Thream/socketio-jwt
Archived
2
1
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: Thream:develop
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0
..
compare: Thream:v3.1.1
Branches Tags
Thream:develop
Thream:master
Thream:v3.1.3
Thream:v3.1.2
Thream:v3.1.1
Thream:v3.1.0
Thream:v3.0.4
Thream:v3.0.3
Thream:v3.0.2
Thream:v3.0.1
Thream:v3.0.0
Thream:v2.2.1
Thream:v2.2.0
Thream:v2.1.1
Thream:v2.1.0
Thream:v2.0.0
Thream:v1.1.1
Thream:v1.1.0
Thream:v1.0.1
Thream:v1.0.0

No commits in common. "develop" and "v3.1.1" have entirely different histories.
develop ... v3.1.1

23 changed files with 6665 additions and 3398 deletions
Show Stats Expand all files Collapse all files

1
.eslintrc.json
View File

@ -1,7 +1,6 @@
{
"extends": ["conventions", "prettier"],
"plugins": ["prettier", "import", "unicorn"],
"parser": "@typescript-eslint/parser",
"parserOptions": {
"project": "./tsconfig.json"
},

8
.github/ISSUE_TEMPLATE/BUG.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🐛 Bug Report"
about: "Report an unexpected problem or unintended behavior."
title: "[Bug]"
labels: "bug"
name: '🐛 Bug Report'
about: 'Report an unexpected problem or unintended behavior.'
title: '[Bug]'
labels: 'bug'
---
<!--

8
.github/ISSUE_TEMPLATE/DOCUMENTATION.md vendored
View File

@ -1,8 +1,8 @@
---
name: "📜 Documentation"
about: "Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...)."
title: "[Documentation]"
labels: "documentation"
name: '📜 Documentation'
about: 'Correct spelling errors, improvements or additions to documentation files (README, CONTRIBUTING...).'
title: '[Documentation]'
labels: 'documentation'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md vendored
View File

@ -1,8 +1,8 @@
---
name: "✨ Feature Request"
about: "Suggest a new feature idea."
title: "[Feature]"
labels: "feature request"
name: '✨ Feature Request'
about: 'Suggest a new feature idea.'
title: '[Feature]'
labels: 'feature request'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/IMPROVEMENT.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🔧 Improvement"
about: "Improve structure/format/performance/refactor/tests of the code."
title: "[Improvement]"
labels: "improvement"
name: '🔧 Improvement'
about: 'Improve structure/format/performance/refactor/tests of the code.'
title: '[Improvement]'
labels: 'improvement'
---
<!-- Please make sure your issue has not already been fixed. -->

8
.github/ISSUE_TEMPLATE/QUESTION.md vendored
View File

@ -1,8 +1,8 @@
---
name: "🙋 Question"
about: "Further information is requested."
title: "[Question]"
labels: "question"
name: '🙋 Question'
about: 'Further information is requested.'
title: '[Question]'
labels: 'question'
---
### Question

24
.github/workflows/build.yml vendored
View File

@ -1,4 +1,4 @@
name: "Build"
name: 'Build'
on:
push:
@ -8,20 +8,20 @@ on:
jobs:
build:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v3.5.3'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Setup Node.js'
uses: 'actions/setup-node@v3.6.0'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install dependencies'
run: 'npm clean-install'
- name: "Build"
run: "npm run build"
- name: 'Build'
run: 'npm run build'
- run: "npm run build:typescript"
- run: 'npm run build:typescript'

26
.github/workflows/lint.yml vendored
View File

@ -1,4 +1,4 @@
name: "Lint"
name: 'Lint'
on:
push:
@ -8,21 +8,21 @@ on:
jobs:
lint:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v3.5.3'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Setup Node.js'
uses: 'actions/setup-node@v3.6.0'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install dependencies'
run: 'npm clean-install'
- run: 'npm run lint:commit -- --to "${{ github.sha }}"'
- run: "npm run lint:editorconfig"
- run: "npm run lint:markdown"
- run: "npm run lint:eslint"
- run: "npm run lint:prettier"
- run: 'npm run lint:editorconfig'
- run: 'npm run lint:markdown'
- run: 'npm run lint:eslint'
- run: 'npm run lint:prettier'

