3891692342

Build Type

github

Committed by GitHub

Commit Message

<a href="https://github.com/sealink/auth-js/commit/<a class=hub.com/sealink/auth-js/commit/fb6628581003b49f7e3a0268d37f4998e7894a38">fb6628581<a href="https://github.com/sealink/auth-js/commit/fb6628581003b49f7e3a0268d37f4998e7894a38">">Merge </a><a class="double-link" href="https://github.com/sealink/auth-js/commit/<a class="double-link" href="https://github.com/sealink/auth-js/commit/5d464d2fa4ffef52732883a7d7460f3ac7d3fe78">5d464d2fa</a>">5d464d2fa</a><a href="https://github.com/sealink/auth-js/commit/fb6628581003b49f7e3a0268d37f4998e7894a38"> into bdec6796b">bdec6796b</a>

Pull Request Pull Request #122: Bump nock from 13.2.9 to 13.3.0

Run Details

2 of 2 branches covered (100.0%)

Branch coverage included in aggregate %.

38 of 38 relevant lines covered (100.0%)

2.34 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

100.0

/src/authorizer.js

"use strict";

const jwk = require("jsonwebtoken");
const jwkToPem = require("jwk-to-pem");
const fetch = require("node-fetch");

// Generate policy to allow this user on this API:
const generatePolicy = (principalId, effect, resource) => {
  const authResponse = {};
  authResponse.principalId = principalId;

  const policyDocument = {};
  policyDocument.Version = "2012-10-17";
  policyDocument.Statement = [];
  const statementOne = {};
  statementOne.Action = "execute-api:Invoke";
  statementOne.Effect = effect;
  statementOne.Resource = resource;
  policyDocument.Statement[0] = statementOne;
  authResponse.policyDocument = policyDocument;

  return authResponse;
};

const authorize = async (event, issuer) => {
  if (event.authorizationToken) {
    const token = event.authorizationToken.substring(7);

    const response = await fetch(`${issuer}/.well-known/jwks.json`)
      .then(res => res.json())
      .then(json => {
        const keys = json;
        // Based on the JSON of `jwks` create a Pem:
        const k = keys.keys[0];
        const jwkArray = {
          kty: k.kty,
          n: k.n,
          e: k.e
        };
        const pem = jwkToPem(jwkArray);

        // Verify the token:
        const decoded = jwk.verify(token, pem, { issuer });
        return generatePolicy(decoded.sub, "Allow", event.methodArn);
      })
      .catch(err => {
        console.log(err);
        throw new Error("Unauthorized");
      });
    return response;
  } else {
    console.log("No authorizationToken found in the header.");
    throw new Error("Unauthorized");
  }
};

const authorizeStagingToken = async (event, context) => {
  return authorize(event, "https://auth-next.quicktravel.com.au");
};

const authorizeProductionToken = async (event, context) => {
  return authorize(event, "https://auth.quicktravel.com.au");
};

module.exports.authorizeStagingToken = authorizeStagingToken;
module.exports.authorizeProductionToken = authorizeProductionToken;

1	"use strict";
2
3	const jwk = require("jsonwebtoken");	1✔
4	const jwkToPem = require("jwk-to-pem");	1✔
5	const fetch = require("node-fetch");	1✔
6
7	// Generate policy to allow this user on this API:
8	const generatePolicy = (principalId, effect, resource) => {	1✔
9	const authResponse = {};	1✔
10	authResponse.principalId = principalId;	1✔
11
12	const policyDocument = {};	1✔
13	policyDocument.Version = "2012-10-17";	1✔
14	policyDocument.Statement = [];	1✔
15	const statementOne = {};	1✔
16	statementOne.Action = "execute-api:Invoke";	1✔
17	statementOne.Effect = effect;	1✔
18	statementOne.Resource = resource;	1✔
19	policyDocument.Statement[0] = statementOne;	1✔
20	authResponse.policyDocument = policyDocument;	1✔
21
22	return authResponse;	1✔
23	};
24
25	const authorize = async (event, issuer) => {	1✔
26	if (event.authorizationToken) {	7✔
27	const token = event.authorizationToken.substring(7);	5✔
28
29	const response = await fetch(`${issuer}/.well-known/jwks.json`)	5✔
30	.then(res => res.json())	5✔
31	.then(json => {
32	const keys = json;	5✔
33	// Based on the JSON of `jwks` create a Pem:
34	const k = keys.keys[0];	5✔
35	const jwkArray = {	5✔
36	kty: k.kty,
37	n: k.n,
38	e: k.e
39	};
40	const pem = jwkToPem(jwkArray);	5✔
41
42	// Verify the token:
43	const decoded = jwk.verify(token, pem, { issuer });	5✔
44	return generatePolicy(decoded.sub, "Allow", event.methodArn);	1✔
45	})
46	.catch(err => {
47	console.log(err);	4✔
48	throw new Error("Unauthorized");	4✔
49	});
50	return response;	1✔
51	} else {
52	console.log("No authorizationToken found in the header.");	2✔
53	throw new Error("Unauthorized");	2✔
54	}
55	};
56
57	const authorizeStagingToken = async (event, context) => {	1✔
58	return authorize(event, "https://auth-next.quicktravel.com.au");	6✔
59	};
60
61	const authorizeProductionToken = async (event, context) => {	1✔
62	return authorize(event, "https://auth.quicktravel.com.au");	1✔
63	};
64
65	module.exports.authorizeStagingToken = authorizeStagingToken;	1✔
66	module.exports.authorizeProductionToken = authorizeProductionToken;	1✔

sealink / auth-js / 3891692342

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous