hono/deno_dist/middleware/jwt/index.ts

import type { MiddlewareHandler } from '../../types.ts'
import { Jwt } from '../../utils/jwt/index.ts'
import type { AlgorithmTypes } from '../../utils/jwt/types.ts'

export const jwt = (options: {
  secret: string
  cookie?: string
  alg?: string
}): MiddlewareHandler => {
  if (!options) {
    throw new Error('JWT auth middleware requires options for "secret')
  }

  if (!crypto.subtle || !crypto.subtle.importKey) {
    throw new Error('`crypto.subtle.importKey` is undefined. JWT auth middleware requires it.')
  }

  return async (ctx, next) => {
    const credentials = ctx.req.headers.get('Authorization')
    let token
    if (credentials) {
      const parts = credentials.split(/\s+/)
      if (parts.length !== 2) {
        return new Response('Unauthorized', {
          status: 401,
          headers: {
            'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="invalid credentials structure"`,
          },
        })
      } else {
        token = parts[1]
      }
    } else if (options.cookie) {
      token = ctx.req.cookie(options.cookie)
    }

    if (!token) {
      return new Response('Unauthorized', {
        status: 401,
        headers: {
          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="no authorization included in request"`,
        },
      })
    }

    let authorized = false
    let msg = ''
    try {
      authorized = await Jwt.verify(token, options.secret, options.alg as AlgorithmTypes)
    } catch (e) {
      msg = `${e}`
    }
    if (!authorized) {
      return new Response('Unauthorized', {
        status: 401,
        statusText: msg,
        headers: {
          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_token",error_description="token verification failure"`,
        },
      })
    }

    await next()
  }
}
feat(types): introduce `CustomHandler` interface (#637) 2022-10-31 16:07:56 +01:00			`import type { MiddlewareHandler } from '../../types.ts'`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`import { Jwt } from '../../utils/jwt/index.ts'`
			`import type { AlgorithmTypes } from '../../utils/jwt/types.ts'`

fix(types): add types to middleware correctly (#521) 2022-09-14 01:17:20 +02:00			`export const jwt = (options: {`
			`secret: string`
			`cookie?: string`
			`alg?: string`
			`}): MiddlewareHandler => {`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`if (!options) {`
			`throw new Error('JWT auth middleware requires options for "secret')`
			`}`

chore(deno): denoify 2022-07-16 03:26:14 +02:00			`if (!crypto.subtle \|\| !crypto.subtle.importKey) {`
			throw new Error('`crypto.subtle.importKey` is undefined. JWT auth middleware requires it.')
			`}`

fix(types): add types to middleware correctly (#521) 2022-09-14 01:17:20 +02:00			`return async (ctx, next) => {`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`const credentials = ctx.req.headers.get('Authorization')`
refactor(`utils/html`): rename `Buffer` to `StringBuffer` (#449) 2022-08-03 04:24:51 +02:00			`let token`
			`if (credentials) {`
			`const parts = credentials.split(/\s+/)`
			`if (parts.length !== 2) {`
refactor(jwt): refactor code and add more tests (#611) 2022-10-19 13:24:43 +02:00			`return new Response('Unauthorized', {`
refactor(`utils/html`): rename `Buffer` to `StringBuffer` (#449) 2022-08-03 04:24:51 +02:00			`status: 401,`
			`headers: {`
			'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="invalid credentials structure"`,
			`},`
			`})`
			`} else {`
			`token = parts[1]`
			`}`
			`} else if (options.cookie) {`
			`token = ctx.req.cookie(options.cookie)`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`}`

refactor(`utils/html`): rename `Buffer` to `StringBuffer` (#449) 2022-08-03 04:24:51 +02:00			`if (!token) {`
refactor(jwt): refactor code and add more tests (#611) 2022-10-19 13:24:43 +02:00			`return new Response('Unauthorized', {`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`status: 401,`
			`headers: {`
			'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="no authorization included in request"`,
			`},`
			`})`
			`}`

			`let authorized = false`
			`let msg = ''`
			`try {`
refactor(`utils/html`): rename `Buffer` to `StringBuffer` (#449) 2022-08-03 04:24:51 +02:00			`authorized = await Jwt.verify(token, options.secret, options.alg as AlgorithmTypes)`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`} catch (e) {`
			msg = `${e}`
			`}`
			`if (!authorized) {`
refactor(jwt): refactor code and add more tests (#611) 2022-10-19 13:24:43 +02:00			`return new Response('Unauthorized', {`
feat: support Deno! (#336) 2022-07-02 08:09:45 +02:00			`status: 401,`
			`statusText: msg,`
			`headers: {`
			'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_token",error_description="token verification failure"`,
			`},`
			`})`
			`}`

			`await next()`
			`}`
			`}`