allow attaching of custom data
Some checks failed
continuous-integration/drone/push Build is failing

This commit is contained in:
Timo Hocker 2021-01-03 15:32:29 +01:00
parent 80d04f7441
commit debb7debf1
6 changed files with 54 additions and 6 deletions

View File

@ -37,6 +37,8 @@ class AuthRequest {
public is_basic: boolean;
public user: string;
public password: string;
public token_data?: Record<string, unknown>;
public token_id?: string;
public body: string;
private _cookie_name?: string;
@ -202,6 +204,9 @@ export default function create_auth_handler (
return Promise.resolve ();
}
request.token_data = token_data.data;
request.token_id = token_data.id;
if (
typeof options !== 'undefined'
&& typeof options.refresh !== 'undefined'

View File

@ -20,8 +20,10 @@ interface VerificationResult {
authorized: boolean;
valid: boolean;
type: TokenType;
id: string;
next_module?: string;
data?: Record<string, unknown>;
error?: string;
}
interface SignatureResult {
@ -40,7 +42,8 @@ class Authority {
const result: VerificationResult = {
authorized: false,
valid: false,
type: 'none'
type: 'none',
id: ''
};
const data = verify_signature_get_info (
key,
@ -55,13 +58,18 @@ class Authority {
(info) => info.valid_for * 1000
);
if (data === null)
if (data === null) {
result.error = 'invalid signature';
return result;
}
result.id = data.id;
result.type = data.type;
if (!blacklist.is_valid (data.id))
if (!blacklist.is_valid (data.id)) {
result.error = 'blacklisted';
return result;
}
result.valid = true;
result.authorized = result.type === 'access_token';

View File

@ -65,7 +65,14 @@ class GatewayClass {
if (auth === null)
return false;
return authority.verify (auth).authorized;
const ver = authority.verify (auth);
const con = req.connection as Record<string, unknown>;
con.auth = {};
con.auth.token_id = ver.id;
con.auth.token_data = ver.data;
return ver.authorized;
}
public process_request (

View File

@ -19,5 +19,6 @@ module.exports = {
testRunner: 'jasmine',
jasmineConfigFile: 'jasmine.json',
coverageAnalysis: 'perTest',
mutate: [ 'lib/*.ts' ]
mutate: [ 'lib/*.ts' ],
tsconfigFile: 'tsconfig.json'
};

View File

@ -204,7 +204,6 @@ describe ('auth handler', () => {
.toEqual ({ error: 'invalid_client' });
});
it ('should process part token', async () => {
const resp1 = await get ({ authorization: 'Basic part:bar' });
expect (resp1.statusCode)

View File

@ -38,6 +38,10 @@ describe ('authority', () => {
.toEqual ('access_token');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
});
it ('should create a refresh token', () => {
@ -53,6 +57,10 @@ describe ('authority', () => {
.toEqual ('refresh_token');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
});
it ('should create a part token', () => {
@ -68,6 +76,10 @@ describe ('authority', () => {
.toEqual ('part_token');
expect (res.next_module)
.toEqual ('2fa');
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toBeUndefined ();
});
it ('should reject an invalid access token', () => {
@ -84,6 +96,10 @@ describe ('authority', () => {
.toEqual ('none');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual ('');
expect (res.error)
.toEqual ('invalid signature');
});
it ('should reject blacklisted access token', () => {
@ -100,6 +116,10 @@ describe ('authority', () => {
.toEqual ('access_token');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toEqual ('blacklisted');
});
it ('should reject an invalid refresh token', () => {
@ -116,6 +136,10 @@ describe ('authority', () => {
.toEqual ('none');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual ('');
expect (res.error)
.toEqual ('invalid signature');
});
it ('should reject a blacklisted refresh token', () => {
@ -132,5 +156,9 @@ describe ('authority', () => {
.toEqual ('refresh_token');
expect (res.next_module)
.toBeUndefined ();
expect (res.id)
.toEqual (token.id);
expect (res.error)
.toEqual ('blacklisted');
});
});