koas-security
Version:
Koas security checks if a request matches the security requirement of an operation. For example, given the following partial OpenAPI document:
71 lines (70 loc) • 2.11 kB
TypeScript
import { Context } from 'koa';
import { OpenAPIV3 } from 'openapi-types';
import { Promisable } from 'type-fest';
import { Clients, Users } from '.';
/**
* A single client
*/
/**
* A single user
*/
/**
* A representation of an OAuth2 client.
*/
export interface OAuth2Client {
/**
* The scope this client is allowed to use.
*
* This may be a list or a space separated string.
*/
scope: Set<string> | string[] | string;
}
export declare type SecurityCheck = (ctx: Context, scopes?: string[]) => Promisable<[unknown, unknown?]>;
declare module 'koa' {
interface DefaultContext {
/**
* This is one of the authenticated clients.
*
* Use `clients` if multiple security requirements need to be met.
*
* This property is injected by `koas-security`.
*/
client?: Clients[keyof Clients];
/**
* A mapping of OpenAPI security schemes to authenticated clients.
*
* Usually only one security requirement needs to be met. In this case using `client` is
* preferred.
*
* This property is injected by `koas-security`.
*/
clients?: Clients;
/**
* This is one of the authenticated users.
*
* Use `users` if multiple security requirements need to be met.
*
* This property is injected by `koas-security`.
*/
user?: Users[keyof Users];
/**
* A mapping of OpenAPI security schemes to authenticated users.
*
* Usually only one security requirement needs to be met. In this case using `user` is
* preferred.
*
* This property is injected by `koas-security`.
*/
users?: Users;
}
}
declare module 'koas-core' {
interface OpenAPIContext {
/**
* The security requirements object that is active in the current context.
*
* This property is injected by `koas-security`.
*/
securityRequirementObject?: OpenAPIV3.SecurityRequirementObject;
}
}