UNPKG

ripe-commons

Version:

The RIPE Commons library

github.com/ripe-tech/ripe-comons-js

ripe-tech/ripe-commons-js

70 lines (58 loc) 2.89 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
import { OperationalError } from "yonius"; import { API } from "ripe-id-api"; /** * Tries to obtain a RIPE authorization object (username and ACL) * for the current request context, using the (redeem) token in context * as the basis for the retrieval of the authorization. * * In case the process fails an exception is raised indicating the source * of such problem. * * @param {Request} req The request object that is going to be used * as the context provided and from which the (redeem) token is going * to be retrieved and the authorization stored. * @returns The resulting RIPE authorization object for the current * context, exception is raised in case it's not possible to redeem one. */ export const getRipeAuth = async req => { // checks the current request's cache to check if there's // an authorization information already present in it if (req.ripeAuth) return req.ripeAuth; // allocates space for the (redeem) token value that is going // to be "gathered" from all possible request sources let token = null; // tries to "find" the token in the route parameters if (req.params.token) token = req.params.token; // tries to "find" the token in the GET parameters if (req.query.token) token = req.query.token; // tries to verify if the authorization header is present and // if that's the case unpacks the token from it if (req.headers.authorization) { [, token] = req.headers.authorization.split(" ", 2); } // in case no redeem token has been found on request must throw an error // indicating such issue (as expected) if (!token) { throw new OperationalError("No (redeem) token available", 401); } // creates a new instance of the RIPE ID API client to be used for // the "redeem" operation of the redeem token const api = new API(); // tries to redeem the token and then reacts to the most usual problems // in the expected manner, the redeem operation represents the guarantee // that the 3rd party who provided this token has effectively access to the // ACL and username that is provided as part of the resulting authorization const auth = await api.redeemToken(token); if (auth.code === 404) { throw new OperationalError("Token not found", 401); } // stores the (redeem) token associated with the request in the authorization, // so that it can be easily retrieved latter if needed (no need to find the // token among the multiple possible request locations: GET or POST params) auth.token = token; // updates the current request with the authorization information // retrieved from the provided token (avoids new calls, it's a cache) req.ripeAuth = auth; return req.ripeAuth; }; export default getRipeAuth;