vona-module-a-jwt 5.0.9 → 5.0.11

package/dist/.metadata/index.d.ts

@@ -0,0 +1,101 @@
+import type { BeanScopeUtil, TypeModuleConfig } from 'vona';
+import type { TypeEntityOptionsFields } from 'vona-module-a-openapi';
+/** bean: end */
+/** bean: begin */
+import type { BeanJwt } from '../bean/bean.jwt.ts';
+import type { config } from '../config/config.ts';
+import type { IDtoOptionsJwtToken } from '../dto/jwtToken.ts';
+/** dto: end */
+/** dto: begin */
+import type { DtoJwtToken } from '../dto/jwtToken.ts';
+/** service: end */
+/** service: begin */
+import type { ServiceJwtClient } from '../service/jwtClient.ts';
+import type { ServiceJwtExtract } from '../service/jwtExtract.ts';
+/** config: end */
+/** scope: begin */
+import { BeanScopeBase } from 'vona';
+import 'vona';
+/** service: end */
+/** service: begin */
+import 'vona';
+import 'vona';
+import 'vona';
+import 'vona';
+import 'vona';
+/** bean: begin */
+export * from '../bean/bean.jwt.ts';
+declare module 'vona' {
+}
+declare module 'vona-module-a-jwt' {
+    interface BeanJwt {
+    }
+}
+declare module 'vona' {
+    interface IBeanRecordGlobal {
+        jwt: BeanJwt;
+    }
+}
+/** service: end */
+/** config: begin */
+export * from '../config/config.ts';
+declare module 'vona-module-a-web' {
+    interface IDtoRecord {
+        'a-jwt:jwtToken': IDtoOptionsJwtToken;
+    }
+}
+declare module 'vona-module-a-jwt' {
+}
+declare module 'vona-module-a-jwt' {
+    interface IDtoOptionsJwtToken {
+        fields?: TypeEntityOptionsFields<DtoJwtToken, IDtoOptionsJwtToken['fieldsMore']>;
+    }
+}
+/** bean: end */
+/** dto: begin */
+export * from '../dto/jwtToken.ts';
+/** dto: end */
+/** service: begin */
+export * from '../service/jwtClient.ts';
+declare module 'vona-module-a-web' {
+    interface IServiceRecord {
+        'a-jwt:jwtClient': never;
+        'a-jwt:jwtExtract': never;
+    }
+}
+declare module 'vona-module-a-jwt' {
+    interface ServiceJwtClient {
+    }
+    interface ServiceJwtExtract {
+    }
+}
+export interface IModuleService {
+    jwtClient: ServiceJwtClient;
+    jwtExtract: ServiceJwtExtract;
+}
+declare module 'vona' {
+    interface IBeanRecordGeneral {
+        'a-jwt.service.jwtClient': ServiceJwtClient;
+        'a-jwt.service.jwtExtract': ServiceJwtExtract;
+    }
+}
+export * from '../service/jwtExtract.ts';
+export declare class ScopeModuleAJwt extends BeanScopeBase {
+}
+export interface ScopeModuleAJwt {
+    util: BeanScopeUtil;
+    config: TypeModuleConfig<typeof config>;
+    service: IModuleService;
+}
+declare module 'vona' {
+    interface IBeanScopeRecord {
+        'a-jwt': ScopeModuleAJwt;
+    }
+    interface IBeanScopeContainer {
+        jwt: ScopeModuleAJwt;
+    }
+    interface IBeanScopeConfig {
+        'a-jwt': ReturnType<typeof config>;
+    }
+}
+/** scope: end */

package/dist/.metadata/this.d.ts

@@ -0,0 +1,2 @@
+export declare const __ThisModule__ = "a-jwt";
+export { ScopeModuleAJwt as ScopeModule } from './index.ts';

