fastify-openapi-connector
Version:
Fastify plugin that will set-up routes with security & json validation based on OpenAPI specification
44 lines (43 loc) • 1.58 kB
JavaScript
/**
* Create security processors for Fastify
* @param handlers Security handlers
* @param securityObject Security object from OAS
* @returns Fastify middleware if any handler is defined
*/
export const createSecurityProcessors = (handlers, securityObject) => {
// No security, or empty array means we do not validate
if (!securityObject || securityObject.length === 0) {
return undefined;
}
return async (req, res) => {
let optionalSecurity = false;
for (const item of securityObject) {
if (Object.keys(item).length === 0) {
optionalSecurity = true;
continue;
}
for (const [resolverName, scopes] of Object.entries(item)) {
const handler = handlers[resolverName];
if (!handler) {
req.log.warn(`Missing security resolver '${resolverName}!'`);
continue;
}
try {
// We got sucesfully resolved authentication
if (await handler(req, scopes)) {
return;
}
}
catch (error) {
req.log.debug(error, 'Security validation error');
}
}
}
// Security was optional, so we do not return 401
if (optionalSecurity) {
return;
}
req.log.debug('None of the security objects were succesfully resolver, returning 401');
res.code(401).send('Unauthorized');
};
};