npm - digitaltwin-core - Versions diffs - 0.14.3 → 1.0.1 - Mend

digitaltwin-core 0.14.3 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (159) hide show

package/README.md +218 -1
package/dist/auth/apisix_parser.d.ts +56 -56
package/dist/auth/apisix_parser.d.ts.map +1 -1
package/dist/auth/apisix_parser.js +72 -86
package/dist/auth/apisix_parser.js.map +1 -1
package/dist/auth/auth_provider.d.ts +118 -0
package/dist/auth/auth_provider.d.ts.map +1 -0
package/dist/auth/auth_provider.js +8 -0
package/dist/auth/auth_provider.js.map +1 -0
package/dist/auth/auth_provider_factory.d.ts +91 -0
package/dist/auth/auth_provider_factory.d.ts.map +1 -0
package/dist/auth/auth_provider_factory.js +146 -0
package/dist/auth/auth_provider_factory.js.map +1 -0
package/dist/auth/index.d.ts +4 -1
package/dist/auth/index.d.ts.map +1 -1
package/dist/auth/index.js +3 -0
package/dist/auth/index.js.map +1 -1
package/dist/auth/providers/gateway_auth_provider.d.ts +78 -0
package/dist/auth/providers/gateway_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/gateway_auth_provider.js +109 -0
package/dist/auth/providers/gateway_auth_provider.js.map +1 -0
package/dist/auth/providers/index.d.ts +4 -0
package/dist/auth/providers/index.d.ts.map +1 -0
package/dist/auth/providers/index.js +4 -0
package/dist/auth/providers/index.js.map +1 -0
package/dist/auth/providers/jwt_auth_provider.d.ts +91 -0
package/dist/auth/providers/jwt_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/jwt_auth_provider.js +204 -0
package/dist/auth/providers/jwt_auth_provider.js.map +1 -0
package/dist/auth/providers/no_auth_provider.d.ts +61 -0
package/dist/auth/providers/no_auth_provider.d.ts.map +1 -0
package/dist/auth/providers/no_auth_provider.js +76 -0
package/dist/auth/providers/no_auth_provider.js.map +1 -0
package/dist/auth/types.d.ts +5 -3
package/dist/auth/types.d.ts.map +1 -1
package/dist/components/assets_manager.d.ts +1 -1
package/dist/components/assets_manager.d.ts.map +1 -1
package/dist/components/assets_manager.js +54 -48
package/dist/components/assets_manager.js.map +1 -1
package/dist/components/collector.d.ts.map +1 -1
package/dist/components/collector.js +30 -18
package/dist/components/collector.js.map +1 -1
package/dist/components/custom_table_manager.d.ts.map +1 -1
package/dist/components/custom_table_manager.js +36 -65
package/dist/components/custom_table_manager.js.map +1 -1
package/dist/components/global_assets_handler.d.ts +4 -2
package/dist/components/global_assets_handler.d.ts.map +1 -1
package/dist/components/global_assets_handler.js.map +1 -1
package/dist/components/harvester.d.ts.map +1 -1
package/dist/components/harvester.js +46 -33
package/dist/components/harvester.js.map +1 -1
package/dist/components/interfaces.d.ts +3 -2
package/dist/components/interfaces.d.ts.map +1 -1
package/dist/components/map_manager.d.ts.map +1 -1
package/dist/components/map_manager.js.map +1 -1
package/dist/components/tileset_manager.d.ts +2 -1
package/dist/components/tileset_manager.d.ts.map +1 -1
package/dist/components/tileset_manager.js +20 -15
package/dist/components/tileset_manager.js.map +1 -1
package/dist/database/adapters/knex_database_adapter.d.ts +6 -1
package/dist/database/adapters/knex_database_adapter.d.ts.map +1 -1
package/dist/database/adapters/knex_database_adapter.js +118 -36
package/dist/database/adapters/knex_database_adapter.js.map +1 -1
package/dist/database/database_adapter.d.ts +13 -1
package/dist/database/database_adapter.d.ts.map +1 -1
package/dist/database/database_adapter.js.map +1 -1
package/dist/engine/component_types.d.ts +95 -0
package/dist/engine/component_types.d.ts.map +1 -0
package/dist/engine/component_types.js +93 -0
package/dist/engine/component_types.js.map +1 -0
package/dist/engine/digital_twin_engine.d.ts +121 -6
package/dist/engine/digital_twin_engine.d.ts.map +1 -1
package/dist/engine/digital_twin_engine.js +402 -74
