Skip to content

Commit 2706c63

Browse files
andrew-propelauthandrew-propelauth
authored
Adds step-up MFA (#23)
1 parent 5bdcdbe commit 2706c63

File tree

4 files changed

+53
-64
lines changed

4 files changed

+53
-64
lines changed

package-lock.json

Lines changed: 17 additions & 19 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,15 @@
44
"type": "git",
55
"url": "https://github.com/PropelAuth/express"
66
},
7-
"version": "2.1.32",
7+
"version": "2.1.33",
88
"license": "MIT",
99
"keywords": [
1010
"auth",
1111
"express",
1212
"user"
1313
],
1414
"dependencies": {
15-
"@propelauth/node": "^2.1.32"
15+
"@propelauth/node": "^2.1.33"
1616
},
1717
"devDependencies": {
1818
"@rollup/plugin-commonjs": "^19.0.0",

src/auth.ts

Lines changed: 18 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,8 @@ import {
66
UnauthorizedException,
77
UnexpectedException,
88
User,
9-
UserClass,
109
UserAndOrgMemberInfo,
10+
UserClass,
1111
} from "@propelauth/node"
1212
import { RequiredOrgInfo } from "@propelauth/node/dist/auth"
1313
import { NextFunction, Request, Response } from "express"
@@ -37,8 +37,9 @@ export function initAuth(opts: AuthOptions) {
3737
const requireOrgMember = createRequireOrgMemberMiddleware(
3838
auth.validateAccessTokenAndGetUserWithOrgInfo,
3939
auth.validateAccessTokenAndGetUserClass,
40-
debugMode)
41-
40+
debugMode
41+
)
42+
4243
const requireOrgMemberWithMinimumRole = createRequireOrgMemberMiddlewareWithMinimumRole(
4344
auth.validateAccessTokenAndGetUserWithOrgInfoWithMinimumRole,
4445
auth.validateAccessTokenAndGetUserClass,
@@ -117,6 +118,8 @@ export function initAuth(opts: AuthOptions) {
117118
setSamlIdpMetadata: auth.setSamlIdpMetadata,
118119
samlGoLive: auth.samlGoLive,
119120
deleteSamlConnection: auth.deleteSamlConnection,
121+
verifyStepUpTotpChallenge: auth.verifyStepUpTotpChallenge,
122+
verifyStepUpGrant: auth.verifyStepUpGrant,
120123
}
121124
}
122125

@@ -148,9 +151,7 @@ function createRequireOrgMemberMiddleware(
148151
authorizationHeader: string | undefined,
149152
requiredOrgInfo: RequriedOrgInfo
150153
) => Promise<UserAndOrgMemberInfo>,
151-
validateAccessTokenAndGetUserClass: (
152-
authorizationHeader: string | undefined,
153-
) => Promise<UserClass>,
154+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
154155
debugMode: boolean
155156
) {
156157
return function requireOrgMember(args?: RequireOrgMemberArgs) {
@@ -162,9 +163,7 @@ function createRequireOrgMemberMiddleware(
162163
return validateAccessTokenAndGetUserWithOrgInfo(authorizationHeader, requiredOrgInfo)
163164
},
164165
(authorizationHeader) => {
165-
return validateAccessTokenAndGetUserClass(
166-
authorizationHeader
167-
)
166+
return validateAccessTokenAndGetUserClass(authorizationHeader)
168167
},
169168
debugMode,
170169
orgIdExtractor,
@@ -179,9 +178,7 @@ function createRequireOrgMemberMiddlewareWithMinimumRole(
179178
requiredOrgInfo: RequriedOrgInfo,
180179
minimumRole: string
181180
) => Promise<UserAndOrgMemberInfo>,
182-
validateAccessTokenAndGetUserClass: (
183-
authorizationHeader: string | undefined,
184-
) => Promise<UserClass>,
181+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
185182
debugMode: boolean
186183
) {
187184
return function requireOrgMemberWithMinimumRole(args: RequireOrgMemberWithMinimumRoleArgs) {
@@ -197,9 +194,7 @@ function createRequireOrgMemberMiddlewareWithMinimumRole(
197194
)
198195
},
199196
(authorizationHeader) => {
200-
return validateAccessTokenAndGetUserClass(
201-
authorizationHeader
202-
)
197+
return validateAccessTokenAndGetUserClass(authorizationHeader)
203198
},
204199
debugMode,
205200
orgIdExtractor,
@@ -214,9 +209,7 @@ function createRequireOrgMemberMiddlewareWithExactRole(
214209
requiredOrgInfo: RequriedOrgInfo,
215210
role: string
216211
) => Promise<UserAndOrgMemberInfo>,
217-
validateAccessTokenAndGetUserClass: (
218-
authorizationHeader: string | undefined,
219-
) => Promise<UserClass>,
212+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
220213
debugMode: boolean
221214
) {
222215
return function requireOrgMemberWithMinimumRole(args: RequireOrgMemberWithExactRoleArgs) {
@@ -232,9 +225,7 @@ function createRequireOrgMemberMiddlewareWithExactRole(
232225
)
233226
},
234227
(authorizationHeader) => {
235-
return validateAccessTokenAndGetUserClass(
236-
authorizationHeader
237-
)
228+
return validateAccessTokenAndGetUserClass(authorizationHeader)
238229
},
239230
debugMode,
240231
orgIdExtractor,
@@ -249,9 +240,7 @@ function createRequireOrgMemberMiddlewareWithPermission(
249240
requiredOrgInfo: RequriedOrgInfo,
250241
permission: string
251242
) => Promise<UserAndOrgMemberInfo>,
252-
validateAccessTokenAndGetUserClass: (
253-
authorizationHeader: string | undefined,
254-
) => Promise<UserClass>,
243+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
255244
debugMode: boolean
256245
) {
257246
return function requireOrgMemberWithMinimumRole(args: RequireOrgMemberWithPermissionArgs) {
@@ -267,9 +256,7 @@ function createRequireOrgMemberMiddlewareWithPermission(
267256
)
268257
},
269258
(authorizationHeader) => {
270-
return validateAccessTokenAndGetUserClass(
271-
authorizationHeader
272-
)
259+
return validateAccessTokenAndGetUserClass(authorizationHeader)
273260
},
274261
debugMode,
275262
orgIdExtractor,
@@ -284,9 +271,7 @@ function createRequireOrgMemberMiddlewareWithAllPermissions(
284271
requiredOrgInfo: RequriedOrgInfo,
285272
permissions: string[]
286273
) => Promise<UserAndOrgMemberInfo>,
287-
validateAccessTokenAndGetUserClass: (
288-
authorizationHeader: string | undefined,
289-
) => Promise<UserClass>,
274+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
290275
debugMode: boolean
291276
) {
292277
return function requireOrgMemberWithMinimumRole(args: RequireOrgMemberWithAllPermissionsArgs) {
@@ -302,9 +287,7 @@ function createRequireOrgMemberMiddlewareWithAllPermissions(
302287
)
303288
},
304289
(authorizationHeader) => {
305-
return validateAccessTokenAndGetUserClass(
306-
authorizationHeader
307-
)
290+
return validateAccessTokenAndGetUserClass(authorizationHeader)
308291
},
309292
debugMode,
310293
orgIdExtractor,
@@ -318,12 +301,10 @@ function requireOrgMemberGenericMiddleware(
318301
authorizationHeader: string | undefined,
319302
requiredOrgInfo: RequiredOrgInfo
320303
) => Promise<UserAndOrgMemberInfo>,
321-
validateAccessTokenAndGetUserClass: (
322-
authorizationHeader: string | undefined,
323-
) => Promise<UserClass>,
304+
validateAccessTokenAndGetUserClass: (authorizationHeader: string | undefined) => Promise<UserClass>,
324305
debugMode: boolean,
325306
orgIdExtractor?: (req: Request) => string,
326-
orgNameExtractor?: (req: Request) => string,
307+
orgNameExtractor?: (req: Request) => string
327308
) {
328309
return async function (req: Request, res: Response, next: NextFunction) {
329310
let requiredOrgInfo: RequiredOrgInfo

