lbx-jwt/dist/services/security.spec.enhancer.js

Provides JWT authentication for loopback applications. Includes storing roles inside tokens and handling refreshing. Built-in reuse detection.

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecuritySpecEnhancer = void 0;
const tslib_1 = require("tslib");
const core_1 = require("@loopback/core");
const rest_1 = require("@loopback/rest");
const OPERATION_SECURITY_SPEC = [
    {
        // secure all endpoints with 'jwt'
        jwt: []
    }
];
const SECURITY_SCHEME_SPEC = {
    jwt: {
        type: 'http',
        scheme: 'bearer',
        bearerFormat: 'JWT'
    }
};
/**
 * A spec enhancer to add bearer token OpenAPI security entry to
 * `spec.component.securitySchemes`.
 */
let SecuritySpecEnhancer = class SecuritySpecEnhancer {
    constructor() {
        /**
         * The name of the enhancer.
         */
        this.name = 'bearerAuth';
    }
    /**
     * Modifies the OpenApi specification.
     * @param spec - The modification done to the OpenApi specification.
     * @returns The modified OpenApi specification.
     */
    modifySpec(spec) {
        const patchSpec = {
            components: {
                securitySchemes: SECURITY_SCHEME_SPEC
            },
            security: OPERATION_SECURITY_SPEC
        };
        return (0, rest_1.mergeOpenAPISpec)(spec, patchSpec);
    }
};
exports.SecuritySpecEnhancer = SecuritySpecEnhancer;
exports.SecuritySpecEnhancer = SecuritySpecEnhancer = tslib_1.__decorate([
    (0, core_1.injectable)(rest_1.asSpecEnhancer)
], SecuritySpecEnhancer);
//# sourceMappingURL=security.spec.enhancer.js.map