How to use the @authx/scopes.simplify function in @authx/scopes
To help you get started, we’ve selected a few @authx/scopes examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
the-control-group / authx / packages / authx / src / util / scopeTemplates.ts View on Github 
// If we have a value for the variable, use it.
const value = values[segment.slice(1, segment.length - 1)];
if (typeof value === "string") {
segments.push(value);
}
// If no value could be found, omit the entire template.
continue template;
}
domains.push(segments.join("."));
}
scopes.push(domains.join(":"));
}
return safeSimplify(scopes);
}// If behavior is `undefined`, then the custom function will handle responding
// to the request.
if (!behavior) {
meta.message = "Request handled by custom behavior function.";
meta.rule = rule;
return;
}
// Nothing else to do; proxy the request.
if (!behavior.sendTokenToTargetWithScopes) {
forward(behavior.proxyOptions, rule, behavior);
return;
}
const scopes = behavior.sendTokenToTargetWithScopes
? simplify(behavior.sendTokenToTargetWithScopes)
: [];
const hash = hashScopes(scopes);
try {
const token = cookies.get(`authx.t.${hash}`);
const payload = token && decode(token);
if (
payload &&
typeof payload === "object" &&
typeof payload.exp === "number" &&
payload.exp >
Date.now() / 1000 + (this._config.tokenMinimumRemainingLife || 30)
) {
// We already have a valid token.
request.headers.authorization = `Bearer ${token}`;!role.isAccessibleBy(realm, a, tx, {
basic: "w",
scopes: "w",
users: ""
})
) {
throw new ForbiddenError(
`You do not have permission to modify the scopes of role ${roleId}.`
);
}
await Role.write(
tx,
{
...role,
scopes: simplify([
...role.scopes,
...possibleAdministrationScopes.filter(possible =>
isSuperset(scopes, possible)
)
])
},
{
recordId: v4(),
createdByAuthorizationId: a.id,
createdAt: new Date()
}
);
}
await tx.query("COMMIT");
return credential;!role.isAccessibleBy(realm, a, tx, {
basic: "w",
scopes: "w",
users: ""
})
) {
throw new ForbiddenError(
`You do not have permission to modify the scopes of role ${roleId}.`
);
}
await Role.write(
tx,
{
...role,
scopes: simplify([
...role.scopes,
...possibleAdministrationScopes.filter(possible =>
isSuperset(scopes, possible)
)
])
},
{
recordId: v4(),
createdByAuthorizationId: a.id,
createdAt: new Date()
}
);
}
await tx.query("COMMIT");
return client;!role.isAccessibleBy(realm, a, tx, {
basic: "w",
scopes: "w",
users: ""
})
) {
throw new ForbiddenError(
`You do not have permission to modify the scopes of role ${roleId}.`
);
}
await Role.write(
tx,
{
...role,
scopes: simplify([
...role.scopes,
...possibleAdministrationScopes.filter(possible =>
isSuperset(scopes, possible)
)
])
},
{
recordId: v4(),
createdByAuthorizationId: a.id,
createdAt: new Date()
}
);
}
await tx.query("COMMIT");
return authorization;>({
fetchOptionsOverride,
operation: {
query: `
mutation($id: ID!, $scopes: [Scope!]!) {
updateGrants(
grants: [{id: $id, scopes: $scopes, generateCodes: 1}]
) {
codes
scopes
}
}
`,
variables: {
id: grant.id,
scopes: simplify(
[...(grant.scopes || []), ...requestedScopes].filter(
s => overrides[s] !== false
)
)
}
}
});
} else {
operation = graphql.operate<
{
updateGrants?: undefined;
createGrants: null | ReadonlyArray;
},!role.isAccessibleBy(realm, a, tx, {
basic: "w",
scopes: "w",
users: ""
})
) {
throw new ForbiddenError(
`You do not have permission to modify the scopes of role ${roleId}.`
);
}
await Role.write(
tx,
{
...role,
scopes: simplify([
...role.scopes,
...possibleAdministrationScopes.filter(possible =>
isSuperset(scopes, possible)
)
])
},
{
recordId: v4(),
createdByAuthorizationId: a.id,
createdAt: new Date()
}
);
}
await tx.query("COMMIT");
return authority;!role.isAccessibleBy(realm, a, tx, {
basic: "w",
scopes: "w",
users: ""
})
) {
throw new ForbiddenError(
`You do not have permission to modify the scopes of role ${roleId}.`
);
}
await Role.write(
tx,
{
...role,
scopes: simplify([
...role.scopes,
...possibleAdministrationScopes.filter(possible =>
isSuperset(scopes, possible)
)
])
},
{
recordId: v4(),
createdByAuthorizationId: a.id,
createdAt: new Date()
}
);
}
await tx.query("COMMIT");
return credential;() =>
requestedScopeTemplates
? simplify(
inject(
[
...requestedScopeTemplates,
createV2AuthXScope(
__REALM__,
{
type: "user",
userId: "{current_user_id}"
},
{
basic: "r"
}
),
createV2AuthXScope(
__REALM__,
{{newRequestedScopes.map((s, i) => {
const explanations =
(newRequestedScopesExplanations.filter(e => {
return e && isSuperset(s, e.scope);
}) as ReadonlyArray<{
scope: string;
description: string;
}>) || [];
const explanationScopes = new Set(
simplify(explanations.map(({ scope }) => scope))
);
return (
0
? "2px solid hsla(0, 0%, 100%, 0.04)"
: undefined
}}
>
{s}@authx/scopes
This is a small collection of utility functions for AuthX scopes. These scopes are human-readable, fully OAuth2-compatible, and support both pattern matching and set algebra.
