alepha 0.13.1 → 0.13.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/api-files/index.browser.js +80 -0
- package/dist/api-files/index.browser.js.map +1 -0
- package/dist/api-files/index.d.ts +28 -91
- package/dist/api-files/index.js +10 -755
- package/dist/api-files/index.js.map +1 -1
- package/dist/api-jobs/index.browser.js +56 -0
- package/dist/api-jobs/index.browser.js.map +1 -0
- package/dist/api-jobs/index.d.ts +46 -46
- package/dist/api-jobs/index.js +13 -13
- package/dist/api-jobs/index.js.map +1 -1
- package/dist/api-notifications/index.browser.js +382 -0
- package/dist/api-notifications/index.browser.js.map +1 -0
- package/dist/api-notifications/index.d.ts +231 -193
- package/dist/api-notifications/index.js +108 -78
- package/dist/api-notifications/index.js.map +1 -1
- package/dist/api-parameters/index.browser.js +29 -0
- package/dist/api-parameters/index.browser.js.map +1 -0
- package/dist/api-parameters/index.d.ts +21 -22
- package/dist/api-parameters/index.js +22 -22
- package/dist/api-parameters/index.js.map +1 -1
- package/dist/api-users/index.d.ts +237 -2001
- package/dist/api-users/index.js +969 -4795
- package/dist/api-users/index.js.map +1 -1
- package/dist/api-verifications/index.browser.js +52 -0
- package/dist/api-verifications/index.browser.js.map +1 -0
- package/dist/api-verifications/index.d.ts +119 -97
- package/dist/api-verifications/index.js +1 -1
- package/dist/api-verifications/index.js.map +1 -1
- package/dist/batch/index.d.ts +13 -13
- package/dist/batch/index.js +8 -13
- package/dist/batch/index.js.map +1 -1
- package/dist/bucket/index.d.ts +14 -14
- package/dist/bucket/index.js +19 -17
- package/dist/bucket/index.js.map +1 -1
- package/dist/cache/index.d.ts +11 -11
- package/dist/cache/index.js +9 -9
- package/dist/cache/index.js.map +1 -1
- package/dist/cli/{dist-Dl9Vl7Ur.js → dist-lGnqsKpu.js} +11 -15
- package/dist/cli/dist-lGnqsKpu.js.map +1 -0
- package/dist/cli/index.d.ts +32 -49
- package/dist/cli/index.js +90 -71
- package/dist/cli/index.js.map +1 -1
- package/dist/command/index.d.ts +20 -19
- package/dist/command/index.js +34 -25
- package/dist/command/index.js.map +1 -1
- package/dist/core/index.browser.js +218 -218
- package/dist/core/index.browser.js.map +1 -1
- package/dist/core/index.d.ts +232 -232
- package/dist/core/index.js +218 -218
- package/dist/core/index.js.map +1 -1
- package/dist/core/index.native.js +2113 -0
- package/dist/core/index.native.js.map +1 -0
- package/dist/datetime/index.d.ts +9 -9
- package/dist/datetime/index.js +7 -7
- package/dist/datetime/index.js.map +1 -1
- package/dist/email/index.d.ts +16 -16
- package/dist/email/index.js +14 -9
- package/dist/email/index.js.map +1 -1
- package/dist/file/index.js +1 -1
- package/dist/file/index.js.map +1 -1
- package/dist/lock/index.d.ts +9 -9
- package/dist/lock/index.js +8 -8
- package/dist/lock/index.js.map +1 -1
- package/dist/lock-redis/index.js +3 -66
- package/dist/lock-redis/index.js.map +1 -1
- package/dist/logger/index.d.ts +5 -5
- package/dist/logger/index.js +8 -8
- package/dist/logger/index.js.map +1 -1
- package/dist/orm/index.browser.js +114 -114
- package/dist/orm/index.browser.js.map +1 -1
- package/dist/orm/index.d.ts +218 -218
- package/dist/orm/index.js +49 -49
- package/dist/orm/index.js.map +1 -1
- package/dist/queue/index.d.ts +29 -29
- package/dist/queue/index.js +20 -20
- package/dist/queue/index.js.map +1 -1
- package/dist/queue-redis/index.d.ts +2 -2
- package/dist/redis/index.d.ts +4 -4
- package/dist/retry/index.d.ts +19 -19
- package/dist/retry/index.js +7 -7
- package/dist/retry/index.js.map +1 -1
- package/dist/scheduler/index.d.ts +16 -16
- package/dist/scheduler/index.js +9 -9
- package/dist/scheduler/index.js.map +1 -1
- package/dist/security/index.d.ts +53 -53
- package/dist/security/index.js +35 -35
- package/dist/security/index.js.map +1 -1
- package/dist/server/index.browser.js +1 -1
- package/dist/server/index.browser.js.map +1 -1
- package/dist/server/index.d.ts +92 -92
- package/dist/server/index.js +16 -16
- package/dist/server/index.js.map +1 -1
- package/dist/server-auth/index.browser.js +4 -982
- package/dist/server-auth/index.browser.js.map +1 -1
- package/dist/server-auth/index.d.ts +204 -785
- package/dist/server-auth/index.js +47 -1239
- package/dist/server-auth/index.js.map +1 -1
- package/dist/server-cache/index.d.ts +10 -10
- package/dist/server-cache/index.js +2 -2
- package/dist/server-cache/index.js.map +1 -1
- package/dist/server-compress/index.d.ts +4 -4
- package/dist/server-compress/index.js +1 -1
- package/dist/server-compress/index.js.map +1 -1
- package/dist/server-cookies/index.browser.js +8 -8
- package/dist/server-cookies/index.browser.js.map +1 -1
