ag-common 0.0.3 → 0.0.7

package/LICENSE.md

@@ -0,0 +1,7 @@
+ISC License
+
+Copyright 2021 Andrei Gec
+
+Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

package/README.md

@@ -0,0 +1,22 @@
+# ag-common
+
+> Various reusable libaries for: common ts/js / api (aws cognito, aws-cdk) / ui (react)
+
+[![NPM Version][npm-image]][npm-url]
+
+## Install
+
+```bash
+npm i -S ag-common
+```
+
+## Usage
+
+Please raise any issues or requests you might have [here](https://github.com/andreigec/ag-common/issues)
+
+## License
+
+[ISC](./LICENSE.md)
+
+[npm-image]: https://img.shields.io/npm/v/ag-common.svg
+[npm-url]: https://www.npmjs.com/package/ag-common

package/dist/api/helpers/index.d.ts

@@ -1,3 +1,5 @@
 export * from './api';
 export * from './dynamoInfra';
 export * from './openApiHelpers';
+export * from './validateOpenApi';
+export * from './validations';

package/dist/api/helpers/index.js

@@ -13,3 +13,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./api"), exports);
 __exportStar(require("./dynamoInfra"), exports);
 __exportStar(require("./openApiHelpers"), exports);
+__exportStar(require("./validateOpenApi"), exports);
+__exportStar(require("./validations"), exports);

package/dist/api/helpers/openApiHelpers.js

@@ -5,7 +5,7 @@ exports.openApiImpl = void 0;
 const aws_cdk_lib_1 = require("aws-cdk-lib");
 const distinctBy_1 = require("../../common/helpers/distinctBy");
 const log_1 = require("../../common/helpers/log");
-// eslint-disable-next-line @typescript-eslint/no-var-requires
+// eslint-disable-next-line
 const getPaths = (schema) => Object.entries(schema.paths).map(([fullPath, verbs]) => ({
     fullPath,
     pathList: fullPath.split('/').filter((s) => s),

package/dist/api/helpers/validateOpenApi.d.ts

@@ -0,0 +1,15 @@
+import { APIGatewayEvent, APIGatewayProxyResult } from 'aws-lambda';
+import { User } from 'analytica.click';
+export declare type NextType<T> = ({ event, body, params, userProfile, }: {
+    params: Record<string, string>;
+    event: APIGatewayEvent;
+    body: T;
+    userProfile?: User;
+}) => Promise<APIGatewayProxyResult>;
+export declare function validateOpenApi<T>({ event, next, authorized, schema, COGNITO_USER_POOL_ID, }: {
+    COGNITO_USER_POOL_ID: string;
+    schema: any;
+    event: APIGatewayEvent;
+    next: NextType<T>;
+    authorized?: true | false | 'optional';
+}): Promise<APIGatewayProxyResult>;

