Adding support for client auth in authorization header
This commit is contained in:
parent
e09c6df9f6
commit
ea34da50e4
@ -12,6 +12,17 @@ export function GetClientAuthMiddleware(checksecret = true, internal = false, ch
|
||||
let client_id = req.query.client_id || req.body.client_id;
|
||||
let client_secret = req.query.client_secret || req.body.client_secret;
|
||||
|
||||
if(!client_id && !client_secret && req.query.headers.authorization) {
|
||||
let header = req.query.headers.authorization;
|
||||
let [type, val] = header.split(" ");
|
||||
if(val) {
|
||||
let str = Buffer.from(val, "base64").toString("utf-8");
|
||||
let [id, secret] = str.split(":");
|
||||
client_id = id;
|
||||
client_secret = secret;
|
||||
}
|
||||
}
|
||||
|
||||
if (!client_id || (!client_secret && checksecret)) {
|
||||
throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user