npm - digitaltwin-core - Versions diffs - 0.14.2 → 1.0.0 - Mend

digitaltwin-core 0.14.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

package/LICENSE +20 -20
package/README.md +494 -359
package/dist/auth/apisix_parser.d.ts +141 -0
package/dist/auth/apisix_parser.d.ts.map +1 -0
package/dist/auth/apisix_parser.js +161 -0
package/dist/auth/apisix_parser.js.map +1 -0
package/dist/auth/auth_config.d.ts +126 -0
package/dist/auth/auth_config.d.ts.map +1 -0
package/dist/auth/auth_config.js +169 -0
package/dist/auth/auth_config.js.map +1 -0
package/dist/auth/auth_provider.d.ts +118 -0
package/dist/auth/auth_provider.d.ts.map +1 -0
package/dist/auth/auth_provider.js +8 -0
package/dist/auth/auth_provider.js.map +1 -0
package/dist/auth/auth_provider_factory.d.ts +91 -0
package/dist/auth/auth_provider_factory.d.ts.map +1 -0
package/dist/auth/auth_provider_factory.js +146 -0
package/dist/auth/auth_provider_factory.js.map +1 -0
package/dist/auth/index.d.ts +8 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +7 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/providers/gateway_auth_provider.d.ts +78 -0
package/dist/auth/providers/gateway_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/gateway_auth_provider.js +109 -0
package/dist/auth/providers/gateway_auth_provider.js.map +1 -0
package/dist/auth/providers/index.d.ts +4 -0
package/dist/auth/providers/index.d.ts.map +1 -0
package/dist/auth/providers/index.js +4 -0
package/dist/auth/providers/index.js.map +1 -0
package/dist/auth/providers/jwt_auth_provider.d.ts +91 -0
package/dist/auth/providers/jwt_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/jwt_auth_provider.js +204 -0
package/dist/auth/providers/jwt_auth_provider.js.map +1 -0
package/dist/auth/providers/no_auth_provider.d.ts +61 -0
package/dist/auth/providers/no_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/no_auth_provider.js +76 -0
package/dist/auth/providers/no_auth_provider.js.map +1 -0
package/dist/auth/types.d.ts +100 -0
package/dist/auth/types.d.ts.map +1 -0
package/dist/auth/types.js +2 -0
package/dist/auth/types.js.map +1 -0
package/dist/auth/user_service.d.ts +86 -0
package/dist/auth/user_service.d.ts.map +1 -0
package/dist/auth/user_service.js +237 -0
package/dist/auth/user_service.js.map +1 -0
package/dist/components/assets_manager.d.ts +662 -0
package/dist/components/assets_manager.d.ts.map +1 -0
package/dist/components/assets_manager.js +1537 -0
package/dist/components/assets_manager.js.map +1 -0
package/dist/components/async_upload.d.ts +20 -0
package/dist/components/async_upload.d.ts.map +1 -0
package/dist/components/async_upload.js +10 -0
package/dist/components/async_upload.js.map +1 -0
package/dist/components/collector.d.ts +203 -0
package/dist/components/collector.d.ts.map +1 -0
package/dist/components/collector.js +214 -0
package/dist/components/collector.js.map +1 -0
package/dist/components/custom_table_manager.d.ts +503 -0
package/dist/components/custom_table_manager.d.ts.map +1 -0
package/dist/components/custom_table_manager.js +1023 -0
package/dist/components/custom_table_manager.js.map +1 -0
package/dist/components/global_assets_handler.d.ts +63 -0
package/dist/components/global_assets_handler.d.ts.map +1 -0
package/dist/components/global_assets_handler.js +127 -0
package/dist/components/global_assets_handler.js.map +1 -0
package/dist/components/handler.d.ts +104 -0
package/dist/components/handler.d.ts.map +1 -0
package/dist/components/handler.js +110 -0
package/dist/components/handler.js.map +1 -0
package/dist/components/harvester.d.ts +182 -0
