|
1 | | -const { Authorizer } = require("@authorizerdev/authorizer-js"); |
| 1 | +const { Authorizer } = require('@authorizerdev/authorizer-js'); |
2 | 2 |
|
3 | 3 | const authRef = new Authorizer({ |
4 | | - authorizerURL: "https://demo.authorizer.dev", |
5 | | - redirectURL: "https://demo.authorizer.dev/app", |
6 | | - clientID: "96fed66c-9779-4694-a79a-260fc489ce33", |
| 4 | + authorizerURL: 'https://demo.authorizer.dev', |
| 5 | + redirectURL: 'https://demo.authorizer.dev/app', |
| 6 | + clientID: '96fed66c-9779-4694-a79a-260fc489ce33', |
7 | 7 | }); |
8 | 8 |
|
9 | 9 | const authMiddleware = async (req, res, next) => { |
10 | 10 | const authHeader = req.headers.authorization; |
11 | 11 | if (!authHeader) { |
12 | | - return res.status(403).json({ error: "Authorization not found" }); |
| 12 | + return res.status(403).json({ error: 'Authorization not found' }); |
13 | 13 | } |
14 | 14 |
|
15 | | - const splitHeader = authHeader.split(" "); |
| 15 | + const splitHeader = authHeader.split(' '); |
16 | 16 | if (splitHeader.length != 2) { |
17 | | - return res.status(403).json({ error: "Invalid auth header" }); |
| 17 | + return res.status(403).json({ error: 'Invalid auth header' }); |
18 | 18 | } |
19 | 19 |
|
20 | | - if (splitHeader[0].toLowerCase() != "bearer") { |
21 | | - return res.status(403).json({ error: "Bearer token not found" }); |
| 20 | + if (splitHeader[0].toLowerCase() != 'bearer') { |
| 21 | + return res.status(403).json({ error: 'Bearer token not found' }); |
22 | 22 | } |
23 | 23 |
|
24 | 24 | const token = splitHeader[1]; |
25 | 25 | // Validate jwt token via authorizer sdk |
26 | 26 | try { |
27 | | - const res = await authRef.validateJWTToken({ |
| 27 | + const { data, errors } = await authRef.validateJWTToken({ |
28 | 28 | token, |
29 | | - token_type: "id_token", // This can be access_token, refresh_token |
| 29 | + token_type: 'id_token', // This can be access_token, refresh_token |
30 | 30 | // roles: [user] // specify roles that you want to validate jwt for, by default it will just verify jwt. |
31 | 31 | }); |
32 | | - req.user = res.claims; |
| 32 | + if (errors.length) { |
| 33 | + throw new Error(errors[0].message); |
| 34 | + } |
| 35 | + req.user = data.claims; |
33 | 36 | } catch (err) { |
34 | 37 | console.error(err); |
35 | | - return res.status(403).json({ error: "Invalid JWT token" }); |
| 38 | + return res.status(403).json({ error: 'Invalid JWT token' }); |
36 | 39 | } |
37 | 40 |
|
38 | 41 | next(); |
|
0 commit comments