mirror of
https://github.com/standardnotes/server
synced 2026-02-04 14:01:16 -05:00
Compare commits
17 Commits
@standardn
...
@standardn
| Author | SHA1 | Date | |
|---|---|---|---|
|
4b8a9e448a | ||
|
|
1e4c7d0f31 | ||
|
|
ec75795a02 | ||
|
|
ad26b64b28 | ||
|
|
9e4715ebbd | ||
|
|
cc612296d0 | ||
|
|
1148b3948c | ||
|
|
c7e605fd60 | ||
|
|
4ab32c670e | ||
|
|
2d810568a8 | ||
|
|
b8353aa817 | ||
|
|
7924f63e28 | ||
|
|
b3b617ea0b | ||
|
|
18a5071618 | ||
|
|
fea58029b9 | ||
|
|
e748723209 | ||
|
|
8a47d81936 |
4
.github/workflows/common-e2e.yml
vendored
4
.github/workflows/common-e2e.yml
vendored
@@ -83,6 +83,8 @@ jobs:
|
||||
sed -i "s/AUTH_JWT_SECRET=/AUTH_JWT_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
|
||||
sed -i "s/ENCRYPTION_SERVER_KEY=/ENCRYPTION_SERVER_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
|
||||
sed -i "s/PSEUDO_KEY_PARAMS_KEY=/PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
|
||||
echo "ACCESS_TOKEN_AGE=4" >> packages/home-server/.env
|
||||
echo "REFRESH_TOKEN_AGE=7" >> packages/home-server/.env
|
||||
|
||||
- name: Run Server
|
||||
run: nohup yarn workspace @standardnotes/home-server start &
|
||||
@@ -94,4 +96,4 @@ jobs:
|
||||
|
||||
- name: Run E2E Test Suite
|
||||
continue-on-error: true
|
||||
run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
|
||||
run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html?skip_paid_features=true
|
||||
|
||||
24
.pnp.cjs
generated
24
.pnp.cjs
generated
@@ -4625,6 +4625,8 @@ const RAW_RUNTIME_STATE =
|
||||
["@standardnotes/api-gateway", "workspace:packages/api-gateway"],\
|
||||
["@standardnotes/auth-server", "workspace:packages/auth"],\
|
||||
["@standardnotes/domain-core", "workspace:packages/domain-core"],\
|
||||
["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
|
||||
["@standardnotes/syncing-server", "workspace:packages/syncing-server"],\
|
||||
["@types/cors", "npm:2.8.13"],\
|
||||
["@types/express", "npm:4.17.17"],\
|
||||
["@types/prettyjson", "npm:0.0.30"],\
|
||||
@@ -4712,7 +4714,6 @@ const RAW_RUNTIME_STATE =
|
||||
["@types/cors", "npm:2.8.13"],\
|
||||
["@types/dotenv", "npm:8.2.0"],\
|
||||
["@types/express", "npm:4.17.17"],\
|
||||
["@types/inversify-express-utils", "npm:2.0.0"],\
|
||||
["@types/jest", "npm:29.5.1"],\
|
||||
["@types/newrelic", "npm:9.13.0"],\
|
||||
["@typescript-eslint/eslint-plugin", "virtual:fd909b174d079e30b336c4ce72c38a88c1e447767b1a8dd7655e07719a1e31b97807f0931368724fc78897ff15e6a6d00b83316c0f76d11f85111f342e08bb79#npm:5.59.2"],\
|
||||
@@ -4732,7 +4733,7 @@ const RAW_RUNTIME_STATE =
|
||||
["reflect-metadata", "npm:0.1.13"],\
|
||||
["sqlite3", "virtual:31b5a94a105c89c9294c3d524a7f8929fe63ee5a2efadf21951ca4c0cfd2ecf02e8f4ef5a066bbda091f1e3a56e57c6749069a080618c96b22e51131a330fc4a#npm:5.1.6"],\
|
||||
["ts-jest", "virtual:fd909b174d079e30b336c4ce72c38a88c1e447767b1a8dd7655e07719a1e31b97807f0931368724fc78897ff15e6a6d00b83316c0f76d11f85111f342e08bb79#npm:29.1.0"],\
|
||||
["typeorm", "virtual:365b8c88cdf194291829ee28b79556e2328175d26a621363e703848100bea0042e9500db2a1206c9bbc3a4a76a1d169639ef774b2ea3a1a98584a9936b58c6be#npm:0.3.15"],\
|
||||
["typeorm", "virtual:67ad3a1ca34e24ce4821cc48979e98af0c3e5dd7aabc7ad0b5d22d1d977d6f943f81c9f141a420105ebdc61ef777e508a96c7946081decd98f8c30543d468b33#npm:0.3.15"],\
|
||||
["typescript", "patch:typescript@npm%3A5.0.4#optional!builtin<compat/typescript>::version=5.0.4&hash=b5f058"],\
|
||||
["winston", "npm:3.8.2"]\
|
||||
],\
|
||||
@@ -4896,7 +4897,6 @@ const RAW_RUNTIME_STATE =
|
||||
["@types/cors", "npm:2.8.13"],\
|
||||
["@types/dotenv", "npm:8.2.0"],\
|
||||
["@types/express", "npm:4.17.17"],\
|
||||
["@types/inversify-express-utils", "npm:2.0.0"],\
|
||||
["@types/jest", "npm:29.5.1"],\
|
||||
["@types/jsonwebtoken", "npm:9.0.2"],\
|
||||
["@types/newrelic", "npm:9.13.0"],\
|
||||
@@ -4925,7 +4925,7 @@ const RAW_RUNTIME_STATE =
|
||||
["reflect-metadata", "npm:0.1.13"],\
|
||||
["sqlite3", "virtual:31b5a94a105c89c9294c3d524a7f8929fe63ee5a2efadf21951ca4c0cfd2ecf02e8f4ef5a066bbda091f1e3a56e57c6749069a080618c96b22e51131a330fc4a#npm:5.1.6"],\
|
||||
["ts-jest", "virtual:fd909b174d079e30b336c4ce72c38a88c1e447767b1a8dd7655e07719a1e31b97807f0931368724fc78897ff15e6a6d00b83316c0f76d11f85111f342e08bb79#npm:29.1.0"],\
|
||||
["typeorm", "virtual:365b8c88cdf194291829ee28b79556e2328175d26a621363e703848100bea0042e9500db2a1206c9bbc3a4a76a1d169639ef774b2ea3a1a98584a9936b58c6be#npm:0.3.15"],\
|
||||
["typeorm", "virtual:67ad3a1ca34e24ce4821cc48979e98af0c3e5dd7aabc7ad0b5d22d1d977d6f943f81c9f141a420105ebdc61ef777e508a96c7946081decd98f8c30543d468b33#npm:0.3.15"],\
|
||||
["typescript", "patch:typescript@npm%3A5.0.4#optional!builtin<compat/typescript>::version=5.0.4&hash=b5f058"],\
|
||||
["ua-parser-js", "npm:1.0.35"],\
|
||||
["uuid", "npm:9.0.0"],\
|
||||
@@ -5298,16 +5298,6 @@ const RAW_RUNTIME_STATE =
|
||||
"linkType": "HARD"\
|
||||
}]\
|
||||
]],\
|
||||
["@types/inversify-express-utils", [\
|
||||
["npm:2.0.0", {\
|
||||
"packageLocation": "./.yarn/cache/@types-inversify-express-utils-npm-2.0.0-e78182955d-9841bfddff.zip/node_modules/@types/inversify-express-utils/",\
|
||||
"packageDependencies": [\
|
||||
["@types/inversify-express-utils", "npm:2.0.0"],\
|
||||
["inversify-express-utils", "npm:6.4.3"]\
|
||||
],\
|
||||
"linkType": "HARD"\
|
||||
}]\
|
||||
]],\
|
||||
["@types/ioredis", [\
|
||||
["npm:5.0.0", {\
|
||||
"packageLocation": "./.yarn/cache/@types-ioredis-npm-5.0.0-6efa70abfa-439770c9da.zip/node_modules/@types/ioredis/",\
|
||||
@@ -15176,10 +15166,10 @@ const RAW_RUNTIME_STATE =
|
||||
],\
|
||||
"linkType": "HARD"\
|
||||
}],\
|
||||
["virtual:365b8c88cdf194291829ee28b79556e2328175d26a621363e703848100bea0042e9500db2a1206c9bbc3a4a76a1d169639ef774b2ea3a1a98584a9936b58c6be#npm:0.3.15", {\
|
||||
"packageLocation": "./.yarn/__virtual__/typeorm-virtual-7fe891193c/0/cache/typeorm-npm-0.3.15-20a6c4f754-db890f14cb.zip/node_modules/typeorm/",\
|
||||
["virtual:67ad3a1ca34e24ce4821cc48979e98af0c3e5dd7aabc7ad0b5d22d1d977d6f943f81c9f141a420105ebdc61ef777e508a96c7946081decd98f8c30543d468b33#npm:0.3.15", {\
|
||||
"packageLocation": "./.yarn/__virtual__/typeorm-virtual-91f15b21d5/0/cache/typeorm-npm-0.3.15-20a6c4f754-db890f14cb.zip/node_modules/typeorm/",\
|
||||
"packageDependencies": [\
|
||||
["typeorm", "virtual:365b8c88cdf194291829ee28b79556e2328175d26a621363e703848100bea0042e9500db2a1206c9bbc3a4a76a1d169639ef774b2ea3a1a98584a9936b58c6be#npm:0.3.15"],\
|
||||
["typeorm", "virtual:67ad3a1ca34e24ce4821cc48979e98af0c3e5dd7aabc7ad0b5d22d1d977d6f943f81c9f141a420105ebdc61ef777e508a96c7946081decd98f8c30543d468b33#npm:0.3.15"],\
|
||||
["@google-cloud/spanner", null],\
|
||||
["@sap/hana-client", null],\
|
||||
["@sqltools/formatter", "npm:1.2.5"],\
|
||||
|
||||
Binary file not shown.
@@ -3,6 +3,10 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
## [2.22.4](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.22.3...@standardnotes/analytics@2.22.4) (2023-05-17)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/analytics
|
||||
|
||||
## [2.22.3](https://github.com/standardnotes/server/compare/@standardnotes/analytics@2.22.2...@standardnotes/analytics@2.22.3) (2023-05-16)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/analytics
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/analytics",
|
||||
"version": "2.22.3",
|
||||
"version": "2.22.4",
|
||||
"engines": {
|
||||
"node": ">=18.0.0 <21.0.0"
|
||||
},
|
||||
|
||||
@@ -3,6 +3,35 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
# [1.57.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.2...@standardnotes/api-gateway@1.57.0) (2023-05-25)
|
||||
|
||||
### Features
|
||||
|
||||
* refactor auth middleware to handle required and optional cross service token scenarios ([#612](https://github.com/standardnotes/api-gateway/issues/612)) ([1e4c7d0](https://github.com/standardnotes/api-gateway/commit/1e4c7d0f317d5c2d98065da12ffeb950b10ee5dc))
|
||||
|
||||
## [1.56.2](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.1...@standardnotes/api-gateway@1.56.2) (2023-05-18)
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **api-gateway:** decorating responses for direct call proxy ([4ab32c6](https://github.com/standardnotes/api-gateway/commit/4ab32c670eedcfc64611a191bc25566d43372b23))
|
||||
* **api-gateway:** pkce endpoints resolution for direct code calls ([c7e605f](https://github.com/standardnotes/api-gateway/commit/c7e605fd6046e8476c493658c6feaed365e82e5d))
|
||||
|
||||
## [1.56.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.0...@standardnotes/api-gateway@1.56.1) (2023-05-18)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/api-gateway
|
||||
|
||||
# [1.56.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.55.0...@standardnotes/api-gateway@1.56.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/api-gateway/issues/611)) ([b3b617e](https://github.com/standardnotes/api-gateway/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
|
||||
|
||||
# [1.55.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.54.0...@standardnotes/api-gateway@1.55.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* add direct event handling for home server ([#608](https://github.com/standardnotes/api-gateway/issues/608)) ([8a47d81](https://github.com/standardnotes/api-gateway/commit/8a47d81936acd765224e74fd083810579a83c9a7))
|
||||
|
||||
# [1.54.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.53.1...@standardnotes/api-gateway@1.54.0) (2023-05-16)
|
||||
|
||||
### Features
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/api-gateway",
|
||||
"version": "1.54.0",
|
||||
"version": "1.57.0",
|
||||
"engines": {
|
||||
"node": ">=18.0.0 <21.0.0"
|
||||
},
|
||||
|
||||
@@ -8,7 +8,6 @@ import { Timer, TimerInterface } from '@standardnotes/time'
|
||||
|
||||
import { Env } from './Env'
|
||||
import { TYPES } from './Types'
|
||||
import { AuthMiddleware } from '../Controller/AuthMiddleware'
|
||||
import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
|
||||
import { HttpServiceProxy } from '../Service/Http/HttpServiceProxy'
|
||||
import { SubscriptionTokenAuthMiddleware } from '../Controller/SubscriptionTokenAuthMiddleware'
|
||||
@@ -20,6 +19,8 @@ import { DirectCallServiceProxy } from '../Service/Proxy/DirectCallServiceProxy'
|
||||
import { ServiceContainerInterface } from '@standardnotes/domain-core'
|
||||
import { EndpointResolverInterface } from '../Service/Resolver/EndpointResolverInterface'
|
||||
import { EndpointResolver } from '../Service/Resolver/EndpointResolver'
|
||||
import { RequiredCrossServiceTokenMiddleware } from '../Controller/RequiredCrossServiceTokenMiddleware'
|
||||
import { OptionalCrossServiceTokenMiddleware } from '../Controller/OptionalCrossServiceTokenMiddleware'
|
||||
|
||||
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
||||
const newrelicFormatter = require('@newrelic/winston-enricher')
|
||||
@@ -43,6 +44,7 @@ export class ContainerConfigLoader {
|
||||
level: env.get('LOG_LEVEL') || 'info',
|
||||
format: winston.format.combine(...winstonFormatters),
|
||||
transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
|
||||
defaultMeta: { service: 'api-gateway' },
|
||||
})
|
||||
container.bind<winston.Logger>(TYPES.Logger).toConstantValue(logger)
|
||||
|
||||
@@ -76,7 +78,12 @@ export class ContainerConfigLoader {
|
||||
container.bind(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL).toConstantValue(+env.get('CROSS_SERVICE_TOKEN_CACHE_TTL', true))
|
||||
|
||||
// Middleware
|
||||
container.bind<AuthMiddleware>(TYPES.AuthMiddleware).to(AuthMiddleware)
|
||||
container
|
||||
.bind<RequiredCrossServiceTokenMiddleware>(TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
.to(RequiredCrossServiceTokenMiddleware)
|
||||
container
|
||||
.bind<OptionalCrossServiceTokenMiddleware>(TYPES.OptionalCrossServiceTokenMiddleware)
|
||||
.to(OptionalCrossServiceTokenMiddleware)
|
||||
container.bind<WebSocketAuthMiddleware>(TYPES.WebSocketAuthMiddleware).to(WebSocketAuthMiddleware)
|
||||
container
|
||||
.bind<SubscriptionTokenAuthMiddleware>(TYPES.SubscriptionTokenAuthMiddleware)
|
||||
@@ -89,7 +96,7 @@ export class ContainerConfigLoader {
|
||||
}
|
||||
container
|
||||
.bind<ServiceProxyInterface>(TYPES.ServiceProxy)
|
||||
.toConstantValue(new DirectCallServiceProxy(serviceContainer))
|
||||
.toConstantValue(new DirectCallServiceProxy(serviceContainer, container.get(TYPES.FILES_SERVER_URL)))
|
||||
} else {
|
||||
container.bind<ServiceProxyInterface>(TYPES.ServiceProxy).to(HttpServiceProxy)
|
||||
}
|
||||
|
||||
@@ -1,28 +1,14 @@
|
||||
import {
|
||||
ControllerContainerInterface,
|
||||
ServiceContainerInterface,
|
||||
ServiceIdentifier,
|
||||
ServiceInterface,
|
||||
} from '@standardnotes/domain-core'
|
||||
import { ServiceContainerInterface, ServiceIdentifier, ServiceInterface } from '@standardnotes/domain-core'
|
||||
|
||||
import { ContainerConfigLoader } from './Container'
|
||||
|
||||
export class Service implements ServiceInterface {
|
||||
constructor(
|
||||
private serviceContainer: ServiceContainerInterface,
|
||||
private controllerContainer: ControllerContainerInterface,
|
||||
) {
|
||||
this.serviceContainer.register(ServiceIdentifier.create(ServiceIdentifier.NAMES.ApiGateway).getValue(), this)
|
||||
constructor(private serviceContainer: ServiceContainerInterface) {
|
||||
this.serviceContainer.register(this.getId(), this)
|
||||
}
|
||||
|
||||
async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
|
||||
const method = this.controllerContainer.get(endpointOrMethodIdentifier)
|
||||
|
||||
if (!method) {
|
||||
throw new Error(`Method ${endpointOrMethodIdentifier} not found`)
|
||||
}
|
||||
|
||||
return method(request, response)
|
||||
async handleRequest(_request: never, _response: never, _endpointOrMethodIdentifier: string): Promise<unknown> {
|
||||
throw new Error('Requests are handled via inversify-express at ApiGateway level')
|
||||
}
|
||||
|
||||
async getContainer(): Promise<unknown> {
|
||||
|
||||
@@ -15,7 +15,8 @@ export const TYPES = {
|
||||
VERSION: Symbol.for('VERSION'),
|
||||
CROSS_SERVICE_TOKEN_CACHE_TTL: Symbol.for('CROSS_SERVICE_TOKEN_CACHE_TTL'),
|
||||
// Middleware
|
||||
AuthMiddleware: Symbol.for('AuthMiddleware'),
|
||||
RequiredCrossServiceTokenMiddleware: Symbol.for('RequiredCrossServiceTokenMiddleware'),
|
||||
OptionalCrossServiceTokenMiddleware: Symbol.for('OptionalCrossServiceTokenMiddleware'),
|
||||
WebSocketAuthMiddleware: Symbol.for('WebSocketAuthMiddleware'),
|
||||
SubscriptionTokenAuthMiddleware: Symbol.for('SubscriptionTokenAuthMiddleware'),
|
||||
// Services
|
||||
|
||||
@@ -2,43 +2,33 @@ import { CrossServiceTokenData } from '@standardnotes/security'
|
||||
import { RoleName } from '@standardnotes/domain-core'
|
||||
import { TimerInterface } from '@standardnotes/time'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import { verify } from 'jsonwebtoken'
|
||||
import { AxiosError, AxiosInstance } from 'axios'
|
||||
import { AxiosError } from 'axios'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import { TYPES } from '../Bootstrap/Types'
|
||||
import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
|
||||
import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
|
||||
|
||||
@injectable()
|
||||
export class AuthMiddleware extends BaseMiddleware {
|
||||
export abstract class AuthMiddleware extends BaseMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.HTTPClient) private httpClient: AxiosInstance,
|
||||
@inject(TYPES.AUTH_SERVER_URL) private authServerUrl: string,
|
||||
@inject(TYPES.AUTH_JWT_SECRET) private jwtSecret: string,
|
||||
@inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) private crossServiceTokenCacheTTL: number,
|
||||
@inject(TYPES.CrossServiceTokenCache) private crossServiceTokenCache: CrossServiceTokenCacheInterface,
|
||||
@inject(TYPES.Timer) private timer: TimerInterface,
|
||||
@inject(TYPES.Logger) private logger: Logger,
|
||||
private serviceProxy: ServiceProxyInterface,
|
||||
private jwtSecret: string,
|
||||
private crossServiceTokenCacheTTL: number,
|
||||
private crossServiceTokenCache: CrossServiceTokenCacheInterface,
|
||||
private timer: TimerInterface,
|
||||
private logger: Logger,
|
||||
) {
|
||||
super()
|
||||
}
|
||||
|
||||
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
|
||||
const authHeaderValue = request.headers.authorization as string
|
||||
|
||||
if (!authHeaderValue) {
|
||||
response.status(401).send({
|
||||
error: {
|
||||
tag: 'invalid-auth',
|
||||
message: 'Invalid login credentials.',
|
||||
},
|
||||
})
|
||||
|
||||
if (!this.handleMissingAuthHeader(request.headers.authorization, response, next)) {
|
||||
return
|
||||
}
|
||||
|
||||
const authHeaderValue = request.headers.authorization as string
|
||||
|
||||
try {
|
||||
let crossServiceTokenFetchedFromCache = true
|
||||
let crossServiceToken = null
|
||||
@@ -47,26 +37,13 @@ export class AuthMiddleware extends BaseMiddleware {
|
||||
}
|
||||
|
||||
if (crossServiceToken === null) {
|
||||
const authResponse = await this.httpClient.request({
|
||||
method: 'POST',
|
||||
headers: {
|
||||
Authorization: authHeaderValue,
|
||||
Accept: 'application/json',
|
||||
},
|
||||
validateStatus: (status: number) => {
|
||||
return status >= 200 && status < 500
|
||||
},
|
||||
url: `${this.authServerUrl}/sessions/validate`,
|
||||
})
|
||||
|
||||
if (authResponse.status > 200) {
|
||||
response.setHeader('content-type', authResponse.headers['content-type'] as string)
|
||||
response.status(authResponse.status).send(authResponse.data)
|
||||
const authResponse = await this.serviceProxy.validateSession(authHeaderValue)
|
||||
|
||||
if (!this.handleSessionValidationResponse(authResponse, response, next)) {
|
||||
return
|
||||
}
|
||||
|
||||
crossServiceToken = authResponse.data.authToken
|
||||
crossServiceToken = (authResponse.data as { authToken: string }).authToken
|
||||
crossServiceTokenFetchedFromCache = false
|
||||
}
|
||||
|
||||
@@ -87,16 +64,15 @@ export class AuthMiddleware extends BaseMiddleware {
|
||||
})
|
||||
}
|
||||
|
||||
response.locals.userUuid = decodedToken.user.uuid
|
||||
response.locals.user = decodedToken.user
|
||||
response.locals.session = decodedToken.session
|
||||
response.locals.roles = decodedToken.roles
|
||||
} catch (error) {
|
||||
const errorMessage = (error as AxiosError).isAxiosError
|
||||
? JSON.stringify((error as AxiosError).response?.data)
|
||||
: (error as Error).message
|
||||
|
||||
this.logger.error(
|
||||
`Could not pass the request to ${this.authServerUrl}/sessions/validate on underlying service: ${errorMessage}`,
|
||||
)
|
||||
this.logger.error(`Could not pass the request to sessions/validate on underlying service: ${errorMessage}`)
|
||||
|
||||
this.logger.debug('Response error: %O', (error as AxiosError).response ?? error)
|
||||
|
||||
@@ -117,6 +93,24 @@ export class AuthMiddleware extends BaseMiddleware {
|
||||
return next()
|
||||
}
|
||||
|
||||
protected abstract handleSessionValidationResponse(
|
||||
authResponse: {
|
||||
status: number
|
||||
data: unknown
|
||||
headers: {
|
||||
contentType: string
|
||||
}
|
||||
},
|
||||
response: Response,
|
||||
next: NextFunction,
|
||||
): boolean
|
||||
|
||||
protected abstract handleMissingAuthHeader(
|
||||
authHeaderValue: string | undefined,
|
||||
response: Response,
|
||||
next: NextFunction,
|
||||
): boolean
|
||||
|
||||
private getCrossServiceTokenCacheExpireTimestamp(token: CrossServiceTokenData): number {
|
||||
const crossServiceTokenDefaultCacheExpiration = this.timer.getTimestampInSeconds() + this.crossServiceTokenCacheTTL
|
||||
|
||||
|
||||
@@ -29,17 +29,17 @@ export class LegacyController extends BaseHttpController {
|
||||
])
|
||||
}
|
||||
|
||||
@httpPost('/items/sync', TYPES.AuthMiddleware)
|
||||
@httpPost('/items/sync', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async legacyItemsSync(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
|
||||
}
|
||||
|
||||
@httpGet('/items/:item_id/revisions', TYPES.AuthMiddleware)
|
||||
@httpGet('/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async legacyGetRevisions(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
|
||||
}
|
||||
|
||||
@httpGet('/items/:item_id/revisions/:id', TYPES.AuthMiddleware)
|
||||
@httpGet('/items/:item_id/revisions/:id', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async legacyGetRevision(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
|
||||
}
|
||||
|
||||
@@ -0,0 +1,51 @@
|
||||
import { TimerInterface } from '@standardnotes/time'
|
||||
import { NextFunction, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import { TYPES } from '../Bootstrap/Types'
|
||||
