UNPKG

169 kBJavaScriptView Raw
1'use strict';
2
3function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; }
4
5var tslib = _interopDefault(require('tslib'));
6var mvc = _interopDefault(require('@mvx/mvc'));
7var ioc = _interopDefault(require('@tsdi/ioc'));
8var koaSession = _interopDefault(require('koa-session'));
9var components = _interopDefault(require('@tsdi/components'));
10var url = _interopDefault(require('url'));
11var jsonwebtoken = _interopDefault(require('jsonwebtoken'));
12var http = _interopDefault(require('http'));
13var boot = _interopDefault(require('@tsdi/boot'));
14var https = _interopDefault(require('https'));
15var querystring = _interopDefault(require('querystring'));
16var crypto = _interopDefault(require('crypto'));
17var webfinger = _interopDefault(require('webfinger'));
18var request = _interopDefault(require('request'));
19var core = _interopDefault(require('@tsdi/core'));
20
21var commonjsGlobal = typeof globalThis !== 'undefined' ? globalThis : typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
22
23function unwrapExports (x) {
24 return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
25}
26
27function createCommonjsModule(fn, module) {
28 return module = { exports: {} }, fn(module, module.exports), module.exports;
29}
30
31var NoOpenIDError_1 = createCommonjsModule(function (module, exports) {
32Object.defineProperty(exports, "__esModule", { value: true });
33
34class NoOpenIDError extends mvc.HttpError {
35 constructor(message, response) {
36 super(400, message);
37 this.response = response;
38 }
39 static d0Ann() {
40 return { "name": "NoOpenIDError" };
41 }
42}
43exports.NoOpenIDError = NoOpenIDError;
44
45
46});
47
48unwrapExports(NoOpenIDError_1);
49var NoOpenIDError_2 = NoOpenIDError_1.NoOpenIDError;
50
51var AuthenticationError_1 = createCommonjsModule(function (module, exports) {
52Object.defineProperty(exports, "__esModule", { value: true });
53
54
55/**
56 * error.
57 *
58 * @export
59 * @class OIDCError
60 * @extends {HttpError}
61 */
62class AuthenticationError extends mvc.HttpError {
63 // tslint:disable-next-line: variable-name
64 constructor(status, message, error_description) {
65 super(status, message);
66 this.error_description = error_description;
67 this.name = ioc.lang.getClassName(this);
68 this.error = message;
69 this.expose = status < 500;
70 }
71 static d0Ann() {
72 return { "name": "AuthenticationError" };
73 }
74}
75exports.AuthenticationError = AuthenticationError;
76
77
78});
79
80unwrapExports(AuthenticationError_1);
81var AuthenticationError_2 = AuthenticationError_1.AuthenticationError;
82
83var OIDCError_1 = createCommonjsModule(function (module, exports) {
84Object.defineProperty(exports, "__esModule", { value: true });
85
86/**
87 * error.
88 *
89 * @export
90 * @class OIDCError
91 * @extends {HttpError}
92 */
93class OIDCError extends AuthenticationError_1.AuthenticationError {
94 constructor(message, code, uri, status) {
95 super(status, message);
96 this.code = code;
97 this.uri = uri;
98 if (!status) {
99 switch (code) {
100 case 'access_denied':
101 status = 403;
102 break;
103 case 'server_error':
104 status = 502;
105 break;
106 case 'temporarily_unavailable':
107 status = 503;
108 break;
109 }
110 }
111 this.expose = status < 500;
112 }
113 static d0Ann() {
114 return { "name": "OIDCError" };
115 }
116}
117exports.OIDCError = OIDCError;
118
119
120});
121
122unwrapExports(OIDCError_1);
123var OIDCError_2 = OIDCError_1.OIDCError;
124
125var InvalidToken_1 = createCommonjsModule(function (module, exports) {
126Object.defineProperty(exports, "__esModule", { value: true });
127
128/**
129 * invalid token.
130 *
131 * @export
132 * @class InvalidToken
133 * @extends {AuthenticationError}
134 */
135class InvalidToken extends AuthenticationError_1.AuthenticationError {
136 constructor(detail) {
137 super(401, 'invalid_token', 'invalid token provided');
138 this.error_detail = detail;
139 }
140 static d0Ann() {
141 return { "name": "InvalidToken" };
142 }
143}
144exports.InvalidToken = InvalidToken;
145
146
147});
148
149unwrapExports(InvalidToken_1);
150var InvalidToken_2 = InvalidToken_1.InvalidToken;
151
152var InvalidRequest_1 = createCommonjsModule(function (module, exports) {
153Object.defineProperty(exports, "__esModule", { value: true });
154
155/**
156 * invaild request error.
157 *
158 * @export
159 * @class InvalidRequest
160 * @extends {HttpError}
161 */
162class InvalidRequest extends AuthenticationError_1.AuthenticationError {
163 constructor(description, status = 400) {
164 super(status, '', description || 'request is invalid');
165 }
166 static d0Ann() {
167 return { "name": "InvalidRequest" };
168 }
169}
170exports.InvalidRequest = InvalidRequest;
171
172
173});
174
175unwrapExports(InvalidRequest_1);
176var InvalidRequest_2 = InvalidRequest_1.InvalidRequest;
177
178var InternalOAuthError_1 = createCommonjsModule(function (module, exports) {
179Object.defineProperty(exports, "__esModule", { value: true });
180
181/**
182 * internal oauth error.
183 *
184 * @export
185 * @class InternalOAuthError
186 * @extends {AuthenticationError}
187 */
188class InternalOAuthError extends AuthenticationError_1.AuthenticationError {
189 constructor(message, oauthError) {
190 super(400, message);
191 this.oauthError = oauthError;
192 }
193 static d0Ann() {
194 return { "name": "InternalOAuthError" };
195 }
196}
197exports.InternalOAuthError = InternalOAuthError;
198
199
200});
201
202unwrapExports(InternalOAuthError_1);
203var InternalOAuthError_2 = InternalOAuthError_1.InternalOAuthError;
204
205var errors = createCommonjsModule(function (module, exports) {
206Object.defineProperty(exports, "__esModule", { value: true });
207
208tslib.__exportStar(NoOpenIDError_1, exports);
209tslib.__exportStar(AuthenticationError_1, exports);
210tslib.__exportStar(OIDCError_1, exports);
211tslib.__exportStar(InvalidToken_1, exports);
212tslib.__exportStar(InvalidRequest_1, exports);
213tslib.__exportStar(InternalOAuthError_1, exports);
214
215
216});
217
218unwrapExports(errors);
219
220var SessionMiddleware_1 = createCommonjsModule(function (module, exports) {
221Object.defineProperty(exports, "__esModule", { value: true });
222
223
224
225
226/**
227 * Session storage.
228 */
229let SessionStorage = class SessionStorage {
230 constructor() {
231 }
232 static d0Ann() {
233 return { "name": "SessionStorage", "params": { "constructor": [], "get": ["key", "maxAge", "data"], "set": ["key", "sess", "maxAge", "data"], "destroy": ["key"] } };
234 }
235};
236SessionStorage = tslib.__decorate([
237 ioc.Abstract(),
238 tslib.__metadata("design:paramtypes", [])
239], SessionStorage);
240exports.SessionStorage = SessionStorage;
241/**
242 * session middleware.
243 *
244 * @export
245 * @class SessionMiddleware
246 * @extends {MvcMiddleware}
247 */
248let SessionMiddleware = class SessionMiddleware extends mvc.MvcMiddleware {
249 constructor() {
250 super(...arguments);
251 this.hasInit = false;
252 }
253 getMiddleware(context, koa) {
254 if (!this.hasInit && !this.middleware) {
255 let sessCfg = context.getConfiguration().session;
256 this.hasInit = true;
257 if (sessCfg) {
258 sessCfg = Object.assign({
259 key: 'typemvc:sess',
260 /** (number || 'session') maxAge in ms (default is 1 days) */
261 /** 'session' will result in a cookie that expires when session/browser is closed */
262 /** Warning: If a session cookie is stolen, this cookie will never expire */
263 maxAge: 36000000,
264 overwrite: true,
265 httpOnly: true,
266 signed: true,
267 rolling: false /** (boolean) Force a session identifier cookie to be set on every response. The expiration is reset to the original maxAge, resetting the expiration countdown. default is false **/
268 }, sessCfg);
269 if (!sessCfg.store) {
270 let storage = context.getContainer().getService(SessionStorage);
271 if (storage) {
272 sessCfg.store = storage;
273 }
274 }
275 this.middleware = koaSession(sessCfg, koa);
276 }
277 else {
278 this.middleware = koaSession(koa);
279 }
280 }
281 return this.middleware;
282 }
283 execute(ctx, next) {
284 let middleware = this.getMiddleware(ctx.mvcContext, ctx.app);
285 return middleware(ctx, next);
286 }
287 static d0Ann() {
288 return { "name": "SessionMiddleware", "params": { "getMiddleware": ["context", "koa"], "execute": ["ctx", "next"] } };
289 }
290};
291SessionMiddleware = tslib.__decorate([
292 mvc.Middleware({
293 name: mvc.MiddlewareTypes.Session,
294 before: mvc.MiddlewareTypes.BodyParser
295 })
296], SessionMiddleware);
297exports.SessionMiddleware = SessionMiddleware;
298
299
300});
301
302unwrapExports(SessionMiddleware_1);
303var SessionMiddleware_2 = SessionMiddleware_1.SessionStorage;
304var SessionMiddleware_3 = SessionMiddleware_1.SessionMiddleware;
305
306var IAuthenticator = createCommonjsModule(function (module, exports) {
307Object.defineProperty(exports, "__esModule", { value: true });
308
309/**
310 * IAuthenticator token.
311 */
312exports.AuthenticatorToken = new ioc.InjectToken('Authenticator');
313
314
315});
316
317unwrapExports(IAuthenticator);
318var IAuthenticator_1 = IAuthenticator.AuthenticatorToken;
319
320var ValidationResult_1 = createCommonjsModule(function (module, exports) {
321Object.defineProperty(exports, "__esModule", { value: true });
322
323/**
324 * auth action
325 *
326 * @export
327 * @class AuthAction
328 */
329class ValidationResult {
330 constructor() {
331 }
332 static d0Ann() {
333 return { "name": "ValidationResult" };
334 }
335}
336exports.ValidationResult = ValidationResult;
337
338
339});
340
341unwrapExports(ValidationResult_1);
342var ValidationResult_2 = ValidationResult_1.ValidationResult;
343
344var FailResult_1 = createCommonjsModule(function (module, exports) {
345Object.defineProperty(exports, "__esModule", { value: true });
346
347/**
348 * Fail authentication, with optional `challenge` and `status`, defaulting
349 * to 401.
350 *
351 * Strategies should return this action to fail an authentication attempt.
352 *
353 * @param {String} challenge
354 * @param {Number} status
355 * @api public
356 */
357class FailResult extends ValidationResult_1.ValidationResult {
358 constructor(challenge, status) {
359 super();
360 this.challenge = challenge;
361 this.status = status;
362 }
363 async execute(ctx, next) {
364 ctx.failures.push({ challenge: this.challenge, status: this.status });
365 }
366 static d0Ann() {
367 return { "name": "FailResult" };
368 }
369}
370exports.FailResult = FailResult;
371
372
373});
374
375unwrapExports(FailResult_1);
376var FailResult_2 = FailResult_1.FailResult;
377
378var PassResult_1 = createCommonjsModule(function (module, exports) {
379Object.defineProperty(exports, "__esModule", { value: true });
380
381/**
382 * Pass without making a success or fail decision.
383 *
384 * Under most circumstances, Strategies should not need to call this
385 * function. It exists primarily to allow previous authentication state
386 * to be restored, for example from an HTTP session.
387 *
388 */
389class PassResult extends ValidationResult_1.ValidationResult {
390 execute(ctx, next) {
391 return next();
392 }
393 static d0Ann() {
394 return { "name": "PassResult" };
395 }
396}
397exports.PassResult = PassResult;
398
399
400});
401
402unwrapExports(PassResult_1);
403var PassResult_2 = PassResult_1.PassResult;
404
405var RedirectResult_1 = createCommonjsModule(function (module, exports) {
406Object.defineProperty(exports, "__esModule", { value: true });
407
408/**
409 * Redirect to `url` with optional `status`, defaulting to 302.
410 *
411 * Strategies should return this function to redirect the user (via their
412 * user agent) to a third-party website for authentication.
413 *
414 * @param {String} url
415 * @param {Number} status
416 * @api public
417 */
418class RedirectResult extends ValidationResult_1.ValidationResult {
419 constructor(url, status = 302) {
420 super();
421 this.url = url;
422 this.status = status;
423 }
424 /**
425 * execute.
426 *
427 * @param {Context} ctx
428 * @param {() => Promise<void>} next
429 * @returns {Promise<void>}
430 * @memberof RedirectResult
431 */
432 async execute(ctx, next) {
433 ctx.status = this.status;
434 ctx.redirect(this.url);
435 }
436 static d0Ann() {
437 return { "name": "RedirectResult" };
438 }
439}
440exports.RedirectResult = RedirectResult;
441
442
443});
444
445unwrapExports(RedirectResult_1);
446var RedirectResult_2 = RedirectResult_1.RedirectResult;
447
448var SuccessResult_1 = createCommonjsModule(function (module, exports) {
449Object.defineProperty(exports, "__esModule", { value: true });
450
451/**
452 * Authenticate `user`, with optional `info`.
453 *
454 * Strategies should return this action to successfully authenticate a
455 * user. `user` should be an object supplied by the application after it
456 * has been given an opportunity to verify credentials. `info` is an
457 * optional argument containing additional user information. This is
458 * useful for third-party authentication strategies to pass profile
459 * details.
460 *
461 * @param {Object} user
462 * @param {Object} info
463 * @api public
464 */
465class SuccessResult extends ValidationResult_1.ValidationResult {
466 constructor(options, user, info) {
467 super();
468 this.options = options;
469 this.user = user;
470 this.info = info;
471 }
472 async execute(ctx, next, callback) {
473 let user = this.user;
474 let info = this.info || {};
475 if (callback) {
476 return callback(null, user, info);
477 }
478 let msg;
479 let options = this.options;
480 if (options.successFlash) {
481 var flash = options.successFlash;
482 if (typeof flash === 'string') {
483 flash = { type: 'success', message: flash };
484 }
485 flash.type = flash.type || 'success';
486 var type = flash.type || info.type || 'success';
487 msg = flash.message || info.message || info;
488 if (typeof msg === 'string') {
489 ctx.session.flash = { type: type, message: msg };
490 }
491 }
492 if (options.successMessage) {
493 if (!(info.type in ctx.session.message)) {
494 ctx.session.message[info.type] = [];
495 }
496 ctx.session.message[info.type].push(info.message);
497 }
498 if (options.assignProperty) {
499 ctx.state[options.assignProperty] = user;
500 }
501 await ctx.login(user);
502 if (options.authInfo !== false) {
503 ctx.state.authInfo = await ctx.passport.transformAuthInfo(info, ctx);
504 }
505 if (options.successReturnToOrRedirect) {
506 let url = options.successReturnToOrRedirect;
507 if (ctx.session && ctx.session.returnTo) {
508 url = ctx.session.returnTo;
509 delete ctx.session.returnTo;
510 }
511 return ctx.redirect(url);
512 }
513 if (options.successRedirect) {
514 return ctx.redirect(options.successRedirect);
515 }
516 }
517 static d0Ann() {
518 return { "name": "SuccessResult" };
519 }
520}
521exports.SuccessResult = SuccessResult;
522
523
524});
525
526unwrapExports(SuccessResult_1);
527var SuccessResult_2 = SuccessResult_1.SuccessResult;
528
529var results = createCommonjsModule(function (module, exports) {
530Object.defineProperty(exports, "__esModule", { value: true });
531
532tslib.__exportStar(ValidationResult_1, exports);
533tslib.__exportStar(FailResult_1, exports);
534tslib.__exportStar(PassResult_1, exports);
535tslib.__exportStar(RedirectResult_1, exports);
536tslib.__exportStar(SuccessResult_1, exports);
537tslib.__exportStar(ValidationResult_1, exports);
538
539
540});
541
542unwrapExports(results);
543
544var Strategy_1 = createCommonjsModule(function (module, exports) {
545Object.defineProperty(exports, "__esModule", { value: true });
546
547
548
549
550let Strategy = class Strategy {
551 static d0Ann() {
552 return { "name": "Strategy", "params": { "authenticate": ["ctx", "options"] } };
553 }
554};
555tslib.__decorate([
556 components.Input(),
557 tslib.__metadata("design:type", String)
558], Strategy.prototype, "name", void 0);
559tslib.__decorate([
560 ioc.Inject(IAuthenticator.AuthenticatorToken),
561 tslib.__metadata("design:type", Object)
562], Strategy.prototype, "authenticator", void 0);
563Strategy = tslib.__decorate([
564 ioc.Abstract()
565], Strategy);
566exports.Strategy = Strategy;
567
568
569});
570
571unwrapExports(Strategy_1);
572var Strategy_2 = Strategy_1.Strategy;
573
574var SessionStrategy_1 = createCommonjsModule(function (module, exports) {
575Object.defineProperty(exports, "__esModule", { value: true });
576
577
578/**
579 * session.
580 *
581 * @export
582 * @class SessionStrategy
583 * @extends {Strategy}
584 */
585class SessionStrategy extends Strategy_1.Strategy {
586 /**
587 * `SessionStrategy` constructor.
588 *
589 */
590 constructor() {
591 super();
592 this.name = 'session';
593 }
594 /**
595 * Authenticate request based on the current session state.
596 *
597 * The session authentication strategy uses the session to restore any login
598 * state across requests. If a login session has been established, `req.user`
599 * will be populated with the current user.
600 *
601 * This strategy is registered automatically by Passport.
602 *
603 */
604 async authenticate(ctx, options = {}) {
605 if (!ctx.passport) {
606 throw new Error('passport.initialize() middleware not in use');
607 }
608 let su;
609 if (ctx.session.passport) {
610 su = ctx.session.passport.user;
611 }
612 if (su || su === 0) {
613 // NOTE: Stream pausing is desirable in the case where later middleware is
614 // listening for events emitted from request. For discussion on the
615 // matter, refer to: https://github.com/jaredhanson/passport/pull/106
616 const user = await ctx.passport.deserializeUser(su, ctx);
617 if (!user) {
618 ctx.session.passport.user = undefined;
619 return new results.PassResult();
620 }
621 const property = ctx.passport.userProperty;
622 ctx.state[property] = user;
623 }
624 return new results.PassResult();
625 }
626 static d0Ann() {
627 return { "name": "SessionStrategy" };
628 }
629}
630exports.SessionStrategy = SessionStrategy;
631
632
633});
634
635unwrapExports(SessionStrategy_1);
636var SessionStrategy_2 = SessionStrategy_1.SessionStrategy;
637
638var LocalStrategy_1 = createCommonjsModule(function (module, exports) {
639Object.defineProperty(exports, "__esModule", { value: true });
640
641
642
643
644/**
645 * Local authenticate strategy
646 *
647 * @export
648 * @class LocalStrategy
649 * @extends {Strategy}
650 * @implements {AfterInit}
651 */
652let LocalStrategy = class LocalStrategy extends Strategy_1.Strategy {
653 async onAfterInit() {
654 if (!this.name) {
655 this.name = 'local';
656 }
657 if (!this.usernameField) {
658 this.usernameField = 'username';
659 }
660 if (!this.passwordField) {
661 this.passwordField = 'password';
662 }
663 }
664 async authenticate(ctx, options) {
665 let username = ctx.request.body[this.usernameField] || ctx.query[this.usernameField];
666 let password = ctx.request.body[this.passwordField] || ctx.query[this.passwordField];
667 let { user, info } = await this.verify(username, password, ctx);
668 if (!user) {
669 // TODO, not sure 401 is the correct meaning
670 return new results.FailResult(info, 401);
671 }
672 return new results.SuccessResult(options, user, info);
673 }
674 static d0Ann() {
675 return { "name": "LocalStrategy", "params": { "onAfterInit": [], "authenticate": ["ctx", "options"] } };
676 }
677};
678tslib.__decorate([
679 components.Input(),
680 tslib.__metadata("design:type", Function)
681], LocalStrategy.prototype, "verify", void 0);
682tslib.__decorate([
683 components.Input(),
684 tslib.__metadata("design:type", Object)
685], LocalStrategy.prototype, "usernameField", void 0);
686tslib.__decorate([
687 components.Input(),
688 tslib.__metadata("design:type", Object)
689], LocalStrategy.prototype, "passwordField", void 0);
690LocalStrategy = tslib.__decorate([
691 components.Component({
692 selector: 'local'
693 })
694], LocalStrategy);
695exports.LocalStrategy = LocalStrategy;
696
697
698});
699
700unwrapExports(LocalStrategy_1);
701var LocalStrategy_2 = LocalStrategy_1.LocalStrategy;
702
703var JwtStrategy_1 = createCommonjsModule(function (module, exports) {
704Object.defineProperty(exports, "__esModule", { value: true });
705
706
707
708
709
710
711
712/**
713 * Jwt authenticate strategy
714 */
715let JwtStrategy = class JwtStrategy extends Strategy_1.Strategy {
716 async onAfterInit() {
717 if (!this.name) {
718 this.name = 'jwt';
719 }
720 if (this.secretOrKey) {
721 if (this.secretOrKeyProvider) {
722 throw new TypeError('JwtStrategy has been given both a secretOrKey and a secretOrKeyProvider');
723 }
724 this.secretOrKeyProvider = async (request, rawJwtToken) => {
725 return this.secretOrKey;
726 };
727 }
728 if (!this.secretOrKeyProvider) {
729 throw new TypeError('JwtStrategy requires a secret or key');
730 }
731 if (!this.verify) {
732 throw new TypeError('JwtStrategy requires a verify');
733 }
734 if (!this.jwtFromRequest) {
735 throw new TypeError('JwtStrategy requires a function to retrieve jwt from requests (see option jwtFromRequest)');
736 }
737 }
738 async authenticate(ctx, options) {
739 let token = this.jwtFromRequest(ctx.request);
740 if (!token) {
741 return new results.FailResult('No auth token', 401);
742 }
743 let secretOrKey = this.secretOrKey = await this.secretOrKeyProvider(ctx.request, token);
744 let payload = await new Promise((r, j) => {
745 jsonwebtoken.verify(token, secretOrKey, {
746 audience: this.audience,
747 issuer: this.issuer,
748 algorithms: this.algorithms,
749 ignoreExpiration: this.ignoreExpiration
750 }, (err, decoded) => {
751 if (err) {
752 j(err);
753 }
754 else {
755 r(decoded);
756 }
757 });
758 });
759 let { user, info } = await this.verify(payload, ctx);
760 if (!user) {
761 // TODO, not sure 401 is the correct meaning
762 return new results.FailResult(info, 401);
763 }
764 return new results.SuccessResult(options, user, info);
765 }
766 sign(payload, secretOrKey, options) {
767 let defer = ioc.PromiseUtil.defer();
768 jsonwebtoken.sign(payload, secretOrKey || this.secretOrKey, Object.assign({ audience: this.audience, issuer: this.issuer }, (options || {})
769 // ignoreExpiration: this.ignoreExpiration
770 ), (err, decoded) => {
771 if (err) {
772 defer.reject(err);
773 }
774 else {
775 defer.resolve(decoded);
776 }
777 });
778 return defer.promise;
779 }
780 static d0Ann() {
781 return { "name": "JwtStrategy", "params": { "onAfterInit": [], "authenticate": ["ctx", "options"], "sign": ["payload", "secretOrKey", "options"] } };
782 }
783};
784tslib.__decorate([
785 components.Input(),
786 tslib.__metadata("design:type", Function)
787], JwtStrategy.prototype, "verify", void 0);
788tslib.__decorate([
789 components.Input(),
790 tslib.__metadata("design:type", String)
791], JwtStrategy.prototype, "issuer", void 0);
792tslib.__decorate([
793 components.Input(),
794 tslib.__metadata("design:type", Object)
795], JwtStrategy.prototype, "audience", void 0);
796tslib.__decorate([
797 components.Input(),
798 tslib.__metadata("design:type", Array)
799], JwtStrategy.prototype, "algorithms", void 0);
800tslib.__decorate([
801 components.Input(),
802 tslib.__metadata("design:type", Boolean)
803], JwtStrategy.prototype, "ignoreExpiration", void 0);
804tslib.__decorate([
805 components.Input(),
806 tslib.__metadata("design:type", Object)
807], JwtStrategy.prototype, "secretOrKey", void 0);
808tslib.__decorate([
809 components.Input(),
810 tslib.__metadata("design:type", Function)
811], JwtStrategy.prototype, "secretOrKeyProvider", void 0);
812tslib.__decorate([
813 components.Input(),
814 tslib.__metadata("design:type", Function)
815], JwtStrategy.prototype, "jwtFromRequest", void 0);
816JwtStrategy = tslib.__decorate([
817 components.Component({
818 selector: 'jwt'
819 })
820], JwtStrategy);
821exports.JwtStrategy = JwtStrategy;
822const matcExp = /(\S+)\s+(\S+)/;
823function parseAuthHeader(hdrValue) {
824 if (typeof hdrValue !== 'string') {
825 return null;
826 }
827 var matches = hdrValue.match(matcExp);
828 return matches && { scheme: matches[1], value: matches[2] };
829}
830// Note: express http converts all headers
831// to lower case.