40
.github/workflows/release.yml vendored
View File

@ -1,4 +1,4 @@
name: "Release"
name: 'Release'
on:
push:
@ -6,34 +6,34 @@ on:
jobs:
release:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
permissions:
contents: "write"
issues: "write"
pull-requests: "write"
id-token: "write"
contents: 'write'
issues: 'write'
pull-requests: 'write'
id-token: 'write'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v3.5.3'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Setup Node.js'
uses: 'actions/setup-node@v3.6.0'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install dependencies'
run: 'npm clean-install'
- name: "Build Package"
run: "npm run build"
- name: 'Build Package'
run: 'npm run build'
- run: "npm run build:typescript"
- run: 'npm run build:typescript'
- name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
run: "npm audit signatures"
- name: 'Verify the integrity of provenance attestations and registry signatures for installed dependencies'
run: 'npm audit signatures'
- name: "Release"
run: "npm run release"
- name: 'Release'
run: 'npm run release'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

26
.github/workflows/test.yml vendored
View File

@ -1,4 +1,4 @@
name: "Test"
name: 'Test'
on:
push:
@ -8,21 +8,21 @@ on:
jobs:
test:
runs-on: "ubuntu-latest"
runs-on: 'ubuntu-latest'
steps:
- uses: "actions/checkout@v4.0.0"
- uses: 'actions/checkout@v3.5.3'
- name: "Setup Node.js"
uses: "actions/setup-node@v3.8.1"
- name: 'Setup Node.js'
uses: 'actions/setup-node@v3.6.0'
with:
node-version: "20.x"
cache: "npm"
node-version: 'lts/*'
cache: 'npm'
- name: "Install dependencies"
run: "npm clean-install"
- name: 'Install dependencies'
run: 'npm clean-install'
- name: "Build"
run: "npm run build"
- name: 'Build'
run: 'npm run build'
- name: "Test"
run: "npm run test"
- name: 'Test'
run: 'npm run test'

5
.nycrc.json Normal file
View File

@ -0,0 +1,5 @@
{
"reporter": ["text", "cobertura"],
"src": "./build",
"all": true
}

5
.prettierrc.json
View File

@ -1,3 +1,6 @@
{
"semi": false
"singleQuote": true,
"jsxSingleQuote": true,
"semi": false,
"trailingComma": "none"
}

3
.swcrc
View File

@ -1,11 +1,10 @@
{
"sourceMaps": true,
"jsc": {
"parser": {
"syntax": "typescript",
"dynamicImport": true
},
"target": "esnext"
"target": "es2022"
},
"module": {
"type": "es6"

9
.taprc Normal file
View File

@ -0,0 +1,9 @@
ts: false
jsx: false
flow: false
check-coverage: false
coverage: false
timeout: 10000
files:
- 'build/**/*.test.js'

