35 lines
1.3 KiB
JavaScript
35 lines
1.3 KiB
JavaScript
// Proxy auth is meant to be used by a reverse proxy that injects permission headers into the origin
|
|
// request. In this case we are relying on our proxy to authenitcate our users and validate.
|
|
const ProxyAuthKey="proxy_auth"
|
|
|
|
function getProxyPermissions(userHeader, groupHeader, request) {
|
|
const user = (userHeader)?request.headers.get(userHeader):None;
|
|
const groupsString = (groupHeader)?request.headers.get(groupHeader):"";
|
|
|
|
return {user: user, groups: (groupsString)?groupsString.split(",").map((v) => v.trimStart()):[]}
|
|
}
|
|
|
|
function createProxyAuth({groupHeader, userHeader}) {
|
|
return {
|
|
getContext : (request) => {
|
|
return {
|
|
provider: ProxyAuthKey,
|
|
headers: {
|
|
...userHeader && {[userHeader]: request.headers.get(userHeader) },
|
|
...groupHeader && {[groupHeader]: request.headers.get(groupHeader)}
|
|
}
|
|
}
|
|
},
|
|
authorize : (request) => getProxyPermissions(userHeader, groupHeader, request)
|
|
}
|
|
}
|
|
|
|
async function fetchProxyAuth([key, context]) {
|
|
return fetch(key, {headers: context.headers}).then((res) => res.json())
|
|
}
|
|
|
|
export const ProxyAuthProvider = {
|
|
key: ProxyAuthKey,
|
|
create: createProxyAuth,
|
|
fetch: fetchProxyAuth
|
|
} |