npm - @villedemontreal/jwt-validator - Versions diffs - 5.9.1 → 5.9.2 - Mend

@villedemontreal/jwt-validator 5.9.1 → 5.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/src/middleware/tokenTransformationMiddleware.js CHANGED Viewed

@@ -3,12 +3,40 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.tokenTransformationMiddleware = void 0;
 const general_utils_1 = require("@villedemontreal/general-utils");
 const http_header_fields_typed_1 = require("http-header-fields-typed");
+const _ = require("lodash");
 const constants_1 = require("../config/constants");
 const customError_1 = require("../models/customError");
 const logger_1 = require("../utils/logger");
 const superagent = require("superagent");
-const _regexAccessToken = /([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})/;
 const logger = (0, logger_1.createLogger)('Token transformation middleware');
+/** Regex to test the UUID format of the Authorization header */
+const _regexUuidAccessToken = /([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})/;
+/** Regex to test the JWT format of the Authorization header */
+const _regexJwtAccessToken = /([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_\-+/=]+)$/;
+/**
+ * Validate the access_token format from authorization header and return it.
+ *
+ * @param {string} authHeader
+ * @return {*}  {string}
+ */
+const getAccessTokenFromHeader = (authHeader) => {
+    if (authHeader.split(' ')[0] !== 'Bearer') {
+        logger.warning('The authorization header is not "Bearer" type.');
+        return null;
+    }
+    const accessTokenUuidRegExpArray = _regexUuidAccessToken.exec(authHeader);
+    const accessTokenJwtRegExpArray = _regexJwtAccessToken.exec(authHeader);
+    if (_.isNil(accessTokenUuidRegExpArray) && _.isNil(accessTokenJwtRegExpArray)) {
+        logger.warning('Could not find a valid access token from the authorization header');
+        return null;
+    }
+    if (!_.isNil(accessTokenJwtRegExpArray)) {
+        return accessTokenJwtRegExpArray[0];
+    }
+    else {
+        return accessTokenUuidRegExpArray[0];
+    }
+};
 /**
  * Token transformation Middleware. It will generate extended jwt
  * in exchange for an access token.
@@ -21,22 +49,16 @@ const tokenTransformationMiddleware = (config) => {
             // Validate the authorization header
             const authHeader = req.get(http_header_fields_typed_1.default.AUTHORIZATION);
             if (general_utils_1.utils.isBlank(authHeader)) {
-                throw (0, customError_1.createInvalidAuthHeaderError)({
-                    code: constants_1.constants.errors.codes.INVALID_VALUE,
-                    target: 'authorization_header',
-                    message: 'authorization header is empty',
-                });
+                logger.warning('The authorization header is empty.');
+                next();
+                return;
             }
             // Extract the access token value from the authorization header
-            const accessTokenRegExpArray = _regexAccessToken.exec(authHeader);
-            if (accessTokenRegExpArray.length <= 1) {
-                throw (0, customError_1.createInvalidAuthHeaderError)({
-                    code: constants_1.constants.errors.codes.INVALID_VALUE,
-                    target: 'access_token',
