From f39759bad9223601b3d50f8f69c44d092619a9b8 Mon Sep 17 00:00:00 2001 From: Timo Hocker Date: Sun, 3 Jan 2021 14:51:07 +0100 Subject: [PATCH] complete redesign --- README.md | 4 +--- lib/AuthHandler.ts | 44 +++++++++++++++++++++++++++++++++++++--- package.json | 2 +- test/Helper.ts | 25 ++++++++++++++++++----- test/spec/AuthHandler.ts | 35 ++++++++++++++++++++++++++------ test/spec/Gateway.ts | 7 +++++++ 6 files changed, 99 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index d47ec82..3d769b7 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,6 @@ # auth-server-helper -version: 0.0.0 - -undefined +version: 2.0.0 ## Installation diff --git a/lib/AuthHandler.ts b/lib/AuthHandler.ts index 3c779cc..114bc01 100644 --- a/lib/AuthHandler.ts +++ b/lib/AuthHandler.ts @@ -1,3 +1,10 @@ +/* + * Copyright (C) Sapphirecode - All Rights Reserved + * This file is part of Auth-Server-Helper which is released under MIT. + * See file 'LICENSE' for full license details. + * Created by Timo Hocker , January 2021 + */ + import { IncomingMessage, ServerResponse } from 'http'; import { to_utf8 } from '@sapphirecode/encoding-helper'; import auth from './Authority'; @@ -29,16 +36,19 @@ class AuthRequest { public is_basic: boolean; public user: string; public password: string; + public body: string; private _cookie_name?: string; public constructor ( req: IncomingMessage, res: ServerResponse, + body: string, cookie?: string ) { this.request = req; this.response = res; + this.body = body; this.is_basic = false; this.user = ''; this.password = ''; @@ -88,6 +98,23 @@ class AuthRequest { return result; } + public allow_part (part_token_expires_in: number, module: string): string { + this.default_header (); + + const pt = auth.sign ('part_token', part_token_expires_in, module); + + const res = { + token_type: 'bearer', + part_token: pt.signature, + expires_in: part_token_expires_in + }; + + this.response.writeHead (200); + this.response.end (JSON.stringify (res)); + + return pt.id; + } + public invalid (error_description?: string) { this.default_header (); this.response.writeHead (400); @@ -117,11 +144,22 @@ export default function create_auth_handler ( default_handler: AuthRequestHandler, options?: CreateHandlerOptions ) { - return function process_request ( + // eslint-disable-next-line max-lines-per-function + return async function process_request ( req: IncomingMessage, res: ServerResponse - ): Promise|void { - const request = new AuthRequest (req, res, options?.cookie_name); + ): Promise { + const body: string = await new Promise ((resolve) => { + let data = ''; + req.on ('data', (c) => { + data += c; + }); + req.on ('end', () => { + resolve (data); + }); + }); + + const request = new AuthRequest (req, res, body, options?.cookie_name); const token = (/(?\S+) (?.+)/ui) .exec (req.headers.authorization as string); diff --git a/package.json b/package.json index e156c35..e44a5d5 100644 --- a/package.json +++ b/package.json @@ -46,4 +46,4 @@ "engines": { "node": ">=10.0.0" } -} +} \ No newline at end of file diff --git a/test/Helper.ts b/test/Helper.ts index b382e78..8d30cde 100644 --- a/test/Helper.ts +++ b/test/Helper.ts @@ -1,3 +1,10 @@ +/* + * Copyright (C) Sapphirecode - All Rights Reserved + * This file is part of Auth-Server-Helper which is released under MIT. + * See file 'LICENSE' for full license details. + * Created by Timo Hocker , January 2021 + */ + import http from 'http'; export class Response extends http.IncomingMessage { @@ -5,19 +12,27 @@ export class Response extends http.IncomingMessage { } export function get ( - headers: http.OutgoingHttpHeaders = {} + // eslint-disable-next-line default-param-last + headers: http.OutgoingHttpHeaders = {}, + body?: string ): Promise { return new Promise ((resolve) => { - http.get ('http://localhost:3000', { headers }, (res: Response) => { - let body = ''; + const req = http.request ('http://localhost:3000', { + headers, + method: typeof body === 'string' ? 'POST' : 'GET' + }, (res: Response) => { + let data = ''; res.on ('data', (d) => { - body += d; + data += d; }); res.on ('end', () => { - res.body = body; + res.body = data; resolve (res); }); }); + if (typeof body === 'string') + req.write (body); + req.end (); }); } diff --git a/test/spec/AuthHandler.ts b/test/spec/AuthHandler.ts index 80d1099..8119fbc 100644 --- a/test/spec/AuthHandler.ts +++ b/test/spec/AuthHandler.ts @@ -1,3 +1,10 @@ +/* + * Copyright (C) Sapphirecode - All Rights Reserved + * This file is part of Auth-Server-Helper which is released under MIT. + * See file 'LICENSE' for full license details. + * Created by Timo Hocker , January 2021 + */ + import http, { IncomingMessage, ServerResponse } from 'http'; import { to_b64 } from '@sapphirecode/encoding-helper'; import auth from '../../lib/Authority'; @@ -46,22 +53,37 @@ describe ('auth handler', () => { if (!req.is_basic) { req.invalid ('unknown autorization type'); } - else if (req.user !== 'foo' || req.password !== 'bar') { - req.deny (); - } - else { + else if (req.user === 'foo' && req.password === 'bar') { req.allow_access ({ access_token_expires_in: expires_seconds, include_refresh_token: true, refresh_token_expires_in: refresh_expires_seconds }); } + else if (req.user === 'part' && req.password === 'bar') { + req.allow_part (part_expires_seconds, 'two_factor'); + } + else { + req.deny (); + } }, { cookie_name: 'cookie_jar', refresh: { access_token_expires_in: expires_seconds, refresh_token_expires_in: refresh_expires_seconds, include_refresh_token: true + }, + modules: { + two_factor (request) { + if (request.body === 'letmein') { + request.allow_access ({ + access_token_expires_in: expires_seconds, + include_refresh_token: true, + refresh_token_expires_in: refresh_expires_seconds + }); + } + else { request.deny (); } + } } }); @@ -183,7 +205,7 @@ describe ('auth handler', () => { }); - xit ('should process part token', async () => { + it ('should process part token', async () => { const resp1 = await get ({ authorization: 'Basic part:bar' }); expect (resp1.statusCode) .toEqual (200); @@ -195,7 +217,8 @@ describe ('auth handler', () => { check_token (res1.data.part_token as string, 'part_token'); const resp2 = await get ( - { authorization: `Bearer ${res1.data.part_token}` } + { authorization: `Bearer ${res1.data.part_token}` }, + 'letmein' ); expect (resp2.statusCode) .toEqual (200); diff --git a/test/spec/Gateway.ts b/test/spec/Gateway.ts index 1499025..fac5ed2 100644 --- a/test/spec/Gateway.ts +++ b/test/spec/Gateway.ts @@ -1,3 +1,10 @@ +/* + * Copyright (C) Sapphirecode - All Rights Reserved + * This file is part of Auth-Server-Helper which is released under MIT. + * See file 'LICENSE' for full license details. + * Created by Timo Hocker , January 2021 + */ + import http from 'http'; import gateway from '../../lib/Gateway'; import authority from '../../lib/Authority';