oidc-provider
Version:
OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect
26 lines (22 loc) • 776 B
JavaScript
import instance from './weak_cache.js';
export default async function fetchBodyCheck(provider, purpose, response) {
const limit = instance(provider).configuration.fetchResponseBodyLimits[purpose];
if (Number.isFinite(limit)) {
const contentLength = response.headers.get('content-length');
if (contentLength && parseInt(contentLength, 10) > limit) {
await response.body?.cancel();
throw new Error('response too large');
}
}
const chunks = [];
let received = 0;
for await (const chunk of response.body) {
received += chunk.length;
if (Number.isFinite(limit) && received > limit) {
await response.body?.cancel();
throw new Error('response too large');
}
chunks.push(chunk);
}
return Buffer.concat(chunks);
}