How to use the @authx/authx.Authority.read function in @authx/authx
To help you get started, we’ve selected a few @authx/authx examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
the-control-group / authx / packages / strategy-openid / src / server / graphql / mutation / authenticateOpenId.ts View on Github 
authorization: a,
realm,
strategies: { authorityMap },
base
} = context;
if (a) {
throw new ForbiddenError("You area already authenticated.");
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
// Fetch the authority.
const authority = await Authority.read(
tx,
args.authorityId,
authorityMap
);
if (!(authority instanceof OpenIdAuthority)) {
throw new AuthenticationError(
"The authority uses a strategy other than openid."
);
}
// Fetch the ID token.
const requestBody = new FormData();
requestBody.append("grant_type", "authorization_code");
requestBody.append("client_id", authority.details.clientId);
requestBody.append("client_secret", authority.details.clientSecret);pool,
authorization: a,
realm,
strategies: { authorityMap }
} = context;
if (a) {
throw new ForbiddenError("You area already authenticated.");
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
// Fetch the authority.
const authority = await Authority.read(
tx,
args.passwordAuthorityId,
authorityMap
);
if (!(authority instanceof PasswordAuthority)) {
throw new AuthenticationError(
__DEV__
? "The authority uses a strategy other than password."
: undefined
);
}
// Find the user ID given identityAuthorityId and identityAuthorityUserId.
let userId: string | null;
if (args.identityAuthorityId === authority.id) {realm,
strategies: { authorityMap },
sendMail,
base
} = context;
if (a) {
throw new ForbiddenError("You area already authenticated.");
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
// fetch the authority
const authority = await Authority.read(
tx,
args.authorityId,
authorityMap
);
if (!(authority instanceof EmailAuthority)) {
throw new AuthenticationError(
__DEV__
? "The authority uses a strategy other than email."
: undefined
);
}
// get the credential
const credential = await authority.credential(tx, args.email);
if (!credential) {};
// Make sure the ID isn't already in use.
if (input.id) {
try {
await EmailCredential.read(tx, input.id, { forUpdate: true });
throw new ConflictError();
} catch (error) {
if (!(error instanceof NotFoundError)) {
throw error;
}
}
}
const id = input.id || v4();
const authority = await Authority.read(
tx,
input.authorityId,
authorityMap,
{ forUpdate: true }
);
if (!(authority instanceof EmailAuthority)) {
throw new NotFoundError("No email authority exists with this ID.");
}
// Check if the email is used in a different credential
const existingCredentials = await EmailCredential.read(
tx,
(
await tx.query(
`
SELECT entity_id as idreturn args.authorities.map(async input => {
// Validate `id`.
if (!validateIdFormat(input.id)) {
throw new ValidationError("The provided `id` is an invalid ID.");
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
const before = await Authority.read(tx, input.id, authorityMap, {
forUpdate: true
});
if (!(before instanceof PasswordAuthority)) {
throw new NotFoundError("No password authority exists with this ID.");
}
if (!(await before.isAccessibleBy(realm, a, tx, "write.basic"))) {
throw new ForbiddenError(
"You do not have permission to update this authority."
);
}
if (
typeof input.rounds === "number" &&
!(await before.isAccessibleBy(realm, a, tx, "write.*"))// Validate `emailAuthorityId`.
if (
typeof input.emailAuthorityId === "string" &&
!validateIdFormat(input.emailAuthorityId)
) {
throw new ValidationError(
"The provided `emailAuthorityId` is an invalid ID."
);
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
const before = await Authority.read(tx, input.id, authorityMap, {
forUpdate: true
});
if (!(before instanceof OpenIdAuthority)) {
throw new NotFoundError("No openid authority exists with this ID.");
}
if (!(await before.isAccessibleBy(realm, a, tx, "write.basic"))) {
throw new ForbiddenError(
"You do not have permission to update this authority."
);
}
if (
(typeof input.clientId === "string" ||
typeof input.clientSecret === "string") &&// Make sure the ID isn't already in use.
if (input.id) {
try {
await OpenIdCredential.read(tx, input.id, { forUpdate: true });
throw new ConflictError();
} catch (error) {
if (!(error instanceof NotFoundError)) {
throw error;
}
}
}
const id = input.id || v4();
// Fetch the authority.
const authority = await Authority.read(
tx,
input.authorityId,
authorityMap
);
if (!(authority instanceof OpenIdAuthority)) {
throw new NotFoundError(
"The authority uses a strategy other than openid."
);
}
if (!input.code && !input.subject) {
throw new ValidationError(
"Either a `code` or `subject` must be provided."
);
}return args.authorities.map(async input => {
// Validate `id`.
if (!validateIdFormat(input.id)) {
throw new ValidationError("The provided `id` is an invalid ID.");
}
const tx = await pool.connect();
try {
await tx.query("BEGIN DEFERRABLE");
const before = await Authority.read(tx, input.id, authorityMap, {
forUpdate: true
});
if (!(before instanceof EmailAuthority)) {
throw new NotFoundError(
"The authority uses a strategy other than email."
);
}
if (!(await before.isAccessibleBy(realm, a, tx, "write.basic"))) {
throw new ForbiddenError(
"You do not have permission to update this authority."
);
}
if (await tx.query("BEGIN DEFERRABLE");
// Make sure the ID isn't already in use.
if (input.id) {
try {
await PasswordCredential.read(tx, input.id, { forUpdate: true });
throw new ConflictError();
} catch (error) {
if (!(error instanceof NotFoundError)) {
throw error;
}
}
}
const id = input.id || v4();
const authority = await Authority.read(
tx,
input.authorityId,
authorityMap
);
if (!(authority instanceof PasswordAuthority)) {
throw new NotFoundError(
"No password authority exists with this ID."
);
}
const credential = await PasswordCredential.write(
tx,
{
id,
enabled: input.enabled,
authorityId: input.authorityId,@authx/authx
This is AuthX. It's named AuthX because it's an "exchange" of sorts, consolidating identities from several upstream authorities into a single identity for downstream clients. AuthX uses the OAuth2 framework in both directions, and adds a robust access con
Package Health Score
73 / 100Popular @authx/authx functions
- @authx/authx.AuthenticationError
- @authx/authx.Authority.read
- @authx/authx.Authorization
- @authx/authx.Authorization.write
- @authx/authx.Client.write
- @authx/authx.Credential.read
- @authx/authx.ForbiddenError
- @authx/authx.Grant.write
- @authx/authx.NotFoundError
- @authx/authx.Role
- @authx/authx.Role.read
- @authx/authx.Role.write
- @authx/authx.StrategyCollection
- @authx/authx.User.read
- @authx/authx.User.write
- @authx/authx.validateIdFormat
- @authx/authx.ValidationError
- @authx/authx/dist/util/explanations.match
- @authx/authx/dist/util/scopes.createV2AuthXScope
- @authx/authx