package/dist/bean/bean.jwt.d.ts

@@ -0,0 +1,11 @@
+import type { IJwtClientRecord, IJwtSignOptions, IJwtToken, IPayloadDataBase } from '../types/jwt.ts';
+import { BeanBase } from 'vona';
+import { ServiceJwtClient } from '../service/jwtClient.ts';
+export declare class BeanJwt extends BeanBase {
+    get(clientName?: keyof IJwtClientRecord): ServiceJwtClient;
+    create(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<IJwtToken>;
+    createTemp(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<string>;
+    createOauth(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<string>;
+    createOauthState(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<string>;
+    createOauthCode(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<string>;
+}

package/dist/config/config.d.ts

@@ -0,0 +1,3 @@
+import type { VonaApplication } from 'vona';
+import type { ConfigJwt } from '../types/jwt.ts';
+export declare function config(app: VonaApplication): ConfigJwt;

package/dist/dto/jwtToken.d.ts

@@ -0,0 +1,9 @@
+import type { IDecoratorDtoOptions } from 'vona-module-a-web';
+import type { IJwtToken } from '../types/jwt.ts';
+export interface IDtoOptionsJwtToken extends IDecoratorDtoOptions {
+}
+export declare class DtoJwtToken implements IJwtToken {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+}

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * from './.metadata/index.ts';
+export * from './lib/index.ts';
+export * from './types/index.ts';

