chyz 2.0.1-rc.3 → 2.0.1-rc.36

package/filters/auth/HttpBasicAuth.ts

@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
+import {Request, Response} from "express";
+import {WebUser} from "../../web/WebUser";
+import {AuthMethod} from "./AuthMethod";
+import {InvalidConfigException} from "../../base";
+import BaseChyz from "../../BaseChyz";
+
+export class HttpBasicAuth extends AuthMethod {
+
+    /**
+     * @var string the HTTP header name
+     */
+    public header = 'Authorization';
+
+
+    /**
+     * @var string a pattern to use to extract the HTTP authentication value
+     */
+
+    public pattern = /^Basic\s+(.*?)$/;
+
+
+    public auth: any = null;
+
+    /**
+     * @throws InvalidConfigException
+     */
+    public init(): void {
+        super.init();
+
+        if (!this.pattern) {
+            throw new InvalidConfigException('You must provide pattern to use to extract the HTTP authentication value!');
+        }
+
+        this.user = BaseChyz.getComponent("user") ?? null;
+    }
+
+
+    async authenticate(user: WebUser, request: Request, response: Response) {
+
+
+        let autHeader = this.getHeaderByKey(request.headers, this.header)
+        if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
+            return  this.fail(response);
+        }
+
+        let identity = null;
+        let token = null;
+
+        let buff = new Buffer(autHeader[1], "base64");
+        let basicauth = buff.toString().split(":");
+
+        if (this.auth != null) {
+            identity = await this.auth(autHeader[1], ...arguments, basicauth)
+        } else {
+            identity = await user.loginByAccessToken(basicauth, "HttpBasicAuth");
+        }
+
+
+        if (identity == null) this.fail(response)
+        return identity;
+
+    }
+
+
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    public fail(response: Response): void {
+        this.challenge(response)
+        this.handleFailure(response);
+    }
+}

package/filters/auth/HttpBearerAuth.ts

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
+import {HttpHeaderAuth} from "./HttpHeaderAuth";
+import {Response} from "express";
+
+export class HttpBearerAuth extends HttpHeaderAuth {
+
+    /**
+     * {@inheritdoc}
+     */
+    public header = 'Authorization';
+    // @ts-ignore
+    public pattern = /^Bearer\s+(.*?)$/;
+    /**
+     * @var string the HTTP authentication realm
+     */
+    public realm = 'api';
+
+
+    /**
+     * {@inheritdoc}
+     */
+    public challenge(response: Response):Response {
+        response.set('WWW-Authenticate', `Bearer realm="${this.realm}"`);
+        return response;
+    }
+
+
+}

package/filters/auth/HttpHeaderAuth.ts

@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
+import {AuthMethod} from "./AuthMethod";
+import {WebUser} from "../../web/WebUser";
+import {Utils} from "../../requiments/Utils";
+import {Request, Response} from "express";
+
+export class HttpHeaderAuth extends AuthMethod {
+    /**
+     * @var string the HTTP header name
+     */
+    public header = 'X-Api-Key';
+
+
+    /**
+     * @var string a pattern to use to extract the HTTP authentication value
+     */
+
+    public pattern!: string;
+
+
+    async authenticate(user: WebUser, request:Request, response:Response) {
+        let key = Object.keys(request.headers).find(key => key.toLowerCase() === this.header.toLowerCase())
+        if (key) {
+            let authHeader:any = request.headers[key];
+            if (!Utils.isEmpty(authHeader)) {
+                if (this.pattern) {
+                    //preg_match
+                    let matches = authHeader.match(this.pattern)
+                    if (matches && matches.length > 0) {
+                        authHeader = matches[1];
+                    } else {
+                        return this.fail(response);
+                    }
+                }
+
+                let identity = await user.loginByAccessToken(authHeader, "HttpHeaderAuth");
+                if (identity === null) {
+                    this.challenge(response);
+                    this.handleFailure(response);
+                }
+
+                return identity;
+            }
+        }
+        return this.fail(response);
+    }
+
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    public fail(response: Response): void {
+        this.challenge(response)
+        this.handleFailure(response);
+    }
+}