61
README.md
View File

@ -4,10 +4,6 @@
<strong>Authenticate socket.io incoming connections with JWTs.</strong>
</p>
<p align="center">
<strong>⚠️ This project is not maintained anymore, you can still use the code as you wish and fork it to maintain it yourself.</strong>
</p>
<p align="center">
<a href="./CONTRIBUTING.md"><img src="https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat" /></a>
<a href="./LICENSE"><img src="https://img.shields.io/badge/licence-MIT-blue.svg" alt="Licence MIT"/></a>
@ -26,12 +22,13 @@
Authenticate socket.io incoming connections with JWTs.
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) and it is not intended to take any credit but to improve the code from now on.
Compatible with `socket.io >= 3.0.0`.
This repository was originally forked from [auth0-socketio-jwt](https://github.com/auth0-community/auth0-socketio-jwt) & it is not intended to take any credit but to improve the code from now on.
## Prerequisites
- [Node.js](https://nodejs.org/) >= 16.0.0
- [Socket.IO](https://socket.io/) >= 3.0.0
## 💾 Install
@ -46,24 +43,24 @@ npm install --save @thream/socketio-jwt
### Server side
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
}),
secret: 'your secret or public key'
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
const clients = await io.sockets.allSockets()
if (clients != null) {
for (const clientId of clients) {
const client = io.sockets.sockets.get(clientId)
client?.emit("messages", { message: "Success!" })
client?.emit('messages', { message: 'Success!' })
// we can access the jwt payload of each connected client
console.log(client?.decodedToken)
}
@ -74,12 +71,12 @@ io.on("connection", async (socket) => {
### Server side with `jwks-rsa` (example)
```ts
import jwksClient from "jwks-rsa"
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import jwksClient from 'jwks-rsa'
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const client = jwksClient({
jwksUri: "https://sandrino.auth0.com/.well-known/jwks.json",
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json'
})
const io = new Server(9000)
@ -88,11 +85,11 @@ io.use(
secret: async (decodedToken) => {
const key = await client.getSigningKeyAsync(decodedToken.header.kid)
return key.getPublicKey()
},
}),
}
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
@ -102,21 +99,21 @@ io.on("connection", async (socket) => {
### Server side with `onAuthentication` (example)
```ts
import { Server } from "socket.io"
import { authorize } from "@thream/socketio-jwt"
import { Server } from 'socket.io'
import { authorize } from '@thream/socketio-jwt'
const io = new Server(9000)
io.use(
authorize({
secret: "your secret or public key",
secret: 'your secret or public key',
onAuthentication: async (decodedToken) => {
// return the object that you want to add to the user property
// or throw an error if the token is unauthorized
},
}),
}
})
)
io.on("connection", async (socket) => {
io.on('connection', async (socket) => {
// jwt payload of the connected client
console.log(socket.decodedToken)
// You can do the same things of the previous example there...
@ -134,23 +131,23 @@ io.on("connection", async (socket) => {
### Client side
```ts
import { io } from "socket.io-client"
import { isUnauthorizedError } from "@thream/socketio-jwt/build/UnauthorizedError.js"
import { io } from 'socket.io-client'
import { isUnauthorizedError } from '@thream/socketio-jwt/build/UnauthorizedError.js'
// Require Bearer Token
const socket = io("http://localhost:9000", {
auth: { token: `Bearer ${yourJWT}` },
const socket = io('http://localhost:9000', {
auth: { token: `Bearer ${yourJWT}` }
})
// Handling token expiration
socket.on("connect_error", (error) => {
socket.on('connect_error', (error) => {
if (isUnauthorizedError(error)) {
console.log("User token has expired")
console.log('User token has expired')
}
})
// Listening to events
socket.on("messages", (data) => {
socket.on('messages', (data) => {
console.log(data)
})
```

9277
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

63
package.json
View File

@ -10,8 +10,7 @@
"files": [
"build",
"!**/*.test.js",
"!**/*.test.d.ts",
"!**/*.map"
"!**/*.test.d.ts"
],
"engines": {
"node": ">=16.0.0",
@ -42,10 +41,10 @@
"lint:commit": "commitlint",
"lint:editorconfig": "editorconfig-checker",
"lint:markdown": "markdownlint-cli2",
"lint:eslint": "eslint . --max-warnings 0 --report-unused-disable-directives --ignore-path .gitignore",
"lint:prettier": "prettier . --check",
"lint:eslint": "eslint . --ignore-path .gitignore",
"lint:prettier": "prettier . --check --ignore-path .gitignore",
"lint:staged": "lint-staged",
"test": "cross-env NODE_ENV=test node --enable-source-maps --test build/",
"test": "c8 tap",
"release": "semantic-release",
"postinstall": "husky install",
"prepublishOnly": "pinst --disable",
@ -55,39 +54,41 @@
"socket.io": ">=3.0.0"
},
"dependencies": {
"jsonwebtoken": "9.0.2"
"jsonwebtoken": "9.0.0"
},
"devDependencies": {
"@commitlint/cli": "18.0.0",
"@commitlint/config-conventional": "18.0.0",
"@commitlint/cli": "17.6.6",
"@commitlint/config-conventional": "17.6.6",
"@swc/cli": "0.1.62",
"@swc/core": "1.3.94",
"@tsconfig/strictest": "2.0.2",
"@types/jsonwebtoken": "9.0.4",
"@types/node": "20.8.7",
"@typescript-eslint/eslint-plugin": "6.9.0",
"@typescript-eslint/parser": "6.9.0",
"axios": "1.5.1",
"cross-env": "7.0.3",
"@swc/core": "1.3.67",
"@tsconfig/strictest": "2.0.1",
"@types/jsonwebtoken": "9.0.2",
"@types/node": "20.3.3",
"@types/tap": "15.0.8",
"@typescript-eslint/eslint-plugin": "5.60.1",
"@typescript-eslint/parser": "5.60.1",
"axios": "1.4.0",
"c8": "8.0.0",
"editorconfig-checker": "5.1.1",
"eslint": "8.52.0",
"eslint-config-conventions": "12.0.0",
"eslint-config-prettier": "9.0.0",
"eslint-plugin-import": "2.29.0",
"eslint-plugin-prettier": "5.0.1",
"eslint": "8.44.0",
"eslint-config-conventions": "10.0.0",
"eslint-config-prettier": "8.8.0",
"eslint-plugin-import": "2.27.5",
"eslint-plugin-prettier": "4.2.1",
"eslint-plugin-promise": "6.1.1",
"eslint-plugin-unicorn": "48.0.1",
"fastify": "4.24.3",
"eslint-plugin-unicorn": "47.0.0",
"fastify": "4.19.1",
"husky": "8.0.3",
"lint-staged": "15.0.2",
"markdownlint-cli2": "0.10.0",
"lint-staged": "13.2.3",
"markdownlint-cli2": "0.8.1",
"markdownlint-rule-relative-links": "2.1.0",
"pinst": "3.0.0",
"prettier": "3.0.3",
"rimraf": "5.0.5",
"semantic-release": "22.0.5",
"socket.io": "4.7.2",
"socket.io-client": "4.7.2",
"typescript": "5.2.2"
"prettier": "2.8.8",
"rimraf": "5.0.1",
"semantic-release": "21.0.6",
"socket.io": "4.7.1",
"socket.io-client": "4.7.1",
"tap": "16.3.7",
"typescript": "5.0.4"
}
}

