Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: Thream:develop
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0
..
compare: Thream:v2.2.1
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0

No commits in common. "develop" and "v2.2.1" have entirely different histories.
develop ... v2.2.1

33 changed files with 17932 additions and 8089 deletions
Show Stats Expand all files Collapse all files

15
.eslintrc.json
View File

@ -1,15 +1,22 @@
{
"extends": ["conventions", "prettier"],
"plugins": ["prettier", "import", "unicorn"],
"parser": "@typescript-eslint/parser",
"extends": ["standard-with-typescript", "prettier"],
"plugins": ["unicorn", "import", "prettier"],
"parserOptions": {
"project": "./tsconfig.json"
},
"env": {
"node": true
"node": true,
"jest": true
},
"rules": {
"prettier/prettier": "error",
"import/order": [
"error",
{
"groups": ["builtin", "external", "internal"],
"newlines-between": "always"
}
],
"import/extensions": ["error", "always"],
"unicorn/prefer-node-protocol": "error"
}

8
.github/ISSUE_TEMPLATE/BUG.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🐛 Bug Report"
about: "Report an unexpected problem or unintended behavior."
title: "[Bug]"
labels: "bug"
name: '🐛 Bug Report'
about: 'Report an unexpected problem or unintended behavior.'
title: '[Bug]'
labels: 'bug'
---
<!--

8
.github/ISSUE_TEMPLATE/DOCUMENTATION.md vendored
View File

@ -1,8 +1,8 @@
---
name: "📜 Documentation"
about: "Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...)."
title: "[Documentation]"
labels: "documentation"
name: '📜 Documentation'
about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
title: '[Documentation]'
labels: 'documentation'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md vendored
View File

@ -1,8 +1,8 @@
---
name: "✨ Feature Request"
about: "Suggest a new feature idea."
title: "[Feature]"
labels: "feature request"
name: '✨ Feature Request'
about: 'Suggest a new feature idea.'
title: '[Feature]'
labels: 'feature request'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/IMPROVEMENT.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🔧 Improvement"
about: "Improve structure/format/performance/refactor/tests of the code."
title: "[Improvement]"
labels: "improvement"
name: '🔧 Improvement'
about: 'Improve structure/format/performance/refactor/tests of the code.'
title: '[Improvement]'
labels: 'improvement'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/QUESTION.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🙋 Question"
about: "Further information is requested."
title: "[Question]"
labels: "question"
name: '🙋 Question'
about: 'Further information is requested.'
title: '[Question]'
labels: 'question'
---
### Question

2
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,6 +1,6 @@
<!-- Please first discuss the change you wish to make via issue before making a change. It might avoid a waste of your time. -->
# What changes this PR introduce?
## What changes this PR introduce?
## List any relevant issue numbers

26
.github/workflows/build.yml vendored
View File

@ -1,27 +1,25 @@
name: "Build"
name: 'Build'
on:
push:
branches: [develop]
branches: [master, develop]
pull_request:
branches: [master, develop]
jobs:
build:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v2'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install'
run: 'npm install'
- name: "Build"
run: "npm run build"
- run: "npm run build:typescript"
- name: 'Build Package'
run: 'npm run build'

28
.github/workflows/lint.yml vendored
View File

@ -1,28 +1,28 @@
name: "Lint"
name: 'Lint'
on:
push:
branches: [develop]
branches: [master, develop]
pull_request:
branches: [master, develop]
jobs:
lint:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v2'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install'
run: 'npm install'
- run: 'npm run lint:commit -- --to "${{ github.sha }}"'
- run: "npm run lint:editorconfig"
- run: "npm run lint:markdown"
- run: "npm run lint:eslint"
- run: "npm run lint:prettier"
- run: 'npm run lint:editorconfig'
- run: 'npm run lint:markdown'
- run: 'npm run lint:typescript'
- run: 'npm run lint:prettier'