- package/dist/server-cookies/index.d.ts +17 -17
- package/dist/server-cookies/index.js +11 -11
- package/dist/server-cookies/index.js.map +1 -1
- package/dist/server-cors/index.d.ts +17 -17
- package/dist/server-cors/index.js +9 -9
- package/dist/server-cors/index.js.map +1 -1
- package/dist/server-health/index.d.ts +19 -19
- package/dist/server-helmet/index.d.ts +1 -1
- package/dist/server-links/index.browser.js +12 -12
- package/dist/server-links/index.browser.js.map +1 -1
- package/dist/server-links/index.d.ts +59 -251
- package/dist/server-links/index.js +23 -502
- package/dist/server-links/index.js.map +1 -1
- package/dist/server-metrics/index.d.ts +4 -4
- package/dist/server-multipart/index.d.ts +2 -2
- package/dist/server-proxy/index.d.ts +12 -12
- package/dist/server-proxy/index.js +10 -10
- package/dist/server-proxy/index.js.map +1 -1
- package/dist/server-rate-limit/index.d.ts +22 -22
- package/dist/server-rate-limit/index.js +12 -12
- package/dist/server-rate-limit/index.js.map +1 -1
- package/dist/server-security/index.d.ts +22 -22
- package/dist/server-security/index.js +15 -15
- package/dist/server-security/index.js.map +1 -1
- package/dist/server-static/index.d.ts +14 -14
- package/dist/server-static/index.js +26 -10
- package/dist/server-static/index.js.map +1 -1
- package/dist/server-swagger/index.d.ts +25 -184
- package/dist/server-swagger/index.js +21 -724
- package/dist/server-swagger/index.js.map +1 -1
- package/dist/sms/index.d.ts +14 -14
- package/dist/sms/index.js +9 -9
- package/dist/sms/index.js.map +1 -1
- package/dist/thread/index.d.ts +11 -11
- package/dist/thread/index.js +17 -17
- package/dist/thread/index.js.map +1 -1
- package/dist/topic/index.d.ts +26 -26
- package/dist/topic/index.js +16 -16
- package/dist/topic/index.js.map +1 -1
- package/dist/topic-redis/index.d.ts +1 -1
- package/dist/vite/index.d.ts +3 -3
- package/dist/vite/index.js +8 -8
- package/dist/vite/index.js.map +1 -1
- package/dist/websocket/index.browser.js +11 -11
- package/dist/websocket/index.browser.js.map +1 -1
- package/dist/websocket/index.d.ts +58 -58
- package/dist/websocket/index.js +13 -13
- package/dist/websocket/index.js.map +1 -1
- package/package.json +128 -57
- package/src/api-files/index.browser.ts +17 -0
- package/src/api-files/services/FileService.ts +5 -7
- package/src/api-jobs/index.browser.ts +15 -0
- package/src/api-jobs/index.ts +1 -1
- package/src/api-jobs/{descriptors → primitives}/$job.ts +8 -8
- package/src/api-jobs/providers/JobProvider.ts +9 -9
- package/src/api-jobs/services/JobService.ts +5 -5
- package/src/api-notifications/controllers/NotificationController.ts +26 -1
- package/src/api-notifications/index.browser.ts +17 -0
- package/src/api-notifications/index.ts +6 -15
- package/src/api-notifications/{descriptors → primitives}/$notification.ts +10 -10
- package/src/api-notifications/schemas/notificationQuerySchema.ts +13 -0
- package/src/api-notifications/services/NotificationSenderService.ts +3 -3
- package/src/api-notifications/services/NotificationService.ts +45 -2
- package/src/api-parameters/index.browser.ts +12 -0
- package/src/api-parameters/index.ts +1 -1
- package/src/api-parameters/{descriptors → primitives}/$config.ts +7 -12
- package/src/api-users/atoms/realmAuthSettingsAtom.ts +3 -1
- package/src/api-users/controllers/UserController.ts +21 -1
- package/src/api-users/index.ts +1 -1
- package/src/api-users/{descriptors → primitives}/$userRealm.ts +40 -17
- package/src/api-users/providers/UserRealmProvider.ts +2 -1
- package/src/api-users/services/SessionService.ts +2 -0
- package/src/api-users/services/UserService.ts +56 -16
- package/src/api-verifications/index.browser.ts +15 -0
- package/src/api-verifications/index.ts +1 -0
- package/src/batch/index.ts +3 -3
- package/src/batch/{descriptors → primitives}/$batch.ts +13 -16
- package/src/batch/providers/BatchProvider.ts +0 -7
- package/src/bucket/index.ts +15 -13
- package/src/bucket/{descriptors → primitives}/$bucket.ts +8 -8
- package/src/bucket/providers/LocalFileStorageProvider.ts +3 -3
- package/src/cache/index.ts +4 -4
- package/src/cache/{descriptors → primitives}/$cache.ts +15 -15
- package/src/cli/apps/AlephaCli.ts +27 -1
- package/src/cli/apps/AlephaPackageBuilderCli.ts +27 -2
- package/src/cli/commands/CoreCommands.ts +6 -2
- package/src/cli/commands/DrizzleCommands.ts +6 -6
- package/src/cli/commands/VerifyCommands.ts +1 -1
- package/src/cli/commands/ViteCommands.ts +8 -2
- package/src/cli/services/ProjectUtils.ts +74 -78
- package/src/command/helpers/Asker.ts +10 -0
- package/src/command/index.ts +5 -5
- package/src/command/{descriptors → primitives}/$command.ts +9 -12
- package/src/command/providers/CliProvider.ts +10 -10
- package/src/core/Alepha.ts +30 -33
- package/src/core/constants/KIND.ts +1 -1
- package/src/core/constants/OPTIONS.ts +1 -1
- package/src/core/helpers/{descriptor.ts → primitive.ts} +18 -18
- package/src/core/helpers/ref.ts +1 -1
- package/src/core/index.shared.ts +8 -8
- package/src/core/{descriptors → primitives}/$context.ts +5 -5
- package/src/core/{descriptors → primitives}/$hook.ts +4 -4
- package/src/core/{descriptors → primitives}/$inject.ts +2 -2
- package/src/core/{descriptors → primitives}/$module.ts +9 -9
- package/src/core/{descriptors → primitives}/$use.ts +2 -2
- package/src/core/providers/CodecManager.ts +1 -1
- package/src/core/providers/JsonSchemaCodec.ts +1 -1
- package/src/core/providers/StateManager.ts +2 -2
- package/src/datetime/index.ts +3 -3
- package/src/datetime/{descriptors → primitives}/$interval.ts +6 -6
- package/src/email/index.ts +17 -9
- package/src/email/{descriptors → primitives}/$email.ts +8 -8
- package/src/file/index.ts +1 -1
- package/src/lock/index.ts +3 -3
- package/src/lock/{descriptors → primitives}/$lock.ts +10 -10
- package/src/logger/index.ts +8 -8
- package/src/logger/{descriptors → primitives}/$logger.ts +2 -2
- package/src/logger/services/Logger.ts +1 -1
- package/src/orm/constants/PG_SYMBOLS.ts +2 -2
- package/src/orm/index.browser.ts +2 -2
- package/src/orm/index.ts +8 -8
- package/src/orm/{descriptors → primitives}/$entity.ts +11 -11
- package/src/orm/{descriptors → primitives}/$repository.ts +2 -2
- package/src/orm/{descriptors → primitives}/$sequence.ts +8 -8
- package/src/orm/{descriptors → primitives}/$transaction.ts +4 -4
- package/src/orm/providers/PostgresTypeProvider.ts +3 -3
- package/src/orm/providers/RepositoryProvider.ts +4 -4
- package/src/orm/providers/drivers/DatabaseProvider.ts +7 -7
- package/src/orm/providers/drivers/NodeSqliteProvider.ts +3 -3
- package/src/orm/services/ModelBuilder.ts +9 -9
- package/src/orm/services/PgRelationManager.ts +2 -2
- package/src/orm/services/PostgresModelBuilder.ts +5 -5
- package/src/orm/services/Repository.ts +7 -7
- package/src/orm/services/SqliteModelBuilder.ts +5 -5
- package/src/queue/index.ts +7 -7
- package/src/queue/{descriptors → primitives}/$consumer.ts +15 -15
- package/src/queue/{descriptors → primitives}/$queue.ts +12 -12
- package/src/queue/providers/WorkerProvider.ts +7 -7
- package/src/retry/index.ts +3 -3
- package/src/retry/{descriptors → primitives}/$retry.ts +14 -14
- package/src/scheduler/index.ts +3 -3
- package/src/scheduler/{descriptors → primitives}/$scheduler.ts +9 -9
- package/src/scheduler/providers/CronProvider.ts +1 -1
- package/src/security/index.ts +9 -9
- package/src/security/{descriptors → primitives}/$permission.ts +7 -7
- package/src/security/{descriptors → primitives}/$realm.ts +6 -12
- package/src/security/{descriptors → primitives}/$role.ts +12 -12
- package/src/security/{descriptors → primitives}/$serviceAccount.ts +8 -8
- package/src/server/index.browser.ts +1 -1
- package/src/server/index.ts +14 -14
- package/src/server/{descriptors → primitives}/$action.ts +13 -13
- package/src/server/{descriptors → primitives}/$route.ts +9 -9
- package/src/server/providers/NodeHttpServerProvider.ts +1 -1
- package/src/server/services/HttpClient.ts +1 -1
- package/src/server-auth/index.browser.ts +1 -1
- package/src/server-auth/index.ts +6 -6
- package/src/server-auth/{descriptors → primitives}/$auth.ts +10 -10
- package/src/server-auth/{descriptors → primitives}/$authCredentials.ts +4 -4
- package/src/server-auth/{descriptors → primitives}/$authGithub.ts +4 -4
- package/src/server-auth/{descriptors → primitives}/$authGoogle.ts +4 -4
- package/src/server-auth/providers/ServerAuthProvider.ts +4 -4
- package/src/server-cache/providers/ServerCacheProvider.ts +7 -7
- package/src/server-compress/providers/ServerCompressProvider.ts +3 -3
- package/src/server-cookies/index.browser.ts +2 -2
- package/src/server-cookies/index.ts +5 -5
- package/src/server-cookies/{descriptors → primitives}/$cookie.browser.ts +12 -12
- package/src/server-cookies/{descriptors → primitives}/$cookie.ts +13 -13
- package/src/server-cookies/providers/ServerCookiesProvider.ts +6 -5
- package/src/server-cookies/services/CookieParser.ts +1 -1
- package/src/server-cors/index.ts +3 -3
- package/src/server-cors/{descriptors → primitives}/$cors.ts +11 -13
- package/src/server-cors/providers/ServerCorsProvider.ts +5 -5
- package/src/server-links/index.browser.ts +5 -5
- package/src/server-links/index.ts +9 -9
- package/src/server-links/{descriptors → primitives}/$remote.ts +11 -11
- package/src/server-links/providers/LinkProvider.ts +7 -7
