allow attaching of custom data
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
parent
80d04f7441
commit
debb7debf1
@ -37,6 +37,8 @@ class AuthRequest {
|
||||
public is_basic: boolean;
|
||||
public user: string;
|
||||
public password: string;
|
||||
public token_data?: Record<string, unknown>;
|
||||
public token_id?: string;
|
||||
public body: string;
|
||||
|
||||
private _cookie_name?: string;
|
||||
@ -202,6 +204,9 @@ export default function create_auth_handler (
|
||||
return Promise.resolve ();
|
||||
}
|
||||
|
||||
request.token_data = token_data.data;
|
||||
request.token_id = token_data.id;
|
||||
|
||||
if (
|
||||
typeof options !== 'undefined'
|
||||
&& typeof options.refresh !== 'undefined'
|
||||
|
||||
@ -20,8 +20,10 @@ interface VerificationResult {
|
||||
authorized: boolean;
|
||||
valid: boolean;
|
||||
type: TokenType;
|
||||
id: string;
|
||||
next_module?: string;
|
||||
data?: Record<string, unknown>;
|
||||
error?: string;
|
||||
}
|
||||
|
||||
interface SignatureResult {
|
||||
@ -40,7 +42,8 @@ class Authority {
|
||||
const result: VerificationResult = {
|
||||
authorized: false,
|
||||
valid: false,
|
||||
type: 'none'
|
||||
type: 'none',
|
||||
id: ''
|
||||
};
|
||||
const data = verify_signature_get_info (
|
||||
key,
|
||||
@ -55,13 +58,18 @@ class Authority {
|
||||
(info) => info.valid_for * 1000
|
||||
);
|
||||
|
||||
if (data === null)
|
||||
if (data === null) {
|
||||
result.error = 'invalid signature';
|
||||
return result;
|
||||
}
|
||||
|
||||
result.id = data.id;
|
||||
result.type = data.type;
|
||||
|
||||
if (!blacklist.is_valid (data.id))
|
||||
if (!blacklist.is_valid (data.id)) {
|
||||
result.error = 'blacklisted';
|
||||
return result;
|
||||
}
|
||||
|
||||
result.valid = true;
|
||||
result.authorized = result.type === 'access_token';
|
||||
|
||||
@ -65,7 +65,14 @@ class GatewayClass {
|
||||
if (auth === null)
|
||||
return false;
|
||||
|
||||
return authority.verify (auth).authorized;
|
||||
const ver = authority.verify (auth);
|
||||
|
||||
const con = req.connection as Record<string, unknown>;
|
||||
con.auth = {};
|
||||
con.auth.token_id = ver.id;
|
||||
con.auth.token_data = ver.data;
|
||||
|
||||
return ver.authorized;
|
||||
}
|
||||
|
||||
public process_request (
|
||||
|
||||
@ -19,5 +19,6 @@ module.exports = {
|
||||
testRunner: 'jasmine',
|
||||
jasmineConfigFile: 'jasmine.json',
|
||||
coverageAnalysis: 'perTest',
|
||||
mutate: [ 'lib/*.ts' ]
|
||||
mutate: [ 'lib/*.ts' ],
|
||||
tsconfigFile: 'tsconfig.json'
|
||||
};
|
||||
|
||||
@ -204,7 +204,6 @@ describe ('auth handler', () => {
|
||||
.toEqual ({ error: 'invalid_client' });
|
||||
});
|
||||
|
||||
|
||||
it ('should process part token', async () => {
|
||||
const resp1 = await get ({ authorization: 'Basic part:bar' });
|
||||
expect (resp1.statusCode)
|
||||
|
||||
@ -38,6 +38,10 @@ describe ('authority', () => {
|
||||
.toEqual ('access_token');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual (token.id);
|
||||
expect (res.error)
|
||||
.toBeUndefined ();
|
||||
});
|
||||
|
||||
it ('should create a refresh token', () => {
|
||||
@ -53,6 +57,10 @@ describe ('authority', () => {
|
||||
.toEqual ('refresh_token');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual (token.id);
|
||||
expect (res.error)
|
||||
.toBeUndefined ();
|
||||
});
|
||||
|
||||
it ('should create a part token', () => {
|
||||
@ -68,6 +76,10 @@ describe ('authority', () => {
|
||||
.toEqual ('part_token');
|
||||
expect (res.next_module)
|
||||
.toEqual ('2fa');
|
||||
expect (res.id)
|
||||
.toEqual (token.id);
|
||||
expect (res.error)
|
||||
.toBeUndefined ();
|
||||
});
|
||||
|
||||
it ('should reject an invalid access token', () => {
|
||||
@ -84,6 +96,10 @@ describe ('authority', () => {
|
||||
.toEqual ('none');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual ('');
|
||||
expect (res.error)
|
||||
.toEqual ('invalid signature');
|
||||
});
|
||||
|
||||
it ('should reject blacklisted access token', () => {
|
||||
@ -100,6 +116,10 @@ describe ('authority', () => {
|
||||
.toEqual ('access_token');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual (token.id);
|
||||
expect (res.error)
|
||||
.toEqual ('blacklisted');
|
||||
});
|
||||
|
||||
it ('should reject an invalid refresh token', () => {
|
||||
@ -116,6 +136,10 @@ describe ('authority', () => {
|
||||
.toEqual ('none');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual ('');
|
||||
expect (res.error)
|
||||
.toEqual ('invalid signature');
|
||||
});
|
||||
|
||||
it ('should reject a blacklisted refresh token', () => {
|
||||
@ -132,5 +156,9 @@ describe ('authority', () => {
|
||||
.toEqual ('refresh_token');
|
||||
expect (res.next_module)
|
||||
.toBeUndefined ();
|
||||
expect (res.id)
|
||||
.toEqual (token.id);
|
||||
expect (res.error)
|
||||
.toEqual ('blacklisted');
|
||||
});
|
||||
});
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user