UNPKG

@authx/authx/dist/index.js

Version:

6.21 kBJavaScriptView Raw

1"use strict";
2function __export(m) {
  for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
4}
5var __importDefault = (this && this.__importDefault) || function (mod) {
  return (mod && mod.__esModule) ? mod : { "default": mod };
7};
8Object.defineProperty(exports, "__esModule", { value: true });
9const koa_body_1 = __importDefault(require("koa-body"));
10const uuid_1 = require("uuid");
11const graphql_playground_middleware_koa_1 = __importDefault(require("graphql-playground-middleware-koa"));
12const koa_router_1 = __importDefault(require("koa-router"));
13const graphql_api_koa_1 = require("graphql-api-koa");
14const auth_header_1 = require("auth-header");
15const pg_1 = require("pg");
16const x_1 = __importDefault(require("./x"));
17const oauth2_1 = __importDefault(require("./oauth2"));
18const Config_1 = require("./Config");
19const graphql_1 = require("./graphql");
20const getAuthorization_1 = require("./util/getAuthorization");
21const StrategyCollection_1 = require("./StrategyCollection");
22const errors_1 = require("./errors");
23const explanations_1 = require("./explanations");
24__export(require("./x"));
25__export(require("./errors"));
26__export(require("./model"));
27__export(require("./graphql"));
28__export(require("./StrategyCollection"));
29__export(require("./Config"));
30__export(require("./util/validateIdFormat"));
31class AuthX extends koa_router_1.default {
  constructor(config) {
      Config_1.assertConfig(config);
      super(config);
      const explanations = explanations_1.createAuthXExplanations({ [config.realm]: "AuthX" });
      const strategies = config.strategies instanceof StrategyCollection_1.StrategyCollection
          ? config.strategies
          : new StrategyCollection_1.StrategyCollection(config.strategies);
      // create a database pool
      this.pool = new pg_1.Pool(config.pg);
      // define the context middleware
      const contextMiddleware = async (ctx, next) => {
          const tx = await this.pool.connect();
          try {
              let authorization = null;
              const auth = ctx.request.header.authorization
                  ? auth_header_1.parse(ctx.request.header.authorization)
                  : null;
              // HTTP Basic Authorization
              const basic = auth && auth.scheme === "Basic" && typeof auth.token === "string"
                  ? auth.token
                  : null;
              if (basic) {
                  authorization = await getAuthorization_1.fromBasic(tx, basic);
                  // Invoke the authorization. Because the resource validates basic
                  // tokens by making a GraphQL request here, each request can be
                  // considered an invocation.
                  await authorization.invoke(tx, {
                      id: uuid_1.v4(),
                      format: "basic",
                      createdAt: new Date()
                  });
              }
              // Bearer Token Authorization
              const bearer = auth && auth.scheme === "Bearer" && typeof auth.token === "string"
                  ? auth.token
                  : null;
              if (bearer) {
                  authorization = await getAuthorization_1.fromBearer(tx, config.publicKeys, bearer);
                  // There is no need to invoke this authorization here, since it was
                  // invoked when the bearer token was generated.
              }
              // An authorization header exists, but did not match a known format.
              if (ctx.request.header.authorization && !authorization) {
                  throw new Error("An authorization header must be of either HTTP Basic or Bearer format.");
              }
              const context = {
                  ...ctx[x_1.default],
                  ...config,
                  strategies,
                  authorization,
                  pool: this.pool,
                  explanations: explanations
              };
              ctx[x_1.default] = context;
          }
          finally {
              tx.release();
          }
          await next();
      };
      // GraphQL
      // =======
      // The GraphQL endpoint is the primary API for interacting with AuthX.
      this.post("/graphql", graphql_api_koa_1.errorHandler(), contextMiddleware, 
      // The GraphQL endpoint only accepts JSON. This helps protect against CSRF
      // attacks that send urlenceded data via HTML forms.
      async (ctx, next) => {
          if (!ctx.is("json"))
              throw new errors_1.UnsupportedMediaTypeError("Requests to the AuthX GraphQL endpoint MUST specify a Content-Type of `application/json`.");
          await next();
      }, koa_body_1.default({ multipart: false, urlencoded: false, text: false, json: true }), graphql_api_koa_1.execute({
          schema: config.processSchema
              ? config.processSchema(graphql_1.createSchema(strategies))
              : graphql_1.createSchema(strategies),
          override: (ctx) => {
              const contextValue = ctx[x_1.default];
              return {
                  contextValue
              };
          }
      }));
      // GraphiQL
      // ========
      // This is a graphical (get it, graph-i-QL) interface to the AuthX API.
      this.all("/graphiql", graphql_playground_middleware_koa_1.default({ endpoint: "/graphql" }));
      // OAuth
      // =====
      // The core AuthX library supports the following OAuth2 grant types:
      //
      // - `authorization_code`
      // - `refresh_token`
      //
      // Because it involves presentation elements, the core AuthX library does
      // **not** implement the `code` grant type. Instead, a compatible reference
      // implementation of this flow is provided by the `authx-interface` NPM
      // package.
      this.post("/", contextMiddleware, koa_body_1.default({ multipart: false, urlencoded: true, text: false, json: true }), oauth2_1.default);
  }
130}
131exports.AuthX = AuthX;
132exports.default = AuthX;
133//# sourceMappingURL=index.js.map
\No newline at end of file