- package/src/server-links/providers/{RemoteDescriptorProvider.ts → RemotePrimitiveProvider.ts} +6 -6
- package/src/server-links/providers/ServerLinksProvider.ts +3 -3
- package/src/server-proxy/index.ts +3 -3
- package/src/server-proxy/{descriptors → primitives}/$proxy.ts +8 -8
- package/src/server-proxy/providers/ServerProxyProvider.ts +4 -4
- package/src/server-rate-limit/index.ts +6 -6
- package/src/server-rate-limit/{descriptors → primitives}/$rateLimit.ts +13 -13
- package/src/server-rate-limit/providers/ServerRateLimitProvider.ts +5 -5
- package/src/server-security/index.ts +3 -3
- package/src/server-security/{descriptors → primitives}/$basicAuth.ts +13 -13
- package/src/server-security/providers/ServerBasicAuthProvider.ts +5 -5
- package/src/server-security/providers/ServerSecurityProvider.ts +4 -4
- package/src/server-static/index.ts +3 -3
- package/src/server-static/{descriptors → primitives}/$serve.ts +8 -10
- package/src/server-static/providers/ServerStaticProvider.ts +24 -9
- package/src/server-swagger/index.ts +5 -5
- package/src/server-swagger/{descriptors → primitives}/$swagger.ts +9 -9
- package/src/server-swagger/providers/ServerSwaggerProvider.ts +11 -10
- package/src/sms/index.ts +4 -4
- package/src/sms/{descriptors → primitives}/$sms.ts +8 -8
- package/src/thread/index.ts +3 -3
- package/src/thread/{descriptors → primitives}/$thread.ts +13 -13
- package/src/thread/providers/ThreadProvider.ts +7 -9
- package/src/topic/index.ts +5 -5
- package/src/topic/{descriptors → primitives}/$subscriber.ts +14 -14
- package/src/topic/{descriptors → primitives}/$topic.ts +10 -10
- package/src/topic/providers/TopicProvider.ts +4 -4
- package/src/vite/tasks/copyAssets.ts +1 -1
- package/src/vite/tasks/generateSitemap.ts +3 -3
- package/src/vite/tasks/prerenderPages.ts +2 -2
- package/src/vite/tasks/runAlepha.ts +2 -2
- package/src/websocket/index.browser.ts +3 -3
- package/src/websocket/index.shared.ts +2 -2
- package/src/websocket/index.ts +4 -4
- package/src/websocket/interfaces/WebSocketInterfaces.ts +3 -3
- package/src/websocket/{descriptors → primitives}/$channel.ts +10 -10
- package/src/websocket/{descriptors → primitives}/$websocket.ts +8 -8
- package/src/websocket/providers/NodeWebSocketServerProvider.ts +7 -7
- package/src/websocket/providers/WebSocketServerProvider.ts +3 -3
- package/src/websocket/services/WebSocketClient.ts +5 -5
- package/dist/cli/dist-Dl9Vl7Ur.js.map +0 -1
- package/src/api-notifications/providers/MemorySmsProvider.ts +0 -20
- package/src/api-notifications/providers/SmsProvider.ts +0 -8
- /package/src/core/{descriptors → primitives}/$atom.ts +0 -0
- /package/src/core/{descriptors → primitives}/$env.ts +0 -0
- /package/src/server-auth/{descriptors → primitives}/$authApple.ts +0 -0
- /package/src/server-links/{descriptors → primitives}/$client.ts +0 -0
package/dist/security/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import * as alepha15 from "alepha";
|
|
2
|
-
import { Alepha,
|
|
2
|
+
import { Alepha, KIND, Primitive, Static } from "alepha";
|
|
3
3
|
import * as alepha_logger0 from "alepha/logger";
|
|
4
4
|
import { DateTimeProvider, Duration, DurationLike } from "alepha/datetime";
|
|
5
5
|
import { UnauthorizedError } from "alepha/server";
|
|
@@ -19,6 +19,29 @@ declare const userAccountInfoSchema: alepha15.TObject<{
|
|
|
19
19
|
}>;
|
|
20
20
|
type UserAccount = Static<typeof userAccountInfoSchema>;
|
|
21
21
|
//#endregion
|
|
22
|
+
//#region src/security/errors/InvalidCredentialsError.d.ts
|
|
23
|
+
/**
|
|
24
|
+
* Error thrown when the provided credentials are invalid.
|
|
25
|
+
*
|
|
26
|
+
* Message can not be changed to avoid leaking information.
|
|
27
|
+
* Cause is omitted for the same reason.
|
|
28
|
+
*/
|
|
29
|
+
declare class InvalidCredentialsError extends UnauthorizedError {
|
|
30
|
+
readonly name = "UnauthorizedError";
|
|
31
|
+
constructor();
|
|
32
|
+
}
|
|
33
|
+
//#endregion
|
|
34
|
+
//#region src/security/errors/InvalidPermissionError.d.ts
|
|
35
|
+
declare class InvalidPermissionError extends Error {
|
|
36
|
+
constructor(name: string);
|
|
37
|
+
}
|
|
38
|
+
//#endregion
|
|
39
|
+
//#region src/security/errors/SecurityError.d.ts
|
|
40
|
+
declare class SecurityError extends Error {
|
|
41
|
+
name: string;
|
|
42
|
+
readonly status = 403;
|
|
43
|
+
}
|
|
44
|
+
//#endregion
|
|
22
45
|
//#region src/security/interfaces/UserAccountToken.d.ts
|
|
23
46
|
/**
|
|
24
47
|
* Add contextual metadata to a user account info.
|
|
@@ -156,7 +179,7 @@ declare class SecurityProvider {
|
|
|
156
179
|
* The realms configured for the security provider.
|
|
157
180
|
*/
|
|
158
181
|
protected readonly realms: Realm[];
|
|
159
|
-
protected start: alepha15.