import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
|
||||
import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
|
||||
import { AuthMiddleware } from './AuthMiddleware'
|
||||
|
||||
@injectable()
|
||||
export class OptionalCrossServiceTokenMiddleware extends AuthMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
|
||||
@inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
|
||||
@inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
|
||||
@inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
|
||||
@inject(TYPES.Timer) timer: TimerInterface,
|
||||
@inject(TYPES.Logger) logger: Logger,
|
||||
) {
|
||||
super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
|
||||
}
|
||||
|
||||
protected override handleSessionValidationResponse(
|
||||
authResponse: { status: number; data: unknown; headers: { contentType: string } },
|
||||
_response: Response,
|
||||
next: NextFunction,
|
||||
): boolean {
|
||||
if (authResponse.status > 200) {
|
||||
next()
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
protected override handleMissingAuthHeader(
|
||||
authHeaderValue: string | undefined,
|
||||
_response: Response,
|
||||
next: NextFunction,
|
||||
): boolean {
|
||||
if (!authHeaderValue) {
|
||||
next()
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
import { TimerInterface } from '@standardnotes/time'
|
||||
import { NextFunction, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import { TYPES } from '../Bootstrap/Types'
|
||||
import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
|
||||
import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
|
||||
import { AuthMiddleware } from './AuthMiddleware'
|
||||
|
||||
@injectable()
|
||||
export class RequiredCrossServiceTokenMiddleware extends AuthMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
|
||||
@inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
|
||||
@inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
|
||||
@inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
|
||||
@inject(TYPES.Timer) timer: TimerInterface,
|
||||
@inject(TYPES.Logger) logger: Logger,
|
||||
) {
|
||||
super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
|
||||
}
|
||||
|
||||
protected override handleSessionValidationResponse(
|
||||
authResponse: { status: number; data: unknown; headers: { contentType: string } },
|
||||
response: Response,
|
||||
_next: NextFunction,
|
||||
): boolean {
|
||||
if (authResponse.status > 200) {
|
||||
response.setHeader('content-type', authResponse.headers.contentType)
|
||||
response.status(authResponse.status).send(authResponse.data)
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
protected override handleMissingAuthHeader(
|
||||
authHeaderValue: string | undefined,
|
||||
response: Response,
|
||||
_next: NextFunction,
|
||||
): boolean {
|
||||
if (!authHeaderValue) {
|
||||
response.status(401).send({
|
||||
error: {
|
||||
tag: 'invalid-auth',
|
||||
message: 'Invalid login credentials.',
|
||||
},
|
||||
})
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
}
|
||||
@@ -118,7 +118,7 @@ export class SubscriptionTokenAuthMiddleware extends BaseMiddleware {
|
||||
verify(authResponse.data.authToken, this.jwtSecret, { algorithms: ['HS256'] })
|
||||
)
|
||||
|
||||
response.locals.userUuid = decodedToken.user.uuid
|
||||
response.locals.user = decodedToken.user
|
||||
response.locals.roles = decodedToken.roles
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,7 +63,7 @@ export class WebSocketAuthMiddleware extends BaseMiddleware {
|
||||
response.locals.freeUser =
|
||||
decodedToken.roles.length === 1 &&
|
||||
decodedToken.roles.find((role) => role.name === RoleName.NAMES.CoreUser) !== undefined
|
||||
response.locals.userUuid = decodedToken.user.uuid
|
||||
response.locals.user = decodedToken.user
|
||||
response.locals.roles = decodedToken.roles
|
||||
} catch (error) {
|
||||
const errorMessage = (error as AxiosError).isAxiosError
|
||||
|
||||
@@ -24,7 +24,7 @@ export class ActionsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/login-params')
|
||||
@httpGet('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
|
||||
async loginParams(request: Request, response: Response): Promise<void> {
|
||||
await this.serviceProxy.callAuthServer(
|
||||
request,
|
||||
@@ -34,7 +34,7 @@ export class ActionsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPost('/logout')
|
||||
@httpPost('/logout', TYPES.OptionalCrossServiceTokenMiddleware)
|
||||
async logout(request: Request, response: Response): Promise<void> {
|
||||
await this.serviceProxy.callAuthServer(
|
||||
request,
|
||||
@@ -54,7 +54,7 @@ export class ActionsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPost('/recovery/codes', TYPES.AuthMiddleware)
|
||||
@httpPost('/recovery/codes', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async recoveryCodes(request: Request, response: Response): Promise<void> {
|
||||
await this.serviceProxy.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -15,7 +15,7 @@ export class AuthenticatorsController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpDelete('/:authenticatorId', TYPES.AuthMiddleware)
|
||||
@httpDelete('/:authenticatorId', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async delete(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -29,7 +29,7 @@ export class AuthenticatorsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.AuthMiddleware)
|
||||
@httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async list(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -39,7 +39,7 @@ export class AuthenticatorsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/generate-registration-options', TYPES.AuthMiddleware)
|
||||
@httpGet('/generate-registration-options', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async generateRegistrationOptions(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -59,7 +59,7 @@ export class AuthenticatorsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPost('/verify-registration', TYPES.AuthMiddleware)
|
||||
@httpPost('/verify-registration', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async verifyRegistration(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -15,7 +15,7 @@ export class FilesController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpPost('/valet-tokens', TYPES.AuthMiddleware)
|
||||
@httpPost('/valet-tokens', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async createToken(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -5,10 +5,10 @@ import { TYPES } from '../../Bootstrap/Types'
|
||||
import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
|
||||
import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
|
||||
|
||||
@controller('/v1/items', TYPES.AuthMiddleware)
|
||||
@controller('/v1/items', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
export class ItemsController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
|
||||
@inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
|
||||
@inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
|
||||
) {
|
||||
super()
|
||||
@@ -16,7 +16,7 @@ export class ItemsController extends BaseHttpController {
|
||||
|
||||
@httpPost('/')
|
||||
async sync(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callSyncingServer(
|
||||
await this.serviceProxy.callSyncingServer(
|
||||
request,
|
||||
response,
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'items/sync'),
|
||||
@@ -26,7 +26,7 @@ export class ItemsController extends BaseHttpController {
|
||||
|
||||
@httpPost('/check-integrity')
|
||||
async checkIntegrity(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callSyncingServer(
|
||||
await this.serviceProxy.callSyncingServer(
|
||||
request,
|
||||
response,
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'items/check-integrity'),
|
||||
@@ -36,7 +36,7 @@ export class ItemsController extends BaseHttpController {
|
||||
|
||||
@httpGet('/:uuid')
|
||||
async getItem(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callSyncingServer(
|
||||
await this.serviceProxy.callSyncingServer(
|
||||
request,
|
||||
response,
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'items/:uuid', request.params.uuid),
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { BaseHttpController, controller, httpDelete, httpGet, results } from 'inversify-express-utils'
|
||||
import { TYPES } from '../../Bootstrap/Types'
|
||||
|
||||
@controller('/v1/items/:item_id/revisions', TYPES.AuthMiddleware)
|
||||
@controller('/v1/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
export class RevisionsController extends BaseHttpController {
|
||||
@httpGet('/')
|
||||
async getRevisions(): Promise<results.JsonResult> {
|
||||
|
||||
@@ -14,7 +14,7 @@ export class SessionsController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.AuthMiddleware)
|
||||
@httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getSessions(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -23,7 +23,7 @@ export class SessionsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpDelete('/:uuid', TYPES.AuthMiddleware)
|
||||
@httpDelete('/:uuid', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async deleteSession(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -35,7 +35,7 @@ export class SessionsController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpDelete('/', TYPES.AuthMiddleware)
|
||||
@httpDelete('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async deleteSessions(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -15,7 +15,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.AuthMiddleware)
|
||||
@httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async inviteToSubscriptionSharing(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -25,7 +25,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.AuthMiddleware)
|
||||
@httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async listInvites(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -35,7 +35,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpDelete('/:inviteUuid', TYPES.AuthMiddleware)
|
||||
@httpDelete('/:inviteUuid', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async cancelSubscriptionSharing(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -48,7 +48,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPost('/:inviteUuid/accept', TYPES.AuthMiddleware)
|
||||
@httpPost('/:inviteUuid/accept', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async acceptInvite(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -15,7 +15,7 @@ export class TokensController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.AuthMiddleware)
|
||||
@httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async createToken(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -37,7 +37,7 @@ export class UsersController extends BaseHttpController {
|
||||
await this.httpService.callPaymentsServer(request, response, 'api/pro_users/send-activation-code', request.body)
|
||||
}
|
||||
|
||||
@httpPatch('/:userId', TYPES.AuthMiddleware)
|
||||
@httpPatch('/:userId', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async updateUser(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -47,7 +47,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPut('/:userUuid/password', TYPES.AuthMiddleware)
|
||||
@httpPut('/:userUuid/password', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async changePassword(request: Request, response: Response): Promise<void> {
|
||||
this.logger.debug(
|
||||
'[DEPRECATED] use endpoint /v1/users/:userUuid/attributes/credentials instead of /v1/users/:userUuid/password',
|
||||
@@ -65,7 +65,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPut('/:userUuid/attributes/credentials', TYPES.AuthMiddleware)
|
||||
@httpPut('/:userUuid/attributes/credentials', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async changeCredentials(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -79,7 +79,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userId/params', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userId/params', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getKeyParams(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -88,12 +88,12 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@all('/:userId/mfa', TYPES.AuthMiddleware)
|
||||
@all('/:userId/mfa', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async blockMFA(): Promise<results.StatusCodeResult> {
|
||||
return this.statusCode(401)
|
||||
}
|
||||
|
||||
@httpPost('/:userUuid/integrations/listed', TYPES.AuthMiddleware)
|
||||
@httpPost('/:userUuid/integrations/listed', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async createListedAccount(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -113,7 +113,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/settings', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async listSettings(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -126,7 +126,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPut('/:userUuid/settings', TYPES.AuthMiddleware)
|
||||
@httpPut('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async putSetting(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -140,7 +140,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/settings/:settingName', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getSetting(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -154,7 +154,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpDelete('/:userUuid/settings/:settingName', TYPES.AuthMiddleware)
|
||||
@httpDelete('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async deleteSetting(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -169,7 +169,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/subscription-settings/:subscriptionSettingName', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userUuid/subscription-settings/:subscriptionSettingName', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getSubscriptionSetting(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -183,7 +183,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/features', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userUuid/features', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getFeatures(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -196,7 +196,7 @@ export class UsersController extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/subscription', TYPES.AuthMiddleware)
|
||||
@httpGet('/:userUuid/subscription', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async getSubscription(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
@@ -227,17 +227,17 @@ export class UsersController extends BaseHttpController {
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier(
|
||||
'GET',
|
||||
'users/:userUuid/subscription',
|
||||
response.locals.userUuid,
|
||||
response.locals.user.uuid,
|
||||
),
|
||||
)
|
||||
}
|
||||
|
||||
@httpDelete('/:userUuid', TYPES.AuthMiddleware)
|
||||
@httpDelete('/:userUuid', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async deleteUser(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callPaymentsServer(request, response, 'api/account', request.body)
|
||||
}
|
||||
|
||||
@httpPost('/:userUuid/requests', TYPES.AuthMiddleware)
|
||||
@httpPost('/:userUuid/requests', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async submitRequest(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
request,
|
||||
|
||||
@@ -17,7 +17,7 @@ export class WebSocketsController extends BaseHttpController {
|
||||
super()
|
||||
}
|
||||
|
||||
@httpPost('/tokens', TYPES.AuthMiddleware)
|
||||
@httpPost('/tokens', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
async createWebSocketConnectionToken(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callWebSocketServer(
|
||||
request,
|
||||
|
||||
@@ -9,7 +9,7 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
|
||||
@controller('/v2')
|
||||
export class ActionsControllerV2 extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
|
||||
@inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
|
||||
@inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
|
||||
) {
|
||||
super()
|
||||
@@ -17,7 +17,7 @@ export class ActionsControllerV2 extends BaseHttpController {
|
||||
|
||||
@httpPost('/login')
|
||||
async login(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
await this.serviceProxy.callAuthServer(
|
||||
request,
|
||||
response,
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'auth/pkce_sign_in'),
|
||||
@@ -25,9 +25,9 @@ export class ActionsControllerV2 extends BaseHttpController {
|
||||
)
|
||||
}
|
||||
|
||||
@httpPost('/login-params')
|
||||
@httpPost('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
|
||||
async loginParams(request: Request, response: Response): Promise<void> {
|
||||
await this.httpService.callAuthServer(
|
||||
await this.serviceProxy.callAuthServer(
|
||||
request,
|
||||
response,
|
||||
this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'auth/pkce_params'),
|
||||
|
||||
@@ -6,7 +6,7 @@ import { TYPES } from '../../Bootstrap/Types'
|
||||
import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
|
||||
import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'
|
||||
|
||||
@controller('/v2/items/:itemUuid/revisions', TYPES.AuthMiddleware)
|
||||
@controller('/v2/items/:itemUuid/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
|
||||
export class RevisionsControllerV2 extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
|
||||
|
||||
@@ -24,6 +24,30 @@ export class HttpServiceProxy implements ServiceProxyInterface {
|
||||
@inject(TYPES.Logger) private logger: Logger,
|
||||
) {}
|
||||
|
||||
async validateSession(
|
||||
authorizationHeaderValue: string,
|
||||
): Promise<{ status: number; data: unknown; headers: { contentType: string } }> {
|
||||
const authResponse = await this.httpClient.request({
|
||||
method: 'POST',
|
||||
headers: {
|
||||
Authorization: authorizationHeaderValue,
|
||||
Accept: 'application/json',
|
||||
},
|
||||
validateStatus: (status: number) => {
|
||||
return status >= 200 && status < 500
|
||||
},
|
||||
url: `${this.authServerUrl}/sessions/validate`,
|
||||
})
|
||||
|
||||
return {
|
||||
status: authResponse.status,
|
||||
data: authResponse.data,
|
||||
headers: {
|
||||
contentType: authResponse.headers['content-type'] as string,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
async callSyncingServer(
|
||||
request: Request,
|
||||
response: Response,
|
||||
@@ -238,7 +262,7 @@ export class HttpServiceProxy implements ServiceProxyInterface {
|
||||
response.status(serviceResponse.status).send({
|
||||
meta: {
|
||||
auth: {
|
||||
userUuid: response.locals.userUuid,
|
||||
userUuid: response.locals.user?.uuid,
|
||||
roles: response.locals.roles,
|
||||
},
|
||||
server: {
|
||||
|
||||
@@ -49,4 +49,11 @@ export interface ServiceProxyInterface {
|
||||
endpointOrMethodIdentifier: string,
|
||||
payload?: Record<string, unknown> | string,
|
||||
): Promise<void>
|
||||
validateSession(authorizationHeaderValue: string): Promise<{
|
||||
status: number
|
||||
data: unknown
|
||||
headers: {
|
||||
contentType: string
|
||||
}
|
||||
}>
|
||||
}
|
||||
|
||||
@@ -4,7 +4,35 @@ import { ServiceProxyInterface } from '../Http/ServiceProxyInterface'
|
||||
import { ServiceContainerInterface, ServiceIdentifier } from '@standardnotes/domain-core'
|
||||
|
||||
export class DirectCallServiceProxy implements ServiceProxyInterface {
|
||||
constructor(private serviceContainer: ServiceContainerInterface) {}
|
||||
constructor(private serviceContainer: ServiceContainerInterface, private filesServerUrl: string) {}
|
||||
|
||||
async validateSession(
|
||||
authorizationHeaderValue: string,
|
||||
): Promise<{ status: number; data: unknown; headers: { contentType: string } }> {
|
||||
const authService = this.serviceContainer.get(ServiceIdentifier.create(ServiceIdentifier.NAMES.Auth).getValue())
|
||||
if (!authService) {
|
||||
throw new Error('Auth service not found')
|
||||
}
|
||||
|
||||
const serviceResponse = (await authService.handleRequest(
|
||||
{
|
||||
headers: {
|
||||
authorization: authorizationHeaderValue,
|
||||
},
|
||||
} as never,
|
||||
{} as never,
|
||||
'auth.sessions.validate',
|
||||
)) as {
|
||||
statusCode: number
|
||||
json: Record<string, unknown>
|
||||
}
|
||||
|
||||
return {
|
||||
status: serviceResponse.statusCode,
|
||||
data: serviceResponse.json,
|
||||
headers: { contentType: 'application/json' },
|
||||
}
|
||||
}
|
||||
|
||||
async callEmailServer(_request: Request, _response: Response, _endpointOrMethodIdentifier: string): Promise<void> {
|
||||
throw new Error('Email server is not available.')
