@fonoster/authz 0.8.22 → 0.8.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/makeCheckMethodAuthorized.js +22 -8
  2. package/dist/server/AuthzServer.js +6 -22
  3. package/package.json +5 -5
package/dist/makeCheckMethodAuthorized.js CHANGED
@@ -53,30 +53,44 @@ function makeCheckMethodAuthorized(authzServer, methods) {
53
53
  logger.silly("method is not in the list", { method });
54
54
  return call;
55
55
  }
56
- logger.silly("checking if method is authorized", { method });
57
56
  const accessKeyId = (0, identity_1.getAccessKeyIdFromCall)(call);
57
+ logger.verbose("checking if method is authorized", { method, accessKeyId });
58
58
  return new grpc_js_1.ServerInterceptingCall(call, {
59
59
  start: async (next) => {
60
60
  try {
61
- await authz.checkMethodAuthorized({
61
+ const authorized = await authz.checkMethodAuthorized({
62
62
  accessKeyId,
63
63
  method
64
64
  });
65
- logger.verbose("method authorized by external service", {
65
+ logger.verbose("the status of the method authorization", {
66
66
  method,
67
- accessKeyId
67
+ accessKeyId,
68
+ authorized
68
69
  });
70
+ if (!authorized) {
71
+ logger.verbose("method unauthorized by external service", {
72
+ method,
73
+ accessKeyId
74
+ });
75
+ (0, common_1.createInterceptingCall)({
76
+ call,
77
+ code: grpc_js_1.status.PERMISSION_DENIED,
78
+ details: `Method '${method}' unauthorized by external service - accessKeyId ${accessKeyId}`
79
+ });
80
+ return;
81
+ }
69
82
  next();
70
83
  }
71
84
  catch (error) {
72
- logger.verbose("method unauthorized by external service", {
85
+ logger.error("error checking if method is authorized", {
73
86
  method,
74
- accessKeyId
87
+ accessKeyId,
88
+ error
75
89
  });
76
90
  (0, common_1.createInterceptingCall)({
77
91
  call,
78
- code: grpc_js_1.status.PERMISSION_DENIED,
79
- details: `Method '${method}' unauthorized by external service - accessKeyId ${accessKeyId}`
92
+ code: grpc_js_1.status.INTERNAL,
93
+ details: "Internal server error"
80
94
  });
81
95
  }
82
96
  }
package/dist/server/AuthzServer.js CHANGED
@@ -77,19 +77,11 @@ class AuthzServer {
77
77
  checkSessionAuthorized: async (call, callback) => {
78
78
  logger.verbose("checkSessionAuthorized called", call.request);
79
79
  try {
80
- const isAuthorized = await handler.checkSessionAuthorized(call.request);
81
- if (isAuthorized) {
82
- callback(null, { authorized: true });
83
- }
84
- else {
85
- callback({
86
- code: grpc.status.PERMISSION_DENIED,
87
- message: "Session is not authorized."
88
- });
89
- }
80
+ const authorized = await handler.checkSessionAuthorized(call.request);
81
+ callback(null, { authorized });
90
82
  }
91
83
  catch (error) {
92
- logger.error("Error in checkSessionAuthorized:", error);
84
+ logger.error("error in checkSessionAuthorized:", error);
93
85
  callback({
94
86
  code: grpc.status.INTERNAL,
95
87
  message: "Internal server error."
@@ -99,19 +91,11 @@ class AuthzServer {
99
91
  checkMethodAuthorized: async (call, callback) => {
100
92
  logger.verbose("checkMethodAuthorized called", call.request);
101
93
  try {
102
- const isAuthorized = await handler.checkMethodAuthorized(call.request);
103
- if (isAuthorized) {
104
- callback(null, { authorized: true });
105
- }
106
- else {
107
- callback({
108
- code: grpc.status.PERMISSION_DENIED,
109
- message: "Method is not authorized."
110
- });
111
- }
94
+ const authorized = await handler.checkMethodAuthorized(call.request);
95
+ callback(null, { authorized });
112
96
  }
113
97
  catch (error) {
114
- logger.error("Error in checkMethodAuthorized:", error);
98
+ logger.error("error in checkMethodAuthorized:", error);
115
99
  callback({
116
100
  code: grpc.status.INTERNAL,
117
101
  message: "Internal server error."
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fonoster/authz",
3
- "version": "0.8.22",
3
+ "version": "0.8.25",
4
4
  "description": "Authorization module for Fonoster",
5
5
  "author": "Pedro Sanders <psanders@fonoster.com>",
6
6
  "homepage": "https://github.com/fonoster/fonoster#readme",
@@ -26,9 +26,9 @@
26
26
  "access": "public"
27
27
  },
28
28
  "dependencies": {
29
- "@fonoster/common": "^0.8.22",
30
- "@fonoster/identity": "^0.8.22",
31
- "@fonoster/logger": "^0.8.22",
29
+ "@fonoster/common": "^0.8.25",
30
+ "@fonoster/identity": "^0.8.25",
31
+ "@fonoster/logger": "^0.8.24",
32
32
  "@grpc/grpc-js": "~1.10.6",
33
33
  "deepmerge": "^4.3.1",
34
34
  "grpc-health-check": "^2.0.2"
@@ -40,5 +40,5 @@
40
40
  "bugs": {
41
41
  "url": "https://github.com/fonoster/fonoster/issues"
42
42
  },
43
- "gitHead": "d91a20ab24877c0c854f21395473b8332d4a6f02"
43
+ "gitHead": "159876a77dc3f30e2d155a2d4f39d1a73919f2af"
44
44
  }