36
.github/workflows/release.yml vendored
View File

@ -1,4 +1,4 @@
name: "Release"
name: 'Release'
on:
push:
@ -6,34 +6,24 @@ on:
jobs:
release:
runs-on: "ubuntu-latest"
permissions:
contents: "write"
issues: "write"
pull-requests: "write"
id-token: "write"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v2'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install'
run: 'npm install'
- name: "Build Package"
run: "npm run build"
- name: 'Build Package'
run: 'npm run build'
- run: "npm run build:typescript"
- name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
run: "npm audit signatures"
- name: "Release"
run: "npm run release"
- name: 'Release'
run: 'npm run release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

28
.github/workflows/test.yml vendored
View File

@ -1,28 +1,28 @@
name: "Test"
name: 'Test'
on:
push:
branches: [develop]
branches: [master, develop]
pull_request:
branches: [master, develop]
jobs:
test:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v2'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Use Node.js'
uses: 'actions/setup-node@v2.5.1'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install'
run: 'npm install'
- name: "Build"
run: "npm run build"
- name: 'Test'
run: 'npm run test'
- name: "Test"
run: "npm run test"
- name: 'Upload Coverage'
uses: 'codecov/codecov-action@v2.1.0'

1
.gitignore vendored
View File

@ -10,7 +10,6 @@ build
# testing
coverage
.nyc_output
# debug
npm-debug.log*

1
.husky/pre-commit
View File

@ -3,4 +3,3 @@
npm run lint:staged
npm run build
npm run build:typescript

8
.lintstagedrc.json
View File

@ -1,6 +1,10 @@
{
"*": ["editorconfig-checker"],
"*.{js,jsx,ts,tsx}": ["prettier --write", "eslint --fix"],
"*.{js,jsx,ts,tsx}": [
"prettier --write",
"eslint --fix",
"jest --findRelatedTests"
],
"*.{json,jsonc,yml,yaml}": ["prettier --write"],
"*.{md,mdx}": ["prettier --write", "markdownlint-cli2 --fix"]
"*.{md}": ["prettier --write", "markdownlint --dot --fix"]
}

11
.markdownlint-cli2.jsonc
View File

@ -1,11 +0,0 @@
{
"config": {
"extends": "markdownlint/style/prettier",
"relative-links": true,
"default": true,
"MD033": false
},
"globs": ["**/*.{md,mdx}"],
"ignores": ["**/node_modules"],
"customRules": ["markdownlint-rule-relative-links"]
}

7
.markdownlint.json Normal file
View File

@ -0,0 +1,7 @@
{
"default": true,
"MD013": false,
"MD024": false,
"MD033": false,
"MD041": false
}

1
.npmrc
View File

@ -1,2 +1 @@
save-exact=true
provenance=true

5
.prettierrc.json
View File

@ -1,3 +1,6 @@
{
"semi": false
"singleQuote": true,
"jsxSingleQuote": true,
"semi": false,
"trailingComma": "none"
}

15
.swcrc
View File

@ -1,13 +1,22 @@
{
"sourceMaps": true,
"jsc": {
"parser": {
"syntax": "typescript",
"decorators": true,
"dynamicImport": true
},
"target": "esnext"
"transform": {
"legacyDecorator": true,
"decoratorMetadata": true
},
"target": "es2022",
"loose": true
},
"module": {
"type": "es6"
"type": "commonjs",
"strict": false,
"strictMode": true,
"lazy": false,
"noInterop": false
}
}

3
.vscode/settings.json vendored
View File

@ -6,6 +6,5 @@
"editor.formatOnSave": true,
"editor.codeActionsOnSave": {
"source.fixAll": true
},
"eslint.options": { "ignorePath": ".gitignore" }
}
}

2
CODE_OF_CONDUCT.md
View File

@ -60,7 +60,7 @@ representative at an online or offline event.
Instances of abusive, harassing, or otherwise unacceptable behavior may be
reported to the community leaders responsible for enforcement at
<contact@theoludwig.fr>.
contact@divlo.fr.
All complaints will be reviewed and investigated promptly and fairly.
All community leaders are obligated to respect the privacy and security of the