|
||||
@@ -21,7 +49,7 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
|
||||
json: Record<string, unknown>
|
||||
}
|
||||
|
||||
void (response as Response).status(serviceResponse.statusCode).send(serviceResponse.json)
|
||||
this.sendDecoratedResponse(response, serviceResponse)
|
||||
}
|
||||
|
||||
async callAuthServerWithLegacyFormat(
|
||||
@@ -49,7 +77,12 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
|
||||
throw new Error('Syncing service not found')
|
||||
}
|
||||
|
||||
await service.handleRequest(request, response, endpointOrMethodIdentifier)
|
||||
const serviceResponse = (await service.handleRequest(request, response, endpointOrMethodIdentifier)) as {
|
||||
statusCode: number
|
||||
json: Record<string, unknown>
|
||||
}
|
||||
|
||||
this.sendDecoratedResponse(response, serviceResponse)
|
||||
}
|
||||
|
||||
async callLegacySyncingServer(
|
||||
@@ -71,4 +104,22 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
|
||||
): Promise<void> {
|
||||
throw new Error('Websockets server is not available.')
|
||||
}
|
||||
|
||||
private sendDecoratedResponse(
|
||||
response: Response,
|
||||
serviceResponse: { statusCode: number; json: Record<string, unknown> },
|
||||
): void {
|
||||
void response.status(serviceResponse.statusCode).send({
|
||||
meta: {
|
||||
auth: {
|
||||
userUuid: response.locals.user?.uuid,
|
||||
roles: response.locals.roles,
|
||||
},
|
||||
server: {
|
||||
filesServerUrl: this.filesServerUrl,
|
||||
},
|
||||
},
|
||||
data: serviceResponse.json,
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,8 @@ export class EndpointResolver implements EndpointResolverInterface {
|
||||
constructor(private isConfiguredForHomeServer: boolean) {}
|
||||
|
||||
private readonly endpointToIdentifierMap: Map<string, string> = new Map([
|
||||
// Auth Middleware
|
||||
['[POST]:sessions/validate', 'auth.sessions.validate'],
|
||||
// Actions Controller
|
||||
['[POST]:auth/sign_in', 'auth.signIn'],
|
||||
['[GET]:auth/params', 'auth.params'],
|
||||
@@ -11,6 +13,9 @@ export class EndpointResolver implements EndpointResolverInterface {
|
||||
['[POST]:auth/recovery/codes', 'auth.generateRecoveryCodes'],
|
||||
['[POST]:auth/recovery/login', 'auth.signInWithRecoveryCodes'],
|
||||
['[POST]:auth/recovery/params', 'auth.recoveryKeyParams'],
|
||||
// v2 Actions Controller
|
||||
['[POST]:auth/pkce_sign_in', 'auth.pkceSignIn'],
|
||||
['[POST]:auth/pkce_params', 'auth.pkceParams'],
|
||||
// Authenticators Controller
|
||||
['[DELETE]:authenticators/:authenticatorId', 'auth.authenticators.delete'],
|
||||
['[GET]:authenticators/', 'auth.authenticators.list'],
|
||||
@@ -49,6 +54,10 @@ export class EndpointResolver implements EndpointResolverInterface {
|
||||
['[GET]:users/:userUuid/subscription', 'auth.users.getSubscription'],
|
||||
['[GET]:offline/users/subscription', 'auth.users.getOfflineSubscriptionByToken'],
|
||||
['[POST]:users/:userUuid/requests', 'auth.users.createRequest'],
|
||||
// Syncing Server
|
||||
['[POST]:items/sync', 'sync.items.sync'],
|
||||
['[POST]:items/check-integrity', 'sync.items.check_integrity'],
|
||||
['[GET]:items/:uuid', 'sync.items.get_item'],
|
||||
])
|
||||
|
||||
resolveEndpointOrMethodIdentifier(method: string, endpoint: string, ...params: string[]): string {
|
||||
|
||||
@@ -3,6 +3,40 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
# [1.110.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.2...@standardnotes/auth-server@1.110.0) (2023-05-25)
|
||||
|
||||
### Features
|
||||
|
||||
* refactor auth middleware to handle required and optional cross service token scenarios ([#612](https://github.com/standardnotes/server/issues/612)) ([1e4c7d0](https://github.com/standardnotes/server/commit/1e4c7d0f317d5c2d98065da12ffeb950b10ee5dc))
|
||||
|
||||
## [1.109.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.1...@standardnotes/auth-server@1.109.2) (2023-05-18)
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* **auth:** changing user credentials to work both on http proxy and direct code call ([cc61229](https://github.com/standardnotes/server/commit/cc612296d0fbfa7e95556fda45eb9706845e4f58))
|
||||
|
||||
## [1.109.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.0...@standardnotes/auth-server@1.109.1) (2023-05-18)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/auth-server
|
||||
|
||||
# [1.109.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.108.0...@standardnotes/auth-server@1.109.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/server/issues/611)) ([b3b617e](https://github.com/standardnotes/server/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
|
||||
|
||||
# [1.108.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.107.0...@standardnotes/auth-server@1.108.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* **auth:** move inversify express controllers to different structure ([#610](https://github.com/standardnotes/server/issues/610)) ([fea5802](https://github.com/standardnotes/server/commit/fea58029b90804dba31faa3c26dcd7dabe541648))
|
||||
|
||||
# [1.107.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.106.0...@standardnotes/auth-server@1.107.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* add direct event handling for home server ([#608](https://github.com/standardnotes/server/issues/608)) ([8a47d81](https://github.com/standardnotes/server/commit/8a47d81936acd765224e74fd083810579a83c9a7))
|
||||
|
||||
# [1.106.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.105.2...@standardnotes/auth-server@1.106.0) (2023-05-16)
|
||||
|
||||
### Features
|
||||
|
||||
@@ -2,25 +2,24 @@ import 'reflect-metadata'
|
||||
|
||||
import 'newrelic'
|
||||
|
||||
import '../src/Controller/HealthCheckController'
|
||||
import '../src/Controller/SessionController'
|
||||
import '../src/Controller/SessionsController'
|
||||
import '../src/Controller/UsersController'
|
||||
import '../src/Controller/SettingsController'
|
||||
import '../src/Controller/FeaturesController'
|
||||
import '../src/Controller/AdminController'
|
||||
import '../src/Controller/InternalController'
|
||||
import '../src/Controller/SubscriptionTokensController'
|
||||
import '../src/Controller/OfflineController'
|
||||
import '../src/Controller/ValetTokenController'
|
||||
import '../src/Controller/ListedController'
|
||||
import '../src/Controller/SubscriptionSettingsController'
|
||||
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressAuthController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressAuthenticatorsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSessionsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionInvitesController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressUserRequestsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressWebSocketsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressUsersController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressValetTokenController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressAdminController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionTokensController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSubscriptionSettingsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSettingsController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressSessionController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressOfflineController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressListedController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressInternalController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressHealthCheckController'
|
||||
import '../src/Infra/InversifyExpressUtils/InversifyExpressFeaturesController'
|
||||
|
||||
import * as cors from 'cors'
|
||||
import { urlencoded, json, Request, Response, NextFunction } from 'express'
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/auth-server",
|
||||
"version": "1.106.0",
|
||||
"version": "1.110.0",
|
||||
"engines": {
|
||||
"node": ">=18.0.0 <21.0.0"
|
||||
},
|
||||
|
||||
@@ -6,6 +6,7 @@ import { Container } from 'inversify'
|
||||
import {
|
||||
DomainEventHandlerInterface,
|
||||
DomainEventMessageHandlerInterface,
|
||||
DomainEventPublisherInterface,
|
||||
DomainEventSubscriberFactoryInterface,
|
||||
} from '@standardnotes/domain-events'
|
||||
import { TimerInterface, Timer } from '@standardnotes/time'
|
||||
@@ -13,7 +14,6 @@ import { UAParser } from 'ua-parser-js'
|
||||
|
||||
import { Env } from './Env'
|
||||
import TYPES from './Types'
|
||||
import { AuthMiddleware } from '../Controller/AuthMiddleware'
|
||||
import { AuthenticateUser } from '../Domain/UseCase/AuthenticateUser'
|
||||
import { Repository } from 'typeorm'
|
||||
import { AppDataSource } from './DataSource'
|
||||
@@ -23,7 +23,6 @@ import { SessionService } from '../Domain/Session/SessionService'
|
||||
import { TypeORMSessionRepository } from '../Infra/TypeORM/TypeORMSessionRepository'
|
||||
import { TypeORMUserRepository } from '../Infra/TypeORM/TypeORMUserRepository'
|
||||
import { SessionProjector } from '../Projection/SessionProjector'
|
||||
import { SessionMiddleware } from '../Controller/SessionMiddleware'
|
||||
import { RefreshSessionToken } from '../Domain/UseCase/RefreshSessionToken'
|
||||
import { KeyParamsFactory } from '../Domain/User/KeyParamsFactory'
|
||||
import { SignIn } from '../Domain/UseCase/SignIn'
|
||||
@@ -35,8 +34,6 @@ import { AuthResponseFactory20200115 } from '../Domain/Auth/AuthResponseFactory2
|
||||
import { AuthResponseFactoryResolver } from '../Domain/Auth/AuthResponseFactoryResolver'
|
||||
import { ClearLoginAttempts } from '../Domain/UseCase/ClearLoginAttempts'
|
||||
import { IncreaseLoginAttempts } from '../Domain/UseCase/IncreaseLoginAttempts'
|
||||
import { LockMiddleware } from '../Controller/LockMiddleware'
|
||||
import { AuthMiddlewareWithoutResponse } from '../Controller/AuthMiddlewareWithoutResponse'
|
||||
import { GetUserKeyParams } from '../Domain/UseCase/GetUserKeyParams/GetUserKeyParams'
|
||||
import { UpdateUser } from '../Domain/UseCase/UpdateUser'
|
||||
import { RedisEphemeralSessionRepository } from '../Infra/Redis/RedisEphemeralSessionRepository'
|
||||
@@ -90,6 +87,8 @@ import { FeatureService } from '../Domain/Feature/FeatureService'
|
||||
import { SettingServiceInterface } from '../Domain/Setting/SettingServiceInterface'
|
||||
import { ExtensionKeyGrantedEventHandler } from '../Domain/Handler/ExtensionKeyGrantedEventHandler'
|
||||
import {
|
||||
DirectCallDomainEventPublisher,
|
||||
DirectCallEventMessageHandler,
|
||||
SNSDomainEventPublisher,
|
||||
SQSDomainEventSubscriberFactory,
|
||||
SQSEventMessageHandler,
|
||||
@@ -100,7 +99,6 @@ import { ChangeCredentials } from '../Domain/UseCase/ChangeCredentials/ChangeCre
|
||||
import { SubscriptionReassignedEventHandler } from '../Domain/Handler/SubscriptionReassignedEventHandler'
|
||||
import { UserSubscriptionRepositoryInterface } from '../Domain/Subscription/UserSubscriptionRepositoryInterface'
|
||||
import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { ApiGatewayAuthMiddleware } from '../Controller/ApiGatewayAuthMiddleware'
|
||||
import { SubscriptionTokenRepositoryInterface } from '../Domain/Subscription/SubscriptionTokenRepositoryInterface'
|
||||
import { RedisSubscriptionTokenRepository } from '../Infra/Redis/RedisSubscriptionTokenRepository'
|
||||
import { AuthenticateSubscriptionToken } from '../Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken'
|
||||
@@ -113,7 +111,6 @@ import { TypeORMOfflineSettingRepository } from '../Infra/TypeORM/TypeORMOffline
|
||||
import { OfflineUserSubscription } from '../Domain/Subscription/OfflineUserSubscription'
|
||||
import { OfflineUserSubscriptionRepositoryInterface } from '../Domain/Subscription/OfflineUserSubscriptionRepositoryInterface'
|
||||
import { TypeORMOfflineUserSubscriptionRepository } from '../Infra/TypeORM/TypeORMOfflineUserSubscriptionRepository'
|
||||
import { OfflineUserAuthMiddleware } from '../Controller/OfflineUserAuthMiddleware'
|
||||
import { OfflineSubscriptionTokenRepositoryInterface } from '../Domain/Auth/OfflineSubscriptionTokenRepositoryInterface'
|
||||
import { RedisOfflineSubscriptionTokenRepository } from '../Infra/Redis/RedisOfflineSubscriptionTokenRepository'
|
||||
import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
@@ -121,7 +118,6 @@ import { AuthenticateOfflineSubscriptionToken } from '../Domain/UseCase/Authenti
|
||||
import { SubscriptionCancelledEventHandler } from '../Domain/Handler/SubscriptionCancelledEventHandler'
|
||||
import { ContentDecoder, ContentDecoderInterface, ProtocolVersion } from '@standardnotes/common'
|
||||
import { GetUserOfflineSubscription } from '../Domain/UseCase/GetUserOfflineSubscription/GetUserOfflineSubscription'
|
||||
import { ApiGatewayOfflineAuthMiddleware } from '../Controller/ApiGatewayOfflineAuthMiddleware'
|
||||
import { UserEmailChangedEventHandler } from '../Domain/Handler/UserEmailChangedEventHandler'
|
||||
import { SettingsAssociationServiceInterface } from '../Domain/Setting/SettingsAssociationServiceInterface'
|
||||
import { SettingsAssociationService } from '../Domain/Setting/SettingsAssociationService'
|
||||
@@ -237,12 +233,36 @@ import { InversifyExpressAuthenticatorsController } from '../Infra/InversifyExpr
|
||||
import { InversifyExpressSubscriptionInvitesController } from '../Infra/InversifyExpressUtils/InversifyExpressSubscriptionInvitesController'
|
||||
import { InversifyExpressUserRequestsController } from '../Infra/InversifyExpressUtils/InversifyExpressUserRequestsController'
|
||||
import { InversifyExpressWebSocketsController } from '../Infra/InversifyExpressUtils/InversifyExpressWebSocketsController'
|
||||
import { InversifyExpressSessionsController } from '../Infra/InversifyExpressUtils/InversifyExpressSessionsController'
|
||||
import { InversifyExpressValetTokenController } from '../Infra/InversifyExpressUtils/InversifyExpressValetTokenController'
|
||||
import { InversifyExpressUsersController } from '../Infra/InversifyExpressUtils/InversifyExpressUsersController'
|
||||
import { InversifyExpressAdminController } from '../Infra/InversifyExpressUtils/InversifyExpressAdminController'
|
||||
import { InversifyExpressSubscriptionTokensController } from '../Infra/InversifyExpressUtils/InversifyExpressSubscriptionTokensController'
|
||||
import { InversifyExpressSubscriptionSettingsController } from '../Infra/InversifyExpressUtils/InversifyExpressSubscriptionSettingsController'
|
||||
import { InversifyExpressSettingsController } from '../Infra/InversifyExpressUtils/InversifyExpressSettingsController'
|
||||
import { SessionMiddleware } from '../Infra/InversifyExpressUtils/Middleware/SessionMiddleware'
|
||||
import { ApiGatewayOfflineAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/ApiGatewayOfflineAuthMiddleware'
|
||||
import { OfflineUserAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/OfflineUserAuthMiddleware'
|
||||
import { LockMiddleware } from '../Infra/InversifyExpressUtils/Middleware/LockMiddleware'
|
||||
import { InversifyExpressSessionController } from '../Infra/InversifyExpressUtils/InversifyExpressSessionController'
|
||||
import { InversifyExpressOfflineController } from '../Infra/InversifyExpressUtils/InversifyExpressOfflineController'
|
||||
import { InversifyExpressListedController } from '../Infra/InversifyExpressUtils/InversifyExpressListedController'
|
||||
import { InversifyExpressInternalController } from '../Infra/InversifyExpressUtils/InversifyExpressInternalController'
|
||||
import { InversifyExpressFeaturesController } from '../Infra/InversifyExpressUtils/InversifyExpressFeaturesController'
|
||||
import { RequiredCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/RequiredCrossServiceTokenMiddleware'
|
||||
import { OptionalCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/OptionalCrossServiceTokenMiddleware'
|
||||
|
||||
// eslint-disable-next-line @typescript-eslint/no-var-requires
|
||||
const newrelicFormatter = require('@newrelic/winston-enricher')
|
||||
|
||||
export class ContainerConfigLoader {
|
||||
async load(controllerConatiner?: ControllerContainerInterface): Promise<Container> {
|
||||
async load(configuration?: {
|
||||
controllerConatiner?: ControllerContainerInterface
|
||||
directCallDomainEventPublisher?: DirectCallDomainEventPublisher
|
||||
}): Promise<Container> {
|
||||
const directCallDomainEventPublisher =
|
||||
configuration?.directCallDomainEventPublisher ?? new DirectCallDomainEventPublisher()
|
||||
|
||||
const env: Env = new Env()
|
||||
env.load()
|
||||
|
||||
@@ -275,38 +295,41 @@ export class ContainerConfigLoader {
|
||||
level: env.get('LOG_LEVEL') || 'info',
|
||||
format: winston.format.combine(...winstonFormatters),
|
||||
transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
|
||||
defaultMeta: { service: 'auth' },
|
||||
})
|
||||
container.bind<winston.Logger>(TYPES.Auth_Logger).toConstantValue(logger)
|
||||
|
||||
container.bind<TimerInterface>(TYPES.Auth_Timer).toConstantValue(new Timer())
|
||||
|
||||
const snsConfig: SNSClientConfig = {
|
||||
region: env.get('SNS_AWS_REGION', true),
|
||||
}
|
||||
if (env.get('SNS_ENDPOINT', true)) {
|
||||
snsConfig.endpoint = env.get('SNS_ENDPOINT', true)
|
||||
}
|
||||
if (env.get('SNS_ACCESS_KEY_ID', true) && env.get('SNS_SECRET_ACCESS_KEY', true)) {
|
||||
snsConfig.credentials = {
|
||||
accessKeyId: env.get('SNS_ACCESS_KEY_ID', true),
|
||||
secretAccessKey: env.get('SNS_SECRET_ACCESS_KEY', true),
|
||||
if (!isConfiguredForHomeServer) {
|
||||
const snsConfig: SNSClientConfig = {
|
||||
region: env.get('SNS_AWS_REGION', true),
|
||||
}
|
||||
}
|
||||
container.bind<SNSClient>(TYPES.Auth_SNS).toConstantValue(new SNSClient(snsConfig))
|
||||
if (env.get('SNS_ENDPOINT', true)) {
|
||||
snsConfig.endpoint = env.get('SNS_ENDPOINT', true)
|
||||
}
|
||||
if (env.get('SNS_ACCESS_KEY_ID', true) && env.get('SNS_SECRET_ACCESS_KEY', true)) {
|
||||
snsConfig.credentials = {
|
||||
accessKeyId: env.get('SNS_ACCESS_KEY_ID', true),
|
||||
secretAccessKey: env.get('SNS_SECRET_ACCESS_KEY', true),
|
||||
}
|
||||
}
|
||||
container.bind<SNSClient>(TYPES.Auth_SNS).toConstantValue(new SNSClient(snsConfig))
|
||||
|
||||
const sqsConfig: SQSClientConfig = {
|
||||
region: env.get('SQS_AWS_REGION', true),
|
||||
}
|
||||
if (env.get('SQS_ENDPOINT', true)) {
|
||||
sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
|
||||
}
|
||||
if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
