chargebee
Version:
A library for integrating with Chargebee.
50 lines (49 loc) • 2.06 kB
JavaScript
import { WebhookAuthenticationError } from './errors.js';
/**
* Creates a Basic Auth validator for webhook requests.
* Parses the Authorization header and validates credentials.
*
* @param validateCredentials - Function to validate username/password.
* Can be sync or async (e.g., for database lookups).
* @returns A request validator function for use with WebhookHandler
*
* @throws {WebhookAuthenticationError} When authentication fails
*
* @example
* // Simple sync validation
* const validator = basicAuthValidator((u, p) => u === 'admin' && p === 'secret');
*
* @example
* // Async validation (e.g., database lookup)
* const validator = basicAuthValidator(async (u, p) => {
* const user = await db.findUser(u);
* return user && await bcrypt.compare(p, user.passwordHash);
* });
*/
export const basicAuthValidator = (validateCredentials) => {
return async (headers) => {
const authHeader = headers['authorization'] || headers['Authorization'];
if (!authHeader) {
throw new WebhookAuthenticationError('Missing authorization header');
}
const authStr = Array.isArray(authHeader) ? authHeader[0] : authHeader;
if (!authStr) {
throw new WebhookAuthenticationError('Invalid authorization header');
}
const parts = authStr.split(' ');
if (parts.length !== 2 || parts[0] !== 'Basic') {
throw new WebhookAuthenticationError('Invalid authorization header format');
}
const decoded = Buffer.from(parts[1], 'base64').toString();
const separatorIndex = decoded.indexOf(':');
if (separatorIndex === -1) {
throw new WebhookAuthenticationError('Invalid credentials format');
}
const username = decoded.substring(0, separatorIndex);
const password = decoded.substring(separatorIndex + 1);
const isValid = await validateCredentials(username, password);
if (!isValid) {
throw new WebhookAuthenticationError('Invalid credentials');
}
};
};