From abdf5de31de54851c67aabaada70493f0914c0c8 Mon Sep 17 00:00:00 2001 From: clauspeterhuebner Date: Wed, 16 Jul 2025 15:50:47 +0200 Subject: [PATCH] shift core/auth/jwt to shared/jwt and correct usage --- backend/src/federation/authenticateCommunities.ts | 3 ++- backend/src/federation/validateCommunities.ts | 7 ++++--- backend/src/graphql/resolver/TransactionLinkResolver.ts | 6 ++---- core/src/index.ts | 9 --------- .../graphql/api/1_0/resolver/AuthenticationResolver.ts | 3 ++- shared/src/const/index.ts | 3 ++- shared/src/index.ts | 9 +++++++++ {core/src/auth => shared/src}/jwt/JWT.test.ts | 0 {core/src/auth => shared/src}/jwt/JWT.ts | 2 +- .../jwt/payloadtypes/AuthenticationJwtPayloadType.ts | 0 .../payloadtypes/AuthenticationResponseJwtPayloadType.ts | 0 .../src}/jwt/payloadtypes/DisburseJwtPayloadType.ts | 0 .../src}/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts | 0 .../src}/jwt/payloadtypes/JwtPayloadType.ts | 2 +- .../payloadtypes/OpenConnectionCallbackJwtPayloadType.ts | 1 - .../jwt/payloadtypes/OpenConnectionJwtPayloadType.ts | 1 - .../src}/jwt/payloadtypes/RedeemJwtPayloadType.ts | 1 - 17 files changed, 23 insertions(+), 24 deletions(-) rename {core/src/auth => shared/src}/jwt/JWT.test.ts (100%) rename {core/src/auth => shared/src}/jwt/JWT.ts (98%) rename {core/src/auth => shared/src}/jwt/payloadtypes/AuthenticationJwtPayloadType.ts (100%) rename {core/src/auth => shared/src}/jwt/payloadtypes/AuthenticationResponseJwtPayloadType.ts (100%) rename {core/src/auth => shared/src}/jwt/payloadtypes/DisburseJwtPayloadType.ts (100%) rename {core/src/auth => shared/src}/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts (100%) rename {core/src/auth => shared/src}/jwt/payloadtypes/JwtPayloadType.ts (91%) rename {core/src/auth => shared/src}/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts (94%) rename {core/src/auth => shared/src}/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts (93%) rename {core/src/auth => shared/src}/jwt/payloadtypes/RedeemJwtPayloadType.ts (96%) diff --git a/backend/src/federation/authenticateCommunities.ts b/backend/src/federation/authenticateCommunities.ts index f7a79772a..bbfd3c2d6 100644 --- a/backend/src/federation/authenticateCommunities.ts +++ b/backend/src/federation/authenticateCommunities.ts @@ -7,9 +7,10 @@ import { AuthenticationClient as V1_0_AuthenticationClient } from '@/federation/ import { ensureUrlEndsWithSlash } from '@/util/utilities' import { LOG4JS_BASE_CATEGORY_NAME } from '@/config/const' -import { encryptAndSign, EncryptedTransferArgs, OpenConnectionJwtPayloadType } from 'core' +import { encryptAndSign, OpenConnectionJwtPayloadType } from 'shared' import { getLogger } from 'log4js' import { AuthenticationClientFactory } from './client/AuthenticationClientFactory' +import { EncryptedTransferArgs } from 'core' const logger = getLogger(`${LOG4JS_BASE_CATEGORY_NAME}.federation.authenticateCommunities`) diff --git a/backend/src/federation/validateCommunities.ts b/backend/src/federation/validateCommunities.ts index 4e41cfef1..478261386 100644 --- a/backend/src/federation/validateCommunities.ts +++ b/backend/src/federation/validateCommunities.ts @@ -2,6 +2,7 @@ import { Community as DbCommunity, FederatedCommunity as DbFederatedCommunity, FederatedCommunityLoggingView, + getHomeCommunity, } from 'database' import { IsNull } from 'typeorm' @@ -10,7 +11,7 @@ import { FederationClient as