@mojaloop/security-bc-client-lib - npm Package Compare versions

Comparing version 0.3.6 to 0.3.7

dist/auth_http_requester.d.ts

@@ -7,2 +7,3 @@ /// <reference lib="dom" />
     private readonly _authTokenUrl;
+    private readonly _defaultTimeoutMs;
     private _authMode;
@@ -9,0 +10,0 @@ private _client_id;

dist/auth_http_requester.js

@@ -62,2 +62,3 @@ /// <reference lib="dom" />
     _authTokenUrl;
+    _defaultTimeoutMs;
     _authMode;
@@ -80,2 +81,3 @@ _client_id = null;
         this._authTokenUrl = authTokenUrl;
+        this._defaultTimeoutMs = timeoutMs;
     }
@@ -98,3 +100,3 @@ get initialised() {
     }
-    async fetch(requestInfo, timeoutMs = DEFAULT_TIMEOUT_MS) {
+    async fetch(requestInfo, timeoutMs) {
         if (!this._initialised) {
@@ -111,3 +113,3 @@ return Promise.reject(new Error("Uninitialised, please call setUserCredentials() or setAppCredentials() before using fetch()"));
             };
-            this._queue.push(new AuthenticatedHttpRequesterQueueItem(requestInfo, callback, timeoutMs));
+            this._queue.push(new AuthenticatedHttpRequesterQueueItem(requestInfo, callback, timeoutMs || this._defaultTimeoutMs));
         });
@@ -131,5 +133,4 @@ }
         this._queue_processing = true;
-        const controller = new AbortController();
         const options = {
-            signal: controller.signal,
+            signal: AbortSignal.timeout(item.timeoutMs),
             headers: [
@@ -140,18 +141,6 @@ ["Content-Type", "application/json"],
         };
-        const timeoutId = setTimeout(() => {
-            controller.abort();
-        }, item.timeoutMs);
         fetch(item.requestInfo, options).then((response) => {
-            clearTimeout(timeoutId);
-            // if (response.status === 401) { // UnauthorizedError (bad/no token)
-            //     item.callback(null, response);
-            //     return;
-            // }else if (response.status === 403) { // ForbiddenError (missing role/privs)
-            //     item.callback(null, response);
-            //     return;
-            // }
             item.callback(null, response);
         }).catch(reason => {
             // When abort() is called, the fetch() promise rejects with a DOMException named AbortError
-            clearTimeout(timeoutId);
             if (reason instanceof DOMException && reason.name === "AbortError") {
@@ -158,0 +147,0 @@ item.callback(new errors_1.RequestTimeoutError(), null);

dist/authorization_client.d.ts

@@ -31,3 +31,3 @@ /*****
 import { ILogger } from "@mojaloop/logging-bc-public-types-lib";
-import { IAuthorizationClient } from "@mojaloop/security-bc-public-types-lib";
+import { IAuthenticatedHttpRequester, IAuthorizationClient } from "@mojaloop/security-bc-public-types-lib";
 import { IMessageConsumer } from "@mojaloop/platform-shared-lib-messaging-types-lib";
@@ -44,10 +44,10 @@ export type PrivilegesByRole = {
     private readonly _applicationVersion;
-    private _logger;
-    private _authSvcBaseUrl;
-    private _client;
+    private readonly _authSvcBaseUrl;
+    private readonly _authRequester;
+    private readonly _messageConsumer;
+    private readonly _logger;
     private _rolePrivileges;
     private _lastFetchTimestamp;
     private _privileges;
-    private _messageConsumer;
-    constructor(boundedContext: string, application: string, version: string, authSvcBaseUrl: string, logger: ILogger, messageConsumer?: IMessageConsumer | null);
+    constructor(boundedContext: string, application: string, version: string, authSvcBaseUrl: string, logger: ILogger, authRequester: IAuthenticatedHttpRequester, messageConsumer?: IMessageConsumer | null);
     bootstrap(ignoreDuplicateError?: boolean): Promise<boolean>;
@@ -54,0 +54,0 @@ fetch(): Promise<void>;

