UNPKG

cnpmcore

Version:

Private NPM Registry for Enterprise

github.com/cnpm/cnpmcore

cnpm/cnpmcore

88 lines 7.55 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; import dayjs from 'dayjs'; import { AccessLevel, Inject, SingletonProto } from 'egg'; import { ForbiddenError, UnauthorizedError } from 'egg/errors'; import { isEmpty } from 'lodash-es'; import { getScopeAndName } from "../../../app/common/PackageUtil.js"; import { sha512 } from "../../../app/common/UserUtil.js"; import { ModelConvertor } from "../../../app/repository/util/ModelConvertor.js"; import { AbstractService } from "../../common/AbstractService.js"; import { Package as PackageEntity } from "../entity/Package.js"; import { isGranularToken } from "../entity/Token.js"; let TokenService = class TokenService extends AbstractService { async listTokenPackages(token) { if (isGranularToken(token)) { const models = await this.TokenPackage.find({ tokenId: token.tokenId }); const packages = await this.Package.find({ packageId: models.map((m) => m.packageId), }); return packages.map((pkg) => ModelConvertor.convertModelToEntity(pkg, PackageEntity)); } return null; } async checkTokenStatus(token) { // check for expires if (isGranularToken(token) && dayjs(token.expiredAt).isBefore(new Date())) { throw new UnauthorizedError('Token expired'); } token.lastUsedAt = new Date(); this.userRepository.saveToken(token); } async checkGranularTokenAccess(token, fullname) { // check for scope whitelist const [scope, name] = getScopeAndName(fullname); // check for packages whitelist const allowedPackages = await this.listTokenPackages(token); // check for scope & packages access if (isEmpty(allowedPackages) && isEmpty(token.allowedScopes)) { return true; } const existPkgConfig = allowedPackages?.find((pkg) => pkg.scope === scope && pkg.name === name); if (existPkgConfig) { return true; } const existScopeConfig = token.allowedScopes?.find((s) => s === scope); if (existScopeConfig) { return true; } throw new ForbiddenError(`can't access package "${fullname}"`); } async getUserAndToken(authorization) { if (!authorization) return null; const matchs = /^Bearer ([\w.]+?)$/.exec(authorization); if (!matchs) return null; const tokenValue = matchs[1]; const tokenKey = sha512(tokenValue); const authorizedUserAndToken = await this.userRepository.findUserAndTokenByTokenKey(tokenKey); return authorizedUserAndToken; } }; __decorate([ Inject(), __metadata("design:type", Object) ], TokenService.prototype, "TokenPackage", void 0); __decorate([ Inject(), __metadata("design:type", Object) ], TokenService.prototype, "Package", void 0); __decorate([ Inject(), __metadata("design:type", Function) ], TokenService.prototype, "userRepository", void 0); TokenService = __decorate([ SingletonProto({ accessLevel: AccessLevel.PUBLIC, }) ], TokenService); export { TokenService }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiVG9rZW5TZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vYXBwL2NvcmUvc2VydmljZS9Ub2tlblNlcnZpY2UudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7O0FBQUEsT0FBTyxLQUFLLE1BQU0sT0FBTyxDQUFDO0FBQzFCLE9BQU8sRUFBRSxXQUFXLEVBQUUsTUFBTSxFQUFFLGNBQWMsRUFBRSxNQUFNLEtBQUssQ0FBQztBQUMxRCxPQUFPLEVBQUUsY0FBYyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sWUFBWSxDQUFDO0FBQy9ELE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFFcEMsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLG9DQUFvQyxDQUFDO0FBQ3JFLE9BQU8sRUFBRSxNQUFNLEVBQUUsTUFBTSxpQ0FBaUMsQ0FBQztBQUl6RCxPQUFPLEVBQUUsY0FBYyxFQUFFLE1BQU0sZ0RBQWdELENBQUM7QUFDaEYsT0FBTyxFQUFFLGVBQWUsRUFBRSxNQUFNLGlDQUFpQyxDQUFDO0FBQ2xFLE9BQU8sRUFBRSxPQUFPLElBQUksYUFBYSxFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDaEUsT0FBTyxFQUFFLGVBQWUsRUFBYyxNQUFNLG9CQUFvQixDQUFDO0FBSzFELElBQU0sWUFBWSxHQUFsQixNQUFNLFlBQWEsU0FBUSxlQUFlO0lBUXhDLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQyxLQUFZO1FBQ3pDLElBQUksZUFBZSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDM0IsTUFBTSxNQUFNLEdBQUcsTUFBTSxJQUFJLENBQUMsWUFBWSxDQUFDLElBQUksQ0FBQyxFQUFFLE9BQU8sRUFBRSxLQUFLLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQztZQUN4RSxNQUFNLFFBQVEsR0FBRyxNQUFNLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO2dCQUN2QyxTQUFTLEVBQUUsTUFBTSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQzthQUMxQyxDQUFDLENBQUM7WUFDSCxPQUFPLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFHLEVBQUUsRUFBRSxDQUFDLGNBQWMsQ0FBQyxvQkFBb0IsQ0FBQyxHQUFHLEVBQUUsYUFBYSxDQUFDLENBQUMsQ0FBQztRQUN4RixDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBRU0sS0FBSyxDQUFDLGdCQUFnQixDQUFDLEtBQVk7UUFDeEMsb0JBQW9CO1FBQ3BCLElBQUksZUFBZSxDQUFDLEtBQUssQ0FBQyxJQUFJLEtBQUssQ0FBQyxLQUFLLENBQUMsU0FBUyxDQUFDLENBQUMsUUFBUSxDQUFDLElBQUksSUFBSSxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQzFFLE1BQU0sSUFBSSxpQkFBaUIsQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUMvQyxDQUFDO1FBRUQsS0FBSyxDQUFDLFVBQVUsR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDO1FBQzlCLElBQUksQ0FBQyxjQUFjLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQ3ZDLENBQUM7SUFFTSxLQUFLLENBQUMsd0JBQXdCLENBQUMsS0FBWSxFQUFFLFFBQWdCO1FBQ2xFLDRCQUE0QjtRQUM1QixNQUFNLENBQUMsS0FBSyxFQUFFLElBQUksQ0FBQyxHQUFHLGVBQWUsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUNoRCwrQkFBK0I7UUFDL0IsTUFBTSxlQUFlLEdBQUcsTUFBTSxJQUFJLENBQUMsaUJBQWlCLENBQUMsS0FBSyxDQUFDLENBQUM7UUFFNUQsb0NBQW9DO1FBQ3BDLElBQUksT0FBTyxDQUFDLGVBQWUsQ0FBQyxJQUFJLE9BQU8sQ0FBQyxLQUFLLENBQUMsYUFBYSxDQUFDLEVBQUUsQ0FBQztZQUM3RCxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxNQUFNLGNBQWMsR0FBRyxlQUFlLEVBQUUsSUFBSSxDQUFDLENBQUMsR0FBRyxFQUFFLEVBQUUsQ0FBQyxHQUFHLENBQUMsS0FBSyxLQUFLLEtBQUssSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLElBQUksQ0FBQyxDQUFDO1FBQ2hHLElBQUksY0FBYyxFQUFFLENBQUM7WUFDbkIsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDO1FBRUQsTUFBTSxnQkFBZ0IsR0FBRyxLQUFLLENBQUMsYUFBYSxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsQ0FBQyxLQUFLLEtBQUssQ0FBQyxDQUFDO1FBQ3ZFLElBQUksZ0JBQWdCLEVBQUUsQ0FBQztZQUNyQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCxNQUFNLElBQUksY0FBYyxDQUFDLHlCQUF5QixRQUFRLEdBQUcsQ0FBQyxDQUFDO0lBQ2pFLENBQUM7SUFFRCxLQUFLLENBQUMsZUFBZSxDQUFDLGFBQXFCO1FBQ3pDLElBQUksQ0FBQyxhQUFhO1lBQUUsT0FBTyxJQUFJLENBQUM7UUFDaEMsTUFBTSxNQUFNLEdBQUcsb0JBQW9CLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO1FBQ3hELElBQUksQ0FBQyxNQUFNO1lBQUUsT0FBTyxJQUFJLENBQUM7UUFDekIsTUFBTSxVQUFVLEdBQUcsTUFBTSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzdCLE1BQU0sUUFBUSxHQUFHLE1BQU0sQ0FBQyxVQUFVLENBQUMsQ0FBQztRQUNwQyxNQUFNLHNCQUFzQixHQUFHLE1BQU0sSUFBSSxDQUFDLGNBQWMsQ0FBQywwQkFBMEIsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUM5RixPQUFPLHNCQUFzQixDQUFDO0lBQ2hDLENBQUM7Q0FDRixDQUFBO0FBNURrQjtJQURoQixNQUFNLEVBQUU7O2tEQUMrQztBQUV2QztJQURoQixNQUFNLEVBQUU7OzZDQUNxQztBQUU3QjtJQURoQixNQUFNLEVBQUU7O29EQUN1QztBQU5yQyxZQUFZO0lBSHhCLGNBQWMsQ0FBQztRQUNkLFdBQVcsRUFBRSxXQUFXLENBQUMsTUFBTTtLQUNoQyxDQUFDO0dBQ1csWUFBWSxDQThEeEIifQ==