carta-controller 3.0.0-beta.2 → 3.0.0-dev.20220222
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/config/config_schema.json +16 -0
- package/config/preference_backend_schema_2.json +12 -4
- package/dist/auth/index.js +3 -0
- package/dist/auth/index.js.map +1 -1
- package/dist/auth/ldap.js +1 -1
- package/dist/auth/ldap.js.map +1 -1
- package/dist/auth/local.js +37 -16
- package/dist/auth/local.js.map +1 -1
- package/dist/auth/pam.js +1 -1
- package/dist/auth/pam.js.map +1 -1
- package/dist/controllerTests.js +1 -1
- package/dist/index.js +8 -7
- package/dist/serverHandlers.js +38 -1
- package/dist/types.js +7 -0
- package/package.json +2 -2
- package/public/dashboard.js +2 -2
|
@@ -124,6 +124,16 @@
|
|
|
124
124
|
"1h",
|
|
125
125
|
"15m"
|
|
126
126
|
]
|
|
127
|
+
},
|
|
128
|
+
"scriptingTokenAge": {
|
|
129
|
+
"description": "Lifetime of scripting tokens",
|
|
130
|
+
"type": "string",
|
|
131
|
+
"default": "1w",
|
|
132
|
+
"examples": [
|
|
133
|
+
"1w",
|
|
134
|
+
"5d",
|
|
135
|
+
"10h"
|
|
136
|
+
]
|
|
127
137
|
}
|
|
128
138
|
}
|
|
129
139
|
},
|
|
@@ -575,6 +585,12 @@
|
|
|
575
585
|
]
|
|
576
586
|
}
|
|
577
587
|
}
|
|
588
|
+
},
|
|
589
|
+
"scriptingAccess": {
|
|
590
|
+
"description": "Control scripting access for users.",
|
|
591
|
+
"type": "string",
|
|
592
|
+
"enum": ["enabled-all-users", "disabled-all-users", "opt-in"],
|
|
593
|
+
"default": "disabled-all-users"
|
|
578
594
|
}
|
|
579
595
|
},
|
|
580
596
|
"if": {
|
|
@@ -29,6 +29,14 @@
|
|
|
29
29
|
"type": "boolean",
|
|
30
30
|
"default": false
|
|
31
31
|
},
|
|
32
|
+
"no_frontend": {
|
|
33
|
+
"type": "boolean",
|
|
34
|
+
"default": false
|
|
35
|
+
},
|
|
36
|
+
"no_database": {
|
|
37
|
+
"type": "boolean",
|
|
38
|
+
"default": false
|
|
39
|
+
},
|
|
32
40
|
"no_http": {
|
|
33
41
|
"type": "boolean",
|
|
34
42
|
"default": false
|
|
@@ -50,10 +58,6 @@
|
|
|
50
58
|
"type": ["integer", "array"],
|
|
51
59
|
"default": 3002
|
|
52
60
|
},
|
|
53
|
-
"grpc_port": {
|
|
54
|
-
"type": "integer",
|
|
55
|
-
"default": -1
|
|
56
|
-
},
|
|
57
61
|
"omp_threads": {
|
|
58
62
|
"type": "integer",
|
|
59
63
|
"default": -1
|
|
@@ -92,6 +96,10 @@
|
|
|
92
96
|
"event_thread_count": {
|
|
93
97
|
"type": "integer",
|
|
94
98
|
"default": -1
|
|
99
|
+
},
|
|
100
|
+
"enable_scripting": {
|
|
101
|
+
"type": "boolean",
|
|
102
|
+
"default": false
|
|
95
103
|
}
|
|
96
104
|
}
|
|
97
105
|
}
|
package/dist/auth/index.js
CHANGED
package/dist/auth/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAoC;AACpC,mCAAmC;AACnC,kCAAgC;AAEhC,sCAAsD;AACtD,yCAAqE;AACrE,mCAA2E;AAC3E,iCAA2C;AAC3C,+BAAyC;AACzC,qCAAoE;AAEpE,2CAA2C;AAC3C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAoB,CAAC;AACnD,qCAAqC;AACrC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAC;AAE5C,IAAI,YAAY,GAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC5C,MAAM,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,uBAAuB,EAAC,CAAC;AAC9D,CAAC,CAAC;AAEF,IAAI,cAAc,GAAwB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACnD,MAAM,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,+BAA+B,EAAC,CAAC;AACtE,CAAC,CAAC;AAEF,kBAAkB;AAClB,IAAI,qBAAY,CAAC,aAAa,CAAC,GAAG,EAAE;IAChC,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,GAAG,CAAC;IAChD,6BAAqB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAChD,YAAY,GAAG,wBAAkB,CAAC,QAAQ,CAAC,CAAC;IAC5C,cAAc,GAAG,mCAA2B,CAAC,QAAQ,CAAC,CAAC;CAC1D;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,IAAI,EAAE;IACxC,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,IAAI,CAAC;IACjD,6BAAqB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAChD,YAAY,GAAG,0BAAmB,CAAC,QAAQ,CAAC,CAAC;IAC7C,cAAc,GAAG,mCAA2B,CAAC,QAAQ,CAAC,CAAC;CAC1D;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,MAAM,EAAE;IAC1C,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,MAAM,CAAC;IACnD,+BAAsB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IACjD,IAAI,QAAQ,CAAC,eAAe,EAAE;QAC1B,yBAAc,CAAC,QAAQ,EAAE,2BAAkB,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;KAC1E;CACJ;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,QAAQ,EAAE;IAC5C,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,QAAQ,CAAC;IACrD,oCAAyB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,QAAQ,CAAC,eAAe,CAAC;IAC3C,IAAI,SAAS,EAAE;QACX,yBAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;KACzD;CACJ;AAED,iCAAiC;AACjC,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE;IACtB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACnB;AAED,SAAsB,WAAW,CAAC,YAAoB;;QAClD,MAAM,SAAS,GAAQ,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,SAAS,IAAI,SAAS,CAAC,GAAG,EAAE;YAC5B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnD,IAAI,QAAQ,EAAE;gBACV,OAAO,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;aACvC;SACJ;QACD,OAAO,SAAS,CAAC;IACrB,CAAC;CAAA;AATD,kCASC;AAED,SAAgB,OAAO,CAAC,QAAgB,EAAE,MAAc;IACpD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,OAAO,EAAE;QACT,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;KAChC;SAAM;QACH,OAAO,QAAQ,CAAC;KACnB;AACL,CAAC;AAPD,0BAOC;AAED,qGAAqG;AACrG,SAAsB,SAAS,CAAC,GAAyB,EAAE,GAAqB,EAAE,IAA0B;;QACxG,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC;QAC9B,IAAI,WAAW,EAAE;YACb,IAAI;gBACA,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;gBAC7C,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE;oBAC3B,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAC,CAAC,CAAC;iBACtD;qBAAM;oBACH,GAAG,CAAC,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;oBAClD,IAAI,EAAE,CAAC;iBACV;aACJ;YAAC,OAAO,GAAG,EAAE;gBACV,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAC,CAAC,CAAC;aACjD;SACJ;aAAM;YACH,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAC,CAAC,CAAC;SACtD;IACL,CAAC;CAAA;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAAoC;AACpC,mCAAmC;AACnC,kCAAgC;AAEhC,sCAAsD;AACtD,yCAAqE;AACrE,mCAA2E;AAC3E,iCAA2C;AAC3C,+BAAyC;AACzC,qCAAoE;AAEpE,2CAA2C;AAC3C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAoB,CAAC;AACnD,qCAAqC;AACrC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAmB,CAAC;AAE5C,IAAI,YAAY,GAAmB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IAC5C,MAAM,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,uBAAuB,EAAC,CAAC;AAC9D,CAAC,CAAC;AAEF,IAAI,cAAc,GAAwB,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;IACnD,MAAM,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,+BAA+B,EAAC,CAAC;AACtE,CAAC,CAAC;AAEF,kBAAkB;AAClB,IAAI,qBAAY,CAAC,aAAa,CAAC,GAAG,EAAE;IAChC,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,GAAG,CAAC;IAChD,6BAAqB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAChD,YAAY,GAAG,wBAAkB,CAAC,QAAQ,CAAC,CAAC;IAC5C,cAAc,GAAG,mCAA2B,CAAC,QAAQ,CAAC,CAAC;CAC1D;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,IAAI,EAAE;IACxC,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,IAAI,CAAC;IACjD,6BAAqB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAChD,YAAY,GAAG,0BAAmB,CAAC,QAAQ,CAAC,CAAC;IAC7C,cAAc,GAAG,mCAA2B,CAAC,QAAQ,CAAC,CAAC;CAC1D;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,MAAM,EAAE;IAC1C,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,MAAM,CAAC;IACnD,+BAAsB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IACjD,IAAI,QAAQ,CAAC,eAAe,EAAE;QAC1B,yBAAc,CAAC,QAAQ,EAAE,2BAAkB,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;KAC1E;CACJ;KAAM,IAAI,qBAAY,CAAC,aAAa,CAAC,QAAQ,EAAE;IAC5C,MAAM,QAAQ,GAAG,qBAAY,CAAC,aAAa,CAAC,QAAQ,CAAC;IACrD,oCAAyB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,QAAQ,CAAC,eAAe,CAAC;IAC3C,IAAI,SAAS,EAAE;QACX,yBAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;KACzD;CACJ;AAED,iCAAiC;AACjC,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE;IACtB,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;CACnB;AAED,SAAsB,WAAW,CAAC,YAAoB;;QAClD,MAAM,SAAS,GAAQ,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAChD,IAAI,SAAS,IAAI,SAAS,CAAC,GAAG,EAAE;YAC5B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YACnD,IAAI,QAAQ,EAAE;gBACV,OAAO,MAAM,QAAQ,CAAC,YAAY,CAAC,CAAC;aACvC;SACJ;QACD,OAAO,SAAS,CAAC;IACrB,CAAC;CAAA;AATD,kCASC;AAED,SAAgB,OAAO,CAAC,QAAgB,EAAE,MAAc;IACpD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACrC,IAAI,OAAO,EAAE;QACT,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;KAChC;SAAM;QACH,OAAO,QAAQ,CAAC;KACnB;AACL,CAAC;AAPD,0BAOC;AAED,qGAAqG;AACrG,SAAsB,SAAS,CAAC,GAAyB,EAAE,GAAqB,EAAE,IAA0B;;QACxG,MAAM,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC;QAC9B,IAAI,WAAW,EAAE;YACb,IAAI;gBACA,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;gBAC7C,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE;oBAC3B,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAC,CAAC,CAAC;iBACtD;qBAAM;oBACH,GAAG,CAAC,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;oBAClD,IAAI,KAAK,CAAC,SAAS,EAAE;wBACjB,GAAG,CAAC,SAAS,GAAG,IAAI,CAAC;qBACxB;oBACD,IAAI,EAAE,CAAC;iBACV;aACJ;YAAC,OAAO,GAAG,EAAE;gBACV,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAC,CAAC,CAAC;aACjD;SACJ;aAAM;YACH,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAC,CAAC,CAAC;SACtD;