chyz 2.0.1-rc.36 → 2.0.1-rc.37

package/dist/filters/AccessRule.d.ts

@@ -0,0 +1,83 @@
+import { WebUser } from "../web/WebUser";
+import { Component } from "../base";
+import { Request } from "express";
+export declare class AccessRule extends Component {
+    /**
+     * @var allow whether this is an 'allow' rule or 'deny' rule.
+     */
+    allow: any;
+    /**
+     * @var array list of action IDs that this rule applies to. The comparison is case-sensitive.
+     * If not set or empty, it means this rule applies to all actions.
+     */
+    actions: any;
+    /**
+     *  @var array list of the controller IDs that this rule applies to.
+     */
+    controllers: any;
+    /**
+     * - `?`: matches a guest user (not authenticated yet)
+     * - `@`: matches an authenticated user
+     */
+    roles: any;
+    /**
+     * @var array list of RBAC (Role-Based Access Control) permissions that this rules applies to.
+     */
+    permissions: any;
+    /**
+     * @var array|Closure parameters to pass to the [[User::can()]] function for evaluating
+     * user permissions in [[$roles]].
+     *
+     * If this is an array, it will be passed directly to [[User::can()]]. For example for passing an
+     * ID from the current request, you may use the following:
+     *
+     * ```php
+     * ['postId' => Yii::$app->request->get('id')]
+     * ```
+     *
+     * You may also specify a closure that returns an array. This can be used to
+     * evaluate the array values only if they are needed, for example when a model needs to be
+     * loaded like in the following code:
+     *
+     * ```php
+     * 'rules' => [
+     *     [
+     *         'allow' => true,
+     *         'actions' => ['update'],
+     *         'roles' => ['updatePost'],
+     *         'roleParams' => function($rule) {
+     *             return ['post' => Post::findOne(Yii::$app->request->get('id'))];
+     *         },
+     *     ],
+     * ],
+     * ```
+     *
+     * A reference to the [[AccessRule]] instance will be passed to the closure as the first parameter.
+     *
+     * @see roles
+     * @since 2.0.12
+     */
+    roleParams: any;
+    /**
+     * @var array list of user IP addresses that this rule applies to. An IP address
+     * can contain the wildcard `*` at the end so that it matches IP addresses with the same prefix.
+     * For example, '192.168.*' matches all IP addresses in the segment '192.168.'.
+     * It may also contain a pattern/mask like '172.16.0.0/12' which would match all IPs from the
+     * 20-bit private network block in RFC1918.
+     * If not set or empty, it means this rule applies to all IP addresses.
+     */
+    ips: any;
+    allows(action: any, user: WebUser, request: Request): Promise<any>;
+    /**
+     * @param action $action the action
+     * @return bool whether the rule applies to the action
+     */
+    protected matchAction(action: any): any;
+    /**
+     * @param controller $controller the controller
+     * @return bool whether the rule applies to the controller
+     */
+    protected matchController(controller: any): boolean;
+    protected matchRole(user: WebUser): Promise<boolean>;
+}
+//# sourceMappingURL=AccessRule.d.ts.map

package/dist/filters/AccessRule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccessRule.d.ts","sourceRoot":"","sources":["../../src/filters/AccessRule.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,OAAO,EAAC,MAAM,gBAAgB,CAAC;AACvC,OAAO,EAAC,SAAS,EAAC,MAAM,SAAS,CAAC;AAElC,OAAO,EAAC,OAAO,EAAC,MAAM,SAAS,CAAC;AAIhC,qBAAa,UAAW,SAAQ,SAAS;IAErC;;OAEG;IACI,KAAK,EAAE,GAAG,CAAC;IAClB;;;OAGG;IACI,OAAO,EAAE,GAAG,CAAC;IAEpB;;OAEG;IACI,WAAW,EAAE,GAAG,CAAC;IAExB;;;OAGG;IAEI,KAAK,EAAE,GAAG,CAAC;IAElB;;OAEG;IACI,WAAW,EAAE,GAAG,CAAC;IAExB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACI,UAAU,EAAE,GAAG,CAAM;IAG5B;;;;;;;OAOG;IACI,GAAG,EAAE,GAAG,CAAC;IAGH,MAAM,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAoBhE;;;OAGG;IACH,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG;IAIjC;;;OAGG;IACH,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,GAAG;cAezB,SAAS,CAAC,IAAI,EAAE,OAAO;CA6C1C"}

