feathers-ucan 0.1.39 → 0.1.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/lib/env/version.d.ts +1 -1
  2. package/lib/index.cjs +24 -25
  3. package/lib/index.cjs.map +1 -1
  4. package/lib/index.modern.js +24 -25
  5. package/lib/index.modern.js.map +1 -1
  6. package/lib/index.umd.js +24 -25
  7. package/lib/index.umd.js.map +1 -1
  8. package/package.json +1 -1
package/lib/env/version.d.ts CHANGED
@@ -1 +1 @@
1
- export declare const VERSION = "0.1.39";
1
+ export declare const VERSION = "0.1.40";
package/lib/index.cjs CHANGED
@@ -176,7 +176,18 @@ class UcanStrategy extends authentication.AuthenticationBaseStrategy {
176
176
  skip_hooks: true,
177
177
  admin_pass: true
178
178
  }));
179
- if (entities.total) return entities.data[0]._id;else throw new NotAuthError$1('Could not find login associated with this ucan');
179
+ // Support both paginated and non-paginated service responses
180
+ // - Paginated: { total, limit, skip, data: [...] }
181
+ // - Non-paginated: Array
182
+ let first = undefined;
183
+ if (entities && typeof entities === 'object' && 'data' in entities) {
184
+ var _entities$data;
185
+ first = (_entities$data = entities.data) == null ? void 0 : _entities$data[0];
186
+ } else if (Array.isArray(entities)) {
187
+ first = entities[0];
188
+ }
189
+ if (first && first._id) return first._id;
190
+ throw new NotAuthError$1('Could not find login associated with this ucan');
180
191
  }
181
192
  }
182
193
  async authenticate(authentication, params) {
@@ -660,6 +671,7 @@ const noThrowAuth = async context => {
660
671
  context = symbolUcan._set(context, [config.core_path, config.entity], entity);
661
672
  }
662
673
  try {
674
+ // Must pass explicit strategy per app requirements
663
675
  context = await authentication.authenticate('jwt')(context).catch(() => {
664
676
  return context;
665
677
  });
@@ -672,6 +684,7 @@ const bareAuth = async context => {
672
684
  const config = context.app.get('authentication');
673
685
  const entity = symbolUcan._get(context, ['auth', config.entity]);
674
686
  if (entity) context = symbolUcan._set(context, [config.core_path, config.entity], entity);
687
+ // Must pass explicit strategy per app requirements
675
688
  return authentication.authenticate('jwt')(context);
676
689
  };
677
690
  const verifyOne = async (ucan, options, log) => {
@@ -769,29 +782,15 @@ const verifyAgainstReqs = (reqs, config, options) => {
769
782
  return async context => {
770
783
  var _v3;
771
784
  const log = options == null ? void 0 : options.log;
772
- // Per latest requirement: UCAN is always at context.params[entityKey].ucan
773
- const authCfg = context.app.get('authentication');
774
- const entityKey = (authCfg == null ? void 0 : authCfg.entity) || 'login';
775
- if (log) {
776
- try {
777
- logUcanParams('verifyAgainstReqs:start', context);
778
- } catch {}
779
- }
780
- const rawUcanPrimary = symbolUcan._get(context.params, [entityKey, 'ucan']);
781
- // Fallback: legacy path if primary missing
782
- const rawUcanFallback = rawUcanPrimary || symbolUcan._get(context.params, config == null ? void 0 : config.client_ucan);
783
- // Normalize the client UCAN the same way the caps path does
784
- // This brings the first check up to speed with the working cap_subjects flow.
785
- let ucan = rawUcanFallback;
786
- if (rawUcanFallback) {
787
- try {
788
- // ucanToken will stringify a UCAN object or return the compact form for strings
789
- const maybe = symbolUcan.ucanToken(rawUcanFallback);
790
- if (maybe && typeof maybe === 'string') ucan = maybe;
791
- if (log && rawUcanFallback !== ucan) console.log('Normalized client UCAN via ucanToken()');
792
- } catch (e) {
793
- if (log) console.log('UCAN normalization skipped (ucanToken threw):', e == null ? void 0 : e.message);
794
- }
785
+ const rawUcan = symbolUcan._get(context.params, config.client_ucan);
786
+ let ucan = rawUcan;
787
+ try {
788
+ // ucanToken will stringify a UCAN object or return the compact form for strings
789
+ const maybe = symbolUcan.ucanToken(rawUcan);
790
+ if (maybe && typeof maybe === 'string') ucan = maybe;
791
+ if (log && rawUcan !== ucan) console.log('Normalized client UCAN via ucanToken()');
792
+ } catch (e) {
793
+ if (log) console.log('UCAN normalization skipped (ucanToken threw):', e == null ? void 0 : e.message);
795
794
  }
796
795
  const audience = (options == null ? void 0 : options.audience) || symbolUcan._get(context.params, config.ucan_aud);
797
796
  if (log) console.log('verify against reqs', reqs);
@@ -1109,7 +1108,7 @@ const ucanAuth = (requiredCapabilities, options) => {
1109
1108
  const loginId = typeof existingLogin === 'string' ? existingLogin : existingLogin == null ? void 0 : existingLogin._id;
1110
1109
  const hasLogin = !!(existingLogin && (typeof existingLogin === 'string' || !!loginId));
1111
1110
  // Per requirement: UCAN is always at context.params[entity].ucan
1112
- const existingUcan = symbolUcan._get(context.params, [entity, 'ucan']);
1111
+ const existingUcan = symbolUcan._get(context.params, configuration.client_ucan || 'client_ucan');
1113
1112
  if (options != null && options.log) console.log('ucan auth', 'hasLogin', hasLogin, 'loginId', loginId, 'existingUcan', !!existingUcan, 'core_path', core_path, 'entity', entity, 'core', context.params[core_path], 'params login', context.params.login, 'required capabilities', requiredCapabilities);
1114
1113
  if (options != null && options.log && !hasLogin) {
1115
1114
  try {