26
CONTRIBUTING.md
View File

@ -21,7 +21,7 @@ All work on **Thream** happens directly on [GitHub](https://github.com/Thream).
- **Please first discuss** the change you wish to make via [issue](https://github.com/Thream/socketio-jwt/issues) before making a change. It might avoid a waste of your time.
- Ensure your code respect linting.
- Ensure your code respect `eslint` and `prettier`.
- Make sure your **code passes the tests**.
@ -29,4 +29,26 @@ If you're adding new features to **Thream/socketio-jwt**, please include tests.
## Commits
The commit message guidelines adheres to [Conventional Commits](https://www.conventionalcommits.org/) and [Semantic Versioning](https://semver.org/) for releases.
The commit message guidelines respect [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/master/%40commitlint/config-conventional) and [Semantic Versioning](https://semver.org/) for releases.
### Types
Types define which kind of changes you made to the project.
| Types | Description |
| -------- | ------------------------------------------------------------------------------------------------------------ |
| feat | A new feature. |
| fix | A bug fix. |
| docs | Documentation only changes. |
| style | Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc). |
| refactor | A code change that neither fixes a bug nor adds a feature. |
| perf | A code change that improves performance. |
| test | Adding missing tests or correcting existing tests. |
| build | Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm). |
| ci | Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs). |
| chore | Other changes that don't modify src or test files. |
| revert | Reverts a previous commit. |
### Scopes
Scopes define what part of the code changed.

2
LICENSE
View File

@ -1,6 +1,6 @@
MIT License
Copyright (c) Auth0, Inc. <support@auth0.com> (<https://auth0.com/>) and Thream contributors
Copyright (c) Auth0, Inc. <support@auth0.com> (http://auth0.com) and Thream contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

