From 4969b0963ddb2c8aff200c3e5c30370f7e492360 Mon Sep 17 00:00:00 2001 From: Patrick Roza Date: Sat, 18 Nov 2023 12:38:17 +0100 Subject: [PATCH] prepare express cleanup --- packages/infra/_src/api/authorization.jwt.ts | 52 -------------- packages/infra/package.json | 15 +---- pnpm-lock.yaml | 71 -------------------- 3 files changed, 3 insertions(+), 135 deletions(-) delete mode 100644 packages/infra/_src/api/authorization.jwt.ts diff --git a/packages/infra/_src/api/authorization.jwt.ts b/packages/infra/_src/api/authorization.jwt.ts deleted file mode 100644 index 2e8c435ce..000000000 --- a/packages/infra/_src/api/authorization.jwt.ts +++ /dev/null @@ -1,52 +0,0 @@ -// import { configM, UserSVC } from "@/services.js" -import * as Ex from "@effect-app/infra-adapters/express" -import { expressjwt } from "express-jwt" -import jwtAuthz from "express-jwt-authz" -import jwksRsa from "jwks-rsa" - -// Authorization middleware. When used, the -// Access Token must exist and be verified against -// the Auth0 JSON Web Key Set -export const checkJwt = (audience: string, issuer: string) => - expressjwt({ - // Dynamically provide a signing key - // based on the kid in the header and - // the signing keys provided by the JWKS endpoint. - secret: jwksRsa.expressJwtSecret({ - cache: true, - rateLimit: true, - jwksRequestsPerMinute: 5, - jwksUri: `${issuer}/.well-known/jwks.json` - }) as jwksRsa.GetVerificationKey, - - // Validate the audience and the issuer. - audience, - issuer: [issuer + "/"], - algorithms: ["RS256"] - }) - -const demandScopes = jwtAuthz([]) - -// export const auth = configM( -// (cfg) => -// cfg.AUTH_DISABLED -// ? Effect.unit -// : Ex.use(Ex.classic(checkJwt)) > Ex.use(Ex.classic(demandScopes)) // TODO -// ) -export const scopes = Ex.classic(demandScopes) - -/* - configM(cfg => { - const handleJwt = Ex.classic( - checkJwt(cfg.AUTH0_AUDIENCE, cfg.AUTH0_ISSUER_BASE_URL) - ) - return ( - cfg.AUTH_DISABLED - ? Effect(null) - : // eslint-disable-next-line @typescript-eslint/no-empty-function - handleJwt(req, res, () => scopes(req, res, () => {})) - ).zipRight( - cfg.AUTH_DISABLED - // .. - ).toLayer(UserProfile) -*/ diff --git a/packages/infra/package.json b/packages/infra/package.json index b94f03aeb..14c3b86f2 100644 --- a/packages/infra/package.json +++ b/packages/infra/package.json @@ -33,8 +33,6 @@ "@types/redis": "^2.8.32", "@types/redlock": "^4.0.7", "express": "^4.18.2", - "express-jwt": "^8.4.1", - "express-jwt-authz": "^2.4.1", "jwks-rsa": "2.1.4", "jwt-decode": "^4.0.0", "mongodb": "6.3.0", @@ -43,6 +41,9 @@ "typescript": "npm:@effect-app/typescript@5.4.0-tsplus.202311072", "vitest": "^0.34.6" }, + "peerDependencies": { + "express": "^4.18.2" + }, "typesVersions": { "*": { "*": [ @@ -111,16 +112,6 @@ "default": "./_cjs/_global.schema.cjs" } }, - "./api/authorization.jwt": { - "import": { - "types": "./dist/api/authorization.jwt.d.ts", - "default": "./dist/api/authorization.jwt.js" - }, - "require": { - "types": "./dist/api/authorization.jwt.d.ts", - "default": "./_cjs/api/authorization.jwt.cjs" - } - }, "./api/codec": { "import": { "types": "./dist/api/codec.d.ts", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 92be7601b..fd4fac469 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -438,12 +438,6 @@ importers: express: specifier: ^4.18.2 version: 4.18.2 - express-jwt: - specifier: ^8.4.1 - version: 8.4.1 - express-jwt-authz: - specifier: ^2.4.1 - version: 