feat: add isUnauthorizedError type guard

fixes #328
This commit is contained in:
Divlo 2022-02-18 17:20:59 +01:00
parent 056c7b4807
commit 098475d64c
No known key found for this signature in database
GPG Key ID: 8F9478F220CE65E9
25 changed files with 3856 additions and 3301 deletions

23
.eslintrc.json Normal file
View File

@ -0,0 +1,23 @@
{
"extends": ["standard-with-typescript", "prettier"],
"plugins": ["unicorn", "import", "prettier"],
"parserOptions": {
"project": "./tsconfig.json"
},
"env": {
"node": true,
"jest": true
},
"rules": {
"prettier/prettier": "error",
"import/order": [
"error",
{
"groups": ["builtin", "external", "internal"],
"newlines-between": "always"
}
],
"import/extensions": ["error", "always"],
"unicorn/prefer-node-protocol": "error"
}
}

1
.gitattributes vendored Normal file
View File

@ -0,0 +1 @@
* text=auto eol=lf

View File

@ -1,11 +0,0 @@
version: 2
updates:
- package-ecosystem: 'github-actions'
directory: '/'
schedule:
interval: 'daily'
- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: 'daily'

View File

@ -15,7 +15,7 @@ jobs:
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: '16.x'
node-version: 'lts/*'
cache: 'npm'
- name: 'Install'

View File

@ -15,7 +15,7 @@ jobs:
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: '16.x'
node-version: 'lts/*'
cache: 'npm'
- name: 'Install'
@ -25,3 +25,4 @@ jobs:
- run: 'npm run lint:editorconfig'
- run: 'npm run lint:markdown'
- run: 'npm run lint:typescript'
- run: 'npm run lint:prettier'

View File

@ -13,7 +13,7 @@ jobs:
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: '16.x'
node-version: 'lts/*'
cache: 'npm'
- name: 'Install'

View File

@ -15,7 +15,7 @@ jobs:
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: '16.x'
node-version: 'lts/*'
cache: 'npm'
- name: 'Install'

20
.gitignore vendored
View File

@ -6,6 +6,7 @@ node_modules
# production
build
.swc
# testing
coverage
@ -13,10 +14,21 @@ coverage
# debug
npm-debug.log*
# editors
.vscode
.theia
.idea
# IDEs and editors
/.idea
.project
.classpath
.c9/
*.launch
.settings/
*.sublime-workspace
# IDE - VSCode
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
# misc
.DS_Store

View File

@ -1,7 +1,5 @@
#!/bin/sh
. "$(dirname "$0")/_/husky.sh"
npm run lint:editorconfig
npm run lint:markdown
npm run lint:typescript
npm run lint:staged
npm run build

10
.lintstagedrc.json Normal file
View File

@ -0,0 +1,10 @@
{
"*": ["editorconfig-checker"],
"*.{js,jsx,ts,tsx}": [
"prettier --write",
"eslint --fix",
"jest --findRelatedTests"
],
"*.{json,jsonc,yml,yaml}": ["prettier --write"],
"*.{md}": ["prettier --write", "markdownlint --dot --fix"]
}

6
.prettierrc.json Normal file
View File

@ -0,0 +1,6 @@
{
"singleQuote": true,
"jsxSingleQuote": true,
"semi": false,
"trailingComma": "none"
}

22
.swcrc Normal file
View File

@ -0,0 +1,22 @@
{
"jsc": {
"parser": {
"syntax": "typescript",
"decorators": true,
"dynamicImport": true
},
"transform": {
"legacyDecorator": true,
"decoratorMetadata": true
},
"target": "es2022",
"loose": true
},
"module": {
"type": "commonjs",
"strict": false,
"strictMode": true,
"lazy": false,
"noInterop": false
}
}

8
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,8 @@
{
"recommendations": [
"editorconfig.editorconfig",
"esbenp.prettier-vscode",
"dbaeumer.vscode-eslint",
"davidanson.vscode-markdownlint"
]
}

10
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,10 @@
{
"typescript.tsdk": "node_modules/typescript/lib",
"typescript.preferences.importModuleSpecifierEnding": "js",
"editor.defaultFormatter": "esbenp.prettier-vscode",
"prettier.configPath": ".prettierrc.json",
"editor.formatOnSave": true,
"editor.codeActionsOnSave": {
"source.fixAll": true
}
}

View File

@ -21,7 +21,7 @@ All work on **Thream** happens directly on [GitHub](https://github.com/Thream).
- **Please first discuss** the change you wish to make via [issue](https://github.com/Thream/socketio-jwt/issues) before making a change. It might avoid a waste of your time.
- Ensure your code respect [Typescript Standard Style](https://www.npmjs.com/package/ts-standard).
- Ensure your code respect `eslint` and `prettier`.
- Make sure your **code passes the tests**.

