@appsensorlike/appsensorlike/dist/access-controllers/appsensor-access-control-reference/ReferenceAccessController.js

A port of OWASP AppSensor reference implementation

class NotAuthorizedException extends Error {
    constructor(message) {
        super(message);
    }
}
/**
 * This particular {@link AccessController} implementation simply checks the {@link ClientApplication}s
 * role(s) to see if it matches the expected {@link Action}. If there is a match found,
 * then the access is considered valid.
 *
 */
class ReferenceAccessController {
    /**
     * {@inheritDoc}
     */
    isAuthorized(clientApplication, action, context) {
        let authorized = false;
        for (const role of clientApplication.getRoles()) {
            //simple check to make sure that 
            //the value of the action matches the value of one of the roles (exact match)
            if (role.toString() === action.toString()) {
                authorized = true;
                break;
            }
        }
        return authorized;
    }
    /**
     * {@inheritDoc}
     */
    assertAuthorized(clientApplication, action, context) {
        if (!this.isAuthorized(clientApplication, action, context)) {
            throw new NotAuthorizedException("Access is not allowed for client application: " + clientApplication +
                " when trying to perform action : " + action +
                " using context: " + context);
        }
    }
}
export { ReferenceAccessController };