832const AUTH_HEADER = 'authorization', LEGACY_AUTH_SCHEME = 'JWT', BEARER_AUTH_SCHEME = 'bearer';
833var JwtRequest;
834(function (JwtRequest) {
835 function fromHeader(headerName) {
836 return function (request) {
837 var token = null;
838 if (request.headers[headerName]) {
839 token = request.headers[headerName];
840 }
841 return token;
842 };
843 }
844 JwtRequest.fromHeader = fromHeader;
845 function fromBodyField(fieldName) {
846 return function (request) {
847 var token = null;
848 if (request.body && Object.prototype.hasOwnProperty.call(request.body, fieldName)) {
849 token = request.body[fieldName];
850 }
851 return token;
852 };
853 }
854 JwtRequest.fromBodyField = fromBodyField;
855 function fromUrlQueryParameter(paramName) {
856 return function (request) {
857 let token = null, parsedUrl = url.parse(request.url, true);
858 if (parsedUrl.query && Object.prototype.hasOwnProperty.call(parsedUrl.query, paramName)) {
859 token = parsedUrl.query[paramName];
860 }
861 return token;
862 };
863 }
864 JwtRequest.fromUrlQueryParameter = fromUrlQueryParameter;
865 function fromAuthHeaderWithScheme(authScheme) {
866 var authSchemeLower = authScheme.toLowerCase();
867 return function (request) {
868 var token = null;
869 if (request.headers[AUTH_HEADER]) {
870 var authParams = parseAuthHeader(request.headers[AUTH_HEADER]);
871 if (authParams && authSchemeLower === authParams.scheme.toLowerCase()) {
872 token = authParams.value;
873 }
874 }
875 return token;
876 };
877 }
878 JwtRequest.fromAuthHeaderWithScheme = fromAuthHeaderWithScheme;
879 function fromAuthHeaderAsBearerToken() {
880 return fromAuthHeaderWithScheme(BEARER_AUTH_SCHEME);
881 }
882 JwtRequest.fromAuthHeaderAsBearerToken = fromAuthHeaderAsBearerToken;
883 function fromExtractors(extractors) {
884 if (!Array.isArray(extractors)) {
885 throw new TypeError('export function fromExtractors expects an array');
886 }
887 return function (request) {
888 var token = null;
889 var index = 0;
890 while (!token && index < length) {
891 token = extractors[index].call(this, request);
892 index++;
893 }
894 return token;
895 };
896 }
897 JwtRequest.fromExtractors = fromExtractors;
898 /**
899 * This extractor mimics the behavior of the v1.*.* extraction logic.
900 *
901 * This extractor exists only to provide an easy transition from the v1.*.* API to the v2.0.0
902 * API.
903 *
904 * This extractor first checks the auth header, if it doesn't find a token there then it checks the
905 * specified body field and finally the url query parameters.
906 *
907 * @param options
908 * authScheme: Expected scheme when JWT can be found in HTTP Authorize header. Default is JWT.
909 * tokenBodyField: Field in request body containing token. Default is auth_token.
910 * tokenQueryParameterName: Query parameter name containing the token. Default is auth_token.
911 */
912 function versionOneCompatibility(options) {
913 var authScheme = options.authScheme || LEGACY_AUTH_SCHEME, bodyField = options.tokenBodyField || 'auth_token', queryParam = options.tokenQueryParameterName || 'auth_token';
914 return function (request) {
915 var authHeaderExtractor = fromAuthHeaderWithScheme(authScheme);
916 var token = authHeaderExtractor(request);
917 if (!token) {
918 var bodyExtractor = fromBodyField(bodyField);
919 token = bodyExtractor(request);
920 }
921 if (!token) {
922 var queryExtractor = fromUrlQueryParameter(queryParam);
923 token = queryExtractor(request);
924 }
925 return token;
926 };
927 }
928 JwtRequest.versionOneCompatibility = versionOneCompatibility;
929})(JwtRequest = exports.JwtRequest || (exports.JwtRequest = {}));
930
931
932});
933
934unwrapExports(JwtStrategy_1);
935var JwtStrategy_2 = JwtStrategy_1.JwtStrategy;
936var JwtStrategy_3 = JwtStrategy_1.JwtRequest;
937
938var ContextExtends = createCommonjsModule(function (module, exports) {
939Object.defineProperty(exports, "__esModule", { value: true });
940
941/**
942 * Intiate a login session for `user`.
943 *
944 * Options:
945 * - `session` Save login state in session, defaults to `true`
946 *
947 * Examples:
948 *
949 * await req.logIn(user, { session: false });
950 *
951 * @api public
952 */
953async function login(user) {
954 if (!this.passport) {
955 throw new Error('passport.initialize() middleware not in use');
956 }
957 const property = (this.passport && this.passport.userProperty);
958 this.state[property] = user;
959 let obj;
960 try {
961 obj = await this.passport.serializeUser(user, this);
962 }
963 catch (err) {
964 this.state[property] = null;
965 throw err;
966 }
967 if (!this.session) {
968 throw new Error('Should use session middleware before passport middleware');
969 }
970 this.session.passport.user = obj;
971}
972/**
973 * Terminate an existing login session.
974 *
975 * @api public
976 */
977function logout() {
978 if (!this.passport || !this.session) {
979 return;
980 }
981 const property = this.passport.userProperty;
982 delete this.state[property];
983 delete this.session.passport.user;
984}
985/**
986 * Test if request is authenticated.
987 *
988 * @api public
989 */
990function isAuthenticated() {
991 if (!this.passport) {
992 return false;
993 }
994 const property = this.passport.userProperty;
995 return (this.state[property]) ? true : false;
996}
997/**
998 * Test if request is unauthenticated.
999 *
1000 * @api public
1001 */
1002function isUnauthenticated() {
1003 return !this.isAuthenticated();
1004}
1005function hasRole(...roles) {
1006 if (!this.passport) {
1007 return false;
1008 }
1009 if (!roles.length) {
1010 return true;
1011 }
1012 const property = this.passport.rolesProperty;
1013 if ((this.state[property])) {
1014 return this.state[property].some(role => roles.indexOf(role) > 0);
1015 }
1016 return false;
1017}
1018/**
1019 * context extends.
1020 *
1021 * @export
1022 * @param {BaseContext} ctx
1023 * @returns {void}
1024 */
1025function contextExtends(ctx) {
1026 // add passport http.IncomingMessage extensions
1027 if (ctx.hasOwnProperty('login') || ctx.hasOwnProperty('logout') ||
1028 ctx.hasOwnProperty('isAuthenticated') || ctx.hasOwnProperty('isUnauthenticated')) {
1029 return;
1030 }
1031 Object.defineProperties(ctx, {
1032 login: {
1033 value: login,
1034 writable: false,
1035 enumerable: false,
1036 },
1037 logout: {
1038 value: logout,
1039 writable: false,
1040 enumerable: false,
1041 },
1042 isAuthenticated: {
1043 value: isAuthenticated,
1044 writable: false,
1045 enumerable: false,
1046 },
1047 isUnauthenticated: {
1048 value: isUnauthenticated,
1049 writable: false,
1050 enumerable: false,
1051 },
1052 hasRole: {
1053 value: hasRole,
1054 writable: false,
1055 enumerable: false,
1056 }
1057 });
1058}
1059exports.contextExtends = contextExtends;
1060
1061
1062});
1063
1064unwrapExports(ContextExtends);
1065var ContextExtends_1 = ContextExtends.contextExtends;
1066
1067var Authenticator_1 = createCommonjsModule(function (module, exports) {
1068Object.defineProperty(exports, "__esModule", { value: true });
1069
1070
1071
1072
1073
1074
1075
1076
1077/**
1078 * `Authenticator` constructor.
1079 *
1080 */
1081let Authenticator = class Authenticator {
1082 constructor() {
1083 this._userProperty = 'user';
1084 this._rolesProperty = 'roles';
1085 this.strategies = new Map();
1086 this.serializers = [];
1087 this.deserializers = [];
1088 this.infoTransformers = [];
1089 this.use(new SessionStrategy_1.SessionStrategy());
1090 }
1091 get userProperty() {
1092 return this._userProperty;
1093 }
1094 get rolesProperty() {
1095 return this._rolesProperty;
1096 }
1097 /**
1098 * get strategy.
1099 *
1100 * @param {string} name
1101 * @returns {IStrategy}
1102 * @memberof IAuthenticator
1103 */
1104 get(name) {
1105 return this.strategies.get(name);
1106 }
1107 use(name, strategy) {
1108 if (strategy === undefined) {
1109 strategy = name;
1110 name = strategy.name;
1111 }
1112 if (!name) {
1113 throw new Error('Authentication strategies must have a name');
1114 }
1115 this.strategies.set(name, strategy);
1116 return this;
1117 }
1118 /**
1119 * Un-utilize the `strategy` with given `name`.
1120 *
1121 * In typical applications, the necessary authentication strategies are static,
1122 * configured once and always available. As such, there is often no need to
1123 * invoke this function.
1124 *
1125 * However, in certain situations, applications may need dynamically configure
1126 * and de-configure authentication strategies. The `use()`/`unuse()`
1127 * combination satisfies these scenarios.
1128 *
1129 * Examples:
1130 *
1131 * passport.unuse('legacy-api');
1132 *
1133 */
1134 unuse(name) {
1135 this.strategies.delete(name);
1136 return this;
1137 }
1138 /**
1139 * Passport's primary initialization middleware.
1140 *
1141 * Intializes Passport for incoming requests, allowing
1142 * authentication strategies to be applied.
1143 *
1144 * If sessions are being utilized, applications must set up Passport with
1145 * functions to serialize a user into and out of a session. For example, a
1146 * common pattern is to serialize just the user ID into the session (due to the
1147 * fact that it is desirable to store the minimum amount of data in a session).
1148 * When a subsequent request arrives for the session, the full User object can
1149 * be loaded from the database by ID.
1150 *
1151 * Note that additional middleware is required to persist login state, so we
1152 * must use the `connect.session()` middleware _before_ `passport.initialize()`.
1153 *
1154 * If sessions are being used, this middleware must be in use by the
1155 * Koa application for Passport to operate. If the application is
1156 * entirely stateless (not using sessions), this middleware is not necessary,
1157 * but its use will not have any adverse impact.
1158 *
1159 * Options:
1160 * - `userProperty` Property to set on `ctx.state` upon login, defaults to _user_
1161 *
1162 * Examples:
1163 * app.use(connect.cookieParser());
1164 *
1165 * app.use(connect.session({ secret: 'keyboard cat' }));
1166 * app.use(passport.initialize());
1167 * app.use(passport.initialize({ userProperty: 'currentUser' }));
1168 * app.use(passport.session());
1169 *
1170 * passport.serializeUser(function(user, done) {
1171 * done(null, user.id);
1172 * });
1173 *
1174 * passport.deserializeUser(function(id, done) {
1175 * User.findById(id, function (err, user) {
1176 * done(err, user);
1177 * });
1178 * });
1179 *
1180 */
1181 initialize(options = {}) {
1182 this._userProperty = options.userProperty || 'user';
1183 this._rolesProperty = options.rolesProperty || 'roles';
1184 return async (ctx, next) => {
1185 ctx.passport = this;
1186 const session = ctx.session;
1187 if (!session) {
1188 throw new Error('Session middleware is needed with passport middleware!');
1189 }
1190 if (!('passport' in session)) {
1191 ctx.session.passport = { user: undefined };
1192 }
1193 if (!('message' in session)) {
1194 session.message = {};
1195 }
1196 ctx.session = session;
1197 ContextExtends.contextExtends(ctx);
1198 await next();
1199 };
1200 }
1201 authenticate(strategyNames, options = {}, callback) {
1202 if (ioc.isFunction(options)) {
1203 callback = options;
1204 options = {};
1205 }
1206 let multi = true;
1207 // Cast `strategy` to an array, allowing authentication to pass through a chain of
1208 // strategies. The first strategy to succeed, redirect, or error will halt
1209 // the chain. Authentication failures will proceed through each strategy in
1210 // series, ultimately failing if all strategies fail.
1211 //
1212 // This is typically used on API endpoints to allow clients to authenticate
1213 // using their preferred choice of Basic, Digest, token-based schemes, etc.
1214 // It is not feasible to construct a chain of multiple strategies that involve
1215 // redirection (for example both Facebook and Twitter), since the first one to
1216 // redirect will halt the chain.
1217 if (ioc.isString(strategyNames)) {
1218 strategyNames = [strategyNames];
1219 multi = false;
1220 }
1221 return async (ctx, next) => {
1222 // accumulator for failures from each strategy in the chain
1223 const failures = ctx.failures = [];
1224 function allFailed() {
1225 if (callback) {
1226 if (!multi) {
1227 return callback(null, false, failures[0].challenge, failures[0].status);
1228 }
1229 else {
1230 const challenges = failures.map(f => f.challenge);
1231 const statuses = failures.map(f => f.status);
1232 return callback(null, false, challenges, statuses);
1233 }
1234 }
1235 // Strategies are ordered by priority. For the purpose of flashing a
1236 // message, the first failure will be displayed.
1237 // const challenge = (failures[0] || {}).challenge || {};
1238 if (options.failureMessage && failures[0].challenge.type) {
1239 const challenge = failures[0].challenge;
1240 if (!(challenge.type in ctx.session.message)) {
1241 ctx.session.message[challenge.type] = [];
1242 }
1243 ctx.session.message[challenge.type].push(challenge.messages);
1244 }
1245 if (options.failureRedirect) {
1246 return ctx.redirect(options.failureRedirect);
1247 }
1248 // When failure handling is not delegated to the application, the default
1249 // is to respond with 401 Unauthorized. Note that the WWW-Authenticate
1250 // header will be set according to the strategies in use (see
1251 // actions#fail). If multiple strategies failed, each of their challenges
1252 // will be included in the response.
1253 const rchallenge = [];
1254 let rstatus;
1255 let status;
1256 for (const failure of failures) {
1257 status = failure.status;
1258 rstatus = rstatus || status;
1259 if (ioc.isString(failure.challenge)) {
1260 rchallenge.push(failure.challenge);
1261 }
1262 }
1263 ctx.status = rstatus || 401;
1264 if (ctx.status === 401 && rchallenge.length) {
1265 ctx.set('WWW-Authenticate', rchallenge);
1266 }
1267 if (options.failWithError) {
1268 throw new errors.AuthenticationError(rstatus, http.STATUS_CODES[ctx.status]);
1269 }
1270 // ctx.res.statusMessage = http.STATUS_CODES[ctx.status];
1271 ctx.response.message = http.STATUS_CODES[ctx.status];
1272 ctx.res.end(http.STATUS_CODES[ctx.status]);
1273 }
1274 for (const strategyName of strategyNames) {
1275 const strategy = this.strategies.get(strategyName);
1276 if (!strategy) {
1277 throw new Error(`Unknown authentication strategy "${strategyName}"`);
1278 }
1279 try {
1280 const res = await strategy.authenticate(ctx, options);
1281 if (res instanceof results.FailResult) {
1282 await res.execute(ctx, next);
1283 }
1284 else {
1285 return await res.execute(ctx, next, callback);
1286 }
1287 }
1288 catch (error) {
1289 if (callback) {
1290 return callback(error);
1291 }
1292 throw error;
1293 }
1294 }
1295 return allFailed();
1296 };
1297 }
1298 /**
1299 * Middleware that will authorize a third-party account using the given
1300 * `strategy` name, with optional `options`.
1301 *
1302 * If authorization is successful, the result provided by the strategy's verify
1303 * callback will be assigned to `ctx.state.account`. The existing login session and
1304 * `ctx.state.user` will be unaffected.
1305 *
1306 * This function is particularly useful when connecting third-party accounts
1307 * to the local account of a user that is currently authenticated.
1308 *
1309 * Examples:
1310 *
1311 * passport.authorize('twitter-authz', { failureRedirect: '/account' });
1312 */
1313 authorize(strategy, options = {}, callback) {
1314 options.assignProperty = 'account';
1315 return this.authenticate(strategy, options, callback);
1316 }
1317 /**
1318 * Middleware that will restore login state from a session.
1319 *
1320 * Web applications typically use sessions to maintain login state between
1321 * requests. For example, a user will authenticate by entering credentials into
1322 * a form which is submitted to the server. If the credentials are valid, a
1323 * login session is established by setting a cookie containing a session
1324 * identifier in the user's web browser. The web browser will send this cookie
1325 * in subsequent requests to the server, allowing a session to be maintained.
1326 *
1327 * If sessions are being utilized, and a login session has been established,
1328 * this middleware will populate `req.user` with the current user.
1329 *
1330 * Note that sessions are not strictly required for Passport to operate.
1331 * However, as a general rule, most web applications will make use of sessions.
1332 * An exception to this rule would be an API server, which expects each HTTP
1333 * request to provide credentials in an Authorization header.
1334 *
1335 * Examples:
1336 *
1337 * app.use(connect.cookieParser());
1338 * app.use(connect.session({ secret: 'keyboard cat' }));
1339 * app.use(passport.initialize());
1340 * app.use(passport.session());
1341 *
1342 * Options:
1343 * - `pauseStream` Pause the request stream before deserializing the user
1344 * object from the session. Defaults to _false_. Should
1345 * be set to true in cases where middleware consuming the
1346 * request body is configured after passport and the
1347 * deserializeUser method is asynchronous.
