1 | "use strict";
|
2 |
|
3 | var url = require('url'),
|
4 | auth_hdr = require('./auth_header');
|
5 |
|
6 |
|
7 |
|
8 | var AUTH_HEADER = "authorization",
|
9 | DEFAULT_AUTH_SCHEME = "JWT";
|
10 |
|
11 |
|
12 | var extractors = {};
|
13 |
|
14 |
|
15 | extractors.fromHeader = function (header_name) {
|
16 | return function (request) {
|
17 | var token = null;
|
18 | if (request.headers[header_name]) {
|
19 | token = request.headers[header_name];
|
20 | }
|
21 | return token;
|
22 | };
|
23 | };
|
24 |
|
25 |
|
26 |
|
27 | extractors.fromBodyField = function (field_name) {
|
28 | return function (request) {
|
29 | var token = null;
|
30 | if (request.body && Object.prototype.hasOwnProperty.call(request.body, field_name)) {
|
31 | token = request.body[field_name];
|
32 | }
|
33 | return token;
|
34 | };
|
35 | };
|
36 |
|
37 |
|
38 |
|
39 | extractors.fromUrlQueryParameter = function (param_name) {
|
40 | return function (request) {
|
41 | var token = null,
|
42 | parsed_url = url.parse(request.url, true);
|
43 | if (parsed_url.query && Object.prototype.hasOwnProperty.call(parsed_url.query, param_name)) {
|
44 | token = parsed_url.query[param_name];
|
45 | }
|
46 | return token;
|
47 | };
|
48 | };
|
49 |
|
50 |
|
51 |
|
52 | extractors.fromAuthHeaderWithScheme = function (auth_scheme) {
|
53 | return function (request) {
|
54 |
|
55 | var token = null;
|
56 | if (request.headers[AUTH_HEADER]) {
|
57 | var auth_params = auth_hdr.parse(request.headers[AUTH_HEADER]);
|
58 | if (auth_params && auth_scheme === auth_params.scheme) {
|
59 | token = auth_params.value;
|
60 | }
|
61 | }
|
62 | return token;
|
63 | };
|
64 | };
|
65 |
|
66 |
|
67 |
|
68 | extractors.fromAuthHeader = function () {
|
69 | return extractors.fromAuthHeaderWithScheme(DEFAULT_AUTH_SCHEME);
|
70 | };
|
71 |
|
72 |
|
73 | extractors.fromExtractors = function(extractors) {
|
74 | if (!Array.isArray(extractors)) {
|
75 | throw new TypeError('extractors.fromExtractors expects an array')
|
76 | }
|
77 |
|
78 | return function (request) {
|
79 | var token = null;
|
80 | var index = 0;
|
81 | while(!token && index < extractors.length) {
|
82 | token = extractors[index].call(this, request);
|
83 | index ++;
|
84 | }
|
85 | return token;
|
86 | }
|
87 | };
|
88 |
|
89 |
|
90 |
|
91 |
|
92 |
|
93 |
|
94 |
|
95 |
|
96 |
|
97 |
|
98 |
|
99 |
|
100 |
|
101 |
|
102 |
|
103 |
|
104 | extractors.versionOneCompatibility = function (options) {
|
105 | var authScheme = options.authScheme || DEFAULT_AUTH_SCHEME,
|
106 | bodyField = options.tokenBodyField || 'auth_token',
|
107 | queryParam = options.tokenQueryParameterName || 'auth_token';
|
108 |
|
109 | return function (request) {
|
110 | var authHeaderExtractor = extractors.fromAuthHeaderWithScheme(authScheme);
|
111 | var token = authHeaderExtractor(request);
|
112 |
|
113 | if (!token) {
|
114 | var bodyExtractor = extractors.fromBodyField(bodyField);
|
115 | token = bodyExtractor(request);
|
116 | }
|
117 |
|
118 | if (!token) {
|
119 | var queryExtractor = extractors.fromUrlQueryParameter(queryParam);
|
120 | token = queryExtractor(request);
|
121 | }
|
122 |
|
123 | return token;
|
124 | };
|
125 | }
|
126 |
|
127 |
|
128 |
|
129 |
|
130 |
|
131 |
|
132 | module.exports = extractors;
|