|
||||
sqsConfig.credentials = {
|
||||
accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
|
||||
secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
|
||||
const sqsConfig: SQSClientConfig = {
|
||||
region: env.get('SQS_AWS_REGION', true),
|
||||
}
|
||||
if (env.get('SQS_ENDPOINT', true)) {
|
||||
sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
|
||||
}
|
||||
if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
|
||||
sqsConfig.credentials = {
|
||||
accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
|
||||
secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
|
||||
}
|
||||
}
|
||||
container.bind<SQSClient>(TYPES.Auth_SQS).toConstantValue(new SQSClient(sqsConfig))
|
||||
}
|
||||
container.bind<SQSClient>(TYPES.Auth_SQS).toConstantValue(new SQSClient(sqsConfig))
|
||||
|
||||
// Mapping
|
||||
container
|
||||
@@ -424,13 +447,14 @@ export class ContainerConfigLoader {
|
||||
)
|
||||
|
||||
// Middleware
|
||||
container.bind<AuthMiddleware>(TYPES.Auth_AuthMiddleware).to(AuthMiddleware)
|
||||
container.bind<SessionMiddleware>(TYPES.Auth_SessionMiddleware).to(SessionMiddleware)
|
||||
container.bind<LockMiddleware>(TYPES.Auth_LockMiddleware).to(LockMiddleware)
|
||||
container
|
||||
.bind<AuthMiddlewareWithoutResponse>(TYPES.Auth_AuthMiddlewareWithoutResponse)
|
||||
.to(AuthMiddlewareWithoutResponse)
|
||||
container.bind<ApiGatewayAuthMiddleware>(TYPES.Auth_ApiGatewayAuthMiddleware).to(ApiGatewayAuthMiddleware)
|
||||
.bind<RequiredCrossServiceTokenMiddleware>(TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
.to(RequiredCrossServiceTokenMiddleware)
|
||||
container
|
||||
.bind<OptionalCrossServiceTokenMiddleware>(TYPES.Auth_OptionalCrossServiceTokenMiddleware)
|
||||
.to(OptionalCrossServiceTokenMiddleware)
|
||||
container
|
||||
.bind<ApiGatewayOfflineAuthMiddleware>(TYPES.Auth_ApiGatewayOfflineAuthMiddleware)
|
||||
.to(ApiGatewayOfflineAuthMiddleware)
|
||||
@@ -494,7 +518,7 @@ export class ContainerConfigLoader {
|
||||
.toConstantValue(env.get('USER_SERVER_CHANGE_EMAIL_URL', true))
|
||||
container.bind(TYPES.Auth_NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
|
||||
container.bind(TYPES.Auth_SYNCING_SERVER_URL).toConstantValue(env.get('SYNCING_SERVER_URL', true))
|
||||
container.bind(TYPES.Auth_VERSION).toConstantValue(env.get('VERSION'))
|
||||
container.bind(TYPES.Auth_VERSION).toConstantValue(env.get('VERSION', true) ?? 'development')
|
||||
container.bind(TYPES.Auth_PAYMENTS_SERVER_URL).toConstantValue(env.get('PAYMENTS_SERVER_URL', true))
|
||||
container
|
||||
.bind(TYPES.Auth_SESSION_TRACE_DAYS_TTL)
|
||||
@@ -649,9 +673,11 @@ export class ContainerConfigLoader {
|
||||
container.bind<UserSubscriptionServiceInterface>(TYPES.Auth_UserSubscriptionService).to(UserSubscriptionService)
|
||||
|
||||
container
|
||||
.bind<SNSDomainEventPublisher>(TYPES.Auth_DomainEventPublisher)
|
||||
.bind<DomainEventPublisherInterface>(TYPES.Auth_DomainEventPublisher)
|
||||
.toConstantValue(
|
||||
new SNSDomainEventPublisher(container.get(TYPES.Auth_SNS), container.get(TYPES.Auth_SNS_TOPIC_ARN)),
|
||||
isConfiguredForHomeServer
|
||||
? directCallDomainEventPublisher
|
||||
: new SNSDomainEventPublisher(container.get(TYPES.Auth_SNS), container.get(TYPES.Auth_SNS_TOPIC_ARN)),
|
||||
)
|
||||
|
||||
// use cases
|
||||
@@ -836,7 +862,7 @@ export class ContainerConfigLoader {
|
||||
// Controller
|
||||
container
|
||||
.bind<ControllerContainerInterface>(TYPES.Auth_ControllerContainer)
|
||||
.toConstantValue(controllerConatiner ?? new ControllerContainer())
|
||||
.toConstantValue(configuration?.controllerConatiner ?? new ControllerContainer())
|
||||
container
|
||||
.bind<AuthController>(TYPES.Auth_AuthController)
|
||||
.toConstantValue(
|
||||
@@ -956,22 +982,34 @@ export class ContainerConfigLoader {
|
||||
['EMAIL_SUBSCRIPTION_UNSUBSCRIBED', container.get(TYPES.Auth_EmailSubscriptionUnsubscribedEventHandler)],
|
||||
])
|
||||
|
||||
container
|
||||
.bind<DomainEventMessageHandlerInterface>(TYPES.Auth_DomainEventMessageHandler)
|
||||
.toConstantValue(
|
||||
env.get('NEW_RELIC_ENABLED', true) === 'true'
|
||||
? new SQSNewRelicEventMessageHandler(eventHandlers, container.get(TYPES.Auth_Logger))
|
||||
: new SQSEventMessageHandler(eventHandlers, container.get(TYPES.Auth_Logger)),
|
||||
)
|
||||
container
|
||||
.bind<DomainEventSubscriberFactoryInterface>(TYPES.Auth_DomainEventSubscriberFactory)
|
||||
.toConstantValue(
|
||||
new SQSDomainEventSubscriberFactory(
|
||||
container.get(TYPES.Auth_SQS),
|
||||
container.get(TYPES.Auth_SQS_QUEUE_URL),
|
||||
container.get(TYPES.Auth_DomainEventMessageHandler),
|
||||
),
|
||||
if (isConfiguredForHomeServer) {
|
||||
const directCallEventMessageHandler = new DirectCallEventMessageHandler(
|
||||
eventHandlers,
|
||||
container.get(TYPES.Auth_Logger),
|
||||
)
|
||||
directCallDomainEventPublisher.register(directCallEventMessageHandler)
|
||||
container
|
||||
.bind<DomainEventMessageHandlerInterface>(TYPES.Auth_DomainEventMessageHandler)
|
||||
.toConstantValue(directCallEventMessageHandler)
|
||||
} else {
|
||||
container
|
||||
.bind<DomainEventMessageHandlerInterface>(TYPES.Auth_DomainEventMessageHandler)
|
||||
.toConstantValue(
|
||||
env.get('NEW_RELIC_ENABLED', true) === 'true'
|
||||
? new SQSNewRelicEventMessageHandler(eventHandlers, container.get(TYPES.Auth_Logger))
|
||||
: new SQSEventMessageHandler(eventHandlers, container.get(TYPES.Auth_Logger)),
|
||||
)
|
||||
|
||||
container
|
||||
.bind<DomainEventSubscriberFactoryInterface>(TYPES.Auth_DomainEventSubscriberFactory)
|
||||
.toConstantValue(
|
||||
new SQSDomainEventSubscriberFactory(
|
||||
container.get(TYPES.Auth_SQS),
|
||||
container.get(TYPES.Auth_SQS_QUEUE_URL),
|
||||
container.get(TYPES.Auth_DomainEventMessageHandler),
|
||||
),
|
||||
)
|
||||
}
|
||||
|
||||
container
|
||||
.bind<InversifyExpressAuthController>(TYPES.Auth_InversifyExpressAuthController)
|
||||
@@ -987,39 +1025,168 @@ export class ContainerConfigLoader {
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressAuthenticatorsController>(TYPES.Auth_InversifyExpressAuthenticatorsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressAuthenticatorsController(
|
||||
container.get(TYPES.Auth_AuthenticatorsController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSubscriptionInvitesController>(TYPES.Auth_InversifyExpressSubscriptionInvitesController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSubscriptionInvitesController(
|
||||
container.get(TYPES.Auth_SubscriptionInvitesController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressUserRequestsController>(TYPES.Auth_InversifyExpressUserRequestsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressUserRequestsController(
|
||||
container.get(TYPES.Auth_UserRequestsController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressWebSocketsController>(TYPES.Auth_InversifyExpressWebSocketsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressWebSocketsController(
|
||||
container.get(TYPES.Auth_CreateCrossServiceToken),
|
||||
container.get(TYPES.Auth_WebSocketConnectionTokenDecoder),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
|
||||
// Inversify Controllers
|
||||
if (isConfiguredForHomeServer) {
|
||||
container
|
||||
.bind<InversifyExpressAuthenticatorsController>(TYPES.Auth_InversifyExpressAuthenticatorsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressAuthenticatorsController(
|
||||
container.get(TYPES.Auth_AuthenticatorsController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSubscriptionInvitesController>(TYPES.Auth_InversifyExpressSubscriptionInvitesController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSubscriptionInvitesController(
|
||||
container.get(TYPES.Auth_SubscriptionInvitesController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressUserRequestsController>(TYPES.Auth_InversifyExpressUserRequestsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressUserRequestsController(
|
||||
container.get(TYPES.Auth_UserRequestsController),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressWebSocketsController>(TYPES.Auth_InversifyExpressWebSocketsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressWebSocketsController(
|
||||
container.get(TYPES.Auth_CreateCrossServiceToken),
|
||||
container.get(TYPES.Auth_WebSocketConnectionTokenDecoder),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSessionsController>(TYPES.Auth_SessionsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSessionsController(
|
||||
container.get(TYPES.Auth_GetActiveSessionsForUser),
|
||||
container.get(TYPES.Auth_AuthenticateRequest),
|
||||
container.get(TYPES.Auth_SessionProjector),
|
||||
container.get(TYPES.Auth_CreateCrossServiceToken),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressValetTokenController>(TYPES.Auth_InversifyExpressValetTokenController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressValetTokenController(
|
||||
container.get(TYPES.Auth_CreateValetToken),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressUsersController>(TYPES.Auth_InversifyExpressUsersController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressUsersController(
|
||||
container.get(TYPES.Auth_UpdateUser),
|
||||
container.get(TYPES.Auth_GetUserKeyParams),
|
||||
container.get(TYPES.Auth_DeleteAccount),
|
||||
container.get(TYPES.Auth_GetUserSubscription),
|
||||
container.get(TYPES.Auth_ClearLoginAttempts),
|
||||
container.get(TYPES.Auth_IncreaseLoginAttempts),
|
||||
container.get(TYPES.Auth_ChangeCredentials),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressAdminController>(TYPES.Auth_InversifyExpressAdminController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressAdminController(
|
||||
container.get(TYPES.Auth_DeleteSetting),
|
||||
container.get(TYPES.Auth_UserRepository),
|
||||
container.get(TYPES.Auth_CreateSubscriptionToken),
|
||||
container.get(TYPES.Auth_CreateOfflineSubscriptionToken),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSubscriptionTokensController>(TYPES.Auth_InversifyExpressSubscriptionTokensController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSubscriptionTokensController(
|
||||
container.get(TYPES.Auth_CreateSubscriptionToken),
|
||||
container.get(TYPES.Auth_AuthenticateSubscriptionToken),
|
||||
container.get(TYPES.Auth_SettingService),
|
||||
container.get(TYPES.Auth_UserProjector),
|
||||
container.get(TYPES.Auth_RoleProjector),
|
||||
container.get(TYPES.Auth_CrossServiceTokenEncoder),
|
||||
container.get(TYPES.Auth_AUTH_JWT_TTL),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSubscriptionSettingsController>(TYPES.Auth_InversifyExpressSubscriptionSettingsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSubscriptionSettingsController(
|
||||
container.get(TYPES.Auth_GetSetting),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSettingsController>(TYPES.Auth_InversifyExpressSettingsController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSettingsController(
|
||||
container.get(TYPES.Auth_GetSettings),
|
||||
container.get(TYPES.Auth_GetSetting),
|
||||
container.get(TYPES.Auth_UpdateSetting),
|
||||
container.get(TYPES.Auth_DeleteSetting),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressSessionController>(TYPES.Auth_InversifyExpressSessionController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressSessionController(
|
||||
container.get(TYPES.Auth_DeleteSessionForUser),
|
||||
container.get(TYPES.Auth_DeletePreviousSessionsForUser),
|
||||
container.get(TYPES.Auth_RefreshSessionToken),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressOfflineController>(TYPES.Auth_InversifyExpressOfflineController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressOfflineController(
|
||||
container.get(TYPES.Auth_GetUserFeatures),
|
||||
container.get(TYPES.Auth_GetUserOfflineSubscription),
|
||||
container.get(TYPES.Auth_CreateOfflineSubscriptionToken),
|
||||
container.get(TYPES.Auth_AuthenticateOfflineSubscriptionToken),
|
||||
container.get(TYPES.Auth_OfflineUserTokenEncoder),
|
||||
container.get(TYPES.Auth_AUTH_JWT_TTL),
|
||||
container.get(TYPES.Auth_Logger),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressListedController>(TYPES.Auth_InversifyExpressListedController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressListedController(
|
||||
container.get(TYPES.Auth_CreateListedAccount),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressInternalController>(TYPES.Auth_InversifyExpressInternalController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressInternalController(
|
||||
container.get(TYPES.Auth_GetUserFeatures),
|
||||
container.get(TYPES.Auth_GetSetting),
|
||||
),
|
||||
)
|
||||
container
|
||||
.bind<InversifyExpressFeaturesController>(TYPES.Auth_InversifyExpressFeaturesController)
|
||||
.toConstantValue(
|
||||
new InversifyExpressFeaturesController(
|
||||
container.get(TYPES.Auth_GetUserFeatures),
|
||||
container.get(TYPES.Auth_ControllerContainer),
|
||||
),
|
||||
)
|
||||
}
|
||||
|
||||
return container
|
||||
}
|
||||
|
||||
@@ -6,13 +6,15 @@ import {
|
||||
} from '@standardnotes/domain-core'
|
||||
|
||||
import { ContainerConfigLoader } from './Container'
|
||||
import { DirectCallDomainEventPublisher } from '@standardnotes/domain-events-infra'
|
||||
|
||||
export class Service implements ServiceInterface {
|
||||
constructor(
|
||||
private serviceContainer: ServiceContainerInterface,
|
||||
private controllerContainer: ControllerContainerInterface,
|
||||
private directCallDomainEventPublisher: DirectCallDomainEventPublisher,
|
||||
) {
|
||||
this.serviceContainer.register(ServiceIdentifier.create(ServiceIdentifier.NAMES.Auth).getValue(), this)
|
||||
this.serviceContainer.register(this.getId(), this)
|
||||
}
|
||||
|
||||
async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
|
||||
@@ -28,7 +30,10 @@ export class Service implements ServiceInterface {
|
||||
async getContainer(): Promise<unknown> {
|
||||
const config = new ContainerConfigLoader()
|
||||
|
||||
return config.load(this.controllerContainer)
|
||||
return config.load({
|
||||
controllerConatiner: this.controllerContainer,
|
||||
directCallDomainEventPublisher: this.directCallDomainEventPublisher,
|
||||
})
|
||||
}
|
||||
|
||||
getId(): ServiceIdentifier {
|
||||
|
||||
@@ -51,11 +51,10 @@ const TYPES = {
|
||||
Auth_ORMAuthenticatorChallengeRepository: Symbol.for('Auth_ORMAuthenticatorChallengeRepository'),
|
||||
Auth_ORMCacheEntryRepository: Symbol.for('Auth_ORMCacheEntryRepository'),
|
||||
// Middleware
|
||||
Auth_AuthMiddleware: Symbol.for('Auth_AuthMiddleware'),
|
||||
Auth_ApiGatewayAuthMiddleware: Symbol.for('Auth_ApiGatewayAuthMiddleware'),
|
||||
Auth_RequiredCrossServiceTokenMiddleware: Symbol.for('Auth_RequiredCrossServiceTokenMiddleware'),
|
||||
Auth_OptionalCrossServiceTokenMiddleware: Symbol.for('Auth_OptionalCrossServiceTokenMiddleware'),
|
||||
Auth_ApiGatewayOfflineAuthMiddleware: Symbol.for('Auth_ApiGatewayOfflineAuthMiddleware'),
|
||||
Auth_OfflineUserAuthMiddleware: Symbol.for('Auth_OfflineUserAuthMiddleware'),
|
||||
Auth_AuthMiddlewareWithoutResponse: Symbol.for('Auth_AuthMiddlewareWithoutResponse'),
|
||||
Auth_LockMiddleware: Symbol.for('Auth_LockMiddleware'),
|
||||
Auth_SessionMiddleware: Symbol.for('Auth_SessionMiddleware'),
|
||||
// Projectors
|
||||
@@ -222,6 +221,20 @@ const TYPES = {
|
||||
Auth_InversifyExpressSubscriptionInvitesController: Symbol.for('Auth_InversifyExpressSubscriptionInvitesController'),
|
||||
Auth_InversifyExpressUserRequestsController: Symbol.for('Auth_InversifyExpressUserRequestsController'),
|
||||
Auth_InversifyExpressWebSocketsController: Symbol.for('Auth_InversifyExpressWebSocketsController'),
|
||||
Auth_SessionsController: Symbol.for('Auth_SessionsController'),
|
||||
Auth_InversifyExpressValetTokenController: Symbol.for('Auth_InversifyExpressValetTokenController'),
|
||||
Auth_InversifyExpressUsersController: Symbol.for('Auth_InversifyExpressUsersController'),
|
||||
Auth_InversifyExpressAdminController: Symbol.for('Auth_InversifyExpressAdminController'),
|
||||
Auth_InversifyExpressSubscriptionTokensController: Symbol.for('Auth_InversifyExpressSubscriptionTokensController'),
|
||||
Auth_InversifyExpressSubscriptionSettingsController: Symbol.for(
|
||||
'Auth_InversifyExpressSubscriptionSettingsController',
|
||||
),
|
||||
Auth_InversifyExpressSettingsController: Symbol.for('Auth_InversifyExpressSettingsController'),
|
||||
Auth_InversifyExpressSessionController: Symbol.for('Auth_InversifyExpressSessionController'),
|
||||
Auth_InversifyExpressOfflineController: Symbol.for('Auth_InversifyExpressOfflineController'),
|
||||
Auth_InversifyExpressListedController: Symbol.for('Auth_InversifyExpressListedController'),
|
||||
Auth_InversifyExpressInternalController: Symbol.for('Auth_InversifyExpressInternalController'),
|
||||
Auth_InversifyExpressFeaturesController: Symbol.for('Auth_InversifyExpressFeaturesController'),
|
||||
}
|
||||
|
||||
export default TYPES
|
||||
|
||||
@@ -1,99 +0,0 @@
|
||||
import 'reflect-metadata'
|
||||
|
||||
import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { Logger } from 'winston'
|
||||
import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
|
||||
import { RoleName } from '@standardnotes/domain-core'
|
||||
|
||||
describe('ApiGatewayAuthMiddleware', () => {
|
||||
let tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>
|
||||
let request: Request
|
||||
let response: Response
|
||||
let next: NextFunction
|
||||
|
||||
const logger = {
|
||||
debug: jest.fn(),
|
||||
} as unknown as jest.Mocked<Logger>
|
||||
|
||||
const createMiddleware = () => new ApiGatewayAuthMiddleware(tokenDecoder, logger)
|
||||
|
||||
beforeEach(() => {
|
||||
tokenDecoder = {} as jest.Mocked<TokenDecoderInterface<CrossServiceTokenData>>
|
||||
tokenDecoder.decodeToken = jest.fn().mockReturnValue({
|
||||
user: {
|
||||
uuid: '1-2-3',
|
||||
email: 'test@test.te',
|
||||
},
|
||||
roles: [
|
||||
{
|
||||
uuid: 'a-b-c',
|
||||
name: RoleName.NAMES.CoreUser,
|
||||
},
|
||||
],
|
||||
})
|
||||
|
||||
request = {
|
||||
headers: {},
|
||||
} as jest.Mocked<Request>
|
||||
response = {
|
||||
locals: {},
|
||||
} as jest.Mocked<Response>
|
||||
response.status = jest.fn().mockReturnThis()
|
||||
response.send = jest.fn()
|
||||
next = jest.fn()
|
||||
})
|
||||
|
||||
it('should authorize user', async () => {
|
||||
request.headers['x-auth-token'] = 'auth-jwt-token'