package/dist/engine/digital_twin_engine.js.map +1 -1
package/dist/engine/endpoints.d.ts.map +1 -1
package/dist/engine/endpoints.js +35 -3
package/dist/engine/endpoints.js.map +1 -1
package/dist/engine/error_handler.d.ts +20 -0
package/dist/engine/error_handler.d.ts.map +1 -0
package/dist/engine/error_handler.js +69 -0
package/dist/engine/error_handler.js.map +1 -0
package/dist/engine/events.d.ts +1 -1
package/dist/engine/events.d.ts.map +1 -1
package/dist/engine/events.js.map +1 -1
package/dist/engine/health.d.ts +112 -0
package/dist/engine/health.d.ts.map +1 -0
package/dist/engine/health.js +190 -0
package/dist/engine/health.js.map +1 -0
package/dist/engine/initializer.d.ts.map +1 -1
package/dist/engine/initializer.js +6 -4
package/dist/engine/initializer.js.map +1 -1
package/dist/engine/scheduler.d.ts.map +1 -1
package/dist/engine/scheduler.js +17 -9
package/dist/engine/scheduler.js.map +1 -1
package/dist/engine/upload_processor.d.ts.map +1 -1
package/dist/engine/upload_processor.js +24 -12
package/dist/engine/upload_processor.js.map +1 -1
package/dist/errors/index.d.ts +94 -0
package/dist/errors/index.d.ts.map +1 -0
package/dist/errors/index.js +149 -0
package/dist/errors/index.js.map +1 -0
package/dist/index.d.ts +9 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +13 -0
package/dist/index.js.map +1 -1
package/dist/loader/component_loader.d.ts +128 -0
package/dist/loader/component_loader.d.ts.map +1 -0
package/dist/loader/component_loader.js +330 -0
package/dist/loader/component_loader.js.map +1 -0
package/dist/loader/index.d.ts +19 -0
package/dist/loader/index.d.ts.map +1 -0
package/dist/loader/index.js +19 -0
package/dist/loader/index.js.map +1 -0
package/dist/storage/adapters/local_storage_service.d.ts +6 -0
package/dist/storage/adapters/local_storage_service.d.ts.map +1 -1
package/dist/storage/adapters/local_storage_service.js +26 -4
package/dist/storage/adapters/local_storage_service.js.map +1 -1
package/dist/storage/adapters/ovh_storage_service.d.ts.map +1 -1
package/dist/storage/adapters/ovh_storage_service.js +5 -6
package/dist/storage/adapters/ovh_storage_service.js.map +1 -1
package/dist/storage/storage_factory.d.ts.map +1 -1
package/dist/storage/storage_factory.js +4 -1
package/dist/storage/storage_factory.js.map +1 -1
package/dist/storage/storage_service.d.ts.map +1 -1
package/dist/storage/storage_service.js +6 -2
package/dist/storage/storage_service.js.map +1 -1
package/dist/types/http.d.ts +156 -0
package/dist/types/http.d.ts.map +1 -0
package/dist/types/http.js +8 -0
package/dist/types/http.js.map +1 -0
package/dist/utils/graceful_shutdown.d.ts +44 -0
package/dist/utils/graceful_shutdown.d.ts.map +1 -0
package/dist/utils/graceful_shutdown.js +79 -0
package/dist/utils/graceful_shutdown.js.map +1 -0
package/dist/utils/http_responses.d.ts +20 -0
package/dist/utils/http_responses.d.ts.map +1 -1
package/dist/utils/http_responses.js +28 -2
package/dist/utils/http_responses.js.map +1 -1
package/dist/utils/logger.d.ts +8 -8
package/dist/utils/logger.d.ts.map +1 -1
package/dist/utils/logger.js +8 -8
package/dist/utils/logger.js.map +1 -1
package/dist/utils/safe_async.d.ts +50 -0
package/dist/utils/safe_async.d.ts.map +1 -0
package/dist/utils/safe_async.js +90 -0
package/dist/utils/safe_async.js.map +1 -0
package/dist/validation/index.d.ts +3 -0
package/dist/validation/index.d.ts.map +1 -0
package/dist/validation/index.js +7 -0
package/dist/validation/index.js.map +1 -0
package/dist/validation/schemas.d.ts +273 -0
package/dist/validation/schemas.d.ts.map +1 -0
package/dist/validation/schemas.js +82 -0
package/dist/validation/schemas.js.map +1 -0
package/dist/validation/validate.d.ts +49 -0
package/dist/validation/validate.d.ts.map +1 -0
package/dist/validation/validate.js +110 -0
package/dist/validation/validate.js.map +1 -0
package/package.json +14 -8

