Adding support for client auth in authorization header
This commit is contained in:
parent
e09c6df9f6
commit
ea34da50e4
@ -11,6 +11,17 @@ export function GetClientAuthMiddleware(checksecret = true, internal = false, ch
|
|||||||
try {
|
try {
|
||||||
let client_id = req.query.client_id || req.body.client_id;
|
let client_id = req.query.client_id || req.body.client_id;
|
||||||
let client_secret = req.query.client_secret || req.body.client_secret;
|
let client_secret = req.query.client_secret || req.body.client_secret;
|
||||||
|
|
||||||
|
if(!client_id && !client_secret && req.query.headers.authorization) {
|
||||||
|
let header = req.query.headers.authorization;
|
||||||
|
let [type, val] = header.split(" ");
|
||||||
|
if(val) {
|
||||||
|
let str = Buffer.from(val, "base64").toString("utf-8");
|
||||||
|
let [id, secret] = str.split(":");
|
||||||
|
client_id = id;
|
||||||
|
client_secret = secret;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if (!client_id || (!client_secret && checksecret)) {
|
if (!client_id || (!client_secret && checksecret)) {
|
||||||
throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST);
|
throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST);
|
||||||
|
Loading…
Reference in New Issue
Block a user