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.locals.user).toEqual({
|
||||
uuid: '1-2-3',
|
||||
email: 'test@test.te',
|
||||
})
|
||||
expect(response.locals.roles).toEqual([
|
||||
{
|
||||
uuid: 'a-b-c',
|
||||
name: RoleName.NAMES.CoreUser,
|
||||
},
|
||||
])
|
||||
|
||||
expect(next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should not authorize if request is missing auth jwt token in headers', async () => {
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.status).toHaveBeenCalledWith(401)
|
||||
expect(next).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should not authorize if auth jwt token is malformed', async () => {
|
||||
request.headers['x-auth-token'] = 'auth-jwt-token'
|
||||
|
||||
tokenDecoder.decodeToken = jest.fn().mockReturnValue(undefined)
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.status).toHaveBeenCalledWith(401)
|
||||
expect(next).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should pass the error to next middleware if one occurres', async () => {
|
||||
request.headers['x-auth-token'] = 'auth-jwt-token'
|
||||
|
||||
const error = new Error('Ooops')
|
||||
|
||||
tokenDecoder.decodeToken = jest.fn().mockImplementation(() => {
|
||||
throw error
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.status).not.toHaveBeenCalled()
|
||||
|
||||
expect(next).toHaveBeenCalledWith(error)
|
||||
})
|
||||
})
|
||||
@@ -1,79 +0,0 @@
|
||||
import 'reflect-metadata'
|
||||
|
||||
import { AuthMiddleware } from './AuthMiddleware'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
import { Session } from '../Domain/Session/Session'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
describe('AuthMiddleware', () => {
|
||||
let authenticateRequest: AuthenticateRequest
|
||||
let request: Request
|
||||
let response: Response
|
||||
let next: NextFunction
|
||||
|
||||
const logger = {
|
||||
debug: jest.fn(),
|
||||
} as unknown as jest.Mocked<Logger>
|
||||
|
||||
const createMiddleware = () => new AuthMiddleware(authenticateRequest, logger)
|
||||
|
||||
beforeEach(() => {
|
||||
authenticateRequest = {} as jest.Mocked<AuthenticateRequest>
|
||||
authenticateRequest.execute = jest.fn()
|
||||
|
||||
request = {
|
||||
headers: {},
|
||||
} as jest.Mocked<Request>
|
||||
response = {
|
||||
locals: {},
|
||||
} as jest.Mocked<Response>
|
||||
response.status = jest.fn().mockReturnThis()
|
||||
response.send = jest.fn()
|
||||
next = jest.fn()
|
||||
})
|
||||
|
||||
it('should authorize user', async () => {
|
||||
const user = {} as jest.Mocked<User>
|
||||
const session = {} as jest.Mocked<Session>
|
||||
authenticateRequest.execute = jest.fn().mockReturnValue({
|
||||
success: true,
|
||||
user,
|
||||
session,
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.locals.user).toEqual(user)
|
||||
expect(response.locals.session).toEqual(session)
|
||||
|
||||
expect(next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should not authorize if request authentication fails', async () => {
|
||||
authenticateRequest.execute = jest.fn().mockReturnValue({
|
||||
success: false,
|
||||
responseCode: 401,
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.status).toHaveBeenCalledWith(401)
|
||||
expect(next).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should pass the error to next middleware if one occurres', async () => {
|
||||
const error = new Error('Ooops')
|
||||
|
||||
authenticateRequest.execute = jest.fn().mockImplementation(() => {
|
||||
throw error
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.status).not.toHaveBeenCalled()
|
||||
|
||||
expect(next).toHaveBeenCalledWith(error)
|
||||
})
|
||||
})
|
||||
@@ -1,45 +0,0 @@
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import { Logger } from 'winston'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
|
||||
@injectable()
|
||||
export class AuthMiddleware extends BaseMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_AuthenticateRequest) private authenticateRequest: AuthenticateRequest,
|
||||
@inject(TYPES.Auth_Logger) private logger: Logger,
|
||||
) {
|
||||
super()
|
||||
}
|
||||
|
||||
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
|
||||
try {
|
||||
const authenticateRequestResponse = await this.authenticateRequest.execute({
|
||||
authorizationHeader: request.headers.authorization,
|
||||
})
|
||||
|
||||
if (!authenticateRequestResponse.success) {
|
||||
this.logger.debug('AuthMiddleware authentication failure.')
|
||||
|
||||
response.status(authenticateRequestResponse.responseCode).send({
|
||||
error: {
|
||||
tag: authenticateRequestResponse.errorTag,
|
||||
message: authenticateRequestResponse.errorMessage,
|
||||
},
|
||||
})
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
response.locals.user = authenticateRequestResponse.user
|
||||
response.locals.session = authenticateRequestResponse.session
|
||||
response.locals.readOnlyAccess = authenticateRequestResponse.session?.readonlyAccess ?? false
|
||||
|
||||
return next()
|
||||
} catch (error) {
|
||||
return next(error)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,68 +0,0 @@
|
||||
import 'reflect-metadata'
|
||||
|
||||
import { AuthMiddlewareWithoutResponse } from './AuthMiddlewareWithoutResponse'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
import { Session } from '../Domain/Session/Session'
|
||||
|
||||
describe('AuthMiddlewareWithoutResponse', () => {
|
||||
let authenticateRequest: AuthenticateRequest
|
||||
let request: Request
|
||||
let response: Response
|
||||
let next: NextFunction
|
||||
|
||||
const createMiddleware = () => new AuthMiddlewareWithoutResponse(authenticateRequest)
|
||||
|
||||
beforeEach(() => {
|
||||
authenticateRequest = {} as jest.Mocked<AuthenticateRequest>
|
||||
authenticateRequest.execute = jest.fn()
|
||||
|
||||
request = {
|
||||
headers: {},
|
||||
} as jest.Mocked<Request>
|
||||
response = {
|
||||
locals: {},
|
||||
} as jest.Mocked<Response>
|
||||
response.status = jest.fn().mockReturnThis()
|
||||
response.send = jest.fn()
|
||||
next = jest.fn()
|
||||
})
|
||||
|
||||
it('should authorize user', async () => {
|
||||
const user = {} as jest.Mocked<User>
|
||||
const session = {} as jest.Mocked<Session>
|
||||
authenticateRequest.execute = jest.fn().mockReturnValue({
|
||||
success: true,
|
||||
user,
|
||||
session,
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(response.locals.user).toEqual(user)
|
||||
expect(response.locals.session).toEqual(session)
|
||||
|
||||
expect(next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should skip middleware if authentication fails', async () => {
|
||||
authenticateRequest.execute = jest.fn().mockReturnValue({
|
||||
success: false,
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(next).toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should skip middleware if authentication errors', async () => {
|
||||
authenticateRequest.execute = jest.fn().mockImplementation(() => {
|
||||
throw new Error('Ooops')
|
||||
})
|
||||
|
||||
await createMiddleware().handler(request, response, next)
|
||||
|
||||
expect(next).toHaveBeenCalled()
|
||||
})
|
||||
})
|
||||
@@ -1,32 +0,0 @@
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
|
||||
@injectable()
|
||||
export class AuthMiddlewareWithoutResponse extends BaseMiddleware {
|
||||
constructor(@inject(TYPES.Auth_AuthenticateRequest) private authenticateRequest: AuthenticateRequest) {
|
||||
super()
|
||||
}
|
||||
|
||||
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
|
||||
try {
|
||||
const authenticateRequestResponse = await this.authenticateRequest.execute({
|
||||
authorizationHeader: request.headers.authorization,
|
||||
})
|
||||
|
||||
if (!authenticateRequestResponse.success) {
|
||||
return next()
|
||||
}
|
||||
|
||||
response.locals.user = authenticateRequestResponse.user
|
||||
response.locals.session = authenticateRequestResponse.session
|
||||
response.locals.readOnlyAccess = authenticateRequestResponse.session?.readonlyAccess ?? false
|
||||
|
||||
return next()
|
||||
} catch (error) {
|
||||
return next()
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -11,6 +11,7 @@ import { User } from '../../User/User'
|
||||
import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'
|
||||
|
||||
import { ChangeCredentials } from './ChangeCredentials'
|
||||
import { Username } from '@standardnotes/domain-core'
|
||||
|
||||
describe('ChangeCredentials', () => {
|
||||
let userRepository: UserRepositoryInterface
|
||||
@@ -25,9 +26,6 @@ describe('ChangeCredentials', () => {
|
||||
new ChangeCredentials(userRepository, authResponseFactoryResolver, domainEventPublisher, domainEventFactory, timer)
|
||||
|
||||
beforeEach(() => {
|
||||
userRepository = {} as jest.Mocked<UserRepositoryInterface>
|
||||
userRepository.save = jest.fn()
|
||||
|
||||
authResponseFactory = {} as jest.Mocked<AuthResponseFactoryInterface>
|
||||
authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })
|
||||
|
||||
@@ -39,6 +37,10 @@ describe('ChangeCredentials', () => {
|
||||
user.uuid = '1-2-3'
|
||||
user.email = 'test@test.te'
|
||||
|
||||
userRepository = {} as jest.Mocked<UserRepositoryInterface>
|
||||
userRepository.save = jest.fn()
|
||||
userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(user)
|
||||
|
||||
domainEventPublisher = {} as jest.Mocked<DomainEventPublisherInterface>
|
||||
domainEventPublisher.publish = jest.fn()
|
||||
|
||||
@@ -52,7 +54,7 @@ describe('ChangeCredentials', () => {
|
||||
it('should change password', async () => {
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
@@ -82,11 +84,11 @@ describe('ChangeCredentials', () => {
|
||||
})
|
||||
|
||||
it('should change email', async () => {
|
||||
userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)
|
||||
userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValueOnce(user).mockReturnValueOnce(null)
|
||||
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
@@ -117,11 +119,14 @@ describe('ChangeCredentials', () => {
|
||||
})
|
||||
|
||||
it('should not change email if already taken', async () => {
|
||||
userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue({} as jest.Mocked<User>)
|
||||
userRepository.findOneByUsernameOrEmail = jest
|
||||
.fn()
|
||||
.mockReturnValueOnce(user)
|
||||
.mockReturnValueOnce({} as jest.Mocked<User>)
|
||||
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
@@ -144,7 +149,7 @@ describe('ChangeCredentials', () => {
|
||||
it('should not change email if the new email is invalid', async () => {
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
@@ -164,10 +169,35 @@ describe('ChangeCredentials', () => {
|
||||
expect(domainEventPublisher.publish).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should not change email if the user is not found', async () => {
|
||||
userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)
|
||||
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
newEmail: '',
|
||||
pwNonce: 'asdzxc',
|
||||
updatedWithUserAgent: 'Google Chrome',
|
||||
kpCreated: '123',
|
||||
kpOrigination: 'password-change',
|
||||
}),
|
||||
).toEqual({
|
||||
success: false,
|
||||
errorMessage: 'User not found.',
|
||||
})
|
||||
|
||||
expect(userRepository.save).not.toHaveBeenCalled()
|
||||
expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
|
||||
expect(domainEventPublisher.publish).not.toHaveBeenCalled()
|
||||
})
|
||||
|
||||
it('should not change password if current password is incorrect', async () => {
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'test123',
|
||||
newPassword: 'test234',
|
||||
@@ -185,7 +215,7 @@ describe('ChangeCredentials', () => {
|
||||
it('should update protocol version while changing password', async () => {
|
||||
expect(
|
||||
await createUseCase().execute({
|
||||
user,
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
apiVersion: '20190520',
|
||||
currentPassword: 'qweqwe123123',
|
||||
newPassword: 'test234',
|
||||
|
||||
@@ -25,14 +25,22 @@ export class ChangeCredentials implements UseCaseInterface {
|
||||
) {}
|
||||
|
||||
async execute(dto: ChangeCredentialsDTO): Promise<ChangeCredentialsResponse> {
|
||||
if (!(await bcrypt.compare(dto.currentPassword, dto.user.encryptedPassword))) {
|
||||
const user = await this.userRepository.findOneByUsernameOrEmail(dto.username)
|
||||
if (!user) {
|
||||
return {
|
||||
success: false,
|
||||
errorMessage: 'User not found.',
|
||||
}
|
||||
}
|
||||
|
||||
if (!(await bcrypt.compare(dto.currentPassword, user.encryptedPassword))) {
|
||||
return {
|
||||
success: false,
|
||||
errorMessage: 'The current password you entered is incorrect. Please try again.',
|
||||
}
|
||||
}
|
||||
|
||||
dto.user.encryptedPassword = await bcrypt.hash(dto.newPassword, User.PASSWORD_HASH_COST)
|
||||
user.encryptedPassword = await bcrypt.hash(dto.newPassword, User.PASSWORD_HASH_COST)
|
||||
|
||||
let userEmailChangedEvent: UserEmailChangedEvent | undefined = undefined
|
||||
if (dto.newEmail !== undefined) {
|
||||
@@ -54,27 +62,27 @@ export class ChangeCredentials implements UseCaseInterface {
|
||||
}
|
||||
|
||||
userEmailChangedEvent = this.domainEventFactory.createUserEmailChangedEvent(
|
||||
dto.user.uuid,
|
||||
dto.user.email,
|
||||
user.uuid,
|
||||
user.email,
|
||||
newUsername.value,
|
||||
)
|
||||
|
||||
dto.user.email = newUsername.value
|
||||
user.email = newUsername.value
|
||||
}
|
||||
|
||||
dto.user.pwNonce = dto.pwNonce
|
||||
user.pwNonce = dto.pwNonce
|
||||
if (dto.protocolVersion) {
|
||||
dto.user.version = dto.protocolVersion
|
||||
user.version = dto.protocolVersion
|
||||
}
|
||||
if (dto.kpCreated) {
|
||||
dto.user.kpCreated = dto.kpCreated
|
||||
user.kpCreated = dto.kpCreated
|
||||
}
|
||||
if (dto.kpOrigination) {
|
||||
dto.user.kpOrigination = dto.kpOrigination
|
||||
user.kpOrigination = dto.kpOrigination
|
||||
}
|
||||
dto.user.updatedAt = this.timer.getUTCDate()
|
||||
user.updatedAt = this.timer.getUTCDate()
|
||||
|
||||
const updatedUser = await this.userRepository.save(dto.user)
|
||||
const updatedUser = await this.userRepository.save(user)
|
||||
|
||||
if (userEmailChangedEvent !== undefined) {
|
||||
await this.domainEventPublisher.publish(userEmailChangedEvent)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
import { User } from '../../User/User'
|
||||
import { Username } from '@standardnotes/domain-core'
|
||||
|
||||
export type ChangeCredentialsDTO = {
|
||||
user: User
|
||||
username: Username
|
||||
apiVersion: string
|
||||
currentPassword: string
|
||||
newPassword: string
|
||||
|
||||
@@ -35,9 +35,7 @@ describe('GetUserKeyParams', () => {
|
||||
})
|
||||
|
||||
it('should get key params for an authenticated user - searching by email', async () => {
|
||||
expect(
|
||||
await createUseCase().execute({ email: 'test@test.te', authenticated: true, authenticatedUser: user }),
|
||||
).toEqual({
|
||||
expect(await createUseCase().execute({ email: 'test@test.te', authenticated: true })).toEqual({
|
||||
keyParams: {
|
||||
foo: 'bar',
|
||||
},
|
||||
@@ -63,7 +61,7 @@ describe('GetUserKeyParams', () => {
|
||||
})
|
||||
|
||||
it('should get key params for an authenticated user - searching by uuid', async () => {
|
||||
expect(await createUseCase().execute({ userUuid: '1-2-3', authenticated: true, authenticatedUser: user })).toEqual({
|
||||
expect(await createUseCase().execute({ userUuid: '1-2-3', authenticated: true })).toEqual({
|
||||
keyParams: {
|
||||
foo: 'bar',
|
||||
},
|
||||
|
||||
@@ -22,16 +22,6 @@ export class GetUserKeyParams implements UseCaseInterface {
|
||||
) {}
|
||||
|
||||
async execute(dto: GetUserKeyParamsDTO): Promise<GetUserKeyParamsResponse> {
|
||||
if (dto.authenticatedUser) {
|
||||
this.logger.debug(`Creating key params for authenticated user ${dto.authenticatedUser.email}`)
|
||||
|
||||
const keyParams = await this.createKeyParams(dto, dto.authenticatedUser, true)
|
||||
|
||||
return {
|
||||
keyParams,
|
||||
}
|
||||
}
|
||||
|
||||
let user: User | null = null
|
||||
if (dto.email !== undefined) {
|
||||
const usernameOrError = Username.create(dto.email)
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
import { User } from '../../User/User'
|
||||
|
||||
export type GetUserKeyParamsDTOV1Unchallenged = {
|
||||
authenticated: boolean
|
||||
email?: string
|
||||
userUuid?: string
|
||||
authenticatedUser?: User
|
||||
}
|
||||
|
||||
@@ -1,9 +1,6 @@
|
||||
import { User } from '../../User/User'
|
||||
|
||||
export type GetUserKeyParamsDTOV2Challenged = {
|
||||
authenticated: boolean
|
||||
codeChallenge: string
|
||||
email?: string
|
||||
userUuid?: string
|
||||
authenticatedUser?: User
|
||||
}
|
||||
|
||||
@@ -1,16 +1,16 @@
|
||||
import 'reflect-metadata'
|
||||
|
||||
import { AdminController } from './AdminController'
|
||||
import { InversifyExpressAdminController } from './InversifyExpressAdminController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { UserRepositoryInterface } from '../../Domain/User/UserRepositoryInterface'
|
||||
import * as express from 'express'
|
||||
import { DeleteSetting } from '../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { DeleteSetting } from '../../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { CreateSubscriptionToken } from '../../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionToken } from '../../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
describe('AdminController', () => {
|
||||
describe('InversifyExpressAdminController', () => {
|
||||
let deleteSetting: DeleteSetting
|
||||
let userRepository: UserRepositoryInterface
|
||||
let createSubscriptionToken: CreateSubscriptionToken
|
||||
@@ -20,7 +20,7 @@ describe('AdminController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new AdminController(
|
||||
new InversifyExpressAdminController(
|
||||
deleteSetting,
|
||||
userRepository,
|
||||
createSubscriptionToken,
|
||||
@@ -11,14 +11,14 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { DeleteSetting } from '../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { CreateOfflineSubscriptionToken } from '../../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { CreateSubscriptionToken } from '../../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { DeleteSetting } from '../../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { UserRepositoryInterface } from '../../Domain/User/UserRepositoryInterface'
|
||||
|
||||
@controller('/admin')
|
||||
export class AdminController extends BaseHttpController {
|
||||
