OpenServer/OpenAuth_server
1
1
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Adding support for client auth in authorization header

Browse Source
This commit is contained in:
Fabian Stamm 2019-03-14 17:50:59 +00:00
parent e09c6df9f6
commit ea34da50e4
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/api/middlewares/client.ts
View File

@ -12,6 +12,17 @@ export function GetClientAuthMiddleware(checksecret = true, internal = false, ch
let client_id = req.query.client_id || req.body.client_id; let client_id = req.query.client_id || req.body.client_id;
let client_secret = req.query.client_secret || req.body.client_secret; let client_secret = req.query.client_secret || req.body.client_secret;
if(!client_id && !client_secret && req.query.headers.authorization) {
let header = req.query.headers.authorization;
let [type, val] = header.split(" ");
if(val) {
let str = Buffer.from(val, "base64").toString("utf-8");
let [id, secret] = str.split(":");
client_id = id;
client_secret = secret;
}
}
if (!client_id || (!client_secret && checksecret)) { if (!client_id || (!client_secret && checksecret)) {
throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST); throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST);
} }