package/dist/api/helpers/validateOpenApi.js

@@ -0,0 +1,117 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateOpenApi = void 0;
+const openapi_request_validator_1 = __importDefault(require("openapi-request-validator"));
+const validations_1 = require("./validations");
+const log_1 = require("../../common/helpers/log");
+const object_1 = require("../../common/helpers/object");
+const api_1 = require("./api");
+//
+const getOperation = ({ path, method, resource, schema, }) => {
+    var _a;
+    const resourcePath = Object.keys(schema.paths).find((rp) => rp === resource);
+    if (!resourcePath) {
+        throw new Error('incorrect path');
+    }
+    const operation = (_a = schema.paths[resourcePath]) === null || _a === void 0 ? void 0 : _a[method];
+    if (!operation) {
+        const msg = `no operation found for ${method}/${path}`;
+        (0, log_1.warn)(`${msg} ${Object.keys(schema.paths)}`);
+        throw new Error(msg);
+    }
+    /*
+     var path=  '/events/12345/topics/2216026039415263/like'
+     var resourcePath ='/events/{eventCode}/topics/{topicId}/like'
+     */
+    const re = new RegExp(resourcePath
+        .replace(/\//gim, `\\/`)
+        .replace(/\{(.+?)\}/gim, '(?<$1>[^\\\\]+)'), 'i').exec(path);
+    const pathParams = (re === null || re === void 0 ? void 0 : re.groups) && JSON.parse(JSON.stringify(re === null || re === void 0 ? void 0 : re.groups));
+    return { operation, pathParams };
+};
+function validateOpenApi({ event, next, authorized, schema, COGNITO_USER_POOL_ID, }) {
+    var _a, _b, _c, _d;
+    return __awaiter(this, void 0, void 0, function* () {
+        const request = {
+            method: event.httpMethod,
+            path: event.path,
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any
+            params: undefined,
+            query: event.queryStringParameters,
+            body: event.body && JSON.parse(event.body),
+            headers: (0, object_1.objectKeysToLowerCase)(event === null || event === void 0 ? void 0 : event.headers),
+        };
+        const method = event.requestContext.httpMethod.toLowerCase();
+        const pathParameters = event.pathParameters || {};
+        const queryStringParameters = event.queryStringParameters || {};
+        //
+        const opm = getOperation({
+            path: event.path,
+            method,
+            resource: event.resource,
+            schema,
+        });
+        if (!(opm === null || opm === void 0 ? void 0 : opm.operation)) {
+            const msg = `no request handler found! for ${method} ${event.path} - cant validate`;
+            (0, log_1.error)(msg);
+            return (0, api_1.returnCode)(400, msg);
+        }
+        if (!opm.operation.requestBody && !opm.operation.parameters) {
+            if (!!event.body || Object.keys(pathParameters).length > 0) {
+                (0, log_1.warn)(`bad req, unexpected params`);
+                return (0, api_1.returnCode)(400, 'bad data');
+            }
+            // no validation necessary
+        }
+        else {
+            try {
+                request.params = opm.pathParams;
+                (0, log_1.info)('req=', JSON.stringify(request, null, 2));
+                const resp = new openapi_request_validator_1.default(Object.assign(Object.assign({}, opm.operation), { schemas: schema.components.schemas })).validateRequest(request);
+                if (resp) {
+                    (0, log_1.warn)('bad request');
+                    (0, log_1.warn)('opm=', JSON.stringify(opm, null, 2));
+                    (0, log_1.warn)('resp=', JSON.stringify(resp, null, 2));
+                    return (0, api_1.returnCode)(400, `error:${(_b = (_a = resp === null || resp === void 0 ? void 0 : resp.errors) === null || _a === void 0 ? void 0 : _a[0]) === null || _b === void 0 ? void 0 : _b.message}`);
+                }
+                (0, log_1.debug)(`validated request:`, event.path);
+            }
+            catch (e) {
+                (0, log_1.error)('e=', e, JSON.stringify(opm));
+            }
+        }
+        let userProfile;
+        let error;
+        const authHeader = ((_c = event.headers) === null || _c === void 0 ? void 0 : _c.Authorization) || ((_d = event.headers) === null || _d === void 0 ? void 0 : _d.authorization);
+        if (authorized === true || (authorized === 'optional' && authHeader)) {
+            ({ error, userProfile } = yield (0, validations_1.getAndValidateToken)({
+                tokenRaw: authHeader,
+                COGNITO_USER_POOL_ID,
+            }));
+            if (error) {
+                return error;
+            }
+        }
+        const params = Object.assign(Object.assign({}, (pathParameters || {})), (queryStringParameters || {}));
+        const res = yield next({
+            params,
+            event,
+            body: (event.body && JSON.parse(event.body)),
+            userProfile,
+        });
+        return res;
+    });
+}
+exports.validateOpenApi = validateOpenApi;

package/dist/api/helpers/validations.d.ts

@@ -0,0 +1,11 @@
+import { APIGatewayProxyResult } from 'aws-lambda';
+import { User } from 'analytica.click';
+import { error } from '../../common/helpers/log';
+export declare const getAndValidateToken: ({ tokenRaw, COGNITO_USER_POOL_ID, }: {
+    tokenRaw?: string | undefined;
+    COGNITO_USER_POOL_ID: string;
+}) => Promise<{
+    error?: APIGatewayProxyResult | undefined;
+    token?: string | undefined;
+    userProfile?: User | undefined;
+}>;

