Buckets:
ktongue/docker_container / .cache /opencode /node_modules /hono /dist /middleware /bearer-auth /index.js
| // src/middleware/bearer-auth/index.ts | |
| import { HTTPException } from "../../http-exception.js"; | |
| import { timingSafeEqual } from "../../utils/buffer.js"; | |
| var TOKEN_STRINGS = "[A-Za-z0-9._~+/-]+=*"; | |
| var PREFIX = "Bearer"; | |
| var HEADER = "Authorization"; | |
| var bearerAuth = (options) => { | |
| if (!("token" in options || "verifyToken" in options)) { | |
| throw new Error('bearer auth middleware requires options for "token"'); | |
| } | |
| if (!options.realm) { | |
| options.realm = ""; | |
| } | |
| if (options.prefix === void 0) { | |
| options.prefix = PREFIX; | |
| } | |
| const realm = options.realm?.replace(/"/g, '\\"'); | |
| const prefixRegexStr = options.prefix === "" ? "" : `${options.prefix} +`; | |
| const regexp = new RegExp(`^${prefixRegexStr}(${TOKEN_STRINGS}) *$`); | |
| const wwwAuthenticatePrefix = options.prefix === "" ? "" : `${options.prefix} `; | |
| const throwHTTPException = async (c, status, wwwAuthenticateHeader, messageOption) => { | |
| const wwwAuthenticateHeaderValue = typeof wwwAuthenticateHeader === "function" ? await wwwAuthenticateHeader(c) : wwwAuthenticateHeader; | |
| const headers = { | |
| "WWW-Authenticate": typeof wwwAuthenticateHeaderValue === "string" ? wwwAuthenticateHeaderValue : `${wwwAuthenticatePrefix}${Object.entries(wwwAuthenticateHeaderValue).map(([key, value]) => `${key}="${value}"`).join(",")}` | |
| }; | |
| const responseMessage = typeof messageOption === "function" ? await messageOption(c) : messageOption; | |
| const res = typeof responseMessage === "string" ? new Response(responseMessage, { status, headers }) : new Response(JSON.stringify(responseMessage), { | |
| status, | |
| headers: { | |
| ...headers, | |
| "content-type": "application/json" | |
| } | |
| }); | |
| throw new HTTPException(status, { res }); | |
| }; | |
| return async function bearerAuth2(c, next) { | |
| const headerToken = c.req.header(options.headerName || HEADER); | |
| if (!headerToken) { | |
| await throwHTTPException( | |
| c, | |
| 401, | |
| options.noAuthenticationHeader?.wwwAuthenticateHeader || `${wwwAuthenticatePrefix}realm="${realm}"`, | |
| options.noAuthenticationHeader?.message || options.noAuthenticationHeaderMessage || "Unauthorized" | |
| ); | |
| } else { | |
| const match = regexp.exec(headerToken); | |
| if (!match) { | |
| await throwHTTPException( | |
| c, | |
| 400, | |
| options.invalidAuthenticationHeader?.wwwAuthenticateHeader || `${wwwAuthenticatePrefix}error="invalid_request"`, | |
| options.invalidAuthenticationHeader?.message || options.invalidAuthenticationHeaderMessage || "Bad Request" | |
| ); | |
| } else { | |
| let equal = false; | |
| if ("verifyToken" in options) { | |
| equal = await options.verifyToken(match[1], c); | |
| } else if (typeof options.token === "string") { | |
| equal = await timingSafeEqual(options.token, match[1], options.hashFunction); | |
| } else if (Array.isArray(options.token) && options.token.length > 0) { | |
| for (const token of options.token) { | |
| if (await timingSafeEqual(token, match[1], options.hashFunction)) { | |
| equal = true; | |
| break; | |
| } | |
| } | |
| } | |
| if (!equal) { | |
| await throwHTTPException( | |
| c, | |
| 401, | |
| options.invalidToken?.wwwAuthenticateHeader || `${wwwAuthenticatePrefix}error="invalid_token"`, | |
| options.invalidToken?.message || options.invalidTokenMessage || "Unauthorized" | |
| ); | |
| } | |
| } | |
| } | |
| await next(); | |
| }; | |
| }; | |
| export { | |
| bearerAuth | |
| }; | |
Xet Storage Details
- Size:
- 3.5 kB
- Xet hash:
- a0c0c09e0b4b623c0baa1995d1c716b3d4cfb44fbc1c543f763b038d6beb5703
·
Xet efficiently stores files, intelligently splitting them into unique chunks and accelerating uploads and downloads. More info.