UNPKG

stripe-stateful-mock

Version:

A half-baked, stateful Stripe mock server

github.com/pushplay/stripe-stateful-mock

pushplay/stripe-stateful-mock

46 lines (40 loc) 1.93 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import express from "express"; import basicAuthParser = require("basic-auth"); export namespace auth { export function authRoute(req: express.Request, res: express.Response, next: express.NextFunction): void { const token = getAccessTokenFromRequest(req); if (!token) { res.status(401).send({ error: { message: "You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY'). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.", type: "invalid_request_error" } }); } else if (!/^sk_test_/.test(token)) { res.status(401).send({ error: { message: `Invalid API Key provided: ${censorAccessToken(token)}`, type: "invalid_request_error" } }); } else { next(); } } export function getAccessTokenFromRequest(req: express.Request): string { const authorizationHeader = req.header("authorization"); const basicAuth = basicAuthParser(req); if (authorizationHeader && authorizationHeader.startsWith("Bearer ")) { return /^Bearer (.*)/.exec(authorizationHeader)[1]; } else if (basicAuth) { return basicAuth.name; } return null; } export function getCensoredAccessTokenFromRequest(req: express.Request): string { return censorAccessToken(getAccessTokenFromRequest(req)); } export function censorAccessToken(token: string): string { return `${token.substr(0, Math.min(token.length, 11))}${new Array(token.length - Math.min(token.length, 15)).fill("*").join("")}${token.substr(token.length - Math.min(token.length, 4))}`; } }