@dvsa/appdev-api-common 0.3.0 → 0.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/auth/auth-checker.js +3 -3
  2. package/auth/client-credentials.js +1 -0
  3. package/package.json +1 -1
package/auth/auth-checker.js CHANGED
@@ -13,11 +13,11 @@ class JWTAuthChecker {
13
13
  */
14
14
  static async execute({ request }, roles = []) {
15
15
  // if running locally, skip the token auth and role check
16
- if (process.env.IS_OFFLINE === "true")
16
+ if (process.env.IS_OFFLINE === "true" && process.env.FORCE_LOCAL_AUTH !== "true")
17
17
  return true;
18
18
  // extract the token from the request headers
19
- const token = request?.apiGateway.event
20
- .headers?.Authorization;
19
+ const headers = request?.apiGateway.event.headers;
20
+ const token = headers?.Authorization || headers?.authorization;
21
21
  // if no token is found, then deny access to resource
22
22
  if (!token || token.trim()?.length === 0) {
23
23
  throw new auth_errors_1.AuthError(http_status_codes_1.HttpStatus.UNAUTHORIZED, "Missing Authorization header");
package/auth/client-credentials.js CHANGED
@@ -33,6 +33,7 @@ class ClientCredentials {
33
33
  async fetchClientCredentials() {
34
34
  const response = await fetch(this.tokenUrl, {
35
35
  method: "POST",
36
+ headers: { "Content-Type": "application/x-www-form-urlencoded" },
36
37
  body: (0, node_querystring_1.stringify)({
37
38
  grant_type: ClientCredentials.grant_type,
38
39
  client_id: this.clientId,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dvsa/appdev-api-common",
3
- "version": "0.3.0",
3
+ "version": "0.3.2",
4
4
  "keywords": [
5
5
  "dvsa",
6
6
  "nodejs",