package/dist/auth/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"~~AAAA~~,OAAO,EAAE,~~gBAAgB~~,EAAE,MAAM,oBAAoB,CAAA;~~AACrD~~,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AAE3F,0BAA0B;AAC1B,OAAO,EAAE,gBAAgB,EAAoB,MAAM,oBAAoB,CAAA;AACvE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA"}

package/dist/auth/providers/gateway_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,78 @@
+/**
+ * @fileoverview Gateway authentication provider for API Gateway authentication.
+ *
+ * This provider parses authentication information from HTTP headers set by an API gateway
+ * (such as Apache APISIX or KrakenD) after validating JWT tokens with an identity provider.
+ *
+ * Expected headers:
+ * - `x-user-id`: User identifier (UUID from Keycloak)
+ * - `x-user-roles`: Comma-separated list of user roles
+ */
+import type { AuthProvider, AuthRequest } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider for API Gateway authentication.
+ *
+ * This is the default authentication mode for Digital Twin applications deployed
+ * behind an API gateway like Apache APISIX or KrakenD.
+ *
+ * @example
+ * ```typescript
+ * const provider = new GatewayAuthProvider('admin')
+ *
+ * // In a handler
+ * const user = provider.parseRequest(req)
+ * if (!user) {
+ *     return { status: 401, content: 'Authentication required' }
+ * }
+ *
+ * if (provider.isAdmin(req)) {
+ *     // Admin-only logic
+ * }
+ * ```
+ */
+export declare class GatewayAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new GatewayAuthProvider.
+     *
+     * @param adminRoleName - Name of the admin role (default: 'admin')
+     */
+    constructor(adminRoleName?: string);
+    /**
+     * Parse the request headers and return the authenticated user.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if x-user-id header is missing
+     */
+    parseRequest(req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Check if the request has the x-user-id header.
+     *
+     * @param req - Request object with headers
+     * @returns true if x-user-id header is present
+     */
+    hasValidAuth(req: AuthRequest): boolean;
+    /**
+     * Check if the user has the admin role.
+     *
+     * @param req - Request object with headers
+     * @returns true if x-user-roles contains the admin role
+     */
+    isAdmin(req: AuthRequest): boolean;
+    /**
+     * Get the user ID from the x-user-id header.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if header is missing
+     */
+    getUserId(req: AuthRequest): string | null;
+    /**
+     * Get the user roles from the x-user-roles header.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if header is missing
+     */
+    getUserRoles(req: AuthRequest): string[];
+}
+//# sourceMappingURL=gateway_auth_provider.d.ts.map

package/dist/auth/providers/gateway_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"gateway_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/gateway_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,qBAAa,mBAAoB,YAAW,YAAY;;IAGpD;;;;OAIG;gBACS,aAAa,SAAU;IAInC;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IASxD;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAIvC;;;;;OAKG;IACH,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAKlC;;;;;OAKG;IACH,SAAS,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAI1C;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,EAAE;CAkB3C"}

package/dist/auth/providers/gateway_auth_provider.js ADDED Viewed

@@ -0,0 +1,109 @@
+/**
+ * @fileoverview Gateway authentication provider for API Gateway authentication.
+ *
+ * This provider parses authentication information from HTTP headers set by an API gateway
+ * (such as Apache APISIX or KrakenD) after validating JWT tokens with an identity provider.
+ *
+ * Expected headers:
+ * - `x-user-id`: User identifier (UUID from Keycloak)
+ * - `x-user-roles`: Comma-separated list of user roles
+ */
+/**
+ * Authentication provider for API Gateway authentication.
+ *
+ * This is the default authentication mode for Digital Twin applications deployed
+ * behind an API gateway like Apache APISIX or KrakenD.
+ *
+ * @example
+ * ```typescript
+ * const provider = new GatewayAuthProvider('admin')
+ *
+ * // In a handler
+ * const user = provider.parseRequest(req)
+ * if (!user) {
+ *     return { status: 401, content: 'Authentication required' }
+ * }
+ *
+ * if (provider.isAdmin(req)) {
+ *     // Admin-only logic
+ * }
+ * ```
+ */
+export class GatewayAuthProvider {
+    #adminRoleName;
+    /**
+     * Creates a new GatewayAuthProvider.
+     *
+     * @param adminRoleName - Name of the admin role (default: 'admin')
+     */
+    constructor(adminRoleName = 'admin') {
+        this.#adminRoleName = adminRoleName;
+    }
+    /**
+     * Parse the request headers and return the authenticated user.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if x-user-id header is missing
+     */
+    parseRequest(req) {
+        const userId = this.#getHeader(req.headers, 'x-user-id');
+        if (!userId)
+            return null;
+        const roles = this.getUserRoles(req);
+        return { id: userId, roles };
+    }
+    /**
+     * Check if the request has the x-user-id header.
+     *
+     * @param req - Request object with headers
+     * @returns true if x-user-id header is present
+     */
+    hasValidAuth(req) {
+        return !!this.#getHeader(req.headers, 'x-user-id');
+    }
+    /**
+     * Check if the user has the admin role.
+     *
+     * @param req - Request object with headers
+     * @returns true if x-user-roles contains the admin role
+     */
+    isAdmin(req) {
+        const roles = this.getUserRoles(req);
+        return roles.includes(this.#adminRoleName);
+    }
+    /**
+     * Get the user ID from the x-user-id header.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if header is missing
+     */
+    getUserId(req) {
+        return this.#getHeader(req.headers, 'x-user-id');
+    }
+    /**
+     * Get the user roles from the x-user-roles header.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if header is missing
+     */
+    getUserRoles(req) {
+        const rolesHeader = this.#getHeader(req.headers, 'x-user-roles');
+        if (!rolesHeader)
+            return [];
+        return rolesHeader
+            .split(',')
+            .map(r => r.trim())
+            .filter(Boolean);
+    }
+    /**
+     * Get a header value as a string.
+     * Handles both string and string[] header values.
+     */
+    #getHeader(headers, name) {
+        const value = headers[name];
+        if (!value)
+            return null;
+        return Array.isArray(value) ? value[0] : value;
+    }
+}
+//# sourceMappingURL=gateway_auth_provider.js.map

package/dist/auth/providers/gateway_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"gateway_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/gateway_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,OAAO,mBAAmB;IACnB,cAAc,CAAQ;IAE/B;;;;OAIG;IACH,YAAY,aAAa,GAAG,OAAO;QAC/B,IAAI,CAAC,cAAc,GAAG,aAAa,CAAA;IACvC,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;QACxD,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QAExB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QAEpC,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;IAChC,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IACtD,CAAC;IAED;;;;;OAKG;IACH,OAAO,CAAC,GAAgB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACpC,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC9C,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,GAAgB;QACtB,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;IACpD,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,CAAC,CAAA;QAChE,IAAI,CAAC,WAAW;YAAE,OAAO,EAAE,CAAA;QAC3B,OAAO,WAAW;aACb,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aAClB,MAAM,CAAC,OAAO,CAAC,CAAA;IACxB,CAAC;IAED;;;OAGG;IACH,UAAU,CAAC,OAAsD,EAAE,IAAY;QAC3E,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QACvB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAClD,CAAC;CACJ"}