package/dist/filters/AccessRule.js

@@ -0,0 +1,136 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AccessRule = void 0;
+const base_1 = require("../base");
+const base_2 = require("../base");
+const Utils_1 = require("../requiments/Utils");
+class AccessRule extends base_1.Component {
+    constructor() {
+        super(...arguments);
+        /**
+         * @var array|Closure parameters to pass to the [[User::can()]] function for evaluating
+         * user permissions in [[$roles]].
+         *
+         * If this is an array, it will be passed directly to [[User::can()]]. For example for passing an
+         * ID from the current request, you may use the following:
+         *
+         * ```php
+         * ['postId' => Yii::$app->request->get('id')]
+         * ```
+         *
+         * You may also specify a closure that returns an array. This can be used to
+         * evaluate the array values only if they are needed, for example when a model needs to be
+         * loaded like in the following code:
+         *
+         * ```php
+         * 'rules' => [
+         *     [
+         *         'allow' => true,
+         *         'actions' => ['update'],
+         *         'roles' => ['updatePost'],
+         *         'roleParams' => function($rule) {
+         *             return ['post' => Post::findOne(Yii::$app->request->get('id'))];
+         *         },
+         *     ],
+         * ],
+         * ```
+         *
+         * A reference to the [[AccessRule]] instance will be passed to the closure as the first parameter.
+         *
+         * @see roles
+         * @since 2.0.12
+         */
+        this.roleParams = [];
+    }
+    allows(action, user, request) {
+        return __awaiter(this, void 0, void 0, function* () {
+            if (this.matchAction(action)
+                && (yield this.matchRole(user))) {
+                return this.allow;
+            }
+            //     if (this.matchAction($action)
+            //         && this.matchRole($user)
+            // && this.matchIP($request->getUserIP())
+            // && this.matchVerb($request->getMethod())
+            // && this.matchController($action->controller)
+            // && this.matchCustom($action)
+            // ) {
+            //     return $this->allow ? true : false;
+            // }
+            return null;
+        });
+    }
+    /**
+     * @param action $action the action
+     * @return bool whether the rule applies to the action
+     */
+    matchAction(action) {
+        return Utils_1.Utils.isEmpty(this.actions) || this.actions.includes(action.id);
+    }
+    /**
+     * @param controller $controller the controller
+     * @return bool whether the rule applies to the controller
+     */
+    matchController(controller) {
+        //     if (empty($this->controllers)) {
+        //         return true;
+        //     }
+        //
+        //     $id = $controller->getUniqueId();
+        //     foreach ($this->controllers as $pattern) {
+        //     if (StringHelper::matchWildcard($pattern, $id)) {
+        //         return true;
+        //     }
+        // }
+        return false;
+    }
+    matchRole(user) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let items = Utils_1.Utils.isEmpty(this.roles) ? [] : this.roles;
+            if (!Utils_1.Utils.isEmpty(this.permissions)) {
+                items = Utils_1.Utils.merge(items, this.permissions);
+            }
+            if (Utils_1.Utils.isEmpty(items)) {
+                return true;
+            }
+            if (!user) {
+                throw new base_2.InvalidConfigException('The user application component must be available to specify roles in AccessRule.');
+            }
+            // @ts-ignore
+            let roleParams = [];
+            for (const itemsKey in items) {
+                let item = items[itemsKey];
+                if (item === '?') {
+                    if (user.getIsGuest()) {
+                        return true;
+                    }
+                }
+                else if (item === '@') {
+                    if (!user.getIsGuest()) {
+                        return true;
+                    }
+                }
+                else {
+                    //role-params
+                    if (!Utils_1.Utils.isEmpty(this.roleParams)) {
+                        roleParams = !Utils_1.Utils.isArray(this.roleParams) ? this.roleParams.apply(this) : this.roleParams;
+                    }
+                    if (yield user.can(item, this.roleParams)) {
+                        return true;
+                    }
+                }
+            }
+            return false;
+        });
+    }
+}
+exports.AccessRule = AccessRule;