package/dist/api/helpers/validations.js

@@ -0,0 +1,121 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAndValidateToken = void 0;
+const jwks_rsa_1 = __importDefault(require("jwks-rsa"));
+const jsonwebtoken_1 = require("jsonwebtoken");
+const log_1 = require("../../common/helpers/log");
+const api_1 = require("./api");
+let jwksClient;
+const jwtVerify = ({ COGNITO_USER_POOL_ID, token, }) => __awaiter(void 0, void 0, void 0, function* () {
+    const jwksUri = `https://cognito-idp.ap-southeast-2.amazonaws.com/${COGNITO_USER_POOL_ID}/.well-known/jwks.json`;
+    const issuer = `https://cognito-idp.ap-southeast-2.amazonaws.com/${COGNITO_USER_POOL_ID}`;
+    return new Promise((resolve, reject) => {
+        (0, jsonwebtoken_1.verify)(token, (header, callback) => {
+            if (!jwksClient) {
+                const jc = {
+                    cache: true,
+                    rateLimit: true,
+                    jwksRequestsPerMinute: 10,
+                    jwksUri,
+                };
+                (0, log_1.info)(`jwksClient config=`, jc);
+                jwksClient = (0, jwks_rsa_1.default)(jc);
+            }
+            jwksClient.getSigningKey(header.kid, (errorV, key) => {
+                if (errorV) {
+                    reject(errorV);
+                    return;
+                }
+                const signingKey = (key === null || key === void 0 ? void 0 : key.publicKey) || (key === null || key === void 0 ? void 0 : key.rsaPublicKey) || undefined;
+                if (!signingKey) {
+                    callback('no key');
+                }
+                else {
+                    callback(null, signingKey);
+                }
+            });
+        }, {
+            issuer,
+            algorithms: ['RS256'],
+        }, (errorV, decoded) => {
+            if (errorV) {
+                reject(errorV);
+                return;
+            }
+            resolve(decoded);
+        });
+    });
+});
+const getAndValidateToken = ({ tokenRaw, COGNITO_USER_POOL_ID, }) => __awaiter(void 0, void 0, void 0, function* () {
+    var _a, _b;
+    let token = '';
+    try {
+        if (!tokenRaw) {
+            (0, log_1.error)('no auth headers');
+            return {
+                error: (0, api_1.returnCode)(403, 'auth failed'),
+            };
+        }
+        token = tokenRaw.substr(tokenRaw.indexOf(' ') + 1);
+        let subject;
+        try {
+            yield jwtVerify({ token, COGNITO_USER_POOL_ID });
+            const decoded = (0, jsonwebtoken_1.decode)(token);
+            (0, log_1.debug)(`decoded=${JSON.stringify(decoded)}`);
+            subject = decoded === null || decoded === void 0 ? void 0 : decoded.sub;
+            if (!subject) {
+                const mess = 'user should have responded with subject (sub) field';
+                (0, log_1.error)(mess);
+                throw new Error(mess);
+            }
+            let { picture } = decoded;
+            if (((_b = (_a = decoded === null || decoded === void 0 ? void 0 : decoded.identities) === null || _a === void 0 ? void 0 : _a[0]) === null || _b === void 0 ? void 0 : _b.providerName) === 'Facebook') {
+                picture = JSON.parse(decoded.picture).data.url;
+            }
+            const userId = decoded.email.toLowerCase();
+            const userProfile = {
+                isAdmin: ['andreigec@hotmail.com', 'andreigec@gmail.com'].includes(userId),
+                idJwt: decoded,
+                userId,
+                nickname: decoded.nickname || decoded['cognito:username'],
+                fullname: decoded.name || decoded['cognito:username'],
+                picture,
+                updatedAt: parseInt(`${decoded.auth_time}000`, 10),
+            };
+            if (!userProfile || !token || !userProfile.userId) {
+                (0, log_1.error)('auth fail');
+                return {
+                    error: (0, api_1.returnCode)(403, 'auth fail'),
+                };
+            }
+            return { token, userProfile };
+        }
+        catch (e) {
+            const ex = e;
+            // expiry is too common to log
+            if (ex.toString().indexOf('jwt expired') !== -1) {
+                (0, log_1.info)(`jwt fail:${e}`);
+            }
+            throw e;
+        }
+    }
+    catch (e) {
+        (0, log_1.error)('auth error', e);
+        return {
+            error: (0, api_1.returnCode)(403, 'auth fail'),
+        };
+    }
+});
+exports.getAndValidateToken = getAndValidateToken;

package/dist/index.js

@@ -10,6 +10,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+/* eslint-disable prettier/prettier */
 __exportStar(require("./ui"), exports);
 __exportStar(require("./common"), exports);
 __exportStar(require("./api"), exports);

package/dist/ui/components/LoginButton/text.d.ts

@@ -1,3 +1,3 @@
-import { TResource } from "../../../common/helpers/i18n";
+import { TResource } from '../../../common/helpers/i18n';
 export declare const getstarted: TResource;
 export declare const login: TResource;

package/dist/ui/helpers/callOpenApi.js

@@ -14,6 +14,7 @@ const cookie_1 = require("./cookie");
 const debounce_1 = require("./debounce");
 const callOpenApi = ({ func, apiUrl, overrideAuth, refreshToken, logout, newDefaultApi, }) => __awaiter(void 0, void 0, void 0, function* () {
     var _a, _b, _c, _d, _e, _f;
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
     let error;
     let data;
     const config = {
@@ -45,6 +46,7 @@ const callOpenApi = ({ func, apiUrl, overrideAuth, refreshToken, logout, newDefa
             throw new Error(JSON.stringify(resp.data) || resp.statusText);
         }
         catch (e) {
+            // eslint-disable-next-line @typescript-eslint/no-explicit-any
             const ae = e;
             const status = (_c = ae.response) === null || _c === void 0 ? void 0 : _c.status;
             const errorMessage = (((_d = ae.response) === null || _d === void 0 ? void 0 : _d.data) ||