18
src/UnauthorizedError.ts
View File

@ -1,30 +1,30 @@
export class UnauthorizedError extends Error {
public inner: { message: string }
public data: { message: string; code: string; type: "UnauthorizedError" }
public data: { message: string; code: string; type: 'UnauthorizedError' }
constructor(code: string, error: { message: string }) {
super(error.message)
this.name = "UnauthorizedError"
this.name = 'UnauthorizedError'
this.inner = error
this.data = {
message: this.message,
code,
type: "UnauthorizedError",
type: 'UnauthorizedError'
}
Object.setPrototypeOf(this, UnauthorizedError.prototype)
}
}
export const isUnauthorizedError = (
error: unknown,
error: unknown
): error is UnauthorizedError => {
return (
typeof error === "object" &&
typeof error === 'object' &&
error != null &&
"data" in error &&
typeof error.data === "object" &&
'data' in error &&
typeof error.data === 'object' &&
error.data != null &&
"type" in error.data &&
error.data.type === "UnauthorizedError"
'type' in error.data &&
error.data.type === 'UnauthorizedError'
)
}

371
src/__test__/authorize.test.ts
View File

@ -1,39 +1,37 @@
import test from "node:test"
import assert from "node:assert/strict"
import tap from 'tap'
import axios from 'axios'
import type { Socket } from 'socket.io-client'
import { io } from 'socket.io-client'
import axios from "axios"
import type { Socket } from "socket.io-client"
import { io } from "socket.io-client"
import { isUnauthorizedError } from "../UnauthorizedError.js"
import type { Profile } from "./fixture/index.js"
import { isUnauthorizedError } from '../UnauthorizedError.js'
import type { Profile } from './fixture/index.js'
import {
API_URL,
fixtureStart,
fixtureStop,
getSocket,
basicProfile,
} from "./fixture/index.js"
basicProfile
} from './fixture/index.js'
export const api = axios.create({
baseURL: API_URL,
headers: {
"Content-Type": "application/json",
},
'Content-Type': 'application/json'
}
})
const secretCallback = async (): Promise<string> => {
return "somesecret"
return 'somesecret'
}
await test("authorize", async (t) => {
await t.test("with secret as string in options", async (t) => {
let token = ""
await tap.test('authorize', async (t) => {
await t.test('with secret as string in options', async (t) => {
let token = ''
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart()
const response = await api.post("/login", {})
const response = await api.post('/login', {})
token = response.data.token
})
@ -42,87 +40,82 @@ await test("authorize", async (t) => {
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
await t.test('should emit error with no token provided', (t) => {
t.plan(4)
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.message, 'no token provided')
t.equal(error.data.code, 'credentials_required')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with bad token format", () => {
await t.test('should emit error with bad token format', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: "testing" },
auth: { token: 'testing' }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
t.equal(error.data.code, 'credentials_bad_format')
}
t.pass()
})
socket.on('connect', async () => {
t.fail()
})
})
await t.test('should emit error with unauthorized handshake', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
t.equal(
error.data.message,
"Format is Authorization: Bearer [token]",
'Unauthorized: Token is missing or invalid Bearer'
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.code, 'invalid_token')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with unauthorized handshake", () => {
await t.test('should connect the user', (t) => {
t.plan(1)
socket = io(API_URL, {
auth: { token: "Bearer testing" },
auth: { token: `Bearer ${token}` }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
socket.on('connect', async () => {
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
socket.on('connect_error', async (error) => {
t.fail(error.message)
})
})
})
await t.test("with secret as callback in options", async (t) => {
let token = ""
await t.test('with secret as callback in options', async (t) => {
let token = ''
let socket: Socket | null = null
t.beforeEach(async () => {
await fixtureStart({ secret: secretCallback })
const response = await api.post("/login", {})
const response = await api.post('/login', {})
token = response.data.token
})
@ -131,83 +124,78 @@ await test("authorize", async (t) => {
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
await t.test('should emit error with no token provided', (t) => {
t.plan(4)
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.message, 'no token provided')
t.equal(error.data.code, 'credentials_required')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with bad token format", () => {
await t.test('should emit error with bad token format', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: "testing" },
auth: { token: 'testing' }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
t.equal(error.data.code, 'credentials_bad_format')
}
t.pass()
})
socket.on('connect', async () => {
t.fail()
})
})
await t.test('should emit error with unauthorized handshake', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
t.equal(
error.data.message,
"Format is Authorization: Bearer [token]",
'Unauthorized: Token is missing or invalid Bearer'
