1 | var passport = require('passport-strategy')
|
2 | , auth_hdr = require('./auth_header')
|
3 | , util = require('util')
|
4 | , url = require('url');
|
5 |
|
6 |
|
7 |
|
8 |
|
9 |
|
10 |
|
11 |
|
12 |
|
13 |
|
14 |
|
15 |
|
16 |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 | function JwtStrategy(options, verify) {
|
23 |
|
24 | passport.Strategy.call(this);
|
25 | this.name = 'jwt';
|
26 |
|
27 | this._secretOrKey = options.secretOrKey;
|
28 | if (!this._secretOrKey) {
|
29 | throw new TypeError('JwtStrategy requires a secret or key');
|
30 | }
|
31 |
|
32 | this._verify = verify;
|
33 | if (!this._verify) {
|
34 | throw new TypeError('JwtStrategy requires a verify callback');
|
35 | }
|
36 |
|
37 | this._jwtFromRequest = options.jwtFromRequest;
|
38 | if (!this._jwtFromRequest) {
|
39 | throw new TypeError('JwtStrategy requires a function to retrieve jwt from requests (see option jwtFromRequest)');
|
40 | }
|
41 |
|
42 | this._passReqToCallback = options.passReqToCallback;
|
43 | this._verifOpts = {};
|
44 |
|
45 | if (options.issuer) {
|
46 | this._verifOpts.issuer = options.issuer;
|
47 | }
|
48 |
|
49 | if (options.audience) {
|
50 | this._verifOpts.audience = options.audience;
|
51 | }
|
52 |
|
53 | if (options.algorithms) {
|
54 | this._verifOpts.algorithms = options.algorithms;
|
55 | }
|
56 |
|
57 | if (options.ignoreExpiration != null) {
|
58 | this._verifOpts.ignoreExpiration = options.ignoreExpiration;
|
59 | }
|
60 |
|
61 | };
|
62 | util.inherits(JwtStrategy, passport.Strategy);
|
63 |
|
64 |
|
65 |
|
66 |
|
67 |
|
68 |
|
69 |
|
70 |
|
71 |
|
72 |
|
73 |
|
74 | JwtStrategy.JwtVerifier = require('./verify_jwt');
|
75 |
|
76 |
|
77 |
|
78 |
|
79 |
|
80 |
|
81 | JwtStrategy.prototype.authenticate = function(req, options) {
|
82 | var self = this;
|
83 |
|
84 | var token = self._jwtFromRequest(req);
|
85 |
|
86 | if (!token) {
|
87 | return self.fail(new Error("No auth token"));
|
88 | }
|
89 |
|
90 |
|
91 | JwtStrategy.JwtVerifier(token, this._secretOrKey, this._verifOpts, function(jwt_err, payload) {
|
92 | if (jwt_err) {
|
93 | return self.fail(jwt_err);
|
94 | } else {
|
95 |
|
96 | var verified = function(err, user, info) {
|
97 | if(err) {
|
98 | return self.error(err);
|
99 | } else if (!user) {
|
100 | return self.fail(info);
|
101 | } else {
|
102 | return self.success(user, info);
|
103 | }
|
104 | };
|
105 |
|
106 | try {
|
107 | if (self._passReqToCallback) {
|
108 | self._verify(req, payload, verified);
|
109 | } else {
|
110 | self._verify(payload, verified);
|
111 | }
|
112 | } catch(ex) {
|
113 | self.error(ex);
|
114 | }
|
115 | }
|
116 | });
|
117 | };
|
118 |
|
119 |
|
120 |
|
121 |
|
122 |
|
123 |
|
124 | module.exports = JwtStrategy;
|