sentinel-nestjs-core 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/permission/services/key/key.service.d.ts +1 -2
  2. package/dist/permission/services/key/key.service.js +32 -39
  3. package/dist/permission/services/key/key.service.js.map +1 -1
  4. package/package.json +1 -1
package/dist/permission/services/key/key.service.d.ts CHANGED
@@ -3,7 +3,6 @@ export declare class KeyService {
3
3
  private readonly options;
4
4
  private cache;
5
5
  constructor(options: SentinelPermissionOptions);
6
- getPublicKey(kid?: string): Promise<string>;
7
6
  private getLocalPublicKey;
8
- private getRemotePublicKey;
7
+ getPublicKey(kid?: string): Promise<string>;
9
8
  }
package/dist/permission/services/key/key.service.js CHANGED
@@ -18,62 +18,55 @@ Object.defineProperty(exports, "__esModule", { value: true });
18
18
  exports.KeyService = void 0;
19
19
  const common_1 = require("@nestjs/common");
20
20
  const path_1 = __importDefault(require("path"));
21
- const promises_1 = require("fs/promises");
22
21
  const axios_1 = __importDefault(require("axios"));
23
22
  const jwk_to_pem_1 = __importDefault(require("jwk-to-pem"));
23
+ const node_fs_1 = __importDefault(require("node:fs"));
24
24
  let KeyService = class KeyService {
25
25
  constructor(options) {
26
26
  this.options = options;
27
27
  this.cache = new Map();
28
28
  }
29
- async getPublicKey(kid) {
30
- if (this.options.mode === 'local') {
31
- return this.getLocalPublicKey();
32
- }
33
- else if (this.options.mode === 'remote') {
34
- return this.getRemotePublicKey(kid);
35
- }
36
- throw new common_1.InternalServerErrorException('Invalid Sentinel mode');
37
- }
38
29
  async getLocalPublicKey() {
39
- try {
40
- const filePath = path_1.default.resolve(process.cwd(), 'keys/public.pem');
41
- return await (0, promises_1.readFile)(filePath, 'utf-8');
42
- }
43
- catch (_a) {
44
- throw new common_1.InternalServerErrorException('Impossible de lire la clé publique locale');
45
- }
30
+ const jwksPath = path_1.default.join(process.cwd(), 'public', '.well-known', 'jwks.json');
31
+ const jwksRaw = node_fs_1.default.readFileSync(jwksPath, 'utf8');
32
+ return JSON.parse(jwksRaw);
46
33
  }
47
- async getRemotePublicKey(kid) {
34
+ async getPublicKey(kid) {
48
35
  var _a;
36
+ let jwks;
49
37
  if (!this.options.apiSentinel) {
50
- throw new common_1.InternalServerErrorException('apiSentinel non défini pour le mode remote');
38
+ jwks = await this.getLocalPublicKey();
51
39
  }
52
- try {
40
+ else {
53
41
  const url = `${this.options.apiSentinel}/.well-known/jwks.json`;
54
- const { data } = await axios_1.default.get(url, { timeout: 5000 });
55
- if (!((_a = data === null || data === void 0 ? void 0 : data.keys) === null || _a === void 0 ? void 0 : _a.length)) {
56
- throw new Error('Aucune clé trouvée dans le JWKS');
57
- }
58
- const key = kid ? data.keys.find((k) => k.kid === kid) : data.keys[0];
59
- if (!key) {
60
- throw new Error(`Aucune clé correspondant au kid "${kid}"`);
61
- }
62
- if (!key.n || !key.e) {
63
- console.error('Clé JWK invalide:', key);
64
- throw new Error('Clé JWK incomplète (n ou e manquant)');
42
+ try {
43
+ const response = await axios_1.default.get(url, { timeout: 5000 });
44
+ jwks = response.data;
65
45
  }
66
- const pem = (0, jwk_to_pem_1.default)(key);
67
- if (key.kid) {
68
- this.cache.set(key.kid, pem);
69
- setTimeout(() => this.cache.delete(key.kid), 15 * 60 * 1000);
46
+ catch (err) {
47
+ throw new common_1.InternalServerErrorException('Impossible de récupérer le JWKS distant');
70
48
  }
71
- return pem;
72
49
  }
73
- catch (e) {
74
- console.error('Erreur lors du chargement du JWKS :', e.message);
75
- throw new common_1.InternalServerErrorException('Impossible de récupérer la clé distante');
50
+ if (!((_a = jwks === null || jwks === void 0 ? void 0 : jwks.keys) === null || _a === void 0 ? void 0 : _a.length)) {
51
+ throw new Error('Aucune clé trouvée dans le JWKS');
52
+ }
53
+ const key = kid ? jwks.keys.find(k => k.kid === kid) : jwks.keys[0];
54
+ if (!key) {
55
+ throw new Error(`Aucune clé correspondant au kid "${kid}"`);
56
+ }
57
+ if (!key.n || !key.e) {
58
+ throw new Error('Clé JWK incomplète (n ou e manquant)');
59
+ }
60
+ const pem = (0, jwk_to_pem_1.default)({
61
+ kty: 'RSA',
62
+ n: key.n,
63
+ e: key.e,
64
+ });
65
+ if (key.kid) {
66
+ this.cache.set(key.kid, pem);
67
+ setTimeout(() => this.cache.delete(key.kid), 15 * 60 * 1000);
76
68
  }
69
+ return pem;
77
70
  }
78
71
  };
79
72
  exports.KeyService = KeyService;