package/dist/components/harvester.d.ts.map +1 -0
package/dist/components/harvester.js +406 -0
package/dist/components/harvester.js.map +1 -0
package/dist/components/index.d.ts +11 -0
package/dist/components/index.d.ts.map +1 -0
package/dist/components/index.js +9 -0
package/dist/components/index.js.map +1 -0
package/dist/components/interfaces.d.ts +126 -0
package/dist/components/interfaces.d.ts.map +1 -0
package/dist/components/interfaces.js +8 -0
package/dist/components/interfaces.js.map +1 -0
package/dist/components/map_manager.d.ts +61 -0
package/dist/components/map_manager.d.ts.map +1 -0
package/dist/components/map_manager.js +242 -0
package/dist/components/map_manager.js.map +1 -0
package/dist/components/tileset_manager.d.ts +125 -0
package/dist/components/tileset_manager.d.ts.map +1 -0
package/dist/components/tileset_manager.js +623 -0
package/dist/components/tileset_manager.js.map +1 -0
package/dist/components/types.d.ts +226 -0
package/dist/components/types.d.ts.map +1 -0
package/dist/components/types.js +8 -0
package/dist/components/types.js.map +1 -0
package/dist/database/adapters/knex_database_adapter.d.ts +97 -0
package/dist/database/adapters/knex_database_adapter.d.ts.map +1 -0
package/dist/database/adapters/knex_database_adapter.js +729 -0
package/dist/database/adapters/knex_database_adapter.js.map +1 -0
package/dist/database/database_adapter.d.ts +262 -0
package/dist/database/database_adapter.d.ts.map +1 -0
package/dist/database/database_adapter.js +46 -0
package/dist/database/database_adapter.js.map +1 -0
package/dist/engine/digital_twin_engine.d.ts +295 -0
package/dist/engine/digital_twin_engine.d.ts.map +1 -0
package/dist/engine/digital_twin_engine.js +907 -0
package/dist/engine/digital_twin_engine.js.map +1 -0
package/dist/engine/endpoints.d.ts +47 -0
package/dist/engine/endpoints.d.ts.map +1 -0
package/dist/engine/endpoints.js +88 -0
package/dist/engine/endpoints.js.map +1 -0
package/dist/engine/error_handler.d.ts +20 -0
package/dist/engine/error_handler.d.ts.map +1 -0
package/dist/engine/error_handler.js +69 -0
package/dist/engine/error_handler.js.map +1 -0
package/dist/engine/events.d.ts +93 -0
package/dist/engine/events.d.ts.map +1 -0
package/dist/engine/events.js +71 -0
package/dist/engine/events.js.map +1 -0
package/dist/engine/health.d.ts +112 -0
package/dist/engine/health.d.ts.map +1 -0
package/dist/engine/health.js +190 -0
package/dist/engine/health.js.map +1 -0
package/dist/engine/initializer.d.ts +62 -0
package/dist/engine/initializer.d.ts.map +1 -0
package/dist/engine/initializer.js +108 -0
package/dist/engine/initializer.js.map +1 -0
package/dist/engine/queue_manager.d.ts +87 -0
package/dist/engine/queue_manager.d.ts.map +1 -0
package/dist/engine/queue_manager.js +196 -0
package/dist/engine/queue_manager.js.map +1 -0
package/dist/engine/scheduler.d.ts +30 -0
package/dist/engine/scheduler.d.ts.map +1 -0
package/dist/engine/scheduler.js +378 -0
package/dist/engine/scheduler.js.map +1 -0
package/dist/engine/upload_processor.d.ts +36 -0
package/dist/engine/upload_processor.d.ts.map +1 -0
package/dist/engine/upload_processor.js +113 -0
package/dist/engine/upload_processor.js.map +1 -0
package/dist/env/env.d.ts +134 -0
package/dist/env/env.d.ts.map +1 -0
package/dist/env/env.js +177 -0
package/dist/env/env.js.map +1 -0
package/dist/errors/index.d.ts +94 -0
package/dist/errors/index.d.ts.map +1 -0
package/dist/errors/index.js +149 -0
package/dist/errors/index.js.map +1 -0
package/dist/index.d.ts +55 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +65 -0