|
|
182
|
+
protected start: alepha15.HookPrimitive<"start">;
|
|
160
183
|
/**
|
|
161
184
|
* Adds a role to one or more realms.
|
|
162
185
|
*
|
|
@@ -291,15 +314,15 @@ interface SecurityCheckResult {
|
|
|
291
314
|
ownership: string | boolean | undefined;
|
|
292
315
|
}
|
|
293
316
|
//#endregion
|
|
294
|
-
//#region src/security/
|
|
317
|
+
//#region src/security/primitives/$permission.d.ts
|
|
295
318
|
/**
|
|
296
319
|
* Create a new permission.
|
|
297
320
|
*/
|
|
298
321
|
declare const $permission: {
|
|
299
|
-
(options?:
|
|
300
|
-
[KIND]: typeof
|
|
322
|
+
(options?: PermissionPrimitiveOptions): PermissionPrimitive;
|
|
323
|
+
[KIND]: typeof PermissionPrimitive;
|
|
301
324
|
};
|
|
302
|
-
interface
|
|
325
|
+
interface PermissionPrimitiveOptions {
|
|
303
326
|
/**
|
|
304
327
|
* Name of the permission. Use Property name is not provided.
|
|
305
328
|
*/
|
|
@@ -313,7 +336,7 @@ interface PermissionDescriptorOptions {
|
|
|
313
336
|
*/
|
|
314
337
|
description?: string;
|
|
315
338
|
}
|
|
316
|
-
declare class
|
|
339
|
+
declare class PermissionPrimitive extends Primitive<PermissionPrimitiveOptions> {
|
|
317
340
|
protected readonly securityProvider: SecurityProvider;
|
|
318
341
|
get name(): string;
|
|
319
342
|
get group(): string;
|
|
@@ -325,15 +348,15 @@ declare class PermissionDescriptor extends Descriptor<PermissionDescriptorOption
|
|
|
325
348
|
can(user: UserAccount): boolean;
|
|
326
349
|
}
|
|
327
350
|
//#endregion
|
|
328
|
-
//#region src/security/
|
|
351
|
+
//#region src/security/primitives/$realm.d.ts
|
|
329
352
|
/**
|
|
330
353
|
* Create a new realm.
|
|
331
354
|
*/
|
|
332
355
|
declare const $realm: {
|
|
333
|
-
(options:
|
|
334
|
-
[KIND]: typeof
|
|
356
|
+
(options: RealmPrimitiveOptions): RealmPrimitive;
|
|
357
|
+
[KIND]: typeof RealmPrimitive;
|
|
335
358
|
};
|
|
336
|
-
type
|
|
359
|
+
type RealmPrimitiveOptions = {
|
|
337
360
|
/**
|
|
338
361
|
* Define the realm name.
|
|
339
362
|
* If not provided, it will use the property key.
|
|
@@ -396,7 +419,7 @@ interface RealmExternal {
|
|
|
396
419
|
*/
|
|
397
420
|
jwks: (() => string) | JSONWebKeySet;
|
|
398
421
|
}
|
|
399
|
-
declare class
|
|
422
|
+
declare class RealmPrimitive extends Primitive<RealmPrimitiveOptions> {
|
|
400
423
|
protected readonly securityProvider: SecurityProvider;
|
|
401
424
|
protected readonly dateTimeProvider: DateTimeProvider;
|
|
402
425
|
protected readonly jwt: JwtProvider;
|
|
@@ -446,15 +469,15 @@ interface AccessTokenResponse {
|
|
|
446
469
|
scope?: string;
|
|
447
470
|
}
|
|
448
471
|
//#endregion
|
|
449
|
-
//#region src/security/
|
|
472
|
+
//#region src/security/primitives/$role.d.ts
|
|
450
473
|
/**
|
|
451
474
|
* Create a new role.
|
|
452
475
|
*/
|
|
453
476
|
declare const $role: {
|
|
454
|
-
(options?:
|
|
455
|
-
[KIND]: typeof
|
|
477
|
+
(options?: RolePrimitiveOptions): RolePrimitive;
|
|
478
|
+
[KIND]: typeof RolePrimitive;
|
|
456
479
|
};
|
|
457
|
-
interface
|
|
480
|
+
interface RolePrimitiveOptions {
|
|
458
481
|
/**
|
|
459
482
|
* Name of the role.
|
|
460
483
|
*/
|
|
@@ -463,26 +486,26 @@ interface RoleDescriptorOptions {
|
|
|
463
486
|
* Describe the role.
|
|
464
487
|
*/
|
|
465
488
|
description?: string;
|
|
466
|
-
realm?: string |
|
|
489
|
+
realm?: string | RealmPrimitive;
|
|
467
490
|
permissions?: Array<string | {
|
|
468
491
|
name: string;
|
|
469
492
|
ownership?: boolean;
|
|
470
493
|
exclude?: string[];
|
|
471
494
|
}>;
|
|
472
495
|
}
|
|
473
|
-
declare class
|
|
496
|
+
declare class RolePrimitive extends Primitive<RolePrimitiveOptions> {
|
|
474
497
|
protected readonly securityProvider: SecurityProvider;
|
|
475
498
|
get name(): string;
|
|
476
499
|
protected onInit(): void;
|
|
477
500
|
/**
|
|
478
501
|
* Get the realm of the role.
