authorized-rules
Advanced tools
Comparing version 0.1.1 to 0.1.2
@@ -16,4 +16,4 @@ export declare type JwtToken = { | ||
}; | ||
export declare const authorize: <T1 = void, T2 = void, T3 = void, T4 = void>({ headers: { authorization } }: Request, executionRule: Rule<T1 | T2 | T3 | T4>) => Promise<(T1 | T2 | T3 | T4)[]>; | ||
export declare const authorize: <T1 = void, T2 = void, T3 = void, T4 = void>(jwtToken: string, executionRule: Rule<T1 | T2 | T3 | T4>) => Promise<(T1 | T2 | T3 | T4)[]>; | ||
export declare const and: <T extends void | {}>(rules: Rule<T>[]) => Rule<T>; | ||
export declare const or: <T extends void | {}>(rules: Rule<T>[]) => Rule<T>; |
@@ -52,26 +52,21 @@ "use strict"; | ||
var http_errors_1 = __importDefault(require("http-errors")); | ||
var assert_1 = require("assert"); | ||
var authorize = function (_a, executionRule) { | ||
var authorization = _a.headers.authorization; | ||
return __awaiter(void 0, void 0, void 0, function () { | ||
var token, ruleResult; | ||
return __generator(this, function (_b) { | ||
switch (_b.label) { | ||
case 0: | ||
assertBearerToken(authorization); | ||
token = getToken(authorization); | ||
if (!token.iss) { | ||
throw http_errors_1.default(403, 'invalid token (missing issuer)'); | ||
} | ||
return [4 /*yield*/, executionRule(token)]; | ||
case 1: | ||
ruleResult = _b.sent(); | ||
if (!ruleResult.passed) { | ||
throw http_errors_1.default(403, 'Operation not authorized'); | ||
} | ||
return [2 /*return*/, ruleResult.data]; | ||
} | ||
}); | ||
var authorize = function (jwtToken, executionRule) { return __awaiter(void 0, void 0, void 0, function () { | ||
var token, ruleResult; | ||
return __generator(this, function (_a) { | ||
switch (_a.label) { | ||
case 0: | ||
token = getToken(jwtToken); | ||
if (!token.iss) { | ||
throw http_errors_1.default(403, 'invalid token (missing issuer)'); | ||
} | ||
return [4 /*yield*/, executionRule(token)]; | ||
case 1: | ||
ruleResult = _a.sent(); | ||
if (!ruleResult.passed) { | ||
throw http_errors_1.default(403, 'Operation not authorized'); | ||
} | ||
return [2 /*return*/, ruleResult.data]; | ||
} | ||
}); | ||
}; | ||
}); }; | ||
exports.authorize = authorize; | ||
@@ -131,11 +126,3 @@ var and = function (rules) { return function (token) { return __awaiter(void 0, void 0, void 0, function () { | ||
exports.or = or; | ||
function assertBearerToken(val) { | ||
if (val && val.includes('Bearer')) { | ||
return; | ||
} | ||
throw new assert_1.AssertionError({ message: 'not a valid bearer token' }); | ||
} | ||
var getToken = function (authorizationHeader) { | ||
return jwt_decode_1.default(authorizationHeader.replace('Bearer ', '')); | ||
}; | ||
var getToken = function (token) { return jwt_decode_1.default(token); }; | ||
//# sourceMappingURL=index.js.map |
{ | ||
"name": "authorized-rules", | ||
"version": "0.1.1", | ||
"version": "0.1.2", | ||
"description": "", | ||
"main": "dist/index.js", | ||
"scripts": { | ||
"build": "tsc", | ||
"build": "rm -rf dist && tsc", | ||
"prepublish": "yarn build", | ||
"test": "jest --config=tests/jest.config.unit.js" | ||
@@ -9,0 +10,0 @@ }, |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
16982
311