64
README.md
View File

@ -4,10 +4,6 @@
<strong>Authenticate socket.io incoming connections with JWTs.</strong>
</p>
<p align="center">
<strong>⚠️ This project is not maintained anymore, you can still use the code as you wish and fork it to maintain it yourself.</strong>
</p>
<p align="center">
<a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
@ -16,6 +12,7 @@
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/build.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/lint.yml/badge.svg?branch=develop" /></a>
<a href="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml"><img src="https://github.com/Thream/socketio-jwt/actions/workflows/test.yml/badge.svg?branch=develop" /></a>
<a href="https://codecov.io/gh/Thream/socketio-jwt"><img src="https://codecov.io/gh/Thream/socketio-jwt/branch/develop/graph/badge.svg" alt="codecov" /></a>
<br />
<a href="https://conventionalcommits.org"><img src="https://img.shields.io/badge/Conventional%20Commits-1.0.0-yellow.svg" alt="Conventional Commits" /></a>
<a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release" /></a>
@ -26,12 +23,9 @@
Authenticate socket.io incoming connections with JWTs.
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) and it is not intended to take any credit but to improve the code from now on.
Compatible with `socket.io >= 3.0.0`.
## Prerequisites
- [Node.js](https://nodejs.org/) >= 16.0.0
- [Socket.IO](https://socket.io/) >= 3.0.0
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
## 💾 Install
@ -46,24 +40,24 @@ npm install --save @thream/socketio-jwt
### Server side
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
}),
secret: 'your secret or public key'
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
const clients = await io.sockets.allSockets()
if (clients != null) {
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
client?.emit("messages", { message: "Success!" })
client?.emit('messages', { message: 'Success!' })
// we can access the jwt payload of each connected client
console.log(client?.decodedToken)
}
@ -74,12 +68,12 @@ io.on("connection", async (socket) => {
### Server side with `jwks-rsa` (example)
```ts
import jwksClient from "jwks-rsa"
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import jwksClient from 'jwks-rsa'
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const client = jwksClient({
jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
})
const io = new Server(9000)
@ -88,11 +82,11 @@ io.use(
secret: async (decodedToken) => {
const key = await client.getSigningKeyAsync(decodedToken.header.kid)
return key.getPublicKey()
},
}),
}
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
@ -102,21 +96,21 @@ io.on("connection", async (socket) => {
### Server side with `onAuthentication` (example)
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
secret: 'your secret or public key',
onAuthentication: async (decodedToken) => {
// return the object that you want to add to the user property
// or throw an error if the token is unauthorized
},
}),
}
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
@ -134,23 +128,23 @@ io.on("connection", async (socket) => {
### Client side
```ts
import { io } from "socket.io-client"
import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
import { io } from 'socket.io-client'
import { isUnauthorizedError } from '@thream/socketio-jwt'
// Require Bearer Token
const socket = io("http://localhost:9000", {
auth: { token: `Bearer ${yourJWT}` },
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${yourJWT}` }
})
// Handling token expiration
socket.on("connect_error", (error) => {
socket.on('connect_error', (error) => {
if (isUnauthorizedError(error)) {
console.log("User token has expired")
console.log('User token has expired')
}
})
// Listening to events
socket.on("messages", (data) => {
socket.on('messages', (data) => {
console.log(data)
})
```

10
jest.config.json Normal file
View File

@ -0,0 +1,10 @@
{
"testEnvironment": "node",
"resolver": "jest-ts-webcompat-resolver",
"transform": {
"^.+\\.(t|j)sx?$": ["@swc/jest"]
},
"rootDir": "./src",
"collectCoverage": true,
"coverageDirectory": "../coverage/"
}

24837
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

94
package.json
View File

@ -1,32 +1,26 @@
{
"name": "@thream/socketio-jwt",
"version": "0.0.0-development",
"type": "module",
"public": true,
"description": "Authenticate socket.io incoming connections with JWTs.",
"license": "MIT",
"main": "build/index.js",
"types": "build/index.d.ts",
"files": [
"build",
"!**/*.test.js",
"!**/*.test.d.ts",
"!**/*.map"
"build"
],
"engines": {
"node": ">=16.0.0",
"npm": ">=9.0.0"
"node": ">=12.0.0"
},
"publishConfig": {
"access": "public",
"provenance": true
"access": "public"
},
"keywords": [
"socket",
"socket.io",
"jwt"
],
"author": "Théo LUDWIG <contact@theoludwig.fr>",
"author": "Divlo <contact@divlo.fr>",
"repository": {
"type": "git",
"url": "https://github.com/Thream/socketio-jwt"
@ -36,16 +30,14 @@
},
"homepage": "https://github.com/Thream/socketio-jwt#readme",
"scripts": {
"build": "rimraf ./build && swc ./src --out-dir ./build",
"build:dev": "swc ./src --out-dir ./build --watch",
"build:typescript": "tsc",
"build": "rimraf ./build && swc ./src --out-dir ./build && tsc",
"lint:commit": "commitlint",
"lint:editorconfig": "editorconfig-checker",
"lint:markdown": "markdownlint-cli2",
"lint:eslint": "eslint . --max-warnings 0 --report-unused-disable-directives --ignore-path .gitignore",
"lint:prettier": "prettier . --check",
"lint:markdown": "markdownlint \"**/*.md\" --dot --ignore-path \".gitignore\"",
"lint:typescript": "eslint \"**/*.{js,jsx,ts,tsx}\" --ignore-path \".gitignore\"",
"lint:prettier": "prettier \".\" --check --ignore-path \".gitignore\"",
"lint:staged": "lint-staged",
"test": "cross-env NODE_ENV=test node --enable-source-maps --test build/",
"test": "jest",
"release": "semantic-release",
"postinstall": "husky install",
"prepublishOnly": "pinst --disable",
@ -55,39 +47,43 @@
"socket.io": ">=3.0.0"
},
"dependencies": {
"jsonwebtoken": "9.0.2"
"jsonwebtoken": "8.5.1"
},
"devDependencies": {
"@commitlint/cli": "18.0.0",
"@commitlint/config-conventional": "18.0.0",
"@swc/cli": "0.1.62",
"@swc/core": "1.3.94",
"@tsconfig/strictest": "2.0.2",
"@types/jsonwebtoken": "9.0.4",
"@types/node": "20.8.7",
"@typescript-eslint/eslint-plugin": "6.9.0",
"@typescript-eslint/parser": "6.9.0",
"axios": "1.5.1",
"cross-env": "7.0.3",
"editorconfig-checker": "5.1.1",
"eslint": "8.52.0",
"eslint-config-conventions": "12.0.0",
"eslint-config-prettier": "9.0.0",
"eslint-plugin-import": "2.29.0",
"eslint-plugin-prettier": "5.0.1",
"eslint-plugin-promise": "6.1.1",
"eslint-plugin-unicorn": "48.0.1",
"fastify": "4.24.3",
"husky": "8.0.3",
"lint-staged": "15.0.2",
"markdownlint-cli2": "0.10.0",
"markdownlint-rule-relative-links": "2.1.0",
"pinst": "3.0.0",
"prettier": "3.0.3",
"rimraf": "5.0.5",
"semantic-release": "22.0.5",
"socket.io": "4.7.2",
"socket.io-client": "4.7.2",
"typescript": "5.2.2"
"@commitlint/cli": "16.2.1",
"@commitlint/config-conventional": "16.2.1",
"@swc/cli": "0.1.55",
"@swc/core": "1.2.141",
"@swc/jest": "0.2.17",
"@types/express": "4.17.13",
"@types/jest": "27.4.0",
"@types/jsonwebtoken": "8.5.8",
"@types/node": "17.0.18",
"@types/server-destroy": "1.0.1",
"@typescript-eslint/eslint-plugin": "4.32.0",
"axios": "0.26.0",
"editorconfig-checker": "4.0.2",
"eslint": "7.32.0",
"eslint-config-prettier": "8.3.0",
"eslint-config-standard-with-typescript": "21.0.1",
"eslint-plugin-import": "2.25.4",
"eslint-plugin-node": "11.1.0",
"eslint-plugin-prettier": "4.0.0",
"eslint-plugin-promise": "5.2.0",
"eslint-plugin-unicorn": "40.1.0",
"express": "4.17.3",
"husky": "7.0.4",
"jest": "27.5.1",
"jest-ts-webcompat-resolver": "1.0.0",
"lint-staged": "12.3.4",
"markdownlint-cli": "0.31.1",
"pinst": "2.1.6",
"rimraf": "3.0.2",
"semantic-release": "19.0.2",
"server-destroy": "1.0.1",
"prettier": "2.5.1",
"socket.io": "4.4.1",
"socket.io-client": "4.4.1",
"typescript": "4.5.5"
}
}

20
src/UnauthorizedError.ts
View File

@ -1,30 +1,20 @@
export class UnauthorizedError extends Error {
public inner: { message: string }
public data: { message: string; code: string; type: "UnauthorizedError" }
public data: { message: string; code: string; type: 'UnauthorizedError' }
constructor(code: string, error: { message: string }) {
super(error.message)
this.name = "UnauthorizedError"
this.message = error.message
this.inner = error
this.data = {
message: this.message,
code,
type: "UnauthorizedError",
type: 'UnauthorizedError'
}
Object.setPrototypeOf(this, UnauthorizedError.prototype)
}
}
export const isUnauthorizedError = (
error: unknown,
): error is UnauthorizedError => {
return (
typeof error === "object" &&
error != null &&
"data" in error &&
typeof error.data === "object" &&
error.data != null &&
"type" in error.data &&
error.data.type === "UnauthorizedError"
)
export const isUnauthorizedError = (error: any): error is UnauthorizedError => {
return error.data.type === 'UnauthorizedError'
}

581
src/__test__/authorize.test.ts
View File

@ -1,340 +1,299 @@
import test from "node:test"