1348 *
1349 * @api public
1350 */
1351 session(options) {
1352 return this.authenticate('session', options);
1353 }
1354 async serializeUser(user, ctx) {
1355 if (typeof user === 'function') {
1356 return this.serializers.push(user);
1357 }
1358 for (const layer of this.serializers) {
1359 const obj = await layer(user, ctx);
1360 if (obj || obj === 0) {
1361 return obj;
1362 }
1363 }
1364 throw new Error('Failed to serialize user into session');
1365 }
1366 async deserializeUser(obj, ctx) {
1367 if (ioc.isFunction(obj)) {
1368 return this.deserializers.push(obj);
1369 }
1370 for (const layer of this.deserializers) {
1371 const user = await layer(obj, ctx);
1372 if (user) {
1373 return user;
1374 }
1375 else if (user === null || user === false) {
1376 return false;
1377 }
1378 }
1379 throw new Error('Failed to deserialize user out of session');
1380 }
1381 async transformAuthInfo(info, ctx) {
1382 if (ioc.isFunction(info)) {
1383 return this.infoTransformers.push(info);
1384 }
1385 // private implementation that traverses the chain of transformers,
1386 // attempting to transform auth info
1387 for (const layer of this.infoTransformers) {
1388 const tinfo = await layer(info, ctx);
1389 if (tinfo) {
1390 return tinfo;
1391 }
1392 }
1393 return info;
1394 }
1395 static d0Ann() {
1396 return { "name": "Authenticator", "params": { "constructor": [], "get": ["name"], "use": ["name", "strategy"], "unuse": ["name"], "initialize": ["options"], "authenticate": ["strategyNames", "options", "callback"], "authorize": ["strategy", "options", "callback"], "session": ["options"], "serializeUser": ["user", "ctx"], "deserializeUser": ["obj", "ctx"], "transformAuthInfo": ["info", "ctx"] } };
1397 }
1398};
1399Authenticator = tslib.__decorate([
1400 ioc.Singleton(IAuthenticator.AuthenticatorToken),
1401 tslib.__metadata("design:paramtypes", [])
1402], Authenticator);
1403exports.Authenticator = Authenticator;
1404
1405
1406});
1407
1408unwrapExports(Authenticator_1);
1409var Authenticator_2 = Authenticator_1.Authenticator;
1410
1411var StrategySelectorHandle_1 = createCommonjsModule(function (module, exports) {
1412Object.defineProperty(exports, "__esModule", { value: true });
1413
1414
1415class StrategySelectorHandle extends components.ComponentSelectorHandle {
1416 getSelector(template, compdr) {
1417 return ioc.isMetadataObject(template) ? template.strategy : null;
1418 }
1419 static d0Ann() {
1420 return { "name": "StrategySelectorHandle" };
1421 }
1422}
1423exports.StrategySelectorHandle = StrategySelectorHandle;
1424
1425
1426});
1427
1428unwrapExports(StrategySelectorHandle_1);
1429var StrategySelectorHandle_2 = StrategySelectorHandle_1.StrategySelectorHandle;
1430
1431var SerializeUser_1 = createCommonjsModule(function (module, exports) {
1432Object.defineProperty(exports, "__esModule", { value: true });
1433
1434
1435let SerializeUser = class SerializeUser {
1436 static d0Ann() {
1437 return { "name": "SerializeUser", "params": { "serializeUser": ["user", "ctx"] } };
1438 }
1439};
1440SerializeUser = tslib.__decorate([
1441 ioc.Abstract()
1442], SerializeUser);
1443exports.SerializeUser = SerializeUser;
1444
1445
1446});
1447
1448unwrapExports(SerializeUser_1);
1449var SerializeUser_2 = SerializeUser_1.SerializeUser;
1450
1451var DeserializeUser_1 = createCommonjsModule(function (module, exports) {
1452Object.defineProperty(exports, "__esModule", { value: true });
1453
1454
1455let DeserializeUser = class DeserializeUser {
1456 static d0Ann() {
1457 return { "name": "DeserializeUser", "params": { "deserializeUser": ["obj", "ctx"] } };
1458 }
1459};
1460DeserializeUser = tslib.__decorate([
1461 ioc.Abstract()
1462], DeserializeUser);
1463exports.DeserializeUser = DeserializeUser;
1464
1465
1466});
1467
1468unwrapExports(DeserializeUser_1);
1469var DeserializeUser_2 = DeserializeUser_1.DeserializeUser;
1470
1471var TransformAuthInfo_1 = createCommonjsModule(function (module, exports) {
1472Object.defineProperty(exports, "__esModule", { value: true });
1473
1474
1475let TransformAuthInfo = class TransformAuthInfo {
1476 static d0Ann() {
1477 return { "name": "TransformAuthInfo", "params": { "authInfo": ["user", "ctx"] } };
1478 }
1479};
1480TransformAuthInfo = tslib.__decorate([
1481 ioc.Abstract()
1482], TransformAuthInfo);
1483exports.TransformAuthInfo = TransformAuthInfo;
1484
1485
1486});
1487
1488unwrapExports(TransformAuthInfo_1);
1489var TransformAuthInfo_2 = TransformAuthInfo_1.TransformAuthInfo;
1490
1491var services = createCommonjsModule(function (module, exports) {
1492Object.defineProperty(exports, "__esModule", { value: true });
1493
1494tslib.__exportStar(SerializeUser_1, exports);
1495tslib.__exportStar(DeserializeUser_1, exports);
1496tslib.__exportStar(TransformAuthInfo_1, exports);
1497
1498
1499});
1500
1501unwrapExports(services);
1502
1503var PassportBuildService_1 = createCommonjsModule(function (module, exports) {
1504Object.defineProperty(exports, "__esModule", { value: true });
1505
1506
1507
1508
1509
1510
1511
1512/**
1513 * PassportBuildService
1514 *
1515 * @export
1516 * @abstract
1517 * @class PassportBuildService
1518 */
1519let PassportBuildService = class PassportBuildService {
1520 async createStrategy(option) {
1521 return await this.builder.resolveTemplate({ template: option, injector: this.injector });
1522 }
1523 static d0Ann() {
1524 return { "name": "PassportBuildService", "params": { "build": ["passport", "configuration"], "createStrategy": ["option"] } };
1525 }
1526};
1527tslib.__decorate([
1528 ioc.Inject(ioc.INJECTOR),
1529 tslib.__metadata("design:type", Object)
1530], PassportBuildService.prototype, "injector", void 0);
1531tslib.__decorate([
1532 ioc.Inject(),
1533 tslib.__metadata("design:type", components.ComponentBuilder)
1534], PassportBuildService.prototype, "builder", void 0);
1535PassportBuildService = tslib.__decorate([
1536 ioc.Abstract()
1537], PassportBuildService);
1538exports.PassportBuildService = PassportBuildService;
1539/**
1540 * register passport strategy in configuare.
1541 *
1542 * @export
1543 * @class ConfigurePassportBuildService
1544 * @extends {PassportBuildService}
1545 */
1546let ConfigurePassportBuildService = class ConfigurePassportBuildService extends PassportBuildService {
1547 async build(passport, configuration) {
1548 let actInj = this.injector.getInstance(ioc.ActionInjectorToken);
1549 let register = actInj.getInstance(boot.StartupDecoratorRegisterer).getRegisterer('TranslateTemplate');
1550 if (!register.has(StrategySelectorHandle_1.StrategySelectorHandle)) {
1551 register.registerBefore(components.Component, components.ComponentSelectorHandle, StrategySelectorHandle_1.StrategySelectorHandle);
1552 }
1553 if (configuration.passports) {
1554 let { strategies, serializers, deserializers, authInfos } = configuration.passports;
1555 if (strategies.length) {
1556 await Promise.all(strategies.map(async (p) => {
1557 let strategy = await this.createStrategy(p);
1558 if (strategy instanceof Strategy_1.Strategy) {
1559 passport.use(strategy);
1560 }
1561 }));
1562 }
1563 if (serializers && serializers.length) {
1564 serializers.forEach(ser => {
1565 if (ioc.isClass(ser)) {
1566 if (!this.injector.has(ser)) {
1567 this.injector.register(ser);
1568 }
1569 passport.serializeUser((user, ctx) => this.injector.resolve(ser).serializeUser(user, ctx));
1570 }
1571 else if (ioc.isFunction(ser)) {
1572 passport.serializeUser(ser);
1573 }
1574 });
1575 }
1576 else {
1577 this.injector.getServices(services.SerializeUser)
1578 .forEach(ser => {
1579 passport.serializeUser((user, ctx) => ser.serializeUser(user, ctx));
1580 });
1581 }
1582 if (deserializers && deserializers.length) {
1583 deserializers.forEach(desr => {
1584 if (ioc.isClass(desr)) {
1585 if (!this.injector.has(desr)) {
1586 this.injector.register(desr);
1587 }
1588 passport.deserializeUser((obj, ctx) => this.injector.resolve(desr).deserializeUser(obj, ctx));
1589 }
1590 else if (ioc.isFunction(desr)) {
1591 passport.deserializeUser(desr);
1592 }
1593 });
1594 }
1595 else {
1596 this.injector.getServices(services.DeserializeUser)
1597 .forEach(desr => {
1598 passport.deserializeUser((obj, ctx) => desr.deserializeUser(obj, ctx));
1599 });
1600 }
1601 if (authInfos && authInfos.length) {
1602 authInfos.forEach(trans => {
1603 if (ioc.isClass(trans)) {
1604 if (!this.injector.has(trans)) {
1605 this.injector.register(trans);
1606 }
1607 passport.transformAuthInfo((info, ctx) => this.injector.resolve(trans).authInfo(info, ctx));
1608 }
1609 else if (ioc.isFunction(trans)) {
1610 passport.transformAuthInfo(trans);
1611 }
1612 });
1613 }
1614 else {
1615 this.injector.getServices(services.TransformAuthInfo)
1616 .forEach(ser => {
1617 passport.transformAuthInfo((info, ctx) => ser.authInfo(info, ctx));
1618 });
1619 }
1620 }
1621 }
1622 static d0Ann() {
1623 return { "name": "ConfigurePassportBuildService", "params": { "build": ["passport", "configuration"] } };
1624 }
1625};
1626ConfigurePassportBuildService = tslib.__decorate([
1627 ioc.Injectable()
1628], ConfigurePassportBuildService);
1629exports.ConfigurePassportBuildService = ConfigurePassportBuildService;
1630
1631
1632});
1633
1634unwrapExports(PassportBuildService_1);
1635var PassportBuildService_2 = PassportBuildService_1.PassportBuildService;
1636var PassportBuildService_3 = PassportBuildService_1.ConfigurePassportBuildService;
1637
1638var oauth2 = createCommonjsModule(function (module, exports) {
1639Object.defineProperty(exports, "__esModule", { value: true });
1640
1641
1642
1643
1644
1645/**
1646 * oauth2 error.
1647 *
1648 * @export
1649 * @class OAuth2Error
1650 * @extends {AuthenticationError}
1651 */
1652class OAuth2Error extends errors.AuthenticationError {
1653 // tslint:disable-next-line:variable-name
1654 constructor(status, message, error_description) {
1655 super(status, message, error_description);
1656 }
1657 static d0Ann() {
1658 return { "name": "OAuth2Error" };
1659 }
1660}
1661exports.OAuth2Error = OAuth2Error;
1662/**
1663 * oauth2
1664 *
1665 * @export
1666 * @class OAuth2
1667 */
1668class OAuth2 {
1669 constructor(clientId, clientSecret, baseSite, authorizeUrl = '/oauth/authorize', accessTokenUrl = '/oauth/access_token', customHeader = {}) {
1670 this.clientId = clientId;
1671 this.clientSecret = clientSecret;
1672 this.baseSite = baseSite;
1673 this.authorizeUrl = authorizeUrl;
1674 this.accessTokenUrl = accessTokenUrl;
1675 this.customHeader = customHeader;
1676 this.accessTokenName = 'access_token';
1677 this.authMethod = 'Bearer';
1678 this.useAuthorizationHeaderForGET = false;
1679 this.agent = undefined;
1680 }
1681 // Allows you to set an agent to use instead of the default HTTP or
1682 // HTTPS agents. Useful when dealing with your own certificates.
1683 set Agent(agent) {
1684 this.agent = agent;
1685 }
1686 get Agent() {
1687 return this.agent;
1688 }
1689 // This 'hack' method is required for sites that don't use
1690 // 'access_token' as the name of the access token (for requests).
1691 // ( http://tools.ietf.org/html/draft-ietf-oauth-v2-16#section-7 )
1692 // it isn't clear what the correct value should be atm, so allowing
1693 // for specific (temporary?) override for now.
1694 set AccessTokenName(name) {
1695 this.accessTokenName = name;
1696 }
1697 get AccessTokenName() {
1698 return this.accessTokenName;
1699 }
1700 // Sets the authorization method for Authorization header.
1701 // e.g. Authorization: Bearer <token> # "Bearer" is the authorization method.
1702 set AuthMethod(authMethod) {
1703 this.authMethod = authMethod;
1704 }
1705 get AuthMethod() {
1706 return this.authMethod;
1707 }
1708 // If you use the OAuth2 exposed 'get' method (and don't construct your own _request call )
1709 // this will specify whether to use an 'Authorize' header instead of passing the access_token as a query parameter
1710 set UseAuthorizationHeaderForGET(useIt) {
1711 this.useAuthorizationHeaderForGET = useIt;
1712 }
1713 get UseAuthorizationHeaderForGET() {
1714 return this.useAuthorizationHeaderForGET;
1715 }
1716 get ClientId() {
1717 return this.clientId;
1718 }
1719 get AuthorizeUrl() {
1720 return this.authorizeUrl;
1721 }
1722 get AccessTokenUrl() {
1723 return `${this.baseSite}${this.accessTokenUrl}`; /* + "?" + querystring.stringify(params); */
1724 }
1725 // Build the authorization header. In particular, build the part after the colon.
1726 // e.g. Authorization: Bearer <token> # Build "Bearer <token>"
1727 buildAuthHeader(token) {
1728 return `${this.authMethod} ${token}`;
1729 }
1730 getAuthorizeUrl(params = {}) {
1731 params.client_id = this.clientId;
1732 return `${this.baseSite}${this.authorizeUrl}?${querystring.stringify(params)}`;
1733 }
1734 async getOAuthAccessToken(code, params = {}) {
1735 params.client_id = this.clientId;
1736 params.client_secret = this.clientSecret;
1737 const codeParam = (params.grant_type === 'refresh_token') ? 'refresh_token' : 'code';
1738 params[codeParam] = code;
1739 const postData = querystring.stringify(params);
1740 const postHeaders = {
1741 'Content-Type': 'application/x-www-form-urlencoded',
1742 };
1743 const { result } = await this.request('POST', this.AccessTokenUrl, postHeaders, postData, null);
1744 let data;
1745 try {
1746 // As of http://tools.ietf.org/html/draft-ietf-oauth-v2-07
1747 // responses should be in JSON
1748 data = JSON.parse(result);
1749 }
1750 catch (error) {
1751 // .... However both Facebook + Github currently use rev05 of the spec
1752 // and neither seem to specify a content-type correctly in their response headers :(
1753 // clients of these services will suffer a *minor* performance cost of the exception
1754 // being thrown
1755 data = querystring.parse(result);
1756 }
1757 const accessToken = data[this.AccessTokenName];
1758 if (!accessToken) {
1759 throw new OAuth2Error(400, JSON.stringify(params));
1760 }
1761 const refreshToken = data.refresh_token;
1762 delete data.refresh_token;
1763 return {
1764 accessToken,
1765 refreshToken,
1766 result: data,
1767 };
1768 }
1769 async get(url, accessToken) {
1770 let headers = {};
1771 if (this.useAuthorizationHeaderForGET) {
1772 headers = { Authorization: this.buildAuthHeader(accessToken) };
1773 accessToken = null;
1774 }
1775 return await this.request('GET', url, headers, '', accessToken);
1776 }
1777 request(method, url$1, headers = {}, postBody, accessToken) {
1778 const parsedUrl = url.parse(url$1, true);
1779 if (parsedUrl.protocol === 'https:' && !parsedUrl.port) {
1780 parsedUrl.port = '443';
1781 }
1782 const realHeaders = Object.assign({}, this.customHeader, headers);
1783 realHeaders.Host = parsedUrl.host;
1784 if (!realHeaders['User-Agent']) {
1785 realHeaders['User-Agent'] = 'Node-oauth';
1786 }
1787 realHeaders['Content-Length'] = 0;
1788 if (postBody) {
1789 realHeaders['Content-Length'] = Buffer.isBuffer(postBody) ? postBody.length :
1790 Buffer.byteLength(postBody);
1791 }
1792 if (accessToken && !('Authorization' in realHeaders)) {
1793 // It seems that the default value of .query return by URL.parse is {}.
1794 // if (!parsedUrl.query) {
1795 // parsedUrl.query = {};
1796 // }
1797 parsedUrl.query[this.accessTokenName] = accessToken;
1798 }
1799 let queryStr = querystring.stringify(parsedUrl.query);
1800 if (queryStr) {
1801 queryStr = '?' + queryStr;
1802 }
1803 const options = {
1804 protocol: parsedUrl.protocol,
1805 host: parsedUrl.hostname,
1806 port: parsedUrl.port,
1807 path: parsedUrl.pathname + queryStr,
1808 method,
1809 headers: realHeaders,
1810 };
1811 return new Promise((resolve, reject) => {
1812 this.executeRequest(options, postBody, (err, result, response) => err ? reject(err) : resolve({ result, response }));
1813 });
1814 }
1815 executeRequest(options, postBody, callback) {
1816 let callbackCalled = false;
1817 let result = '';
1818 // set the agent on the request options
1819 if (this.agent) {
1820 options.agent = this.agent;
1821 }
1822 const request = options.protocol !== 'https:' ? http.request(options) : https.request(options);
1823 request.on('response', (response) => {
1824 response.on('data', (chunk) => {
1825 result += chunk;
1826 });
1827 response.addListener('end', () => {
1828 if (!callbackCalled) {
1829 callbackCalled = true;
1830 if (!(response.statusCode >= 200 && response.statusCode <= 299) &&
1831 (response.statusCode !== 301) && (response.statusCode !== 302)) {
1832 callback(new OAuth2Error(response.statusCode, result));
1833 }
1834 else {
1835 callback(null, result, response);
1836 }
1837 }
1838 });
1839 });
1840 request.on('error', (e) => {
1841 callbackCalled = true;
1842 callback(e);
1843 });
1844 if ((options.method === 'POST' || options.method === 'PUT') && postBody) {
1845 request.write(postBody);
1846 }
1847 request.end();
1848 }
1849 static d0Ann() {
1850 return { "name": "OAuth2" };
1851 }
1852}
1853exports.OAuth2 = OAuth2;
1854
1855
1856});
1857
1858unwrapExports(oauth2);
1859var oauth2_1 = oauth2.OAuth2Error;
1860var oauth2_2 = oauth2.OAuth2;
1861
1862var utils = createCommonjsModule(function (module, exports) {
1863Object.defineProperty(exports, "__esModule", { value: true });
1864
1865var OIDCUtils;
1866(function (OIDCUtils) {
1867 /**
1868 * Reconstructs the original URL of the request.
1869 *
1870 * This function builds a URL that corresponds the original URL requested by the
1871 * client, including the protocol (http or https) and host.
1872 *
1873 * If the request passed through any proxies that terminate SSL, the
1874 * `X-Forwarded-Proto` header is used to detect if the request was encrypted to
1875 * the proxy.
1876 *
1877 * @return {String}
1878 * @api private
1879 */
1880 function originalURL(ctx, options) {
1881 options = options || {};
1882 var app = ctx.app;
1883 if (app && ctx.get && ctx.get('trust proxy')) {
1884 options.proxy = true;
1885 }
1886 var trustProxy = options.proxy;
1887 var proto = (ctx.headers['x-forwarded-proto'] || '').toLowerCase(), tls = ctx.connection.encrypted || (trustProxy && 'https' === proto.split(/\s*,\s*/)[0]), host = (trustProxy && ctx.headers['x-forwarded-host']) || ctx.headers.host, protocol = tls ? 'https' : 'http', path = ctx.url || '';
1888 return protocol + '://' + host + path;
1889 }
1890 OIDCUtils.originalURL = originalURL;
1891 /**
1892 * Merge object b with object a.
1893 *
1894 * var a = { foo: 'bar' }
1895 * , b = { bar: 'baz' };
1896 *
1897 * utils.merge(a, b);
1898 * // => { foo: 'bar', bar: 'baz' }
1899 *
1900 * @param {Object} a
1901 * @param {Object} b
1902 * @return {Object}
1903 * @api private
1904 */
1905 function merge(a, b) {
1906 if (a && b) {
1907 for (var key in b) {
1908 a[key] = b[key];
1909 }
1910 }
1911 return a;
1912 }
1913 OIDCUtils.merge = merge;
1914 /**
1915 * Return a unique identifier with the given `len`.
1916 *
1917 * utils.uid(10);
1918 * // => "FDaS435D2z"
1919 *
1920 * CREDIT: Connect -- utils.uid
1921 * https://github.com/senchalabs/connect/blob/2.7.2/lib/utils.js
1922 *
1923 * @param {Number} len
1924 * @return {String}
1925 * @api private
1926 */
1927 function uid(len) {
1928 return crypto.randomBytes(Math.ceil(len * 3 / 4))
1929 .toString('base64')
1930 .slice(0, len);
1931 }
1932 OIDCUtils.uid = uid;
1933})(OIDCUtils = exports.OIDCUtils || (exports.OIDCUtils = {}));
1934
1935
1936});
1937
1938unwrapExports(utils);
1939var utils_1 = utils.OIDCUtils;
1940
1941var StateStore_1 = createCommonjsModule(function (module, exports) {
1942Object.defineProperty(exports, "__esModule", { value: true });
1943class StateStore {
1944 constructor() {
1945 }
1946 static d0Ann() {
1947 return { "name": "StateStore" };
1948 }
1949}
1950exports.StateStore = StateStore;
1951
1952
1953});
1954
1955unwrapExports(StateStore_1);
1956var StateStore_2 = StateStore_1.StateStore;
1957
1958var SessionStore_1 = createCommonjsModule(function (module, exports) {
1959Object.defineProperty(exports, "__esModule", { value: true });
1960
1961
1962/**
1963 * Creates an instance of `SessionStore`.
1964 *
1965 * This is the state store implementation for the OAuth2Strategy used when
1966 * the `state` option is enabled. It generates a random state and stores it in
1967 * `req.session` and verifies it when the service provider redirects the user
1968 * back to the application.
1969 *
1970 * This state store requires session support. If no session exists, an error
1971 * will be thrown.
1972 *
1973 */
1974class SessionStore extends StateStore_1.StateStore {
1975 constructor(key) {
1976 super();
1977 this.key = key;
1978 }
1979 /**
1980 * Store request state.
1981 *
1982 * This implementation simply generates a random string and stores the value in
1983 * the session, where it will be used for verification when the user is
1984 * redirected back to the application.
1985 *
1986 */
1987 async store(ctx, meta) {
1988 if (!ctx.session) {
1989 throw new Error(`OAuth 2.0 authentication requires session support
1990 when using state. Did you forget to use session middleware?`);
1991 }
1992 const key = this.key;
1993 const state = utils.OIDCUtils.uid(24);
1994 if (!ctx.session[key]) {
1995 ctx.session[key] = {};
1996 }
1997 ctx.session[key].state = state;
1998 return state;
1999 }
2000 /**
2001 * Verify request state.
2002 *
2003 * This implementation simply compares the state parameter in the request to the
2004 * value generated earlier and stored in the session.