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.code, 'invalid_token')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with unauthorized handshake", () => {
await t.test('should connect the user', (t) => {
t.plan(1)
socket = io(API_URL, {
auth: { token: "Bearer testing" },
auth: { token: `Bearer ${token}` }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
socket.on('connect', async () => {
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
socket.on('connect_error', async (error) => {
t.fail(error.message)
})
})
})
await t.test("with onAuthentication callback in options", async (t) => {
let token = ""
let wrongToken = ""
await t.test('with onAuthentication callback in options', async (t) => {
let token = ''
let wrongToken = ''
let socket: Socket | null = null
t.beforeEach(async () => {
@ -215,16 +203,16 @@ await test("authorize", async (t) => {
secret: secretCallback,
onAuthentication: (decodedToken: Profile) => {
if (!decodedToken.checkField) {
throw new Error("Check Field validation failed")
throw new Error('Check Field validation failed')
}
return {
email: decodedToken.email,
email: decodedToken.email
}
}
},
})
const response = await api.post("/login", {})
const response = await api.post('/login', {})
token = response.data.token
const responseWrong = await api.post("/login-wrong", {})
const responseWrong = await api.post('/login-wrong', {})
wrongToken = responseWrong.data.token
})
@ -233,107 +221,104 @@ await test("authorize", async (t) => {
await fixtureStop()
})
await t.test("should emit error with no token provided", () => {
await t.test('should emit error with no token provided', (t) => {
t.plan(4)
socket = io(API_URL)
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(error.data.message, "no token provided")
assert.strictEqual(error.data.code, "credentials_required")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.message, 'no token provided')
t.equal(error.data.code, 'credentials_required')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with bad token format", () => {
await t.test('should emit error with bad token format', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: "testing" },
auth: { token: 'testing' }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
t.equal(error.data.message, 'Format is Authorization: Bearer [token]')
t.equal(error.data.code, 'credentials_bad_format')
}
t.pass()
})
socket.on('connect', async () => {
t.fail()
})
})
await t.test('should emit error with unauthorized handshake', (t) => {
t.plan(4)
socket = io(API_URL, {
auth: { token: 'Bearer testing' }
})
socket.on('connect_error', async (error) => {
t.equal(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
t.equal(
error.data.message,
"Format is Authorization: Bearer [token]",
'Unauthorized: Token is missing or invalid Bearer'
)
assert.strictEqual(error.data.code, "credentials_bad_format")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
t.equal(error.data.code, 'invalid_token')
}
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
await t.test("should emit error with unauthorized handshake", () => {
await t.test('should connect the user', (t) => {
t.plan(1)
socket = io(API_URL, {
auth: { token: "Bearer testing" },
auth: { token: `Bearer ${token}` }
})
socket.on("connect_error", async (error) => {
assert.strictEqual(isUnauthorizedError(error), true)
if (isUnauthorizedError(error)) {
assert.strictEqual(
error.data.message,
"Unauthorized: Token is missing or invalid Bearer",
)
assert.strictEqual(error.data.code, "invalid_token")
assert.ok(true)
} else {
assert.fail("should be unauthorized error")
}
socket.on('connect', async () => {
t.pass()
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect_error', async (error) => {
t.fail(error.message)
})
})
await t.test("should connect the user", () => {
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
})
socket.on("connect", async () => {
assert.ok(true)
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
})
})
await t.test("should contains user properties", () => {
await t.test('should contains user properties', (t) => {
t.plan(2)
const socketServer = getSocket()
socketServer?.on("connection", (client: any) => {
assert.strictEqual(client.user.email, basicProfile.email)
assert.ok(true)
socketServer?.on('connection', (client: any) => {
t.equal(client.user.email, basicProfile.email)
t.pass()
})
socket = io(API_URL, {
auth: { token: `Bearer ${token}` },
auth: { token: `Bearer ${token}` }
})
socket.on("connect_error", async (error) => {
assert.fail(error.message)
socket.on('connect_error', async (error) => {
t.fail(error.message)
})
})
await t.test("should emit error when user validation fails", () => {
await t.test('should emit error when user validation fails', (t) => {
t.plan(2)
socket = io(API_URL, {
auth: { token: `Bearer ${wrongToken}` },
auth: { token: `Bearer ${wrongToken}` }
})
socket.on("connect_error", async (error) => {
socket.on('connect_error', async (error) => {
try {
assert.strictEqual(error.message, "Check Field validation failed")
assert.ok(true)
t.equal(error.message, 'Check Field validation failed')
t.pass()
} catch {
assert.fail(error.message)
t.fail()
}
})
socket.on("connect", async () => {
assert.fail("should not connect")
socket.on('connect', async () => {
t.fail()
})
})
})