View File

@ -8,7 +8,6 @@
<a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
<a href="./CODE_OF_CONDUCT.md"><img src="https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg" alt="Contributor Covenant" /></a>
<a href="https://dependabot.com/"><img src="https://badgen.net/github/dependabot/Thream/socketio-jwt?icon=dependabot" alt="Dependabot badge" /></a>
<br/>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
@ -30,6 +29,8 @@ This repository was originally forked from [auth0-socketio-jwt](https://github.c
## 💾 Install
**Note:** It is a package that is recommended to use/install on both the client and server sides.
```sh
npm install --save @thream/socketio-jwt
```
@ -102,7 +103,7 @@ const io = new Server(9000)
io.use(
authorize({
secret: 'your secret or public key',
onAuthentication: async decodedToken => {
onAuthentication: async (decodedToken) => {
// return the object that you want to add to the user property
// or throw an error if the token is unauthorized
}
@ -128,6 +129,7 @@ io.on('connection', async (socket) => {
```ts
import { io } from 'socket.io-client'
import { isUnauthorizedError } from '@thream/socketio-jwt'
// Require Bearer Token
const socket = io('http://localhost:9000', {
@ -136,7 +138,7 @@ const socket = io('http://localhost:9000', {
// Handling token expiration
socket.on('connect_error', (error) => {
if (error.data.type === 'UnauthorizedError') {
if (isUnauthorizedError(error)) {
console.log('User token has expired')
}
})

View File

@ -1,6 +1,9 @@
{
"preset": "ts-jest",
"testEnvironment": "node",
"resolver": "jest-ts-webcompat-resolver",
"transform": {
"^.+\\.(t|j)sx?$": ["@swc/jest"]
},
"rootDir": "./src",
"collectCoverage": true,
"coverageDirectory": "../coverage/"

6776
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,7 @@
{
"name": "@thream/socketio-jwt",
"version": "0.0.0-development",
"public": true,
"description": "Authenticate socket.io incoming connections with JWTs.",
"license": "MIT",
"main": "build/index.js",
@ -11,6 +12,9 @@
"engines": {
"node": ">=12.0.0"
},
"publishConfig": {
"access": "public"
},
"keywords": [
"socket",
"socket.io",
@ -19,32 +23,22 @@
"author": "Divlo <contact@divlo.fr>",
"repository": {
"type": "git",
"url": "git+https://github.com/Thream/socketio-jwt"
"url": "https://github.com/Thream/socketio-jwt"
},
"bugs": {
"url": "https://github.com/Thream/socketio-jwt/issues"
},
"homepage": "https://github.com/Thream/socketio-jwt#readme",
"ts-standard": {
"ignore": [
"build",
"coverage",
"node_modules"
],
"envs": [
"node",
"jest"
],
"report": "stylish"
},
"scripts": {
"build": "rimraf ./build && tsc",
"build": "rimraf ./build && swc ./src --out-dir ./build && tsc",
"lint:commit": "commitlint",
"lint:editorconfig": "editorconfig-checker",
"lint:markdown": "markdownlint '**/*.md' --dot --ignore node_modules",
"lint:typescript": "ts-standard",
"release": "semantic-release",
"lint:markdown": "markdownlint \"**/*.md\" --dot --ignore-path \".gitignore\"",
"lint:typescript": "eslint \"**/*.{js,jsx,ts,tsx}\" --ignore-path \".gitignore\"",
"lint:prettier": "prettier \".\" --check --ignore-path \".gitignore\"",
"lint:staged": "lint-staged",
"test": "jest",
"release": "semantic-release",
"postinstall": "husky install",
"prepublishOnly": "pinst --disable",
"postpublish": "pinst --enable"
@ -58,25 +52,38 @@
"devDependencies": {
"@commitlint/cli": "16.2.1",
"@commitlint/config-conventional": "16.2.1",
"@swc/cli": "0.1.55",
"@swc/core": "1.2.141",
"@swc/jest": "0.2.17",
"@types/express": "4.17.13",
"@types/jest": "27.4.0",
"@types/jsonwebtoken": "8.5.8",
"@types/node": "17.0.18",
"@types/server-destroy": "1.0.1",
"@typescript-eslint/eslint-plugin": "4.32.0",
"axios": "0.26.0",
"editorconfig-checker": "4.0.2",
"express": "4.17.2",
"eslint": "7.32.0",
"eslint-config-prettier": "8.3.0",
"eslint-config-standard-with-typescript": "21.0.1",
"eslint-plugin-import": "2.25.4",
"eslint-plugin-node": "11.1.0",
"eslint-plugin-prettier": "4.0.0",
"eslint-plugin-promise": "5.2.0",
"eslint-plugin-unicorn": "40.1.0",
"express": "4.17.3",
"husky": "7.0.4",
"jest": "27.5.1",
"jest-ts-webcompat-resolver": "1.0.0",
"lint-staged": "12.3.4",
"markdownlint-cli": "0.31.1",
"pinst": "2.1.6",
"rimraf": "3.0.2",
"semantic-release": "19.0.2",
"server-destroy": "1.0.1",
"prettier": "2.5.1",
"socket.io": "4.4.1",
"socket.io-client": "4.4.1",
"ts-jest": "27.1.3",
"ts-standard": "11.0.0",
"typescript": "4.5.5"
}
}

View File

@ -1,8 +1,8 @@
export class UnauthorizedError extends Error {
public inner: { message: string }
public data: { message: string, code: string, type: 'UnauthorizedError' }
public data: { message: string; code: string; type: 'UnauthorizedError' }
constructor (code: string, error: { message: string }) {
constructor(code: string, error: { message: string }) {
super(error.message)
this.message = error.message
this.inner = error
@ -14,3 +14,7 @@ export class UnauthorizedError extends Error {