package/{filters/auth/AuthInterface.ts → dist/filters/auth/AuthInterface.d.ts}

@@ -1,12 +1,5 @@
-/*
- * Copyright (c) 2021. Chy Bilgisayar Bilisim
- * Author: Cihan Ozturk
- * E-mail: cihan@chy.com.tr
- * Github:https://github.com/cihan53/
- */
-import {Request, Response} from "express";
-
-export interface AuthInterface{
+import { Request, Response } from "express";
+export interface AuthInterface {
     /**
      * Authenticates the current user.
      * @param User $user
@@ -15,20 +8,19 @@ export interface AuthInterface{
      * @return IdentityInterface the authenticated user identity. If authentication information is not provided, null will be returned.
      * @throws UnauthorizedHttpException if authentication information is provided but is invalid.
      */
-     authenticate(user:any, request:Request, response:Response):any;
-
+    authenticate(user: any, request: Request, response: Response): any;
     /**
      * Generates challenges upon authentication failure.
      * For example, some appropriate HTTP headers may be generated.
      * @param Response $response
      */
-     challenge(response:Response):Response;
-
+    challenge(response: Response): Response;
     /**
      * Handles authentication failure.
      * The implementation should normally throw UnauthorizedHttpException to indicate authentication failure.
      * @param Response $response
      * @throws UnauthorizedHttpException
      */
-     handleFailure(response:Response):Response;
-}
+    handleFailure(response: Response): Response;
+}
+//# sourceMappingURL=AuthInterface.d.ts.map

package/dist/filters/auth/AuthInterface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthInterface.d.ts","sourceRoot":"","sources":["../../../src/filters/auth/AuthInterface.ts"],"names":[],"mappings":"AAMA,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAE1C,MAAM,WAAW,aAAa;IAC1B;;;;;;;OAOG;IACF,YAAY,CAAC,IAAI,EAAC,GAAG,EAAE,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,QAAQ,GAAE,GAAG,CAAC;IAEhE;;;;OAIG;IACF,SAAS,CAAC,QAAQ,EAAC,QAAQ,GAAE,QAAQ,CAAC;IAEvC;;;;;OAKG;IACF,aAAa,CAAC,QAAQ,EAAC,QAAQ,GAAE,QAAQ,CAAC;CAC9C"}

package/dist/filters/auth/AuthInterface.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/filters/auth/AuthMethod.d.ts

@@ -0,0 +1,38 @@
+import { ActionFilter } from "../../base";
+import { AuthInterface } from "./AuthInterface";
+import { WebUser } from "../../web/WebUser";
+import { Request, Response } from "express";
+export declare abstract class AuthMethod extends ActionFilter implements AuthInterface {
+    /**
+     * @var user the user object representing the user authentication status. If not set, the `user` application component will be used.
+     */
+    user: WebUser | undefined;
+    /**
+     * @var Request the current request. If not set, the `request` application component will be used.
+     */
+    request: Request | undefined;
+    /**
+     * @var Response the response to be sent. If not set, the `response` application component will be used.
+     */
+    response: Response | undefined;
+    optional: never[];
+    /**
+     *
+     * @param action
+     * @param request
+     * @param response
+     */
+    beforeAction(action: any, request: Request, response: Response): Promise<boolean>;
+    /**
+     *
+     * @param user
+     * @param request
+     * @param response
+     */
+    authenticate(user: WebUser, request: Request, response: Response): void;
+    challenge(response: Response): Response;
+    handleFailure(response: Response): Response;
+    getHeaderByKey(headers: any, findKey: any): any;
+    patternCheck(headerText: any, pattern: RegExp): any;
+}
+//# sourceMappingURL=AuthMethod.d.ts.map