IACL,CAAC;CAAA;AApBD,8BAoBC;AAED,SAAS,aAAa,CAAC,GAAoB,EAAE,GAAqB;IAC9D,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,EAAE;QAC5B,IAAI,EAAE,sBAAa,CAAC,QAAQ;QAC5B,MAAM,EAAE,CAAC;QACT,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,CAAC,qBAAY,CAAC,QAAQ;QAC9B,QAAQ,EAAE,QAAQ;KACrB,CAAC,CAAC;IACH,OAAO,GAAG,CAAC,IAAI,CAAC,EAAC,OAAO,EAAE,IAAI,EAAC,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,eAAe,CAAC,GAAyB,EAAE,GAAqB;IACrE,GAAG,CAAC,IAAI,CAAC;QACL,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,GAAG,CAAC,QAAQ;KACzB,CAAC,CAAC;AACP,CAAC;AAEY,QAAA,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;AAC3C,kBAAU,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAO,EAAE,YAAY,CAAC,CAAC;AACjD,kBAAU,CAAC,IAAI,CAAC,SAAS,EAAE,cAAO,EAAE,aAAa,CAAC,CAAC;AACnD,kBAAU,CAAC,IAAI,CAAC,UAAU,EAAE,cAAO,EAAE,cAAc,CAAC,CAAC;AACrD,kBAAU,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,EAAE,cAAO,EAAE,eAAe,CAAC,CAAC"}
|
package/dist/auth/ldap.js
CHANGED
|
@@ -38,7 +38,7 @@ function getLdapLoginHandler(authConf) {
|
|
|
38
38
|
try {
|
|
39
39
|
const uid = userid.uid(username);
|
|
40
40
|
console.log(`Authenticated as user ${username} with uid ${uid} using LDAP`);
|
|
41
|
-
return local_1.addTokensToResponse(authConf, username
|
|
41
|
+
return local_1.addTokensToResponse(res, authConf, username);
|
|
42
42
|
}
|
|
43
43
|
catch (e) {
|
|
44
44
|
util_1.verboseError(e);
|
package/dist/auth/ldap.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ldap.js","sourceRoot":"","sources":["../../src/auth/ldap.ts"],"names":[],"mappings":";;;AACA,iCAAiC;AACjC,0CAA0C;AAE1C,mCAA4C;AAC5C,kCAAiD;AAEjD,IAAI,IAAc,CAAC;AAEnB,SAAgB,mBAAmB,CAAC,QAA6B;IAC7D,IAAI,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC1C,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1D,UAAU,CAAC,GAAG,EAAE;;QACZ,MAAM,aAAa,GAAG,MAAA,MAAC,IAAY,0CAAE,WAAW,0CAAE,SAAS,CAAC;QAC5D,IAAI,aAAa,EAAE;YACf,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;SAC3C;aAAM;YACH,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;SACxC;IACL,CAAC,EAAE,IAAI,CAAC,CAAC;IAET,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,EAAE;;QACnD,IAAI,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAEpC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE;YACxB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAC,CAAC,CAAC;SACtF;QAED,MAAM,UAAU,GAAG,CAAC,GAAmB,EAAE,IAAS,EAAE,EAAE;YAClD,IAAI,GAAG,EAAE;gBACL,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,iCAAiC,EAAC,CAAC,CAAC;aAC9F;YACD,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,MAAK,QAAQ,EAAE;gBACxB,OAAO,CAAC,IAAI,CAAC,sBAAsB,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,8BAA8B,QAAQ,GAAG,CAAC,CAAC;gBACvF,iBAAU,CAAC,IAAI,CAAC,CAAC;aACpB;YACD,IAAI;gBACA,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,yBAAyB,QAAQ,aAAa,GAAG,aAAa,CAAC,CAAC;gBAC5E,OAAO,2BAAmB,CAAC,
|
|
1
|
+
{"version":3,"file":"ldap.js","sourceRoot":"","sources":["../../src/auth/ldap.ts"],"names":[],"mappings":";;;AACA,iCAAiC;AACjC,0CAA0C;AAE1C,mCAA4C;AAC5C,kCAAiD;AAEjD,IAAI,IAAc,CAAC;AAEnB,SAAgB,mBAAmB,CAAC,QAA6B;IAC7D,IAAI,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC1C,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1D,UAAU,CAAC,GAAG,EAAE;;QACZ,MAAM,aAAa,GAAG,MAAA,MAAC,IAAY,0CAAE,WAAW,0CAAE,SAAS,CAAC;QAC5D,IAAI,aAAa,EAAE;YACf,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;SAC3C;aAAM;YACH,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;SACxC;IACL,CAAC,EAAE,IAAI,CAAC,CAAC;IAET,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,EAAE;;QACnD,IAAI,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAEpC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE;YACxB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAC,CAAC,CAAC;SACtF;QAED,MAAM,UAAU,GAAG,CAAC,GAAmB,EAAE,IAAS,EAAE,EAAE;YAClD,IAAI,GAAG,EAAE;gBACL,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBACnB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,iCAAiC,EAAC,CAAC,CAAC;aAC9F;YACD,IAAI,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,MAAK,QAAQ,EAAE;gBACxB,OAAO,CAAC,IAAI,CAAC,sBAAsB,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,GAAG,8BAA8B,QAAQ,GAAG,CAAC,CAAC;gBACvF,iBAAU,CAAC,IAAI,CAAC,CAAC;aACpB;YACD,IAAI;gBACA,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,yBAAyB,QAAQ,aAAa,GAAG,aAAa,CAAC,CAAC;gBAC5E,OAAO,2BAAmB,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;aACvD;YAAC,OAAO,CAAC,EAAE;gBACR,mBAAY,CAAC,CAAC,CAAC,CAAC;gBAChB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,qBAAqB,EAAC,CAAC,CAAC;aAClF;QACL,CAAC,CAAC;QAEF,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;;YAClD,MAAM,QAAQ,GAAG,KAAc,CAAC;YAChC,oDAAoD;YACpD,IAAI,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,IAAI,0CAAE,QAAQ,CAAC,8BAA8B,CAAC,EAAE;gBAC1D,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;gBACvE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACb,IAAI,GAAG,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;gBAC1C,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC;gBAC1D,+CAA+C;gBAC/C,UAAU,CAAC,GAAG,EAAE;oBACZ,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;gBACtD,CAAC,EAAE,GAAG,CAAC,CAAC;aACX;iBAAM;gBACH,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;aAC3B;QACL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC;AACN,CAAC;AAxDD,kDAwDC"}
|
package/dist/auth/local.js
CHANGED
|
@@ -9,33 +9,49 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.generateLocalRefreshHandler = exports.generateLocalVerifier = exports.addTokensToResponse = exports.generateToken = void 0;
|
|
12
|
+
exports.generateLocalRefreshHandler = exports.generateLocalVerifier = exports.addTokensToResponse = exports.generateToken = exports.TokenType = void 0;
|
|
13
|
+
const types_1 = require("../types");
|
|
13
14
|
const fs = require("fs");
|
|
14
15
|
const jwt = require("jsonwebtoken");
|
|
15
16
|
const userid = require("userid");
|
|
16
17
|
const index_1 = require("./index");
|
|
17
|
-
const ms = require("ms");
|
|
18
18
|
const config_1 = require("../config");
|
|
19
|
+
const ms = require("ms");
|
|
19
20
|
let privateKey;
|
|
20
|
-
|
|
21
|
+
var TokenType;
|
|
22
|
+
(function (TokenType) {
|
|
23
|
+
TokenType[TokenType["Access"] = 0] = "Access";
|
|
24
|
+
TokenType[TokenType["Refresh"] = 1] = "Refresh";
|
|
25
|
+
TokenType[TokenType["Scripting"] = 2] = "Scripting";
|
|
26
|
+
})(TokenType = exports.TokenType || (exports.TokenType = {}));
|
|
27
|
+
function generateToken(authConf, username, tokenType) {
|
|
21
28
|
if (!privateKey) {
|
|
22
29
|
privateKey = fs.readFileSync(authConf.privateKeyLocation);
|
|
23
30
|
}
|
|
24
31
|
if (!authConf || !privateKey) {
|
|
25
32
|
return null;
|
|
26
33
|
}
|
|
27
|
-
|
|
34
|
+
const payload = {
|
|
28
35
|
iss: authConf.issuer,
|
|
29
|
-
username
|
|
30
|
-
|
|
31
|
-
|
|
36
|
+
username
|
|
37
|
+
};
|
|
38
|
+
const options = {
|
|
32
39
|
algorithm: authConf.keyAlgorithm,
|
|
33
|
-
expiresIn:
|
|
34
|
-
}
|
|
40
|
+
expiresIn: authConf.accessTokenAge
|
|
41
|
+
};
|
|
42
|
+
if (tokenType === TokenType.Refresh) {
|
|
43
|
+
payload.refresh = true;
|
|
44
|
+
options.expiresIn = authConf.refreshTokenAge;
|
|
45
|
+
}
|
|
46
|
+
else if (tokenType === TokenType.Scripting) {
|
|
47
|
+
payload.scripting = true;
|
|
48
|
+
options.expiresIn = authConf.scriptingTokenAge;
|
|
49
|
+
}
|
|
50
|
+
return jwt.sign(payload, privateKey, options);
|
|
35
51
|
}
|
|
36
52
|
exports.generateToken = generateToken;
|
|
37
|
-
function addTokensToResponse(authConf, username
|
|
38
|
-
const refreshToken = generateToken(authConf, username,
|
|
53
|
+
function addTokensToResponse(res, authConf, username) {
|
|
54
|
+
const refreshToken = generateToken(authConf, username, TokenType.Refresh);
|
|
39
55
|
res.cookie("Refresh-Token", refreshToken, {
|
|
40
56
|
path: config_1.RuntimeConfig.authPath,
|
|
41
57
|
maxAge: ms(authConf.refreshTokenAge),
|
|
@@ -43,7 +59,7 @@ function addTokensToResponse(authConf, username, res) {
|
|
|
43
59
|
secure: !config_1.ServerConfig.httpOnly,
|
|
44
60
|
sameSite: "strict"
|
|
45
61
|
});
|
|
46
|
-
const access_token = generateToken(authConf, username,
|
|
62
|
+
const access_token = generateToken(authConf, username, TokenType.Access);
|
|
47
63
|
res.json({
|
|
48
64
|
access_token,
|
|
49
65
|
token_type: "bearer",
|
|
@@ -66,22 +82,27 @@ function generateLocalVerifier(verifierMap, authConf) {
|
|
|
66
82
|
exports.generateLocalVerifier = generateLocalVerifier;
|
|
67
83
|
function generateLocalRefreshHandler(authConf) {
|
|
68
84
|
return (req, res, next) => __awaiter(this, void 0, void 0, function* () {
|
|
85
|
+
var _a;
|
|
69
86
|
const refreshTokenCookie = req.cookies["Refresh-Token"];
|
|
87
|
+
const scriptingToken = ((_a = req.body) === null || _a === void 0 ? void 0 : _a.scripting) === true;
|
|
70
88
|
if (refreshTokenCookie) {
|
|
71
89
|
try {
|
|
72
90
|
const refreshToken = yield index_1.verifyToken(refreshTokenCookie);
|
|
73
|
-
if (!refreshToken || !refreshToken.username || !refreshToken.