Object.setPrototypeOf(this, UnauthorizedError.prototype)
}
}
export const isUnauthorizedError = (error: any): error is UnauthorizedError => {
return error.data.type === 'UnauthorizedError'
}

View File

@ -1,7 +1,13 @@
import axios from 'axios'
import { io } from 'socket.io-client'
import { fixtureStart, fixtureStop, getSocket, Profile } from './fixture'
import { isUnauthorizedError } from '../UnauthorizedError.js'
import {
fixtureStart,
fixtureStop,
getSocket,
Profile
} from './fixture/index.js'
describe('authorize - with secret as string in options', () => {
let token: string = ''
@ -23,9 +29,12 @@ describe('authorize - with secret as string in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -35,11 +44,14 @@ describe('authorize - with secret as string in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -49,11 +61,14 @@ describe('authorize - with secret as string in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
@ -67,8 +82,8 @@ describe('authorize - with secret as string in options', () => {
socket.close()
done()
})
socket.on('connect_error', (err: any) => {
done(err)
socket.on('connect_error', (error) => {
done(error)
})
})
})
@ -100,9 +115,12 @@ describe('authorize - with secret as callback in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -112,11 +130,14 @@ describe('authorize - with secret as callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -126,11 +147,14 @@ describe('authorize - with secret as callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
@ -144,8 +168,8 @@ describe('authorize - with secret as callback in options', () => {
socket.close()
done()
})
socket.on('connect_error', (err: any) => {
done(err)
socket.on('connect_error', (error) => {
done(error)
})
})
})
@ -188,9 +212,12 @@ describe('authorize - with onAuthentication callback in options', () => {
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual('no token provided')
expect(err.data.code).toEqual('credentials_required')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
@ -200,11 +227,14 @@ describe('authorize - with onAuthentication callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(err.data.code).toEqual('credentials_bad_format')
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
@ -214,11 +244,14 @@ describe('authorize - with onAuthentication callback in options', () => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (err: any) => {
expect(err.data.message).toEqual(
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(err.data.code).toEqual('invalid_token')
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})

View File

@ -1,11 +1,12 @@
import type { Server as HttpServer } from 'node:http'
import type { Server as HttpsServer } from 'node:https'
import express from 'express'
import jwt from 'jsonwebtoken'
import { Server as HttpServer } from 'http'
import { Server as HttpsServer } from 'https'
import { Server as SocketIoServer } from 'socket.io'
import enableDestroy from 'server-destroy'
import { authorize, AuthorizeOptions } from '../../index'
import { authorize, AuthorizeOptions } from '../../index.js'
export interface Profile {
email: string
@ -20,7 +21,7 @@ interface Socket {
const socket: Socket = {
io: null,
init (httpServer) {
init(httpServer) {
socket.io = new SocketIoServer(httpServer)
}
}
@ -40,7 +41,10 @@ export const fixtureStart = async (
if (typeof options.secret === 'string') {
keySecret = options.secret
} else {
keySecret = await options.secret({ header: { alg: 'HS256' }, payload: profile })
keySecret = await options.secret({
header: { alg: 'HS256' },
payload: profile
})
}
const app = express()
app.use(express.json())

View File

@ -1,16 +1,12 @@
import jwt, { Algorithm } from 'jsonwebtoken'
import { Socket } from 'socket.io'
import { UnauthorizedError } from './UnauthorizedError'
import { UnauthorizedError } from './UnauthorizedError.js'
declare module 'socket.io' {
interface Socket extends ExtendedSocket {}
}
interface ExtendedError extends Error {
data?: any
}
interface ExtendedSocket {
encodedToken?: string
decodedToken?: any
@ -19,7 +15,7 @@ interface ExtendedSocket {
type SocketIOMiddleware = (
socket: Socket,
next: (error?: ExtendedError) => void
next: (error?: UnauthorizedError) => void
) => void
interface CompleteDecodedToken {
@ -30,7 +26,9 @@ interface CompleteDecodedToken {
payload: any
}
type SecretCallback = (decodedToken: CompleteDecodedToken) => Promise<string> | string
type SecretCallback = (
decodedToken: CompleteDecodedToken
) => Promise<string> | string
export interface AuthorizeOptions {
secret: string | SecretCallback

View File

@ -1 +1,2 @@
export * from './authorize'
export * from './authorize.js'
export * from './UnauthorizedError.js'

View File

@ -6,8 +6,9 @@
"moduleResolution": "node",
"outDir": "./build",
"rootDir": "./src",
"noEmit": true,
"strict": true,
"esModuleInterop": true,
"declaration": true,
"skipLibCheck": true,
"esModuleInterop": true
}
}