Socket
Socket
Sign inDemoInstall

openapi-security-handler

Package Overview
Dependencies
Maintainers
1
Versions
28
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

openapi-security-handler - npm Package Compare versions

Comparing version 1.0.1 to 2.0.0

CHANGELOG.md
index.ts
tsconfig.json

14

package.json
{
"name": "openapi-security-handler",
"version": "1.0.1",
"version": "2.0.0",
"description": "A library to process OpenAPI security definitions in parallel.",
"scripts": {
"cover": "istanbul cover _mocha -- ./test/*.js",
"test-watch": "mocha -w ./test/*.js ./test/**/*.js",
"test": "mocha ./test/*.js",
"cover": "nyc",
"prepublishOnly": "tsc",
"test-watch": "mocha --watch-extensions ts -w",
"test": "mocha",
"travis-test": "npm run cover"

@@ -25,4 +26,7 @@ },

"dependencies": {
"async": "^2.6.0"
"openapi-types": "^1.1.0"
},
"devDependencies": {
"@types/es6-shim": "^0.31.37"
}
}

42

README.md

@@ -10,3 +10,3 @@ # openapi-security-handler [![NPM version][npm-image]][npm-url] [![Downloads][downloads-image]][npm-url] [![Build Status][travis-image]][travis-url] [![Coveralls Status][coveralls-image]][coveralls-url]

* Small footprint.
* Currently supports openapi 2.0 (f.k.a. swagger 2.0) security definitions.
* Promise based interface.

@@ -18,4 +18,4 @@ ## Example

```javascript
var OpenapiSecurityHandler = require('openapi-security-handler');
var handler = new OpenapiSecurityHandler({
import OpenapiSecurityHandler from 'openapi-security-handler';
const handler = new OpenapiSecurityHandler({
// these are typically taken from the global api doc

@@ -34,9 +34,9 @@ securityDefinitions: {

securityHandlers: {
keyScheme: function(req, scopes, securityDefinition, cb) {
keyScheme: function(req, scopes, securityDefinition) {
req.user = {name: 'fred'};
cb(null, true);// pass true if validation succeeds, false otherwise.
return true; // could also throw or return a Promise.
},
passwordScheme: function(req, scopes, securityDefinition, cb) {
passwordScheme: function(req, scopes, securityDefinition) {
req.user = {name: 'fred'};
cb(null, true);
return true;
}

@@ -56,4 +56,4 @@ },

});
var request = {};
handler.handle(request, (err, result) => {
const request = {};
handler.handle(request).then(result => {
console.log(result); // => true

@@ -63,24 +63,14 @@ });

## Response
## handler.handle
### Return Value
`openapi-security-handler#handle` will return the following errors:
`openapi-security-handler#handle` returns a `Promise`.
* `401`
* This error is returned if:
* `cb(null, false)` is called from all `securityHandlers`.
* `cb({status: 401, challange: 'a challenge string like "Basic"'})` is called
from at least one of the handlers in the last set of security handlers.
* `403`
* This error is returned if:
* `cb({status: 403, message: 'some message'})` is called
from at least one of the handlers in the last set of security handlers.
* `500`
* This error is returned if:
* An unknown `status` is passed to `cb`.
* No security handlers yield `true`.
* If any of the `securityHandlers` throw an error, the error will be available with `.catch`.
* If all of the `securityHandlers` for the given `operationSecurity` scheme resolve with `true`, then `true` will be resolved.
* If none of the `securityHandlers` resolve with `true` for _all_ of the `operationSecurity` schemes, then a 401 error will be thrown.
## Successful Authentication
Upon successful authentication the `cb` is called with `null, true`. Handlers should
assign credentials to the request object.
Handlers should assign credentials to the request object.

@@ -87,0 +77,0 @@ ## LICENSE

index.js
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc