Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

feat: add isUnauthorizedError type guard

Browse Source 
fixes #328
This commit is contained in:
Divlo
2022-02-18 17:20:59 +01:00
parent 056c7b4807
commit 098475d64c
25 changed files with 3856 additions and 3301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/UnauthorizedError.ts
View File

@ -1,8 +1,8 @@
export class UnauthorizedError extends Error {
public inner: { message: string }
public data: { message: string, code: string, type: 'UnauthorizedError' }
public data: { message: string; code: string; type: 'UnauthorizedError' }
constructor (code: string, error: { message: string }) {
constructor(code: string, error: { message: string }) {
super(error.message)
this.message = error.message
this.inner = error
@ -14,3 +14,7 @@ export class UnauthorizedError extends Error {
Object.setPrototypeOf(this, UnauthorizedError.prototype)
}
}
export const isUnauthorizedError = (error: any): error is UnauthorizedError => {
return error.data.type === 'UnauthorizedError'
}

121
src/__test__/authorize.test.ts
View File

@ -1,7 +1,13 @@
import axios from 'axios'
import { io } from 'socket.io-client'
import { fixtureStart, fixtureStop, getSocket, Profile } from './fixture'
import { isUnauthorizedError } from '../UnauthorizedError.js'
import {
fixtureStart,
fixtureStop,
getSocket,
Profile
} from './fixture/index.js'
describe('authorize - with secret as string in options', () => {
let token: string = ''
@ -23,9 +29,12 @@ describe('authorize - with secret as string in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -35,11 +44,14 @@ describe('authorize - with secret as string in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -49,11 +61,14 @@ describe('authorize - with secret as string in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
@ -67,8 +82,8 @@ describe('authorize - with secret as string in options', () => {
socket.close()
done()
})
socket.on('connect_error', (err: any) => {
done(err)
socket.on('connect_error', (error) => {
done(error)
})
})
})
@ -100,9 +115,12 @@ describe('authorize - with secret as callback in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -112,11 +130,14 @@ describe('authorize - with secret as callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -126,11 +147,14 @@ describe('authorize - with secret as callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
@ -144,8 +168,8 @@ describe('authorize - with secret as callback in options', () => {
socket.close()
done()
})
socket.on('connect_error', (err: any) => {
done(err)
socket.on('connect_error', (error) => {
done(error)
})
})
})
@ -188,9 +212,12 @@ describe('authorize - with onAuthentication callback in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -200,11 +227,14 @@ describe('authorize - with onAuthentication callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -214,11 +244,14 @@ describe('authorize - with onAuthentication callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})

14
src/__test__/fixture/index.ts
View File

@ -1,11 +1,12 @@
import type { Server as HttpServer } from 'node:http'
import type { Server as HttpsServer } from 'node:https'
import express from 'express'
import jwt from 'jsonwebtoken'
import { Server as HttpServer } from 'http'
import { Server as HttpsServer } from 'https'
import { Server as SocketIoServer } from 'socket.io'
import enableDestroy from 'server-destroy'
import { authorize, AuthorizeOptions } from '../../index'
import { authorize, AuthorizeOptions } from '../../index.js'
export interface Profile {
email: string
@ -20,7 +21,7 @@ interface Socket {
const socket: Socket = {
io: null,
init (httpServer) {
init(httpServer) {
socket.io = new SocketIoServer(httpServer)
}
}
@ -40,7 +41,10 @@ export const fixtureStart = async (
if (typeof options.secret === 'string') {
keySecret = options.secret
} else {
keySecret = await options.secret({ header: { alg: 'HS256' }, payload: profile })
keySecret = await options.secret({
header: { alg: 'HS256' },
payload: profile
})
}
const app = express()
app.use(express.json())

12
src/authorize.ts
View File

@ -1,16 +1,12 @@
import jwt, { Algorithm } from 'jsonwebtoken'
import { Socket } from 'socket.io'
import { UnauthorizedError } from './UnauthorizedError'
import { UnauthorizedError } from './UnauthorizedError.js'
declare module 'socket.io' {
interface Socket extends ExtendedSocket {}
}
interface ExtendedError extends Error {
data?: any
}
interface ExtendedSocket {
encodedToken?: string
decodedToken?: any
@ -19,7 +15,7 @@ interface ExtendedSocket {
type SocketIOMiddleware = (
socket: Socket,
next: (error?: ExtendedError) => void
next: (error?: UnauthorizedError) => void
) => void
interface CompleteDecodedToken {
@ -30,7 +26,9 @@ interface CompleteDecodedToken {
payload: any
}
type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string> | string
type SecretCallback = (
decodedToken: CompleteDecodedToken
) => Promise<string> | string
export interface AuthorizeOptions {
secret: string | SecretCallback

3
src/index.ts
View File

@ -1 +1,2 @@
export * from './authorize'
export * from './authorize.js'
export * from './UnauthorizedError.js'