V1_0_FederationClient } from '@/federation/client/1 import { PublicCommunityInfo } from '@/federation/client/1_0/model/PublicCommunityInfo' import { FederationClientFactory } from '@/federation/client/FederationClientFactory' import { LogError } from '@/server/LogError' -import { createKeyPair } from 'core' +import { createKeyPair } from 'shared' import { getLogger } from 'log4js' import { startCommunityAuthentication } from './authenticateCommunities' import { PublicCommunityInfoLoggingView } from './client/1_0/logging/PublicCommunityInfoLogging.view' @@ -85,13 +86,13 @@ export async function writeJwtKeyPairInHomeCommunity(): Promise { logger.debug(`Federation: writeJwtKeyPairInHomeCommunity`) try { // check for existing homeCommunity entry - let homeCom = await DbCommunity.findOne({ where: { foreign: false } }) + let homeCom = await getHomeCommunity() if (homeCom) { if (!homeCom.publicJwtKey && !homeCom.privateJwtKey) { // Generate key pair using jose library const { publicKey, privateKey } = await createKeyPair(); logger.debug(`Federation: writeJwtKeyPairInHomeCommunity publicKey=`, publicKey); - logger.debug(`Federation: writeJwtKeyPairInHomeCommunity privateKey=`, privateKey); + logger.debug(`Federation: writeJwtKeyPairInHomeCommunity privateKey=`, privateKey.slice(0, 20)); homeCom.publicJwtKey = publicKey; logger.debug(`Federation: writeJwtKeyPairInHomeCommunity publicJwtKey.length=`, homeCom.publicJwtKey.length); diff --git a/backend/src/graphql/resolver/TransactionLinkResolver.ts b/backend/src/graphql/resolver/TransactionLinkResolver.ts index 14dac8342..32464cc82 100644 --- a/backend/src/graphql/resolver/TransactionLinkResolver.ts +++ b/backend/src/graphql/resolver/TransactionLinkResolver.ts @@ -39,12 +39,10 @@ import { TRANSACTIONS_LOCK } from '@/util/TRANSACTIONS_LOCK' import { TRANSACTION_LINK_LOCK } from '@/util/TRANSACTION_LINK_LOCK' import { fullName } from '@/util/utilities' import { calculateBalance } from '@/util/validate' -import { RedeemJwtPayloadType, decode, encode, verify } from 'core' -import { calculateDecay } from 'shared' +import { calculateDecay, decode, DisburseJwtPayloadType, encode, RedeemJwtPayloadType, verify } from 'shared' import { LOG4JS_BASE_CATEGORY_NAME } from '@/config/const' -import { DisburseJwtPayloadType } from 'core' -import { Logger, getLogger } from 'log4js' +import { getLogger, Logger } from 'log4js' import { executeTransaction } from './TransactionResolver' import { getAuthenticatedCommunities, diff --git a/core/src/index.ts b/core/src/index.ts index 97aa4521e..28aae758a 100644 --- a/core/src/index.ts +++ b/core/src/index.ts @@ -1,12 +1,3 @@ export * from './validation/user' -export * from './auth/jwt/JWT' -export * from './auth/jwt/payloadtypes/AuthenticationJwtPayloadType' -export * from './auth/jwt/payloadtypes/AuthenticationResponseJwtPayloadType' -export * from './auth/jwt/payloadtypes/DisburseJwtPayloadType' -export * from './auth/jwt/payloadtypes/EncryptedJWEJwtPayloadType' -export * from './auth/jwt/payloadtypes/JwtPayloadType' -export * from './auth/jwt/payloadtypes/OpenConnectionJwtPayloadType' -export * from './auth/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType' -export * from './auth/jwt/payloadtypes/RedeemJwtPayloadType' export * from './graphql/logic/interpretEncryptedTransferArgs' export * from './graphql/model/EncryptedTransferArgs' diff --git a/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts b/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts index c28d7e05c..ae17ecc66 100644 --- a/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts +++ b/federation/src/graphql/api/1_0/resolver/AuthenticationResolver.ts @@ -1,6 +1,6 @@ import { CONFIG } from '@/config' import { LOG4JS_BASE_CATEGORY_NAME } from '@/config/const' -import { AuthenticationJwtPayloadType, AuthenticationResponseJwtPayloadType, encryptAndSign, EncryptedTransferArgs, interpretEncryptedTransferArgs, OpenConnectionCallbackJwtPayloadType, OpenConnectionJwtPayloadType } from 'core' +import { EncryptedTransferArgs, interpretEncryptedTransferArgs } from 'core' import { CommunityLoggingView, Community as DbCommunity, @@ -9,6 +9,7 @@ import { getHomeCommunity, } from 'database' import { getLogger } from 'log4js' +import { AuthenticationJwtPayloadType, AuthenticationResponseJwtPayloadType, encryptAndSign, OpenConnectionCallbackJwtPayloadType, OpenConnectionJwtPayloadType } from 'shared' import { Arg, Mutation, Resolver } from 'type-graphql' import { startAuthentication, startOpenConnectionCallback } from '../util/authenticateCommunity' diff --git a/shared/src/const/index.ts b/shared/src/const/index.ts index 6976b019a..1033ecaf1 100644 --- a/shared/src/const/index.ts +++ b/shared/src/const/index.ts @@ -1,2 +1,3 @@ export const DECAY_START_TIME = new Date('2021-05-13T17:46:31Z') -export const LOG4JS_BASE_CATEGORY_NAME = 'shared' \ No newline at end of file +export const LOG4JS_BASE_CATEGORY_NAME = 'shared' +export const REDEEM_JWT_TOKEN_EXPIRATION = '10m' \ No newline at end of file diff --git a/shared/src/index.ts b/shared/src/index.ts index 4c6acd552..075272308 100644 --- a/shared/src/index.ts +++ b/shared/src/index.ts @@ -1,3 +1,12 @@ export * from './schema' export * from './enum' export * from './logic/decay' +export * from './jwt/JWT' +export * from './jwt/payloadtypes/AuthenticationJwtPayloadType' +export * from './jwt/payloadtypes/AuthenticationResponseJwtPayloadType' +export * from './jwt/payloadtypes/DisburseJwtPayloadType' +export * from './jwt/payloadtypes/EncryptedJWEJwtPayloadType' +export * from './jwt/payloadtypes/JwtPayloadType' +export * from './jwt/payloadtypes/OpenConnectionJwtPayloadType' +export * from './jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType' +export * from './jwt/payloadtypes/RedeemJwtPayloadType' diff --git a/core/src/auth/jwt/JWT.test.ts b/shared/src/jwt/JWT.test.ts similarity index 100% rename from core/src/auth/jwt/JWT.test.ts rename to shared/src/jwt/JWT.test.ts diff --git a/core/src/auth/jwt/JWT.ts b/shared/src/jwt/JWT.ts similarity index 98% rename from core/src/auth/jwt/JWT.ts rename to shared/src/jwt/JWT.ts index 2153cd3fc..362fa85e3 100644 --- a/core/src/auth/jwt/JWT.ts +++ b/shared/src/jwt/JWT.ts @@ -1,5 +1,5 @@ import { generateKeyPair, exportSPKI, exportPKCS8, SignJWT, decodeJwt, importPKCS8, importSPKI, jwtVerify, CompactEncrypt, compactDecrypt } from 'jose' -import { LOG4JS_BASE_CATEGORY_NAME } from '../../config/const' +import { LOG4JS_BASE_CATEGORY_NAME } from '../const' import { getLogger } from 'log4js' const logger = getLogger(`${LOG4JS_BASE_CATEGORY_NAME}.auth.jwt.JWT`) diff --git a/core/src/auth/jwt/payloadtypes/AuthenticationJwtPayloadType.ts b/shared/src/jwt/payloadtypes/AuthenticationJwtPayloadType.ts similarity index 100% rename from core/src/auth/jwt/payloadtypes/AuthenticationJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/AuthenticationJwtPayloadType.ts