|
|
479
502
|
*/
|
|
480
|
-
get realm(): string |
|
|
481
|
-
can(permission: string |
|
|
482
|
-
check(permission: string |
|
|
503
|
+
get realm(): string | RealmPrimitive | undefined;
|
|
504
|
+
can(permission: string | PermissionPrimitive): boolean;
|
|
505
|
+
check(permission: string | PermissionPrimitive): SecurityCheckResult;
|
|
483
506
|
}
|
|
484
507
|
//#endregion
|
|
485
|
-
//#region src/security/
|
|
508
|
+
//#region src/security/primitives/$serviceAccount.d.ts
|
|
486
509
|
/**
|
|
487
510
|
* Allow to get an access token for a service account.
|
|
488
511
|
*
|
|
@@ -511,16 +534,16 @@ declare class RoleDescriptor extends Descriptor<RoleDescriptorOptions> {
|
|
|
511
534
|
* }
|
|
512
535
|
* ```
|
|
513
536
|
*/
|
|
514
|
-
declare const $serviceAccount: (options:
|
|
515
|
-
type
|
|
537
|
+
declare const $serviceAccount: (options: ServiceAccountPrimitiveOptions) => ServiceAccountPrimitive;
|
|
538
|
+
type ServiceAccountPrimitiveOptions = {
|
|
516
539
|
gracePeriod?: number;
|
|
517
540
|
} & ({
|
|
518
|
-
oauth2:
|
|
541
|
+
oauth2: Oauth2ServiceAccountPrimitiveOptions;
|
|
519
542
|
} | {
|
|
520
|
-
realm:
|
|
543
|
+
realm: RealmPrimitive;
|
|
521
544
|
user: UserAccount;
|
|
522
545
|
});
|
|
523
|
-
interface
|
|
546
|
+
interface Oauth2ServiceAccountPrimitiveOptions {
|
|
524
547
|
/**
|
|
525
548
|
* Get Token URL.
|
|
526
549
|
*/
|
|
@@ -534,36 +557,13 @@ interface Oauth2ServiceAccountDescriptorOptions {
|
|
|
534
557
|
*/
|
|
535
558
|
clientSecret: string;
|
|
536
559
|
}
|
|
537
|
-
interface
|
|
560
|
+
interface ServiceAccountPrimitive {
|
|
538
561
|
token: () => Promise<string>;
|
|
539
562
|
}
|
|
540
563
|
interface ServiceAccountStore {
|
|
541
564
|
response?: AccessTokenResponse;
|
|
542
565
|
}
|
|
543
566
|
//#endregion
|
|
544
|
-
//#region src/security/errors/InvalidCredentialsError.d.ts
|
|
545
|
-
/**
|
|
546
|
-
* Error thrown when the provided credentials are invalid.
|
|
547
|
-
*
|
|
548
|
-
* Message can not be changed to avoid leaking information.
|
|
549
|
-
* Cause is omitted for the same reason.
|
|
550
|
-
*/
|
|
551
|
-
declare class InvalidCredentialsError extends UnauthorizedError {
|
|
552
|
-
readonly name = "UnauthorizedError";
|
|
553
|
-
constructor();
|
|
554
|
-
}
|
|
555
|
-
//#endregion
|
|
556
|
-
//#region src/security/errors/InvalidPermissionError.d.ts
|
|
557
|
-
declare class InvalidPermissionError extends Error {
|
|
558
|
-
constructor(name: string);
|
|
559
|
-
}
|
|
560
|
-
//#endregion
|
|
561
|
-
//#region src/security/errors/SecurityError.d.ts
|
|
562
|
-
declare class SecurityError extends Error {
|
|
563
|
-
name: string;
|
|
564
|
-
readonly status = 403;
|
|
565
|
-
}
|
|
566
|
-
//#endregion
|
|
567
567
|
//#region src/security/providers/CryptoProvider.d.ts
|
|
568
568
|
declare class CryptoProvider {
|
|
569
569
|
hashPassword(password: string): Promise<string>;
|
|
@@ -583,7 +583,7 @@ declare module "alepha" {
|
|
|
583
583
|
/**
|
|
584
584
|
* Provides comprehensive authentication and authorization capabilities with JWT tokens, role-based access control, and user management.
|
|
585
585
|
*
|
|
586
|
-
* The security module enables building secure applications using
|
|
586
|
+
* The security module enables building secure applications using primitives like `$realm`, `$role`, and `$permission`
|
|
587
587
|
* on class properties. It offers JWT-based authentication, fine-grained permissions, service accounts, and seamless
|
|
588
588
|
* integration with various authentication providers and user management systems.