import assert from "node:assert/strict"
import axios from 'axios'
import { io } from 'socket.io-client'
import axios from "axios"
import type { Socket } from "socket.io-client"
import { io } from "socket.io-client"
import { isUnauthorizedError } from "../UnauthorizedError.js"
import type { Profile } from "./fixture/index.js"
import { isUnauthorizedError } from '../UnauthorizedError.js'
import {
API_URL,
fixtureStart,
fixtureStop,
getSocket,
basicProfile,
} from "./fixture/index.js"
Profile
} from './fixture/index.js'
export const api = axios.create({
baseURL: API_URL,
headers: {
"Content-Type": "application/json",
},
describe('authorize - with secret as string in options', () => {
let token: string = ''
beforeEach((done) => {
fixtureStart(async () => {
const response = await axios.post('http://localhost:9000/login')
token = response.data.token
})
.then(done)
.catch((error) => {
done(error)
})
})
afterEach((done) => {
fixtureStop(done)
})
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
})
it('should emit error with bad token format', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
})
it('should emit error with unauthorized handshake', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
})
it('should connect the user', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${token}` }
})
socket.on('connect', () => {
socket.close()
done()
})
socket.on('connect_error', (error) => {
done(error)
})
})
})
const secretCallback = async (): Promise<string> => {
return "somesecret"
return 'somesecret'
}
await test("authorize", async (t) => {
await t.test("with secret as string in options", async (t) => {
let token = ""
let socket: Socket | null = null
describe('authorize - with secret as callback in options', () => {
let token: string = ''
t.beforeEach(async () => {
await fixtureStart()
const response = await api.post("/login", {})
token = response.data.token
})
beforeEach((done) => {
fixtureStart(
async () => {
const response = await axios.post('http://localhost:9000/login')
token = response.data.token
},
{ secret: secretCallback }
)
.then(done)
.catch((error) => {
done(error)
})
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
})
afterEach((done) => {
fixtureStop(done)
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
})
await t.test("with secret as callback in options", async (t) => {
let token = ""
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart({ secret: secretCallback })
const response = await api.post("/login", {})
token = response.data.token
it('should emit error with bad token format', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
})
await t.test("with onAuthentication callback in options", async (t) => {
let token = ""
let wrongToken = ""
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart({
secret: secretCallback,
onAuthentication: (decodedToken: Profile) => {
if (!decodedToken.checkField) {
throw new Error("Check Field validation failed")
}
return {
email: decodedToken.email,
}
},
})
const response = await api.post("/login", {})
token = response.data.token
const responseWrong = await api.post("/login-wrong", {})
wrongToken = responseWrong.data.token
it('should emit error with unauthorized handshake', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
t.afterEach(async () => {
socket?.disconnect()
await fixtureStop()
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
})
await t.test("should emit error with no token provided", () => {
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
it('should connect the user', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${token}` }
})
await t.test("should emit error with bad token format", () => {
socket = io(API_URL, {
auth: { token: "testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Format is Authorization: Bearer [token]",
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
socket.on('connect', () => {
socket.close()
done()
})
await t.test("should emit error with unauthorized handshake", () => {
socket = io(API_URL, {
auth: { token: "Bearer testing" },
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
})
await t.test("should contains user properties", () => {
const socketServer = getSocket()
socketServer?.on("connection", (client: any) => {
assert.strictEqual(client.user.email, basicProfile.email)
assert.ok(true)
})
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
})
await t.test("should emit error when user validation fails", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${wrongToken}` },
})
socket.on("connect_error", async (error) => {
try {