2.4.1(@types/express@4.17.21)(express@4.18.2) jwks-rsa: specifier: 2.1.4 version: 2.1.4 @@ -2665,12 +2659,6 @@ packages: '@types/node': 18.11.12 dev: true - /@types/jsonwebtoken@9.0.0: - resolution: {integrity: sha512-mM4TkDpA9oixqg1Fv2vVpOFyIVLJjm5x4k0V+K/rEsizfjD7Tk7LKk3GTtbB7KCfP0FEHQtsZqFxYA0+sijNVg==} - dependencies: - '@types/node': 18.11.12 - dev: true - /@types/lodash@4.14.201: resolution: {integrity: sha512-y9euML0cim1JrykNxADLfaG0FgD1g/yTHwUs/Jg9ZIU7WKj2/4IW9Lbb1WZbvck78W/lfGXFfe+u2EGfIJXdLQ==} dev: true @@ -3661,10 +3649,6 @@ packages: engines: {node: '>=16.20.1'} dev: true - /buffer-equal-constant-time@1.0.1: - resolution: {integrity: sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==} - dev: true - /buffer-from@1.1.2: resolution: {integrity: sha512-E+XQCRwSbaaiChtv6k6Dwgc+bx+Bs6vuKJHHl5kox/BaKbhiXzqQOwK4cO22yElGp2OCmjwVhT3HmxgyPGnJfQ==} dev: true @@ -4517,12 +4501,6 @@ packages: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} dev: true - /ecdsa-sig-formatter@1.0.11: - resolution: {integrity: sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==} - dependencies: - safe-buffer: 5.2.1 - dev: true - /ee-first@1.1.1: resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==} dev: true @@ -5139,30 +5117,6 @@ packages: jest-message-util: 26.6.2 jest-regex-util: 26.0.0 - /express-jwt-authz@2.4.1(@types/express@4.17.21)(express@4.18.2): - resolution: {integrity: sha512-ruH86e2NvWicG9maStztyAyBJV0E8RsInXUm6Kuc/9pDtVJmJw3qigv1MEVs5bH+aksZuxocYZdz+N1V/9F+Dg==} - engines: {node: '>=6'} - peerDependencies: - '@types/express': ^4.0.0 - express: ^4.0.0 - dependencies: - '@types/express': 4.17.21 - express: 4.18.2 - dev: true - - /express-jwt@8.4.1: - resolution: {integrity: sha512-IZoZiDv2yZJAb3QrbaSATVtTCYT11OcqgFGoTN4iKVyN6NBkBkhtVIixww5fmakF0Upt5HfOxJuS6ZmJVeOtTQ==} - engines: {node: '>= 8.0.0'} - dependencies: - '@types/jsonwebtoken': 9.0.0 - express-unless: 2.1.3 - jsonwebtoken: 9.0.0 - dev: true - - /express-unless@2.1.3: - resolution: {integrity: sha512-wj4tLMyCVYuIIKHGt0FhCtIViBcwzWejX0EjNxveAa6dG+0XBCQhMbx+PnkLkFCxLC69qoFrxds4pIyL88inaQ==} - dev: true - /express@4.18.2: resolution: {integrity: sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==} engines: {node: '>= 0.10.0'} @@ -6422,27 +6376,9 @@ packages: engines: {'0': node >= 0.2.0} dev: true - /jsonwebtoken@9.0.0: - resolution: {integrity: sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==} - engines: {node: '>=12', npm: '>=6'} - dependencies: - jws: 3.2.2 - lodash: 4.17.21 - ms: 2.1.3 - semver: 7.5.4 - dev: true - /jssha@3.3.0: resolution: {integrity: sha512-w9OtT4ALL+fbbwG3gw7erAO0jvS5nfvrukGPMWIAoea359B26ALXGpzy4YJSp9yGnpUvuvOw1nSjSoHDfWSr1w==} - /jwa@1.4.1: - resolution: {integrity: sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==} - dependencies: - buffer-equal-constant-time: 1.0.1 - ecdsa-sig-formatter: 1.0.11 - safe-buffer: 5.2.1 - dev: true - /jwks-rsa@2.1.4: resolution: {integrity: sha512-mpArfgPkUpX11lNtGxsF/szkasUcbWHGplZl/uFvFO2NuMHmt0dQXIihh0rkPU2yQd5niQtuUHbXnG/WKiXF6Q==} engines: {node: '>=10 < 13 || >=14'} @@ -6457,13 +6393,6 @@ packages: - supports-color dev: true - /jws@3.2.2: - resolution: {integrity: sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==} - dependencies: - jwa: 1.4.1 - safe-buffer: 5.2.1 - dev: true - /jwt-decode@4.0.0: resolution: {integrity: sha512-+KJGIyHgkGuIq3IEBNftfhW/LfWhXUIY6OmyVWjliu5KH1y0fw7VQ8YndE2O4qZdMSd9SqbnC8GOcZEy0Om7sA==} engines: {node: '>=18'}