forked from anvilresearch/connect
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathparseAuthorizationHeader.js
58 lines (45 loc) · 1.23 KB
/
parseAuthorizationHeader.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
/**
* Module dependencies
*/
var UnauthorizedError = require('../errors/UnauthorizedError');
/**
* Parse Authorization Header
*/
function parseAuthorizationHeader (req, res, next) {
// parse the header if it's present in the request
if (req.headers && req.headers.authorization) {
var components = req.headers.authorization.split(' ')
, scheme = components[0]
, credentials = components[1]
;
// ensure the correct number of components
if (components.length !== 2) {
return next(new UnauthorizedError({
error: 'invalid_request',
error_description: 'Invalid authorization header',
statusCode: 400
}));
}
// ensure the scheme is valid
if (!scheme.match(/Basic|Bearer|Digest/i)) {
return next(new UnauthorizedError({
error: 'invalid_request',
error_description: 'Invalid authorization scheme',
statusCode: 400
}));
}
req.authorization = {
scheme: scheme,
credentials: credentials
};
}
// otherwise add an empty authorization object
else {
req.authorization = {};
}
next();
}
/**
* Exports
*/
module.exports = parseAuthorizationHeader;