flag to leave request open on auth

2022-01-03 16:26:23 +01:00 · 2022-01-03 16:26:23 +01:00 · dab45e39a6
commit dab45e39a6
parent 4820bda8ca
3 changed files with 51 additions and 20 deletions
--- a/README.md
+++ b/README.md
@ -111,7 +111,26 @@ handler(req, res); // the handler will also return true if allow_access or allow
 ```

 after the auth handler, the request will be completed, no additional content
-should be served here.
+should be served here. (Read 2.1 for info on disabling this)
+
+#### 2.1. Processing Auth Requests without closing the response object
+
+to prevent the auth handler from closing the response object you can provide additional options on each of the allow/deny functions.
+
+```js
+allow_access({leave_open: true, ...});
+allow_part(
+  60,
+  'some_module',
+  {foo: 'bar'},
+  true // additional flag to leave request open
+);
+invalid('error description', true);
+deny(true);
+```
+
+if this flag is set, no data will be written to the response body and no data will be sent.
+Status code and Headers will still be set.

 ### Invalidating tokens after they are delivered to the client

--- a/lib/AuthHandler.ts
+++ b/lib/AuthHandler.ts
@ -14,7 +14,8 @@ interface AccessSettings {
  include_refresh_token?: boolean
  refresh_token_expires_in?: number
  redirect_to?: string
-  data?: Record<string, unknown>
+  data?: Record<string, unknown>,
+  leave_open?: boolean
 }

 interface AccessResult {
@ -76,12 +77,14 @@ class AuthRequest {
      this.response.setHeader ('Content-Type', 'application/json');
  }

+  // eslint-disable-next-line max-lines-per-function
  public async allow_access ({
    access_token_expires_in,
    include_refresh_token,
    refresh_token_expires_in,
    redirect_to,
-    data
+    data,
+    leave_open
  }: AccessSettings): Promise<AccessResult> {
    this.default_header (typeof redirect_to !== 'string');

@ -121,13 +124,16 @@ class AuthRequest {

    if (typeof redirect_to === 'string') {
      this.response.setHeader ('Location', redirect_to);
-      this.response.writeHead (302);
+      this.response.statusCode = 302;
+      if (!leave_open)
        this.response.end ();
      return result;
    }

+    if (!leave_open) {
      this.response.writeHead (200);
      this.response.end (JSON.stringify (res));
+    }

    this._is_successful = true;
    return result;
@ -136,7 +142,8 @@ class AuthRequest {
  public async allow_part (
    part_token_expires_in: number,
    next_module: string,
-    data?: Record<string, unknown>
+    data?: Record<string, unknown>,
+    leave_open = false
  ): Promise<string> {
    this.default_header ();

@ -152,25 +159,30 @@ class AuthRequest {
      expires_in: part_token_expires_in
    };

+    if (!leave_open) {
      this.response.writeHead (200);
      this.response.end (JSON.stringify (res));
+    }

    this._is_successful = true;
    return pt.id;
  }

-  public invalid (error_description?: string): void {
+  public invalid (error_description?: string, leave_open = false): void {
    this.default_header ();
-    this.response.writeHead (400);
+    this.response.statusCode = 400;
+    if (!leave_open) {
      this.response.end (JSON.stringify ({
        error: 'invalid_request',
        error_description
      }));
    }
+  }

-  public deny (): void {
+  public deny (leave_open = false): void {
    this.default_header ();
-    this.response.writeHead (401);
+    this.response.statusCode = 401;
+    if (!leave_open)
      this.response.end (JSON.stringify ({ error: 'invalid_client' }));
  }
 }
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "@sapphirecode/auth-server-helper",
-  "version": "2.1.1",
+  "version": "2.1.2",
  "main": "dist/index.js",
  "author": {
    "name": "Timo Hocker",