cor-base-service/lib/src/auth/ws.js

Library build upon COR web services. Handles authN/authZ, standarizes logging and error messages

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.socketAuthentication = void 0;
const utils_1 = require("./utils");
const errors_1 = require("../errors");
const socketAuthentication = async (req, config, logger) => {
    const jwksUri = config.server.auth.idp?.jwksUri || "";
    if (!jwksUri) {
        const errorMessage = "Authentication is enabled but no Identity Provider URL is defined";
        logger.error(errorMessage);
        throw (0, errors_1.InternalServerError)(errorMessage);
    }
    const token = (0, utils_1.getTokenFromWebSocket)(req, logger);
    if (!token) {
        logger.debug("Token not found in request");
        throw (0, errors_1.UnauthorizedError)();
    }
    try {
        logger.debug({ jwksUri, token }, "Verifying token with IDP public key");
        return await (0, utils_1.verifyJWT)(jwksUri, token, logger);
    }
    catch (error) {
        logger.warn({ error }, "Error verifying JWT");
        // TODO: Handle different errors here
        throw (0, errors_1.UnauthorizedError)();
    }
};
exports.socketAuthentication = socketAuthentication;