package/dist/index.js

@@ -0,0 +1,271 @@
+import { BeanInfo, BeanBase, deepExtend, cast, BeanScopeBase } from 'vona';
+import { Bean, Scope } from 'vona-module-a-bean';
+import ms from 'ms';
+import jwt from 'jsonwebtoken';
+import { Service, Dto } from 'vona-module-a-web';
+import { Api } from 'vona-module-a-openapi';
+
+var _dec$4, _dec2$4, _class$4;
+let ServiceJwtClient = (_dec$4 = Service(), _dec2$4 = BeanInfo({
+  module: "a-jwt"
+}), _dec$4(_class$4 = _dec2$4(_class$4 = class ServiceJwtClient extends BeanBase {
+  constructor(...args) {
+    super(...args);
+    this._jwtInstance = void 0;
+    this._clientName = void 0;
+    this._clientOptions = void 0;
+  }
+  get instance() {
+    return this._jwtInstance;
+  }
+  __init__(clientName) {
+    this._createClient(clientName);
+  }
+  _createClient(clientName) {
+    clientName = clientName || 'access';
+    const configJwt = this.scope.config;
+    const configClient = configJwt.clients[clientName];
+    if (!configClient) throw new Error(`jwt client not found: ${clientName}`);
+    const secret = configJwt.default.secret ?? this.app.config.server.keys[0];
+    this._clientOptions = deepExtend({}, configJwt.default, {
+      secret
+    }, configClient);
+    this._clientName = clientName;
+    this._jwtInstance = jwt;
+  }
+  get fieldClient() {
+    return this.scope.config.field.payload.client;
+  }
+  get fieldPath() {
+    return this.scope.config.field.payload.path;
+  }
+  get fieldData() {
+    return this.scope.config.field.payload.data;
+  }
+  async sign(payloadData, options) {
+    return new Promise((resolve, reject) => {
+      const payload = {
+        [this.fieldClient]: this._clientName,
+        [this.fieldData]: payloadData
+      };
+      if (options?.path) payload[this.fieldPath] = options.path;
+      let signOptions = this._clientOptions.signOptions;
+      if (options?.dev) {
+        signOptions = Object.assign({}, signOptions, {
+          expiresIn: this.scope.config.clients.refresh.signOptions.expiresIn
+        });
+      }
+      if (options?.temp) {
+        signOptions = Object.assign({}, signOptions, {
+          expiresIn: this.scope.config.tempToken.signOptions.expiresIn
+        });
+      }
+      this._jwtInstance.sign(payload, this._clientOptions.secret, signOptions, (err, encoded) => {
+        if (err) return reject(err);
+        resolve(encoded);
+      });
+    });
+  }
+  async verify(token) {
+    if (!token && this._clientName === 'access') token = this.scope.service.jwtExtract.fromAllWays();
+    if (!token) return undefined;
+    return new Promise((resolve, reject) => {
+      this._jwtInstance.verify(token, this._clientOptions.secret, this._clientOptions.signOptions, (err, decoded) => {
+        if (err) return reject(err);
+        const payload = cast(decoded);
+        // check field client
+        if (payload[this.fieldClient] !== this._clientName) return this.app.throw(401);
+        // check field path
+        if (payload[this.fieldPath] && payload[this.fieldPath] !== this.ctx.route.routePathRaw) return this.app.throw(401);
+        // passed
+        resolve(payload[this.fieldData]);
+      });
+    });
+  }
+}) || _class$4) || _class$4);
+
+var _dec$3, _dec2$3, _class$3;
+let BeanJwt = (_dec$3 = Bean(), _dec2$3 = BeanInfo({
+  module: "a-jwt"
+}), _dec$3(_class$3 = _dec2$3(_class$3 = class BeanJwt extends BeanBase {
+  get(clientName) {
+    return this.app.bean._getBeanSelector(ServiceJwtClient, clientName);
+  }
+  async create(payloadData, options) {
+    // accessToken
+    const accessToken = await this.get('access').sign(payloadData, options);
+    // refreshToken
+    const refreshToken = await this.get('refresh').sign(payloadData, options);
+    // expiresIn
+    let expiresIn = this.scope.config.clients.access.signOptions.expiresIn;
+    if (typeof expiresIn === 'string') expiresIn = ms(expiresIn);
+    // ok
+    return {
+      accessToken,
+      refreshToken,
+      expiresIn
+    };
+  }
+  async createTemp(payloadData, options) {
+    return await this.get('access').sign(payloadData, Object.assign({}, options, {
+      temp: true
+    }));
+  }
+  async createOauth(payloadData, options) {
+    return await this.get('oauth').sign(payloadData, options);
+  }
+  async createOauthState(payloadData, options) {
+    return await this.get('oauthstate').sign(payloadData, options);
+  }
+  async createOauthCode(payloadData, options) {
+    return await this.get('code').sign(payloadData, options);
+  }
+}) || _class$3) || _class$3);
+
+function config(app) {
+  return {
+    field: {
+      payload: {
+        client: 'client',
+        path: 'path',