src/index.ts

Lines changed: 16 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,13 +14,18 @@ export {
1414
ChangeUserRoleInOrgException,
1515
CreateOrgException,
1616
CreateUserException,
17+
FeatureGatedException,
1718
ForbiddenException,
19+
IncorrectMfaCodeException,
20+
InvalidRequestFieldsException,
1821
MagicLinkCreationException,
22+
MfaNotEnabledException,
1923
MigrateUserException,
2024
MigrateUserPasswordException,
2125
Org,
2226
OrgIdToOrgMemberInfo,
2327
RemoveUserFromOrgException,
28+
RevokePendingOrgInviteException,
2429
toOrgIdToOrgMemberInfo,
2530
toUser,
2631
UnauthorizedException,
@@ -53,6 +58,8 @@ export type {
5358
CreateUserRequest,
5459
CustomRoleMapping,
5560
CustomRoleMappings,
61+
FetchSamlSpMetadataResponse,
62+
IdpProvider,
5663
InternalOrgMemberInfo,
5764
InternalUser,
5865
InviteUserToOrgRequest,
@@ -65,24 +72,27 @@ export type {
6572
OrgQueryResponse,
6673
PersonalApiKeyValidation,
6774
RemoveUserFromOrgRequest,
75+
RevokePendingOrgInviteRequest,
6876
SamlLoginProvider,
77+
SetSamlIdpMetadataRequest,
6978
SocialLoginProvider,
79+
StepUpMfaGrantType,
80+
StepUpMfaVerifyGrantResponse,
81+
StepUpMfaVerifyTotpResponse,
7082
TokenVerificationMetadata,
7183
UpdateOrgRequest,
7284
UpdateUserEmailRequest,
7385
UpdateUserMetadataRequest,
7486
UpdateUserPasswordRequest,
75-
UserProperties,
7687
UserInOrgMetadata,
77-
UsersInOrgPagedResponse,
88+
UserProperties,
7889
UserSignupQueryParams,
90+
UsersInOrgPagedResponse,
7991
UsersInOrgQuery,
8092
UsersPagedResponse,
8193
UsersQuery,
82-
RevokePendingOrgInviteRequest,
83-
FetchSamlSpMetadataResponse,
84-
SetSamlIdpMetadataRequest,
85-
IdpProvider,
94+
VerifyStepUpGrantRequest,
95+
VerifyTotpChallengeRequest,
8696
} from "@propelauth/node"
8797
export { AuthOptions, initAuth } from "./auth"
8898
export type { RequireOrgMemberArgs } from "./auth"

0 commit comments

Comments
 (0)