Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

source: trip-planner-front/node_modules/request/lib/auth.js

Last change on this file was 6a3a178, checked in by Ema <ema_spirova@…>, 3 years ago
initial commit
Property mode set to `100644`
File size: 4.7 KB

Line
1	'use strict'
2
3	var caseless = require('caseless')
4	var uuid = require('uuid/v4')
5	var helpers = require('./helpers')
6
7	var md5 = helpers.md5
8	var toBase64 = helpers.toBase64
9
10	function Auth (request) {
11	// define all public properties here
12	this.request = request
13	this.hasAuth = false
14	this.sentAuth = false
15	this.bearerToken = null
16	this.user = null
17	this.pass = null
18	}
19
20	Auth.prototype.basic = function (user, pass, sendImmediately) {
21	var self = this
22	if (typeof user !== 'string' \|\| (pass !== undefined && typeof pass !== 'string')) {
23	self.request.emit('error', new Error('auth() received invalid user or password'))
24	}
25	self.user = user
26	self.pass = pass
27	self.hasAuth = true
28	var header = user + ':' + (pass \|\| '')
29	if (sendImmediately \|\| typeof sendImmediately === 'undefined') {
30	var authHeader = 'Basic ' + toBase64(header)
31	self.sentAuth = true
32	return authHeader
33	}
34	}
35
36	Auth.prototype.bearer = function (bearer, sendImmediately) {
37	var self = this
38	self.bearerToken = bearer
39	self.hasAuth = true
40	if (sendImmediately \|\| typeof sendImmediately === 'undefined') {
41	if (typeof bearer === 'function') {
42	bearer = bearer()
43	}
44	var authHeader = 'Bearer ' + (bearer \|\| '')
45	self.sentAuth = true
46	return authHeader
47	}
48	}
49
50	Auth.prototype.digest = function (method, path, authHeader) {
51	// TODO: More complete implementation of RFC 2617.
52	// - handle challenge.domain
53	// - support qop="auth-int" only
54	// - handle Authentication-Info (not necessarily?)
55	// - check challenge.stale (not necessarily?)
56	// - increase nc (not necessarily?)
57	// For reference:
58	// http://tools.ietf.org/html/rfc2617#section-3
59	// https://github.com/bagder/curl/blob/master/lib/http_digest.c
60
61	var self = this
62
63	var challenge = {}
64	var re = /([a-z0-9_-]+)=(?:"([^"]+)"\|([a-z0-9_-]+))/gi
65	while (true) {
66	var match = re.exec(authHeader)
67	if (!match) {
68	break
69	}
70	challenge[match[1]] = match[2] \|\| match[3]
71	}
72
73	/**
74	* RFC 2617: handle both MD5 and MD5-sess algorithms.
75	*
76	* If the algorithm directive's value is "MD5" or unspecified, then HA1 is
77	* HA1=MD5(username:realm:password)
78	* If the algorithm directive's value is "MD5-sess", then HA1 is
79	* HA1=MD5(MD5(username:realm:password):nonce:cnonce)
80	*/
81	var ha1Compute = function (algorithm, user, realm, pass, nonce, cnonce) {
82	var ha1 = md5(user + ':' + realm + ':' + pass)
83	if (algorithm && algorithm.toLowerCase() === 'md5-sess') {
84	return md5(ha1 + ':' + nonce + ':' + cnonce)
85	} else {
86	return ha1
87	}
88	}
89
90	var qop = /(^\|,)\sauth\s($\|,)/.test(challenge.qop) && 'auth'
91	var nc = qop && '00000001'
92	var cnonce = qop && uuid().replace(/-/g, '')
93	var ha1 = ha1Compute(challenge.algorithm, self.user, challenge.realm, self.pass, challenge.nonce, cnonce)
94	var ha2 = md5(method + ':' + path)
95	var digestResponse = qop
96	? md5(ha1 + ':' + challenge.nonce + ':' + nc + ':' + cnonce + ':' + qop + ':' + ha2)
97	: md5(ha1 + ':' + challenge.nonce + ':' + ha2)
98	var authValues = {
99	username: self.user,
100	realm: challenge.realm,
101	nonce: challenge.nonce,
102	uri: path,
103	qop: qop,
104	response: digestResponse,
105	nc: nc,
106	cnonce: cnonce,
107	algorithm: challenge.algorithm,
108	opaque: challenge.opaque
109	}
110
111	authHeader = []
112	for (var k in authValues) {
113	if (authValues[k]) {
114	if (k === 'qop' \|\| k === 'nc' \|\| k === 'algorithm') {
115	authHeader.push(k + '=' + authValues[k])
116	} else {
117	authHeader.push(k + '="' + authValues[k] + '"')
118	}
119	}
120	}
121	authHeader = 'Digest ' + authHeader.join(', ')
122	self.sentAuth = true
123	return authHeader
124	}
125
126	Auth.prototype.onRequest = function (user, pass, sendImmediately, bearer) {
127	var self = this
128	var request = self.request
129
130	var authHeader
131	if (bearer === undefined && user === undefined) {
132	self.request.emit('error', new Error('no auth mechanism defined'))
133	} else if (bearer !== undefined) {
134	authHeader = self.bearer(bearer, sendImmediately)
135	} else {
136	authHeader = self.basic(user, pass, sendImmediately)
137	}
138	if (authHeader) {
139	request.setHeader('authorization', authHeader)
140	}
141	}
142
143	Auth.prototype.onResponse = function (response) {
144	var self = this
145	var request = self.request
146
147	if (!self.hasAuth \|\| self.sentAuth) { return null }
148
149	var c = caseless(response.headers)
150
151	var authHeader = c.get('www-authenticate')
152	var authVerb = authHeader && authHeader.split(' ')[0].toLowerCase()
153	request.debug('reauth', authVerb)
154
155	switch (authVerb) {
156	case 'basic':
157	return self.basic(self.user, self.pass, true)
158
159	case 'bearer':
160	return self.bearer(self.bearerToken, true)
161
162	case 'digest':
163	return self.digest(request.method, request.path, authHeader)
164	}
165	}
166
167	exports.Auth = Auth

Note: See TracBrowser for help on using the repository browser.

Download in other formats: