will-auth
Version:
authentication and authorization module
408 lines (407 loc) • 20.2 kB
JavaScript
"use strict";
var __extends = (this && this.__extends) || (function () {
var extendStatics = function (d, b) {
extendStatics = Object.setPrototypeOf ||
({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
return extendStatics(d, b);
};
return function (d, b) {
if (typeof b !== "function" && b !== null)
throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
extendStatics(d, b);
function __() { this.constructor = d; }
d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
};
})();
var __assign = (this && this.__assign) || function () {
__assign = Object.assign || function(t) {
for (var s, i = 1, n = arguments.length; i < n; i++) {
s = arguments[i];
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
t[p] = s[p];
}
return t;
};
return __assign.apply(this, arguments);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __generator = (this && this.__generator) || function (thisArg, body) {
var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
function verb(n) { return function (v) { return step([n, v]); }; }
function step(op) {
if (f) throw new TypeError("Generator is already executing.");
while (_) try {
if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
if (y = 0, t) op = [op[0] & 2, t.value];
switch (op[0]) {
case 0: case 1: t = op; break;
case 4: _.label++; return { value: op[1], done: false };
case 5: _.label++; y = op[1]; op = [0]; continue;
case 7: op = _.ops.pop(); _.trys.pop(); continue;
default:
if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
if (t[2]) _.ops.pop();
_.trys.pop(); continue;
}
op = body.call(thisArg, _);
} catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
}
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.BaseHandler = void 0;
var os_1 = __importDefault(require("os"));
var will_db_1 = require("will-db");
var will_sql_1 = require("will-sql");
var will_lib_1 = require("will-lib");
var will_dh_1 = require("will-dh");
var will_api_1 = require("will-api");
var Accessor_1 = require("../models/Accessor");
var VerifyError_1 = require("../models/VerifyError");
var EnvironmentVariable_1 = require("../utils/EnvironmentVariable");
var BaseHandler = /** @class */ (function (_super) {
__extends(BaseHandler, _super);
function BaseHandler(model, settings, accessor) {
var _this = _super.call(this, model, settings) || this;
_this.section = EnvironmentVariable_1.DB_SECTION;
_this.accessor = accessor;
return _this;
}
BaseHandler.prototype.getAccessor = function (conn, useruuid) {
return __awaiter(this, void 0, void 0, function () {
var sql, rs, row, info;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!useruuid) return [3 /*break*/, 2];
sql = new will_sql_1.KnSQL("select tusertoken.useruuid,tusertoken.userid,tusertoken.authtoken,tuserinfo.* ");
sql.append("from tusertoken ");
sql.append("left join tuserinfo on tuserinfo.userid = tusertoken.userid ");
sql.append("where tusertoken.useruuid = ?useruuid ");
sql.set("useruuid", useruuid);
this.logger.info(sql);
return [4 /*yield*/, sql.executeQuery(conn)];
case 1:
rs = _a.sent();
if (rs.rows && rs.rows.length > 0) {
row = rs.rows[0];
info = __assign({}, row);
delete info.useruuid;
delete info.userid;
delete info.authtoken;
return [2 /*return*/, Promise.resolve(new Accessor_1.Accessor(row.useruuid, row.userid, row.authtoken, info))];
}
_a.label = 2;
case 2: return [2 /*return*/, Promise.resolve(undefined)];
}
});
});
};
BaseHandler.prototype.retainAccessor = function (conn, useruuid) {
return __awaiter(this, void 0, void 0, function () {
var _a, ex_1;
return __generator(this, function (_b) {
switch (_b.label) {
case 0:
_b.trys.push([0, 2, , 3]);
_a = this;
return [4 /*yield*/, this.getAccessor(conn, useruuid)];
case 1:
_a.accessor = _b.sent();
return [3 /*break*/, 3];
case 2:
ex_1 = _b.sent();
this.logger.error(ex_1);
return [3 /*break*/, 3];
case 3: return [2 /*return*/];
}
});
});
};
BaseHandler.prototype.getCurrentUser = function () {
return os_1.default.userInfo().username;
};
BaseHandler.prototype.getAuthorizationInfo = function (context) {
if (context) {
if (context.meta.headers && context.meta.headers.authorization) {