|
|
91
|
+
if (!refreshToken || !refreshToken.username || !refreshToken.refresh) {
|
|
74
92
|
next({ statusCode: 403, message: "Not authorized" });
|
|
75
93
|
}
|
|
94
|
+
else if (scriptingToken && config_1.ServerConfig.scriptingAccess !== types_1.ScriptingAccess.Enabled) {
|
|
95
|
+
next({ statusCode: 500, message: "Scripting access not enabled for this server" });
|
|
96
|
+
}
|
|
76
97
|
else {
|
|
77
98
|
const uid = userid.uid(refreshToken.username);
|
|
78
|
-
const access_token = generateToken(authConf, refreshToken.username,
|
|
79
|
-
console.log(`Refreshed access token for user ${refreshToken.username} with uid ${uid}`);
|
|
99
|
+
const access_token = generateToken(authConf, refreshToken.username, scriptingToken ? TokenType.Scripting : TokenType.Access);
|
|
100
|
+
console.log(`Refreshed ${scriptingToken ? "scripting" : "access"} token for user ${refreshToken.username} with uid ${uid}`);
|
|
80
101
|
res.json({
|
|
81
102
|
access_token,
|
|
82
103
|
token_type: "bearer",
|
|
83
104
|
username: refreshToken.username,
|
|
84
|
-
expires_in: ms(authConf.accessTokenAge) / 1000
|
|
105
|
+
expires_in: ms(scriptingToken ? authConf.scriptingTokenAge : authConf.accessTokenAge) / 1000
|
|
85
106
|
});
|
|
86
107
|
}
|
|
87
108
|
}
|
package/dist/auth/local.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"local.js","sourceRoot":"","sources":["../../src/auth/local.ts"],"names":[],"mappings":";;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"local.js","sourceRoot":"","sources":["../../src/auth/local.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,oCAA+F;AAC/F,yBAAyB;AACzB,oCAAoC;AAGpC,iCAAiC;AACjC,mCAAoC;AACpC,sCAAsD;AACtD,yBAA0B;AAE1B,IAAI,UAAkB,CAAC;AAEvB,IAAY,SAIX;AAJD,WAAY,SAAS;IACjB,6CAAM,CAAA;IACN,+CAAO,CAAA;IACP,mDAAS,CAAA;AACb,CAAC,EAJW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAIpB;AAED,SAAgB,aAAa,CAAC,QAA8B,EAAE,QAAgB,EAAE,SAAoB;IAChG,IAAI,CAAC,UAAU,EAAE;QACb,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;KAC7D;IACD,IAAI,CAAC,QAAQ,IAAI,CAAC,UAAU,EAAE;QAC1B,OAAO,IAAI,CAAC;KACf;IAED,MAAM,OAAO,GAAQ;QACjB,GAAG,EAAE,QAAQ,CAAC,MAAM;QACpB,QAAQ;KACX,CAAC;IAEF,MAAM,OAAO,GAAoB;QAC7B,SAAS,EAAE,QAAQ,CAAC,YAAY;QAChC,SAAS,EAAE,QAAQ,CAAC,cAAc;KACrC,CAAC;IAEF,IAAI,SAAS,KAAK,SAAS,CAAC,OAAO,EAAE;QACjC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;QACvB,OAAO,CAAC,SAAS,GAAG,QAAQ,CAAC,eAAe,CAAC;KAChD;SAAM,IAAI,SAAS,KAAK,SAAS,CAAC,SAAS,EAAE;QAC1C,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;QACzB,OAAO,CAAC,SAAS,GAAG,QAAQ,CAAC,iBAAiB,CAAC;KAClD;IAED,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;AAClD,CAAC;AA3BD,sCA2BC;AAED,SAAgB,mBAAmB,CAAC,GAAqB,EAAE,QAA8B,EAAE,QAAgB;IACvG,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC;IAC1E,GAAG,CAAC,MAAM,CAAC,eAAe,EAAE,YAAY,EAAE;QACtC,IAAI,EAAE,sBAAa,CAAC,QAAQ;QAC5B,MAAM,EAAE,EAAE,CAAC,QAAQ,CAAC,eAAyB,CAAC;QAC9C,QAAQ,EAAE,IAAI;QACd,MAAM,EAAE,CAAC,qBAAY,CAAC,QAAQ;QAC9B,QAAQ,EAAE,QAAQ;KACrB,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;IAEzE,GAAG,CAAC,IAAI,CAAC;QACL,YAAY;QACZ,UAAU,EAAE,QAAQ;QACpB,UAAU,EAAE,EAAE,CAAC,QAAQ,CAAC,cAAwB,CAAC,GAAG,IAAI;KAC3D,CAAC,CAAC;AACP,CAAC;AAjBD,kDAiBC;AAED,SAAgB,qBAAqB,CAAC,WAAkC,EAAE,QAA8B;IACpG,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;IAC9D,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC,EAAE;QAC5C,MAAM,OAAO,GAAQ,GAAG,CAAC,MAAM,CAAC,YAAY,EAAE,SAAS,EAAE,EAAC,SAAS,EAAE,QAAQ,CAAC,YAAY,EAAkB,CAAC,CAAC;QAC9G,IAAI,OAAO,IAAI,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,MAAM,EAAE;YAC5C,OAAO,OAAO,CAAC;SAClB;aAAM;YACH,OAAO,SAAS,CAAC;SACpB;IACL,CAAC,CAAC,CAAC;AACP,CAAC;AAVD,sDAUC;AAED,SAAgB,2BAA2B,CAAC,QAA8B;IACtE,OAAO,CAAO,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAE,EAAE;;QACrF,MAAM,kBAAkB,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QACxD,MAAM,cAAc,GAAG,CAAA,MAAA,GAAG,CAAC,IAAI,0CAAE,SAAS,MAAK,IAAI,CAAC;QACpD,IAAI,kBAAkB,EAAE;YACpB,IAAI;gBACA,MAAM