Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bos auth #81

Open
wants to merge 22 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions examples/swagger/config/default.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
{
"express": {
"port": "3000",
"middleware": ["cors", "body-parser"],
"middleware$": ["errors"]
"middleware": ["cors", "body-parser", "session", "addHmac", "bos-authentication", "custom-auth"],
"middleware$": []
},

"cors": {
Expand All @@ -18,6 +18,10 @@
"maxWorkers": 1
},

"session": {
"keys": ["sessionKey"]
},

"swagger": {
"refCompiler": {
"petstore": {
Expand All @@ -35,4 +39,5 @@
}
}


}
4 changes: 3 additions & 1 deletion examples/swagger/handlers/api-v1.js
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@

exports.init = function() {

};
Expand All @@ -7,10 +8,11 @@ exports.getFunTimeById = function(req, res, next) {
'curiousPeople': [
{
'kind': 'OtherPerson',
'curiousPersonReqField': 'hey!',
'curiousPersonReqField': 'hey?',
'enthusiasticPersonReqField': 'hola!'
}
]
});
};


30 changes: 30 additions & 0 deletions examples/swagger/middleware/addHmac.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
var sjcl = require('sjcl'),
urlParse = require('url-parse');

exports.init = function (app) {
app.use(function (req, res, next) {
if (req.path.indexOf('superfuntime') !== -1) {
var apiId = '285cd308-1564-4090-b3b4-ce5cfa697c4c';
var apiKey = 'JfOJ15SI7EGjDLX1h8zPB19Zr88ONMPKbBQJozMI0Ag';
var contentMd5 = req.headers['Content-MD5'] || '';
var contentType = req.headers['Content-Type'] || '';
var dateString = new Date().toString();

var urlPath;
if (urlParse) {
urlPath = urlParse(req.url).pathname;
}
var stringToSign = req.method.toUpperCase() + '\n' +
contentMd5 + '\n' +
contentType + '\n' +
dateString + '\n' +
urlPath;

var key = sjcl.codec.utf8String.toBits(apiKey);
var out = (new sjcl.misc.hmac(key, sjcl.hash.sha256)).mac(stringToSign);
var hmac = sjcl.codec.base64.fromBits(out);
req.headers.Authorization = 'SFI ' + apiId + ':' + hmac + ':' + dateString;
}
next();
});
};
43 changes: 43 additions & 0 deletions examples/swagger/middleware/custom-auth.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
var _ = require('lodash');

exports.init = function(app, logger) {
app.use(function (req, res, next) {
if (!req.bosAuthenticationData) {
return next();
}
_.forEach(req.bosAuthenticationData, function (authData) {
switch (authData.type) {

case 'basic':
if (!(authData.username && authData.password)) {
res.setHeader('WWW-Authenticate', 'Basic realm="' + authData.securityReq + '"');
res.status(401).send();
return false;
}
break;
case 'apiKey':
if (!authData.password) {
res.status(401).send();
return false;
}
break;
case 'oauth2':
if (authData.securityDefn.flow === 'implicit') {
if (!(authData.password)) {
res.sendStatus(401);
return false;
}
} else {
if (!(authData.tokenData)) {
res.sendStatus(401);
return false;
}
}
break;
}
});
if (!res.headersSent) {
next();
}
});
};
10 changes: 10 additions & 0 deletions examples/swagger/services/hmacService.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@

exports.init = function () {

};

exports.getApiUser = function (apiId, done) {
done(null, {name: 'joe', getApiKey: function () {
return 'JfOJ15SI7EGjDLX1h8zPB19Zr88ONMPKbBQJozMI0Ag';
}});
};
4 changes: 4 additions & 0 deletions examples/swagger/swagger/api-v1.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,10 @@ produces:
- application/json
paths:
$ref: 'public/paths.yaml'
securityDefinitions:
$ref: 'public/security-definitions.yaml'
x-bos-securityDefinitions:
$ref: 'public/x-bos-security-definitions.yaml'

### ref-compiler: BEGIN
definitions:
Expand Down
11 changes: 11 additions & 0 deletions examples/swagger/swagger/public/paths/superfuntime-{id}.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,17 @@ get:
- Fun Times
parameters:
- $ref: '../parameters/PathId.yaml'
#security:
#- oauthImplicitEx: []
#security:
#- oauthEx: []
#security:
#- basicEx: []
#- apiKeyEx: []
#security:
#- apiKeyEx: []
#x-bos-security:
#- hmac: []
responses:
200:
schema:
Expand Down
17 changes: 17 additions & 0 deletions examples/swagger/swagger/public/security-definitions.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
basicEx:
type: basic
apiKeyEx:
type: apiKey
in: header
name: x-key
oauthEx:
type: oauth2
flow: accessCode
authorizationUrl: http://localhost:3000/auth-code
tokenUrl: http://localhost:3000/access-token
scopes: {}
oauthImplicitEx:
type: oauth2
flow: implicit
authorizationUrl: http://localhost:3000/access-token
scopes: {}
11 changes: 11 additions & 0 deletions examples/swagger/swagger/public/x-bos-security-definitions.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
hmac:
verify:
service: hmacService
method:
name: getApiUser
execute: false
args: []
routeOptions:
session: false
module: passport-hmac-strategy
x-bos-middleware: bos-passport
2 changes: 2 additions & 0 deletions index.js
Original file line number Diff line number Diff line change
Expand Up @@ -363,3 +363,5 @@ module.exports.testUtility = function () {
return require('./testlib/util');
};

module.exports.subRequire = require('./lib/subRequire');

Loading