export class InversifyExpressAdminController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_DeleteSetting) private doDeleteSetting: DeleteSetting,
|
||||
@inject(TYPES.Auth_UserRepository) private userRepository: UserRepositoryInterface,
|
||||
@@ -44,13 +44,12 @@ export class InversifyExpressAuthController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.signOut', this.signOut.bind(this))
|
||||
}
|
||||
|
||||
@httpGet('/params', TYPES.Auth_AuthMiddlewareWithoutResponse)
|
||||
@httpGet('/params', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
|
||||
async params(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (response.locals.session) {
|
||||
const result = await this.getUserKeyParams.execute({
|
||||
email: response.locals.user.email,
|
||||
authenticated: true,
|
||||
authenticatedUser: response.locals.user,
|
||||
})
|
||||
|
||||
return this.json(result.keyParams)
|
||||
@@ -155,7 +154,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
|
||||
return this.json(signInResult.authResponse)
|
||||
}
|
||||
|
||||
@httpPost('/pkce_params', TYPES.Auth_AuthMiddlewareWithoutResponse)
|
||||
@httpPost('/pkce_params', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
|
||||
async pkceParams(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (!request.body.code_challenge) {
|
||||
return this.json(
|
||||
@@ -172,7 +171,6 @@ export class InversifyExpressAuthController extends BaseHttpController {
|
||||
const result = await this.getUserKeyParams.execute({
|
||||
email: response.locals.user.email,
|
||||
authenticated: true,
|
||||
authenticatedUser: response.locals.user,
|
||||
codeChallenge: request.body.code_challenge as string,
|
||||
})
|
||||
|
||||
@@ -261,7 +259,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
|
||||
return this.json(signInResult.authResponse)
|
||||
}
|
||||
|
||||
@httpPost('/recovery/codes', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/recovery/codes', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async generateRecoveryCodes(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.authController.generateRecoveryCodes({
|
||||
userUuid: response.locals.user.uuid,
|
||||
@@ -296,7 +294,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpPost('/sign_out', TYPES.Auth_AuthMiddlewareWithoutResponse)
|
||||
@httpPost('/sign_out', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
|
||||
async signOut(request: Request, response: Response): Promise<results.JsonResult | void> {
|
||||
const result = await this.authController.signOut({
|
||||
readOnlyAccess: response.locals.readOnlyAccess,
|
||||
|
||||
@@ -37,7 +37,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
|
||||
)
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async list(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.authenticatorsController.list({
|
||||
userUuid: response.locals.user.uuid,
|
||||
@@ -46,7 +46,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpDelete('/:authenticatorId', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpDelete('/:authenticatorId', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async delete(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.authenticatorsController.delete({
|
||||
userUuid: response.locals.user.uuid,
|
||||
@@ -56,7 +56,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpGet('/generate-registration-options', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/generate-registration-options', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async generateRegistrationOptions(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.authenticatorsController.generateRegistrationOptions({
|
||||
username: response.locals.user.email,
|
||||
@@ -66,7 +66,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpPost('/verify-registration', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/verify-registration', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async verifyRegistration(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.authenticatorsController.verifyRegistrationResponse({
|
||||
userUuid: response.locals.user.uuid,
|
||||
|
||||
@@ -2,13 +2,13 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { FeaturesController } from './FeaturesController'
|
||||
import { InversifyExpressFeaturesController } from './InversifyExpressFeaturesController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
describe('FeaturesController', () => {
|
||||
describe('InversifyExpressFeaturesController', () => {
|
||||
let getUserFeatures: GetUserFeatures
|
||||
|
||||
let request: express.Request
|
||||
@@ -16,7 +16,7 @@ describe('FeaturesController', () => {
|
||||
let user: User
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () => new FeaturesController(getUserFeatures, controllerContainer)
|
||||
const createController = () => new InversifyExpressFeaturesController(getUserFeatures, controllerContainer)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -7,12 +7,12 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/users/:userUuid/features')
|
||||
export class FeaturesController extends BaseHttpController {
|
||||
export class InversifyExpressFeaturesController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetUserFeatures) private doGetUserFeatures: GetUserFeatures,
|
||||
@inject(TYPES.Auth_ControllerContainer) private controllerContainer: ControllerContainerInterface,
|
||||
@@ -22,7 +22,7 @@ export class FeaturesController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.getFeatures', this.getFeatures.bind(this))
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async getFeatures(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (request.params.userUuid !== response.locals.user.uuid) {
|
||||
return this.json(
|
||||
@@ -1,7 +1,7 @@
|
||||
import { controller, httpGet } from 'inversify-express-utils'
|
||||
|
||||
@controller('/healthcheck')
|
||||
export class HealthCheckController {
|
||||
export class InversifyExpressHealthCheckController {
|
||||
@httpGet('/')
|
||||
public async get(): Promise<string> {
|
||||
return 'OK'
|
||||
@@ -2,13 +2,13 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { InternalController } from './InternalController'
|
||||
import { InversifyExpressInternalController } from './InversifyExpressInternalController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
|
||||
describe('InternalController', () => {
|
||||
describe('InversifyExpressInternalController', () => {
|
||||
let getUserFeatures: GetUserFeatures
|
||||
let getSetting: GetSetting
|
||||
|
||||
@@ -16,7 +16,7 @@ describe('InternalController', () => {
|
||||
let response: express.Response
|
||||
let user: User
|
||||
|
||||
const createController = () => new InternalController(getUserFeatures, getSetting)
|
||||
const createController = () => new InversifyExpressInternalController(getUserFeatures, getSetting)
|
||||
|
||||
beforeEach(() => {
|
||||
user = {} as jest.Mocked<User>
|
||||
@@ -7,12 +7,12 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
|
||||
@controller('/internal')
|
||||
export class InternalController extends BaseHttpController {
|
||||
export class InversifyExpressInternalController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetUserFeatures) private doGetUserFeatures: GetUserFeatures,
|
||||
@inject(TYPES.Auth_GetSetting) private doGetSetting: GetSetting,
|
||||
@@ -3,12 +3,12 @@ import 'reflect-metadata'
|
||||
import * as express from 'express'
|
||||
import { results } from 'inversify-express-utils'
|
||||
|
||||
import { ListedController } from './ListedController'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { CreateListedAccount } from '../Domain/UseCase/CreateListedAccount/CreateListedAccount'
|
||||
import { InversifyExpressListedController } from './InversifyExpressListedController'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { CreateListedAccount } from '../../Domain/UseCase/CreateListedAccount/CreateListedAccount'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
describe('ListedController', () => {
|
||||
describe('InversifyExpressListedController', () => {
|
||||
let createListedAccount: CreateListedAccount
|
||||
|
||||
let request: express.Request
|
||||
@@ -16,7 +16,7 @@ describe('ListedController', () => {
|
||||
let user: User
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () => new ListedController(createListedAccount, controllerContainer)
|
||||
const createController = () => new InversifyExpressListedController(createListedAccount, controllerContainer)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -2,13 +2,13 @@ import { inject } from 'inversify'
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
import { BaseHttpController, controller, httpPost, results } from 'inversify-express-utils'
|
||||
import { Request, Response } from 'express'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { CreateListedAccount } from '../Domain/UseCase/CreateListedAccount/CreateListedAccount'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { CreateListedAccount } from '../../Domain/UseCase/CreateListedAccount/CreateListedAccount'
|
||||
import { ErrorTag } from '@standardnotes/responses'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/listed')
|
||||
export class ListedController extends BaseHttpController {
|
||||
export class InversifyExpressListedController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CreateListedAccount) private doCreateListedAccount: CreateListedAccount,
|
||||
@inject(TYPES.Auth_ControllerContainer) private controllerContainer: ControllerContainerInterface,
|
||||
@@ -18,7 +18,7 @@ export class ListedController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.createListedAccount', this.createListedAccount.bind(this))
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async createListedAccount(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -2,21 +2,21 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { OfflineController } from './OfflineController'
|
||||
import { InversifyExpressOfflineController } from './InversifyExpressOfflineController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionTokenResponse } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionTokenResponse'
|
||||
import { AuthenticateOfflineSubscriptionToken } from '../Domain/UseCase/AuthenticateOfflineSubscriptionToken/AuthenticateOfflineSubscriptionToken'
|
||||
import { OfflineUserSubscription } from '../Domain/Subscription/OfflineUserSubscription'
|
||||
import { GetUserOfflineSubscription } from '../Domain/UseCase/GetUserOfflineSubscription/GetUserOfflineSubscription'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { CreateOfflineSubscriptionToken } from '../../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionTokenResponse } from '../../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionTokenResponse'
|
||||
import { AuthenticateOfflineSubscriptionToken } from '../../Domain/UseCase/AuthenticateOfflineSubscriptionToken/AuthenticateOfflineSubscriptionToken'
|
||||
import { OfflineUserSubscription } from '../../Domain/Subscription/OfflineUserSubscription'
|
||||
import { GetUserOfflineSubscription } from '../../Domain/UseCase/GetUserOfflineSubscription/GetUserOfflineSubscription'
|
||||
import { OfflineUserTokenData, TokenEncoderInterface } from '@standardnotes/security'
|
||||
import { SubscriptionName } from '@standardnotes/common'
|
||||
import { Logger } from 'winston'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
describe('OfflineController', () => {
|
||||
describe('InversifyExpressOfflineController', () => {
|
||||
let getUserFeatures: GetUserFeatures
|
||||
let getUserOfflineSubscription: GetUserOfflineSubscription
|
||||
let createOfflineSubscriptionToken: CreateOfflineSubscriptionToken
|
||||
@@ -32,7 +32,7 @@ describe('OfflineController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new OfflineController(
|
||||
new InversifyExpressOfflineController(
|
||||
getUserFeatures,
|
||||
getUserOfflineSubscription,
|
||||
createOfflineSubscriptionToken,
|
||||
@@ -8,17 +8,17 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { GetUserFeatures } from '../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { AuthenticateOfflineSubscriptionToken } from '../Domain/UseCase/AuthenticateOfflineSubscriptionToken/AuthenticateOfflineSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionToken } from '../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { GetUserOfflineSubscription } from '../Domain/UseCase/GetUserOfflineSubscription/GetUserOfflineSubscription'
|
||||
import { Logger } from 'winston'
|
||||
import { OfflineUserTokenData, TokenEncoderInterface } from '@standardnotes/security'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { AuthenticateOfflineSubscriptionToken } from '../../Domain/UseCase/AuthenticateOfflineSubscriptionToken/AuthenticateOfflineSubscriptionToken'
|
||||
import { CreateOfflineSubscriptionToken } from '../../Domain/UseCase/CreateOfflineSubscriptionToken/CreateOfflineSubscriptionToken'
|
||||
import { GetUserFeatures } from '../../Domain/UseCase/GetUserFeatures/GetUserFeatures'
|
||||
import { GetUserOfflineSubscription } from '../../Domain/UseCase/GetUserOfflineSubscription/GetUserOfflineSubscription'
|
||||
|
||||
@controller('/offline')
|
||||
export class OfflineController extends BaseHttpController {
|
||||
export class InversifyExpressOfflineController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetUserFeatures) private doGetUserFeatures: GetUserFeatures,
|
||||
@inject(TYPES.Auth_GetUserOfflineSubscription) private getUserOfflineSubscription: GetUserOfflineSubscription,
|
||||
@@ -2,14 +2,14 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { SessionController } from './SessionController'
|
||||
import { InversifyExpressSessionController } from './InversifyExpressSessionController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { RefreshSessionToken } from '../Domain/UseCase/RefreshSessionToken'
|
||||
import { DeletePreviousSessionsForUser } from '../Domain/UseCase/DeletePreviousSessionsForUser'
|
||||
import { DeleteSessionForUser } from '../Domain/UseCase/DeleteSessionForUser'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { DeletePreviousSessionsForUser } from '../../Domain/UseCase/DeletePreviousSessionsForUser'
|
||||
import { DeleteSessionForUser } from '../../Domain/UseCase/DeleteSessionForUser'
|
||||
import { RefreshSessionToken } from '../../Domain/UseCase/RefreshSessionToken'
|
||||
|
||||
describe('SessionController', () => {
|
||||
describe('InversifyExpressSessionController', () => {
|
||||
let deleteSessionForUser: DeleteSessionForUser
|
||||
let deletePreviousSessionsForUser: DeletePreviousSessionsForUser
|
||||
let refreshSessionToken: RefreshSessionToken
|
||||
@@ -18,7 +18,12 @@ describe('SessionController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new SessionController(deleteSessionForUser, deletePreviousSessionsForUser, refreshSessionToken, controllerContainer)
|
||||
new InversifyExpressSessionController(
|
||||
deleteSessionForUser,
|
||||
deletePreviousSessionsForUser,
|
||||
refreshSessionToken,
|
||||
controllerContainer,
|
||||
)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -9,14 +9,14 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { DeletePreviousSessionsForUser } from '../Domain/UseCase/DeletePreviousSessionsForUser'
|
||||
import { DeleteSessionForUser } from '../Domain/UseCase/DeleteSessionForUser'
|
||||
import { RefreshSessionToken } from '../Domain/UseCase/RefreshSessionToken'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { DeletePreviousSessionsForUser } from '../../Domain/UseCase/DeletePreviousSessionsForUser'
|
||||
import { DeleteSessionForUser } from '../../Domain/UseCase/DeleteSessionForUser'
|
||||
import { RefreshSessionToken } from '../../Domain/UseCase/RefreshSessionToken'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/session')
|
||||
export class SessionController extends BaseHttpController {
|
||||
export class InversifyExpressSessionController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_DeleteSessionForUser) private deleteSessionForUser: DeleteSessionForUser,
|
||||
@inject(TYPES.Auth_DeletePreviousSessionsForUser)
|
||||
@@ -26,12 +26,12 @@ export class SessionController extends BaseHttpController {
|
||||
) {
|
||||
super()
|
||||
|
||||
this.controllerContainer.register('auth.session.delete', this.deleteSession.bind(this))
|
||||
this.controllerContainer.register('auth.session.deleteAll', this.deleteAllSessions.bind(this))
|
||||
this.controllerContainer.register('auth.session.refresh', this.refresh.bind(this))
|
||||
this.controllerContainer.register('auth.sessions.delete', this.deleteSession.bind(this))
|
||||
this.controllerContainer.register('auth.sessions.deleteAll', this.deleteAllSessions.bind(this))
|
||||
this.controllerContainer.register('auth.sessions.refresh', this.refresh.bind(this))
|
||||
}
|
||||
|
||||
@httpDelete('/', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
@httpDelete('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
async deleteSession(request: Request, response: Response): Promise<results.JsonResult | void> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -87,7 +87,7 @@ export class SessionController extends BaseHttpController {
|
||||
response.status(204).send()
|
||||
}
|
||||
|
||||
@httpDelete('/all', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
@httpDelete('/all', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
async deleteAllSessions(_request: Request, response: Response): Promise<results.JsonResult | void> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -2,17 +2,18 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { SessionsController } from './SessionsController'
|
||||
import { InversifyExpressSessionsController } from './InversifyExpressSessionsController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { Session } from '../Domain/Session/Session'
|
||||
import { ProjectorInterface } from '../Projection/ProjectorInterface'
|
||||
import { GetActiveSessionsForUser } from '../Domain/UseCase/GetActiveSessionsForUser'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { CreateCrossServiceToken } from '../Domain/UseCase/CreateCrossServiceToken/CreateCrossServiceToken'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { User } from '@standardnotes/responses'
|
||||
|
||||
describe('SessionsController', () => {
|
||||
import { AuthenticateRequest } from '../../Domain/UseCase/AuthenticateRequest'
|
||||
import { CreateCrossServiceToken } from '../../Domain/UseCase/CreateCrossServiceToken/CreateCrossServiceToken'