42
src/__test__/fixture/index.ts
View File

@ -1,16 +1,16 @@
import jwt from "jsonwebtoken"
import { Server as SocketIoServer } from "socket.io"
import type { FastifyInstance } from "fastify"
import fastify from "fastify"
import jwt from 'jsonwebtoken'
import { Server as SocketIoServer } from 'socket.io'
import type { FastifyInstance } from 'fastify'
import fastify from 'fastify'
import type { AuthorizeOptions } from "../../index.js"
import { authorize } from "../../index.js"
import type { AuthorizeOptions } from '../../index.js'
import { authorize } from '../../index.js'
interface FastifyIo {
instance: SocketIoServer
}
declare module "fastify" {
declare module 'fastify' {
export interface FastifyInstance {
io: FastifyIo
}
@ -28,49 +28,49 @@ export interface Profile extends BasicProfile {
export const PORT = 9000
export const API_URL = `http://localhost:${PORT}`
export const basicProfile: BasicProfile = {
email: "john@doe.com",
id: 123,
email: 'john@doe.com',
id: 123
}
let application: FastifyInstance | null = null
export const fixtureStart = async (
options: AuthorizeOptions = { secret: "super secret" },
options: AuthorizeOptions = { secret: 'super secret' }
): Promise<void> => {
const profile: Profile = { ...basicProfile, checkField: true }
let keySecret = ""
if (typeof options.secret === "string") {
let keySecret = ''
if (typeof options.secret === 'string') {
keySecret = options.secret
} else {
keySecret = await options.secret({
header: { alg: "HS256" },
payload: profile,
header: { alg: 'HS256' },
payload: profile
})
}
application = fastify()
application.post("/login", async (_request, reply) => {
application.post('/login', async (_request, reply) => {
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
expiresIn: 60 * 60 * 5
})
reply.statusCode = 201
return { token }
})
application.post("/login-wrong", async (_request, reply) => {
application.post('/login-wrong', async (_request, reply) => {
profile.checkField = false
const token = jwt.sign(profile, keySecret, {
expiresIn: 60 * 60 * 5,
expiresIn: 60 * 60 * 5
})
reply.statusCode = 201
return { token }
})
const instance = new SocketIoServer(application.server)
instance.use(authorize(options))
application.decorate("io", { instance })
application.addHook("onClose", (fastify) => {
application.decorate('io', { instance })
application.addHook('onClose', (fastify) => {
fastify.io.instance.close()
})
await application.listen({
port: PORT,
port: PORT
})
}