2005 *
2006 */
2007 async verify(ctx, providedState) {
2008 if (!ctx.session) {
2009 throw new Error(`OAuth 2.0 authentication requires session support
2010 when using state. Did you forget to use koa-session middleware?`);
2011 }
2012 const key = this.key;
2013 if (!ctx.session[key]) {
2014 return {
2015 result: false,
2016 message: 'Unable to verify authorization request state.',
2017 };
2018 }
2019 const state = ctx.session[key].state;
2020 if (!state) {
2021 return {
2022 result: false,
2023 message: 'Unable to verify authorization request state.',
2024 };
2025 }
2026 delete ctx.session[key].state;
2027 if (Object.keys(ctx.session[key]).length === 0) {
2028 delete ctx.session[key];
2029 }
2030 if (state !== providedState) {
2031 return {
2032 result: false,
2033 message: 'Invalid authorization request state.',
2034 };
2035 }
2036 return { result: true, state: state, message: '' };
2037 }
2038 static d0Ann() {
2039 return { "name": "SessionStore" };
2040 }
2041}
2042exports.SessionStore = SessionStore;
2043
2044
2045});
2046
2047unwrapExports(SessionStore_1);
2048var SessionStore_2 = SessionStore_1.SessionStore;
2049
2050var stores = createCommonjsModule(function (module, exports) {
2051Object.defineProperty(exports, "__esModule", { value: true });
2052
2053tslib.__exportStar(utils, exports);
2054tslib.__exportStar(StateStore_1, exports);
2055tslib.__exportStar(SessionStore_1, exports);
2056
2057
2058});
2059
2060unwrapExports(stores);
2061
2062var OAuth2Strategy_1 = createCommonjsModule(function (module, exports) {
2063Object.defineProperty(exports, "__esModule", { value: true });
2064
2065
2066
2067
2068
2069
2070
2071
2072/**
2073* Creates an instance of `OAuth2Strategy`.
2074*
2075* The OAuth 2.0 authentication strategy authenticates requests using the OAuth
2076* 2.0 framework.
2077*
2078* OAuth 2.0 provides a facility for delegated authentication, whereby users can
2079* authenticate using a third-party service such as Facebook. Delegating in
2080* this manner involves a sequence of events, including redirecting the user to
2081* the third-party service for authorization. Once authorization has been
2082* granted, the user is redirected back to the application and an authorization
2083* code can be used to obtain credentials.
2084*
2085* Applications must supply a `verify` callback, for which the function
2086* signature is:
2087*
2088* function(accessToken, refreshToken, profile, done) { ... }
2089*
2090* The verify callback is responsible for finding or creating the user, and
2091* invoking `done` with the following arguments:
2092*
2093* done(err, user, info);
2094*
2095* `user` should be set to `false` to indicate an authentication failure.
2096* Additional `info` can optionally be passed as a third argument, typically
2097* used to display informational messages. If an exception occured, `err`
2098* should be set.
2099*
2100* Params:
2101*
2102* - `authorizationURL` URL used to obtain an authorization grant
2103* - `tokenURL` URL used to obtain an access token
2104* - `clientId` identifies client to service provider
2105* - `clientSecret` secret used to establish ownership of the client identifer
2106* - `callbackURL` URL to which the service provider will redirect the user after obtaining authorization
2107* - `passReqToCallback` when `true`, `req` is the first argument to the verify callback (default: `false`)
2108*
2109* Examples:
2110*
2111* passport.use(new OAuth2Strategy({
2112* authorizationURL: 'https://www.example.com/oauth2/authorize',
2113* tokenURL: 'https://www.example.com/oauth2/token',
2114* clientId: '123-456-789',
2115* clientSecret: 'shhh-its-a-secret'
2116* callbackURL: 'https://www.example.net/auth/example/callback'
2117* },
2118* function(accessToken, refreshToken, profile, done) {
2119* User.findOrCreate(..., function (err, user) {
2120* done(err, user);
2121* });
2122* }
2123* ));
2124*
2125*/
2126let OAuth2Strategy = class OAuth2Strategy extends Strategy_1.Strategy {
2127 async onAfterInit() {
2128 if (!this.name) {
2129 this.name = 'oauth2';
2130 }
2131 // NOTE: The _oauth2 property is considered "protected". Subclasses are
2132 // allowed to use it when making protected resource requests to retrieve
2133 // the user profile.
2134 this.oauth2 = new oauth2.OAuth2(this.clientId, this.clientSecret, '', this.authorizationURL, this.tokenURL, this.customHeaders);
2135 if (!this.sessionKey) {
2136 this.sessionKey = ('oauth2:' + url.parse(this.authorizationURL).hostname);
2137 }
2138 if (!this.stateStore) { // if stateStore is `true`, use default session stateStore
2139 this.stateStore = new stores.SessionStore(this.sessionKey);
2140 }
2141 if (!this.userProfile) {
2142 this.userProfile = (accessToken) => new Object();
2143 }
2144 if (!this.tokenParams) {
2145 this.tokenParams = (options) => new Object();
2146 }
2147 if (!this.authorizationParams) {
2148 this.authorizationParams = (options) => new Object();
2149 }
2150 }
2151 async authenticate(ctx, options = {}) {
2152 if (ctx.query && ctx.query.error) {
2153 if (ctx.query.error === 'access_denied') {
2154 return new results.FailResult(ctx.query.error_description, 401);
2155 }
2156 throw new errors.AuthenticationError(ctx.query.error_description, ctx.query.error_uri, ctx.query.error);
2157 }
2158 let callbackURL = options.callbackURL || this.callbackURL;
2159 if (callbackURL) {
2160 const parsed = url.parse(callbackURL);
2161 if (!parsed.protocol) {
2162 // The callback URL is relative, resolve a fully qualified URL from the
2163 // URL of the originating request.
2164 callbackURL = url.resolve(ctx.request.origin, callbackURL);
2165 }
2166 }
2167 const meta = {
2168 authorizationURL: this.authorizationURL,
2169 tokenURL: this.tokenURL,
2170 clientId: this.clientId,
2171 };
2172 if (ctx.query && ctx.query.code) {
2173 const state = ctx.query.state;
2174 const { result: verifiedResult, message: verifiedMsg } = await this.stateStore.verify(ctx, state);
2175 if (!verifiedResult) {
2176 return new results.FailResult(verifiedMsg, 403);
2177 }
2178 const code = ctx.query.code;
2179 const params = this.tokenParams(options);
2180 params.grant_type = 'authorization_code';
2181 if (callbackURL) {
2182 params.redirect_uri = callbackURL;
2183 }
2184 let accessToken;
2185 let refreshToken;
2186 let accessTokenResult;
2187 try {
2188 ({
2189 accessToken,
2190 refreshToken,
2191 result: accessTokenResult,
2192 } = await this.oauth2.getOAuthAccessToken(code, params));
2193 }
2194 catch (err) {
2195 throw this.parseOAuthError(err);
2196 }
2197 const profile = await this.loadUserProfile(accessToken);
2198 const { user, info } = await this.verify(accessToken, refreshToken, accessTokenResult, profile);
2199 if (!user) {
2200 // TODO, not sure 401 is the correct meaning
2201 return new results.FailResult(info, 401);
2202 }
2203 return new results.SuccessResult(options, user, info);
2204 }
2205 else {
2206 const params = this.authorizationParams(options);
2207 params.response_type = 'code';
2208 if (callbackURL) {
2209 params.redirect_uri = callbackURL;
2210 }
2211 let scope = options.scope || this.scope;
2212 if (scope) {
2213 if (Array.isArray(scope)) {
2214 scope = scope.join(this.scopeSeparator);
2215 }
2216 params.scope = scope;
2217 }
2218 let state = options.state;
2219 if (state) {
2220 params.state = state;
2221 }
2222 else {
2223 state = await this.stateStore.store(ctx, meta);
2224 if (state) {
2225 params.state = state;
2226 }
2227 }
2228 const parsed = url.parse(this.oauth2.AuthorizeUrl, true);
2229 parsed.query = Object.assign({}, parsed.query, params);
2230 parsed.query.client_id = this.oauth2.ClientId;
2231 delete parsed.search;
2232 const location = url.format(parsed);
2233 return new results.RedirectResult(location);
2234 }
2235 }
2236 /**
2237 * Parse error response from OAuth 2.0 endpoint.
2238 *
2239 * OAuth 2.0-based authentication strategies can overrride this function in
2240 * order to parse error responses received from the token endpoint, allowing the
2241 * most informative message to be displayed.
2242 *
2243 * If this function is not overridden, the body will be parsed in accordance
2244 * with RFC 6749, section 5.2.
2245 *
2246 */
2247 parseOAuthError(err) {
2248 let e;
2249 if (err instanceof oauth2.OAuth2Error) {
2250 try {
2251 const json = JSON.parse(err.message);
2252 if (json.error) {
2253 e = new errors.InternalOAuthError(`Failed to obtain access token:${json.error_description}`, json.error);
2254 }
2255 }
2256 catch (_) {
2257 // console.warn('============This error can be ignored==============');
2258 // console.warn(_);
2259 // console.warn('===================================================');
2260 }
2261 }
2262 if (!e) {
2263 err.message = `Failed to obtain access token:${err.message}`;
2264 e = err;
2265 }
2266 return e;
2267 }
2268 /**
2269 * Load user profile, contingent upon options.
2270 *
2271 */
2272 async loadUserProfile(accessToken) {
2273 if (this.skipUserProfile) {
2274 return Promise.resolve(null);
2275 }
2276 return await this.userProfile(accessToken);
2277 }
2278 static d0Ann() {
2279 return { "name": "OAuth2Strategy", "params": { "onAfterInit": [], "authenticate": ["ctx", "options"], "parseOAuthError": ["err"], "loadUserProfile": ["accessToken"] } };
2280 }
2281};
2282tslib.__decorate([
2283 components.Input(),
2284 tslib.__metadata("design:type", stores.StateStore)
2285], OAuth2Strategy.prototype, "stateStore", void 0);
2286tslib.__decorate([
2287 components.Input(),
2288 tslib.__metadata("design:type", String)
2289], OAuth2Strategy.prototype, "clientId", void 0);
2290tslib.__decorate([
2291 components.Input(),
2292 tslib.__metadata("design:type", String)
2293], OAuth2Strategy.prototype, "authorizationURL", void 0);
2294tslib.__decorate([
2295 components.Input(),
2296 tslib.__metadata("design:type", String)
2297], OAuth2Strategy.prototype, "tokenURL", void 0);
2298tslib.__decorate([
2299 components.Input(),
2300 tslib.__metadata("design:type", Function)
2301], OAuth2Strategy.prototype, "verify", void 0);
2302tslib.__decorate([
2303 components.Input({ defaultValue: false }),
2304 tslib.__metadata("design:type", Boolean)
2305], OAuth2Strategy.prototype, "skipUserProfile", void 0);
2306tslib.__decorate([
2307 components.Input({ defaultValue: ' ' }),
2308 tslib.__metadata("design:type", String)
2309], OAuth2Strategy.prototype, "scopeSeparator", void 0);
2310tslib.__decorate([
2311 components.Input(),
2312 tslib.__metadata("design:type", String)
2313], OAuth2Strategy.prototype, "callbackURL", void 0);
2314tslib.__decorate([
2315 components.Input(),
2316 tslib.__metadata("design:type", Object)
2317], OAuth2Strategy.prototype, "scope", void 0);
2318tslib.__decorate([
2319 components.Input(),
2320 tslib.__metadata("design:type", String)
2321], OAuth2Strategy.prototype, "sessionKey", void 0);
2322tslib.__decorate([
2323 components.Input({ defaultValue: '' }),
2324 tslib.__metadata("design:type", String)
2325], OAuth2Strategy.prototype, "clientSecret", void 0);
2326tslib.__decorate([
2327 components.Input(),
2328 tslib.__metadata("design:type", Object)
2329], OAuth2Strategy.prototype, "customHeaders", void 0);
2330tslib.__decorate([
2331 components.Input(),
2332 tslib.__metadata("design:type", Function)
2333], OAuth2Strategy.prototype, "userProfile", void 0);
2334tslib.__decorate([
2335 components.Input(),
2336 tslib.__metadata("design:type", Function)
2337], OAuth2Strategy.prototype, "tokenParams", void 0);
2338tslib.__decorate([
2339 components.Input(),
2340 tslib.__metadata("design:type", Function)
2341], OAuth2Strategy.prototype, "authorizationParams", void 0);
2342OAuth2Strategy = tslib.__decorate([
2343 components.Component({
2344 selector: 'oauth2'
2345 })
2346], OAuth2Strategy);
2347exports.OAuth2Strategy = OAuth2Strategy;
2348
2349
2350});
2351
2352unwrapExports(OAuth2Strategy_1);
2353var OAuth2Strategy_2 = OAuth2Strategy_1.OAuth2Strategy;
2354
2355var OIDCStrategy_1 = createCommonjsModule(function (module, exports) {
2356Object.defineProperty(exports, "__esModule", { value: true });
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367const webfinger$1 = webfinger.webfinger;
2368
2369/**
2370 * OIDC authenticate strategy
2371 *
2372 * @export
2373 * @class OIDCStrategy
2374 * @extends {Strategy}
2375 * @implements {AfterInit}
2376 */
2377let OIDCStrategy = class OIDCStrategy extends Strategy_1.Strategy {
2378 async onAfterInit() {
2379 if (!this.name) {
2380 this.name = 'openidconnect';
2381 }
2382 if (!this.identifierField) {
2383 this.identifierField = 'openid_identifier';
2384 }
2385 if (!this.sessionKey) {
2386 this.sessionKey = ('oauth2:' + url.parse(this.authorizationURL).hostname);
2387 }
2388 if (this.stateStore) {
2389 this.stateStore = new stores.SessionStore(this.sessionKey);
2390 }
2391 if (!(this.authorizationURL && this.tokenURL) && this.options.getClient) {
2392 throw new Error('OpenID Connect authentication requires getClientCallback option');
2393 }
2394 }
2395 async authenticate(ctx, options) {
2396 options = options || {};
2397 if (ctx.query && ctx.query.error) {
2398 if (ctx.query.error === 'access_denied') {
2399 return new results.FailResult(ctx.query.error_description, 403);
2400 }
2401 else {
2402 throw new errors.OIDCError(ctx.query.error_description, ctx.query.error, ctx.query.error_uri);
2403 }
2404 }
2405 if (ctx.query && ctx.query.code) {
2406 let state = ctx.query.state;
2407 const { result: verifiedResult, state: meta, message: verifiedMsg } = await this.stateStore.verify(ctx, state);
2408 if (!verifiedResult) {
2409 return new results.FailResult(verifiedMsg, 403);
2410 }
2411 const code = ctx.query.code;
2412 let callbackURL = meta.callbackURL;
2413 let oauth2$1 = new oauth2.OAuth2(meta.clientID, meta.clientSecret, '', meta.authorizationURL, meta.tokenURL, meta.customHeaders);
2414 let accessToken;
2415 let refreshToken;
2416 let accessTokenResult;
2417 try {
2418 ({
2419 accessToken,
2420 refreshToken,
2421 result: accessTokenResult,
2422 } = await oauth2$1.getOAuthAccessToken(code, { grant_type: 'authorization_code', redirect_uri: callbackURL }));
2423 }
2424 catch (err) {
2425 throw this.parseOAuthError(err);
2426 }
2427 var idToken = accessTokenResult['id_token'];
2428 if (!idToken) {
2429 throw new Error('ID Token not present in token response');
2430 }
2431 let idTokenSegments = idToken.split('.'), jwtClaimsStr, jwtClaims;
2432 try {
2433 jwtClaimsStr = new Buffer(idTokenSegments[1], 'base64').toString();
2434 jwtClaims = JSON.parse(jwtClaimsStr);
2435 }
2436 catch (ex) {
2437 throw ex;
2438 }
2439 var missing = ['iss', 'sub', 'aud', 'exp', 'iat'].filter(param => !jwtClaims[param]);
2440 if (missing.length) {
2441 throw new Error('id token is missing required parameter(s) - ' + missing.join(', '));
2442 }
2443 // https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - check 1.
2444 if (jwtClaims.iss !== meta.issuer) {
2445 throw new Error('id token not issued by correct OpenID provider - ' +
2446 'expected: ' + meta.issuer + ' | from: ' + jwtClaims.iss);
2447 }
2448 // https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - checks 2 and 3.
2449 if (typeof jwtClaims.aud === 'string') {
2450 if (jwtClaims.aud !== meta.clientID) {
2451 throw new Error('aud parameter does not include this client - is: '
2452 + jwtClaims.aud + '| expected: ' + meta.clientID);
2453 }
2454 }
2455 else if (ioc.isArray(jwtClaims.aud)) {
2456 if (jwtClaims.aud.indexOf(meta.clientID) === -1) {
2457 throw new Error('aud parameter does not include this client - is: ' +
2458 jwtClaims.aud + ' | expected to include: ' + meta.clientID);
2459 }
2460 if (jwtClaims.length > 1 && !jwtClaims.azp) {
2461 throw new Error('azp parameter required with multiple audiences');
2462 }
2463 }
2464 else {
2465 throw new Error('Invalid aud parameter type');
2466 }
2467 // https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - check 4.
2468 if (jwtClaims.azp && jwtClaims.azp !== meta.clientID) {
2469 throw new Error('this client is not the authorized party - ' +
2470 'expected: ' + meta.clientID + ' | is: ' + jwtClaims.azp);
2471 }
2472 // Possible TODO: Add accounting for some clock skew.
2473 // https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - check 5.
2474 if (jwtClaims.exp < (Date.now() / 1000)) {
2475 throw new Error('id token has expired');
2476 }
2477 // Note: https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - checks 6 and 7 are out of scope of this library.
2478 // https://openid.net/specs/openid-connect-basic-1_0.html#IDTokenValidation - check 8.
2479 if (meta.params.max_age && (!jwtClaims.auth_time || ((meta.timestamp - meta.params.max_age) > jwtClaims.auth_time))) {
2480 throw new Error('auth_time in id_token not included or too old');
2481 }
2482 if (meta.params.nonce && (!jwtClaims.nonce || jwtClaims.nonce !== meta.params.nonce)) {
2483 throw new Error('Invalid nonce in id_token');
2484 }
2485 var iss = jwtClaims.iss;
2486 var sub = jwtClaims.sub;
2487 // Prior to OpenID Connect Basic Client Profile 1.0 - draft 22, the
2488 // "sub" claim was named "user_id". Many providers still issue the
2489 // claim under the old field, so fallback to that.
2490 if (!sub) {
2491 sub = jwtClaims.user_id;
2492 }
2493 let load = await this.shouldLoadUserProfile(iss, sub);
2494 let profile = undefined;
2495 if (load) {
2496 var parsed = url.parse(meta.userInfoURL, true);
2497 parsed.query['schema'] = 'openid';
2498 delete parsed.search;
2499 var userInfoURL = url.format(parsed);
2500 // NOTE: We are calling node-oauth's internal `_request` function (as
2501 // opposed to `get`) in order to send the access token in the
2502 // `Authorization` header rather than as a query parameter.
2503 //
2504 // Additionally, the master branch of node-oauth (as of
2505 // 2013-02-16) will include the access token in *both* headers
2506 // and query parameters, which is a violation of the spec.
2507 // Setting the fifth argument of `_request` to `null` works
2508 // around this issue. I've noted this in comments here:
2509 // https://github.com/ciaranj/node-oauth/issues/117
2510 const { result: body, response: res } = await oauth2$1.request('GET', userInfoURL, { 'Authorization': 'Bearer ' + accessToken, 'Accept': 'application/json' }, null, null);
2511 profile = {};
2512 try {
2513 var json = JSON.parse(body);
2514 profile.id = json.sub;
2515 // Prior to OpenID Connect Basic Client Profile 1.0 - draft 22, the
2516 // "sub" key was named "user_id". Many providers still use the old
2517 // key, so fallback to that.
2518 if (!profile.id) {
2519 profile.id = json.user_id;
2520 }
2521 profile.displayName = json.name;
2522 profile.name = {
2523 familyName: json.family_name,
2524 givenName: json.given_name,
2525 middleName: json.middle_name
2526 };
2527 profile._raw = body;
2528 profile._json = json;
2529 }
2530 catch (ex) {
2531 throw ex;
2532 }
2533 }
2534 const { user, info } = await this.verify(ctx, this.passReqToCallback ? iss : undefined, sub, profile, jwtClaims, accessToken, refreshToken, accessTokenResult);
2535 if (!user) {
2536 // TODO, not sure 401 is the correct meaning
2537 return new results.FailResult(info, 401);
2538 }
2539 return new results.SuccessResult(options, user, info);
2540 }
2541 else {
2542 // The request being authenticated is initiating OpenID Connect
2543 // authentication. Prior to redirecting to the provider, configuration will
2544 // be loaded. The configuration is typically either pre-configured or
2545 // discovered dynamically. When using dynamic discovery, a user supplies
2546 // their identifer as input.
2547 let identifier;
2548 let idfield = this.identifierField;
2549 if (ctx.request.body && ctx.request.body[idfield]) {
2550 identifier = ctx.request.body[idfield];
2551 }
2552 else if (ctx.query && ctx.query[idfield]) {
2553 identifier = ctx.query[idfield];
2554 }
2555 let meta = await this.getConfigure(identifier);
2556 let callbackURL = options.callbackURL || this.callbackURL;
2557 if (callbackURL) {
2558 const parsed = url.parse(callbackURL);
2559 if (!parsed.protocol) {
2560 // The callback URL is relative, resolve a fully qualified URL from the
2561 // URL of the originating request.
2562 callbackURL = url.resolve(ctx.request.origin, callbackURL);
2563 }
2564 }
2565 meta.callbackURL = callbackURL;
2566 let params = await this.authorizationParams(options);
2567 params['response_type'] = 'code';
2568 params['client_id'] = meta.clientID;
2569 if (callbackURL) {
2570 params.redirect_uri = callbackURL;
2571 }
2572 let scope = options.scope || this.scope;
2573 if (ioc.isArray(scope)) {
2574 scope = scope.join(' ');
2575 }
2576 if (scope) {
2577 params.scope = 'openid ' + scope;
2578 }
2579 else {
2580 params.scope = 'openid';
2581 }
2582 // Optional Parameters
2583 ['max_age', 'ui_locals', 'id_token_hint', 'login_hint', 'acr_values']
2584 .filter(x => { return x in meta; })
2585 .forEach(y => { params[y] = meta[y]; });
2586 if (meta.display && ['page', 'popup', 'touch', 'wap'].indexOf(meta.display) !== -1) {
2587 params.display = meta.display;
2588 }
2589 if (meta.prompt && ['none', 'login', 'consent', 'select_account'].indexOf(meta.prompt) !== -1) {
2590 params.prompt = meta.prompt;
2591 }
2592 if (meta.nonce && typeof meta.nonce === 'boolean') {
2593 params.nonce = stores.OIDCUtils.uid(20);
2594 }
2595 if (meta.nonce && typeof meta.nonce === 'number') {
2596 params.nonce = stores.OIDCUtils.uid(meta.nonce);
2597 }
2598 if (meta.nonce && typeof meta.nonce === 'string') {
2599 params.nonce = meta.nonce;
2600 }
2601 if (params.max_age) {
2602 meta.timestamp = Math.floor(Date.now() / 1000);
2603 }
2604 meta.params = params;
2605 for (let param in params) {
2606 if (meta[param]) {
2607 delete meta[param]; // Remove redundant information.