package/dist/index.js.map +1 -0
package/dist/openapi/generator.d.ts +93 -0
package/dist/openapi/generator.d.ts.map +1 -0
package/dist/openapi/generator.js +293 -0
package/dist/openapi/generator.js.map +1 -0
package/dist/openapi/index.d.ts +9 -0
package/dist/openapi/index.d.ts.map +1 -0
package/dist/openapi/index.js +9 -0
package/dist/openapi/index.js.map +1 -0
package/dist/openapi/types.d.ts +182 -0
package/dist/openapi/types.d.ts.map +1 -0
package/dist/openapi/types.js +16 -0
package/dist/openapi/types.js.map +1 -0
package/dist/storage/adapters/local_storage_service.d.ts +57 -0
package/dist/storage/adapters/local_storage_service.d.ts.map +1 -0
package/dist/storage/adapters/local_storage_service.js +132 -0
package/dist/storage/adapters/local_storage_service.js.map +1 -0
package/dist/storage/adapters/ovh_storage_service.d.ts +72 -0
package/dist/storage/adapters/ovh_storage_service.d.ts.map +1 -0
package/dist/storage/adapters/ovh_storage_service.js +205 -0
package/dist/storage/adapters/ovh_storage_service.js.map +1 -0
package/dist/storage/storage_factory.d.ts +14 -0
package/dist/storage/storage_factory.d.ts.map +1 -0
package/dist/storage/storage_factory.js +43 -0
package/dist/storage/storage_factory.js.map +1 -0
package/dist/storage/storage_service.d.ts +163 -0
package/dist/storage/storage_service.d.ts.map +1 -0
package/dist/storage/storage_service.js +58 -0
package/dist/storage/storage_service.js.map +1 -0
package/dist/types/data_record.d.ts +123 -0
package/dist/types/data_record.d.ts.map +1 -0
package/dist/types/data_record.js +8 -0
package/dist/types/data_record.js.map +1 -0
package/dist/utils/graceful_shutdown.d.ts +44 -0
package/dist/utils/graceful_shutdown.d.ts.map +1 -0
package/dist/utils/graceful_shutdown.js +79 -0
package/dist/utils/graceful_shutdown.js.map +1 -0
package/dist/utils/http_responses.d.ts +175 -0
package/dist/utils/http_responses.d.ts.map +1 -0
package/dist/utils/http_responses.js +216 -0
package/dist/utils/http_responses.js.map +1 -0
package/dist/utils/index.d.ts +8 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +6 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +74 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +92 -0
package/dist/utils/logger.js.map +1 -0
package/dist/utils/map_to_data_record.d.ts +10 -0
package/dist/utils/map_to_data_record.d.ts.map +1 -0
package/dist/utils/map_to_data_record.js +36 -0
package/dist/utils/map_to_data_record.js.map +1 -0
package/dist/utils/safe_async.d.ts +50 -0
package/dist/utils/safe_async.d.ts.map +1 -0
package/dist/utils/safe_async.js +90 -0
package/dist/utils/safe_async.js.map +1 -0
package/dist/utils/servable_endpoint.d.ts +63 -0
package/dist/utils/servable_endpoint.d.ts.map +1 -0
package/dist/utils/servable_endpoint.js +67 -0
package/dist/utils/servable_endpoint.js.map +1 -0
package/dist/utils/zip_utils.d.ts +66 -0
package/dist/utils/zip_utils.d.ts.map +1 -0
package/dist/utils/zip_utils.js +169 -0
package/dist/utils/zip_utils.js.map +1 -0
package/dist/validation/index.d.ts +3 -0
package/dist/validation/index.d.ts.map +1 -0
package/dist/validation/index.js +7 -0
package/dist/validation/index.js.map +1 -0
package/dist/validation/schemas.d.ts +273 -0
package/dist/validation/schemas.d.ts.map +1 -0
package/dist/validation/schemas.js +82 -0
package/dist/validation/schemas.js.map +1 -0
package/dist/validation/validate.d.ts +49 -0
package/dist/validation/validate.d.ts.map +1 -0
package/dist/validation/validate.js +110 -0
package/dist/validation/validate.js.map +1 -0
package/package.json +23 -13

