UNPKG

azure-functions-auth

Version:

Authentication and Authorization for Azure Functions (with OAuth 2.0 and JWT)

github.com/idandaccess/azure-functions-auth

idandaccess/azure-functions-auth

85 lines (73 loc) 2.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
const expressJwt = require('express-jwt'); const getJwtValidationError = err => { return { status: err.status || 500, body: { message: err.message } }; }; const validateJwt = expressValidateJwt => (next, returnPromise) => { return (context, req, ...rest) => { if (returnPromise) { return new Promise(resolve => { expressValidateJwt(req, null, handleResult(resolve)); // return undefined // done implicitly if you remove this line! }); } else { expressValidateJwt(req, null, handleResultSync()); } function handleResult(resolve) { return err => { if (err) { return resolve(getJwtValidationError(err)); } resolve(next(context, req, ...rest)); }; } function handleResultSync() { return err => { if (err) { context.res = getJwtValidationError(err); return context.done(); } next(context, req, ...rest); }; } }; }; const createValidateJwt = options => { // guardOptions if (!options || !(options instanceof Object)) { throw new Error('The options must be an object.'); } if (!options.algorithms || options.algorithms.length === 0) { throw new Error('The algorithms option has to be provided.'); } if (!options.domain || options.domain.length === 0) { throw new Error('The Issuer Domain has to be provided.'); } if (!options.audience || options.audience.length === 0) { if (!options.clientId || options.clientId.length === 0) { throw new Error('The audience (clientId) has to be provided.'); } else { options.audience = options.clientId; } } if (!options.publicKey || options.publicKey.length === 0) { if (!options.clientSecret || options.clientSecret.length === 0) { throw new Error('The publicKey (clientSecret) has to be provided.'); } else { options.publicKey = options.clientSecret; } } // createMiddleware const expressValidateJwt = expressJwt({ secret: options.publicKey, audience: options.audience, issuer: options.domain, algorithms: options.algorithms }); return validateJwt(expressValidateJwt); }; module.exports = createValidateJwt;