-                    message: 'could not find a valid access token from the authorization header',
-                });
+            const accessToken = getAccessTokenFromHeader(authHeader);
+            if (_.isNil(accessToken)) {
+                next();
+                return;
             }
-            const accessToken = accessTokenRegExpArray[1];
             // Call the service endpoint to exchange the access token for a extended jwt
             superagent
                 .post(config.service.uri)

package/dist/src/middleware/tokenTransformationMiddleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"tokenTransformationMiddleware.js","sourceRoot":"","sources":["../../../src/middleware/tokenTransformationMiddleware.ts"],"names":[],"mappings":";;;AAAA,kEAAuD;AAEvD,uEAA6D;AAC7D,mDAAgD;AAEhD,~~uDAA4F~~;~~AAC5F~~,4CAA+C;AAC/C,yCAA0C;AAE1C,MAAM,~~iBAAiB,GAAG,gEAAgE,CAAC;AAE3F,~~MAAM,~~MAAM,~~GAAG,IAAA,qBAAY,EAAC,iCAAiC,CAAC,CAAC;AAE/D~~;;;;;GAKG~~;~~AACI~~,MAAM,~~6BAA6B~~,~~GAE~~+C,~~CACvF~~,MAAM,~~EACN~~,EAAE;~~IACF~~,~~OAAO~~,CAAC,~~GAAoB~~,~~EAAE~~,~~GAAqB~~,~~EAAE~~,~~IAA0B~~,~~EAAQ~~,EAAE;~~QACvF~~,~~IAAI~~;~~YACF~~,~~oCAAoC~~;~~YACpC~~,MAAM,~~UAAU~~,~~GAAW,~~GAAG,CAAC,GAAG,CAAC,~~kCAAqB~~,CAAC,~~aAAa~~,CAAC,CAAC;~~YACxE~~,IAAI,~~qBAAK~~,CAAC,~~OAAO~~,CAAC,~~UAAU~~,CAAC,EAAE;~~gBAC7B~~,MAAM,~~IAAA~~,~~0CAA4B~~,~~EAAC~~;~~oBACjC~~,IAAI,~~EAAE~~,~~qBAAS~~,CAAC,~~MAAM~~,CAAC,KAAK,CAAC,~~aAAa;oBAC1C~~,~~MAAM~~,EAAE~~,sBAAsB~~;~~oBAC9B~~,OAAO,~~EAAE,+BAA+B;iBACzC~~,CAAC,CAAC;~~aACJ~~;~~YAED,+DAA+D~~;~~YAC/D~~,~~MAAM~~,~~sBAAsB~~,~~GAAG~~,~~iBAAiB~~,CAAC,~~IAAI,~~CAAC,~~UAAU,~~CAAC,CAAC;~~YAClE~~,~~IAAI~~,~~sBAAsB~~,~~CAAC~~,MAAM,~~IAAI~~,CAAC,EAAE~~;gBACtC~~,~~MAAM~~,~~IAAA~~,~~0CAA4B~~,~~EAAC~~;~~oBACjC~~,IAAI,~~EAAE~~,~~qBAAS~~,CAAC,~~MAAM~~,CAAC,~~KAAK~~,CAAC,aAAa;~~oBAC1C~~,~~MAAM~~,~~EAAE~~,~~cAAc;oBACtB~~,OAAO,EAAE~~,mEAAmE~~;~~iBAC7E~~,CAAC,CAAC;~~aACJ~~;~~YACD~~,MAAM,WAAW,GAAG,~~sBAAsB~~,CAAC,CAAC,CAAC,CAAC;~~YAE9C~~,4EAA4E;YAC5E,UAAU;iBACP,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;iBACxB,IAAI,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC;iBACpD,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACjB,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC;gBACjD,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;gBAEnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC;gBAC3C,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;gBAE7C,iEAAiE;gBACjE,MAAM,GAAG,GAAG,WAAW,IAAI,QAAQ,CAAC;gBAEpC,IAAI,GAAG,EAAE;oBACP,+DAA+D;oBAC/D,uFAAuF;oBACvF,GAAG,CAAC,OAAO,CAAC,kCAAqB,CAAC,aAAa,CAAC,WAAW,EAAE,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;oBACjF,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;oBAC7C,IAAI,EAAE,CAAC;iBACR;qBAAM;oBACL,MAAM,GAAG,GAAG,IAAA,mCAAqB,EAAC;wBAChC,IAAI,EAAE,qBAAS,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU;wBACvC,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE,0DAA0D;qBACpE,CAAC,CAAC;oBACH,IAAI,CAAC,GAAG,CAAC,CAAC;iBACX;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;SAC9B;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,GAAG,CAAC,CAAC;SACX;IACH,CAAC,CAAC;AACJ,CAAC,CAAC;~~AA9DW~~,QAAA,6BAA6B,~~iCA8DxC~~"}
