Timo/auth-server-helper
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

allow attaching of custom data
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Timo Hocker 2021-01-03 15:32:29 +01:00
parent 80d04f7441
commit debb7debf1
6 changed files with 54 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/AuthHandler.ts
View File

@ -37,6 +37,8 @@ class AuthRequest {
public is_basic: boolean; public is_basic: boolean;
public user: string; public user: string;
public password: string; public password: string;
public token_data?: Record<string, unknown>;
public token_id?: string;
public body: string; public body: string;
private _cookie_name?: string; private _cookie_name?: string;
@ -202,6 +204,9 @@ export default function create_auth_handler (
return Promise.resolve (); return Promise.resolve ();
} }
request.token_data = token_data.data;
request.token_id = token_data.id;
if ( if (
typeof options !== 'undefined' typeof options !== 'undefined'
&& typeof options.refresh !== 'undefined' && typeof options.refresh !== 'undefined'

14
lib/Authority.ts
View File

@ -20,8 +20,10 @@ interface VerificationResult {
authorized: boolean; authorized: boolean;
valid: boolean; valid: boolean;
type: TokenType; type: TokenType;
id: string;
next_module?: string; next_module?: string;
data?: Record<string, unknown>; data?: Record<string, unknown>;
error?: string;
} }
interface SignatureResult { interface SignatureResult {
@ -40,7 +42,8 @@ class Authority {
const result: VerificationResult = { const result: VerificationResult = {
authorized: false, authorized: false,
valid: false, valid: false,
type: 'none' type: 'none',
id: ''
}; };
const data = verify_signature_get_info ( const data = verify_signature_get_info (
key, key,
@ -55,13 +58,18 @@ class Authority {
(info) => info.valid_for * 1000 (info) => info.valid_for * 1000
); );
if (data === null) if (data === null) {
result.error = 'invalid signature';
return result; return result;
}
result.id = data.id;
result.type = data.type; result.type = data.type;
if (!blacklist.is_valid (data.id)) if (!blacklist.is_valid (data.id)) {
result.error = 'blacklisted';
return result; return result;
}
result.valid = true; result.valid = true;
result.authorized = result.type === 'access_token'; result.authorized = result.type === 'access_token';

9
lib/Gateway.ts
View File

@ -65,7 +65,14 @@ class GatewayClass {
if (auth === null) if (auth === null)
return false; return false;
return authority.verify (auth).authorized; const ver = authority.verify (auth);
const con = req.connection as Record<string, unknown>;
con.auth = {};
con.auth.token_id = ver.id;
con.auth.token_data = ver.data;
return ver.authorized;
} }
public process_request ( public process_request (

3
stryker.conf.js
View File

@ -19,5 +19,6 @@ module.exports = {
testRunner: 'jasmine', testRunner: 'jasmine',
jasmineConfigFile: 'jasmine.json', jasmineConfigFile: 'jasmine.json',
coverageAnalysis: 'perTest', coverageAnalysis: 'perTest',
mutate: [ 'lib/*.ts' ] mutate: [ 'lib/*.ts' ],
tsconfigFile: 'tsconfig.json'
}; };

1
test/spec/AuthHandler.ts
View File

@ -204,7 +204,6 @@ describe ('auth handler', () => {
.toEqual ({ error: 'invalid_client' }); .toEqual ({ error: 'invalid_client' });
}); });
it ('should process part token', async () => { it ('should process part token', async () => {
const resp1 = await get ({ authorization: 'Basic part:bar' }); const resp1 = await get ({ authorization: 'Basic part:bar' });
expect (resp1.statusCode) expect (resp1.statusCode)

28
test/spec/Authority.ts
View File

@ -38,6 +38,10 @@ describe ('authority', () => {
.toEqual ('access_token'); .toEqual ('access_token');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
}); });
it ('should create a refresh token', () => { it ('should create a refresh token', () => {
@ -53,6 +57,10 @@ describe ('authority', () => {
.toEqual ('refresh_token'); .toEqual ('refresh_token');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
}); });
it ('should create a part token', () => { it ('should create a part token', () => {
@ -68,6 +76,10 @@ describe ('authority', () => {
.toEqual ('part_token'); .toEqual ('part_token');
expect (res.next_module) expect (res.next_module)
.toEqual ('2fa'); .toEqual ('2fa');
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
}); });
it ('should reject an invalid access token', () => { it ('should reject an invalid access token', () => {
@ -84,6 +96,10 @@ describe ('authority', () => {
.toEqual ('none'); .toEqual ('none');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual ('');
expect (res.error)
.toEqual ('invalid signature');
}); });
it ('should reject blacklisted access token', () => { it ('should reject blacklisted access token', () => {
@ -100,6 +116,10 @@ describe ('authority', () => {
.toEqual ('access_token'); .toEqual ('access_token');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toEqual ('blacklisted');
}); });
it ('should reject an invalid refresh token', () => { it ('should reject an invalid refresh token', () => {
@ -116,6 +136,10 @@ describe ('authority', () => {
.toEqual ('none'); .toEqual ('none');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual ('');
expect (res.error)
.toEqual ('invalid signature');
}); });
it ('should reject a blacklisted refresh token', () => { it ('should reject a blacklisted refresh token', () => {
@ -132,5 +156,9 @@ describe ('authority', () => {
.toEqual ('refresh_token'); .toEqual ('refresh_token');
expect (res.next_module) expect (res.next_module)
.toBeUndefined (); .toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toEqual ('blacklisted');
}); });
}); });