refactor: jwt (#2011)

* refactor jwt * refactor change to camel case naming
honojs · Jan 17, 2024 · 5fa3185 · 5fa3185
1 parent 8a1d8fb
commit 5fa3185
Show file tree

Hide file tree

Showing 2 changed files with 70 additions and 38 deletions.
diff --git a/deno_dist/middleware/jwt/index.ts b/deno_dist/middleware/jwt/index.ts
@@ -1,3 +1,4 @@
+import type { Context } from '../../context.ts'
 import { HTTPException } from '../../http-exception.ts'
 import type { MiddlewareHandler } from '../../types.ts'
 import { Jwt } from '../../utils/jwt/index.ts'
@@ -30,13 +31,13 @@ export const jwt = (options: {
     if (credentials) {
       const parts = credentials.split(/\s+/)
       if (parts.length !== 2) {
-        const res = new Response('Unauthorized', {
-          status: 401,
-          headers: {
-            'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="invalid credentials structure"`,
-          },
+        throw new HTTPException(401, {
+          res: unauthorizedResponse({
+            ctx,
+            error: 'invalid_request',
+            errDescription: 'invalid credentials structure',
+          }),
         })
-        throw new HTTPException(401, { res })
       } else {
         token = parts[1]
       }
@@ -45,13 +46,13 @@ export const jwt = (options: {
     }
 
     if (!token) {
-      const res = new Response('Unauthorized', {
-        status: 401,
-        headers: {
-          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="no authorization included in request"`,
-        },
+      throw new HTTPException(401, {
+        res: unauthorizedResponse({
+          ctx,
+          error: 'invalid_request',
+          errDescription: 'no authorization included in request',
+        }),
       })
-      throw new HTTPException(401, { res })
     }
 
     let payload
@@ -62,14 +63,14 @@ export const jwt = (options: {
       msg = `${e}`
     }
     if (!payload) {
-      const res = new Response('Unauthorized', {
-        status: 401,
-        statusText: msg,
-        headers: {
-          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_token",error_description="token verification failure"`,
-        },
+      throw new HTTPException(401, {
+        res: unauthorizedResponse({
+          ctx,
+          error: 'invalid_token',
+          statusText: msg,
+          errDescription: 'token verification failure',
+        }),
       })
-      throw new HTTPException(401, { res })
     }
 
     ctx.set('jwtPayload', payload)
@@ -78,6 +79,21 @@ export const jwt = (options: {
   }
 }
 
+function unauthorizedResponse(opts: {
+  ctx: Context
+  error: string
+  errDescription: string
+  statusText?: string
+}) {
+  return new Response('Unauthorized', {
+    status: 401,
+    statusText: opts.statusText,
+    headers: {
+      'WWW-Authenticate': `Bearer realm="${opts.ctx.req.url}",error="${opts.error}",error_description="${opts.errDescription}"`,
+    },
+  })
+}
+
 export const verify = Jwt.verify
 export const decode = Jwt.decode
 export const sign = Jwt.sign
diff --git a/src/middleware/jwt/index.ts b/src/middleware/jwt/index.ts
@@ -1,3 +1,4 @@
+import type { Context } from '../../context'
 import { HTTPException } from '../../http-exception'
 import type { MiddlewareHandler } from '../../types'
 import { Jwt } from '../../utils/jwt'
@@ -30,13 +31,13 @@ export const jwt = (options: {
     if (credentials) {
       const parts = credentials.split(/\s+/)
       if (parts.length !== 2) {
-        const res = new Response('Unauthorized', {
-          status: 401,
-          headers: {
-            'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="invalid credentials structure"`,
-          },
+        throw new HTTPException(401, {
+          res: unauthorizedResponse({
+            ctx,
+            error: 'invalid_request',
+            errDescription: 'invalid credentials structure',
+          }),
         })
-        throw new HTTPException(401, { res })
       } else {
         token = parts[1]
       }
@@ -45,13 +46,13 @@ export const jwt = (options: {
     }
 
     if (!token) {
-      const res = new Response('Unauthorized', {
-        status: 401,
-        headers: {
-          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_request",error_description="no authorization included in request"`,
-        },
+      throw new HTTPException(401, {
+        res: unauthorizedResponse({
+          ctx,
+          error: 'invalid_request',
+          errDescription: 'no authorization included in request',
+        }),
       })
-      throw new HTTPException(401, { res })
     }
 
     let payload
@@ -62,14 +63,14 @@ export const jwt = (options: {
       msg = `${e}`
     }
     if (!payload) {
-      const res = new Response('Unauthorized', {
-        status: 401,
-        statusText: msg,
-        headers: {
-          'WWW-Authenticate': `Bearer realm="${ctx.req.url}",error="invalid_token",error_description="token verification failure"`,
-        },
+      throw new HTTPException(401, {
+        res: unauthorizedResponse({
+          ctx,
+          error: 'invalid_token',
+          statusText: msg,
+          errDescription: 'token verification failure',
+        }),
       })
-      throw new HTTPException(401, { res })
     }
 
     ctx.set('jwtPayload', payload)
@@ -78,6 +79,21 @@ export const jwt = (options: {
   }
 }
 
+function unauthorizedResponse(opts: {
+  ctx: Context
+  error: string
+  errDescription: string
+  statusText?: string
+}) {
+  return new Response('Unauthorized', {
+    status: 401,
+    statusText: opts.statusText,
+    headers: {
+      'WWW-Authenticate': `Bearer realm="${opts.ctx.req.url}",error="${opts.error}",error_description="${opts.errDescription}"`,
+    },
+  })
+}
+
 export const verify = Jwt.verify
 export const decode = Jwt.decode
 export const sign = Jwt.sign