assert.strictEqual(error.message, "Check Field validation failed")
assert.ok(true)
} catch {
assert.fail(error.message)
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
socket.on('connect_error', (error) => {
done(error)
})
})
})
describe('authorize - with onAuthentication callback in options', () => {
let token: string = ''
let wrongToken: string = ''
beforeEach((done) => {
fixtureStart(
async () => {
const response = await axios.post('http://localhost:9000/login')
token = response.data.token
const responseWrong = await axios.post(
'http://localhost:9000/login-wrong'
)
wrongToken = responseWrong.data.token
},
{
secret: secretCallback,
onAuthentication: (decodedToken: Profile) => {
if (!decodedToken.checkField) {
throw new Error('Check Field validation failed')
}
return {
email: decodedToken.email
}
}
}
)
.then(done)
.catch((error) => {
done(error)
})
})
afterEach((done) => {
fixtureStop(done)
})
it('should emit error with no token provided', (done) => {
const socket = io('http://localhost:9000')
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual('no token provided')
expect(error.data.code).toEqual('credentials_required')
}
socket.close()
done()
})
})
it('should emit error with bad token format', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'testing' }
})
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Format is Authorization: Bearer [token]'
)
expect(error.data.code).toEqual('credentials_bad_format')
}
socket.close()
done()
})
})
it('should emit error with unauthorized handshake', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', (error) => {
expect(isUnauthorizedError(error)).toBeTruthy()
if (isUnauthorizedError(error)) {
expect(error.data.message).toEqual(
'Unauthorized: Token is missing or invalid Bearer'
)
expect(error.data.code).toEqual('invalid_token')
}
socket.close()
done()
})
})
it('should connect the user', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${token}` }
})
socket.on('connect', () => {
socket.close()
done()
})
})
it('should contain user property', (done) => {
const socketServer = getSocket()
socketServer?.on('connection', (client: any) => {
expect(client.user.email).toEqual('john@doe.com')
})
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${token}` }
})
socket.on('connect', () => {
socket.close()
done()
})
})
it('should emit error when user validation fails', (done) => {
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${wrongToken}` }
})
socket.on('connect_error', (err: any) => {
try {
expect(err.message).toEqual('Check Field validation failed')
} catch (err) {
socket.close()
done(err)
}
socket.close()
done()
})
})
})

103
src/__test__/fixture/index.ts
View File

@ -1,83 +1,80 @@
import jwt from "jsonwebtoken"
import { Server as SocketIoServer } from "socket.io"
import type { FastifyInstance } from "fastify"
import fastify from "fastify"
import type { Server as HttpServer } from 'node:http'
import type { Server as HttpsServer } from 'node:https'
import type { AuthorizeOptions } from "../../index.js"
import { authorize } from "../../index.js"
import express from 'express'
import jwt from 'jsonwebtoken'
import { Server as SocketIoServer } from 'socket.io'
import enableDestroy from 'server-destroy'
interface FastifyIo {
instance: SocketIoServer
}
import { authorize, AuthorizeOptions } from '../../index.js'
declare module "fastify" {
export interface FastifyInstance {
io: FastifyIo
}
}
export interface BasicProfile {
export interface Profile {
email: string
id: number
}
export interface Profile extends BasicProfile {
checkField: boolean
}
export const PORT = 9000
export const API_URL = `http://localhost:${PORT}`
export const basicProfile: BasicProfile = {
email: "john@doe.com",
id: 123,
interface Socket {
io: null | SocketIoServer
init: (httpServer: HttpServer | HttpsServer) => void
}
let application: FastifyInstance | null = null
const socket: Socket = {
io: null,
init(httpServer) {
socket.io = new SocketIoServer(httpServer)
}
}
let server: HttpServer | null = null
export const fixtureStart = async (
options: AuthorizeOptions = { secret: "super secret" },
done: any,
options: AuthorizeOptions = { secret: 'super secret' }
): Promise<void> => {
const profile: Profile = { ...basicProfile, checkField: true }
let keySecret = ""
if (typeof options.secret === "string") {
const profile: Profile = {
email: 'john@doe.com',
id: 123,
checkField: true
}
let keySecret = ''
if (typeof options.secret === 'string') {
keySecret = options.secret
} else {
keySecret = await options.secret({
header: { alg: "HS256" },
payload: profile,