2608 }
2609 }
2610 // State Storage/Management
2611 try {
2612 let state = await this.stateStore.store(ctx, meta);
2613 params.state = state;
2614 var location = meta.authorizationURL + '?' + querystring.stringify(params);
2615 return new results.RedirectResult(location);
2616 }
2617 catch (ex) {
2618 throw ex;
2619 }
2620 }
2621 }
2622 async shouldLoadUserProfile(issuer, subject) {
2623 if (this.skipUserProfile) {
2624 return ioc.isFunction(this.skipUserProfile) ? await this.skipUserProfile(issuer, subject) : false;
2625 }
2626 return true;
2627 }
2628 parseOAuthError(err) {
2629 let e;
2630 if (err instanceof oauth2.OAuth2Error) {
2631 try {
2632 const json = JSON.parse(err.message);
2633 if (json.error) {
2634 e = new errors.InternalOAuthError(`Failed to obtain access token:${json.error_description}`, json.error);
2635 }
2636 }
2637 catch (_) {
2638 // console.warn('============This error can be ignored==============');
2639 // console.warn(_);
2640 // console.warn('===================================================');
2641 }
2642 }
2643 if (!e) {
2644 err.message = `Failed to obtain access token:${err.message}`;
2645 e = err;
2646 }
2647 return e;
2648 }
2649 async getConfigure(identifier) {
2650 if (this.authorizationURL && this.tokenURL) {
2651 return await this.manualConfigure(identifier);
2652 }
2653 else {
2654 return await this.dynamicConfigure(identifier);
2655 }
2656 }
2657 async dynamicConfigure(identifier) {
2658 let issuer = await this.injector.getInstance(Resolver).resolve(identifier);
2659 let url = issuer + '/.well-known/openid-configuration';
2660 let defer = ioc.PromiseUtil.defer();
2661 request.get(url, async (err, res, body) => {
2662 if (err) {
2663 return defer.reject(err);
2664 }
2665 if (res.statusCode !== 200) {
2666 return defer.reject(new Error('Unexpected status code from OpenID provider configuration: ' + res.statusCode));
2667 }
2668 var config = {};
2669 try {
2670 var json = JSON.parse(body);
2671 config.issuer = json.issuer;
2672 config.authorizationURL = json.authorization_endpoint;
2673 config.tokenURL = json.token_endpoint;
2674 config.userInfoURL = json.userinfo_endpoint;
2675 config.registrationURL = json.registration_endpoint;
2676 config._raw = json;
2677 }
2678 catch (ex) {
2679 return defer.reject(new Error('Failed to parse OpenID provider configuration'));
2680 }
2681 // TODO: Pass registrationURL here.
2682 let client = await this.options.getClient(config.issuer);
2683 config.clientID = client.id;
2684 config.clientSecret = client.secret;
2685 if (client.redirectURIs) {
2686 config.callbackURL = client.redirectURIs[0];
2687 }
2688 return defer.resolve(config);
2689 });
2690 return defer.promise;
2691 }
2692 async manualConfigure(identifier) {
2693 let missing = ['issuer', 'authorizationURL', 'tokenURL', 'clientID', 'clientSecret'].filter(opt => !this.options[opt]);
2694 if (missing.length) {
2695 throw new Error('Manual OpenID configuration is missing required parameter(s) - ' + missing.join(', '));
2696 }
2697 let params = {
2698 issuer: this.issuer,
2699 authorizationURL: this.authorizationURL,
2700 tokenURL: this.tokenURL,
2701 userInfoURL: this.userInfoURL,
2702 clientID: this.clientID,
2703 clientSecret: this.clientSecret,
2704 callbackURL: this.callbackURL
2705 };
2706 Object.keys(this.options).map(opt => {
2707 if (['nonce', 'display', 'prompt', 'max_age', 'ui_locals', 'id_token_hint', 'login_hint', 'acr_values'].indexOf(opt) !== -1) {
2708 params[opt] = this.options[opt];
2709 }
2710 });
2711 return params;
2712 }
2713 static d0Ann() {
2714 return { "name": "OIDCStrategy", "params": { "onAfterInit": [], "authenticate": ["ctx", "options"], "shouldLoadUserProfile": ["issuer", "subject"], "parseOAuthError": ["err"], "getConfigure": ["identifier"], "dynamicConfigure": ["identifier"], "manualConfigure": ["identifier"] } };
2715 }
2716};
2717tslib.__decorate([
2718 components.Input('store'),
2719 tslib.__metadata("design:type", stores.StateStore)
2720], OIDCStrategy.prototype, "stateStore", void 0);
2721tslib.__decorate([
2722 components.Input(),
2723 tslib.__metadata("design:type", Object)
2724], OIDCStrategy.prototype, "scope", void 0);
2725tslib.__decorate([
2726 components.Input(),
2727 tslib.__metadata("design:type", String)
2728], OIDCStrategy.prototype, "identifierField", void 0);
2729tslib.__decorate([
2730 components.Input(),
2731 tslib.__metadata("design:type", String)
2732], OIDCStrategy.prototype, "issuer", void 0);
2733tslib.__decorate([
2734 components.Input(),
2735 tslib.__metadata("design:type", String)
2736], OIDCStrategy.prototype, "sessionKey", void 0);
2737tslib.__decorate([
2738 components.Input(),
2739 tslib.__metadata("design:type", String)
2740], OIDCStrategy.prototype, "tokenURL", void 0);
2741tslib.__decorate([
2742 components.Input(),
2743 tslib.__metadata("design:type", String)
2744], OIDCStrategy.prototype, "authorizationURL", void 0);
2745tslib.__decorate([
2746 components.Input(),
2747 tslib.__metadata("design:type", String)
2748], OIDCStrategy.prototype, "clientID", void 0);
2749tslib.__decorate([
2750 components.Input(),
2751 tslib.__metadata("design:type", String)
2752], OIDCStrategy.prototype, "clientSecret", void 0);
2753tslib.__decorate([
2754 components.Input(),
2755 tslib.__metadata("design:type", String)
2756], OIDCStrategy.prototype, "callbackURL", void 0);
2757tslib.__decorate([
2758 components.Input(),
2759 tslib.__metadata("design:type", String)
2760], OIDCStrategy.prototype, "userInfoURL", void 0);
2761tslib.__decorate([
2762 components.Input(),
2763 tslib.__metadata("design:type", Object)
2764], OIDCStrategy.prototype, "customHeaders", void 0);
2765tslib.__decorate([
2766 components.Input(),
2767 tslib.__metadata("design:type", Function)
2768], OIDCStrategy.prototype, "verify", void 0);
2769tslib.__decorate([
2770 components.Input(),
2771 tslib.__metadata("design:type", String)
2772], OIDCStrategy.prototype, "passReqToCallback", void 0);
2773tslib.__decorate([
2774 components.Input(),
2775 tslib.__metadata("design:type", Object)
2776], OIDCStrategy.prototype, "skipUserProfile", void 0);
2777tslib.__decorate([
2778 components.Input(),
2779 tslib.__metadata("design:type", Function)
2780], OIDCStrategy.prototype, "authorizationParams", void 0);
2781tslib.__decorate([
2782 ioc.Inject(components.TemplateOptionToken),
2783 tslib.__metadata("design:type", Object)
2784], OIDCStrategy.prototype, "options", void 0);
2785tslib.__decorate([
2786 ioc.Inject(ioc.INJECTOR),
2787 tslib.__metadata("design:type", Object)
2788], OIDCStrategy.prototype, "injector", void 0);
2789OIDCStrategy = tslib.__decorate([
2790 components.Component({
2791 selector: 'oidc'
2792 })
2793], OIDCStrategy);
2794exports.OIDCStrategy = OIDCStrategy;
2795const REL = 'http://openid.net/specs/connect/1.0/issuer';
2796let Resolver = class Resolver {
2797 resolve(identifier) {
2798 let defer = ioc.PromiseUtil.defer();
2799 webfinger$1(identifier, REL, { webfingerOnly: true }, (err, jrd) => {
2800 if (err) {
2801 return defer.reject(err);
2802 }
2803 if (!jrd.links) {
2804 return defer.reject(new errors.NoOpenIDError('No links in resource descriptor', jrd));
2805 }
2806 let issuer;
2807 for (let i = 0; i < jrd.links.length; i++) {
2808 let link = jrd.links[i];
2809 if (link.rel === REL) {
2810 issuer = link.href;
2811 break;
2812 }
2813 }
2814 if (!issuer) {
2815 return defer.reject(new errors.NoOpenIDError('No OpenID Connect issuer in resource descriptor', jrd));
2816 }
2817 return defer.resolve(issuer);
2818 });
2819 return defer.promise;
2820 }
2821 static d0Ann() {
2822 return { "name": "Resolver", "params": { "resolve": ["identifier"] } };
2823 }
2824};
2825Resolver = tslib.__decorate([
2826 ioc.Singleton()
2827], Resolver);
2828exports.Resolver = Resolver;
2829
2830
2831});
2832
2833unwrapExports(OIDCStrategy_1);
2834var OIDCStrategy_2 = OIDCStrategy_1.OIDCStrategy;
2835var OIDCStrategy_3 = OIDCStrategy_1.Resolver;
2836
2837var passports = createCommonjsModule(function (module, exports) {
2838Object.defineProperty(exports, "__esModule", { value: true });
2839
2840tslib.__exportStar(IAuthenticator, exports);
2841tslib.__exportStar(results, exports);
2842tslib.__exportStar(Strategy_1, exports);
2843tslib.__exportStar(SessionStrategy_1, exports);
2844tslib.__exportStar(LocalStrategy_1, exports);
2845tslib.__exportStar(JwtStrategy_1, exports);
2846tslib.__exportStar(ContextExtends, exports);
2847tslib.__exportStar(Authenticator_1, exports);
2848tslib.__exportStar(PassportBuildService_1, exports);
2849tslib.__exportStar(oauth2, exports);
2850tslib.__exportStar(OAuth2Strategy_1, exports);
2851tslib.__exportStar(OIDCStrategy_1, exports);
2852tslib.__exportStar(StrategySelectorHandle_1, exports);
2853
2854
2855});
2856
2857unwrapExports(passports);
2858
2859var AuthMiddleware_1 = createCommonjsModule(function (module, exports) {
2860Object.defineProperty(exports, "__esModule", { value: true });
2861
2862
2863
2864
2865
2866/**
2867 * authentication middleware.
2868 *
2869 * @export
2870 * @class AuthMiddleware
2871 * @extends {CompositeMiddleware}
2872 */
2873let AuthMiddleware = class AuthMiddleware extends mvc.CompositeMiddleware {
2874 constructor() {
2875 super(...arguments);
2876 this.hasInit = false;
2877 }
2878 getChecker() {
2879 if (!this.checker) {
2880 this.checker = this.injector.get(mvc.RouteChecker);
2881 }
2882 return this.checker;
2883 }
2884 async execute(ctx, next) {
2885 if (!this.hasInit) {
2886 await this.setup(ctx.mvcContext);
2887 this.hasInit = true;
2888 }
2889 await super.execute(ctx);
2890 ctx.passport = this.passport;
2891 return await next();
2892 }
2893 async setup(context) {
2894 let configuration = context.getConfiguration();
2895 this.use(this.passport.initialize(configuration.passports.initialize || {}));
2896 this.use(this.passport.session());
2897 }
2898 static d0Ann() {
2899 return { "name": "AuthMiddleware", "params": { "getChecker": [], "execute": ["ctx", "next"], "setup": ["context"] } };
2900 }
2901};
2902tslib.__decorate([
2903 ioc.Inject(passports.AuthenticatorToken),
2904 tslib.__metadata("design:type", Object)
2905], AuthMiddleware.prototype, "passport", void 0);
2906AuthMiddleware = tslib.__decorate([
2907 mvc.Middleware({
2908 name: 'auth',
2909 before: mvc.MiddlewareTypes.View
2910 })
2911], AuthMiddleware);
2912exports.AuthMiddleware = AuthMiddleware;
2913// @Middleware({
2914// name: 'authcheck',
2915// scope: 'route'
2916// })
2917// export class AuthCheckMiddleware extends MvcMiddleware {
2918// @Inject(AuthenticatorToken)
2919// passport: IAuthenticator;
2920// async execute(ctx: IContext, next: () => Promise<void>): Promise<void> {
2921// let configuration: IConfiguration = ctx.mvcContext.configuration;
2922// if (configuration.passports.default) {
2923// let flowOption = configuration.passports.default;
2924// await this.passport.authenticate(flowOption.strategy, flowOption.options)(ctx, next);
2925// }
2926// await next();
2927// }
2928// }
2929
2930
2931});
2932
2933unwrapExports(AuthMiddleware_1);
2934var AuthMiddleware_2 = AuthMiddleware_1.AuthMiddleware;
2935
2936var AuthFlowService_1 = createCommonjsModule(function (module, exports) {
2937Object.defineProperty(exports, "__esModule", { value: true });
2938
2939
2940
2941
2942let AuthFlowService = class AuthFlowService extends mvc.AuthorizationService {
2943 getAuthMiddlewares(ctx, controller, propertyKey) {
2944 let middlewares = [];
2945 let mvcCtx = ctx.mvcContext;
2946 let configuration = mvcCtx.getConfiguration();
2947 let flowOption = configuration.passports.default;
2948 if (!flowOption) {
2949 return middlewares;
2950 }
2951 let refl = mvcCtx.reflects;
2952 if (propertyKey) {
2953 if (refl.hasMethodMetadata(mvc.Authorization, controller, propertyKey)) {
2954 middlewares.push(this.passport.authenticate(flowOption.strategy, flowOption.options));
2955 }
2956 }
2957 else if (refl.hasMetadata(mvc.Authorization, controller)) {
2958 middlewares.push(this.passport.authenticate(flowOption.strategy, flowOption.options));
2959 }
2960 return middlewares;
2961 }
2962 static d0Ann() {
2963 return { "name": "AuthFlowService", "params": { "getAuthMiddlewares": ["ctx", "controller", "propertyKey"] } };
2964 }
2965};
2966tslib.__decorate([
2967 ioc.Inject(passports.AuthenticatorToken),
2968 tslib.__metadata("design:type", Object)
2969], AuthFlowService.prototype, "passport", void 0);
2970AuthFlowService = tslib.__decorate([
2971 ioc.Singleton()
2972], AuthFlowService);
2973exports.AuthFlowService = AuthFlowService;
2974
2975
2976});
2977
2978unwrapExports(AuthFlowService_1);
2979var AuthFlowService_2 = AuthFlowService_1.AuthFlowService;
2980
2981var middlewares = createCommonjsModule(function (module, exports) {
2982Object.defineProperty(exports, "__esModule", { value: true });
2983
2984tslib.__exportStar(SessionMiddleware_1, exports);
2985tslib.__exportStar(AuthMiddleware_1, exports);
2986tslib.__exportStar(AuthFlowService_1, exports);
2987
2988
2989});
2990
2991unwrapExports(middlewares);
2992
2993var aop_umd = createCommonjsModule(function (module, exports) {
2994(function (global, factory) {
2995 module.exports = factory(tslib, ioc) ;
2996}(commonjsGlobal, (function (tslib, ioc) {
2997 tslib = tslib && tslib.hasOwnProperty('default') ? tslib['default'] : tslib;
2998 ioc = ioc && ioc.hasOwnProperty('default') ? ioc['default'] : ioc;
2999
3000 function unwrapExports (x) {
3001 return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
3002 }
3003
3004 function createCommonjsModule(fn, module) {
3005 return module = { exports: {} }, fn(module, module.exports), module.exports;
3006 }
3007
3008 var Advice = createCommonjsModule(function (module, exports) {
3009 Object.defineProperty(exports, "__esModule", { value: true });
3010
3011 function createAdviceDecorator(adviceName, actions, afterPointcutActions, metadataExtends) {
3012 actions = actions || [];
3013 actions.push(function (ctx, next) {
3014 var arg = ctx.currArg;
3015 if (ioc.isString(arg) || ioc.isRegExp(arg)) {
3016 ctx.metadata.pointcut = arg;
3017 ctx.next(next);
3018 }
3019 });
3020 if (afterPointcutActions) {
3021 if (ioc.isArray(afterPointcutActions)) {
3022 actions.push.apply(actions, afterPointcutActions);
3023 }
3024 else {
3025 actions.push(afterPointcutActions);
3026 }
3027 }
3028 actions.push(function (ctx, next) {
3029 var arg = ctx.currArg;
3030 if (ioc.isString(arg) && ctx.args.indexOf(arg) === 1) {
3031 ctx.metadata.annotationArgName = arg;
3032 ctx.next(next);
3033 }
3034 }, function (ctx, next) {
3035 var arg = ctx.currArg;
3036 if (ioc.isString(arg)) {
3037 ctx.metadata.annotationName = arg;
3038 ctx.next(next);
3039 }
3040 });
3041 return ioc.createMethodDecorator('Advice', actions, function (metadata) {
3042 if (metadataExtends) {
3043 metadataExtends(metadata);
3044 }
3045 metadata.adviceName = adviceName;
3046 return metadata;
3047 });
3048 }
3049 exports.createAdviceDecorator = createAdviceDecorator;
3050 /**
3051 * aop advice decorator.
3052 *
3053 * @Advice
3054 */
3055 exports.Advice = createAdviceDecorator('Advice');
3056
3057
3058 });
3059
3060 unwrapExports(Advice);
3061 var Advice_1 = Advice.createAdviceDecorator;
3062 var Advice_2 = Advice.Advice;
3063
3064 var Aspect = createCommonjsModule(function (module, exports) {
3065 Object.defineProperty(exports, "__esModule", { value: true });
3066
3067 /**
3068 * Aspect decorator. define aspect service.
3069 *
3070 * @Aspect
3071 */
3072 exports.Aspect = ioc.createClassDecorator('Aspect', [
3073 function (ctx, next) {
3074 var arg = ctx.currArg;
3075 if (ioc.isString(arg)) {
3076 ctx.metadata.annotation = arg;
3077 ctx.next(next);
3078 }
3079 },
3080 function (ctx, next) {
3081 var arg = ctx.currArg;
3082 if (ioc.isArray(arg) || ioc.isClass(arg)) {
3083 ctx.metadata.within = arg;
3084 ctx.next(next);
3085 }
3086 }
3087 ], true);
3088
3089
3090 });
3091
3092 unwrapExports(Aspect);
3093 var Aspect_1 = Aspect.Aspect;
3094
3095 var After = createCommonjsModule(function (module, exports) {
3096 Object.defineProperty(exports, "__esModule", { value: true });
3097
3098 /**
3099 * aop after advice decorator.
3100 *
3101 * @After
3102 */
3103 exports.After = Advice.createAdviceDecorator('After');
3104
3105
3106 });
3107
3108 unwrapExports(After);
3109 var After_1 = After.After;
3110
3111 var AfterReturning = createCommonjsModule(function (module, exports) {
3112 Object.defineProperty(exports, "__esModule", { value: true });
3113
3114
3115 /**
3116 * aop after returning advice decorator.
3117 *
3118 * @AfterReturning
3119 */
3120 exports.AfterReturning = Advice.createAdviceDecorator('AfterReturning', null, function (ctx, next) {
3121 var arg = ctx.currArg;
3122 if (ioc.isString(arg)) {
3123 ctx.metadata.returning = arg;
3124 ctx.next(next);
3125 }
3126 });
3127
3128
3129 });
3130
3131 unwrapExports(AfterReturning);
3132 var AfterReturning_1 = AfterReturning.AfterReturning;
3133
3134 var AfterThrowing = createCommonjsModule(function (module, exports) {
3135 Object.defineProperty(exports, "__esModule", { value: true });
3136
3137
3138 /**
3139 * aop after throwing advice decorator.
3140 *
3141 * @AfterThrowing
3142 */
3143 exports.AfterThrowing = Advice.createAdviceDecorator('AfterThrowing', null, function (ctx, next) {
3144 var arg = ctx.currArg;
3145 if (ioc.isString(arg)) {
3146 ctx.metadata.throwing = arg;
3147 ctx.next(next);
3148 }
3149 });
3150
3151
3152 });
3153
3154 unwrapExports(AfterThrowing);
3155 var AfterThrowing_1 = AfterThrowing.AfterThrowing;
3156
3157 var Around = createCommonjsModule(function (module, exports) {
3158 Object.defineProperty(exports, "__esModule", { value: true });
3159
3160
3161 /**
3162 * aop Around advice decorator.
3163 *
3164 * @Around
3165 */
3166 exports.Around = Advice.createAdviceDecorator('Around', null, [
3167 function (ctx, next) {
3168 var arg = ctx.currArg;
3169 if (ioc.isString(arg)) {
3170 ctx.metadata.args = arg;
3171 ctx.next(next);
3172 }
3173 },
3174 function (ctx, next) {
3175 var arg = ctx.currArg;
3176 if (ioc.isString(arg)) {
3177 ctx.metadata.returning = arg;
3178 ctx.next(next);
3179 }
3180 },
3181 function (ctx, next) {
3182 var arg = ctx.currArg;
3183 if (ioc.isString(arg)) {
3184 ctx.metadata.throwing = arg;
3185 ctx.next(next);
3186 }
3187 }
3188 ]);
3189
3190
3191 });
3192
3193 unwrapExports(Around);
3194 var Around_1 = Around.Around;
3195
3196 var Before = createCommonjsModule(function (module, exports) {
3197 Object.defineProperty(exports, "__esModule", { value: true });
3198
3199 /**
3200 * aop Before advice decorator.
3201 *
3202 * @Before
3203 */
3204 exports.Before = Advice.createAdviceDecorator('Before');
3205
3206
3207 });
3208
3209 unwrapExports(Before);
3210 var Before_1 = Before.Before;
3211
3212 var Pointcut = createCommonjsModule(function (module, exports) {
3213 Object.defineProperty(exports, "__esModule", { value: true });
3214
3215 /**
3216 * aop Pointcut advice decorator.