package/dist/auth/providers/jwt_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,91 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import type { AuthProvider, AuthRequest, AuthProviderConfig } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export declare class JwtAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config: AuthProviderConfig);
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req: AuthRequest): boolean;
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req: AuthRequest): boolean;
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req: AuthRequest): string | null;
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req: AuthRequest): string[];
+}
+//# sourceMappingURL=jwt_auth_provider.d.ts.map

package/dist/auth/providers/jwt_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAA;AACxF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAgB,YAAW,YAAY;;IAShD;;;;;OAKG;gBACS,MAAM,EAAE,kBAAkB;IAwBtC;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAuBxD;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAIvC;;;;;OAKG;IACH,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAKlC;;;;;OAKG;IACH,SAAS,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAK1C;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,EAAE;CAkE3C"}

package/dist/auth/providers/jwt_auth_provider.js ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import jwt from 'jsonwebtoken';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export class JwtAuthProvider {
+    #secret;
+    #algorithm;
+    #issuer;
+    #audience;
+    #userIdClaim;
+    #rolesClaim;
+    #adminRoleName;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config) {
+        if (!config.jwt) {
+            throw new Error('JWT configuration required for JWT auth mode');
+        }
+        const { jwt: jwtConfig } = config;
+        // Secret or public key
+        if (jwtConfig.publicKey) {
+            this.#secret = jwtConfig.publicKey;
+        }
+        else if (jwtConfig.secret) {
+            this.#secret = jwtConfig.secret;
+        }
+        else {
+            throw new Error('JWT secret or publicKey required');
+        }
+        this.#algorithm = jwtConfig.algorithm || 'HS256';
+        this.#issuer = jwtConfig.issuer;
+        this.#audience = jwtConfig.audience;
+        this.#userIdClaim = jwtConfig.userIdClaim || 'sub';
+        this.#rolesClaim = jwtConfig.rolesClaim || 'roles';
+        this.#adminRoleName = config.adminRoleName || 'admin';
+    }
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req) {
+        const token = this.#extractToken(req);
+        if (!token)
+            return null;
+        try {
+            const decoded = jwt.verify(token, this.#secret, {
+                algorithms: [this.#algorithm],
+                issuer: this.#issuer,
+                audience: this.#audience
+            });
+            const userId = this.#extractClaim(decoded, this.#userIdClaim);
+            if (!userId || typeof userId !== 'string')
+                return null;
+            const roles = this.#extractRoles(decoded);
+            return { id: userId, roles };
+        }
+        catch {
+            // Token invalid or expired
+            return null;
+        }
+    }
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req) {
+        return !!this.#extractToken(req);
+    }
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req) {
+        const user = this.parseRequest(req);
+        return user?.roles.includes(this.#adminRoleName) ?? false;
+    }
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req) {
+        const user = this.parseRequest(req);
+        return user?.id ?? null;
+    }
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req) {
+        const user = this.parseRequest(req);
+        return user?.roles ?? [];
+    }
+    /**
+     * Extract the Bearer token from the Authorization header.
+     */
+    #extractToken(req) {
+        const authHeader = this.#getHeader(req.headers, 'authorization');
+        if (!authHeader)
+            return null;
+        // Format: "Bearer <token>"
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2 || parts[0].toLowerCase() !== 'bearer') {
+            return null;
+        }
+        return parts[1];
+    }
+    /**
+     * Extract a claim value from the token payload.
+     * Supports nested paths like "realm_access.roles".
+     */
+    #extractClaim(payload, path) {
+        const parts = path.split('.');
+        let current = payload;
+        for (const part of parts) {
+            if (current === null || current === undefined)
+                return undefined;
+            if (typeof current !== 'object')
+                return undefined;
+            current = current[part];
+        }
+        return current;
+    }
+    /**
+     * Extract roles from the token payload.
+     * Supports standard array format and Keycloak's realm_access.roles.
+     */
+    #extractRoles(payload) {
+        // Try configured roles claim first
+        const roles = this.#extractClaim(payload, this.#rolesClaim);
+        if (Array.isArray(roles)) {
+            return roles.filter((r) => typeof r === 'string');
+        }
+        // Fallback to Keycloak format
+        const realmAccess = payload.realm_access;
+        if (realmAccess?.roles && Array.isArray(realmAccess.roles)) {
+            return realmAccess.roles;
+        }
+        return [];
+    }
+    /**
+     * Get a header value as a string.
+     */
+    #getHeader(headers, name) {
+        const value = headers[name];
+        if (!value)
+            return null;
+        return Array.isArray(value) ? value[0] : value;
+    }
+}
+//# sourceMappingURL=jwt_auth_provider.js.map

