brightspace-auth-token
Advanced tools
Comparing version 6.0.2 to 7.0.0
{ | ||
"name": "brightspace-auth-token", | ||
"version": "6.0.2", | ||
"version": "7.0.0", | ||
"description": "Helper for interacting with an incoming Brightspace JWT", | ||
"files": [ | ||
"src", | ||
"README.md", | ||
"LICENSE" | ||
], | ||
"main": "src/index.js", | ||
"scripts": { | ||
"test": "nyc --all --produce-source-map --require source-map-support --exclude spec mocha spec" | ||
"test": "nyc --all --produce-source-map --require source-map-support/register --exclude spec mocha spec" | ||
}, | ||
@@ -17,5 +22,9 @@ "author": "D2L Corporation", | ||
"type": "git", | ||
"url": "git+ssh://git@github.com/Brightspace/node-auth.git" | ||
"url": "git+ssh://git@github.com/Brightspace/node-auth.git", | ||
"directory": "packages/node_modules/brightspace-auth-token" | ||
}, | ||
"engines": { | ||
"node": ">=10.12.0" | ||
}, | ||
"dependencies": {} | ||
} |
@@ -93,3 +93,3 @@ # brightspace-auth-token | ||
#### `.context` -> `Symbol` | ||
#### `.context` -> `String` | ||
@@ -96,0 +96,0 @@ ___ |
118
src/index.js
'use strict'; | ||
const contexts = require('./contexts'); | ||
function hasPermissionInResource(resource, permission) { | ||
return resource.has('*') || resource.has(permission); | ||
} | ||
function BrightspaceAuthToken(decodedPayload, source) { | ||
if ('object' !== typeof decodedPayload | ||
|| 'string' !== typeof source) { | ||
throw new Error('Invalid arguments, expected (Object, String)'); | ||
function hasResourcePermissionInGroup(group, resource, permission) { | ||
const wild = group.get('*'); | ||
if (!!wild && hasPermissionInResource(wild, permission)) { | ||
return true; | ||
} | ||
if (!(this instanceof BrightspaceAuthToken)) { | ||
return new BrightspaceAuthToken(decodedPayload, source); | ||
} | ||
this._cacheKey = null; | ||
this._context = null; | ||
this._scope = null; | ||
this._source = decodedPayload; | ||
this.source = source; | ||
this.tenant = decodedPayload.tenantid; | ||
this.user = decodedPayload.sub; | ||
this.actualUser = decodedPayload.actualsub !== undefined | ||
? decodedPayload.actualsub | ||
: this.user; | ||
const permissions = group.get(resource); | ||
return !!permissions && hasPermissionInResource(permissions, permission); | ||
} | ||
BrightspaceAuthToken.prototype.isGlobalContext = function isGlobalContext() { | ||
// calls getter | ||
return contexts.Global === this.context; | ||
}; | ||
class BrightspaceAuthToken { | ||
constructor(decodedPayload, source) { | ||
if ('object' !== typeof decodedPayload | ||
|| 'string' !== typeof source) { | ||
throw new Error('Invalid arguments, expected (Object, String)'); | ||
} | ||
BrightspaceAuthToken.prototype.isTenantContext = function isTenantContext() { | ||
// calls getter | ||
return contexts.Tenant === this.context; | ||
}; | ||
this._cacheKey = null; | ||
this._scope = null; | ||
BrightspaceAuthToken.prototype.isUserContext = function isUserContext() { | ||
// calls getter | ||
return contexts.User === this.context; | ||
}; | ||
this._source = decodedPayload; | ||
this.source = source; | ||
this.tenant = decodedPayload.tenantid; | ||
this.user = decodedPayload.sub; | ||
this.actualUser = decodedPayload.actualsub !== undefined | ||
? decodedPayload.actualsub | ||
: this.user; | ||
BrightspaceAuthToken.prototype.isImpersonating = function isImpersonating() { | ||
return this.isUserContext() && this.user !== this.actualUser; | ||
}; | ||
Object.defineProperty(BrightspaceAuthToken.prototype, 'context', { | ||
get: function() { | ||
let context = this._context; | ||
if (null !== context) { | ||
return context; | ||
} | ||
if ('undefined' !== typeof this.user) { | ||
context = this._context = contexts.User; | ||
this.context = 'user'; | ||
} else if ('undefined' !== typeof this.tenant) { | ||
context = this._context = contexts.Tenant; | ||
this.context = 'tenant'; | ||
} else { | ||
context = this._context = contexts.Global; | ||
this.context = 'global'; | ||
} | ||
} | ||
return context; | ||
isGlobalContext() { | ||
return 'global' === this.context; | ||
} | ||
}); | ||
function hasPermissionInResource(resource, permission) { | ||
return resource.has('*') || resource.has(permission); | ||
} | ||
isTenantContext() { | ||
return 'tenant' === this.context; | ||
} | ||
function hasResourcePermissionInGroup(group, resource, permission) { | ||
const wild = group.get('*'); | ||
if (!!wild && hasPermissionInResource(wild, permission)) { | ||
return true; | ||
isUserContext() { | ||
return 'user' === this.context; | ||
} | ||
const permissions = group.get(resource); | ||
return !!permissions && hasPermissionInResource(permissions, permission); | ||
} | ||
isImpersonating() { | ||
return this.isUserContext() && this.user !== this.actualUser; | ||
} | ||
BrightspaceAuthToken.prototype.hasScope = function hasScope(group, resource, permission) { | ||
// calls getter | ||
const scope = this.scope; | ||
hasScope(group, resource, permission) { | ||
// calls getter | ||
const scope = this.scope; | ||
const wild = scope.get('*'); | ||
if (!!wild && hasResourcePermissionInGroup(wild, resource, permission)) { | ||
return true; | ||
const wild = scope.get('*'); | ||
if (!!wild && hasResourcePermissionInGroup(wild, resource, permission)) { | ||
return true; | ||
} | ||
const resources = scope.get(group); | ||
return !!resources && hasResourcePermissionInGroup(resources, resource, permission); | ||
} | ||
} | ||
const resources = scope.get(group); | ||
return !!resources && hasResourcePermissionInGroup(resources, resource, permission); | ||
}; | ||
Object.defineProperty(BrightspaceAuthToken.prototype, 'scope', { | ||
@@ -166,2 +147,1 @@ get: function() { | ||
module.exports = BrightspaceAuthToken; | ||
module.exports.contexts = contexts; |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
17749
4
116