package/dist/ui/helpers/useOpenApiStore.d.ts

@@ -1,6 +1,12 @@
 import { AxiosResponse } from 'axios';
 import { AxiosWrapper, User } from 'analytica.click';
 import { CacheItems } from './routes';
+export declare const setMutexData: ({ key, data, ttlSeconds, }: {
+    key: string;
+    data: any;
+    ttlSeconds: number;
+}) => void;
+export declare const getMutexData: <T>(key: string) => AxiosWrapper<T>;
 export declare const useOpenApiStore: <T, TDefaultApi>({ func, cacheKey, ttlSeconds, logout, refreshToken, disabled, apiUrl, newDefaultApi, }: {
     ttlSeconds?: number | undefined;
     func: (f: TDefaultApi) => Promise<AxiosResponse<T, any>>;

package/dist/ui/helpers/useOpenApiStore.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.setOpenApiCache = exports.useOpenApiStore = void 0;
+exports.setOpenApiCache = exports.useOpenApiStore = exports.getMutexData = exports.setMutexData = void 0;
 const react_1 = require("react");
 const mutex_1 = require("./mutex");
 const mutexData_1 = require("./mutexData");
@@ -36,9 +36,13 @@ const setMutexData = ({ key, data, ttlSeconds = 3600, }) => {
     };
     mutexData.setData(key, wrap, ttlSeconds);
 };
+exports.setMutexData = setMutexData;
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 const getMutexData = (key) => mutexData.getData(key);
-function mLock(key, func, ttlSeconds, logout, refreshToken, apiUrl, newDefaultApi) {
+exports.getMutexData = getMutexData;
+function mLock(key, func, ttlSeconds, logout, refreshToken, apiUrl, 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+newDefaultApi) {
     return __awaiter(this, void 0, void 0, function* () {
         let unlock;
         try {

package/package.json

@@ -1,32 +1,48 @@
 {
   "name": "ag-common",
-  "version": "0.0.3",
+  "version": "0.0.7",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
+  "author": "Andrei Gec <@andreigec> (https://gec.dev/)",
+  "repository": "github:andreigec/ag-common",
+  "license": "ISC",
   "dependencies": {
+    "aws-lambda": "1.0.7",
+    "styled-components": "5.3.3",
     "axios": "0.24.0",
-    "typescript": "4.5.4"
-  },
-  "devDependencies": {
-    "@types/node": "^17.0.5",
-    "@types/aws-lambda": "8.10.89",
-    "@types/react": "*",
-    "@types/react-dom": "*",
-    "@types/styled-components": "*",
-    "analytica.click": "*",
-    "aws-cdk-lib": "*",
+    "typescript": "4.5.4",
+    "openapi-request-validator": "10.0.0",
+    "analytica.click": "0.0.123",
     "aws-sdk": "2.1048.0",
-    "constructs": "*",
-    "eslint": "*",
-    "react": "*",
-    "react-dom": "*",
+    "aws-cdk-lib": "2.3.0",
+    "constructs": "10.0.17",
+    "react": "17.0.2",
+    "react-dom": "17.0.2",
     "react-hot-toast": "2.1.1",
-    "rimraf": "*",
-    "typescript-styled-plugin": "*"
+    "jsonwebtoken": "8.5.1",
+    "jwks-rsa": "2.0.5"
   },
-  "peerDependencies": {
-    "aws-lambda": "1.0.7",
-    "styled-components": "*"
+  "devDependencies": {
+    "@typescript-eslint/eslint-plugin": "5.8.1",
+    "@typescript-eslint/parser": "5.8.1",
+    "prettier": "2.5.1",
+    "@types/node": "17.0.5",
+    "@types/aws-lambda": "8.10.89",
+    "@types/react": "17.0.38",
+    "@types/react-dom": "17.0.11",
+    "@types/styled-components": "5.1.19",
+    "eslint": "8.5.0",
+    "eslint-config-airbnb-typescript": "16.1.0",
+    "eslint-config-prettier": "8.3.0",
+    "eslint-config-react-app": "7.0.0",
+    "eslint-plugin-import": "2.25.3",
+    "eslint-plugin-jsx-a11y": "6.5.1",
+    "eslint-plugin-prettier": "4.0.0",
+    "eslint-plugin-react": "7.28.0",
+    "eslint-plugin-react-hooks": "4.3.0",
+    "rimraf": "3.0.2",
+    "typescript-styled-plugin": "0.18.2",
+    "@types/jsonwebtoken": "8.5.6"
   },
   "scripts": {
     "build": "rimraf dist && tsc",
@@ -35,6 +51,8 @@
     "start": "tsc --watch"
   },
   "files": [
-    "dist/**/*"
+    "dist/**/*",
+    "README.md",
+    "LICENSE.md"
   ]
 }