return { authorization: context.meta.headers.authorization, client: context.meta.headers.client };
}
if (context.params && context.params.req && context.params.req.headers && context.params.req.headers.authorization) {
return { authorization: context.params.req.headers.authorization, client: context.params.req.headers.client };
}
if (context.options && context.options.parentCtx && context.options.parentCtx.params
&& context.options.parentCtx.params.req && context.options.parentCtx.params.req.headers && context.options.parentCtx.params.req.headers.authorization) {
return { authorization: context.options.parentCtx.params.req.headers.authorization, client: context.options.parentCtx.params.req.headers.client };
}
}
return undefined;
};
BaseHandler.prototype.getTokenKey = function (context) {
var token = undefined;
if (context) {
if (context.meta.headers) {
token = context.meta.headers.authtoken || context.meta.headers.tokenkey;
if (token)
return token;
}
if (context.params && context.params.req) {
token = context.params.req.headers.authtoken || context.params.req.headers.tokenkey;
if (token)
return token;
}
if (context.options && context.options.parentCtx && context.options.parentCtx.params && context.options.parentCtx.params.req) {
token = context.options.parentCtx.params.req.headers.authtoken || context.options.parentCtx.params.req.headers.tokenkey;
if (token)
return token;
}
}
return token;
};
BaseHandler.prototype.getUserTokenInfo = function (context, onlyMeta, db) {
if (onlyMeta === void 0) { onlyMeta = false; }
return __awaiter(this, void 0, void 0, function () {
var result, token;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (context && context.meta) {
if (context.meta.user)
return [2 /*return*/, Promise.resolve(context.meta.user)];
if (context.meta.session && context.meta.session.user) {
return [2 /*return*/, Promise.resolve(context.meta.session.user)];
}
}
result = undefined;
if (!!onlyMeta) return [3 /*break*/, 2];
return [4 /*yield*/, this.getUserTokenInfoByToken(context, db)];
case 1:
result = _a.sent();
_a.label = 2;
case 2:
if (!!result) return [3 /*break*/, 4];
return [4 /*yield*/, this.getAuthenToken(context, false, false)];
case 3:
token = _a.sent();
if (token) {
result = { useruuid: token.identifier, userid: token.accessor, site: token.site };
}
_a.label = 4;
case 4: return [2 /*return*/, Promise.resolve(result)];
}
});
});
};
BaseHandler.prototype.getUserTokenInfoByToken = function (context, db) {
return __awaiter(this, void 0, void 0, function () {
var token, plib, dbc;
return __generator(this, function (_a) {
token = this.getTokenKey(context);
if (token && token != "") {
plib = new will_lib_1.PasswordLibrary();
if (db) {
return [2 /*return*/, plib.getUserTokenInfoByToken(db, token)];
}
dbc = null;
try {
dbc = this.getConnector(this.section);
return [2 /*return*/, plib.getUserTokenInfoByToken(dbc, token)];
}
finally {
if (dbc)
dbc.close();
}
}
return [2 /*return*/, Promise.resolve(undefined)];
});
});
};
BaseHandler.prototype.getUserDiffie = function (userInfo) {
return __awaiter(this, void 0, void 0, function () {
var dh;
return __generator(this, function (_a) {
if (userInfo && userInfo.prime && userInfo.generator && userInfo.publickey && userInfo.privatekey && userInfo.sharedkey && userInfo.otherkey) {
dh = new will_dh_1.DH();
dh.prime = userInfo.prime;
dh.generator = userInfo.generator;
dh.privateKey = userInfo.privatekey;
dh.publicKey = userInfo.publickey;
dh.sharedKey = userInfo.sharedkey;
dh.otherPublicKey = userInfo.otherkey;
return [2 /*return*/, Promise.resolve(dh)];
}
return [2 /*return*/, Promise.resolve(undefined)];
});
});
};
BaseHandler.prototype.getUserDH = function (context) {
return __awaiter(this, void 0, void 0, function () {
var token, dh;
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4 /*yield*/, this.getUserTokenInfo(context)];
case 1:
token = _a.sent();
return [4 /*yield*/, this.getUserDiffie(token)];
case 2:
dh = _a.sent();
return [2 /*return*/, Promise.resolve(dh)];
}
});
});
};
BaseHandler.prototype.getAuthenToken = function (context, verifyTokenKey, verifyIdentifier) {
if (verifyTokenKey === void 0) { verifyTokenKey = true; }
if (verifyIdentifier === void 0) { verifyIdentifier = true; }
return __awaiter(this, void 0, void 0, function () {
var token, atoken;
return __generator(this, function (_a) {
token = this.getTokenKey(context);
if (token != undefined) {
atoken = will_lib_1.AuthenToken.verifyAuthenToken(token, false);
if (verifyIdentifier && (atoken.identifier == undefined)) {
return [2 /*return*/, Promise.reject(new VerifyError_1.VerifyError("Token is invalid", will_api_1.HTTP.UNAUTHORIZED, -16001))];
}
return [2 /*return*/, Promise.resolve(atoken)];
}
if (verifyTokenKey) {
return [2 /*return*/, Promise.reject(new VerifyError_1.VerifyError("Token undefined", will_api_1.HTTP.UNAUTHORIZED, -16002))];
}
return [2 /*return*/, Promise.resolve(undefined)];
});
});
};
BaseHandler.prototype.exposeContext = function (context, includeChiperData) {
if (includeChiperData === void 0) { includeChiperData = true; }
return __awaiter(this, void 0, void 0, function () {
var dh, cipherdata, jsonstr, json;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!this.isCipherData(context)) return [3 /*break*/, 2];
return [4 /*yield*/, this.getUserDH(context)];
case 1:
dh = _a.sent();
if (dh) {
cipherdata = context.params.cipherdata;
if (cipherdata) {
jsonstr = dh.decrypt(cipherdata);
this.logger.debug("exposeContext", jsonstr);
json = JSON.parse(jsonstr);
if (!includeChiperData) {
delete context.params.cipherdata;
}
context.params = __assign(__assign({}, context.params), json);
}
}
_a.label = 2;
case 2: return [2 /*return*/, Promise.resolve(context)];
}
});
});
};
BaseHandler.prototype.isCipherData = function (context) {
var result = "false";
if (context) {
if (context.meta.headers) {
result = context.meta.headers.cipherdata;
}
if (context.params && context.params.req) {
result = context.params.req.headers.cipherdata;
}
if (context.options && context.options.parentCtx && context.options.parentCtx.params && context.options.parentCtx.params.req) {
result = context.options.parentCtx.params.req.headers.cipherdata;
}
}
return result == "true";
};
BaseHandler.prototype.chipherData = function (context, data) {
return __awaiter(this, void 0, void 0, function () {
var dh;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!(data && this.isCipherData(context))) return [3 /*break*/, 2];
return [4 /*yield*/, this.getUserDH(context)];
case 1:
dh = _a.sent();
if (dh) {
return [2 /*return*/, Promise.resolve({ data: dh.encrypt(JSON.stringify(data)) })];
}
_a.label = 2;
case 2: return [2 /*return*/, Promise.resolve(data)];
}
});
});
};
BaseHandler.prototype.validateAuthenToken = function (context) {
return __awaiter(this, void 0, void 0, function () {
var authtoken;
return __generator(this, function (_a) {
switch (_a.label) {
case 0:
if (!EnvironmentVariable_1.VALIDATE_TOKEN)
return [2 /*return*/, Promise.resolve(undefined)];
return [4 /*yield*/, this.getAuthenToken(context, true, true)];
case 1:
authtoken = _a.sent();
return [2 /*return*/, Promise.resolve(authtoken)];
}
});
});
};
BaseHandler.prototype.validateParameters = function (params) {
var args = [];
for (var _i = 1; _i < arguments.length; _i++) {
args[_i - 1] = arguments[_i];
}
if (args && args.length > 0) {
for (var i = 0, isz = args.length; i < isz; i++) {
var name_1 = args[i];
var value = params[name_1];
if (!value || value == "") {
return { valid: false, info: name_1 };
}
}
}
return { valid: true };
};
BaseHandler.prototype.recordNotFound = function () {
return Promise.reject(new VerifyError_1.VerifyError("Record not found", will_api_1.HTTP.NOT_FOUND, -16004));
};
BaseHandler.prototype.notImplementation = function () {
return Promise.reject(new VerifyError_1.VerifyError("Not implemented", will_api_1.HTTP.NOT_IMPLEMENTED, -16005));
};
BaseHandler.prototype.createRecordSet = function (result) {
if (result === void 0) { result = { rows: [], columns: null }; }
var records = 0;
if (result.rows) {
if (Array.isArray(result.rows)) {
records = result.rows.length;
}
else {
if (result.rows.affectedRows) {
records = result.rows.affectedRows;
}
}
}
return { records: records, rows: result.rows, columns: null, offsets: result.offsets };
};
return BaseHandler;
}(will_db_1.KnHandler));
exports.BaseHandler = BaseHandler;