|
|
589
589
|
*
|
|
@@ -594,5 +594,5 @@ declare module "alepha" {
|
|
|
594
594
|
*/
|
|
595
595
|
declare const AlephaSecurity: alepha15.Service<alepha15.Module>;
|
|
596
596
|
//#endregion
|
|
597
|
-
export { $permission, $realm, $role, $serviceAccount, AccessTokenResponse, AlephaSecurity, CreateTokenOptions, CryptoProvider, DEFAULT_APP_SECRET, ExtendedJWTPayload, InvalidCredentialsError, InvalidPermissionError, JwtParseResult, JwtProvider, JwtSignOptions, KeyLoader, KeyLoaderHolder,
|
|
597
|
+
export { $permission, $realm, $role, $serviceAccount, AccessTokenResponse, AlephaSecurity, CreateTokenOptions, CryptoProvider, DEFAULT_APP_SECRET, ExtendedJWTPayload, InvalidCredentialsError, InvalidPermissionError, JwtParseResult, JwtProvider, JwtSignOptions, KeyLoader, KeyLoaderHolder, Oauth2ServiceAccountPrimitiveOptions, Permission, PermissionPrimitive, PermissionPrimitiveOptions, Realm, RealmExternal, RealmInternal, RealmPrimitive, RealmPrimitiveOptions, RealmSettings, Role, RolePrimitive, RolePrimitiveOptions, SecurityCheckResult, SecurityError, SecurityProvider, ServiceAccountPrimitive, ServiceAccountPrimitiveOptions, ServiceAccountStore, UserAccount, UserAccountToken, permissionSchema, roleSchema, userAccountInfoSchema };
|
|
598
598
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/security/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { $context, $env, $hook, $inject, $module, Alepha, AlephaError, AppNotStartedError, ContainerLockedError,
|
|
1
|
+
import { $context, $env, $hook, $inject, $module, Alepha, AlephaError, AppNotStartedError, ContainerLockedError, KIND, Primitive, createPrimitive, t } from "alepha";
|
|
2
2
|
import { $logger } from "alepha/logger";
|
|
3
3
|
import { createSecretKey, randomBytes, randomUUID, scrypt, timingSafeEqual } from "node:crypto";
|
|
4
4
|
import { DateTimeProvider } from "alepha/datetime";
|
|
@@ -700,11 +700,11 @@ const asymmetricTypeCheck = (alg, key, usage) => {
|
|
|
700
700
|
case "decrypt":
|
|
701
701
|
case "sign":
|
|
702
702
|
if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage)) return;
|
|
703
|
-
throw new TypeError(`JSON Web Key for this operation be a private JWK`);
|
|
703
|
+
throw new TypeError(`JSON Web Key for this operation must be a private JWK`);
|
|
704
704
|
case "encrypt":
|
|
705
705
|
case "verify":
|
|
706
706
|
if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage)) return;
|
|
707
|
-
throw new TypeError(`JSON Web Key for this operation be a public JWK`);
|
|
707
|
+
throw new TypeError(`JSON Web Key for this operation must be a public JWK`);
|
|
708
708
|
}
|
|
709
709
|
if (!isKeyLike(key)) throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key"));
|
|
710
710
|
if (key.type === "secret") throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
@@ -1310,7 +1310,7 @@ function isCloudflareWorkers() {
|
|
|
1310
1310
|
return typeof WebSocketPair !== "undefined" || typeof navigator !== "undefined" && navigator.userAgent === "Cloudflare-Workers" || typeof EdgeRuntime !== "undefined" && EdgeRuntime === "vercel";
|
|
1311
1311
|
}
|
|
1312
1312
|
let USER_AGENT;
|
|
1313
|
-
if (typeof navigator === "undefined" || !navigator.userAgent?.startsWith?.("Mozilla/5.0 ")) USER_AGENT = `jose/v6.1.
|
|
1313
|
+
if (typeof navigator === "undefined" || !navigator.userAgent?.startsWith?.("Mozilla/5.0 ")) USER_AGENT = `jose/v6.1.3`;
|
|
1314
1314
|
const customFetch = Symbol();
|
|
1315
1315
|
async function fetchJwks(url, headers, signal, fetchImpl = fetch) {
|
|
1316
1316
|
const response = await fetchImpl(url, {
|
|
@@ -1941,14 +1941,14 @@ var SecurityProvider = class {
|
|
|
1941
1941
|
};
|
|
1942
1942
|
|
|
1943
1943
|
//#endregion
|
|
1944
|
-
//#region src/security/
|
|
1944
|
+
//#region src/security/primitives/$permission.ts
|
|
1945
1945
|
/**
|
|
1946
1946
|
* Create a new permission.
|
|
1947
1947
|
*/
|
|
1948
1948
|
const $permission = (options = {}) => {
|
|
1949
|
-
return
|
|
1949
|
+
return createPrimitive(PermissionPrimitive, options);
|
|
1950
1950
|
};
|
|
1951
|
-
var
|
|
1951
|
+
var PermissionPrimitive = class extends Primitive {
|
|
1952
1952
|
securityProvider = $inject(SecurityProvider);
|
|
1953
1953
|
get name() {
|
|
1954
1954
|
return this.options.name || this.config.propertyKey;
|
|
@@ -1974,17 +1974,17 @@ var PermissionDescriptor = class extends Descriptor {
|
|
|
1974
1974
|
return this.securityProvider.checkPermission(this, ...user.roles).isAuthorized;
|
|
1975
1975
|
}
|
|
1976
1976
|
};
|
|
1977
|
-
$permission[KIND] =
|
|
1977
|
+
$permission[KIND] = PermissionPrimitive;
|
|
1978
1978
|
|
|
1979
1979
|
//#endregion
|
|
1980
|
-
//#region src/security/
|
|
1980
|
+
//#region src/security/primitives/$realm.ts
|
|
1981
1981
|
/**
|
|
1982
1982
|
* Create a new realm.
|
|
1983
1983
|
*/
|
|
1984
1984
|
const $realm = (options) => {
|
|
1985
|
-
return
|
|
1985
|
+
return createPrimitive(RealmPrimitive, options);
|
|
1986
1986
|
};
|
|
1987
|
-
var
|
|
1987
|
+
var RealmPrimitive = class extends Primitive {
|
|
1988
1988
|
securityProvider = $inject(SecurityProvider);
|
|
1989
1989
|
dateTimeProvider = $inject(DateTimeProvider);
|
|
1990
1990
|
jwt = $inject(JwtProvider);
|
|
@@ -2129,17 +2129,17 @@ var RealmDescriptor = class extends Descriptor {
|
|
|
2129
2129
|
};
|
|
2130
2130
|
}
|
|
2131
2131
|
};
|
|
2132
|
-
$realm[KIND] =
|
|
2132
|
+
$realm[KIND] = RealmPrimitive;
|
|
2133
2133
|
|
|
2134
2134
|
//#endregion
|
|
2135
|
-
//#region src/security/
|
|
2135
|
+
//#region src/security/primitives/$role.ts
|
|
2136
2136
|
/**
|
|
2137
2137
|
* Create a new role.