package/dist/permission/services/key/key.service.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"key.service.js","sourceRoot":"","sources":["../../../../src/permission/services/key/key.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,2CAAkF;AAClF,gDAAwB;AACxB,0CAAuC;AACvC,kDAA0B;AAC1B,4DAA2C;AAKpC,IAAM,UAAU,GAAhB,MAAM,UAAU;IAGrB,YAEE,OAAmD;QAAlC,YAAO,GAAP,OAAO,CAA2B;QAJ7C,UAAK,GAAG,IAAI,GAAG,EAAkB,CAAC;IAKvC,CAAC;IAEJ,KAAK,CAAC,YAAY,CAAC,GAAY;QAC7B,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClC,CAAC;aAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC;QACtC,CAAC;QACD,MAAM,IAAI,qCAA4B,CAAC,uBAAuB,CAAC,CAAC;IAClE,CAAC;IAEO,KAAK,CAAC,iBAAiB;QAC7B,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,cAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,iBAAiB,CAAC,CAAC;YAChE,OAAO,MAAM,IAAA,mBAAQ,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC3C,CAAC;QAAC,WAAM,CAAC;YACP,MAAM,IAAI,qCAA4B,CAAC,2CAA2C,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,GAAY;;QAC3C,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YAC9B,MAAM,IAAI,qCAA4B,CAAC,4CAA4C,CAAC,CAAC;QACvF,CAAC;QAOD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,wBAAwB,CAAC;YAChE,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,eAAK,CAAC,GAAG,CAAqB,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YAE7E,IAAI,CAAC,CAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,0CAAE,MAAM,CAAA,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACrD,CAAC;YAED,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACtE,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,GAAG,CAAC,CAAC;YAC9D,CAAC;YAGD,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACrB,OAAO,CAAC,KAAK,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;gBACxC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAGD,MAAM,GAAG,GAAG,IAAA,oBAAQ,EAAC,GAAqB,CAAC,CAAC;YAG5C,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;gBACZ,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;gBAC7B,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC/D,CAAC;YAED,OAAO,GAAG,CAAC;QACb,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC;YAChE,MAAM,IAAI,qCAA4B,CAAC,yCAAyC,CAAC,CAAC;QACpF,CAAC;IACH,CAAC;CACF,CAAA;AAtEY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,6BAA6B,CAAC,CAAA;;GAJ7B,UAAU,CAsEtB"}
1
+ {"version":3,"file":"key.service.js","sourceRoot":"","sources":["../../../../src/permission/services/key/key.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;AAAA,2CAAkF;AAClF,gDAAwB;AAExB,kDAA0B;AAC1B,4DAA2C;AAG3C,sDAAyB;AAGlB,IAAM,UAAU,GAAhB,MAAM,UAAU;IAGrB,YAEE,OAAmD;QAAlC,YAAO,GAAP,OAAO,CAA2B;QAJ7C,UAAK,GAAG,IAAI,GAAG,EAAkB,CAAC;IAKvC,CAAC;IAEI,KAAK,CAAC,iBAAiB;QAE7B,MAAM,QAAQ,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC;QAGhF,MAAM,OAAO,GAAG,iBAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAClD,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAE7B,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,GAAY;;QAO7B,IAAI,IAAwB,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YAC9B,IAAI,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACxC,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,wBAAwB,CAAC;YAChE,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,eAAK,CAAC,GAAG,CAAqB,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC7E,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YACvB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAElB,MAAM,IAAI,qCAA4B,CAAC,yCAAyC,CAAC,CAAC;YACpF,CAAC;QACH,CAAC;QAGD,IAAI,CAAC,CAAA,MAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,IAAI,0CAAE,MAAM,CAAA,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpE,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,IAAI,KAAK,CAAC,oCAAoC,GAAG,GAAG,CAAC,CAAC;QAC9D,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAErB,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QAGD,MAAM,GAAG,GAAG,IAAA,oBAAQ,EAAC;YACnB,GAAG,EAAE,KAAK;YACV,CAAC,EAAE,GAAG,CAAC,CAAC;YACR,CAAC,EAAE,GAAG,CAAC,CAAC;SACF,CAAC,CAAC;QAGV,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;YACZ,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YAC7B,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC/D,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;CACF,CAAA;AArEY,gCAAU;qBAAV,UAAU;IADtB,IAAA,mBAAU,GAAE;IAKR,WAAA,IAAA,eAAM,EAAC,6BAA6B,CAAC,CAAA;;GAJ7B,UAAU,CAqEtB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "sentinel-nestjs-core",
3
- "version": "0.1.0",
3
+ "version": "0.1.1",
4
4
  "main": "dist/index.js",
5
5
  "types": "dist/index.d.ts",
6
6
  "files": [