1	+ {"version":3,"file":"tokenTransformationMiddleware.js","sourceRoot":"","sources":["../../../src/middleware/tokenTransformationMiddleware.ts"],"names":[],"mappings":";;;AAAA,kEAAuD;AAEvD,uEAA6D;AAC7D,4BAA4B;AAC5B,mDAAgD;AAEhD,uDAA8D;AAC9D,4CAA+C;AAC/C,yCAA0C;AAE1C,MAAM,MAAM,GAAG,IAAA,qBAAY,EAAC,iCAAiC,CAAC,CAAC;AAE/D,gEAAgE;AAChE,MAAM,qBAAqB,GAAG,gEAAgE,CAAC;AAC/F,+DAA+D;AAC/D,MAAM,oBAAoB,GAAG,2DAA2D,CAAC;AAEzF;;;;;GAKG;AACH,MAAM,wBAAwB,GAAG,CAAC,UAAkB,EAAiB,EAAE;IACrE,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE;QACzC,MAAM,CAAC,OAAO,CAAC,gDAAgD,CAAC,CAAC;QACjE,OAAO,IAAI,CAAC;KACb;IACD,MAAM,0BAA0B,GAAG,qBAAqB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1E,MAAM,yBAAyB,GAAG,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACxE,IAAI,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,yBAAyB,CAAC,EAAE;QAC7E,MAAM,CAAC,OAAO,CAAC,mEAAmE,CAAC,CAAC;QACpF,OAAO,IAAI,CAAC;KACb;IACD,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,yBAAyB,CAAC,EAAE;QACvC,OAAO,yBAAyB,CAAC,CAAC,CAAC,CAAC;KACrC;SAAM;QACL,OAAO,0BAA0B,CAAC,CAAC,CAAC,CAAC;KACtC;AACH,CAAC,CAAC;AAEF;;;;;GAKG;AACI,MAAM,6BAA6B,GAE+C,CACvF,MAAM,EACN,EAAE;IACF,OAAO,CAAC,GAAoB,EAAE,GAAqB,EAAE,IAA0B,EAAQ,EAAE;QACvF,IAAI;YACF,oCAAoC;YACpC,MAAM,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,kCAAqB,CAAC,aAAa,CAAC,CAAC;YAChE,IAAI,qBAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;gBAC7B,MAAM,CAAC,OAAO,CAAC,oCAAoC,CAAC,CAAC;gBACrD,IAAI,EAAE,CAAC;gBACP,OAAO;aACR;YAED,+DAA+D;YAC/D,MAAM,WAAW,GAAG,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACzD,IAAI,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE;gBACxB,IAAI,EAAE,CAAC;gBACP,OAAO;aACR;YAED,4EAA4E;YAC5E,UAAU;iBACP,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;iBACxB,IAAI,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC;iBACpD,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;gBACjB,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC;gBACjD,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;gBAEnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC;gBAC3C,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,oBAAoB,CAAC,CAAC;gBAE7C,iEAAiE;gBACjE,MAAM,GAAG,GAAG,WAAW,IAAI,QAAQ,CAAC;gBAEpC,IAAI,GAAG,EAAE;oBACP,+DAA+D;oBAC/D,uFAAuF;oBACvF,GAAG,CAAC,OAAO,CAAC,kCAAqB,CAAC,aAAa,CAAC,WAAW,EAAE,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;oBACjF,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;oBAC7C,IAAI,EAAE,CAAC;iBACR;qBAAM;oBACL,MAAM,GAAG,GAAG,IAAA,mCAAqB,EAAC;wBAChC,IAAI,EAAE,qBAAS,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU;wBACvC,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE,0DAA0D;qBACpE,CAAC,CAAC;oBACH,IAAI,CAAC,GAAG,CAAC,CAAC;iBACX;YACH,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;SAC9B;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,GAAG,CAAC,CAAC;SACX;IACH,CAAC,CAAC;AACJ,CAAC,CAAC;AAxDW,QAAA,6BAA6B,iCAwDxC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@villedemontreal/jwt-validator",
-  "version": "5.9.1",
+  "version": "5.9.2",
   "description": "Module to validate JWT (JSON Web Tokens)",
   "main": "dist/src/index.js",
   "typings": "dist/src",

package/src/middleware/tokenTransformationMiddleware.ts CHANGED Viewed

@@ -1,16 +1,44 @@
 import { utils } from '@villedemontreal/general-utils';
 import * as express from 'express';
 import httpHeaderFieldsTyped from 'http-header-fields-typed';
+import * as _ from 'lodash';
 import { constants } from '../config/constants';