diff --git a/core/src/auth/jwt/payloadtypes/AuthenticationResponseJwtPayloadType.ts b/shared/src/jwt/payloadtypes/AuthenticationResponseJwtPayloadType.ts similarity index 100% rename from core/src/auth/jwt/payloadtypes/AuthenticationResponseJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/AuthenticationResponseJwtPayloadType.ts diff --git a/core/src/auth/jwt/payloadtypes/DisburseJwtPayloadType.ts b/shared/src/jwt/payloadtypes/DisburseJwtPayloadType.ts similarity index 100% rename from core/src/auth/jwt/payloadtypes/DisburseJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/DisburseJwtPayloadType.ts diff --git a/core/src/auth/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts b/shared/src/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts similarity index 100% rename from core/src/auth/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/EncryptedJWEJwtPayloadType.ts diff --git a/core/src/auth/jwt/payloadtypes/JwtPayloadType.ts b/shared/src/jwt/payloadtypes/JwtPayloadType.ts similarity index 91% rename from core/src/auth/jwt/payloadtypes/JwtPayloadType.ts rename to shared/src/jwt/payloadtypes/JwtPayloadType.ts index 3ed4b466f..561a9268d 100644 --- a/core/src/auth/jwt/payloadtypes/JwtPayloadType.ts +++ b/shared/src/jwt/payloadtypes/JwtPayloadType.ts @@ -1,6 +1,6 @@ import { JWTPayload } from 'jose' -import { REDEEM_JWT_TOKEN_EXPIRATION } from '../../../config/const' +import { REDEEM_JWT_TOKEN_EXPIRATION } from '../../const' export class JwtPayloadType implements JWTPayload { static ISSUER = 'urn:gradido:issuer' diff --git a/core/src/auth/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts b/shared/src/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts similarity index 94% rename from core/src/auth/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts index aa7906b60..7b4992284 100644 --- a/core/src/auth/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts +++ b/shared/src/jwt/payloadtypes/OpenConnectionCallbackJwtPayloadType.ts @@ -1,4 +1,3 @@ -// import { JWTPayload } from 'jose' import { JwtPayloadType } from './JwtPayloadType' export class OpenConnectionCallbackJwtPayloadType extends JwtPayloadType { diff --git a/core/src/auth/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts b/shared/src/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts similarity index 93% rename from core/src/auth/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts index 8843ff4e3..3a3c249cb 100644 --- a/core/src/auth/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts +++ b/shared/src/jwt/payloadtypes/OpenConnectionJwtPayloadType.ts @@ -1,4 +1,3 @@ -// import { JWTPayload } from 'jose' import { JwtPayloadType } from './JwtPayloadType' export class OpenConnectionJwtPayloadType extends JwtPayloadType { diff --git a/core/src/auth/jwt/payloadtypes/RedeemJwtPayloadType.ts b/shared/src/jwt/payloadtypes/RedeemJwtPayloadType.ts similarity index 96% rename from core/src/auth/jwt/payloadtypes/RedeemJwtPayloadType.ts rename to shared/src/jwt/payloadtypes/RedeemJwtPayloadType.ts index 7cc6674e7..faeda2b71 100644 --- a/core/src/auth/jwt/payloadtypes/RedeemJwtPayloadType.ts +++ b/shared/src/jwt/payloadtypes/RedeemJwtPayloadType.ts @@ -1,4 +1,3 @@ -// import { JWTPayload } from 'jose' import { JwtPayloadType } from './JwtPayloadType' export class RedeemJwtPayloadType extends JwtPayloadType {