3217 *
3218 * @Pointcut
3219 */
3220 exports.Pointcut = Advice.createAdviceDecorator('Pointcut');
3221
3222
3223 });
3224
3225 unwrapExports(Pointcut);
3226 var Pointcut_1 = Pointcut.Pointcut;
3227
3228 var NonePointcut = createCommonjsModule(function (module, exports) {
3229 Object.defineProperty(exports, "__esModule", { value: true });
3230
3231 /**
3232 * NonePointcut decorator, define class not work with aop.
3233 *
3234 * @NonePointcut
3235 */
3236 exports.NonePointcut = ioc.createClassDecorator('NonePointcut');
3237
3238
3239 });
3240
3241 unwrapExports(NonePointcut);
3242 var NonePointcut_1 = NonePointcut.NonePointcut;
3243
3244 var JoinpointState_1 = createCommonjsModule(function (module, exports) {
3245 Object.defineProperty(exports, "__esModule", { value: true });
3246 var JoinpointState;
3247 (function (JoinpointState) {
3248 JoinpointState["Before"] = "Before";
3249 JoinpointState["Pointcut"] = "Pointcut";
3250 JoinpointState["After"] = "After";
3251 JoinpointState["AfterReturning"] = "AfterReturning";
3252 JoinpointState["AfterThrowing"] = "AfterThrowing";
3253 })(JoinpointState = exports.JoinpointState || (exports.JoinpointState = {}));
3254
3255
3256 });
3257
3258 unwrapExports(JoinpointState_1);
3259 var JoinpointState_2 = JoinpointState_1.JoinpointState;
3260
3261 var Joinpoint_1 = createCommonjsModule(function (module, exports) {
3262 Object.defineProperty(exports, "__esModule", { value: true });
3263
3264
3265 exports.AOP_METHOD_NAME = ioc.tokenId('AOP_METHOD_NAME');
3266 exports.AOP_METHOD_FULLNAME = ioc.tokenId('AOP_METHOD_FULLNAME');
3267 exports.AOP_METHOD_ORIGIN = ioc.tokenId('AOP_METHOD_ORIGIN');
3268 exports.AOP_METHOD_PARAMS = ioc.tokenId('AOP_METHOD_PARAMS');
3269 exports.AOP_METHOD_ANNOTATIONS = ioc.tokenId('AOP_METHOD_ANNOTATIONS');
3270 exports.AOP_METHOD_PROVIDERS = ioc.tokenId('AOP_METHOD_PROVIDERS');
3271 exports.AOP_PROV_JOINPOINT = ioc.tokenId('AOP_PROV_JOINPOINT');
3272 exports.AOP_ARGS = ioc.tokenId('AOP_ARGS');
3273 exports.AOP_TARGET = ioc.tokenId('AOP_TARGET');
3274 exports.AOP_TARGET_TYPE = ioc.tokenId('AOP_TARGET_TYPE');
3275 exports.AOP_RETURNING = ioc.tokenId('AOP_RETURNING');
3276 exports.AOP_THROWING = ioc.tokenId('AOP_THROWING');
3277 exports.AOP_STATE = ioc.tokenId('AOP_STATE');
3278 exports.AOP_ADVICES = ioc.tokenId('AOP_ADVICES');
3279 /**
3280 * Join point data.
3281 *
3282 * @export
3283 * @class Joinpoint
3284 * @implements {IJoinpoint}
3285 */
3286 var Joinpoint = /** @class */ (function (_super) {
3287 tslib.__extends(Joinpoint, _super);
3288 function Joinpoint() {
3289 return _super !== null && _super.apply(this, arguments) || this;
3290 }
3291 Object.defineProperty(Joinpoint.prototype, "name", {
3292 /**
3293 * method name
3294 *
3295 * @type {string}
3296 * @memberof Joinpoint
3297 */
3298 get: function () {
3299 return this.getValue(exports.AOP_METHOD_NAME);
3300 },
3301 enumerable: true,
3302 configurable: true
3303 });
3304 Object.defineProperty(Joinpoint.prototype, "provJoinpoint", {
3305 /**
3306 * prov joinpoint.
3307 *
3308 * @type {IJoinpoint}
3309 * @memberof Joinpoint
3310 */
3311 get: function () {
3312 return this.getValue(exports.AOP_PROV_JOINPOINT);
3313 },
3314 enumerable: true,
3315 configurable: true
3316 });
3317 Joinpoint.prototype.routeValue = function (token) {
3318 var value;
3319 var currj = this;
3320 var key = this.injector.getTokenKey(token);
3321 while (ioc.isNullOrUndefined(value) && currj) {
3322 value = currj.getValue(key);
3323 currj = currj.provJoinpoint;
3324 }
3325 return value;
3326 };
3327 Object.defineProperty(Joinpoint.prototype, "fullName", {
3328 /**
3329 * full name.
3330 *
3331 * @type {string}
3332 * @memberof Joinpoint
3333 */
3334 get: function () {
3335 return this.getValue(exports.AOP_METHOD_FULLNAME);
3336 },
3337 enumerable: true,
3338 configurable: true
3339 });
3340 Object.defineProperty(Joinpoint.prototype, "originMethod", {
3341 get: function () {
3342 return this.getValue(exports.AOP_METHOD_ORIGIN);
3343 },
3344 enumerable: true,
3345 configurable: true
3346 });
3347 Object.defineProperty(Joinpoint.prototype, "state", {
3348 /**
3349 * join point state.
3350 *
3351 * @type {JoinpointState}
3352 * @memberof Joinpoint
3353 */
3354 get: function () {
3355 return this.getValue(exports.AOP_STATE);
3356 },
3357 enumerable: true,
3358 configurable: true
3359 });
3360 Object.defineProperty(Joinpoint.prototype, "params", {
3361 /**
3362 * params of pointcut.
3363 *
3364 * @type {IParameter[]}
3365 * @memberof Joinpoint
3366 */
3367 get: function () {
3368 return this.getValue(exports.AOP_METHOD_PARAMS);
3369 },
3370 enumerable: true,
3371 configurable: true
3372 });
3373 Object.defineProperty(Joinpoint.prototype, "args", {
3374 /**
3375 * args of pointcut.
3376 *
3377 * @type {any[]}
3378 * @memberof Joinpoint
3379 */
3380 get: function () {
3381 var _a;
3382 return _a = this.getValue(exports.AOP_ARGS), (_a !== null && _a !== void 0 ? _a : []);
3383 },
3384 enumerable: true,
3385 configurable: true
3386 });
3387 Object.defineProperty(Joinpoint.prototype, "returning", {
3388 /**
3389 * pointcut returing
3390 *
3391 * @type {*}
3392 * @memberof Joinpoint
3393 */
3394 get: function () {
3395 return this.getValue(exports.AOP_RETURNING);
3396 },
3397 enumerable: true,
3398 configurable: true
3399 });
3400 Object.defineProperty(Joinpoint.prototype, "throwing", {
3401 /**
3402 * pointcut throwing error.
3403 *
3404 * @type {*}
3405 * @memberof Joinpoint
3406 */
3407 get: function () {
3408 return this.getValue(exports.AOP_THROWING);
3409 },
3410 enumerable: true,
3411 configurable: true
3412 });
3413 Object.defineProperty(Joinpoint.prototype, "advices", {
3414 /**
3415 * advicer of joinpoint
3416 *
3417 * @type {Advicer}
3418 * @memberof Joinpoint
3419 */
3420 get: function () {
3421 return this.getValue(exports.AOP_ADVICES);
3422 },
3423 enumerable: true,
3424 configurable: true
3425 });
3426 Object.defineProperty(Joinpoint.prototype, "annotations", {
3427 /**
3428 * orgin pointcut method metadatas.
3429 *
3430 * @type {TypeMetadata[]}
3431 * @memberof Joinpoint
3432 */
3433 get: function () {
3434 return this.routeValue(exports.AOP_METHOD_ANNOTATIONS);
3435 },
3436 enumerable: true,
3437 configurable: true
3438 });
3439 Object.defineProperty(Joinpoint.prototype, "target", {
3440 /**
3441 * pointcut target instance
3442 *
3443 * @type {*}
3444 * @memberof Joinpoint
3445 */
3446 get: function () {
3447 return this.getValue(exports.AOP_TARGET);
3448 },
3449 enumerable: true,
3450 configurable: true
3451 });
3452 Object.defineProperty(Joinpoint.prototype, "targetType", {
3453 /**
3454 * pointcut target type.
3455 *
3456 * @type {Type}
3457 * @memberof Joinpoint
3458 */
3459 get: function () {
3460 return this.getValue(exports.AOP_TARGET_TYPE);
3461 },
3462 enumerable: true,
3463 configurable: true
3464 });
3465 Object.defineProperty(Joinpoint.prototype, "providers", {
3466 get: function () {
3467 if (!this.hasValue(exports.AOP_METHOD_PROVIDERS)) {
3468 this.setValue(exports.AOP_METHOD_PROVIDERS, this.injector.getInstance(ioc.PROVIDERS));
3469 }
3470 return this.getValue(exports.AOP_METHOD_PROVIDERS);
3471 },
3472 enumerable: true,
3473 configurable: true
3474 });
3475 Joinpoint.prototype.getProvProviders = function () {
3476 var pdrs = [];
3477 var currj = this.provJoinpoint;
3478 while (currj) {
3479 var pdr = currj.hasValue(exports.AOP_METHOD_PROVIDERS) ? currj.providers : null;
3480 if (pdr && pdr.size) {
3481 pdrs.push(pdr);
3482 }
3483 currj = currj.provJoinpoint;
3484 }
3485 return pdrs;
3486 };
3487 Joinpoint.prototype.setOptions = function (options) {
3488 if (!options) {
3489 return this;
3490 }
3491 _super.prototype.setOptions.call(this, options);
3492 this.setValue(exports.AOP_TARGET_TYPE, options.targetType);
3493 options.target && this.setValue(exports.AOP_TARGET, options.target);
3494 options.originMethod && this.setValue(exports.AOP_METHOD_ORIGIN, options.originMethod);
3495 this.setValue(exports.AOP_METHOD_NAME, options.name);
3496 this.setValue(exports.AOP_METHOD_FULLNAME, options.fullName);
3497 this.setValue(exports.AOP_METHOD_PARAMS, options.params);
3498 this.setValue(exports.AOP_ARGS, options.args);
3499 this.setValue(exports.AOP_ADVICES, options.advices);
3500 options.state && this.setValue(exports.AOP_STATE, options.state);
3501 options.providers && this.setValue(exports.AOP_METHOD_PROVIDERS, options.providers);
3502 options.annotations && this.setValue(exports.AOP_METHOD_ANNOTATIONS, options.annotations);
3503 options.provJoinpoint && this.setValue(exports.AOP_PROV_JOINPOINT, options.provJoinpoint);
3504 };
3505 /**
3506 * create resolve context via options.
3507 *
3508 * @static
3509 * @param {IInjector} injector
3510 * @param {ResolveActionOption} options
3511 * @returns {ResolveActionContext}
3512 * @memberof ResolveActionContext
3513 */
3514 Joinpoint.parse = function (injector, options) {
3515 return ioc.createContext(injector, Joinpoint, options);
3516 };
3517 return Joinpoint;
3518 }(ioc.IocContext));
3519 exports.Joinpoint = Joinpoint;
3520
3521
3522 });
3523
3524 unwrapExports(Joinpoint_1);
3525 var Joinpoint_2 = Joinpoint_1.AOP_METHOD_NAME;
3526 var Joinpoint_3 = Joinpoint_1.AOP_METHOD_FULLNAME;
3527 var Joinpoint_4 = Joinpoint_1.AOP_METHOD_ORIGIN;
3528 var Joinpoint_5 = Joinpoint_1.AOP_METHOD_PARAMS;
3529 var Joinpoint_6 = Joinpoint_1.AOP_METHOD_ANNOTATIONS;
3530 var Joinpoint_7 = Joinpoint_1.AOP_METHOD_PROVIDERS;
3531 var Joinpoint_8 = Joinpoint_1.AOP_PROV_JOINPOINT;
3532 var Joinpoint_9 = Joinpoint_1.AOP_ARGS;
3533 var Joinpoint_10 = Joinpoint_1.AOP_TARGET;
3534 var Joinpoint_11 = Joinpoint_1.AOP_TARGET_TYPE;
3535 var Joinpoint_12 = Joinpoint_1.AOP_RETURNING;
3536 var Joinpoint_13 = Joinpoint_1.AOP_THROWING;
3537 var Joinpoint_14 = Joinpoint_1.AOP_STATE;
3538 var Joinpoint_15 = Joinpoint_1.AOP_ADVICES;
3539 var Joinpoint_16 = Joinpoint_1.Joinpoint;
3540
3541 var Advices = createCommonjsModule(function (module, exports) {
3542 Object.defineProperty(exports, "__esModule", { value: true });
3543
3544 exports.AdvicesToken = ioc.tokenId('AOP_ADVICES');
3545
3546
3547 });
3548
3549 unwrapExports(Advices);
3550 var Advices_1 = Advices.AdvicesToken;
3551
3552 var IAdvisor = createCommonjsModule(function (module, exports) {
3553 Object.defineProperty(exports, "__esModule", { value: true });
3554
3555 exports.AOP_EXTEND_TARGET_TOKEN = ioc.tokenId('AOP_EXTEND_TARGET_TOKEN');
3556 /**
3557 * Aop IAdvisor interface token.
3558 * it is a token id, you can register yourself IAdvisor for this.
3559 */
3560 exports.AdvisorToken = ioc.tokenId('DI_IAdvisor');
3561
3562
3563 });
3564
3565 unwrapExports(IAdvisor);
3566 var IAdvisor_1 = IAdvisor.AOP_EXTEND_TARGET_TOKEN;
3567 var IAdvisor_2 = IAdvisor.AdvisorToken;
3568
3569 var regexps = createCommonjsModule(function (module, exports) {
3570 Object.defineProperty(exports, "__esModule", { value: true });
3571 exports.aExp = /^@/;
3572 exports.annPreChkExp = /^\^?@\w+/;
3573 exports.annContentExp = /^@annotation\(.*\)$/;
3574 exports.executionChkExp = /^execution\(\S+\)$/;
3575 exports.execContentExp = /^execution\(.*\)$/;
3576 exports.mthNameExp = /^\w+(\((\s*\w+\s*,)*\s*\w*\))?$/;
3577 exports.tgMthChkExp = /^([\w\*]+\.)+[\w\*]+(\((\s*\w+\s*,)*\s*\w*\))?$/;
3578 exports.preParam = /^\(/;
3579 exports.endParam = /\)$/;
3580 exports.withInChkExp = /^@within\(\s*\w+/;
3581 exports.targetChkExp = /^@target\(\s*\w+/;
3582 exports.replAny = /\*\*/gi;
3583 exports.replAny1 = /\*/gi;
3584 exports.replDot = /\./gi;
3585 exports.replNav = /\//gi;
3586
3587
3588 });
3589
3590 unwrapExports(regexps);
3591 var regexps_1 = regexps.aExp;
3592 var regexps_2 = regexps.annPreChkExp;
3593 var regexps_3 = regexps.annContentExp;
3594 var regexps_4 = regexps.executionChkExp;
3595 var regexps_5 = regexps.execContentExp;
3596 var regexps_6 = regexps.mthNameExp;
3597 var regexps_7 = regexps.tgMthChkExp;
3598 var regexps_8 = regexps.preParam;
3599 var regexps_9 = regexps.endParam;
3600 var regexps_10 = regexps.withInChkExp;
3601 var regexps_11 = regexps.targetChkExp;
3602 var regexps_12 = regexps.replAny;
3603 var regexps_13 = regexps.replAny1;
3604 var regexps_14 = regexps.replDot;
3605 var regexps_15 = regexps.replNav;
3606
3607 var ProceedingScope_1 = createCommonjsModule(function (module, exports) {
3608 Object.defineProperty(exports, "__esModule", { value: true });
3609
3610
3611
3612
3613
3614
3615 var proxyFlag = '_proxy';
3616 var ctor = 'constructor';
3617 exports.AOP_ADVICE_INVOKER = ioc.tokenId('AOP_ADVICE_INVOKER');
3618 /**
3619 * Proxy method.
3620 *
3621 * @export
3622 * @class ProxyMethod
3623 * @implements {IProxyMethod}
3624 */
3625 var ProceedingScope = /** @class */ (function (_super) {
3626 tslib.__extends(ProceedingScope, _super);
3627 function ProceedingScope() {
3628 return _super !== null && _super.apply(this, arguments) || this;
3629 }
3630 ProceedingScope.prototype.execute = function (ctx, next) {
3631 var _this = this;
3632 ctx.providers.inject({ provide: Joinpoint_1.Joinpoint, useValue: ctx });
3633 ctx.setValue(exports.AOP_ADVICE_INVOKER, function (j, a) { return _this.invokeAdvice(j, a, _this.reflects); });
3634 _super.prototype.execute.call(this, ctx, next);
3635 };
3636 Object.defineProperty(ProceedingScope.prototype, "reflects", {
3637 get: function () {
3638 if (!this._reflects) {
3639 this._reflects = this.actInjector.getInstance(ioc.TypeReflectsToken);
3640 }
3641 return this._reflects;
3642 },
3643 enumerable: true,
3644 configurable: true
3645 });
3646 ProceedingScope.prototype.beforeConstr = function (targetType, params, args, providers) {
3647 var propertykey = ctor;
3648 var advices = this.actInjector.getInstance(IAdvisor.AdvisorToken).getAdvices(targetType, propertykey);
3649 if (!advices) {
3650 return;
3651 }
3652 var className = ioc.lang.getClassName(targetType);
3653 var joinPoint = Joinpoint_1.Joinpoint.parse(this.reflects.getInjector(targetType), {
3654 name: ctor,
3655 state: JoinpointState_1.JoinpointState.Before,
3656 advices: advices,
3657 fullName: className + '.' + ctor,
3658 args: args,
3659 params: params,
3660 targetType: targetType,
3661 providers: providers
3662 });
3663 this.execute(joinPoint);
3664 };
3665 ProceedingScope.prototype.afterConstr = function (target, targetType, params, args, providers) {
3666 var propertykey = ctor;
3667 var advices = this.actInjector.getInstance(IAdvisor.AdvisorToken).getAdvices(targetType, propertykey);
3668 if (!advices) {
3669 return;
3670 }
3671 var className = ioc.lang.getClassName(targetType);
3672 var joinPoint = Joinpoint_1.Joinpoint.parse(this.reflects.getInjector(targetType), {
3673 name: ctor,
3674 state: JoinpointState_1.JoinpointState.After,
3675 advices: advices,
3676 fullName: className + '.' + ctor,
3677 args: args,
3678 params: params,
3679 target: target,
3680 targetType: targetType,
3681 providers: providers
3682 });
3683 this.execute(joinPoint);
3684 };
3685 /**
3686 * proceed the proxy method.
