UNPKG

microgateway-plugins

Version:

Plugins for Apige Edge Microgateway

github.com/apigee/microgateway-plugins

apigee/microgateway-plugins

87 lines (79 loc) 2.54 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
'use strict'; /** * */ var debug = require('debug')('plugin:bauth'); const authHeaderRegex = /Basic (.+)/; module.exports.init = function (config, logger, stats) { var keepAuthHeader = config['keep-authorization-header'] || false; return { onrequest: function(req, res, next) { debug('plugin onrequest'); try { if (!req.headers['authorization']) { debug('missing_authorization'); return sendError(req, res, next, logger, stats, 'missing_authorization', 'Missing Authorization header'); } else { var b64string = authHeaderRegex.exec(req.headers['authorization']); if (!b64string || b64string.length < 2) { debug('Invalid Authorization Header'); return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header'); } var buf; if (typeof Buffer.from === "function") { // Node 5.10+ buf = Buffer.from(b64string[1], 'base64').toString("ascii"); } else { // older Node versions buf = Buffer.from(b64string[1], 'base64').toString("ascii"); } if (buf) { var parts = buf.split(":"); req.username = parts[0]; req.password = parts[1]; if (!keepAuthHeader) { delete (req.headers['authorization']); // don't pass this header to target } } else { debug('Invalid Authorization Header'); return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header'); } } } catch (err) { debug("ERROR - " + err); } next(); } }; } function sendError(req, res, next, logger, stats, code, message) { switch (code) { case 'invalid_request': res.statusCode = 400; break; case 'access_denied': res.statusCode = 403; break; case 'missing_authorization': case 'invalid_authorization': res.statusCode = 401; break; case 'gateway_timeout': res.statusCode = 504; break; default: res.statusCode = 500; } var response = { error: code, error_description: message }; const err = Error('auth failure'); debug('auth failure', res.statusCode, code, message ? message : '', req.headers, req.method, req.url); logger.eventLog({level:'error', req: req, res: res, err:err, component:'bauth' }, 'bauth'); if (!res.finished) res.setHeader('content-type', 'application/json'); res.end(JSON.stringify(response)); stats.incrementStatusCount(res.statusCode); next(code, message); return code; }