@nodearch/keycloak/dist/components/enforcer.service.js

NodeArch Keycloak Wrapper

var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
import axios from 'axios';
import { KeycloakConfig } from './keycloak.config.js';
import queryString from 'query-string';
import { Service } from '@nodearch/core';
let KeycloakEnforcer = class KeycloakEnforcer {
    constructor(keycloakConfig) {
        this.keycloakConfig = keycloakConfig;
    }
    async enforce(permissions, authInfo, responseMode) {
        const payload = {
            grant_type: 'urn:ietf:params:oauth:grant-type:uma-ticket',
            audience: this.keycloakConfig.clientId,
            response_mode: responseMode || 'permissions',
            permission: permissions
        };
        try {
            const result = await axios.post(`${this.keycloakConfig.hostname}/realms/${authInfo.realm}/protocol/openid-connect/token`, queryString.stringify(payload), {
                headers: {
                    Authorization: `Bearer ${authInfo.token}`,
                    'Content-Type': 'application/x-www-form-urlencoded'
                },
            });
            return result.data;
        }
        catch (error) {
            if (error.response) {
                throw new Error(`failed to enforce permissions ${error.response.status}:${JSON.stringify(error.response.data)}`);
            }
            else if (error.request) {
                throw new Error(`failed to enforce permissions ${JSON.stringify(error.request)}`);
            }
            else {
                throw new Error(`failed to enforce permissions ${error.message}`);
            }
        }
    }
};
KeycloakEnforcer = __decorate([
    Service({ export: true }),
    __metadata("design:paramtypes", [KeycloakConfig])
], KeycloakEnforcer);
export { KeycloakEnforcer };
//# sourceMappingURL=enforcer.service.js.map