+        data: 'data'
+      },
+      extract: {
+        header: '',
+        headerAuth: 'authorization',
+        headerAuthScheme: 'bearer',
+        query: 'auth_token',
+        cookie: 'token'
+      }
+    },
+    tempToken: {
+      signOptions: {
+        expiresIn: 10 * 60
+      }
+    },
+    default: {
+      secret: undefined,
+      signOptions: {
+        issuer: app.meta.env.APP_NAME
+      }
+    },
+    clients: {
+      access: {
+        signOptions: {
+          expiresIn: 2 * 60 * 60
+        }
+      },
+      refresh: {
+        signOptions: {
+          expiresIn: 7 * 24 * 60 * 60
+        }
+      },
+      oauth: {
+        signOptions: {
+          expiresIn: 5 * 60
+        }
+      },
+      oauthstate: {
+        signOptions: {
+          expiresIn: 5 * 60
+        }
+      },
+      code: {
+        signOptions: {
+          expiresIn: 3 * 60
+        }
+      }
+    }
+  };
+}
+
+function _applyDecoratedDescriptor(i, e, r, n, l) {
+  var a = {};
+  return Object.keys(n).forEach(function (i) {
+    a[i] = n[i];
+  }), a.enumerable = !!a.enumerable, a.configurable = !!a.configurable, ("value" in a || a.initializer) && (a.writable = true), a = r.slice().reverse().reduce(function (r, n) {
+    return n(i, e, r) || r;
+  }, a), void 0 === a.initializer ? (Object.defineProperty(i, e, a), null) : a;
+}
+function _initializerDefineProperty(e, i, r, l) {
+  r && Object.defineProperty(e, i, {
+    enumerable: r.enumerable,
+    configurable: r.configurable,
+    writable: r.writable,
+    value: r.initializer ? r.initializer.call(l) : void 0
+  });
+}
+
+var _dec$2, _dec2$2, _dec3, _dec4, _dec5, _dec6, _dec7, _dec8, _class$2, _class2, _descriptor, _descriptor2, _descriptor3;
+let DtoJwtToken = (_dec$2 = Dto(), _dec2$2 = BeanInfo({
+  module: "a-jwt"
+}), _dec3 = Api.field(), _dec4 = Reflect.metadata("design:type", String), _dec5 = Api.field(), _dec6 = Reflect.metadata("design:type", String), _dec7 = Api.field(), _dec8 = Reflect.metadata("design:type", Number), _dec$2(_class$2 = _dec2$2(_class$2 = (_class2 = class DtoJwtToken {
+  constructor() {
+    _initializerDefineProperty(this, "accessToken", _descriptor, this);
+    _initializerDefineProperty(this, "refreshToken", _descriptor2, this);
+    _initializerDefineProperty(this, "expiresIn", _descriptor3, this);
+  }
+}, _descriptor = _applyDecoratedDescriptor(_class2.prototype, "accessToken", [_dec3, _dec4], {
+  configurable: true,
+  enumerable: true,
+  writable: true,
+  initializer: null
+}), _descriptor2 = _applyDecoratedDescriptor(_class2.prototype, "refreshToken", [_dec5, _dec6], {
+  configurable: true,
+  enumerable: true,
+  writable: true,
+  initializer: null
+}), _descriptor3 = _applyDecoratedDescriptor(_class2.prototype, "expiresIn", [_dec7, _dec8], {
+  configurable: true,
+  enumerable: true,
+  writable: true,
+  initializer: null
+}), _class2)) || _class$2) || _class$2);
+
+const re = /(\S+)\s+(\S+)/;
+function parseAuthHeader(headerValue) {
+  if (typeof headerValue !== 'string') return;
+  const matches = headerValue.match(re);
+  return matches && {
+    scheme: matches[1],
+    value: matches[2]
+  };
+}
+
+var _dec$1, _dec2$1, _class$1;
+let ServiceJwtExtract = (_dec$1 = Service(), _dec2$1 = BeanInfo({
+  module: "a-jwt"
+}), _dec$1(_class$1 = _dec2$1(_class$1 = class ServiceJwtExtract extends BeanBase {
+  fromHeader() {
+    if (!this.scope.config.field.extract.header) return;
+    return this.ctx.request.headers[this.scope.config.field.extract.header];
+  }
+  fromQuery() {
+    return this.ctx.request.query[this.scope.config.field.extract.query];
+  }
+  fromAuthHeaderWithScheme() {
+    const headerValue = this.ctx.request.headers[this.scope.config.field.extract.headerAuth];
+    const auth = parseAuthHeader(headerValue);
+    if (!auth || auth.scheme.toLocaleLowerCase() !== this.scope.config.field.extract.headerAuthScheme.toLocaleLowerCase()) return;
+    return auth.value;
+  }
+  fromCookie() {
+    return this.ctx.cookies.get(this.scope.config.field.extract.cookie);
+  }
+  fromAllWays() {
+    let token = this.fromQuery();
+    if (!token) token = this.fromAuthHeaderWithScheme();
+    if (!token) token = this.fromHeader();
+    if (!token) token = this.fromCookie();
+    return token;
+  }
+}) || _class$1) || _class$1);
+
+var _dec, _dec2, _class;
+let ScopeModuleAJwt = (_dec = Scope(), _dec2 = BeanInfo({
+  module: "a-jwt"
+}), _dec(_class = _dec2(_class = class ScopeModuleAJwt extends BeanScopeBase {}) || _class) || _class);
+
+/** scope: end */
+
+export { BeanJwt, DtoJwtToken, ScopeModuleAJwt, ServiceJwtClient, ServiceJwtExtract, config, parseAuthHeader };