package/dist/auth/providers/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export { GatewayAuthProvider } from './gateway_auth_provider.js';
+export { JwtAuthProvider } from './jwt_auth_provider.js';
+export { NoAuthProvider } from './no_auth_provider.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/providers/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA"}

package/dist/auth/providers/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+export { GatewayAuthProvider } from './gateway_auth_provider.js';
+export { JwtAuthProvider } from './jwt_auth_provider.js';
+export { NoAuthProvider } from './no_auth_provider.js';
+//# sourceMappingURL=index.js.map

package/dist/auth/providers/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/providers/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAA;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAA"}

package/dist/auth/providers/jwt_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,91 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import type { AuthProvider, AuthRequest, AuthProviderConfig } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export declare class JwtAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config: AuthProviderConfig);
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req: AuthRequest): boolean;
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req: AuthRequest): boolean;
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req: AuthRequest): string | null;
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req: AuthRequest): string[];
+}
+//# sourceMappingURL=jwt_auth_provider.d.ts.map

package/dist/auth/providers/jwt_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAA;AACxF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,eAAgB,YAAW,YAAY;;IAShD;;;;;OAKG;gBACS,MAAM,EAAE,kBAAkB;IAwBtC;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAuBxD;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAIvC;;;;;OAKG;IACH,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO;IAKlC;;;;;OAKG;IACH,SAAS,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAK1C;;;;;OAKG;IACH,YAAY,CAAC,GAAG,EAAE,WAAW,GAAG,MAAM,EAAE;CAkE3C"}

