Complete rewrite of the account management and related systems.
Makes the architecture more modular,
allowing for easier extensions and configurations.
Dynamic imports cause segmentation faults with Jest:
https://github.com/nodejs/node/issues/35889.
We work around this by handling imports in IdentityProviderFactory
differently when Jest is running.
For unit tests we use a different tsconfig
that transpiles dynamic imports differently,
as those are also used in AppRunner.
The new version is an ESM package,
so we need to do a dynamic import as our package is CJS.
To correctly transpile the dynamic import,
moduleResolution needs to be set to node16.
See https://github.com/microsoft/TypeScript/issues/43329
* feat: Allow logging out on the consent page
* feat: log in with a different account cleanup
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
Implemented new StringUtil helper functions: splitCommaSeparated, sanitizeUrlPart, isValidFileName.
Added helper functions to HeaderUtil: matchesAuthorizationScheme, hasScheme.
Added unit tests for the new helper functions.
Refactored codebase to use helper functions instead of regexes if applicable.
The biggest resulting change is that the consent page always appears
after logging in.
Some minor fixes to be closer to the spec are included
together with some minor structural refactors.
* Solution works but tests don't
* refactor(FetchUtil): use arrayifyStream
* refactor(FetchUtil): split fetchDataset into 2 separate functions
* style(FetchUtil): onelining instead of declaring new local var
* test: trying to mock rdfDereferencer
* refactor: promise can't have async function as arg
* test(FetchUtil): pass Quad array to mockDereference instead
* test: all tests should pass now and coverage is back to 100%
* style: comment typo
* chore: make package.json and package-lock.json compatible with main
* chore: fix package.json double entries
* chore: updated package.json to be alfabetical again
* refactor(AgentGroupAccessChecker): Remove converter from contructor and config
* refactor(TokenOwnerShipValidator): Remove converter from constructor and config
* refactor(FetchUtil): Return BadRequestHttpError instead of generic Error
* test(FetchUtil): return Response object instead of mocking fetch
* style: typos and newlines
This is a revert of a previous change
but is now possible due to the use of JSON bodies.
This does mean JavaScript is required in the HTML page,
but that will be required for future changes anyway.
* fix(deps): update dependency jose to v4
* fix(deps): Update code using jose v4
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Joachim Van Herwegen <joachimvh@gmail.com>
This allows easier reuse of certain reoccurring behaviours,
such as authorization.
The AuthenticatedLdpHandler is no longer required
since it is a combination of parsing and authorization.
This did require a small change to the OperationHandler interface.
Account settings are stored using the WebID as key.
Reason for using the WebID is that this allows faster access to the settings
in authenticated requests.
A consequence of this is that passwords are now always required during registration,
and that there can only be 1 account per WebID.