,YAAY,GAAG,MAAM,mBAAW,CAAC,kBAAkB,CAAC,CAAC;gBAC3D,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,CAAC,QAAQ,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE;oBAClE,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAC,CAAC,CAAC;iBACtD;qBAAM,IAAI,cAAc,IAAI,qBAAY,CAAC,eAAe,KAAK,uBAAe,CAAC,OAAO,EAAE;oBACnF,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,8CAA8C,EAAC,CAAC,CAAC;iBACpF;qBAAM;oBACH,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;oBAC9C,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;oBAC7H,OAAO,CAAC,GAAG,CAAC,aAAa,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,mBAAmB,YAAY,CAAC,QAAQ,aAAa,GAAG,EAAE,CAAC,CAAC;oBAC5H,GAAG,CAAC,IAAI,CAAC;wBACL,YAAY;wBACZ,UAAU,EAAE,QAAQ;wBACpB,QAAQ,EAAE,YAAY,CAAC,QAAQ;wBAC/B,UAAU,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAE,QAAQ,CAAC,cAAyB,CAAC,GAAG,IAAI;qBAC3G,CAAC,CAAC;iBACN;aACJ;YAAC,OAAO,GAAG,EAAE;gBACV,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,uBAAuB,EAAC,CAAC,CAAC;aAC7D;SACJ;aAAM;YACH,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,uBAAuB,EAAC,CAAC,CAAC;SAC7D;IACL,CAAC,CAAA,CAAC;AACN,CAAC;AA7BD,kEA6BC"}
|
package/dist/auth/pam.js
CHANGED
|
@@ -20,7 +20,7 @@ function getPamLoginHandler(authConf) {
|
|
|
20
20
|
try {
|
|
21
21
|
const uid = userid.uid(username);
|
|
22
22
|
console.log(`Authenticated as user ${username} with uid ${uid} using PAM`);
|
|
23
|
-
return local_1.addTokensToResponse(authConf, username
|
|
23
|
+
return local_1.addTokensToResponse(res, authConf, username);
|
|
24
24
|
}
|
|
25
25
|
catch (e) {
|
|
26
26
|
return res.status(403).json({ statusCode: 403, message: "User does not exist" });
|
package/dist/auth/pam.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pam.js","sourceRoot":"","sources":["../../src/auth/pam.ts"],"names":[],"mappings":";;;AACA,iCAAiC;AAEjC,mCAA4C;AAE5C,SAAgB,kBAAkB,CAAC,QAA8B;IAC7D,MAAM,EAAC,eAAe,EAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEpD,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,EAAE;;QACnD,IAAI,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAEpC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE;YACxB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAC,CAAC,CAAC;SACtF;QAED,eAAe,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAC,EAAE,CAAC,GAAmB,EAAE,IAAY,EAAE,EAAE;YACxE,IAAI,GAAG,EAAE;gBACL,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,iCAAiC,EAAC,CAAC,CAAC;aAC9F;iBAAM;gBACH,IAAI;oBACA,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,yBAAyB,QAAQ,aAAa,GAAG,YAAY,CAAC,CAAC;oBAC3E,OAAO,2BAAmB,CAAC,
|
|
1
|
+
{"version":3,"file":"pam.js","sourceRoot":"","sources":["../../src/auth/pam.ts"],"names":[],"mappings":";;;AACA,iCAAiC;AAEjC,mCAA4C;AAE5C,SAAgB,kBAAkB,CAAC,QAA8B;IAC7D,MAAM,EAAC,eAAe,EAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAAC;IAEpD,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,EAAE;;QACnD,IAAI,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAA,GAAG,CAAC,IAAI,0CAAE,QAAQ,CAAC;QAEpC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE;YACxB,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,yBAAyB,EAAC,CAAC,CAAC;SACtF;QAED,eAAe,CAAC,EAAC,QAAQ,EAAE,QAAQ,EAAC,EAAE,CAAC,GAAmB,EAAE,IAAY,EAAE,EAAE;YACxE,IAAI,GAAG,EAAE;gBACL,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,iCAAiC,EAAC,CAAC,CAAC;aAC9F;iBAAM;gBACH,IAAI;oBACA,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,yBAAyB,QAAQ,aAAa,GAAG,YAAY,CAAC,CAAC;oBAC3E,OAAO,2BAAmB,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;iBACvD;gBAAC,OAAO,CAAC,EAAE;oBACR,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,qBAAqB,EAAC,CAAC,CAAC;iBAClF;aACJ;QACL,CAAC,CAAC,CAAC;IACP,CAAC,CAAC;AACN,CAAC;AAzBD,gDAyBC"}
|
package/dist/controllerTests.js
CHANGED
|
@@ -147,7 +147,7 @@ function testUid(username) {
|
|
|
147
147
|
function testToken(authConf, username) {
|
|
148
148
|
let token;
|
|
149
149
|
try {
|
|
150
|
-