package/dist/filters/auth/AuthMethod.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AuthMethod.d.ts","sourceRoot":"","sources":["../../../src/filters/auth/AuthMethod.ts"],"names":[],"mappings":"AAOA,OAAO,EAAC,YAAY,EAAC,MAAM,YAAY,CAAC;AACxC,OAAO,EAAC,aAAa,EAAC,MAAM,iBAAiB,CAAC;AAE9C,OAAO,EAAC,OAAO,EAAC,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAE1C,8BAAsB,UAAW,SAAQ,YAAa,YAAW,aAAa;IAE1E;;OAEG;IACI,IAAI,EAAE,OAAO,GAAG,SAAS,CAAC;IAEjC;;OAEG;IACI,OAAO,EAAE,OAAO,GAAG,SAAS,CAAC;IAEpC;;OAEG;IACI,QAAQ,EAAE,QAAQ,GAAG,SAAS,CAAC;IAG/B,QAAQ,UAAM;IAErB;;;;;OAKG;IACU,YAAY,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IAmB3E;;;;;OAKG;IACH,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IAKhE,SAAS,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ;IAKvC,aAAa,CAAC,QAAQ,EAAE,QAAQ,GAAG,QAAQ;IAI3C,cAAc,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG;IASzC,YAAY,CAAC,UAAU,EAAE,GAAG,EAAE,OAAO,EAAE,MAAM;CAYhD"}

package/dist/filters/auth/AuthMethod.js

@@ -0,0 +1,82 @@
+"use strict";
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthMethod = void 0;
+const base_1 = require("../../base");
+const base_2 = require("../../base");
+const WebUser_1 = require("../../web/WebUser");
+class AuthMethod extends base_1.ActionFilter {
+    constructor() {
+        super(...arguments);
+        this.optional = [];
+    }
+    /**
+     *
+     * @param action
+     * @param request
+     * @param response
+     */
+    beforeAction(action, request, response) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            let identity = yield this.authenticate((_a = this.user) !== null && _a !== void 0 ? _a : new WebUser_1.WebUser(), request, response);
+            // @ts-ignore
+            request.identity = identity;
+            if (identity !== null) {
+                return true;
+            }
+            this.challenge(response);
+            this.handleFailure(response);
+            return false;
+        });
+    }
+    /**
+     *
+     * @param user
+     * @param request
+     * @param response
+     */
+    authenticate(user, request, response) {
+    }
+    // @ts-ignore
+    challenge(response) {
+    }
+    // @ts-ignore
+    handleFailure(response) {
+        throw new base_2.UnauthorizedHttpException('Your request was made with invalid credentials.');
+    }
+    getHeaderByKey(headers, findKey) {
+        let key = Object.keys(headers).find(key => key.toLowerCase() === findKey.toLowerCase());
+        if (key) {
+            return headers[key];
+        }
+        return null;
+    }
+    patternCheck(headerText, pattern) {
+        if (pattern) {
+            let matches = headerText.match(pattern);
+            if (matches && matches.length > 0) {
+                return matches;
+            }
+            else {
+                return null;
+            }
+        }
+        return null;
+    }
+}
+exports.AuthMethod = AuthMethod;

package/dist/filters/auth/HttpBasicAuth.d.ts

@@ -0,0 +1,24 @@
+import { Request, Response } from "express";
+import { WebUser } from "../../web/WebUser";
+import { AuthMethod } from "./AuthMethod";
+export declare class HttpBasicAuth extends AuthMethod {
+    /**
+     * @var string the HTTP header name
+     */
+    header: string;
+    /**
+     * @var string a pattern to use to extract the HTTP authentication value
+     */
+    pattern: RegExp;
+    auth: any;
+    /**
+     * @throws InvalidConfigException
+     */
+    init(): void;
+    authenticate(user: WebUser, request: Request, response: Response): Promise<any>;
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    fail(response: Response): void;
+}
+//# sourceMappingURL=HttpBasicAuth.d.ts.map