 import { ITokenTtransformationMiddlewareConfig } from '../config/tokenTransformationMiddlewareConfig';
-import { createInvalidAuthHeaderError, createInvalidJwtError } from '../models/customError';
+import { createInvalidJwtError } from '../models/customError';
 import { createLogger } from '../utils/logger';
 import superagent = require('superagent');
-const _regexAccessToken = /([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})/;
 const logger = createLogger('Token transformation middleware');
+/** Regex to test the UUID format of the Authorization header */
+const _regexUuidAccessToken = /([a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12})/;
+/** Regex to test the JWT format of the Authorization header */
+const _regexJwtAccessToken = /([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_=]+)\.([a-zA-Z0-9_\-+/=]+)$/;
+/**
+ * Validate the access_token format from authorization header and return it.
+ *
+ * @param {string} authHeader
+ * @return {*}  {string}
+ */
+const getAccessTokenFromHeader = (authHeader: string): string | null => {
+  if (authHeader.split(' ')[0] !== 'Bearer') {
+    logger.warning('The authorization header is not "Bearer" type.');
+    return null;
+  }
+  const accessTokenUuidRegExpArray = _regexUuidAccessToken.exec(authHeader);
+  const accessTokenJwtRegExpArray = _regexJwtAccessToken.exec(authHeader);
+  if (_.isNil(accessTokenUuidRegExpArray) && _.isNil(accessTokenJwtRegExpArray)) {
+    logger.warning('Could not find a valid access token from the authorization header');
+    return null;
+  }
+  if (!_.isNil(accessTokenJwtRegExpArray)) {
+    return accessTokenJwtRegExpArray[0];
+  } else {
+    return accessTokenUuidRegExpArray[0];
+  }
+};
 /**
  * Token transformation Middleware. It will generate extended jwt
  * in exchange for an access token.
@@ -25,25 +53,19 @@ export const tokenTransformationMiddleware: (
   return (req: express.Request, res: express.Response, next: express.NextFunction): void => {
     try {
       // Validate the authorization header
-      const authHeader: string = req.get(httpHeaderFieldsTyped.AUTHORIZATION);
+      const authHeader = req.get(httpHeaderFieldsTyped.AUTHORIZATION);
       if (utils.isBlank(authHeader)) {
-        throw createInvalidAuthHeaderError({
-          code: constants.errors.codes.INVALID_VALUE,
-          target: 'authorization_header',
-          message: 'authorization header is empty',
-        });
+        logger.warning('The authorization header is empty.');
+        next();
+        return;
       }
       // Extract the access token value from the authorization header
-      const accessTokenRegExpArray = _regexAccessToken.exec(authHeader);
-      if (accessTokenRegExpArray.length <= 1) {
-        throw createInvalidAuthHeaderError({
-          code: constants.errors.codes.INVALID_VALUE,
-          target: 'access_token',
-          message: 'could not find a valid access token from the authorization header',
-        });
+      const accessToken = getAccessTokenFromHeader(authHeader);
+      if (_.isNil(accessToken)) {
+        next();
+        return;
       }
-      const accessToken = accessTokenRegExpArray[1];
       // Call the service endpoint to exchange the access token for a extended jwt
       superagent