package/dist/auth/providers/jwt_auth_provider.js ADDED Viewed

@@ -0,0 +1,204 @@
+/**
+ * @fileoverview JWT authentication provider for direct token validation.
+ *
+ * This provider validates JWT tokens from the Authorization header without
+ * requiring an API gateway. Useful for standalone deployments or when you
+ * want to handle authentication directly in the application.
+ *
+ * Supports:
+ * - HMAC algorithms (HS256, HS384, HS512) with a secret key
+ * - RSA algorithms (RS256, RS384, RS512) with a public key
+ * - EC algorithms (ES256, ES384, ES512) with a public key
+ * - Keycloak token format (realm_access.roles)
+ * - Custom claim paths for user ID and roles
+ */
+import jwt from 'jsonwebtoken';
+/**
+ * Authentication provider for JWT token validation.
+ *
+ * This provider validates JWT tokens directly in the application, without
+ * requiring an API gateway. It extracts user information from token claims.
+ *
+ * @example
+ * ```typescript
+ * // With HMAC secret
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         secret: 'your-256-bit-secret',
+ *         algorithm: 'HS256'
+ *     }
+ * })
+ *
+ * // With RSA public key (Keycloak)
+ * const provider = new JwtAuthProvider({
+ *     mode: 'jwt',
+ *     jwt: {
+ *         publicKey: fs.readFileSync('public.pem', 'utf-8'),
+ *         algorithm: 'RS256',
+ *         issuer: 'https://keycloak.example.com/realms/myrealm',
+ *         rolesClaim: 'realm_access.roles'
+ *     }
+ * })
+ * ```
+ */
+export class JwtAuthProvider {
+    #secret;
+    #algorithm;
+    #issuer;
+    #audience;
+    #userIdClaim;
+    #rolesClaim;
+    #adminRoleName;
+    /**
+     * Creates a new JwtAuthProvider.
+     *
+     * @param config - Authentication configuration with JWT settings
+     * @throws Error if JWT configuration is missing or incomplete
+     */
+    constructor(config) {
+        if (!config.jwt) {
+            throw new Error('JWT configuration required for JWT auth mode');
+        }
+        const { jwt: jwtConfig } = config;
+        // Secret or public key
+        if (jwtConfig.publicKey) {
+            this.#secret = jwtConfig.publicKey;
+        }
+        else if (jwtConfig.secret) {
+            this.#secret = jwtConfig.secret;
+        }
+        else {
+            throw new Error('JWT secret or publicKey required');
+        }
+        this.#algorithm = jwtConfig.algorithm || 'HS256';
+        this.#issuer = jwtConfig.issuer;
+        this.#audience = jwtConfig.audience;
+        this.#userIdClaim = jwtConfig.userIdClaim || 'sub';
+        this.#rolesClaim = jwtConfig.rolesClaim || 'roles';
+        this.#adminRoleName = config.adminRoleName || 'admin';
+    }
+    /**
+     * Parse the request and validate the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Authenticated user, or null if token is missing/invalid
+     */
+    parseRequest(req) {
+        const token = this.#extractToken(req);
+        if (!token)
+            return null;
+        try {
+            const decoded = jwt.verify(token, this.#secret, {
+                algorithms: [this.#algorithm],
+                issuer: this.#issuer,
+                audience: this.#audience
+            });
+            const userId = this.#extractClaim(decoded, this.#userIdClaim);
+            if (!userId || typeof userId !== 'string')
+                return null;
+            const roles = this.#extractRoles(decoded);
+            return { id: userId, roles };
+        }
+        catch {
+            // Token invalid or expired
+            return null;
+        }
+    }
+    /**
+     * Check if the request has a valid Authorization header with Bearer token.
+     *
+     * @param req - Request object with headers
+     * @returns true if Authorization header is present with Bearer scheme
+     */
+    hasValidAuth(req) {
+        return !!this.#extractToken(req);
+    }
+    /**
+     * Check if the authenticated user has admin privileges.
+     *
+     * @param req - Request object with headers
+     * @returns true if the user has the admin role
+     */
+    isAdmin(req) {
+        const user = this.parseRequest(req);
+        return user?.roles.includes(this.#adminRoleName) ?? false;
+    }
+    /**
+     * Get the user ID from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns User ID, or null if not authenticated
+     */
+    getUserId(req) {
+        const user = this.parseRequest(req);
+        return user?.id ?? null;
+    }
+    /**
+     * Get the user roles from the JWT token.
+     *
+     * @param req - Request object with headers
+     * @returns Array of role names, empty array if not authenticated
+     */
+    getUserRoles(req) {
+        const user = this.parseRequest(req);
+        return user?.roles ?? [];
+    }
+    /**
+     * Extract the Bearer token from the Authorization header.
+     */
+    #extractToken(req) {
+        const authHeader = this.#getHeader(req.headers, 'authorization');
+        if (!authHeader)
+            return null;
+        // Format: "Bearer <token>"
+        const parts = authHeader.split(' ');
+        if (parts.length !== 2 || parts[0].toLowerCase() !== 'bearer') {
+            return null;
+        }
+        return parts[1];
+    }
+    /**
+     * Extract a claim value from the token payload.
+     * Supports nested paths like "realm_access.roles".
+     */
+    #extractClaim(payload, path) {
+        const parts = path.split('.');
+        let current = payload;
+        for (const part of parts) {
+            if (current === null || current === undefined)
+                return undefined;
+            if (typeof current !== 'object')
+                return undefined;
+            current = current[part];
+        }
+        return current;
+    }
+    /**
+     * Extract roles from the token payload.
+     * Supports standard array format and Keycloak's realm_access.roles.
+     */
+    #extractRoles(payload) {
+        // Try configured roles claim first
+        const roles = this.#extractClaim(payload, this.#rolesClaim);
+        if (Array.isArray(roles)) {
+            return roles.filter((r) => typeof r === 'string');
+        }
+        // Fallback to Keycloak format
+        const realmAccess = payload.realm_access;
+        if (realmAccess?.roles && Array.isArray(realmAccess.roles)) {
+            return realmAccess.roles;
+        }
+        return [];
+    }
+    /**
+     * Get a header value as a string.
+     */
+    #getHeader(headers, name) {
+        const value = headers[name];
+        if (!value)
+            return null;
+        return Array.isArray(value) ? value[0] : value;
+    }
+}
+//# sourceMappingURL=jwt_auth_provider.js.map