package/dist/filters/auth/HttpBasicAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"HttpBasicAuth.d.ts","sourceRoot":"","sources":["../../../src/filters/auth/HttpBasicAuth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAC1C,OAAO,EAAC,OAAO,EAAC,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAC,UAAU,EAAC,MAAM,cAAc,CAAC;AAIxC,qBAAa,aAAc,SAAQ,UAAU;IAEzC;;OAEG;IACI,MAAM,SAAmB;IAGhC;;OAEG;IAEI,OAAO,SAAqB;IAG5B,IAAI,EAAE,GAAG,CAAQ;IAExB;;OAEG;IACI,IAAI,IAAI,IAAI;IAWb,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IA2BtE;;OAEG;IACI,IAAI,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;CAIxC"}

package/dist/filters/auth/HttpBasicAuth.js

@@ -0,0 +1,79 @@
+"use strict";
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpBasicAuth = void 0;
+const AuthMethod_1 = require("./AuthMethod");
+const base_1 = require("../../base");
+const BaseChyz_1 = __importDefault(require("../../BaseChyz"));
+class HttpBasicAuth extends AuthMethod_1.AuthMethod {
+    constructor() {
+        super(...arguments);
+        /**
+         * @var string the HTTP header name
+         */
+        this.header = 'Authorization';
+        /**
+         * @var string a pattern to use to extract the HTTP authentication value
+         */
+        this.pattern = /^Basic\s+(.*?)$/;
+        this.auth = null;
+    }
+    /**
+     * @throws InvalidConfigException
+     */
+    init() {
+        var _a;
+        super.init();
+        if (!this.pattern) {
+            throw new base_1.InvalidConfigException('You must provide pattern to use to extract the HTTP authentication value!');
+        }
+        this.user = (_a = BaseChyz_1.default.getComponent("user")) !== null && _a !== void 0 ? _a : null;
+    }
+    authenticate(user, request, response) {
+        var arguments_1 = arguments;
+        return __awaiter(this, void 0, void 0, function* () {
+            let autHeader = this.getHeaderByKey(request.headers, this.header);
+            if (autHeader == null || (autHeader = this.patternCheck(autHeader, this.pattern)) == null) {
+                return this.fail(response);
+            }
+            let identity = null;
+            let token = null;
+            let buff = new Buffer(autHeader[1], "base64");
+            let basicauth = buff.toString().split(":");
+            if (this.auth != null) {
+                identity = yield this.auth(autHeader[1], ...arguments_1, basicauth);
+            }
+            else {
+                identity = yield user.loginByAccessToken(basicauth, "HttpBasicAuth");
+            }
+            if (identity == null)
+                this.fail(response);
+            return identity;
+        });
+    }
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    fail(response) {
+        this.challenge(response);
+        this.handleFailure(response);
+    }
+}
+exports.HttpBasicAuth = HttpBasicAuth;

package/dist/filters/auth/HttpBearerAuth.d.ts

@@ -0,0 +1,18 @@
+import { HttpHeaderAuth } from "./HttpHeaderAuth";
+import { Response } from "express";
+export declare class HttpBearerAuth extends HttpHeaderAuth {
+    /**
+     * {@inheritdoc}
+     */
+    header: string;
+    pattern: RegExp;
+    /**
+     * @var string the HTTP authentication realm
+     */
+    realm: string;
+    /**
+     * {@inheritdoc}
+     */
+    challenge(response: Response): Response;
+}
+//# sourceMappingURL=HttpBearerAuth.d.ts.map

package/dist/filters/auth/HttpBearerAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"HttpBearerAuth.d.ts","sourceRoot":"","sources":["../../../src/filters/auth/HttpBearerAuth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAC,cAAc,EAAC,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAC,QAAQ,EAAC,MAAM,SAAS,CAAC;AAEjC,qBAAa,cAAe,SAAQ,cAAc;IAE9C;;OAEG;IACI,MAAM,SAAmB;IAEzB,OAAO,SAAsB;IACpC;;OAEG;IACI,KAAK,SAAS;IAGrB;;OAEG;IACI,SAAS,CAAC,QAAQ,EAAE,QAAQ,GAAE,QAAQ;CAMhD"}

