quidproquo-actionprocessor-awslambda 0.0.73 → 0.0.75
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -59,7 +59,7 @@ const getProcessAutoRespond = (qpqConfig) => {
|
|
|
59
59
|
headers: quidproquo_webserver_1.qpqWebServerUtils.getCorsHeaders(qpqConfig, payload.matchResult.config || {}, payload.transformedEventParams.headers),
|
|
60
60
|
});
|
|
61
61
|
}
|
|
62
|
-
const authValid = yield (0, isAuthValid_1.isAuthValid)(qpqConfig, quidproquo_webserver_1.qpqWebServerUtils.getHeaderValue('Authorization', payload.transformedEventParams.headers), (_a = payload.matchResult.config) === null || _a === void 0 ? void 0 : _a.routeAuthSettings);
|
|
62
|
+
const authValid = yield (0, isAuthValid_1.isAuthValid)(qpqConfig, quidproquo_webserver_1.qpqWebServerUtils.getHeaderValue('Authorization', payload.transformedEventParams.headers), quidproquo_webserver_1.qpqWebServerUtils.getHeaderValue('x-api-key', payload.transformedEventParams.headers), (_a = payload.matchResult.config) === null || _a === void 0 ? void 0 : _a.routeAuthSettings);
|
|
63
63
|
if (!authValid) {
|
|
64
64
|
return (0, quidproquo_core_1.actionResult)({
|
|
65
65
|
status: 401,
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import { QPQConfig } from 'quidproquo-core';
|
|
2
2
|
import { RouteAuthSettings } from 'quidproquo-webserver';
|
|
3
|
-
export declare const isAuthValid: (qpqConfig: QPQConfig, authHeader?: string | null, authSettings?: RouteAuthSettings) => Promise<boolean>;
|
|
3
|
+
export declare const isAuthValid: (qpqConfig: QPQConfig, authHeader?: string | null, apiKeyHeader?: string | null, authSettings?: RouteAuthSettings) => Promise<boolean>;
|
|
@@ -14,9 +14,9 @@ const quidproquo_core_1 = require("quidproquo-core");
|
|
|
14
14
|
const verifyJwt_1 = require("../../../../logic/cognito/verifyJwt");
|
|
15
15
|
const getExportedValue_1 = require("../../../../logic/cloudformation/getExportedValue");
|
|
16
16
|
const awsNamingUtils_1 = require("../../../../awsNamingUtils");
|
|
17
|
-
const
|
|
17
|
+
const isAuthValidForCognito = (qpqConfig, authSettings, authHeader) => __awaiter(void 0, void 0, void 0, function* () {
|
|
18
18
|
// If there are no auth settings ~ Its valid.
|
|
19
|
-
if (!authSettings
|
|
19
|
+
if (!authSettings.userDirectoryName) {
|
|
20
20
|
return true;
|
|
21
21
|
}
|
|
22
22
|
// We need a header to be able to auth
|
|
@@ -38,4 +38,21 @@ const isAuthValid = (qpqConfig, authHeader, authSettings) => __awaiter(void 0, v
|
|
|
38
38
|
// Verify the token
|
|
39
39
|
return yield (0, verifyJwt_1.verifyJwt)(accessToken, userPoolId, userPoolClientId, 'access');
|
|
40
40
|
});
|
|
41
|
+
const isAuthValidForApiKeys = (authSettings, apiKeyHeader) => __awaiter(void 0, void 0, void 0, function* () {
|
|
42
|
+
const apiKeys = authSettings.apiKeys || [];
|
|
43
|
+
if (apiKeys.length === 0) {
|
|
44
|
+
return true;
|
|
45
|
+
}
|
|
46
|
+
const index = apiKeys.findIndex((apiKey) => apiKey.value === apiKeyHeader);
|
|
47
|
+
return index >= 0;
|
|
48
|
+
});
|
|
49
|
+
const isAuthValid = (qpqConfig, authHeader, apiKeyHeader, authSettings) => __awaiter(void 0, void 0, void 0, function* () {
|
|
50
|
+
// If there are no auth settings ~ Its valid.
|
|
51
|
+
if (!authSettings) {
|
|
52
|
+
return true;
|
|
53
|
+
}
|
|
54
|
+
const cognitoValid = yield isAuthValidForCognito(qpqConfig, authSettings, authHeader);
|
|
55
|
+
const authKeysValid = yield isAuthValidForApiKeys(authSettings, apiKeyHeader);
|
|
56
|
+
return cognitoValid && authKeysValid;
|
|
57
|
+
});
|
|
41
58
|
exports.isAuthValid = isAuthValid;
|