package/dist/auth/providers/jwt_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"jwt_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/jwt_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAA;AAI9B;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,OAAO,eAAe;IACf,OAAO,CAAiB;IACxB,UAAU,CAAe;IACzB,OAAO,CAAS;IAChB,SAAS,CAAS;IAClB,YAAY,CAAQ;IACpB,WAAW,CAAQ;IACnB,cAAc,CAAQ;IAE/B;;;;;OAKG;IACH,YAAY,MAA0B;QAClC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAA;QACnE,CAAC;QAED,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;QAEjC,uBAAuB;QACvB,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACtB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,SAAS,CAAA;QACtC,CAAC;aAAM,IAAI,SAAS,CAAC,MAAM,EAAE,CAAC;YAC1B,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QACnC,CAAC;aAAM,CAAC;YACJ,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;QACvD,CAAC;QAED,IAAI,CAAC,UAAU,GAAI,SAAS,CAAC,SAA2B,IAAI,OAAO,CAAA;QACnE,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC,MAAM,CAAA;QAC/B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAA;QACnC,IAAI,CAAC,YAAY,GAAG,SAAS,CAAC,WAAW,IAAI,KAAK,CAAA;QAClD,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC,UAAU,IAAI,OAAO,CAAA;QAClD,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,aAAa,IAAI,OAAO,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;QACrC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QAEvB,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE;gBAC5C,UAAU,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC;gBAC7B,MAAM,EAAE,IAAI,CAAC,OAAO;gBACpB,QAAQ,EAAE,IAAI,CAAC,SAAS;aAC3B,CAA4B,CAAA;YAE7B,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,CAAA;YAC7D,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,OAAO,IAAI,CAAA;YAEtD,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAEzC,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAA;QAChC,CAAC;QAAC,MAAM,CAAC;YACL,2BAA2B;YAC3B,OAAO,IAAI,CAAA;QACf,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,CAAA;IACpC,CAAC;IAED;;;;;OAKG;IACH,OAAO,CAAC,GAAgB;QACpB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,KAAK,CAAA;IAC7D,CAAC;IAED;;;;;OAKG;IACH,SAAS,CAAC,GAAgB;QACtB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,EAAE,IAAI,IAAI,CAAA;IAC3B,CAAC;IAED;;;;;OAKG;IACH,YAAY,CAAC,GAAgB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAA;QACnC,OAAO,IAAI,EAAE,KAAK,IAAI,EAAE,CAAA;IAC5B,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,GAAgB;QAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC,CAAA;QAChE,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAA;QAE5B,2BAA2B;QAC3B,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAA;QACf,CAAC;QAED,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC,EAAE,IAAY;QACxD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC7B,IAAI,OAAO,GAAY,OAAO,CAAA;QAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,KAAK,SAAS;gBAAE,OAAO,SAAS,CAAA;YAC/D,IAAI,OAAO,OAAO,KAAK,QAAQ;gBAAE,OAAO,SAAS,CAAA;YACjD,OAAO,GAAI,OAAmC,CAAC,IAAI,CAAC,CAAA;QACxD,CAAC;QAED,OAAO,OAAO,CAAA;IAClB,CAAC;IAED;;;OAGG;IACH,aAAa,CAAC,OAAgC;QAC1C,mCAAmC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,WAAW,CAAC,CAAA;QAC3D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAA;QAClE,CAAC;QAED,8BAA8B;QAC9B,MAAM,WAAW,GAAG,OAAO,CAAC,YAAgD,CAAA;QAC5E,IAAI,WAAW,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACzD,OAAO,WAAW,CAAC,KAAK,CAAA;QAC5B,CAAC;QAED,OAAO,EAAE,CAAA;IACb,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,OAAsD,EAAE,IAAY;QAC3E,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;QAC3B,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAA;QACvB,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAClD,CAAC;CACJ"}

package/dist/auth/providers/no_auth_provider.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+import type { AuthProvider, AuthRequest } from '../auth_provider.js';
+import type { AuthenticatedUser } from '../types.js';
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export declare class NoAuthProvider implements AuthProvider {
+    #private;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId?: string, anonymousRoles?: string[]);
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req: AuthRequest): AuthenticatedUser | null;
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req: AuthRequest): boolean;
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req: AuthRequest): boolean;
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req: AuthRequest): string | null;
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req: AuthRequest): string[];
+}
+//# sourceMappingURL=no_auth_provider.d.ts.map

