From dab45e39a695eed433fe50ba7c1bdc0aeeb520b0 Mon Sep 17 00:00:00 2001 From: Timo Hocker <35867059+TimoHocker@users.noreply.github.com> Date: Mon, 3 Jan 2022 16:26:23 +0100 Subject: [PATCH] flag to leave request open on auth --- README.md | 21 +++++++++++++++++++- lib/AuthHandler.ts | 48 +++++++++++++++++++++++++++++----------------- package.json | 2 +- 3 files changed, 51 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index 840e73c..7e62444 100644 --- a/README.md +++ b/README.md @@ -111,7 +111,26 @@ handler(req, res); // the handler will also return true if allow_access or allow ``` after the auth handler, the request will be completed, no additional content -should be served here. +should be served here. (Read 2.1 for info on disabling this) + +#### 2.1. Processing Auth Requests without closing the response object + +to prevent the auth handler from closing the response object you can provide additional options on each of the allow/deny functions. + +```js +allow_access({leave_open: true, ...}); +allow_part( + 60, + 'some_module', + {foo: 'bar'}, + true // additional flag to leave request open +); +invalid('error description', true); +deny(true); +``` + +if this flag is set, no data will be written to the response body and no data will be sent. +Status code and Headers will still be set. ### Invalidating tokens after they are delivered to the client diff --git a/lib/AuthHandler.ts b/lib/AuthHandler.ts index 6d90041..55dc4c7 100644 --- a/lib/AuthHandler.ts +++ b/lib/AuthHandler.ts @@ -14,7 +14,8 @@ interface AccessSettings { include_refresh_token?: boolean refresh_token_expires_in?: number redirect_to?: string - data?: Record + data?: Record, + leave_open?: boolean } interface AccessResult { @@ -76,12 +77,14 @@ class AuthRequest { this.response.setHeader ('Content-Type', 'application/json'); } + // eslint-disable-next-line max-lines-per-function public async allow_access ({ access_token_expires_in, include_refresh_token, refresh_token_expires_in, redirect_to, - data + data, + leave_open }: AccessSettings): Promise { this.default_header (typeof redirect_to !== 'string'); @@ -121,13 +124,16 @@ class AuthRequest { if (typeof redirect_to === 'string') { this.response.setHeader ('Location', redirect_to); - this.response.writeHead (302); - this.response.end (); + this.response.statusCode = 302; + if (!leave_open) + this.response.end (); return result; } - this.response.writeHead (200); - this.response.end (JSON.stringify (res)); + if (!leave_open) { + this.response.writeHead (200); + this.response.end (JSON.stringify (res)); + } this._is_successful = true; return result; @@ -136,7 +142,8 @@ class AuthRequest { public async allow_part ( part_token_expires_in: number, next_module: string, - data?: Record + data?: Record, + leave_open = false ): Promise { this.default_header (); @@ -152,26 +159,31 @@ class AuthRequest { expires_in: part_token_expires_in }; - this.response.writeHead (200); - this.response.end (JSON.stringify (res)); + if (!leave_open) { + this.response.writeHead (200); + this.response.end (JSON.stringify (res)); + } this._is_successful = true; return pt.id; } - public invalid (error_description?: string): void { + public invalid (error_description?: string, leave_open = false): void { this.default_header (); - this.response.writeHead (400); - this.response.end (JSON.stringify ({ - error: 'invalid_request', - error_description - })); + this.response.statusCode = 400; + if (!leave_open) { + this.response.end (JSON.stringify ({ + error: 'invalid_request', + error_description + })); + } } - public deny (): void { + public deny (leave_open = false): void { this.default_header (); - this.response.writeHead (401); - this.response.end (JSON.stringify ({ error: 'invalid_client' })); + this.response.statusCode = 401; + if (!leave_open) + this.response.end (JSON.stringify ({ error: 'invalid_client' })); } } diff --git a/package.json b/package.json index 6cf5f1c..6531354 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@sapphirecode/auth-server-helper", - "version": "2.1.1", + "version": "2.1.2", "main": "dist/index.js", "author": { "name": "Timo Hocker",