dist/authorization_client.js

@@ -33,4 +33,3 @@ /*****
 exports.AuthorizationClient = void 0;
-const tslib_1 = require("tslib");
-const axios_1 = tslib_1.__importDefault(require("axios"));
+const security_bc_public_types_lib_1 = require("@mojaloop/security-bc-public-types-lib");
 const platform_shared_lib_messaging_types_lib_1 = require("@mojaloop/platform-shared-lib-messaging-types-lib");
@@ -42,10 +41,10 @@ const platform_shared_lib_public_messages_lib_1 = require("@mojaloop/platform-shared-lib-public-messages-lib");
     _applicationVersion;
+    _authSvcBaseUrl;
+    _authRequester;
+    _messageConsumer;
     _logger;
-    _authSvcBaseUrl;
-    _client;
     _rolePrivileges = null;
     _lastFetchTimestamp = null;
     _privileges = [];
-    _messageConsumer;
-    constructor(boundedContext, application, version, authSvcBaseUrl, logger, messageConsumer = null) {
+    constructor(boundedContext, application, version, authSvcBaseUrl, logger, authRequester, messageConsumer = null) {
         this._logger = logger.createChild(this.constructor.name);
@@ -56,9 +55,4 @@ this._boundedContextName = boundedContext;
         this._authSvcBaseUrl = authSvcBaseUrl;
+        this._authRequester = authRequester;
         this._messageConsumer = messageConsumer;
-        axios_1.default.defaults.baseURL = authSvcBaseUrl;
-        this._client = axios_1.default.create({
-            baseURL: authSvcBaseUrl,
-            timeout: 1000,
-            //headers: {'X-Custom-Header': 'foobar'} TODO config svc authentication
-        });
     }
@@ -72,31 +66,55 @@ async bootstrap(ignoreDuplicateError = true) {
         };
-        return await new Promise((resolve, reject) => {
-            this._client.post("/bootstrap", appPrivileges).then((resp) => {
-                //this._logger.debug(resp.data);
+        const url = new URL("/bootstrap", this._authSvcBaseUrl).toString();
+        const request = new Request(url, {
+            method: "POST",
+            body: JSON.stringify(appPrivileges),
+        });
+        try {
+            const resp = await this._authRequester.fetch(request);
+            if (resp.status === 401) {
+                throw new security_bc_public_types_lib_1.UnauthorizedError(`Could not bootstrap privileges to Authentication Service - UnauthorizedError - ${await resp.text()}`);
+            }
+            else if (resp.status === 403) {
+                throw new security_bc_public_types_lib_1.ForbiddenError(`Could not bootstrap privileges to Authentication Service - Forbidden - ${await resp.text()}`);
+            }
+            else if (resp.status === 200 || (ignoreDuplicateError === true && resp.status === 409)) {
                 this._logger.info("Boostrap completed successfully");
-                resolve(true);
-            }).catch((err) => {
-                if (err.response && err.response.status === 409 && ignoreDuplicateError === true) {
-                    return resolve(true);
-                }
-                this._logger.error(err, "Could not bootstrap privileges to Authentication Service");
-                // axios errors are too verbose for the caller, already logged line above
-                reject(new Error(err.message));
-            });
-        });
+                return true;
+            }
+            else {
+                throw new Error("Could not bootstrap privileges to Authentication Service - http response code: " + resp.status);
+            }
+        }
+        catch (err) {
+            this._logger.error(err, "Could not bootstrap privileges to Authentication Service");
+            throw new Error(err?.message || "Could not bootstrap privileges to Authentication Service");
+        }
     }
     async fetch() {
-        const url = `/appRoles?bcName=${this._boundedContextName}&appName=${this._applicationName}`;
-        return await new Promise((resolve, reject) => {
-            this._client.get(url).then((resp) => {
+        const url = new URL("/appRoles", this._authSvcBaseUrl);
+        url.searchParams.append("bcName", this._boundedContextName);
+        url.searchParams.append("appName", this._applicationName);
+        try {
+            const resp = await this._authRequester.fetch(url.toString());
+            if (resp.status === 401) {
+                throw new security_bc_public_types_lib_1.UnauthorizedError(`Error boostrapBoundedContextConfigs - UnauthorizedError - ${await resp.text()}`);
+            }
+            else if (resp.status === 403) {
+                throw new security_bc_public_types_lib_1.ForbiddenError(`Error boostrapBoundedContextConfigs - Forbidden - ${await resp.text()}`);
+            }
+            else if (resp.status === 200) {
                 this._logger.info("Role privileges associations received successfully");
-                this._rolePrivileges = resp.data;
+                const data = await resp.json();
+                this._rolePrivileges = data;
                 this._lastFetchTimestamp = Date.now();
-                resolve();
-            }).catch((err) => {
-                this._logger.error(err, "Could not fetch role privileges association from Authentication Service");
-                // axios errors are too verbose for the caller, already logged line above
-                reject(new Error(err.message));
-            });
-        });
+                return;
+            }
+            else {
+                throw new Error("Invalid response from Authentication Service fetching role privileges association - http response code: " + resp.status);
+            }
+        }
+        catch (err) {
+            this._logger.error(err, "Could not fetch role privileges association from Authentication Service");
+            throw new Error(err?.message || "Unknown error fetching role privileges association from Authentication Service");
+        }
     }
@@ -103,0 +121,0 @@ async init() {

package.json

 {
   "name": "@mojaloop/security-bc-client-lib",
-  "version": "0.3.6",
+  "version": "0.3.7",
   "description": "Mojaloop security authentication and authorization client library",
@@ -44,3 +44,2 @@ "license": "Apache-2.0",
     "@mojaloop/security-bc-public-types-lib": "~0.3.4",
-    "axios": "^1.6.0",
     "jsonwebtoken": "^9.0.2",
@@ -47,0 +46,0 @@ "jwks-rsa": "^3.1.0",

No alert changes

Improved metrics

Total package byte prevSize

75254

increased by1.7%

Dependency count

7

decreased by-12.5%

Lines of code

1081

increased by0.75%

Dependency changes

• - Removedaxios@^1.6.0

• - Removedasynckit@0.4.0(transitive)

• - Removedaxios@1.7.9(transitive)

• - Removedcall-bind-apply-helpers@1.0.2(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removeddunder-proto@1.0.1(transitive)

• - Removedes-define-property@1.0.1(transitive)

• - Removedes-errors@1.3.0(transitive)

• - Removedes-object-atoms@1.1.1(transitive)

• - Removedes-set-tostringtag@2.1.0(transitive)

• - Removedfollow-redirects@1.15.9(transitive)

• - Removedform-data@4.0.2(transitive)

• - Removedfunction-bind@1.1.2(transitive)

• - Removedget-intrinsic@1.3.0(transitive)

• - Removedget-proto@1.0.1(transitive)

• - Removedgopd@1.2.0(transitive)

• - Removedhas-symbols@1.1.0(transitive)

• - Removedhas-tostringtag@1.0.2(transitive)

• - Removedhasown@2.0.2(transitive)

• - Removedmath-intrinsics@1.1.0(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedproxy-from-env@1.1.0(transitive)