token = local_1.generateToken(authConf, username,
|
|
150
|
+
token = local_1.generateToken(authConf, username, local_1.TokenType.Access);
|
|
151
151
|
}
|
|
152
152
|
catch (e) {
|
|
153
153
|
util_1.verboseError(e);
|
package/dist/index.js
CHANGED
|
@@ -41,16 +41,15 @@ if (config_1.testUser) {
|
|
|
41
41
|
else {
|
|
42
42
|
let app = express();
|
|
43
43
|
app.use(bodyParser.urlencoded({ extended: true }));
|
|
44
|
-
app.use(bodyParser.json());
|
|
45
44
|
app.use(cookieParser());
|
|
46
45
|
app.use(bearerToken());
|
|
47
46
|
app.use(cors());
|
|
48
47
|
app.use(compression());
|
|
49
48
|
app.set("view engine", "pug");
|
|
50
49
|
app.set("views", path.join(__dirname, "../views"));
|
|
51
|
-
app.use("/api/auth", auth_1.authRouter);
|
|
52
|
-
app.use("/api/server", serverHandlers_1.serverRouter);
|
|
53
|
-
app.use("/api/database", database_1.databaseRouter);
|
|
50
|
+
app.use("/api/auth", bodyParser.json(), auth_1.authRouter);
|
|
51
|
+
app.use("/api/server", bodyParser.json(), serverHandlers_1.serverRouter);
|
|
52
|
+
app.use("/api/database", bodyParser.json(), database_1.databaseRouter);
|
|
54
53
|
app.use("/config", (req, res) => {
|
|
55
54
|
return res.json(config_1.RuntimeConfig);
|
|
56
55
|
});
|
|
@@ -91,7 +90,7 @@ else {
|
|
|
91
90
|
return res.redirect((_c = config_1.ServerConfig.serverAddress) !== null && _c !== void 0 ? _c : "");
|
|
92
91
|
}
|
|
93
92
|
});
|
|
94
|
-
app.get("/dashboard",
|
|
93
|
+
app.get("/dashboard", (req, res) => {
|
|
95
94
|
var _a, _b, _c, _d, _e, _f, _g;
|
|
96
95
|
res.render("templated", {
|
|
97
96
|
clientId: (_a = config_1.ServerConfig.authProviders.google) === null || _a === void 0 ? void 0 : _a.clientId,
|
|
@@ -105,6 +104,9 @@ else {
|
|
|
105
104
|
});
|
|
106
105
|
});
|
|
107
106
|
app.use("/dashboard", express.static(path.join(__dirname, "../public")));
|
|
107
|
+
// Scripting proxy
|
|
108
|
+
const backendProxy = httpProxy.createServer({ ws: true });
|
|
109
|
+
app.post("/api/scripting/*", auth_1.authGuard, serverHandlers_1.createScriptingProxyHandler(backendProxy));
|
|
108
110
|
// Simplified error handling
|
|
109
111
|
app.use((err, req, res, next) => {
|
|
110
112
|
err.statusCode = err.statusCode || 500;
|
|
@@ -114,9 +116,8 @@ else {
|
|
|
114
116
|
message: err.message
|
|
115
117
|
});
|
|
116
118
|
});
|
|
117
|
-
const expressServer = http.createServer(app);
|
|
118
|
-
const backendProxy = httpProxy.createServer({ ws: true });
|
|
119
119
|
// Handle WS connections
|
|
120
|
+
const expressServer = http.createServer(app);
|
|
120
121
|
expressServer.on("upgrade", serverHandlers_1.createUpgradeHandler(backendProxy));
|
|
121
122
|
// Handle WS disconnects
|
|
122
123
|
backendProxy.on("error", (err) => {
|
package/dist/serverHandlers.js
CHANGED
|
@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.serverRouter = exports.createUpgradeHandler = void 0;
|
|
12
|
+
exports.serverRouter = exports.createScriptingProxyHandler = exports.createUpgradeHandler = void 0;
|
|
13
13
|
const express = require("express");
|
|
14
14
|
const url = require("url");
|
|
15
15
|
const fs = require("fs");
|
|
@@ -352,6 +352,43 @@ const createUpgradeHandler = (server) => (req, socket, head) => __awaiter(void 0
|
|
|
352
352
|
}
|
|
353
353
|
});
|
|
354
354
|
exports.createUpgradeHandler = createUpgradeHandler;
|
|
355
|
+
const createScriptingProxyHandler = (server) => (req, res, next) => __awaiter(void 0, void 0, void 0, function* () {
|
|
356
|
+
var _d, _e, _f;
|
|
357
|
+
const username = req === null || req === void 0 ? void 0 : req.username;
|
|
358
|
+
if (!username) {
|
|
359
|
+
return next({ statusCode: 401, message: "Not authorized" });
|
|
360
|
+
}
|
|
361
|
+
if (!req.scripting) {
|
|
362
|
+
return next({ statusCode: 403, message: "API token supplied does not permit scripting" });
|
|
363
|
+
}
|
|
364
|
+
try {
|
|
365
|
+