3687 *
3688 * @param {*} target
3689 * @param {Type} targetType
3690 * @param {IPointcut} pointcut
3691 * @param {Joinpoint} [provJoinpoint]
3692 * @memberof ProxyMethod
3693 */
3694 ProceedingScope.prototype.proceed = function (target, targetType, advices, pointcut, provJoinpoint) {
3695 var methodName = pointcut.name;
3696 if (advices && pointcut) {
3697 if (pointcut.descriptor && (pointcut.descriptor.get || pointcut.descriptor.set)) {
3698 if (pointcut.descriptor.get && !pointcut.descriptor.get[proxyFlag]) {
3699 var getMethod = pointcut.descriptor.get.bind(target);
3700 pointcut.descriptor.get = this.proxy(getMethod, advices, target, targetType, pointcut, provJoinpoint);
3701 pointcut.descriptor.get[proxyFlag] = true;
3702 }
3703 if (pointcut.descriptor.set && !pointcut.descriptor.set[proxyFlag]) {
3704 var setMethod = pointcut.descriptor.set.bind(target);
3705 pointcut.descriptor.set = this.proxy(setMethod, advices, target, targetType, pointcut, provJoinpoint);
3706 pointcut.descriptor.set[proxyFlag] = true;
3707 }
3708 Reflect.defineProperty(target, methodName, pointcut.descriptor);
3709 }
3710 else if (ioc.isFunction(target[methodName]) && !target[methodName][proxyFlag]) {
3711 var propertyMethod = target[methodName].bind(target);
3712 target[methodName] = this.proxy(propertyMethod, advices, target, targetType, pointcut, provJoinpoint);
3713 target[methodName][proxyFlag] = true;
3714 }
3715 }
3716 };
3717 ProceedingScope.prototype.proxy = function (propertyMethod, advices, target, targetType, pointcut, provJoinpoint) {
3718 var fullName = pointcut.fullName;
3719 var methodName = pointcut.name;
3720 var reflects = this.reflects;
3721 var self = this;
3722 return function () {
3723 var args = [];
3724 for (var _i = 0; _i < arguments.length; _i++) {
3725 args[_i] = arguments[_i];
3726 }
3727 var larg = ioc.lang.last(args);
3728 var cuurPrd = null;
3729 if (larg instanceof ioc.InvokedProviders) {
3730 args = args.slice(0, args.length - 1);
3731 cuurPrd = larg;
3732 }
3733 var joinPoint = Joinpoint_1.Joinpoint.parse(reflects.getInjector(targetType), {
3734 name: methodName,
3735 fullName: fullName,
3736 params: reflects.getParameters(targetType, target, methodName),
3737 args: args,
3738 target: target,
3739 targetType: targetType,
3740 advices: advices,
3741 originMethod: propertyMethod,
3742 provJoinpoint: provJoinpoint,
3743 annotations: reflects.getMetadatas(targetType, methodName, 'method'),
3744 providers: cuurPrd
3745 });
3746 self.execute(joinPoint);
3747 var returning = joinPoint.returning;
3748 return returning;
3749 };
3750 };
3751 ProceedingScope.prototype.setup = function () {
3752 this.use(CtorAdvicesScope)
3753 .use(MethodAdvicesScope);
3754 };
3755 ProceedingScope.prototype.invokeAdvice = function (joinPoint, advicer, reflects) {
3756 var metadata = advicer.advice;
3757 var providers = joinPoint.providers;
3758 if (ioc.isDefined(joinPoint.args) && metadata.args) {
3759 providers.inject({ provide: metadata.args, useValue: joinPoint.args });
3760 }
3761 if (metadata.annotationArgName) {
3762 providers.inject({
3763 provide: metadata.annotationArgName,
3764 useFactory: function () {
3765 var curj = joinPoint;
3766 var annotations = curj.annotations;
3767 if (ioc.isArray(annotations)) {
3768 if (metadata.annotationName) {
3769 var d_1 = metadata.annotationName;
3770 d_1 = regexps.aExp.test(d_1) ? d_1 : "@" + d_1;
3771 return annotations.filter(function (a) { return a.decorator === d_1; });
3772 }
3773 return annotations;
3774 }
3775 else {
3776 return [];
3777 }
3778 }
3779 });
3780 }
3781 if (joinPoint.hasValue(Joinpoint_1.AOP_RETURNING) && metadata.returning) {
3782 providers.inject({ provide: metadata.returning, useValue: joinPoint.returning });
3783 }
3784 if (joinPoint.throwing && metadata.throwing) {
3785 providers.inject({ provide: metadata.throwing, useValue: joinPoint.throwing });
3786 }
3787 return reflects.getInjector(advicer.aspectType).invoke(advicer.aspectType, advicer.advice.propertyKey, providers);
3788 };
3789 return ProceedingScope;
3790 }(ioc.IocCompositeAction));
3791 exports.ProceedingScope = ProceedingScope;
3792 var CtorAdvicesScope = /** @class */ (function (_super) {
3793 tslib.__extends(CtorAdvicesScope, _super);
3794 function CtorAdvicesScope() {
3795 return _super !== null && _super.apply(this, arguments) || this;
3796 }
3797 CtorAdvicesScope.prototype.execute = function (ctx, next) {
3798 if (ctx.name === ctor) {
3799 _super.prototype.execute.call(this, ctx);
3800 }
3801 else {
3802 next();
3803 }
3804 };
3805 CtorAdvicesScope.prototype.setup = function () {
3806 this.use(exports.CtorBeforeAdviceAction)
3807 .use(exports.CtorAfterAdviceAction);
3808 };
3809 return CtorAdvicesScope;
3810 }(ioc.IocCompositeAction));
3811 exports.CtorAdvicesScope = CtorAdvicesScope;
3812 exports.CtorBeforeAdviceAction = function (ctx, next) {
3813 if (ctx.state === JoinpointState_1.JoinpointState.Before) {
3814 var advices = ctx.advices;
3815 var invoker_1 = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3816 advices.Before.forEach(function (advicer) {
3817 invoker_1(ctx, advicer);
3818 });
3819 advices.Pointcut.forEach(function (advicer) {
3820 invoker_1(ctx, advicer);
3821 });
3822 advices.Around.forEach(function (advicer) {
3823 invoker_1(ctx, advicer);
3824 });
3825 }
3826 next();
3827 };
3828 exports.CtorAfterAdviceAction = function (ctx, next) {
3829 if (ctx.state === JoinpointState_1.JoinpointState.After) {
3830 var advices = ctx.advices;
3831 var invoker_2 = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3832 advices.After.forEach(function (advicer) {
3833 invoker_2(ctx, advicer);
3834 });
3835 advices.Around.forEach(function (advicer) {
3836 invoker_2(ctx, advicer);
3837 });
3838 }
3839 next();
3840 };
3841 var MethodAdvicesScope = /** @class */ (function (_super) {
3842 tslib.__extends(MethodAdvicesScope, _super);
3843 function MethodAdvicesScope() {
3844 return _super !== null && _super.apply(this, arguments) || this;
3845 }
3846 MethodAdvicesScope.prototype.execute = function (ctx, next) {
3847 var _a;
3848 (_a = ctx.providers).inject.apply(_a, ctx.getProvProviders());
3849 _super.prototype.execute.call(this, ctx, next);
3850 };
3851 MethodAdvicesScope.prototype.setup = function () {
3852 this.use(exports.BeforeAdvicesAction)
3853 .use(exports.PointcutAdvicesAction)
3854 .use(exports.ExecuteOriginMethodAction)
3855 .use(exports.AfterAdvicesAction)
3856 .use(exports.AfterAsyncReturningAdvicesAction)
3857 .use(exports.AfterReturningAdvicesAction)
3858 .use(exports.AfterThrowingAdvicesAction);
3859 };
3860 return MethodAdvicesScope;
3861 }(ioc.IocCompositeAction));
3862 exports.MethodAdvicesScope = MethodAdvicesScope;
3863 exports.BeforeAdvicesAction = function (ctx, next) {
3864 if (ctx.throwing) {
3865 return next();
3866 }
3867 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.Before);
3868 var advices = ctx.advices;
3869 var invoker = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3870 advices.Around.forEach(function (advicer) {
3871 invoker(ctx, advicer);
3872 });
3873 advices.Before.forEach(function (advicer) {
3874 invoker(ctx, advicer);
3875 });
3876 next();
3877 };
3878 exports.PointcutAdvicesAction = function (ctx, next) {
3879 if (ctx.throwing) {
3880 return next();
3881 }
3882 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.Pointcut);
3883 var advices = ctx.advices;
3884 var invoker = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3885 advices.Pointcut.forEach(function (advicer) {
3886 invoker(ctx, advicer);
3887 });
3888 next();
3889 };
3890 exports.ExecuteOriginMethodAction = function (ctx, next) {
3891 if (ctx.throwing) {
3892 return next();
3893 }
3894 try {
3895 var val = ctx.originMethod.apply(ctx, ctx.args);
3896 ctx.setValue(Joinpoint_1.AOP_RETURNING, val);
3897 }
3898 catch (err) {
3899 ctx.setValue(Joinpoint_1.AOP_THROWING, err);
3900 }
3901 next();
3902 };
3903 exports.AfterAdvicesAction = function (ctx, next) {
3904 if (ctx.throwing) {
3905 return next();
3906 }
3907 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.After);
3908 var advices = ctx.advices;
3909 var invoker = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3910 advices.Around.forEach(function (advicer) {
3911 invoker(ctx, advicer);
3912 });
3913 advices.After.forEach(function (advicer) {
3914 invoker(ctx, advicer);
3915 });
3916 next();
3917 };
3918 exports.AfterAsyncReturningAdvicesAction = function (ctx, next) {
3919 if (ctx.throwing || !ioc.isPromise(ctx.returning)) {
3920 return next();
3921 }
3922 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.AfterReturning);
3923 var advices = ctx.advices;
3924 var invoker = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3925 ctx.setValue(Joinpoint_1.AOP_RETURNING, ioc.PromiseUtil.step(tslib.__spreadArrays([
3926 ctx.returning
3927 ], advices.Around.map(function (a) { return function () { return invoker(ctx, a); }; }), advices.AfterReturning.map(function (a) { return function () { return invoker(ctx, a); }; }), [
3928 ctx.returning
3929 ])));
3930 };
3931 exports.AfterReturningAdvicesAction = function (ctx, next) {
3932 if (ctx.throwing) {
3933 return next();
3934 }
3935 if (ctx.hasValue(Joinpoint_1.AOP_RETURNING)) {
3936 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.AfterReturning);
3937 var advices = ctx.advices;
3938 var invoker_3 = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3939 advices.Around.forEach(function (advicer) {
3940 invoker_3(ctx, advicer);
3941 });
3942 advices.AfterReturning.forEach(function (advicer) {
3943 invoker_3(ctx, advicer);
3944 });
3945 }
3946 };
3947 exports.AfterThrowingAdvicesAction = function (ctx, next) {
3948 if (ctx.throwing) {
3949 ctx.setValue(Joinpoint_1.AOP_STATE, JoinpointState_1.JoinpointState.AfterThrowing);
3950 }
3951 var advices = ctx.advices;
3952 var invoker = ctx.getValue(exports.AOP_ADVICE_INVOKER);
3953 advices.Around.forEach(function (advicer) {
3954 invoker(ctx, advicer);
3955 });
3956 advices.AfterThrowing.forEach(function (advicer) {
3957 invoker(ctx, advicer);
3958 });
3959 };
3960
3961
3962 });
3963
3964 unwrapExports(ProceedingScope_1);
3965 var ProceedingScope_2 = ProceedingScope_1.AOP_ADVICE_INVOKER;
3966 var ProceedingScope_3 = ProceedingScope_1.ProceedingScope;
3967 var ProceedingScope_4 = ProceedingScope_1.CtorAdvicesScope;
3968 var ProceedingScope_5 = ProceedingScope_1.CtorBeforeAdviceAction;
3969 var ProceedingScope_6 = ProceedingScope_1.CtorAfterAdviceAction;
3970 var ProceedingScope_7 = ProceedingScope_1.MethodAdvicesScope;
3971 var ProceedingScope_8 = ProceedingScope_1.BeforeAdvicesAction;
3972 var ProceedingScope_9 = ProceedingScope_1.PointcutAdvicesAction;
3973 var ProceedingScope_10 = ProceedingScope_1.ExecuteOriginMethodAction;
3974 var ProceedingScope_11 = ProceedingScope_1.AfterAdvicesAction;
3975 var ProceedingScope_12 = ProceedingScope_1.AfterAsyncReturningAdvicesAction;
3976 var ProceedingScope_13 = ProceedingScope_1.AfterReturningAdvicesAction;
3977 var ProceedingScope_14 = ProceedingScope_1.AfterThrowingAdvicesAction;
3978
3979 var Advisor_1 = createCommonjsModule(function (module, exports) {
3980 Object.defineProperty(exports, "__esModule", { value: true });
3981
3982
3983
3984 /**
3985 * for global aop advisor.
3986 *
3987 * @export
3988 * @class Advisor
3989 */
3990 var Advisor = /** @class */ (function () {
3991 function Advisor(reflects) {
3992 this.reflects = reflects;
3993 this.aspects = new Map();
3994 this.advices = new Map();
3995 }
3996 /**
3997 * set advices.
3998 *
3999 * @param {string} key
4000 * @param {Advices} advices
4001 * @memberof Advisor
4002 */
4003 Advisor.prototype.setAdvices = function (type, key, advices) {
4004 if (!this.advices.has(type)) {
4005 this.advices.set(type, new Map());
4006 }
4007 this.advices.get(type).set(key, advices);
4008 };
4009 Advisor.prototype.hasAdvices = function (type) {
4010 return this.advices.has(type);
4011 };
4012 /**
4013 * get advices.
4014 *
4015 * @param {string} key
4016 * @returns
4017 * @memberof Advisor
4018 */
4019 Advisor.prototype.getAdvices = function (type, key) {
4020 var _a;
4021 return ((_a = this.advices.get(type)) === null || _a === void 0 ? void 0 : _a.get(key)) || null;
4022 };
4023 /**
4024 * get advices.
4025 *
4026 * @param {string} key
4027 * @returns {Advices}
4028 * @memberof IAdvisor
4029 */
4030 Advisor.prototype.getAdviceMap = function (type) {
4031 return this.advices.get(type);
4032 };
4033 /**
4034 * add aspect.
4035 *
4036 * @param {Type} aspect
4037 * @param {IInjector} injector
4038 * @memberof Advisor
4039 */
4040 Advisor.prototype.add = function (aspect) {
4041 if (!this.aspects.has(aspect)) {
4042 var metas = this.reflects.getMethodMetadata(Advice.Advice, aspect);
4043 this.aspects.set(aspect, metas);
4044 }
4045 };
4046 /**
4047 * resolve aspect.
4048 *
4049 * @template T
4050 * @param {Type<T>} aspect
4051 * @param {...ParamProviders[]} providers
4052 * @returns {T}
4053 * @memberof Advisor
4054 */
4055 Advisor.prototype.resolve = function (aspect) {
4056 var _a;
4057 var providers = [];
4058 for (var _i = 1; _i < arguments.length; _i++) {
4059 providers[_i - 1] = arguments[_i];
4060 }
4061 return (_a = this.reflects.getInjector(aspect)).resolve.apply(_a, tslib.__spreadArrays([aspect], providers));
4062 };
4063 Advisor = tslib.__decorate([
4064 tslib.__param(0, ioc.Inject(ioc.TypeReflectsToken)),
4065 tslib.__metadata("design:paramtypes", [Object])
4066 ], Advisor);
4067 return Advisor;
4068 }());
4069 exports.Advisor = Advisor;
4070
4071
4072 });
4073
4074 unwrapExports(Advisor_1);
4075 var Advisor_2 = Advisor_1.Advisor;
4076
4077 var AdviceMatcher_1 = createCommonjsModule(function (module, exports) {
4078 Object.defineProperty(exports, "__esModule", { value: true });
4079
4080
4081
4082
4083
4084 /**
4085 * advice matcher, use to match advice when a registered create instance.
4086 *
4087 * @export
4088 * @class AdviceMatcher
4089 * @implements {IAdviceMatcher}
4090 */
4091 var AdviceMatcher = /** @class */ (function () {
4092 function AdviceMatcher(reflects) {
4093 this.reflects = reflects;
4094 }
4095 AdviceMatcher.prototype.match = function (aspectType, targetType, adviceMetas, target) {
4096 var _this = this;
4097 var refs = this.reflects;
4098 var aspectMeta = ioc.lang.first(refs.getMetadata(Aspect.Aspect, aspectType));
4099 if (aspectMeta) {
4100 if (aspectMeta.without) {
4101 var outs = ioc.isArray(aspectMeta.without) ? aspectMeta.without : [aspectMeta.without];
4102 if (outs.some(function (t) { return refs.isExtends(targetType, t); })) {
4103 return [];
4104 }
4105 }
4106 if (aspectMeta.within) {
4107 var ins = ioc.isArray(aspectMeta.within) ? aspectMeta.within : [aspectMeta.within];
4108 if (!ins.some(function (t) { return refs.isExtends(targetType, t); })) {
4109 if (!aspectMeta.annotation) {
4110 return [];
4111 }
4112 }
4113 }
4114 if (aspectMeta.annotation) {
4115 var annotation = ioc.isFunction(aspectMeta.annotation) ? aspectMeta.annotation.toString() : aspectMeta.annotation;
4116 var anno = (regexps.annPreChkExp.test(annotation) ? '' : '@') + annotation;
4117 if (!refs.hasMetadata(anno, targetType)) {
4118 return [];
4119 }
4120 }
4121 }
4122 var className = ioc.lang.getClassName(targetType);
4123 adviceMetas = adviceMetas || refs.getMethodMetadata(Advice.Advice, targetType);
4124 var matched = [];
4125 if (targetType === aspectType) {
4126 var adviceNames = Object.keys(adviceMetas);
4127 if (adviceNames.length > 1) {
4128 var advices_1 = [];
4129 adviceNames.forEach(function (n) {
4130 advices_1 = advices_1.concat(adviceMetas[n]);
4131 });
4132 adviceNames.forEach(function (n) {
4133 advices_1.forEach(function (adv) {
4134 if (adv.propertyKey !== n) {
4135 if (_this.matchAspectSelf(n, adv)) {
4136 matched.push({
4137 name: n,
4138 fullName: className + "." + n,
4139 advice: adv
4140 });
4141 }
4142 }
4143 });
4144 });
4145 }
4146 }
4147 else {
4148 var points_1 = [];
4149 var decorators = refs.create(targetType).defines.getPropertyDescriptors();
4150 // match method.
4151 for (var name_1 in decorators) {
4152 // if (name !== 'constructor') {
4153 points_1.push({
4154 name: name_1,
4155 fullName: className + "." + name_1
4156 });
4157 // }
4158 }
4159 Object.getOwnPropertyNames(adviceMetas).forEach(function (name) {
4160 var advices = adviceMetas[name];
4161 advices.forEach(function (metadata) {
4162 matched = matched.concat(_this.filterPointcut(targetType, points_1, metadata));
4163 });
4164 });
4165 }
4166 return matched;
4167 };
4168 AdviceMatcher.prototype.matchAspectSelf = function (name, metadata) {
4169 if (metadata.pointcut) {
4170 var pointcut = metadata.pointcut;
4171 if (ioc.isString(pointcut)) {
4172 if (regexps.executionChkExp.test(pointcut)) {
4173 pointcut = pointcut.substring(10, pointcut.length - 1);
4174 }
4175 return pointcut.startsWith(name);
4176 }
4177 else if (ioc.isRegExp(pointcut)) {
4178 return pointcut.test(name);
4179 }
4180 }
4181 return false;
4182 };
4183 AdviceMatcher.prototype.filterPointcut = function (type, points, metadata, target) {
4184 if (!metadata.pointcut) {
4185 return [];
4186 }
4187 var matchedPointcut;
4188 if (metadata.pointcut) {
4189 var match_1 = this.matchTypeFactory(type, metadata);
4190 matchedPointcut = points.filter(function (p) { return match_1(p.name, p.fullName, type, target, p); });
4191 }
4192 matchedPointcut = matchedPointcut || [];
4193 return matchedPointcut.map(function (p) {
4194 return Object.assign({}, p, { advice: metadata });
4195 });
4196 };
4197 AdviceMatcher.prototype.matchTypeFactory = function (type, metadata) {
4198 var _this = this;
4199 var pointcut = metadata.pointcut;
4200 var expresses = [];
4201 if (metadata.within) {
4202 expresses.push(function (method, fullName, targetType) {
4203 if (ioc.isArray(metadata.within)) {
4204 return metadata.within.some(function (t) { return _this.reflects.isExtends(targetType, t); });
4205 }
4206 else {
4207 return _this.reflects.isExtends(targetType, metadata.within);
4208 }
4209 });
4210 expresses.push('&&');
4211 }
4212 if (metadata.target) {
4213 expresses.push(function (method, fullName, targetType, target) {
4214 return metadata.target = target;
4215 });
4216 expresses.push('&&');
4217 }
4218 if (metadata.annotation) {
4219 expresses.push(function (method, fullName, targetType, target) {
4220 return _this.reflects.hasMethodMetadata(metadata.annotation, targetType, method);
4221 });
4222 expresses.push('&&');
4223 }
4224 if (ioc.isString(pointcut)) {
4225 var pointcuts = (pointcut || '').trim();
4226 expresses.push(this.tranlateExpress(type, pointcuts));
4227 }
4228 else if (ioc.isRegExp(pointcut)) {
4229 var pointcutReg_1 = pointcut;
4230 if (regexps.annPreChkExp.test(pointcutReg_1.source)) {
4231 expresses.push(function (name, fullName, targetType) {
4232 var decName = Reflect.getMetadataKeys(type, name);
4233 return decName.some(function (n) { return ioc.isString(n) && pointcutReg_1.test(n); });
4234 });
4235 }
4236 else {
4237 expresses.push(function (name, fullName) { return pointcutReg_1.test(fullName); });
4238 }
4239 }
4240 return this.mergeExpress.apply(this, expresses);
4241 };
4242 AdviceMatcher.prototype.spiltBrace = function (strExp) {
4243 strExp = strExp.trim();
4244 if (regexps.preParam.test(strExp) && regexps.endParam.test(strExp)) {
4245 strExp = strExp.substring(1, strExp.length - 1).trim();
4246 }
4247 if (regexps.preParam.test(strExp) && regexps.endParam.test(strExp)) {
4248 return this.spiltBrace(strExp);
4249 }
4250 else {
4251 return strExp;
4252 }
4253 };
4254 AdviceMatcher.prototype.expressToFunc = function (type, strExp) {
4255 var _this = this;
4256 if (regexps.annContentExp.test(strExp)) {
4257 var exp = strExp.substring(12, strExp.length - 1);
4258 var annotation_1 = regexps.aExp.test(exp) ? exp : ('@' + exp);
4259 return function (name, fullName) {
4260 if (name === 'constructor') {
4261 return _this.reflects.hasMetadata(annotation_1, type);
4262 }
4263 return _this.reflects.hasMethodMetadata(annotation_1, type, name);
4264 };
4265 }
4266 else if (regexps.execContentExp.test(strExp)) {
4267 var exp = strExp.substring(10, strExp.length - 1);
4268 if (exp === '*' || exp === '*.*') {
4269 return function (name, fullName) { return !!name && !_this.reflects.hasMetadata(Aspect.Aspect, type); };
4270 }
4271 else if (regexps.mthNameExp.test(exp)) {
4272 // if is method name, will match aspect self only.
4273 return function () { return false; };
4274 }
4275 else if (regexps.tgMthChkExp.test(exp)) {
4276 exp = exp.replace(regexps.replAny, '(\\\w+(\\\.|\\\/)){0,}\\\w+')
4277 .replace(regexps.replAny1, '\\\w+')
4278 .replace(regexps.replDot, '\\\.')
4279 .replace(regexps.replNav, '\\\/');
4280 var matcher_1 = new RegExp(exp + '$');
4281 return function (name, fullName) { return matcher_1.test(fullName); };
4282 }
4283 else {
4284 return function () { return false; };
4285 }
4286 }
4287 else if (regexps.withInChkExp.test(strExp)) {
4288 var classnames_1 = strExp.substring(strExp.indexOf('(') + 1, strExp.length - 1).split(',').map(function (n) { return n.trim(); });
4289 return function (name, fullName, targetType) { return classnames_1.indexOf(ioc.lang.getClassName(targetType)) >= 0; };
4290 }
4291 else if (regexps.targetChkExp.test(strExp)) {
4292 var torken_1 = strExp.substring(strExp.indexOf('(') + 1, strExp.length - 1).trim();
4293 return function (name, fullName, targetType) { return _this.reflects.getInjector(type).getTokenProvider(torken_1) === targetType; };
4294 }
4295 else {
4296 return function () { return false; };
4297 }
4298 };
4299 AdviceMatcher.prototype.tranlateExpress = function (type, strExp) {
4300 var expresses = [];
4301 var idxOr = strExp.indexOf('||');
4302 var idxAd = strExp.indexOf('&&');
4303 if (idxAd < 0 && idxOr < 0) {
4304 expresses.push(this.expressToFunc(type, this.spiltBrace(strExp)));
4305 }
4306 else {
4307 if (idxOr > idxAd) {
4308 var leftExp = this.spiltBrace(strExp.substring(0, idxOr));
4309 if (leftExp) {
4310 expresses.push(this.tranlateExpress(type, leftExp));
4311 }
4312 var rightExp = this.spiltBrace(strExp.substring(idxOr + 2));
4313 if (rightExp) {
4314 expresses.push('||');
4315 expresses.push(this.tranlateExpress(type, rightExp));
4316 }
4317 }
4318 else if (idxAd > idxOr) {
4319 var leftExp = this.spiltBrace(strExp.substring(0, idxAd));
4320 if (leftExp) {
4321 expresses.push(this.tranlateExpress(type, leftExp));
4322 }
4323 var rightExp = this.spiltBrace(strExp.substring(idxAd + 2));
4324 if (rightExp) {
4325 expresses.push('&&');
4326 expresses.push(this.tranlateExpress(type, rightExp));
4327 }
4328 }
4329 }
4330 return this.mergeExpress.apply(this, expresses);
4331 };
4332 AdviceMatcher.prototype.mergeExpress = function () {
4333 var expresses = [];
4334 for (var _i = 0; _i < arguments.length; _i++) {
4335 expresses[_i] = arguments[_i];
4336 }
4337 return function (method, fullName, targetType, pointcut) {
4338 var flag;
4339 expresses.forEach(function (express, idx) {
4340 if (ioc.isDefined(flag)) {
4341 return;
4342 }
4343 if (ioc.isFunction(express)) {
4344 var rel = express(method, fullName, targetType, pointcut);
4345 if (idx < expresses.length - 2) {
4346 if (!rel && express[idx + 1] === '&&') {
4347 flag = false;
4348 }
4349 if (rel && express[idx + 1] === '||') {
4350 flag = true;
4351 }
4352 }
4353 else {
4354 flag = rel;
4355 }
4356 }
4357 });
4358 return flag;
4359 };
4360 };
4361 AdviceMatcher = tslib.__decorate([
4362 tslib.__param(0, ioc.Inject(ioc.TypeReflectsToken)),
4363 tslib.__metadata("design:paramtypes", [Object])
4364 ], AdviceMatcher);
4365 return AdviceMatcher;
4366 }());
4367 exports.AdviceMatcher = AdviceMatcher;
4368
4369
4370 });
4371
4372 unwrapExports(AdviceMatcher_1);
4373 var AdviceMatcher_2 = AdviceMatcher_1.AdviceMatcher;
4374
4375 var IAdviceMatcher = createCommonjsModule(function (module, exports) {
4376 Object.defineProperty(exports, "__esModule", { value: true });
4377
4378 /**
4379 * Aop advice matcher interface token.
