bam-ticketing-sdk/dist/src/credential/impersonate-credentials.js

SDK for B.A.M Ticketing API

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.ImpersonateCredentials = void 0;
const jwt_1 = require("../utils/jwt");
/**
 * Allows for the impersonation scenario to have automatic refreshes of the token.
 * The refreshes are done with the impersonatorToken since we cannot refresh an impersonated token
 */
class ImpersonateCredentials {
    /** Uses the impersonatorJwt to obtain an impersonation token for the impersonatedId */
    constructor(impersonatorJwt, impersonatedId) {
        this.impersonatorJwt = impersonatorJwt;
        this.impersonatedId = impersonatedId;
    }
    getToken() {
        return this.impersonatedJwt;
    }
    getImpersonatorToken() {
        return this.impersonatorJwt;
    }
    authorize(authService, organizer) {
        return __awaiter(this, void 0, void 0, function* () {
            if (organizer) {
                this.impersonatedOrganizer = organizer;
            }
            // If the organizer was requested, the jwt already exists and
            // if the token does not contain the permissions for the required organizer
            if (!this.hasOrganizerInToken(this.impersonatedJwt, organizer) // Fallback until we remove returning all permissions by default
            ) {
                this.impersonatedJwt = yield authService.impersonate({
                    userId: this.impersonatedId,
                    organizerId: this.impersonatedOrganizer,
                }, this.impersonatorJwt);
            }
            return this.impersonatedJwt;
        });
    }
    refreshToken(authService, organizer) {
        return __awaiter(this, void 0, void 0, function* () {
            return this.authorize(authService, organizer);
        });
    }
    hasOrganizerInToken(jwt, organizer) {
        if (!(jwt === null || jwt === void 0 ? void 0 : jwt.token) || !organizer)
            return false;
        const orgsInToken = (0, jwt_1.extractOrganizersFromJwt)(jwt);
        return !!orgsInToken.find((org) => org == organizer);
    }
}
exports.ImpersonateCredentials = ImpersonateCredentials;
//# sourceMappingURL=impersonate-credentials.js.map