package/dist/auth/providers/jwt_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAA;AAI9B;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,OAAO,eAAe;IACf,OAAO,CAAiB;IACxB,UAAU,CAAe;IACzB,OAAO,CAAS;IAChB,SAAS,CAAS;IAClB,YAAY,CAAQ;IACpB,WAAW,CAAQ;IACnB,cAAc,CAAQ;IAE/B;;;;;OAKG;IACH,YAAY,MAA0B;QAClC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;QACnE,CAAC;QAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;QAEjC,uBAAuB;QACvB,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,SAAS,CAAA;QACtC,CAAC;aAAM,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QACnC,CAAC;aAAM,CAAC;YACJ,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,CAAC,UAAU,GAAI,SAAS,CAAC,SAA2B,IAAI,OAAO,CAAA;QACnE,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAA;QACnC,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,WAAW,IAAI,KAAK,CAAA;QAClD,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC,UAAU,IAAI,OAAO,CAAA;QAClD,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,IAAI,OAAO,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE;gBAC5C,UAAU,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;gBAC7B,MAAM,EAAE,IAAI,CAAC,OAAO;gBACpB,QAAQ,EAAE,IAAI,CAAC,SAAS;aAC3B,CAA4B,CAAA;YAE7B,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC7D,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAA;YAEtD,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAEzC,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;QAChC,CAAC;QAAC,MAAM,CAAC;YACL,2BAA2B;YAC3B,OAAO,IAAI,CAAA;QACf,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACH,OAAO,CAAC,GAAgB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,KAAK,CAAA;IAC7D,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,GAAgB;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,EAAE,IAAI,IAAI,CAAA;IAC3B,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;IAC5B,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,GAAgB;QAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAA;QAChE,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAA;QAE5B,2BAA2B;QAC3B,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC,EAAE,IAAY;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,OAAO,GAAY,OAAO,CAAA;QAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,KAAK,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC/D,IAAI,OAAO,OAAO,KAAK,QAAQ;gBAAE,OAAO,SAAS,CAAA;YACjD,OAAO,GAAI,OAAmC,CAAC,IAAI,CAAC,CAAA;QACxD,CAAC;QAED,OAAO,OAAO,CAAA;IAClB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC;QAC1C,mCAAmC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;QAC3D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAA;QAClE,CAAC;QAED,8BAA8B;QAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,YAAgD,CAAA;QAC5E,IAAI,WAAW,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACzD,OAAO,WAAW,CAAC,KAAK,CAAA;QAC5B,CAAC;QAED,OAAO,EAAE,CAAA;IACb,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,OAAsD,EAAE,IAAY;QAC3E,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QACvB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAClD,CAAC;CACJ"}

package/dist/auth/providers/no_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+import type { AuthProvider, AuthRequest } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export declare class NoAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId?: string, anonymousRoles?: string[]);
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req: AuthRequest): boolean;
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req: AuthRequest): boolean;
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req: AuthRequest): string | null;
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req: AuthRequest): string[];
+}
+//# sourceMappingURL=no_auth_provider.d.ts.map

package/dist/auth/providers/no_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,cAAe,YAAW,YAAY;;IAI/C;;;;;OAKG;gBACS,eAAe,SAAc,EAAE,cAAc,GAAE,MAAM,EAAkB;IAKnF;;;;OAIG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAOzD;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAIxC;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAInC;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAI3C;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,EAAE;CAG5C"}

package/dist/auth/providers/no_auth_provider.js ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export class NoAuthProvider {
+    #anonymousUserId;
+    #anonymousRoles;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId = 'anonymous', anonymousRoles = ['anonymous']) {
+        this.#anonymousUserId = anonymousUserId;
+        this.#anonymousRoles = anonymousRoles;
+    }
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req) {
+        return {
+            id: this.#anonymousUserId,
+            roles: this.#anonymousRoles
+        };
+    }
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req) {
+        return true;
+    }
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req) {
+        return false;
+    }
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req) {
+        return this.#anonymousUserId;
+    }
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req) {
+        return this.#anonymousRoles;
+    }
+}
+//# sourceMappingURL=no_auth_provider.js.map

package/dist/auth/providers/no_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,cAAc;IACd,gBAAgB,CAAQ;IACxB,eAAe,CAAU;IAElC;;;;;OAKG;IACH,YAAY,eAAe,GAAG,WAAW,EAAE,iBAA2B,CAAC,WAAW,CAAC;QAC/E,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACvC,IAAI,CAAC,eAAe,GAAG,cAAc,CAAA;IACzC,CAAC;IAED;;;;OAIG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO;YACH,EAAE,EAAE,IAAI,CAAC,gBAAgB;YACzB,KAAK,EAAE,IAAI,CAAC,eAAe;SAC9B,CAAA;IACL,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAA;IACf,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAiB;QACrB,OAAO,KAAK,CAAA;IAChB,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,IAAiB;QACvB,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAChC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAC,eAAe,CAAA;IAC/B,CAAC;CACJ"}

