flag to leave request open on auth
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Timo Hocker 2022-01-03 16:26:23 +01:00
parent 4820bda8ca
commit dab45e39a6
Signed by: Timo
GPG Key ID: DFAC2CF4E1D1BEC9
3 changed files with 51 additions and 20 deletions

View File

@ -111,7 +111,26 @@ handler(req, res); // the handler will also return true if allow_access or allow
```
after the auth handler, the request will be completed, no additional content
should be served here.
should be served here. (Read 2.1 for info on disabling this)
#### 2.1. Processing Auth Requests without closing the response object
to prevent the auth handler from closing the response object you can provide additional options on each of the allow/deny functions.
```js
allow_access({leave_open: true, ...});
allow_part(
60,
'some_module',
{foo: 'bar'},
true // additional flag to leave request open
);
invalid('error description', true);
deny(true);
```
if this flag is set, no data will be written to the response body and no data will be sent.
Status code and Headers will still be set.
### Invalidating tokens after they are delivered to the client

View File

@ -14,7 +14,8 @@ interface AccessSettings {
include_refresh_token?: boolean
refresh_token_expires_in?: number
redirect_to?: string
data?: Record<string, unknown>
data?: Record<string, unknown>,
leave_open?: boolean
}
interface AccessResult {
@ -76,12 +77,14 @@ class AuthRequest {
this.response.setHeader ('Content-Type', 'application/json');
}
// eslint-disable-next-line max-lines-per-function
public async allow_access ({
access_token_expires_in,
include_refresh_token,
refresh_token_expires_in,
redirect_to,
data
data,
leave_open
}: AccessSettings): Promise<AccessResult> {
this.default_header (typeof redirect_to !== 'string');
@ -121,13 +124,16 @@ class AuthRequest {
if (typeof redirect_to === 'string') {
this.response.setHeader ('Location', redirect_to);
this.response.writeHead (302);
this.response.end ();
this.response.statusCode = 302;
if (!leave_open)
this.response.end ();
return result;
}
this.response.writeHead (200);
this.response.end (JSON.stringify (res));
if (!leave_open) {
this.response.writeHead (200);
this.response.end (JSON.stringify (res));
}
this._is_successful = true;
return result;
@ -136,7 +142,8 @@ class AuthRequest {
public async allow_part (
part_token_expires_in: number,
next_module: string,
data?: Record<string, unknown>
data?: Record<string, unknown>,
leave_open = false
): Promise<string> {
this.default_header ();
@ -152,26 +159,31 @@ class AuthRequest {
expires_in: part_token_expires_in
};
this.response.writeHead (200);
this.response.end (JSON.stringify (res));
if (!leave_open) {
this.response.writeHead (200);
this.response.end (JSON.stringify (res));
}
this._is_successful = true;
return pt.id;
}
public invalid (error_description?: string): void {
public invalid (error_description?: string, leave_open = false): void {
this.default_header ();
this.response.writeHead (400);
this.response.end (JSON.stringify ({
error: 'invalid_request',
error_description
}));
this.response.statusCode = 400;
if (!leave_open) {
this.response.end (JSON.stringify ({
error: 'invalid_request',
error_description
}));
}
}
public deny (): void {
public deny (leave_open = false): void {
this.default_header ();
this.response.writeHead (401);
this.response.end (JSON.stringify ({ error: 'invalid_client' }));
this.response.statusCode = 401;
if (!leave_open)
this.response.end (JSON.stringify ({ error: 'invalid_client' }));
}
}

View File

@ -1,6 +1,6 @@
{
"name": "@sapphirecode/auth-server-helper",
"version": "2.1.1",
"version": "2.1.2",
"main": "dist/index.js",
"author": {
"name": "Timo Hocker",