package/dist/lib/authHeader.d.ts

@@ -0,0 +1,4 @@
+export declare function parseAuthHeader(headerValue?: any): {
+    scheme: string;
+    value: string;
+} | null | undefined;

package/dist/lib/index.d.ts

@@ -0,0 +1 @@
+export * from './authHeader.ts';

package/dist/service/jwtClient.d.ts

@@ -0,0 +1,16 @@
+import type { IJwtClientRecord, IJwtSignOptions, IPayloadDataBase } from '../types/jwt.ts';
+import jwt from 'jsonwebtoken';
+import { BeanBase } from 'vona';
+export declare class ServiceJwtClient extends BeanBase {
+    private _jwtInstance;
+    private _clientName;
+    private _clientOptions;
+    get instance(): typeof jwt;
+    protected __init__(clientName?: keyof IJwtClientRecord): void;
+    private _createClient;
+    private get fieldClient();
+    private get fieldPath();
+    private get fieldData();
+    sign(payloadData: IPayloadDataBase, options?: IJwtSignOptions): Promise<string>;
+    verify(token?: string): Promise<IPayloadDataBase | undefined>;
+}

package/dist/service/jwtExtract.d.ts

@@ -0,0 +1,8 @@
+import { BeanBase } from 'vona';
+export declare class ServiceJwtExtract extends BeanBase {
+    fromHeader(): string | undefined;
+    fromQuery(): string;
+    fromAuthHeaderWithScheme(): string | undefined;
+    fromCookie(): string | undefined;
+    fromAllWays(): string | undefined;
+}

package/dist/types/index.d.ts

@@ -0,0 +1 @@
+export * from './jwt.ts';

package/dist/types/jwt.d.ts

@@ -0,0 +1,49 @@
+import type { SignOptions } from 'jsonwebtoken';
+export interface IJwtToken {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+}
+export interface IJwtClientRecord {
+    access: never;
+    refresh: never;
+    oauth: never;
+    oauthstate: never;
+    code: never;
+}
+export interface IJwtSignOptions {
+    path?: string | string[];
+    dev?: boolean;
+    temp?: boolean;
+}
+export interface IJwtClientOptions {
+    secret?: string;
+    signOptions: SignOptions;
+}
+export interface ConfigJwt {
+    field: {
+        payload: {
+            client: string;
+            path: string;
+            data: string;
+        };
+        extract: {
+            header: string;
+            headerAuth: string;
+            headerAuthScheme: string;
+            query: string;
+            cookie: string;
+        };
+    };
+    tempToken: {
+        signOptions: {
+            expiresIn: number;
+        };
+    };
+    default: IJwtClientOptions;
+    clients: Record<keyof IJwtClientRecord, IJwtClientOptions>;
+}
+export interface IPayloadDataBase {
+}
+export interface IJwtPayload {
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "vona-module-a-jwt",
   "type": "module",
-  "version": "5.0.9",
+  "version": "5.0.11",
   "title": "a-jwt",
   "vonaModule": {
     "dependencies": {}
@@ -30,8 +30,12 @@
     "jsonwebtoken": "^9.0.2",
     "ms": "^2.1.3"
   },
+  "devDependencies": {
+    "clean-package": "^2.2.0",
+    "rimraf": "^6.0.1"
+  },
   "scripts": {
-    "clean": "rimraf dist tsconfig.tsbuildinfo",
-    "tsc:publish": "npm run clean && tsc"
+    "clean": "rimraf dist tsconfig.build.tsbuildinfo",
+    "tsc:publish": "npm run clean && vona :bin:buildModule && tsc -p tsconfig.build.json"
   }
 }