UNPKG

@brewww/authentication-service

Version:

Authenticator service for Brew projects.

github.com/BrewInteractive/authentication-service-nestjs

BrewInteractive/authentication-service-nestjs

106 lines 5.01 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.TokenService = void 0; const jwt = require("jsonwebtoken"); const common_1 = require("@nestjs/common"); const user_custom_claims_importer_type_1 = require("./concrete/user-custom-claims-importer.type"); const typeorm_1 = require("@nestjs/typeorm"); const typeorm_2 = require("typeorm"); const entities_1 = require("../entities"); const crypto = require("crypto"); const config_1 = require("@nestjs/config"); const error_1 = require("../error"); const lodash = require("lodash"); let TokenService = class TokenService { constructor(refreshTokenRepository, configService) { this.refreshTokenRepository = refreshTokenRepository; this.configService = configService; this.customClaimImporters = []; this.customClaimImporters.push(new user_custom_claims_importer_type_1.UserCustomClaimsImporter()); } async createIdTokenAsync(user, expiresIn = this.configService.get("jwt.expiresIn")) { const customClaims = await this.applyCustomClaimImportersAsync(user); return jwt.sign(customClaims, this.configService.get("jwt.secret"), { algorithm: this.configService.get("jwt.algorithm"), audience: this.configService.get("jwt.audience"), issuer: this.configService.get("jwt.issuer"), expiresIn: expiresIn, }); } async createRefreshTokenAsync(user) { const token = crypto.randomBytes(64).toString("hex"); const refreshTokenResponse = await this.refreshTokenRepository.save({ refreshToken: token, expiresAt: new Date(new Date().getTime() + this.configService.get("refreshToken.expiresIn") * 1000), user, }); return refreshTokenResponse.refreshToken; } async createTokensAsync(user, expiresIn = this.configService.get("jwt.expiresIn")) { const refreshToken = await this.createRefreshTokenAsync(user); const idToken = await this.createIdTokenAsync(user, expiresIn); return { idToken, refreshToken, }; } addCustomClaimImporter(customClaimImporter) { this.customClaimImporters.push(customClaimImporter); } async applyCustomClaimImportersAsync(user) { let mergedCustomClaims = {}; for (const customClaimImporter of this.customClaimImporters) { const customClaims = await customClaimImporter.getCustomClaimsAsync(user); const customClaimsObject = this.transformClaimsToObject(customClaims); mergedCustomClaims = lodash.merge(mergedCustomClaims, customClaimsObject); } return mergedCustomClaims; } transformClaimsToObject(claims) { return claims.reduce((acc, claim) => { acc[claim.name] = claim.value; return acc; }, {}); } async refreshTokensAsync(refreshToken) { const validRefreshToken = await this.getValidRefreshTokenAsync(refreshToken); if (!validRefreshToken) throw new error_1.InvalidRefreshTokenError(); await this.terminateRefreshTokenAsync(refreshToken); return this.createTokensAsync(validRefreshToken.user); } async getValidRefreshTokenAsync(refreshToken) { const refreshTokenEntity = await this.refreshTokenRepository.findOne({ where: [ { refreshToken: refreshToken }, { expiresAt: (0, typeorm_2.MoreThan)(new Date()) }, ], relations: ["user"], }); return refreshTokenEntity || null; } async terminateRefreshTokenAsync(refreshToken) { await this.refreshTokenRepository.update({ refreshToken }, { expiresAt: new Date() }); } }; TokenService = __decorate([ (0, common_1.Injectable)({}), __param(0, (0, typeorm_1.InjectRepository)(entities_1.RefreshToken)), __metadata("design:paramtypes", [typeorm_2.Repository, config_1.ConfigService]) ], TokenService); exports.TokenService = TokenService; //# sourceMappingURL=token.service.js.map