vulcain-corejs/lib/src/security/services/apiKeyService.js

Vulcain micro-service framework

"use strict";
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
    return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
Object.defineProperty(exports, "__esModule", { value: true });
const apiKeyCommand_1 = require("./apiKeyCommand");
const manifest_1 = require("../../globals/manifest");
const dynamicConfiguration_1 = require("../../configurations/dynamicConfiguration");
const system_1 = require("../../globals/system");
const applicationRequestError_1 = require("../../pipeline/errors/applicationRequestError");
const commandFactory_1 = require("../../commands/commandFactory");
// TODO add enableApiKeyAuthentication
//@Injectable(LifeTime.Singleton, DefaultServiceNames.AuthenticationStrategy)
//@Metadata("system", true)      
class ApiKeyService {
    constructor() {
        this.name = "apiKey";
        this.apiKeyServiceName = dynamicConfiguration_1.DynamicConfiguration.getChainedConfigurationProperty("apiKeyServiceName");
        this.apiKeyServiceVersion = dynamicConfiguration_1.DynamicConfiguration.getChainedConfigurationProperty("apiKeyServiceVersion");
        this.enabled = !!this.apiKeyServiceName.value && !!this.apiKeyServiceVersion.value;
        if (this.enabled)
            system_1.Service.log.info(null, () => `using ${this.apiKeyServiceName.value}-${this.apiKeyServiceVersion.value} as ApiKey server`);
    }
    verifyToken(ctx, accessToken, tenant) {
        return __awaiter(this, void 0, void 0, function* () {
            if (!this.enabled)
                return null;
            if (!accessToken) {
                throw new applicationRequestError_1.UnauthorizedRequestError("You must provide a valid token");
            }
            // Can have an unique apikey define in vulcain.config (settings: { apiKey: { token: "", tenant: "", key }}) (for test)
            // with key = Buffer.from(JSON.stringify({name: "...", scopes: ["...", "..."] [, claims: {}, tenant: "", displayName: "", email: ""] }).toString('base64')
            let apiKey = system_1.Service.settings.getSettings("apiKey");
            let userContext;
            if (apiKey && apiKey.token === accessToken && tenant === tenant) {
                userContext = JSON.parse(Buffer.from(apiKey.key, "base64").toString('utf8'));
            }
            else {
                let cmd = commandFactory_1.CommandFactory.createDynamicCommand(ctx, apiKeyCommand_1.ApiKeyVerifyCommand.name);
                userContext = yield cmd.run(this.apiKeyServiceName.value, this.apiKeyServiceVersion.value, { token: accessToken, tenant });
            }
            if (!userContext)
                throw new applicationRequestError_1.UnauthorizedRequestError("Invalid api key");
            userContext.scopes = Array.isArray(userContext.scopes) ? userContext.scopes : [userContext.scopes];
            return userContext;
        });
    }
}
__decorate([
    manifest_1.ConfigurationProperty("apiKeyServiceName", "string"),
    __metadata("design:type", Object)
], ApiKeyService.prototype, "apiKeyServiceName", void 0);
__decorate([
    manifest_1.ConfigurationProperty("apiKeyServiceVersion", "string"),
    __metadata("design:type", Object)
], ApiKeyService.prototype, "apiKeyServiceVersion", void 0);
exports.ApiKeyService = ApiKeyService;
//# sourceMappingURL=apiKeyService.js.map