package/filters/auth/JwtHttpBearerAuth.ts

@@ -0,0 +1,83 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+import BaseChyz from "../../BaseChyz";
+import {HttpBearerAuth} from "./HttpBearerAuth";
+import {InvalidConfigException} from "../../base";
+import {Response, Request} from "express";
+import {WebUser} from "../../web/WebUser";
+
+const JsonWebToken = require("jsonwebtoken");
+
+export class JwtHttpBearerAuth extends HttpBearerAuth {
+    /**
+     * @var string|array<string, mixed>|Jwt application component ID of the JWT handler, configuration array, or JWT handler object
+     * itself. By default it's assumes that component of ID "jwt" has been configured.
+     */
+    public jwt = 'jwt'
+    public auth: any = null;
+
+
+    /**
+     * @throws InvalidConfigException
+     */
+    public init(): void {
+        super.init();
+
+        if (!this.pattern) {
+            throw new InvalidConfigException('You must provide pattern to use to extract the HTTP authentication value!');
+        }
+
+        this.user = BaseChyz.getComponent("user") ?? null;
+    }
+
+
+    public async authenticate(user: WebUser, request: Request, response: Response) // BC signature
+    {
+        let autHeader = this.getHeaderByKey(request.headers, this.header)
+        if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
+            return  null ;
+        }
+
+        let identity = null;
+        let token = null;
+
+        try {
+            token = JsonWebToken.decode(autHeader[1], {complete: true})
+            if (!token) {
+                BaseChyz.warning("Your request was made with invalid or expired JSON Web Token.");
+                this.fail(response);
+            }
+        } catch (e) {
+            BaseChyz.warning("Your request was made with invalid or expired JSON Web Token.",autHeader,request.path);
+            this.fail(response);
+        }
+
+
+        if (token !== null) {
+            if (this.auth != null) {
+                identity = await this.auth(autHeader[1], ...arguments)
+            } else {
+                identity = await user.loginByAccessToken(autHeader[1], "JwtHttpBearerAuth")
+            }
+        }
+
+        if (identity == null) this.fail(response)
+
+
+        return identity;
+    }
+
+
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    public fail(response: Response): void {
+        this.challenge(response)
+        this.handleFailure(response);
+    }
+
+}

package/filters/auth/KeyCloakHttpBearerAuth.ts

@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+import BaseChyz from "../../BaseChyz";
+import {HttpBearerAuth} from "./HttpBearerAuth";
+import {InvalidConfigException} from "../../base/InvalidConfigException";
+import {Request, Response} from "express";
+import {WebUser} from "../../web/WebUser";
+
+const JsonWebToken = require("jsonwebtoken");
+
+export class KeyCloakHttpBearerAuth extends HttpBearerAuth {
+    /**
+     * @var string|array<string, mixed>|Jwt application component ID of the JWT handler, configuration array, or JWT handler object
+     * itself. By default it's assumes that component of ID "jwt" has been configured.
+     */
+    public jwt = 'jwt'
+    public auth: any = null;
+    public keycloak: any = null;
+
+
+    /**
+     * @throws InvalidConfigException
+     */
+    public init(): void {
+        super.init();
+
+        if (!this.pattern) {
+            throw new InvalidConfigException('You must provide pattern to use to extract the HTTP authentication value!');
+        }
+
+        this.keycloak = BaseChyz.getMiddlewares("keycloak").keycloak ?? null;
+        this.user = BaseChyz.getComponent("user") ?? null;
+        this.auth = this.KeyCloakCheck;
+
+
+    }
+
+    public async KeyCloakCheck(token: string, request: Request, response: Response,) {
+        if (this.keycloak == null) return false;
+        // return await this.keycloak.protect('realm:user')(request, response, () => true /*next*/)
+        return await this.keycloak.protect()(request, response, () => true /*next*/);
+    }
+
+
+    public async authenticate(user: WebUser, request: Request, response: Response) // BC signature
+    {
+
+        let identity = null;
+        let token = null;
+
+        let autHeader = this.getHeaderByKey(request.headers, this.header)
+        if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
+            return this.fail(response);
+        }
+
+        token = JsonWebToken.decode(autHeader[1], {complete: true})
+        if (!token) {
+            BaseChyz.warning("Your request was made with invalid or expired JSON Web Token.");
+            this.fail(response);
+        }
+
+        if (token !== null) {
+            identity = await this.KeyCloakCheck(autHeader[1], request, response)
+            BaseChyz.debug("KeyCloakCheck Result:", identity)
+        }
+
+        if (identity == null || identity == false) this.fail(response)
+
+        return identity;
+
+        /* let autHeader = this.getHeaderByKey(request.headers, this.header)
+         if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
+             return null;
+         }
+
+         BaseChyz.debug("JSON Web Token.",autHeader);
+         let identity = null;
+         let token = null;
+
+         token = JsonWebToken.decode(autHeader[1], {complete: true})
+         if (!token) {
+             BaseChyz.warning("Your request was made with invalid or expired JSON Web Token.");
+             this.fail(response);
+         }
+
+         if (token !== null) {
+             if (this.auth != null) {
+                 identity = await this.auth(autHeader[1])
+             } else {
+                 identity = await user.loginByAccessToken(autHeader[1], "JwtHttpBearerAuth")
+             }
+         }
+
+         if (identity == null) this.fail(response)
+
+
+
+         return identity;*/
+    }
+
+
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    public fail(response: Response): void {
+        // this.challenge(response)
+        this.handleFailure(response);
+    }
+
+}

package/filters/auth/index.ts

@@ -0,0 +1,4 @@
+export {JwtHttpBearerAuth} from "./JwtHttpBearerAuth"
+export {HttpBearerAuth} from "./HttpBearerAuth"
+export {HttpHeaderAuth} from "./HttpHeaderAuth"
+export {HttpBasicAuth} from "./HttpBasicAuth"

package/filters/index.ts

@@ -0,0 +1,2 @@
+export {AccessControl} from "./AccessControl"
+export {AccessRule} from "./AccessRule"

package/index.ts

@@ -0,0 +1,80 @@
+/*
+ *
+ * Copyright (c) 2022.. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ *  E-mail: cihan@chy.com.tr
+ *  Github:https://github.com/cihan53/
+ *
+ */
+
+declare global {
+    interface String {
+        tokenReplace(obj: any): string;
+    }
+}
+
+declare namespace Express {
+    export interface Request {
+        identity?: string
+    }
+}
+
+import BaseChyz from "./BaseChyz";
+import {RestClient} from "./base";
+
+
+declare module "express-serve-static-core" {
+    interface Request {
+        identity: any;
+    }
+}
+
+String.prototype.tokenReplace = function (obj) {
+    let retStr: any = this;
+    for (let x in obj) {
+        // @ts-ignore
+        retStr = retStr.replace(new RegExp("\\:" + x, 'g'), obj[x]).toString();
+    }
+    return retStr;
+};
+
+
+/**
+ *
+ */
+const Chyz = new BaseChyz();
+const pjson = require('./package.json');
+export const Chyz_Version = pjson.version;
+export {Request, Response, NextFunction} from "./base/CRequest";
+export {RouteDefinition} from "./model/RouteDefinition";
+export {WebUser} from "./web/WebUser";
+export {BaseChyz, RestClient}
+export {
+    Logs,
+    ActionFilter,
+    BaseError,
+    Behavior,
+    Component,
+    Configurable,
+    CWebController,
+    DbConnection,
+    ForbiddenHttpException,
+    InvalidConfigException,
+    InvalidArgumentException,
+    NotFoundHttpException,
+    UnauthorizedHttpException,
+    DataErrorDbException,
+    ValidationHttpException,
+    Model,
+    ModelManager,
+    CEvents
+} from "./base";
+export * from "./filters";
+export * from "./filters/auth";
+export * from "./rbac/";
+
+export * from "./decorator";
+export * from "./requiments/Utils";
+
+export default Chyz;
+

package/log/config/log4js.json

@@ -1,55 +1,55 @@
-{
-  "appenders": {
-    "access": {
-      "type": "dateFile",
-      "filename": "log/access.log",
-      "pattern": "-yyyy-MM-dd",
-      "category": "http",
-      "layout": {
-        "type": "pattern",
-        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
-      }
-    },
-    "app": {
-      "type": "file",
-      "filename": "log/app.log",
-      "maxLogSize": 10485760,
-      "numBackups": 3,
-      "layout": {
-        "type": "pattern",
-        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
-      }
-    },
-    "errorFile": {
-      "type": "file",
-      "filename": "log/errors.log",
-      "layout": {
-        "type": "pattern",
-        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
-      }
-    },
-    "errors": {
-      "type": "logLevelFilter",
-      "level": "ERROR",
-      "appender": "errorFile",
-      "layout": {
-        "type": "pattern",
-        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
-      }
-    },
-    "console": {
-      "type": "stdout"
-    }
-  },
-  "categories": {
-    "default": {
-      "appenders": ["console","app" ,"errors" ],
-      "level": "INFO",
-      "enableCallStack": true
-    },
-    "http": {
-      "level": "INFO",
-      "appenders": [ "access" ]
-    }
-  }
-}
+{
+  "appenders": {
+    "access": {
+      "type": "dateFile",
+      "filename": "log/access.log",
+      "pattern": "-yyyy-MM-dd",
+      "category": "http",
+      "layout": {
+        "type": "pattern",
+        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
+      }
+    },
+    "app": {
+      "type": "file",
+      "filename": "log/app.log",
+      "maxLogSize": 10485760,
+      "numBackups": 3,
+      "layout": {
+        "type": "pattern",
+        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
+      }
+    },
+    "errorFile": {
+      "type": "file",
+      "filename": "log/errors.log",
+      "layout": {
+        "type": "pattern",
+        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
+      }
+    },
+    "errors": {
+      "type": "logLevelFilter",
+      "level": "ERROR",
+      "appender": "errorFile",
+      "layout": {
+        "type": "pattern",
+        "pattern": "[%d{yyyy-MM-ddThh.mm.ss.SSS}] [%p] %c [%l] [%f] - %m"
+      }
+    },
+    "console": {
+      "type": "stdout"
+    }
+  },
+  "categories": {
+    "default": {
+      "appenders": ["console","app" ,"errors" ],
+      "level": "INFO",
+      "enableCallStack": true
+    },
+    "http": {
+      "level": "INFO",
+      "appenders": [ "access" ]
+    }
+  }
+}

package/model/RouteDefinition.ts

@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+
+export interface RouteDefinition {
+    //id
+    id:string;
+    // Path to our route
+    path: string;
+    // HTTP Request method (get, post, ...)
+    requestMethod: 'get' | 'post' | 'delete' | 'options' | 'put';
+    // Method name within our class responsible for this route
+    methodName: string;
+}
+