName - The registered Catalyst app name.
|
|
53
|
+
* @returns The registered Catalyst app instance.
|
|
54
|
+
* @throws {CatalystAppError} when app initialization or validation fails.
|
|
55
|
+
*
|
|
56
|
+
* @example
|
|
57
|
+
* ```ts
|
|
58
|
+
* import { zcAuth, ZCAuth } from '@zcatalyst/auth-admin';
|
|
59
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
60
|
+
* const result = app; // use ZCAuth.app in a Node request handler
|
|
61
|
+
* ```
|
|
62
|
+
*/
|
|
63
|
+
app(appName?: string): CatalystApp;
|
|
64
|
+
}
|
|
65
|
+
export declare class CatalystApp {
|
|
66
|
+
credential: Credential;
|
|
67
|
+
config: ICatalystAppConfig;
|
|
68
|
+
/**
|
|
69
|
+
* Creates a CatalystApp instance.
|
|
70
|
+
* @param options - The options value.
|
|
71
|
+
*/
|
|
72
|
+
constructor(options: Record<string, string | number | Credential | Object>);
|
|
73
|
+
private setOauthHeader;
|
|
74
|
+
private setTicketHeader;
|
|
75
|
+
/**
|
|
76
|
+
* Adds the appropriate authentication headers to a request object.
|
|
77
|
+
*
|
|
78
|
+
* @param req - The request object to authenticate.
|
|
79
|
+
*
|
|
80
|
+
* @example
|
|
81
|
+
* ```ts
|
|
82
|
+
* import { zcAuth, CatalystApp } from '@zcatalyst/auth-admin';
|
|
83
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
84
|
+
* await app.authenticateRequest({ headers: {} });
|
|
85
|
+
* ```
|
|
86
|
+
*/
|
|
87
|
+
authenticateRequest(req: Record<string, unknown>): Promise<void>;
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Adds Catalyst project headers required by SDK service requests.
|
|
91
|
+
*
|
|
92
|
+
* @param headers - The headers object to mutate or extend.
|
|
93
|
+
* @param values - The Catalyst app configuration values.
|
|
94
|
+
* @returns The updated headers object.
|
|
95
|
+
*
|
|
96
|
+
* @example
|
|
97
|
+
* ```ts
|
|
98
|
+
* import { zcAuth, addDefaultAppHeaders } from '@zcatalyst/auth-admin';
|
|
99
|
+
* const app = zcAuth.init({ credential: { access_token: 'token' }, projectId: '123' }, { type: 'custom' });
|
|
100
|
+
* addDefaultAppHeaders({}, app.config);
|
|
101
|
+
* ```
|
|
102
|
+
*/
|
|
103
|
+
export declare function addDefaultAppHeaders(headers: Record<string, string>, values?: ICatalystAppConfig): Record<string, string>;
|
|
104
|
+
export { AccessTokenCredential, Credential, RefreshTokenCredential, TicketCredential } from './credential';
|
|
105
|
+
export { CatalystAppError };
|