@azure/cosmos
Version:
Microsoft Azure Cosmos DB Service Node.js SDK for NOSQL API
100 lines (99 loc) • 4.02 kB
JavaScript
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
var auth_exports = {};
__export(auth_exports, {
getAuthorizationTokenUsingResourceTokens: () => getAuthorizationTokenUsingResourceTokens,
setAuthorizationHeader: () => setAuthorizationHeader,
setAuthorizationTokenHeaderUsingMasterKey: () => setAuthorizationTokenHeaderUsingMasterKey
});
module.exports = __toCommonJS(auth_exports);
var import_headers = require("./utils/headers.js");
var import_common = require("./common/index.js");
async function setAuthorizationHeader(clientOptions, verb, path, resourceId, resourceType, headers) {
if (clientOptions.permissionFeed) {
clientOptions.resourceTokens = {};
for (const permission of clientOptions.permissionFeed) {
const id = (0, import_common.getResourceIdFromPath)(permission.resource);
if (!id) {
throw new Error(`authorization error: ${id} is an invalid resourceId in permissionFeed`);
}
clientOptions.resourceTokens[id] = permission._token;
}
}
if (clientOptions.key) {
await setAuthorizationTokenHeaderUsingMasterKey(
verb,
resourceId,
resourceType,
headers,
clientOptions.key
);
} else if (clientOptions.resourceTokens) {
headers[import_common.Constants.HttpHeaders.Authorization] = encodeURIComponent(
getAuthorizationTokenUsingResourceTokens(clientOptions.resourceTokens, path, resourceId)
);
} else if (clientOptions.tokenProvider) {
headers[import_common.Constants.HttpHeaders.Authorization] = encodeURIComponent(
await clientOptions.tokenProvider({ verb, path, resourceId, resourceType, headers })
);
}
}
async function setAuthorizationTokenHeaderUsingMasterKey(verb, resourceId, resourceType, headers, masterKey) {
if (resourceType === import_common.ResourceType.offer) {
resourceId = resourceId && resourceId.toLowerCase();
}
headers = Object.assign(
headers,
await (0, import_headers.generateHeaders)(masterKey, verb, resourceType, resourceId)
);
}
function getAuthorizationTokenUsingResourceTokens(resourceTokens, path, resourceId) {
if (resourceTokens && Object.keys(resourceTokens).length > 0) {
if (!path && !resourceId) {
return resourceTokens[Object.keys(resourceTokens)[0]];
}
if (resourceId && resourceTokens[resourceId]) {
return resourceTokens[resourceId];
}
if (!path || path.length < 4) {
return null;
}
path = (0, import_common.trimSlashFromLeftAndRight)(path);
const pathSegments = path && path.split("/") || [];
if (pathSegments.length === 6) {
const containerPath = pathSegments.slice(0, 4).map(decodeURIComponent).join("/");
if (resourceTokens[containerPath]) {
return resourceTokens[containerPath];
}
}
let index = pathSegments.length % 2 === 0 ? pathSegments.length - 1 : pathSegments.length - 2;
for (; index > 0; index -= 2) {
const id = decodeURI(pathSegments[index]);
if (resourceTokens[id]) {
return resourceTokens[id];
}
}
}
return null;
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
getAuthorizationTokenUsingResourceTokens,
setAuthorizationHeader,
setAuthorizationTokenHeaderUsingMasterKey
});