package/dist/auth/types.d.ts ADDED Viewed

@@ -0,0 +1,100 @@
+/**
+ * User information extracted from Keycloak JWT via Apache APISIX headers.
+ *
+ * This interface represents the authenticated user data parsed from APISIX
+ * headers after Keycloak authentication. APISIX forwards these headers:
+ * - `x-user-id`: The Keycloak user UUID
+ * - `x-user-roles`: Comma-separated list of user roles
+ *
+ * @example
+ * ```typescript
+ * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
+ * if (authUser) {
+ *   console.log(`User ${authUser.id} has roles: ${authUser.roles.join(', ')}`)
+ * }
+ * ```
+ */
+export interface AuthenticatedUser {
+    /** User ID from Keycloak (x-user-id header) - UUID format */
+    id: string;
+    /** User roles from Keycloak (x-user-roles header, parsed from comma-separated string) */
+    roles: string[];
+}
+/**
+ * User record stored in the database.
+ *
+ * Represents a user stored in the normalized user management system.
+ * Users are created automatically when they first access the system
+ * after being authenticated by Keycloak via APISIX.
+ *
+ * @example
+ * ```typescript
+ * const userService = new UserService(database)
+ * const userRecord = await userService.findOrCreateUser(authenticatedUser)
+ * console.log(`User ${userRecord.keycloak_id} has ${userRecord.roles.length} roles`)
+ * ```
+ */
+export interface UserRecord {
+    /** Primary key (auto-increment) */
+    id?: number;
+    /** Keycloak user ID (UUID, unique across system) */
+    keycloak_id: string;
+    /** User roles (populated from user_roles junction table) */
+    roles: string[];
+    /** First time the user was seen in the system */
+    created_at: Date;
+    /** Last time the user's roles were updated */
+    updated_at: Date;
+}
+/**
+ * Authentication context passed to handlers.
+ *
+ * Contains both the raw authentication data from APISIX headers
+ * and the corresponding database user record. Used internally
+ * by components that need full user context.
+ *
+ * @example
+ * ```typescript
+ * const authContext: AuthContext = {
+ *   user: authUser,
+ *   userRecord: await userService.findOrCreateUser(authUser)
+ * }
+ * ```
+ */
+export interface AuthContext {
+    /** Authenticated user information from APISIX headers */
+    user: AuthenticatedUser;
+    /** Database user record with full role information */
+    userRecord: UserRecord;
+}
+/**
+ * Request object extended with authentication context.
+ *
+ * Represents an HTTP request that has been augmented with
+ * authentication information. Used by handlers that need
+ * access to both request data and user context.
+ *
+ * @example
+ * ```typescript
+ * async function handleRequest(req: AuthenticatedRequest) {
+ *   if (req.auth) {
+ *     console.log(`Request from user: ${req.auth.user.id}`)
+ *   }
+ * }
+ * ```
+ */
+export interface AuthenticatedRequest {
+    /** Original Express request object */
+    originalRequest: any;
+    /** Authentication context (undefined if not authenticated) */
+    auth?: AuthContext;
+    /** Request headers (including APISIX authentication headers) */
+    headers: Record<string, string>;
+    /** URL parameters */
+    params?: Record<string, string>;
+    /** Request body */
+    body?: any;
+    /** File upload (for multipart requests with assets) */
+    file?: any;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/auth/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AACH,MAAM,WAAW,iBAAiB;IAC9B,6DAA6D;IAC7D,EAAE,EAAE,MAAM,CAAA;IACV,yFAAyF;IACzF,KAAK,EAAE,MAAM,EAAE,CAAA;CAClB;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,WAAW,UAAU;IACvB,mCAAmC;IACnC,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,oDAAoD;IACpD,WAAW,EAAE,MAAM,CAAA;IACnB,4DAA4D;IAC5D,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,iDAAiD;IACjD,UAAU,EAAE,IAAI,CAAA;IAChB,8CAA8C;IAC9C,UAAU,EAAE,IAAI,CAAA;CACnB;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,WAAW,WAAW;IACxB,yDAAyD;IACzD,IAAI,EAAE,iBAAiB,CAAA;IACvB,sDAAsD;IACtD,UAAU,EAAE,UAAU,CAAA;CACzB;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,WAAW,oBAAoB;IACjC,sCAAsC;IACtC,eAAe,EAAE,GAAG,CAAA;IACpB,8DAA8D;IAC9D,IAAI,CAAC,EAAE,WAAW,CAAA;IAClB,gEAAgE;IAChE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC/B,qBAAqB;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAC/B,mBAAmB;IACnB,IAAI,CAAC,EAAE,GAAG,CAAA;IACV,uDAAuD;IACvD,IAAI,CAAC,EAAE,GAAG,CAAA;CACb"}

package/dist/auth/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=types.js.map

package/dist/auth/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/auth/types.ts"],"names":[],"mappings":""}

package/dist/auth/user_service.d.ts ADDED Viewed

@@ -0,0 +1,86 @@
+import type { DatabaseAdapter } from '../database/database_adapter.js';
+import type { AuthenticatedUser, UserRecord } from './types.js';
+/**
+ * Service for managing users in the Digital Twin framework.
+ *
+ * This service handles the complete user lifecycle in a Digital Twin application
+ * with Keycloak authentication via Apache APISIX. It manages a normalized database
+ * schema with three tables:
+ *
+ * - `users`: Core user records linked to Keycloak IDs
+ * - `roles`: Master list of available roles
+ * - `user_roles`: Many-to-many relationship between users and roles
+ *
+ * Key features:
+ * - Automatic user creation on first authentication
+ * - Role synchronization with Keycloak
+ * - Optimized queries with proper indexing
+ * - Transaction-safe role updates
+ *
+ * @example
+ * ```typescript
+ * // Initialize in your Digital Twin engine
+ * const userService = new UserService(databaseAdapter)
+ * await userService.initializeTables()
+ *
+ * // Use in AssetsManager handlers
+ * const authUser = ApisixAuthParser.parseAuthHeaders(req.headers)
+ * const userRecord = await userService.findOrCreateUser(authUser!)
+ *
+ * // Link assets to users
+ * await this.uploadAsset({
+ *   description: 'My file',
+ *   source: 'upload',
+ *   owner_id: userRecord.id!.toString(),
+ *   filename: 'document.pdf',
+ *   file: buffer
+ * })
+ * ```
+ */
+export declare class UserService {
+    private db;
+    private readonly usersTable;
+    private readonly rolesTable;
+    private readonly userRolesTable;
+    constructor(db: DatabaseAdapter);
+    /**
+     * Ensures all user-related tables exist in the database
+     */
+    initializeTables(): Promise<void>;
+    /**
+     * Finds or creates a user and synchronizes their roles.
+     *
+     * When authentication is disabled, returns a mock user record
+     * without touching the database.
+     */
+    findOrCreateUser(authUser: AuthenticatedUser): Promise<UserRecord>;
+    /**
+     * Gets a user by their database ID
+     */
+    getUserById(id: number): Promise<UserRecord | undefined>;
+    /**
+     * Gets a user by their Keycloak ID with roles
+     */
+    getUserByKeycloakId(keycloakId: string): Promise<UserRecord | undefined>;
+    /**
+     * Gets the underlying Knex instance from the database adapter
+     */
+    private getKnex;
+    /**
+     * Finds a user by their Keycloak ID
+     */
+    private findUserByKeycloakId;
+    /**
+     * Creates a new user record
+     */
+    private createUser;
+    /**
+     * Synchronizes user roles with what's provided by Keycloak
+     */
+    private syncUserRoles;
+    /**
+     * Gets a user with their roles populated
+     */
+    private getUserWithRoles;
+}
+//# sourceMappingURL=user_service.d.ts.map

package/dist/auth/user_service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user_service.d.ts","sourceRoot":"","sources":["../../src/auth/user_service.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAA;AACtE,OAAO,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAI/D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoCG;AACH,qBAAa,WAAW;IACpB,OAAO,CAAC,EAAE,CAAiB;IAC3B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;IACrC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAU;IACrC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAe;gBAElC,EAAE,EAAE,eAAe;IAI/B;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAkDvC;;;;;OAKG;IACG,gBAAgB,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC;IA8BxE;;OAEG;IACG,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;IAI9D;;OAEG;IACG,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;IAY9E;;OAEG;IACH,OAAO,CAAC,OAAO;IAOf;;OAEG;YACW,oBAAoB;IAgBlC;;OAEG;YACW,UAAU;IAuBxB;;OAEG;YACW,aAAa;IAoC3B;;OAEG;YACW,gBAAgB;CAqCjC"}