4380 * it is a token id, you can register yourself IActionBuilder for this.
4381 */
4382 exports.AdviceMatcherToken = ioc.tokenId('DI_IAdviceMatcher');
4383
4384
4385 });
4386
4387 unwrapExports(IAdviceMatcher);
4388 var IAdviceMatcher_1 = IAdviceMatcher.AdviceMatcherToken;
4389
4390 var aopActions = createCommonjsModule(function (module, exports) {
4391 Object.defineProperty(exports, "__esModule", { value: true });
4392
4393
4394
4395
4396
4397 /**
4398 * execute bind method pointcut action.
4399 */
4400 exports.BindMthPointcutAction = function (ctx, next) {
4401 // aspect class do nothing.
4402 var reflects = ctx.reflects;
4403 if (!ctx.target || !isValAspectTag(ctx.type, reflects)) {
4404 return next();
4405 }
4406 var scope = reflects.getActionInjector().getInstance(ProceedingScope_1.ProceedingScope);
4407 var target = ctx.target;
4408 var targetType = ctx.type;
4409 var className = ioc.lang.getClassName(targetType);
4410 var decorators = ctx.targetReflect.defines.getPropertyDescriptors();
4411 var advisor = reflects.getActionInjector().getInstance(IAdvisor.AdvisorToken);
4412 var advicesMap = advisor.getAdviceMap(targetType);
4413 if (advicesMap && advicesMap.size) {
4414 advicesMap.forEach(function (advices, name) {
4415 if (name === 'constructor') {
4416 return;
4417 }
4418 var pointcut = {
4419 name: name,
4420 fullName: className + "." + name,
4421 descriptor: decorators[name]
4422 };
4423 scope.proceed(target, targetType, advices, pointcut);
4424 });
4425 }
4426 next();
4427 };
4428 /**
4429 * before constructor advice actions.
4430 *
4431 * @export
4432 */
4433 exports.BeforeCtorAdviceAction = function (ctx, next) {
4434 // aspect class do nothing.
4435 var reflects = ctx.reflects;
4436 if (!isValAspectTag(ctx.type, reflects)) {
4437 return next();
4438 }
4439 reflects.getActionInjector().getInstance(ioc.ActionInjectorToken)
4440 .getInstance(ProceedingScope_1.ProceedingScope)
4441 .beforeConstr(ctx.type, ctx.getValue(ioc.CTX_PARAMS), ctx.getValue(ioc.CTX_ARGS), ctx.providers);
4442 next();
4443 };
4444 /**
4445 * after constructor advice actions.
4446 *
4447 * @export
4448 */
4449 exports.AfterCtorAdviceAction = function (ctx, next) {
4450 // aspect class do nothing.
4451 var reflects = ctx.reflects;
4452 if (!ctx.target || !isValAspectTag(ctx.type, reflects)) {
4453 return next();
4454 }
4455 reflects.getActionInjector().getInstance(ioc.ActionInjectorToken)
4456 .getInstance(ProceedingScope_1.ProceedingScope)
4457 .afterConstr(ctx.target, ctx.type, ctx.getValue(ioc.CTX_PARAMS), ctx.getValue(ioc.CTX_ARGS), ctx.providers);
4458 next();
4459 };
4460 /**
4461 * regist aspect action.
4462 *
4463 * @export
4464 */
4465 exports.RegistAspectAction = function (ctx, next) {
4466 var type = ctx.type;
4467 var aspectMgr = ctx.reflects.getActionInjector().getInstance(IAdvisor.AdvisorToken);
4468 aspectMgr.add(type);
4469 next();
4470 };
4471 /**
4472 * match pointcut action.
4473 *
4474 * @export
4475 */
4476 exports.MatchPointcutAction = function (ctx, next) {
4477 // aspect class do nothing.
4478 var reflects = ctx.reflects;
4479 if (!isValAspectTag(ctx.type, reflects)) {
4480 return next();
4481 }
4482 var advisor = reflects.getActionInjector().getInstance(IAdvisor.AdvisorToken);
4483 var matcher = reflects.getActionInjector().getInstance(IAdviceMatcher.AdviceMatcherToken);
4484 var targetType = ctx.type;
4485 advisor.aspects.forEach(function (adviceMetas, type) {
4486 var matchpoints = matcher.match(type, targetType, adviceMetas, ctx.target);
4487 matchpoints.forEach(function (mpt) {
4488 var name = mpt.name;
4489 var advice = mpt.advice;
4490 var advices = advisor.getAdvices(targetType, name);
4491 if (!advices) {
4492 advices = {
4493 Before: [],
4494 Pointcut: [],
4495 After: [],
4496 Around: [],
4497 AfterThrowing: [],
4498 AfterReturning: []
4499 };
4500 advisor.setAdvices(targetType, name, advices);
4501 }
4502 var advicer = Object.assign(mpt, {
4503 aspectType: type
4504 });
4505 if (advice.adviceName === 'Before') {
4506 if (!advices.Before.some(function (a) { return equals(a, advicer); })) {
4507 advices.Before.push(advicer);
4508 }
4509 }
4510 else if (advice.adviceName === 'Pointcut') {
4511 if (!advices.Pointcut.some(function (a) { return equals(a, advicer); })) {
4512 advices.Pointcut.push(advicer);
4513 }
4514 }
4515 else if (advice.adviceName === 'Around') {
4516 if (!advices.Around.some(function (a) { return equals(a, advicer); })) {
4517 advices.Around.push(advicer);
4518 }
4519 }
4520 else if (advice.adviceName === 'After') {
4521 if (!advices.After.some(function (a) { return equals(a, advicer); })) {
4522 advices.After.push(advicer);
4523 }
4524 }
4525 else if (advice.adviceName === 'AfterThrowing') {
4526 if (!advices.AfterThrowing.some(function (a) { return equals(a, advicer); })) {
4527 advices.AfterThrowing.push(advicer);
4528 }
4529 }
4530 else if (advice.adviceName === 'AfterReturning') {
4531 if (!advices.AfterReturning.some(function (a) { return equals(a, advicer); })) {
4532 advices.AfterReturning.push(advicer);
4533 }
4534 }
4535 });
4536 });
4537 next();
4538 };
4539 function equals(a, b) {
4540 return a.aspectType === b.aspectType && a.advice.propertyKey === b.advice.propertyKey;
4541 }
4542 /**
4543 * is target can aspect or not.
4544 *
4545 * @export
4546 * @param {Type} targetType
4547 * @returns {boolean}
4548 */
4549 function isValAspectTag(targetType, reflects) {
4550 if (!ioc.isClass(targetType) || ioc.isBaseType(targetType)) {
4551 return false;
4552 }
4553 if (targetType.d0NPT) {
4554 return false;
4555 }
4556 return !reflects.hasMetadata(NonePointcut.NonePointcut, targetType);
4557 }
4558
4559
4560 });
4561
4562 unwrapExports(aopActions);
4563 var aopActions_1 = aopActions.BindMthPointcutAction;
4564 var aopActions_2 = aopActions.BeforeCtorAdviceAction;
4565 var aopActions_3 = aopActions.AfterCtorAdviceAction;
4566 var aopActions_4 = aopActions.RegistAspectAction;
4567 var aopActions_5 = aopActions.MatchPointcutAction;
4568
4569 var AopModule_1 = createCommonjsModule(function (module, exports) {
4570 Object.defineProperty(exports, "__esModule", { value: true });
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580 /**
4581 * aop ext for ioc. auto run setup after registered.
4582 * @export
4583 * @class AopModule
4584 */
4585 var AopModule = /** @class */ (function () {
4586 function AopModule() {
4587 }
4588 /**
4589 * register aop for container.
4590 *
4591 * @memberof AopModule
4592 */
4593 AopModule.prototype.setup = function (container) {
4594 var actInjector = container.getSingleton(ioc.ActionInjector);
4595 var reflects = container.getSingleton(ioc.TypeReflectsToken);
4596 actInjector
4597 .setSingleton(IAdvisor.AdvisorToken, new Advisor_1.Advisor(reflects), Advisor_1.Advisor)
4598 .setSingleton(IAdviceMatcher.AdviceMatcherToken, new AdviceMatcher_1.AdviceMatcher(reflects), AdviceMatcher_1.AdviceMatcher);
4599 actInjector.regAction(ProceedingScope_1.ProceedingScope);
4600 actInjector.getInstance(ioc.BeforeCtorScope)
4601 .useBefore(aopActions.BeforeCtorAdviceAction);
4602 actInjector.getInstance(ioc.AfterCtorScope)
4603 // .use(ExetndsInstanceAction)
4604 .use(aopActions.AfterCtorAdviceAction);
4605 actInjector.getInstance(ioc.RuntimeMthScope)
4606 .useBefore(aopActions.BindMthPointcutAction);
4607 actInjector.getInstance(ioc.RuntimeLifeScope)
4608 .useBefore(aopActions.MatchPointcutAction, ioc.CtorArgsAction);
4609 actInjector.getInstance(ioc.DesignRegisterer)
4610 .register(Aspect.Aspect, 'Class', ioc.TypeProviderAction, aopActions.RegistAspectAction);
4611 actInjector.getInstance(ioc.RuntimeRegisterer)
4612 .register(Aspect.Aspect, 'Class', ioc.RegSingletionAction);
4613 };
4614 tslib.__decorate([
4615 tslib.__param(0, ioc.Inject(ioc.IocContainerToken)),
4616 tslib.__metadata("design:type", Function),
4617 tslib.__metadata("design:paramtypes", [Object]),
4618 tslib.__metadata("design:returntype", void 0)
4619 ], AopModule.prototype, "setup", null);
4620 AopModule = tslib.__decorate([
4621 ioc.IocExt(),
4622 tslib.__metadata("design:paramtypes", [])
4623 ], AopModule);
4624 return AopModule;
4625 }());
4626 exports.AopModule = AopModule;
4627
4628
4629 });
4630
4631 unwrapExports(AopModule_1);
4632 var AopModule_2 = AopModule_1.AopModule;
4633
4634 var src = createCommonjsModule(function (module, exports) {
4635 Object.defineProperty(exports, "__esModule", { value: true });
4636
4637 // decorators
4638 tslib.__exportStar(Advice, exports);
4639 tslib.__exportStar(Aspect, exports);
4640 tslib.__exportStar(After, exports);
4641 tslib.__exportStar(AfterReturning, exports);
4642 tslib.__exportStar(AfterThrowing, exports);
4643 tslib.__exportStar(Around, exports);
4644 tslib.__exportStar(Before, exports);
4645 tslib.__exportStar(Pointcut, exports);
4646 tslib.__exportStar(NonePointcut, exports);
4647 // joinpoints
4648 tslib.__exportStar(JoinpointState_1, exports);
4649 tslib.__exportStar(Joinpoint_1, exports);
4650 tslib.__exportStar(Advices, exports);
4651 tslib.__exportStar(ProceedingScope_1, exports);
4652 tslib.__exportStar(IAdvisor, exports);
4653 tslib.__exportStar(Advisor_1, exports);
4654 tslib.__exportStar(AdviceMatcher_1, exports);
4655 tslib.__exportStar(AopModule_1, exports);
4656 // actions
4657 tslib.__exportStar(aopActions, exports);
4658
4659
4660 });
4661
4662 var index = unwrapExports(src);
4663
4664 return index;
4665
4666})));
4667
4668});
4669
4670unwrapExports(aop_umd);
4671
4672var AuthenticatedVaildate_1 = createCommonjsModule(function (module, exports) {
4673Object.defineProperty(exports, "__esModule", { value: true });
4674
4675
4676
4677
4678let AuthenticatedVaildate = class AuthenticatedVaildate {
4679 vaildate(ctx, authAnnotation, joinPoint) {
4680 if (!ioc.isFunction(ctx.isAuthenticated)) {
4681 return;
4682 }
4683 if (!ctx.isAuthenticated()) {
4684 throw new mvc.UnauthorizedError();
4685 }
4686 }
4687 static d0Ann() {
4688 return { "name": "AuthenticatedVaildate", "params": { "vaildate": ["ctx", "authAnnotation", "joinPoint"] } };
4689 }
4690};
4691tslib.__decorate([
4692 aop_umd.Before(mvc.AuthorizationPointcut, 'authAnnotation'),
4693 tslib.__param(0, ioc.Inject(mvc.ContextToken)),
4694 tslib.__metadata("design:type", Function),
4695 tslib.__metadata("design:paramtypes", [Object, Array, aop_umd.Joinpoint]),
4696 tslib.__metadata("design:returntype", void 0)
4697], AuthenticatedVaildate.prototype, "vaildate", null);
4698AuthenticatedVaildate = tslib.__decorate([
4699 aop_umd.Aspect()
4700], AuthenticatedVaildate);
4701exports.AuthenticatedVaildate = AuthenticatedVaildate;
4702
4703
4704});
4705
4706unwrapExports(AuthenticatedVaildate_1);
4707var AuthenticatedVaildate_2 = AuthenticatedVaildate_1.AuthenticatedVaildate;
4708
4709var RoleVaildate_1 = createCommonjsModule(function (module, exports) {
4710Object.defineProperty(exports, "__esModule", { value: true });
4711
4712
4713
4714
4715let RoleVaildate = class RoleVaildate {
4716 vaildate(ctx, authAnnotation, joinPoint) {
4717 if (ioc.isFunction(ctx.hasRole) && authAnnotation && authAnnotation.length) {
4718 if (!ctx.hasRole(...authAnnotation.map(a => a.role).filter(a => a))) {
4719 throw new mvc.ForbiddenError();
4720 }
4721 }
4722 }
4723 static d0Ann() {
4724 return { "name": "RoleVaildate", "params": { "vaildate": ["ctx", "authAnnotation", "joinPoint"] } };
4725 }
4726};
4727tslib.__decorate([
4728 aop_umd.Before(mvc.AuthorizationPointcut, 'authAnnotation'),
4729 tslib.__param(0, ioc.Inject(mvc.ContextToken)),
4730 tslib.__metadata("design:type", Function),
4731 tslib.__metadata("design:paramtypes", [Object, Array, aop_umd.Joinpoint]),
4732 tslib.__metadata("design:returntype", void 0)
4733], RoleVaildate.prototype, "vaildate", null);
4734RoleVaildate = tslib.__decorate([
4735 aop_umd.Aspect()
4736], RoleVaildate);
4737exports.RoleVaildate = RoleVaildate;
4738
4739
4740});
4741
4742unwrapExports(RoleVaildate_1);
4743var RoleVaildate_2 = RoleVaildate_1.RoleVaildate;
4744
4745var vaildates = createCommonjsModule(function (module, exports) {
4746Object.defineProperty(exports, "__esModule", { value: true });
4747
4748tslib.__exportStar(AuthenticatedVaildate_1, exports);
4749tslib.__exportStar(RoleVaildate_1, exports);
4750
4751
4752});
4753
4754unwrapExports(vaildates);
4755
4756var ControllerAuthRegisterAction = createCommonjsModule(function (module, exports) {
4757Object.defineProperty(exports, "__esModule", { value: true });
4758
4759
4760/**
4761 * the routes need to auth.
4762 */
4763exports.AuthRoutesToken = new ioc.InjectToken('identify_auth_routes');
4764exports.ControllerAuthRegisterAction = (ctx, next) => {
4765 if (ioc.hasOwnClassMetadata(mvc.Authorization, ctx.type) || ioc.hasMethodMetadata(mvc.Authorization, ctx.type)) {
4766 let ctrlmetadatas = ioc.getTypeMetadata(mvc.Controller, ctx.type);
4767 let routers = ctx.injector.get(exports.AuthRoutesToken);
4768 ctrlmetadatas.forEach(ctlmeta => {
4769 if (!ctlmeta) {
4770 return;
4771 }
4772 let prefix = ctlmeta.routePrefix;
4773 if (prefix && !/^\//.test(prefix)) {
4774 prefix = '/' + prefix;
4775 }
4776 routers.add(prefix);
4777 });
4778 }
4779 next();
4780};
4781
4782
4783});
4784
4785unwrapExports(ControllerAuthRegisterAction);
4786var ControllerAuthRegisterAction_1 = ControllerAuthRegisterAction.AuthRoutesToken;
4787var ControllerAuthRegisterAction_2 = ControllerAuthRegisterAction.ControllerAuthRegisterAction;
4788
4789var IdentityStartupService_1 = createCommonjsModule(function (module, exports) {
4790Object.defineProperty(exports, "__esModule", { value: true });
4791
4792
4793
4794
4795let IdentityStartupService = class IdentityStartupService extends mvc.BeforeMidddlewareStartupService {
4796 async startup(ctx, middlewares) {
4797 let passport = ctx.injector.get(passports.AuthenticatorToken);
4798 let services = ctx.injector.getServices(passports.PassportBuildService);
4799 // config build first.
4800 let cfs = services.find(s => s instanceof passports.ConfigurePassportBuildService);
4801 if (cfs && services.indexOf(cfs) > 0) {
4802 services.splice(services.indexOf(cfs), 1);
4803 services.unshift(cfs);
4804 }
4805 await Promise.all(services.map(s => s.build(passport, ctx.getConfiguration())));
4806 }
4807 static d0Ann() {
4808 return { "name": "IdentityStartupService", "params": { "startup": ["ctx", "middlewares"] } };
4809 }
4810};
4811IdentityStartupService = tslib.__decorate([
4812 ioc.Singleton
4813], IdentityStartupService);
4814exports.IdentityStartupService = IdentityStartupService;
4815
4816
4817});
4818
4819unwrapExports(IdentityStartupService_1);
4820var IdentityStartupService_2 = IdentityStartupService_1.IdentityStartupService;
4821
4822var IdentityModule_1 = createCommonjsModule(function (module, exports) {
4823Object.defineProperty(exports, "__esModule", { value: true });
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835let IdentitySetupModule = class IdentitySetupModule {
4836 constructor() {
4837 }
4838 setup(container) {
4839 container.bindProvider(ControllerAuthRegisterAction.AuthRoutesToken, new Set());
4840 let actjtr = container.getInstance(ioc.ActionInjectorToken);
4841 actjtr.register(ControllerAuthRegisterAction.ControllerAuthRegisterAction);
4842 let dreger = actjtr.getInstance(ioc.DesignRegisterer);
4843 dreger.register(mvc.Controller, 'Class', ControllerAuthRegisterAction.ControllerAuthRegisterAction);
4844 }
4845 static d0Ann() {
4846 return { "name": "IdentitySetupModule", "params": { "constructor": [], "setup": ["container"] } };
4847 }
4848};
4849tslib.__decorate([
4850 tslib.__param(0, ioc.Inject(core.ContainerToken)),
4851 tslib.__metadata("design:type", Function),
4852 tslib.__metadata("design:paramtypes", [Object]),
4853 tslib.__metadata("design:returntype", void 0)
4854], IdentitySetupModule.prototype, "setup", null);
4855IdentitySetupModule = tslib.__decorate([
4856 ioc.IocExt(),
4857 tslib.__metadata("design:paramtypes", [])
4858], IdentitySetupModule);
4859let IdentityModule = class IdentityModule {
4860 static d0Ann() {
4861 return { "name": "IdentityModule", "params": {} };
4862 }
4863};
4864IdentityModule = tslib.__decorate([
4865 boot.DIModule({
4866 regIn: 'root',
4867 imports: [
4868 IdentitySetupModule,
4869 components.ComponentsModule,
4870 components.ElementModule
4871 ],
4872 providers: [
4873 IdentityStartupService_1.IdentityStartupService,
4874 [passports, vaildates, middlewares]
4875 ]
4876 })
4877], IdentityModule);
4878exports.IdentityModule = IdentityModule;
4879
4880
4881});
4882
4883unwrapExports(IdentityModule_1);
4884var IdentityModule_2 = IdentityModule_1.IdentityModule;
4885
4886var es2017 = createCommonjsModule(function (module, exports) {
4887Object.defineProperty(exports, "__esModule", { value: true });
4888
4889tslib.__exportStar(errors, exports);
4890tslib.__exportStar(middlewares, exports);
4891tslib.__exportStar(passports, exports);
4892tslib.__exportStar(stores, exports);
4893tslib.__exportStar(vaildates, exports);
4894tslib.__exportStar(IdentityModule_1, exports);
4895tslib.__exportStar(services, exports);
4896tslib.__exportStar(ControllerAuthRegisterAction, exports);
4897
4898
4899});
4900
4901var index = unwrapExports(es2017);
4902
4903module.exports = index;
4904//# sourceMappingURL=identity.js.map