const remoteAddress = ((_d = req.headers) === null || _d === void 0 ? void 0 : _d["x-forwarded-for"]) || ((_e = req.connection) === null || _e === void 0 ? void 0 : _e.remoteAddress);
|
|
366
|
+
let existingProcess = processMap.get(username);
|
|
367
|
+
if (!(existingProcess === null || existingProcess === void 0 ? void 0 : existingProcess.process) || existingProcess.process.signalCode) {
|
|
368
|
+
// Attempt to start new process
|
|
369
|
+
(_f = existingProcess === null || existingProcess === void 0 ? void 0 : existingProcess.process) === null || _f === void 0 ? void 0 : _f.removeAllListeners();
|
|
370
|
+
yield startServer(username);
|
|
371
|
+
existingProcess = processMap.get(username);
|
|
372
|
+
}
|
|
373
|
+
if (existingProcess && !existingProcess.process.signalCode) {
|
|
374
|
+
if (!existingProcess.ready) {
|
|
375
|
+
// Wait until existing process is ready
|
|
376
|
+
yield util_1.delay(config_1.ServerConfig.startDelay);
|
|
377
|
+
}
|
|
378
|
+
req.headers["carta-auth-token"] = existingProcess.headerToken;
|
|
379
|
+
return server.web(req, res, { target: { host: "localhost", port: existingProcess.port } });
|
|
380
|
+
}
|
|
381
|
+
else {
|
|
382
|
+
return next({ statusCode: 500, message: `Backend process could not be started for ${username}` });
|
|
383
|
+
}
|
|
384
|
+
}
|
|
385
|
+
catch (err) {
|
|
386
|
+
console.log(`Error proxying scripting request for ${req.username}`);
|
|
387
|
+
console.log(err);
|
|
388
|
+
return next({ statusCode: 500, message: `Error proxying scripting request for ${req.username}` });
|
|
389
|
+
}
|
|
390
|
+
});
|
|
391
|
+
exports.createScriptingProxyHandler = createScriptingProxyHandler;
|
|
355
392
|
exports.serverRouter = express.Router();
|
|
356
393
|
exports.serverRouter.post("/start", auth_1.authGuard, util_1.noCache, handleStartServer);
|
|
357
394
|
exports.serverRouter.post("/stop", auth_1.authGuard, util_1.noCache, handleStopServer);
|
package/dist/types.js
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.ScriptingAccess = void 0;
|
|
4
|
+
var ScriptingAccess;
|
|
5
|
+
(function (ScriptingAccess) {
|
|
6
|
+
ScriptingAccess["Enabled"] = "enabled-all-users";
|
|
7
|
+
ScriptingAccess["Disabled"] = "disabled-all-users";
|
|
8
|
+
ScriptingAccess["OptIn"] = "opt-in";
|
|
9
|
+
})(ScriptingAccess = exports.ScriptingAccess || (exports.ScriptingAccess = {}));
|
|
3
10
|
//# sourceMappingURL=types.js.map
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "carta-controller",
|
|
3
|
-
"version": "3.0.0-
|
|
3
|
+
"version": "3.0.0-dev.20220222",
|
|
4
4
|
"description": "NodeJS-based controller for CARTA",
|
|
5
5
|
"repository": "https://github.com/CARTAvis/carta-controller",
|
|
6
6
|
"homepage": "https://www.cartavis.org",
|
|
@@ -23,7 +23,7 @@
|
|
|
23
23
|
"ajv": "^8.2.0",
|
|
24
24
|
"ajv-formats": "^2.1.0",
|
|
25
25
|
"body-parser": "^1.19.0",
|
|
26
|
-
"carta-frontend": "^3.0.0-
|
|
26
|
+
"carta-frontend": "^3.0.0-dev.20220222",
|
|
27
27
|
"chalk": "^4.1.1",
|
|
28
28
|
"compression": "^1.7.4",
|
|
29
29
|
"cookie-parser": "^1.4.5",
|
package/public/dashboard.js
CHANGED
|
@@ -25,7 +25,7 @@ apiCall = async (callName, jsonBody, method, authRequired) => {
|
|
|
25
25
|
const options = {
|
|
26
26
|
method: method || "get"
|
|
27
27
|
};
|
|
28
|
-
if (jsonBody) {
|
|
28
|
+
if (method !== "get" && jsonBody) {
|
|
29
29
|
options.body = JSON.stringify(jsonBody);
|
|
30
30
|
options.headers = {"Content-Type": "application/json"}
|
|
31
31
|
} else {
|
|
@@ -103,7 +103,7 @@ setButtonDisabled = (elementId, disabled) => {
|
|
|
103
103
|
updateServerStatus = async () => {
|
|
104
104
|
let hasServer = false;
|
|
105
105
|
try {
|
|
106
|
-
const res = await apiCall("server/status",
|
|
106
|
+
const res = await apiCall("server/status", {}, "get", true);
|
|
107
107
|
if (res.ok) {
|
|
108
108
|
const body = await res.json();
|
|
109
109
|
if (body.success && body.running) {
|