✨ Introduce token parsing method getTokenFromRequest

Pl217 · Pl217 · commit 8863082b0367 · 2021-08-13T13:29:04.000+02:00
diff --git a/src/common-libs/auth/index.ts b/src/common-libs/auth/index.ts
@@ -1,14 +1,74 @@
-const AuthLib = {
-  async getRolesForAParticipant(participantId: number) {
-    return participantId; //TODO: add functionality
-  },
-
-  async getParticipantsForATarget(target: {
-    targetId: number;
-    target: string;
-  }) {
-    return target; //TODO: add functionality
-  },
+import { PartialRequest } from '@unocha/hpc-api-core/src/Request';
+
+type BasicAuth = {
+  username: string | null;
+  password: string | null;
+};
+
+const parseBasic = (basic: string): BasicAuth => {
+  let pieces: (string | null)[];
+
+  const decoded = new Buffer(basic, 'base64').toString('utf8');
+
+  if (!decoded) {
+    throw new Error('Authorization header invalid');
+  }
+
+  const index = decoded.indexOf(':');
+
+  if (index === -1) {
+    pieces = [decoded];
+  } else {
+    pieces = [decoded.slice(0, index), decoded.slice(index + 1)];
+  }
+
+  if (!pieces || typeof pieces[0] !== 'string') {
+    throw new Error('Authorization header invalid');
+  }
+
+  // Allows for usernameless authentication
+  if (!pieces[0]) {
+    pieces[0] = null;
+  }
+
+  // Allows for passwordless authentication
+  if (!pieces[1]) {
+    pieces[1] = null;
+  }
+
+  return {
+    username: pieces[0],
+    password: pieces[1],
+  };
 };
 
-export default AuthLib;
+export const getTokenFromRequest = (req: PartialRequest): string | null => {
+  if (!req.headers?.authorization) {
+    return null;
+  }
+
+  const pieces = req.headers.authorization.split(' ', 2);
+
+  if (!pieces || pieces.length !== 2) {
+    throw new Error('BasicAuth content is invalid');
+  }
+
+  let basic: BasicAuth | null = null;
+  const scheme = pieces[0];
+  const credentials = pieces[1];
+
+  try {
+    switch (scheme.toLowerCase()) {
+      case 'basic':
+        basic = parseBasic(credentials);
+        break;
+
+      default:
+        throw new Error('Unsupported authorization scheme');
+    }
+  } catch (e2) {
+    return null;
+  }
+
+  return basic ? basic.password : credentials;
+};
diff --git a/src/server.ts b/src/server.ts
@@ -10,6 +10,7 @@ import { Container } from 'typedi';
 import { CONFIG } from '../config';
 import { createDbConnetion } from './data-providers/postgres';
 import dbModels from './data-providers/postgres/models';
+import { getTokenFromRequest } from './common-libs/auth';
 
 declare module '@hapi/hapi' {
   interface ServerApplicationState {
@@ -40,6 +41,7 @@ async function startServer() {
       models: dbModels(dbConnection),
       request,
       config: CONFIG,
+      token: getTokenFromRequest(request),
     }),
   });
 