package/dist/filters/auth/HttpBearerAuth.js

@@ -0,0 +1,33 @@
+"use strict";
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpBearerAuth = void 0;
+const HttpHeaderAuth_1 = require("./HttpHeaderAuth");
+class HttpBearerAuth extends HttpHeaderAuth_1.HttpHeaderAuth {
+    constructor() {
+        super(...arguments);
+        /**
+         * {@inheritdoc}
+         */
+        this.header = 'Authorization';
+        // @ts-ignore
+        this.pattern = /^Bearer\s+(.*?)$/;
+        /**
+         * @var string the HTTP authentication realm
+         */
+        this.realm = 'api';
+    }
+    /**
+     * {@inheritdoc}
+     */
+    challenge(response) {
+        response.set('WWW-Authenticate', `Bearer realm="${this.realm}"`);
+        return response;
+    }
+}
+exports.HttpBearerAuth = HttpBearerAuth;

package/dist/filters/auth/HttpHeaderAuth.d.ts

@@ -0,0 +1,19 @@
+import { AuthMethod } from "./AuthMethod";
+import { WebUser } from "../../web/WebUser";
+import { Request, Response } from "express";
+export declare class HttpHeaderAuth extends AuthMethod {
+    /**
+     * @var string the HTTP header name
+     */
+    header: string;
+    /**
+     * @var string a pattern to use to extract the HTTP authentication value
+     */
+    pattern: string;
+    authenticate(user: WebUser, request: Request, response: Response): Promise<any>;
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    fail(response: Response): void;
+}
+//# sourceMappingURL=HttpHeaderAuth.d.ts.map

package/dist/filters/auth/HttpHeaderAuth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"HttpHeaderAuth.d.ts","sourceRoot":"","sources":["../../../src/filters/auth/HttpHeaderAuth.ts"],"names":[],"mappings":"AAOA,OAAO,EAAC,UAAU,EAAC,MAAM,cAAc,CAAC;AACxC,OAAO,EAAC,OAAO,EAAC,MAAM,mBAAmB,CAAC;AAE1C,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,MAAM,SAAS,CAAC;AAE1C,qBAAa,cAAe,SAAQ,UAAU;IAC1C;;OAEG;IACI,MAAM,SAAe;IAG5B;;OAEG;IAEI,OAAO,EAAG,MAAM,CAAC;IAGlB,YAAY,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,EAAC,OAAO,EAAE,QAAQ,EAAC,QAAQ;IA2BpE;;OAEG;IACI,IAAI,CAAC,QAAQ,EAAE,QAAQ,GAAG,IAAI;CAIxC"}

package/dist/filters/auth/HttpHeaderAuth.js

@@ -0,0 +1,64 @@
+"use strict";
+/*
+ * Copyright (c) 2021. Chy Bilgisayar Bilisim
+ * Author: Cihan Ozturk
+ * E-mail: cihan@chy.com.tr
+ * Github:https://github.com/cihan53/
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.HttpHeaderAuth = void 0;
+const AuthMethod_1 = require("./AuthMethod");
+const Utils_1 = require("../../requiments/Utils");
+class HttpHeaderAuth extends AuthMethod_1.AuthMethod {
+    constructor() {
+        super(...arguments);
+        /**
+         * @var string the HTTP header name
+         */
+        this.header = 'X-Api-Key';
+    }
+    authenticate(user, request, response) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let key = Object.keys(request.headers).find(key => key.toLowerCase() === this.header.toLowerCase());
+            if (key) {
+                let authHeader = request.headers[key];
+                if (!Utils_1.Utils.isEmpty(authHeader)) {
+                    if (this.pattern) {
+                        //preg_match
+                        let matches = authHeader.match(this.pattern);
+                        if (matches && matches.length > 0) {
+                            authHeader = matches[1];
+                        }
+                        else {
+                            return this.fail(response);
+                        }
+                    }
+                    let identity = yield user.loginByAccessToken(authHeader, "HttpHeaderAuth");
+                    if (identity === null) {
+                        this.challenge(response);
+                        this.handleFailure(response);
+                    }
+                    return identity;
+                }
+            }
+            return this.fail(response);
+        });
+    }
+    /**
+     * @throws UnauthorizedHttpException
+     */
+    fail(response) {
+        this.challenge(response);
+        this.handleFailure(response);
+    }
+}
+exports.HttpHeaderAuth = HttpHeaderAuth;