UNPKG

@httpc/kit

Version:

httpc toolbox for building function-based API with minimal code and end-to-end type safety

httpc.dev

giuseppelt/httpc

86 lines (85 loc) 4.03 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; Object.defineProperty(exports, "__esModule", { value: true }); exports.DefaultBearerAuthenticationServiceOptions = exports.BearerAuthenticationService = void 0; const server_1 = require("@httpc/server"); const tsyringe_1 = require("tsyringe"); const di_1 = require("../di"); const logging_1 = require("../logging"); const services_1 = require("../services"); const utils_1 = require("../utils"); const JwtService_1 = require("./JwtService"); const BearerAuthenticationServiceErrors = services_1.ServiceErrorPreset .add("expired", { status: 401 }); let BearerAuthenticationService = class BearerAuthenticationService extends (0, services_1.BaseService)(BearerAuthenticationServiceErrors) { constructor(logger, jwt, options) { //@ts-expect-error super(...arguments); this.jwt = jwt; this.options = options; } async authenticate(token) { if (!this.options.jwtSecret) { this._raiseError("misconfiguration", "No jwtSecret configured"); } const result = this.jwt.validate(token, { secret: this.options.jwtSecret }); if (!result.success) { if (result.error === "expired") { this._raiseError("expired"); } else { this._raiseError("unauthorized"); } } return await this.onDecode(result.payload); } async onDecode(payload) { if (this.options.onDecodePayload) { return await this.options.onDecodePayload(payload); } if (typeof payload.sub !== "string" || !payload.sub) { throw new server_1.UnauthorizedError("Missing auth data (sub claim)"); } const props = Object.fromEntries(Object.entries(payload) .filter(([key]) => !JwtService_1.JWT_CLAIMS.includes(key))); return { id: payload.sub, ...(0, utils_1.cleanNotDefined)(props), }; } }; BearerAuthenticationService = __decorate([ (0, tsyringe_1.singleton)(), (0, di_1.alias)((0, di_1.KEY)("BearerAuthentication")), __param(0, (0, logging_1.logger)()), __param(2, (0, di_1.options)()), __metadata("design:paramtypes", [Object, JwtService_1.JwtService, Object]) ], BearerAuthenticationService); exports.BearerAuthenticationService = BearerAuthenticationService; let DefaultBearerAuthenticationServiceOptions = class DefaultBearerAuthenticationServiceOptions { constructor(jwtSecret, onDecodePayload) { this.jwtSecret = jwtSecret; this.onDecodePayload = onDecodePayload; } }; DefaultBearerAuthenticationServiceOptions = __decorate([ (0, di_1.optionsOf)(BearerAuthenticationService), (0, tsyringe_1.singleton)(), __param(0, (0, di_1.env)("JWT_SECRET")), __param(1, (0, di_1.env)("JWT_DECODE", undefined)), __metadata("design:paramtypes", [String, Function]) ], DefaultBearerAuthenticationServiceOptions); exports.DefaultBearerAuthenticationServiceOptions = DefaultBearerAuthenticationServiceOptions;