header: { alg: 'HS256' },
payload: profile
})
}
application = fastify()
application.post("/login", async (_request, reply) => {
const app = express()
app.use(express.json())
app.post('/login', (_req, res) => {
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
expiresIn: 60 * 60 * 5
})
reply.statusCode = 201
return { token }
return res.json({ token })
})
application.post("/login-wrong", async (_request, reply) => {
app.post('/login-wrong', (_req, res) => {
profile.checkField = false
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
expiresIn: 60 * 60 * 5
})
reply.statusCode = 201
return { token }
})
const instance = new SocketIoServer(application.server)
instance.use(authorize(options))
application.decorate("io", { instance })
application.addHook("onClose", (fastify) => {
fastify.io.instance.close()
})
await application.listen({
port: PORT,
return res.json({ token })
})
server = app.listen(9000, done)
socket.init(server)
socket.io?.use(authorize(options))
enableDestroy(server)
}
export const fixtureStop = async (): Promise<void> => {
await application?.close()
export const fixtureStop = (callback: Function): void => {
socket.io?.close()
try {
server?.destroy()
} catch {}
callback()
}
export const getSocket = (): SocketIoServer | undefined => {
return application?.io.instance
export const getSocket = (): SocketIoServer | null => {
return socket.io
}

41
src/authorize.ts
View File

@ -1,10 +1,9 @@
import type { Algorithm } from "jsonwebtoken"
import jwt from "jsonwebtoken"
import type { Socket } from "socket.io"
import jwt, { Algorithm } from 'jsonwebtoken'
import { Socket } from 'socket.io'
import { UnauthorizedError } from "./UnauthorizedError.js"
import { UnauthorizedError } from './UnauthorizedError.js'
declare module "socket.io" {
declare module 'socket.io' {
interface Socket extends ExtendedSocket {}
}
@ -16,7 +15,7 @@ interface ExtendedSocket {
type SocketIOMiddleware = (
socket: Socket,
next: (error?: UnauthorizedError) => void,
next: (error?: UnauthorizedError) => void
) => void
interface CompleteDecodedToken {
@ -28,7 +27,7 @@ interface CompleteDecodedToken {
}
type SecretCallback = (
decodedToken: CompleteDecodedToken,
decodedToken: CompleteDecodedToken
) => Promise<string> | string
export interface AuthorizeOptions {
@ -38,32 +37,32 @@ export interface AuthorizeOptions {
}
export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
const { secret, algorithms = ["HS256"], onAuthentication } = options
const { secret, algorithms = ['HS256'], onAuthentication } = options
return async (socket, next) => {
let encodedToken: string | null = null
const { token } = socket.handshake.auth
if (token != null) {
const tokenSplitted = token.split(" ")
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== "Bearer") {
const tokenSplitted = token.split(' ')
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
return next(
new UnauthorizedError("credentials_bad_format", {
message: "Format is Authorization: Bearer [token]",
}),
new UnauthorizedError('credentials_bad_format', {
message: 'Format is Authorization: Bearer [token]'
})
)
}
encodedToken = tokenSplitted[1]
}
if (encodedToken == null) {
return next(
new UnauthorizedError("credentials_required", {
message: "no token provided",
}),
new UnauthorizedError('credentials_required', {
message: 'no token provided'
})
)
}
socket.encodedToken = encodedToken
let keySecret: string | null = null
let decodedToken: any = null
if (typeof secret === "string") {
let decodedToken: any
if (typeof secret === 'string') {
keySecret = secret
} else {
const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
@ -73,9 +72,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
} catch {
return next(
new UnauthorizedError("invalid_token", {
message: "Unauthorized: Token is missing or invalid Bearer",
}),
new UnauthorizedError('invalid_token', {
message: 'Unauthorized: Token is missing or invalid Bearer'
})
)
}
socket.decodedToken = decodedToken

4
src/index.ts
View File

@ -1,2 +1,2 @@
export * from "./authorize.js"
export * from "./UnauthorizedError.js"
export * from './authorize.js'
export * from './UnauthorizedError.js'

10
tsconfig.json
View File

@ -1,13 +1,15 @@
{
"extends": "@tsconfig/strictest/tsconfig.json",
"compilerOptions": {
"target": "ESNext",
"module": "commonjs",
"lib": ["ESNext"],
"module": "NodeNext",
"moduleResolution": "NodeNext",
"moduleResolution": "node",
"outDir": "./build",
"rootDir": "./src",
"emitDeclarationOnly": true,
"declaration": true
"declaration": true,
"strict": true,
"skipLibCheck": true,
"esModuleInterop": true
}
}