auth-server-helper/lib/Gateway.ts

import {
  get_signature_info,
  verify_signature
} from '@sapphirecode/crypto-helper';
import keystore from './KeyStore';
import blacklist from './Blacklist';

type AnyFunc = (...args: unknown) => unknown;
type Gateway = (req: Request, res: Response, next: AnyFunc) => Promise<void>;

interface GatewayOptions {
  redirect_url: string;
}

class GatewayClass {
  private _options: GatewayOptions;

  public constructor (options: GatewayOptions) {
    this._options = options;
  }

  private redirect (res): void {
    res.statusCode = 302;
    res.setHeader ('Location', this._options.redirect_url);
    res.end ();
  }

  private authenticate (req: Request): Promise<boolean> {
    const auth = req.headers.get ('Authentication');
    const auth_type_regex = /(?<type>\w)+ (?<data>.*)/u;
    const auth_type = auth_type_regex.exec (auth);
    if (auth_type === null)
      return false;
    if (auth_type.groups.type !== 'Bearer')
      return false;

    const data = get_signature_info (auth_type.groups.data);
    const key = keystore.get_key (data.iat / 1000);
    const valid = verify_signature (
      auth_type.groups.data,
      key,
      data.obj.valid_for * 1000
    ) === null;

    return valid
      && data.obj.type === 'access_token'
      && blacklist.is_valid (data.obj.id);
  }

  public process_request (
    req: Request,
    res: Response,
    next: AnyFunc
  ): Promise<void> {
    if (this.authenticate (req))
      return next ();
    return this.redirect (res);
  }
}

export default function create_gateway (options: GatewayOptions): Gateway {
  const g = new GatewayClass (options);
  return g.process_request;
}
blacklist, gateway 2020-12-12 15:53:47 +01:00			`import {`
			`get_signature_info,`
			`verify_signature`
			`} from '@sapphirecode/crypto-helper';`
			`import keystore from './KeyStore';`
			`import blacklist from './Blacklist';`

starting gateway 2020-12-06 15:51:59 +01:00			`type AnyFunc = (...args: unknown) => unknown;`
			`type Gateway = (req: Request, res: Response, next: AnyFunc) => Promise<void>;`

			`interface GatewayOptions {`
			`redirect_url: string;`
			`}`

			`class GatewayClass {`
key store 2020-12-06 21:06:40 +01:00			`private _options: GatewayOptions;`
starting gateway 2020-12-06 15:51:59 +01:00
			`public constructor (options: GatewayOptions) {`
key store 2020-12-06 21:06:40 +01:00			`this._options = options;`
starting gateway 2020-12-06 15:51:59 +01:00			`}`

			`private redirect (res): void {`
			`res.statusCode = 302;`
key store 2020-12-06 21:06:40 +01:00			`res.setHeader ('Location', this._options.redirect_url);`
starting gateway 2020-12-06 15:51:59 +01:00			`res.end ();`
			`}`

blacklist, gateway 2020-12-12 15:53:47 +01:00			`private authenticate (req: Request): Promise<boolean> {`
			`const auth = req.headers.get ('Authentication');`
			`const auth_type_regex = /(?<type>\w)+ (?<data>.*)/u;`
			`const auth_type = auth_type_regex.exec (auth);`
			`if (auth_type === null)`
			`return false;`
			`if (auth_type.groups.type !== 'Bearer')`
			`return false;`

			`const data = get_signature_info (auth_type.groups.data);`
			`const key = keystore.get_key (data.iat / 1000);`
			`const valid = verify_signature (`
			`auth_type.groups.data,`
			`key,`
			`data.obj.valid_for * 1000`
			`) === null;`

			`return valid`
			`&& data.obj.type === 'access_token'`
			`&& blacklist.is_valid (data.obj.id);`
starting gateway 2020-12-06 15:51:59 +01:00			`}`

blacklist, gateway 2020-12-12 15:53:47 +01:00			`public process_request (`
key store 2020-12-06 21:06:40 +01:00			`req: Request,`
			`res: Response,`
			`next: AnyFunc`
			`): Promise<void> {`
blacklist, gateway 2020-12-12 15:53:47 +01:00			`if (this.authenticate (req))`
key store 2020-12-06 21:06:40 +01:00			`return next ();`
			`return this.redirect (res);`
starting gateway 2020-12-06 15:51:59 +01:00			`}`
			`}`

			`export default function create_gateway (options: GatewayOptions): Gateway {`
			`const g = new GatewayClass (options);`
			`return g.process_request;`
			`}`