package/dist/auth/providers/no_auth_provider.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.d.ts","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAEpD;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,cAAe,YAAW,YAAY;;IAI/C;;;;;OAKG;gBACS,eAAe,SAAc,EAAE,cAAc,GAAE,MAAM,EAAkB;IAKnF;;;;OAIG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,iBAAiB,GAAG,IAAI;IAOzD;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAIxC;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO;IAInC;;OAEG;IACH,SAAS,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI;IAI3C;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,MAAM,EAAE;CAG5C"}

package/dist/auth/providers/no_auth_provider.js ADDED Viewed

@@ -0,0 +1,76 @@
+/**
+ * @fileoverview No-authentication provider for development and testing.
+ *
+ * This provider bypasses all authentication checks and returns a configurable
+ * anonymous user for all requests. Use only in development or testing environments.
+ *
+ * WARNING: Never use this provider in production!
+ */
+/**
+ * Authentication provider that bypasses authentication.
+ *
+ * All requests are treated as authenticated with a configurable anonymous user.
+ * This provider is useful for development and testing when you don't want to
+ * set up authentication infrastructure.
+ *
+ * @example
+ * ```typescript
+ * // Development setup
+ * const provider = new NoAuthProvider('dev-user-123')
+ *
+ * // All requests return the same user
+ * const user = provider.parseRequest(req) // { id: 'dev-user-123', roles: ['user'] }
+ * provider.hasValidAuth(req) // always true
+ * provider.isAdmin(req) // always false
+ * ```
+ */
+export class NoAuthProvider {
+    #anonymousUserId;
+    #anonymousRoles;
+    /**
+     * Creates a new NoAuthProvider.
+     *
+     * @param anonymousUserId - User ID for the anonymous user (default: 'anonymous')
+     * @param anonymousRoles - Roles for the anonymous user (default: ['anonymous'])
+     */
+    constructor(anonymousUserId = 'anonymous', anonymousRoles = ['anonymous']) {
+        this.#anonymousUserId = anonymousUserId;
+        this.#anonymousRoles = anonymousRoles;
+    }
+    /**
+     * Returns the anonymous user for all requests.
+     *
+     * @returns Anonymous user with configured ID and roles
+     */
+    parseRequest(_req) {
+        return {
+            id: this.#anonymousUserId,
+            roles: this.#anonymousRoles
+        };
+    }
+    /**
+     * Always returns true (all requests are "authenticated").
+     */
+    hasValidAuth(_req) {
+        return true;
+    }
+    /**
+     * Always returns false (anonymous user is never admin).
+     */
+    isAdmin(_req) {
+        return false;
+    }
+    /**
+     * Returns the anonymous user ID.
+     */
+    getUserId(_req) {
+        return this.#anonymousUserId;
+    }
+    /**
+     * Returns the anonymous user roles.
+     */
+    getUserRoles(_req) {
+        return this.#anonymousRoles;
+    }
+}
+//# sourceMappingURL=no_auth_provider.js.map

package/dist/auth/providers/no_auth_provider.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"no_auth_provider.js","sourceRoot":"","sources":["../../../src/auth/providers/no_auth_provider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,cAAc;IACd,gBAAgB,CAAQ;IACxB,eAAe,CAAU;IAElC;;;;;OAKG;IACH,YAAY,eAAe,GAAG,WAAW,EAAE,iBAA2B,CAAC,WAAW,CAAC;QAC/E,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACvC,IAAI,CAAC,eAAe,GAAG,cAAc,CAAA;IACzC,CAAC;IAED;;;;OAIG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO;YACH,EAAE,EAAE,IAAI,CAAC,gBAAgB;YACzB,KAAK,EAAE,IAAI,CAAC,eAAe;SAC9B,CAAA;IACL,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAA;IACf,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,IAAiB;QACrB,OAAO,KAAK,CAAA;IAChB,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,IAAiB;QACvB,OAAO,IAAI,CAAC,gBAAgB,CAAA;IAChC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,IAAiB;QAC1B,OAAO,IAAI,CAAC,eAAe,CAAA;IAC/B,CAAC;CACJ"}