|
|
2138
2138
|
*/
|
|
2139
2139
|
const $role = (options = {}) => {
|
|
2140
|
-
return
|
|
2140
|
+
return createPrimitive(RolePrimitive, options);
|
|
2141
2141
|
};
|
|
2142
|
-
var
|
|
2142
|
+
var RolePrimitive = class extends Primitive {
|
|
2143
2143
|
securityProvider = $inject(SecurityProvider);
|
|
2144
2144
|
get name() {
|
|
2145
2145
|
return this.options.name || this.config.propertyKey;
|
|
@@ -2167,7 +2167,7 @@ var RoleDescriptor = class extends Descriptor {
|
|
|
2167
2167
|
return this.securityProvider.checkPermission(permission, this.name);
|
|
2168
2168
|
}
|
|
2169
2169
|
};
|
|
2170
|
-
$role[KIND] =
|
|
2170
|
+
$role[KIND] = RolePrimitive;
|
|
2171
2171
|
|
|
2172
2172
|
//#endregion
|
|
2173
2173
|
//#region src/security/providers/CryptoProvider.ts
|
|
@@ -2199,7 +2199,22 @@ var CryptoProvider = class {
|
|
|
2199
2199
|
};
|
|
2200
2200
|
|
|
2201
2201
|
//#endregion
|
|
2202
|
-
//#region src/security/
|
|
2202
|
+
//#region src/security/errors/InvalidCredentialsError.ts
|
|
2203
|
+
/**
|
|
2204
|
+
* Error thrown when the provided credentials are invalid.
|
|
2205
|
+
*
|
|
2206
|
+
* Message can not be changed to avoid leaking information.
|
|
2207
|
+
* Cause is omitted for the same reason.
|
|
2208
|
+
*/
|
|
2209
|
+
var InvalidCredentialsError = class extends UnauthorizedError {
|
|
2210
|
+
name = "UnauthorizedError";
|
|
2211
|
+
constructor() {
|
|
2212
|
+
super("Invalid credentials");
|
|
2213
|
+
}
|
|
2214
|
+
};
|
|
2215
|
+
|
|
2216
|
+
//#endregion
|
|
2217
|
+
//#region src/security/primitives/$serviceAccount.ts
|
|
2203
2218
|
/**
|
|
2204
2219
|
* Allow to get an access token for a service account.
|
|
2205
2220
|
*
|
|
@@ -2298,21 +2313,6 @@ const $serviceAccount = (options) => {
|
|
|
2298
2313
|
} };
|
|
2299
2314
|
};
|
|
2300
2315
|
|
|
2301
|
-
//#endregion
|
|
2302
|
-
//#region src/security/errors/InvalidCredentialsError.ts
|
|
2303
|
-
/**
|
|
2304
|
-
* Error thrown when the provided credentials are invalid.
|
|
2305
|
-
*
|
|
2306
|
-
* Message can not be changed to avoid leaking information.
|
|
2307
|
-
* Cause is omitted for the same reason.
|
|
2308
|
-
*/
|
|
2309
|
-
var InvalidCredentialsError = class extends UnauthorizedError {
|
|
2310
|
-
name = "UnauthorizedError";
|
|
2311
|
-
constructor() {
|
|
2312
|
-
super("Invalid credentials");
|
|
2313
|
-
}
|
|
2314
|
-
};
|
|
2315
|
-
|
|
2316
2316
|
//#endregion
|
|
2317
2317
|
//#region src/security/schemas/permissionSchema.ts
|
|
2318
2318
|
const permissionSchema = t.object({
|
|
@@ -2357,7 +2357,7 @@ const userAccountInfoSchema = t.object({
|
|
|
2357
2357
|
/**
|
|
2358
2358
|
* Provides comprehensive authentication and authorization capabilities with JWT tokens, role-based access control, and user management.
|
|
2359
2359
|
*
|
|
2360
|
-
* The security module enables building secure applications using
|
|
2360
|
+
* The security module enables building secure applications using primitives like `$realm`, `$role`, and `$permission`
|
|
2361
2361
|
* on class properties. It offers JWT-based authentication, fine-grained permissions, service accounts, and seamless
|
|
2362
2362
|
* integration with various authentication providers and user management systems.
|
|
2363
2363
|
*
|
|
@@ -2368,7 +2368,7 @@ const userAccountInfoSchema = t.object({
|
|
|
2368
2368
|
*/
|
|
2369
2369
|
const AlephaSecurity = $module({
|
|
2370
2370
|
name: "alepha.security",
|
|
2371
|
-
|
|
2371
|
+
primitives: [
|
|
2372
2372
|
$realm,
|
|
2373
2373
|
$role,
|
|
2374
2374
|
$permission
|
|
@@ -2381,5 +2381,5 @@ const AlephaSecurity = $module({
|
|
|
2381
2381
|
});
|
|
2382
2382
|
|
|
2383
2383
|
//#endregion
|
|
2384
|
-
export { $permission, $realm, $role, $serviceAccount, AlephaSecurity, CryptoProvider, DEFAULT_APP_SECRET, InvalidCredentialsError, InvalidPermissionError, JwtProvider,
|
|
2384
|
+
export { $permission, $realm, $role, $serviceAccount, AlephaSecurity, CryptoProvider, DEFAULT_APP_SECRET, InvalidCredentialsError, InvalidPermissionError, JwtProvider, PermissionPrimitive, RealmPrimitive, RolePrimitive, SecurityError, SecurityProvider, permissionSchema, roleSchema, userAccountInfoSchema };
|
|
2385
2385
|
//# sourceMappingURL=index.js.map
|