client-certificate-auth 1.3.4 → 1.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/clientCertificateAuth.cjs +1 -2
  2. package/lib/clientCertificateAuth.js +4 -8
  3. package/package.json +6 -2
package/lib/clientCertificateAuth.cjs CHANGED
@@ -85,8 +85,7 @@ function clientCertificateAuth(callback, options = {}) {
85
85
  // Ensure that the certificate was validated at the protocol level
86
86
  if (!req.socket?.authorized) {
87
87
  safeCallHook(onRejected, null, req, 'socket_not_authorized');
88
- const authError = req.socket?.authorizationError || 'unknown';
89
- const e = new Error(`Unauthorized: Client certificate required (${authError})`);
88
+ const e = new Error('Unauthorized: Client certificate required');
90
89
  e.status = 401;
91
90
  return next(e);
92
91
  }
package/lib/clientCertificateAuth.js CHANGED
@@ -136,19 +136,15 @@ export default function clientCertificateAuth(callback, options = {}) {
136
136
  let statusCode = 401;
137
137
 
138
138
  switch (result.reason) {
139
- case 'verification_header_mismatch': {
140
- const verifyStatus = req.headers[verifyHeader.toLowerCase()];
141
- errorMessage = `Unauthorized: Certificate verification failed (${verifyStatus || 'header missing'})`;
139
+ case 'verification_header_mismatch':
140
+ errorMessage = 'Unauthorized: Certificate verification failed';
142
141
  break;
143
- }
144
142
  case 'header_missing_or_malformed':
145
143
  errorMessage = 'Unauthorized: Client certificate header missing or malformed';
146
144
  break;
147
- case 'socket_not_authorized': {
148
- const authError = req.socket?.authorizationError || 'unknown';
149
- errorMessage = `Unauthorized: Client certificate required (${authError})`;
145
+ case 'socket_not_authorized':
146
+ errorMessage = 'Unauthorized: Client certificate required';
150
147
  break;
151
- }
152
148
  case 'certificate_not_retrievable':
153
149
  errorMessage = 'Client certificate was authenticated but certificate information could not be retrieved.';
154
150
  statusCode = 500;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "client-certificate-auth",
3
- "version": "1.3.4",
3
+ "version": "1.3.5",
4
4
  "description": "Express/Connect middleware for mTLS client certificate authentication with reverse proxy support (AWS ALB, Envoy, Cloudflare, Traefik)",
5
5
  "homepage": "https://github.com/tgies/client-certificate-auth",
6
6
  "bugs": {
@@ -72,6 +72,7 @@
72
72
  "node": ">= 20"
73
73
  },
74
74
  "devDependencies": {
75
+ "@arethetypeswrong/cli": "^0.18.2",
75
76
  "@commitlint/cli": "^20.4.3",
76
77
  "@commitlint/config-conventional": "^20.5.0",
77
78
  "@stryker-mutator/core": "^9.6.0",
@@ -142,5 +143,8 @@
142
143
  "lib/**/*.cjs",
143
144
  "lib/**/*.d.ts",
144
145
  "lib/**/*.d.cts"
145
- ]
146
+ ],
147
+ "overrides": {
148
+ "fflate": "0.8.2"
149
+ }
146
150
  }