40
src/authorize.ts
View File

@ -1,10 +1,10 @@
import type { Algorithm } from "jsonwebtoken"
import jwt from "jsonwebtoken"
import type { Socket } from "socket.io"
import type { Algorithm } from 'jsonwebtoken'
import jwt from 'jsonwebtoken'
import type { Socket } from 'socket.io'
import { UnauthorizedError } from "./UnauthorizedError.js"
import { UnauthorizedError } from './UnauthorizedError.js'
declare module "socket.io" {
declare module 'socket.io' {
interface Socket extends ExtendedSocket {}
}
@ -16,7 +16,7 @@ interface ExtendedSocket {
type SocketIOMiddleware = (
socket: Socket,
next: (error?: UnauthorizedError) => void,
next: (error?: UnauthorizedError) => void
) => void
interface CompleteDecodedToken {
@ -28,7 +28,7 @@ interface CompleteDecodedToken {
}
type SecretCallback = (
decodedToken: CompleteDecodedToken,
decodedToken: CompleteDecodedToken
) => Promise<string> | string
export interface AuthorizeOptions {
@ -38,32 +38,32 @@ export interface AuthorizeOptions {
}
export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
const { secret, algorithms = ["HS256"], onAuthentication } = options
const { secret, algorithms = ['HS256'], onAuthentication } = options
return async (socket, next) => {
let encodedToken: string | null = null
const { token } = socket.handshake.auth
if (token != null) {
const tokenSplitted = token.split(" ")
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== "Bearer") {
const tokenSplitted = token.split(' ')
if (tokenSplitted.length !== 2 || tokenSplitted[0] !== 'Bearer') {
return next(
new UnauthorizedError("credentials_bad_format", {
message: "Format is Authorization: Bearer [token]",
}),
new UnauthorizedError('credentials_bad_format', {
message: 'Format is Authorization: Bearer [token]'
})
)
}
encodedToken = tokenSplitted[1]
}
if (encodedToken == null) {
return next(
new UnauthorizedError("credentials_required", {
message: "no token provided",
}),
new UnauthorizedError('credentials_required', {
message: 'no token provided'
})
)
}
socket.encodedToken = encodedToken
let keySecret: string | null = null
let decodedToken: any = null
if (typeof secret === "string") {
if (typeof secret === 'string') {
keySecret = secret
} else {
const completeDecodedToken = jwt.decode(encodedToken, { complete: true })
@ -73,9 +73,9 @@ export const authorize = (options: AuthorizeOptions): SocketIOMiddleware => {
decodedToken = jwt.verify(encodedToken, keySecret, { algorithms })
} catch {
return next(
new UnauthorizedError("invalid_token", {
message: "Unauthorized: Token is missing or invalid Bearer",
}),
new UnauthorizedError('invalid_token', {
message: 'Unauthorized: Token is missing or invalid Bearer'
})
)
}
socket.decodedToken = decodedToken

4
src/index.ts
View File

@ -1,2 +1,2 @@
export * from "./authorize.js"
export * from "./UnauthorizedError.js"
export * from './authorize.js'
export * from './UnauthorizedError.js'

4
tsconfig.json
View File

@ -2,9 +2,9 @@
"extends": "@tsconfig/strictest/tsconfig.json",
"compilerOptions": {
"target": "ESNext",
"module": "ESNext",
"lib": ["ESNext"],
"module": "NodeNext",
"moduleResolution": "NodeNext",
"moduleResolution": "node",
"outDir": "./build",
"rootDir": "./src",
"emitDeclarationOnly": true,