UNPKG

chargebee

Version:

A library for integrating with Chargebee.

50 lines (49 loc) 2.06 kB
import { WebhookAuthenticationError } from './errors.js'; /** * Creates a Basic Auth validator for webhook requests. * Parses the Authorization header and validates credentials. * * @param validateCredentials - Function to validate username/password. * Can be sync or async (e.g., for database lookups). * @returns A request validator function for use with WebhookHandler * * @throws {WebhookAuthenticationError} When authentication fails * * @example * // Simple sync validation * const validator = basicAuthValidator((u, p) => u === 'admin' && p === 'secret'); * * @example * // Async validation (e.g., database lookup) * const validator = basicAuthValidator(async (u, p) => { * const user = await db.findUser(u); * return user && await bcrypt.compare(p, user.passwordHash); * }); */ export const basicAuthValidator = (validateCredentials) => { return async (headers) => { const authHeader = headers['authorization'] || headers['Authorization']; if (!authHeader) { throw new WebhookAuthenticationError('Missing authorization header'); } const authStr = Array.isArray(authHeader) ? authHeader[0] : authHeader; if (!authStr) { throw new WebhookAuthenticationError('Invalid authorization header'); } const parts = authStr.split(' '); if (parts.length !== 2 || parts[0] !== 'Basic') { throw new WebhookAuthenticationError('Invalid authorization header format'); } const decoded = Buffer.from(parts[1], 'base64').toString(); const separatorIndex = decoded.indexOf(':'); if (separatorIndex === -1) { throw new WebhookAuthenticationError('Invalid credentials format'); } const username = decoded.substring(0, separatorIndex); const password = decoded.substring(separatorIndex + 1); const isValid = await validateCredentials(username, password); if (!isValid) { throw new WebhookAuthenticationError('Invalid credentials'); } }; };