-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.js
120 lines (94 loc) · 2.59 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
'use strict';
const biscuit = require('@biscuit-auth/biscuit-wasm')
module.exports = function(options) {
const publicKey = biscuit.PublicKey.from_hex(options.publicKey)
var middleware = function(req, res, next) {
try {
const authHeader = req.headers.authorization;
var authorizer = new biscuit.Authorizer()
console.log("created authorizer")
if(options.policies !== undefined) {
authorizer.add_code(options.policies)
console.log("added code")
}
if(authHeader !== undefined) {
const token = biscuit.Biscuit.from_base64(authHeader, publicKey)
authorizer.add_token(token)
console.log("added token")
}
if(options.extractor !== undefined) {
console.log("will call extractor")
options.extractor(req, authorizer)
}
console.log("will authorize")
const res = authorizer.authorize()
console.log("ok")
next()
} catch(error) {
//console.log("not authorized: "+authorizer.print())
console.log("error: "+JSON.stringify(error))
return res.status(403).json({
status: 403,
message: 'FORBIDDEN'
})
}
}
return middleware;
};
module.exports.fact = function fact(strings, ...keys) {
let template = ""
for (let i = 0; i < strings.length; i++) {
template += strings[i]
if(i < keys.length) {
template += "$"+i
}
console.log("constructed: "+template)
}
let fact = biscuit.Fact.from_str(template)
for (let i = 0; i < keys.length; ++i) {
fact.set(""+i, keys[i])
}
return fact
}
module.exports.rule = function rule(strings, ...keys) {
let template = ""
for (let i = 0; i < strings.length; i++) {
template += strings[i]
if(i < keys.length) {
template += "$"+i
}
}
let rule = biscuit.Rule.from_str(template)
for (let i = 0; i < keys.length; ++i) {
rule.set(""+i, keys[i])
}
return rule
}
module.exports.check = function check(strings, ...keys) {
let template = ""
for (let i = 0; i < strings.length; i++) {
template += strings[i]
if(i < keys.length) {
template += "$"+i
}
}
let check = biscuit.Check.from_str(template)
for (let i = 0; i < keys.length; ++i) {
check.set(""+i, keys[i])
}
return check
}
module.exports.policy = function policy(strings, ...keys) {
let template = ""
for (let i = 0; i < strings.length; i++) {
template += strings[i]
if(i < keys.length) {
template += "$"+i
}
}
let policy = biscuit.Policy.from_str(template)
for (let i = 0; i < keys.length; ++i) {
policy.set(""+i, keys[i])
}
return policy
}