1	`"use strict";`
2	`function __export(m) {`
3	`for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];`
4	`}`
5	`var __importDefault = (this && this.__importDefault) \|\| function (mod) {`
6	`return (mod && mod.__esModule) ? mod : { "default": mod };`
7	`};`
8	`Object.defineProperty(exports, "__esModule", { value: true });`
9	`const koa_body_1 = __importDefault(require("koa-body"));`
10	`const uuid_1 = require("uuid");`
11	`const graphql_playground_middleware_koa_1 = __importDefault(require("graphql-playground-middleware-koa"));`
12	`const koa_router_1 = __importDefault(require("koa-router"));`
13	`const graphql_api_koa_1 = require("graphql-api-koa");`
14	`const auth_header_1 = require("auth-header");`
15	`const pg_1 = require("pg");`
16	`const x_1 = __importDefault(require("./x"));`
17	`const oauth2_1 = __importDefault(require("./oauth2"));`
18	`const Config_1 = require("./Config");`
19	`const graphql_1 = require("./graphql");`
20	`const getAuthorization_1 = require("./util/getAuthorization");`
21	`const StrategyCollection_1 = require("./StrategyCollection");`
22	`const errors_1 = require("./errors");`
23	`const explanations_1 = require("./explanations");`
24	`__export(require("./x"));`
25	`__export(require("./errors"));`
26	`__export(require("./model"));`
27	`__export(require("./graphql"));`
28	`__export(require("./StrategyCollection"));`
29	`__export(require("./Config"));`
30	`__export(require("./util/validateIdFormat"));`
31	`class AuthX extends koa_router_1.default {`
32	`constructor(config) {`
33	`Config_1.assertConfig(config);`
34	`super(config);`
35	`const explanations = explanations_1.createAuthXExplanations({ [config.realm]: "AuthX" });`
36	`const strategies = config.strategies instanceof StrategyCollection_1.StrategyCollection`
37	`? config.strategies`
38	`: new StrategyCollection_1.StrategyCollection(config.strategies);`
39	`// create a database pool`
40	`this.pool = new pg_1.Pool(config.pg);`
41	`// define the context middleware`
42	`const contextMiddleware = async (ctx, next) => {`
43	`const tx = await this.pool.connect();`
44	`try {`
45	`let authorization = null;`
46	`const auth = ctx.request.header.authorization`
47	`? auth_header_1.parse(ctx.request.header.authorization)`
48	`: null;`
49	`// HTTP Basic Authorization`
50	`const basic = auth && auth.scheme === "Basic" && typeof auth.token === "string"`
51	`? auth.token`
52	`: null;`
53	`if (basic) {`
54	`authorization = await getAuthorization_1.fromBasic(tx, basic);`
55	`// Invoke the authorization. Because the resource validates basic`
56	`// tokens by making a GraphQL request here, each request can be`
57	`// considered an invocation.`
58	`await authorization.invoke(tx, {`
59	`id: uuid_1.v4(),`
60	`format: "basic",`
61	`createdAt: new Date()`
62	`});`
63	`}`
64	`// Bearer Token Authorization`
65	`const bearer = auth && auth.scheme === "Bearer" && typeof auth.token === "string"`
66	`? auth.token`
67	`: null;`
68	`if (bearer) {`
69	`authorization = await getAuthorization_1.fromBearer(tx, config.publicKeys, bearer);`
70	`// There is no need to invoke this authorization here, since it was`
71	`// invoked when the bearer token was generated.`
72	`}`
73	`// An authorization header exists, but did not match a known format.`
74	`if (ctx.request.header.authorization && !authorization) {`
75	`throw new Error("An authorization header must be of either HTTP Basic or Bearer format.");`
76	`}`
77	`const context = {`
78	`...ctx[x_1.default],`
79	`...config,`
80	`strategies,`
81	`authorization,`
82	`pool: this.pool,`
83	`explanations: explanations`
84	`};`
85	`ctx[x_1.default] = context;`
86	`}`
87	`finally {`
88	`tx.release();`
89	`}`
90	`await next();`
91	`};`
92	`// GraphQL`
93	`// =======`
94	`// The GraphQL endpoint is the primary API for interacting with AuthX.`
95	`this.post("/graphql", graphql_api_koa_1.errorHandler(), contextMiddleware,`
96	`// The GraphQL endpoint only accepts JSON. This helps protect against CSRF`
97	`// attacks that send urlenceded data via HTML forms.`
98	`async (ctx, next) => {`
99	`if (!ctx.is("json"))`
100	throw new errors_1.UnsupportedMediaTypeError("Requests to the AuthX GraphQL endpoint MUST specify a Content-Type of `application/json`.");
101	`await next();`
102	`}, koa_body_1.default({ multipart: false, urlencoded: false, text: false, json: true }), graphql_api_koa_1.execute({`
103	`schema: config.processSchema`
104	`? config.processSchema(graphql_1.createSchema(strategies))`
105	`: graphql_1.createSchema(strategies),`
106	`override: (ctx) => {`
107	`const contextValue = ctx[x_1.default];`
108	`return {`
109	`contextValue`
110	`};`
111	`}`
112	`}));`
113	`// GraphiQL`
114	`// ========`
115	`// This is a graphical (get it, graph-i-QL) interface to the AuthX API.`
116	`this.all("/graphiql", graphql_playground_middleware_koa_1.default({ endpoint: "/graphql" }));`
117	`// OAuth`
118	`// =====`
119	`// The core AuthX library supports the following OAuth2 grant types:`
120	`//`
121	// - `authorization_code`
122	// - `refresh_token`
123	`//`
124	`// Because it involves presentation elements, the core AuthX library does`
125	// not implement the `code` grant type. Instead, a compatible reference
126	// implementation of this flow is provided by the `authx-interface` NPM
127	`// package.`
128	`this.post("/", contextMiddleware, koa_body_1.default({ multipart: false, urlencoded: true, text: false, json: true }), oauth2_1.default);`
129	`}`
130	`}`
131	`exports.AuthX = AuthX;`
132	`exports.default = AuthX;`
133	`//# sourceMappingURL=index.js.map`
\	No newline at end of file