|
||||
import { GetActiveSessionsForUser } from '../../Domain/UseCase/GetActiveSessionsForUser'
|
||||
import { ProjectorInterface } from '../../Projection/ProjectorInterface'
|
||||
import { Session } from '../../Domain/Session/Session'
|
||||
|
||||
describe('InversifyExpressSessionsController', () => {
|
||||
let getActiveSessionsForUser: GetActiveSessionsForUser
|
||||
let authenticateRequest: AuthenticateRequest
|
||||
let sessionProjector: ProjectorInterface<Session>
|
||||
@@ -24,7 +25,7 @@ describe('SessionsController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new SessionsController(
|
||||
new InversifyExpressSessionsController(
|
||||
getActiveSessionsForUser,
|
||||
authenticateRequest,
|
||||
sessionProjector,
|
||||
@@ -8,18 +8,19 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { Session } from '../Domain/Session/Session'
|
||||
import { AuthenticateRequest } from '../Domain/UseCase/AuthenticateRequest'
|
||||
import { GetActiveSessionsForUser } from '../Domain/UseCase/GetActiveSessionsForUser'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { ProjectorInterface } from '../Projection/ProjectorInterface'
|
||||
import { SessionProjector } from '../Projection/SessionProjector'
|
||||
import { CreateCrossServiceToken } from '../Domain/UseCase/CreateCrossServiceToken/CreateCrossServiceToken'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { AuthenticateRequest } from '../../Domain/UseCase/AuthenticateRequest'
|
||||
import { CreateCrossServiceToken } from '../../Domain/UseCase/CreateCrossServiceToken/CreateCrossServiceToken'
|
||||
import { GetActiveSessionsForUser } from '../../Domain/UseCase/GetActiveSessionsForUser'
|
||||
import { ProjectorInterface } from '../../Projection/ProjectorInterface'
|
||||
import { SessionProjector } from '../../Projection/SessionProjector'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { Session } from '../../Domain/Session/Session'
|
||||
|
||||
@controller('/sessions')
|
||||
export class SessionsController extends BaseHttpController {
|
||||
export class InversifyExpressSessionsController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetActiveSessionsForUser) private getActiveSessionsForUser: GetActiveSessionsForUser,
|
||||
@inject(TYPES.Auth_AuthenticateRequest) private authenticateRequest: AuthenticateRequest,
|
||||
@@ -30,6 +31,7 @@ export class SessionsController extends BaseHttpController {
|
||||
super()
|
||||
|
||||
this.controllerContainer.register('auth.sessions.list', this.getSessions.bind(this))
|
||||
this.controllerContainer.register('auth.sessions.validate', this.validate.bind(this))
|
||||
}
|
||||
|
||||
@httpPost('/validate')
|
||||
@@ -60,7 +62,7 @@ export class SessionsController extends BaseHttpController {
|
||||
return this.json({ authToken: result.token })
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
@httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
|
||||
async getSessions(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json([])
|
||||
@@ -2,17 +2,17 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { SettingsController } from './SettingsController'
|
||||
import { InversifyExpressSettingsController } from './InversifyExpressSettingsController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { GetSettings } from '../Domain/UseCase/GetSettings/GetSettings'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { UpdateSetting } from '../Domain/UseCase/UpdateSetting/UpdateSetting'
|
||||
import { DeleteSetting } from '../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { EncryptionVersion } from '../Domain/Encryption/EncryptionVersion'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { EncryptionVersion } from '../../Domain/Encryption/EncryptionVersion'
|
||||
import { DeleteSetting } from '../../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { GetSettings } from '../../Domain/UseCase/GetSettings/GetSettings'
|
||||
import { UpdateSetting } from '../../Domain/UseCase/UpdateSetting/UpdateSetting'
|
||||
import { User } from '../../Domain/User/User'
|
||||
|
||||
describe('SettingsController', () => {
|
||||
describe('InversifyExpressSettingsController', () => {
|
||||
let deleteSetting: DeleteSetting
|
||||
let getSettings: GetSettings
|
||||
let getSetting: GetSetting
|
||||
@@ -24,7 +24,7 @@ describe('SettingsController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new SettingsController(getSettings, getSetting, updateSetting, deleteSetting, controllerContainer)
|
||||
new InversifyExpressSettingsController(getSettings, getSetting, updateSetting, deleteSetting, controllerContainer)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -10,16 +10,16 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { EncryptionVersion } from '../Domain/Encryption/EncryptionVersion'
|
||||
import { DeleteSetting } from '../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { GetSettings } from '../Domain/UseCase/GetSettings/GetSettings'
|
||||
import { UpdateSetting } from '../Domain/UseCase/UpdateSetting/UpdateSetting'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { EncryptionVersion } from '../../Domain/Encryption/EncryptionVersion'
|
||||
import { DeleteSetting } from '../../Domain/UseCase/DeleteSetting/DeleteSetting'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { GetSettings } from '../../Domain/UseCase/GetSettings/GetSettings'
|
||||
import { UpdateSetting } from '../../Domain/UseCase/UpdateSetting/UpdateSetting'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/users/:userUuid')
|
||||
export class SettingsController extends BaseHttpController {
|
||||
export class InversifyExpressSettingsController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetSettings) private doGetSettings: GetSettings,
|
||||
@inject(TYPES.Auth_GetSetting) private doGetSetting: GetSetting,
|
||||
@@ -35,7 +35,7 @@ export class SettingsController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.deleteSetting', this.deleteSetting.bind(this))
|
||||
}
|
||||
|
||||
@httpGet('/settings', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/settings', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async getSettings(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (request.params.userUuid !== response.locals.user.uuid) {
|
||||
return this.json(
|
||||
@@ -54,7 +54,7 @@ export class SettingsController extends BaseHttpController {
|
||||
return this.json(result)
|
||||
}
|
||||
|
||||
@httpGet('/settings/:settingName', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/settings/:settingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async getSetting(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (request.params.userUuid !== response.locals.user.uuid) {
|
||||
return this.json(
|
||||
@@ -77,7 +77,7 @@ export class SettingsController extends BaseHttpController {
|
||||
return this.json(result, 400)
|
||||
}
|
||||
|
||||
@httpPut('/settings', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPut('/settings', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async updateSetting(request: Request, response: Response): Promise<results.JsonResult | results.StatusCodeResult> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -124,7 +124,7 @@ export class SettingsController extends BaseHttpController {
|
||||
return this.json(result, result.statusCode)
|
||||
}
|
||||
|
||||
@httpDelete('/settings/:settingName', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpDelete('/settings/:settingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async deleteSetting(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -31,7 +31,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
|
||||
this.controllerContainer.register('auth.subscriptionInvites.list', this.listInvites.bind(this))
|
||||
}
|
||||
|
||||
@httpPost('/:inviteUuid/accept', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/:inviteUuid/accept', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async acceptInvite(request: Request, response: Response): Promise<void> {
|
||||
const result = await this.subscriptionInvitesController.acceptInvite({
|
||||
api: request.query.api as ApiVersion,
|
||||
@@ -52,7 +52,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
|
||||
return this.json(response.data, response.status)
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async inviteToSubscriptionSharing(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.subscriptionInvitesController.invite({
|
||||
...request.body,
|
||||
@@ -64,7 +64,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpDelete('/:inviteUuid', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpDelete('/:inviteUuid', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async cancelSubscriptionSharing(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.subscriptionInvitesController.cancelInvite({
|
||||
...request.body,
|
||||
@@ -75,7 +75,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
|
||||
return this.json(result.data, result.status)
|
||||
}
|
||||
|
||||
@httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async listInvites(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.subscriptionInvitesController.listInvites({
|
||||
...request.body,
|
||||
|
||||
@@ -3,12 +3,12 @@ import 'reflect-metadata'
|
||||
import * as express from 'express'
|
||||
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { SubscriptionSettingsController } from './SubscriptionSettingsController'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { InversifyExpressSubscriptionSettingsController } from './InversifyExpressSubscriptionSettingsController'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
|
||||
describe('SubscriptionSettingsController', () => {
|
||||
describe('InversifyExpressSubscriptionSettingsController', () => {
|
||||
let getSetting: GetSetting
|
||||
|
||||
let request: express.Request
|
||||
@@ -16,7 +16,7 @@ describe('SubscriptionSettingsController', () => {
|
||||
let user: User
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () => new SubscriptionSettingsController(getSetting, controllerContainer)
|
||||
const createController = () => new InversifyExpressSubscriptionSettingsController(getSetting, controllerContainer)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -7,12 +7,12 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { GetSetting } from '../Domain/UseCase/GetSetting/GetSetting'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { GetSetting } from '../../Domain/UseCase/GetSetting/GetSetting'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/users/:userUuid')
|
||||
export class SubscriptionSettingsController extends BaseHttpController {
|
||||
export class InversifyExpressSubscriptionSettingsController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_GetSetting) private doGetSetting: GetSetting,
|
||||
@inject(TYPES.Auth_ControllerContainer) private controllerContainer: ControllerContainerInterface,
|
||||
@@ -22,7 +22,7 @@ export class SubscriptionSettingsController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.getSubscriptionSetting', this.getSubscriptionSetting.bind(this))
|
||||
}
|
||||
|
||||
@httpGet('/subscription-settings/:subscriptionSettingName', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/subscription-settings/:subscriptionSettingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async getSubscriptionSetting(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.doGetSetting.execute({
|
||||
userUuid: response.locals.user.uuid,
|
||||
@@ -3,19 +3,19 @@ import 'reflect-metadata'
|
||||
import * as express from 'express'
|
||||
import { results } from 'inversify-express-utils'
|
||||
|
||||
import { SubscriptionTokensController } from './SubscriptionTokensController'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { CreateSubscriptionTokenResponse } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionTokenResponse'
|
||||
import { AuthenticateSubscriptionToken } from '../Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken'
|
||||
import { ProjectorInterface } from '../Projection/ProjectorInterface'
|
||||
import { Role } from '../Domain/Role/Role'
|
||||
import { SettingServiceInterface } from '../Domain/Setting/SettingServiceInterface'
|
||||
import { Setting } from '../Domain/Setting/Setting'
|
||||
import { InversifyExpressSubscriptionTokensController } from './InversifyExpressSubscriptionTokensController'
|
||||
import { CrossServiceTokenData, TokenEncoderInterface } from '@standardnotes/security'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { Setting } from '../../Domain/Setting/Setting'
|
||||
import { SettingServiceInterface } from '../../Domain/Setting/SettingServiceInterface'
|
||||
import { AuthenticateSubscriptionToken } from '../../Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken'
|
||||
import { CreateSubscriptionToken } from '../../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { CreateSubscriptionTokenResponse } from '../../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionTokenResponse'
|
||||
import { ProjectorInterface } from '../../Projection/ProjectorInterface'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { Role } from '../../Domain/Role/Role'
|
||||
|
||||
describe('SubscriptionTokensController', () => {
|
||||
describe('InversifyExpressSubscriptionTokensController', () => {
|
||||
let createSubscriptionToken: CreateSubscriptionToken
|
||||
let authenticateToken: AuthenticateSubscriptionToken
|
||||
const jwtTTL = 60
|
||||
@@ -33,7 +33,7 @@ describe('SubscriptionTokensController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new SubscriptionTokensController(
|
||||
new InversifyExpressSubscriptionTokensController(
|
||||
createSubscriptionToken,
|
||||
authenticateToken,
|
||||
settingService,
|
||||
@@ -11,17 +11,17 @@ import {
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { Role } from '../Domain/Role/Role'
|
||||
import { SettingServiceInterface } from '../Domain/Setting/SettingServiceInterface'
|
||||
import { AuthenticateSubscriptionToken } from '../Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken'
|
||||
import { CreateSubscriptionToken } from '../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { ProjectorInterface } from '../Projection/ProjectorInterface'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { Role } from '../../Domain/Role/Role'
|
||||
import { SettingServiceInterface } from '../../Domain/Setting/SettingServiceInterface'
|
||||
import { AuthenticateSubscriptionToken } from '../../Domain/UseCase/AuthenticateSubscriptionToken/AuthenticateSubscriptionToken'
|
||||
import { CreateSubscriptionToken } from '../../Domain/UseCase/CreateSubscriptionToken/CreateSubscriptionToken'
|
||||
import { User } from '../../Domain/User/User'
|
||||
import { ProjectorInterface } from '../../Projection/ProjectorInterface'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/subscription-tokens')
|
||||
export class SubscriptionTokensController extends BaseHttpController {
|
||||
export class InversifyExpressSubscriptionTokensController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CreateSubscriptionToken) private createSubscriptionToken: CreateSubscriptionToken,
|
||||
@inject(TYPES.Auth_AuthenticateSubscriptionToken) private authenticateToken: AuthenticateSubscriptionToken,
|
||||
@@ -37,7 +37,7 @@ export class SubscriptionTokensController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.subscription-tokens.create', this.createToken.bind(this))
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async createToken(_request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -17,7 +17,7 @@ export class InversifyExpressUserRequestsController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.createRequest', this.submitRequest.bind(this))
|
||||
}
|
||||
|
||||
@httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async submitRequest(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
const result = await this.userRequestsController.submitUserRequest({
|
||||
requestType: request.body.requestType,
|
||||
|
||||
@@ -2,20 +2,20 @@ import 'reflect-metadata'
|
||||
|
||||
import * as express from 'express'
|
||||
|
||||
import { UsersController } from './UsersController'
|
||||
import { InversifyExpressUsersController } from './InversifyExpressUsersController'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { UpdateUser } from '../Domain/UseCase/UpdateUser'
|
||||
import { GetUserKeyParams } from '../Domain/UseCase/GetUserKeyParams/GetUserKeyParams'
|
||||
import { DeleteAccount } from '../Domain/UseCase/DeleteAccount/DeleteAccount'
|
||||
import { GetUserSubscription } from '../Domain/UseCase/GetUserSubscription/GetUserSubscription'
|
||||
import { ClearLoginAttempts } from '../Domain/UseCase/ClearLoginAttempts'
|
||||
import { IncreaseLoginAttempts } from '../Domain/UseCase/IncreaseLoginAttempts'
|
||||
import { ChangeCredentials } from '../Domain/UseCase/ChangeCredentials/ChangeCredentials'
|
||||
import { InviteToSharedSubscription } from '../Domain/UseCase/InviteToSharedSubscription/InviteToSharedSubscription'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import { ControllerContainerInterface, Username } from '@standardnotes/domain-core'
|
||||
import { DeleteAccount } from '../../Domain/UseCase/DeleteAccount/DeleteAccount'
|
||||
import { ChangeCredentials } from '../../Domain/UseCase/ChangeCredentials/ChangeCredentials'
|
||||
import { ClearLoginAttempts } from '../../Domain/UseCase/ClearLoginAttempts'
|
||||
import { GetUserKeyParams } from '../../Domain/UseCase/GetUserKeyParams/GetUserKeyParams'
|
||||
import { GetUserSubscription } from '../../Domain/UseCase/GetUserSubscription/GetUserSubscription'
|
||||
import { IncreaseLoginAttempts } from '../../Domain/UseCase/IncreaseLoginAttempts'
|
||||
import { InviteToSharedSubscription } from '../../Domain/UseCase/InviteToSharedSubscription/InviteToSharedSubscription'
|
||||
import { UpdateUser } from '../../Domain/UseCase/UpdateUser'
|
||||
import { User } from '../../Domain/User/User'
|
||||
|
||||
describe('UsersController', () => {
|
||||
describe('InversifyExpressUsersController', () => {
|
||||
let updateUser: UpdateUser
|
||||
let deleteAccount: DeleteAccount
|
||||
let getUserKeyParams: GetUserKeyParams
|
||||
@@ -31,7 +31,7 @@ describe('UsersController', () => {
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () =>
|
||||
new UsersController(
|
||||
new InversifyExpressUsersController(
|
||||
updateUser,
|
||||
getUserKeyParams,
|
||||
deleteAccount,
|
