auth-server-helper/lib/Gateway.ts

/*
 * Copyright (C) Sapphirecode - All Rights Reserved
 * This file is part of Auth-Server-Helper which is released under MIT.
 * See file 'LICENSE' for full license details.
 * Created by Timo Hocker <timo@scode.ovh>, December 2020
 */

import { run_regex } from '@sapphirecode/utilities';
import authority from './Authority';

type AnyFunc = (...args: unknown) => unknown;
type Gateway = (req: Request, res: Response, next: AnyFunc) => Promise<void>;

interface GatewayOptions {
  redirect_url: string;
  cookie_name?: string;
}

class GatewayClass {
  private _options: GatewayOptions;

  public constructor (options: GatewayOptions) {
    this._options = options;
  }

  private redirect (res): void {
    res.statusCode = 302;
    res.setHeader ('Location', this._options.redirect_url);
    res.end ();
  }

  private get_header_auth (req: Request): string | null {
    const auth_header = req.headers.get ('Authorization');
    const auth = (/(?<type>\w)+ (?<data>.*)/u).exec (auth_header);
    if (auth === null)
      return null;
    if (auth.groups.type !== 'Bearer')
      return null;
    return auth.groups.data;
  }

  private get_cookie_auth (req: Request): string | null {
    if (typeof this._options.cookie_name === 'undefined')
      return null;
    let auth = null;
    run_regex (
      /[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu,
      req.headers.get ('cookie'),
      (res) => {
        if (res.groups.name === this._options.cookie_name)
          auth = res.groups.value;
      }
    );
    return auth;
  }

  private authenticate (req: Request): Promise<boolean> {
    let auth = this.get_header_auth (req);
    if (auth === null)
      auth = this.get_cookie_auth (req);
    if (auth === null)
      return false;

    return authority.verify (auth).authorized;
  }

  public process_request (
    req: Request,
    res: Response,
    next: AnyFunc
  ): Promise<void> {
    if (this.authenticate (req))
      return next ();
    return this.redirect (res);
  }
}

export default function create_gateway (options: GatewayOptions): Gateway {
  const g = new GatewayClass (options);
  return g.process_request;
}
improve signature structure, more tests 2020-12-13 13:37:11 +01:00			`/*`
			`* Copyright (C) Sapphirecode - All Rights Reserved`
			`* This file is part of Auth-Server-Helper which is released under MIT.`
			`* See file 'LICENSE' for full license details.`
			`* Created by Timo Hocker <timo@scode.ovh>, December 2020`
			`*/`

cookie auth 2020-12-13 12:26:40 +01:00			`import { run_regex } from '@sapphirecode/utilities';`
separate authority 2020-12-19 15:40:49 +01:00			`import authority from './Authority';`
blacklist, gateway 2020-12-12 15:53:47 +01:00
starting gateway 2020-12-06 15:51:59 +01:00			`type AnyFunc = (...args: unknown) => unknown;`
			`type Gateway = (req: Request, res: Response, next: AnyFunc) => Promise<void>;`

			`interface GatewayOptions {`
			`redirect_url: string;`
cookie auth 2020-12-13 12:26:40 +01:00			`cookie_name?: string;`
starting gateway 2020-12-06 15:51:59 +01:00			`}`

			`class GatewayClass {`
key store 2020-12-06 21:06:40 +01:00			`private _options: GatewayOptions;`
starting gateway 2020-12-06 15:51:59 +01:00
			`public constructor (options: GatewayOptions) {`
key store 2020-12-06 21:06:40 +01:00			`this._options = options;`
starting gateway 2020-12-06 15:51:59 +01:00			`}`

			`private redirect (res): void {`
			`res.statusCode = 302;`
key store 2020-12-06 21:06:40 +01:00			`res.setHeader ('Location', this._options.redirect_url);`
starting gateway 2020-12-06 15:51:59 +01:00			`res.end ();`
			`}`

cookie auth 2020-12-13 12:26:40 +01:00			`private get_header_auth (req: Request): string \| null {`
			`const auth_header = req.headers.get ('Authorization');`
			`const auth = (/(?<type>\w)+ (?<data>.*)/u).exec (auth_header);`
			`if (auth === null)`
			`return null;`
			`if (auth.groups.type !== 'Bearer')`
			`return null;`
			`return auth.groups.data;`
			`}`

			`private get_cookie_auth (req: Request): string \| null {`
improve signature structure, more tests 2020-12-13 13:37:11 +01:00			`if (typeof this._options.cookie_name === 'undefined')`
			`return null;`
cookie auth 2020-12-13 12:26:40 +01:00			`let auth = null;`
			`run_regex (`
			`/[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu,`
			`req.headers.get ('cookie'),`
			`(res) => {`
			`if (res.groups.name === this._options.cookie_name)`
			`auth = res.groups.value;`
			`}`
			`);`
			`return auth;`
			`}`

blacklist, gateway 2020-12-12 15:53:47 +01:00			`private authenticate (req: Request): Promise<boolean> {`
cookie auth 2020-12-13 12:26:40 +01:00			`let auth = this.get_header_auth (req);`
			`if (auth === null)`
			`auth = this.get_cookie_auth (req);`
			`if (auth === null)`
blacklist, gateway 2020-12-12 15:53:47 +01:00			`return false;`

separate authority 2020-12-19 15:40:49 +01:00			`return authority.verify (auth).authorized;`
starting gateway 2020-12-06 15:51:59 +01:00			`}`

blacklist, gateway 2020-12-12 15:53:47 +01:00			`public process_request (`
key store 2020-12-06 21:06:40 +01:00			`req: Request,`
			`res: Response,`
			`next: AnyFunc`
			`): Promise<void> {`
blacklist, gateway 2020-12-12 15:53:47 +01:00			`if (this.authenticate (req))`
key store 2020-12-06 21:06:40 +01:00			`return next ();`
			`return this.redirect (res);`
starting gateway 2020-12-06 15:51:59 +01:00			`}`
			`}`

			`export default function create_gateway (options: GatewayOptions): Gateway {`
			`const g = new GatewayClass (options);`
			`return g.process_request;`
			`}`