||||
@@ -321,10 +321,7 @@ describe('UsersController', () => {
|
||||
kpOrigination: 'change-password',
|
||||
pwNonce: 'asdzxc',
|
||||
protocolVersion: '004',
|
||||
user: {
|
||||
uuid: '123',
|
||||
email: 'test@test.te',
|
||||
},
|
||||
username: Username.create('test@test.te').getValue(),
|
||||
})
|
||||
|
||||
expect(clearLoginAttempts.execute).toHaveBeenCalled()
|
||||
@@ -11,18 +11,18 @@ import {
|
||||
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
||||
results,
|
||||
} from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { DeleteAccount } from '../Domain/UseCase/DeleteAccount/DeleteAccount'
|
||||
import { GetUserKeyParams } from '../Domain/UseCase/GetUserKeyParams/GetUserKeyParams'
|
||||
import { UpdateUser } from '../Domain/UseCase/UpdateUser'
|
||||
import { GetUserSubscription } from '../Domain/UseCase/GetUserSubscription/GetUserSubscription'
|
||||
import { ClearLoginAttempts } from '../Domain/UseCase/ClearLoginAttempts'
|
||||
import { IncreaseLoginAttempts } from '../Domain/UseCase/IncreaseLoginAttempts'
|
||||
import { ChangeCredentials } from '../Domain/UseCase/ChangeCredentials/ChangeCredentials'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { DeleteAccount } from '../../Domain/UseCase/DeleteAccount/DeleteAccount'
|
||||
import { GetUserKeyParams } from '../../Domain/UseCase/GetUserKeyParams/GetUserKeyParams'
|
||||
import { UpdateUser } from '../../Domain/UseCase/UpdateUser'
|
||||
import { GetUserSubscription } from '../../Domain/UseCase/GetUserSubscription/GetUserSubscription'
|
||||
import { ClearLoginAttempts } from '../../Domain/UseCase/ClearLoginAttempts'
|
||||
import { IncreaseLoginAttempts } from '../../Domain/UseCase/IncreaseLoginAttempts'
|
||||
import { ChangeCredentials } from '../../Domain/UseCase/ChangeCredentials/ChangeCredentials'
|
||||
import { ControllerContainerInterface, Username } from '@standardnotes/domain-core'
|
||||
|
||||
@controller('/users')
|
||||
export class UsersController extends BaseHttpController {
|
||||
export class InversifyExpressUsersController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_UpdateUser) private updateUser: UpdateUser,
|
||||
@inject(TYPES.Auth_GetUserKeyParams) private getUserKeyParams: GetUserKeyParams,
|
||||
@@ -41,7 +41,7 @@ export class UsersController extends BaseHttpController {
|
||||
this.controllerContainer.register('auth.users.updateCredentials', this.changeCredentials.bind(this))
|
||||
}
|
||||
|
||||
@httpPatch('/:userId', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpPatch('/:userId', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async update(request: Request, response: Response): Promise<results.JsonResult | void> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -132,7 +132,7 @@ export class UsersController extends BaseHttpController {
|
||||
return this.json({ message: result.message }, result.responseCode)
|
||||
}
|
||||
|
||||
@httpGet('/:userUuid/subscription', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
@httpGet('/:userUuid/subscription', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async getSubscription(request: Request, response: Response): Promise<results.JsonResult> {
|
||||
if (request.params.userUuid !== response.locals.user.uuid) {
|
||||
return this.json(
|
||||
@@ -156,7 +156,7 @@ export class UsersController extends BaseHttpController {
|
||||
return this.json(result, 400)
|
||||
}
|
||||
|
||||
@httpPut('/:userId/attributes/credentials', TYPES.Auth_AuthMiddleware)
|
||||
@httpPut('/:userId/attributes/credentials', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
async changeCredentials(request: Request, response: Response): Promise<results.JsonResult | void> {
|
||||
if (response.locals.readOnlyAccess) {
|
||||
return this.json(
|
||||
@@ -203,9 +203,21 @@ export class UsersController extends BaseHttpController {
|
||||
400,
|
||||
)
|
||||
}
|
||||
const usernameOrError = Username.create(response.locals.user.email)
|
||||
if (usernameOrError.isFailed()) {
|
||||
return this.json(
|
||||
{
|
||||
error: {
|
||||
message: 'Invalid username.',
|
||||
},
|
||||
},
|
||||
400,
|
||||
)
|
||||
}
|
||||
const username = usernameOrError.getValue()
|
||||
|
||||
const changeCredentialsResult = await this.changeCredentialsUseCase.execute({
|
||||
user: response.locals.user,
|
||||
username,
|
||||
apiVersion: request.body.api,
|
||||
currentPassword: request.body.current_password,
|
||||
newPassword: request.body.new_password,
|
||||
@@ -2,17 +2,17 @@ import 'reflect-metadata'
|
||||
|
||||
import { Request, Response } from 'express'
|
||||
import { results } from 'inversify-express-utils'
|
||||
import { ValetTokenController } from './ValetTokenController'
|
||||
import { CreateValetToken } from '../Domain/UseCase/CreateValetToken/CreateValetToken'
|
||||
import { InversifyExpressValetTokenController } from './InversifyExpressValetTokenController'
|
||||
import { CreateValetToken } from '../../Domain/UseCase/CreateValetToken/CreateValetToken'
|
||||
import { ControllerContainerInterface } from '@standardnotes/domain-core'
|
||||
|
||||
describe('ValetTokenController', () => {
|
||||
describe('InversifyExpressValetTokenController', () => {
|
||||
let createValetToken: CreateValetToken
|
||||
let request: Request
|
||||
let response: Response
|
||||
let controllerContainer: ControllerContainerInterface
|
||||
|
||||
const createController = () => new ValetTokenController(createValetToken, controllerContainer)
|
||||
const createController = () => new InversifyExpressValetTokenController(createValetToken, controllerContainer)
|
||||
|
||||
beforeEach(() => {
|
||||
controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
|
||||
@@ -10,12 +10,11 @@ import {
|
||||
import { CreateValetTokenPayload, ErrorTag } from '@standardnotes/responses'
|
||||
import { ValetTokenOperation } from '@standardnotes/security'
|
||||
import { ControllerContainerInterface, Uuid } from '@standardnotes/domain-core'
|
||||
import TYPES from '../../Bootstrap/Types'
|
||||
import { CreateValetToken } from '../../Domain/UseCase/CreateValetToken/CreateValetToken'
|
||||
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { CreateValetToken } from '../Domain/UseCase/CreateValetToken/CreateValetToken'
|
||||
|
||||
@controller('/valet-tokens', TYPES.Auth_ApiGatewayAuthMiddleware)
|
||||
export class ValetTokenController extends BaseHttpController {
|
||||
@controller('/valet-tokens', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
|
||||
export class InversifyExpressValetTokenController extends BaseHttpController {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CreateValetToken) private createValetKey: CreateValetToken,
|
||||
@inject(TYPES.Auth_ControllerContainer) private controllerContainer: ControllerContainerInterface,
|
||||
@@ -1,31 +1,16 @@
|
||||
import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import { Logger } from 'winston'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
|
||||
@injectable()
|
||||
export class ApiGatewayAuthMiddleware extends BaseMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CrossServiceTokenDecoder) private tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
|
||||
@inject(TYPES.Auth_Logger) private logger: Logger,
|
||||
) {
|
||||
export abstract class ApiGatewayAuthMiddleware extends BaseMiddleware {
|
||||
constructor(private tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>, private logger: Logger) {
|
||||
super()
|
||||
}
|
||||
|
||||
async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
|
||||
try {
|
||||
if (!request.headers['x-auth-token']) {
|
||||
this.logger.debug('ApiGatewayAuthMiddleware missing x-auth-token header.')
|
||||
|
||||
response.status(401).send({
|
||||
error: {
|
||||
tag: 'invalid-auth',
|
||||
message: 'Invalid login credentials.',
|
||||
},
|
||||
})
|
||||
|
||||
if (!this.handleMissingToken(request, response, next)) {
|
||||
return
|
||||
}
|
||||
|
||||
@@ -56,4 +41,6 @@ export class ApiGatewayAuthMiddleware extends BaseMiddleware {
|
||||
return next(error)
|
||||
}
|
||||
}
|
||||
|
||||
protected abstract handleMissingToken(request: Request, response: Response, next: NextFunction): boolean
|
||||
}
|
||||
@@ -3,7 +3,7 @@ import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import { Logger } from 'winston'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import TYPES from '../../../Bootstrap/Types'
|
||||
|
||||
@injectable()
|
||||
export class ApiGatewayOfflineAuthMiddleware extends BaseMiddleware {
|
||||
@@ -2,9 +2,9 @@ import 'reflect-metadata'
|
||||
|
||||
import { LockMiddleware } from './LockMiddleware'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { User } from '../Domain/User/User'
|
||||
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
|
||||
import { LockRepositoryInterface } from '../Domain/User/LockRepositoryInterface'
|
||||
import { User } from '../../../Domain/User/User'
|
||||
import { UserRepositoryInterface } from '../../../Domain/User/UserRepositoryInterface'
|
||||
import { LockRepositoryInterface } from '../../../Domain/User/LockRepositoryInterface'
|
||||
|
||||
describe('LockMiddleware', () => {
|
||||
let userRepository: UserRepositoryInterface
|
||||
@@ -2,10 +2,10 @@ import { Username } from '@standardnotes/domain-core'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { LockRepositoryInterface } from '../Domain/User/LockRepositoryInterface'
|
||||
import TYPES from '../../../Bootstrap/Types'
|
||||
import { LockRepositoryInterface } from '../../../Domain/User/LockRepositoryInterface'
|
||||
|
||||
import { UserRepositoryInterface } from '../Domain/User/UserRepositoryInterface'
|
||||
import { UserRepositoryInterface } from '../../../Domain/User/UserRepositoryInterface'
|
||||
|
||||
@injectable()
|
||||
export class LockMiddleware extends BaseMiddleware {
|
||||
@@ -3,8 +3,8 @@ import 'reflect-metadata'
|
||||
import { OfflineUserAuthMiddleware } from './OfflineUserAuthMiddleware'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { Logger } from 'winston'
|
||||
import { OfflineSettingRepositoryInterface } from '../Domain/Setting/OfflineSettingRepositoryInterface'
|
||||
import { OfflineSetting } from '../Domain/Setting/OfflineSetting'
|
||||
import { OfflineSettingRepositoryInterface } from '../../../Domain/Setting/OfflineSettingRepositoryInterface'
|
||||
import { OfflineSetting } from '../../../Domain/Setting/OfflineSetting'
|
||||
|
||||
describe('OfflineUserAuthMiddleware', () => {
|
||||
let offlineSettingRepository: OfflineSettingRepositoryInterface
|
||||
@@ -2,9 +2,9 @@ import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { BaseMiddleware } from 'inversify-express-utils'
|
||||
import { Logger } from 'winston'
|
||||
import TYPES from '../Bootstrap/Types'
|
||||
import { OfflineSettingName } from '../Domain/Setting/OfflineSettingName'
|
||||
import { OfflineSettingRepositoryInterface } from '../Domain/Setting/OfflineSettingRepositoryInterface'
|
||||
import TYPES from '../../../Bootstrap/Types'
|
||||
import { OfflineSettingName } from '../../../Domain/Setting/OfflineSettingName'
|
||||
import { OfflineSettingRepositoryInterface } from '../../../Domain/Setting/OfflineSettingRepositoryInterface'
|
||||
|
||||
@injectable()
|
||||
export class OfflineUserAuthMiddleware extends BaseMiddleware {
|
||||
@@ -0,0 +1,27 @@
|
||||
import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import TYPES from '../../../Bootstrap/Types'
|
||||
import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
|
||||
|
||||
@injectable()
|
||||
export class OptionalCrossServiceTokenMiddleware extends ApiGatewayAuthMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CrossServiceTokenDecoder) tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
|
||||
@inject(TYPES.Auth_Logger) logger: Logger,
|
||||
) {
|
||||
super(tokenDecoder, logger)
|
||||
}
|
||||
|
||||
protected override handleMissingToken(request: Request, _response: Response, next: NextFunction): boolean {
|
||||
if (!request.headers['x-auth-token']) {
|
||||
next()
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,32 @@
|
||||
import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
|
||||
import { NextFunction, Request, Response } from 'express'
|
||||
import { inject, injectable } from 'inversify'
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import TYPES from '../../../Bootstrap/Types'
|
||||
import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
|
||||
|
||||
@injectable()
|
||||
export class RequiredCrossServiceTokenMiddleware extends ApiGatewayAuthMiddleware {
|
||||
constructor(
|
||||
@inject(TYPES.Auth_CrossServiceTokenDecoder) tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
|
||||
@inject(TYPES.Auth_Logger) logger: Logger,
|
||||
) {
|
||||
super(tokenDecoder, logger)
|
||||
}
|
||||
|
||||
protected override handleMissingToken(request: Request, response: Response, _next: NextFunction): boolean {
|
||||
if (!request.headers['x-auth-token']) {
|
||||
response.status(401).send({
|
||||
error: {
|
||||
tag: 'invalid-auth',
|
||||
message: 'Invalid login credentials.',
|
||||
},
|
||||
})
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
}
|
||||
@@ -3,6 +3,12 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
# [1.12.0](https://github.com/standardnotes/server/compare/@standardnotes/domain-events-infra@1.11.2...@standardnotes/domain-events-infra@1.12.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* add direct event handling for home server ([#608](https://github.com/standardnotes/server/issues/608)) ([8a47d81](https://github.com/standardnotes/server/commit/8a47d81936acd765224e74fd083810579a83c9a7))
|
||||
|
||||
## [1.11.2](https://github.com/standardnotes/server/compare/@standardnotes/domain-events-infra@1.11.1...@standardnotes/domain-events-infra@1.11.2) (2023-05-15)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/domain-events-infra
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/domain-events-infra",
|
||||
"version": "1.11.2",
|
||||
"version": "1.12.0",
|
||||
"engines": {
|
||||
"node": ">=18.0.0 <21.0.0"
|
||||
},
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
import {
|
||||
DomainEventInterface,
|
||||
DomainEventMessageHandlerInterface,
|
||||
DomainEventPublisherInterface,
|
||||
} from '@standardnotes/domain-events'
|
||||
|
||||
export class DirectCallDomainEventPublisher implements DomainEventPublisherInterface {
|
||||
private handlers: Array<DomainEventMessageHandlerInterface> = []
|
||||
|
||||
register(domainEventMessageHandler: DomainEventMessageHandlerInterface): void {
|
||||
this.handlers.push(domainEventMessageHandler)
|
||||
}
|
||||
|
||||
async publish(event: DomainEventInterface): Promise<void> {
|
||||
await Promise.all(this.handlers.map((handler) => handler.handleMessage(event)))
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,32 @@
|
||||
import { Logger } from 'winston'
|
||||
|
||||
import {
|
||||
DomainEventHandlerInterface,
|
||||
DomainEventInterface,
|
||||
DomainEventMessageHandlerInterface,
|
||||
} from '@standardnotes/domain-events'
|
||||
|
||||
export class DirectCallEventMessageHandler implements DomainEventMessageHandlerInterface {
|
||||
constructor(private handlers: Map<string, DomainEventHandlerInterface>, private logger: Logger) {}
|
||||
|
||||
async handleMessage(messageOrEvent: string | DomainEventInterface): Promise<void> {
|
||||
if (typeof messageOrEvent === 'string') {
|
||||
throw new Error('DirectCallEventMessageHandler does not support string messages')
|
||||
}
|
||||
|
||||
const handler = this.handlers.get(messageOrEvent.type)
|
||||
if (!handler) {
|
||||
this.logger.debug(`Event handler for event type ${messageOrEvent.type} does not exist`)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
this.logger.debug(`Received event: ${messageOrEvent.type}`)
|
||||
|
||||
await handler.handle(messageOrEvent)
|
||||
}
|
||||
|
||||
async handleError(error: Error): Promise<void> {
|
||||
this.logger.error('Error occured while handling SQS message: %O', error)
|
||||
}
|
||||
}
|
||||
@@ -1,3 +1,6 @@
|
||||
export * from './DirectCall/DirectCallDomainEventPublisher'
|
||||
export * from './DirectCall/DirectCallEventMessageHandler'
|
||||
|
||||
export * from './Redis/RedisDomainEventPublisher'
|
||||
export * from './Redis/RedisDomainEventSubscriber'
|
||||
export * from './Redis/RedisDomainEventSubscriberFactory'
|
||||
|
||||
@@ -3,6 +3,12 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
# [2.111.0](https://github.com/standardnotes/server/compare/@standardnotes/domain-events@2.110.2...@standardnotes/domain-events@2.111.0) (2023-05-17)
|
||||
|
||||
### Features
|
||||
|
||||
* add direct event handling for home server ([#608](https://github.com/standardnotes/server/issues/608)) ([8a47d81](https://github.com/standardnotes/server/commit/8a47d81936acd765224e74fd083810579a83c9a7))
|
||||
|
||||
## [2.110.2](https://github.com/standardnotes/server/compare/@standardnotes/domain-events@2.110.1...@standardnotes/domain-events@2.110.2) (2023-05-09)
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/domain-events",
|
||||
"version": "2.110.2",
|
||||
"version": "2.111.0",
|
||||
"engines": {
|
||||
"node": ">=18.0.0 <21.0.0"
|
||||
},
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
import { DomainEventInterface } from '../Event/DomainEventInterface'
|
||||
|
||||
export interface DomainEventMessageHandlerInterface {
|
||||
handleMessage(message: string): Promise<void>
|
||||
handleMessage(messageOrEvent: string | DomainEventInterface): Promise<void>
|
||||
handleError(error: Error): Promise<void>
|
||||
}
|
||||
|
||||
@@ -3,6 +3,10 @@
|
||||
All notable changes to this project will be documented in this file.
|
||||
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
||||
|
||||
## [1.8.3](https://github.com/standardnotes/server/compare/@standardnotes/event-store@1.8.2...@standardnotes/event-store@1.8.3) (2023-05-17)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/event-store
|
||||
|
||||
## [1.8.2](https://github.com/standardnotes/server/compare/@standardnotes/event-store@1.8.1...@standardnotes/event-store@1.8.2) (2023-05-15)
|
||||
|
||||
**Note:** Version bump only for package @standardnotes/event-store
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "@standardnotes/event-store",
|
||||
"version": "1.8.2",
|
||||
"version": "1.8.3",
|
||||
"description": "Event Store Service",
|
||||
"private": true,
|
||||
"main": "dist/src/index.js",
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user