From: Justin Wind Date: Thu, 30 Dec 2021 21:29:41 +0000 (-0800) Subject: add initial support for api endpoint basic auth, updated dependencies X-Git-Tag: v1.1.0~1 X-Git-Url: http://git.squeep.com/?p=squeep-authentication-module;a=commitdiff_plain;h=1e2d8a7bdb0df28d08258ee813ee6db77168d59e add initial support for api endpoint basic auth, updated dependencies --- diff --git a/lib/authenticator.js b/lib/authenticator.js index 15089a0..efa3d84 100644 --- a/lib/authenticator.js +++ b/lib/authenticator.js @@ -335,6 +335,26 @@ class Authenticator { return this.sessionCheck(req, res, ctx, undefined, false); } + + /** + * Require auth for an API endpoint. + * Check for valid local identifier in session, or Authentication header. + * Prompts for Basic auth if not valid. + * @param {http.ClientRequest} req + * @param {http.ServerResponse} res + * @param {Object} ctx + * @param {Boolean} sessionAlsoValid + */ + async apiRequiredLocal(req, res, ctx, sessionAlsoValid = true) { + const validSession = sessionAlsoValid && this.sessionCheck(req, res, ctx, undefined, false, false); + const authorizationHeader = req.getHeader(Enum.Header.Authorization); + const validAuthorization = authorizationHeader && this.isValidAuthorization(authorizationHeader, ctx); + if (validSession || validAuthorization) { + return true; + } + this.requestBasic(res); + } + } module.exports = Authenticator; \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 92691a7..332580a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -328,14 +328,14 @@ } }, "@eslint/eslintrc": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.0.4.tgz", - "integrity": "sha512-h8Vx6MdxwWI2WM8/zREHMoqdgLNXEL4QX3MWSVMdyNJGvXVOs+6lp+m2hc3FnuMHDc4poxFNI20vCk0OmI4G0Q==", + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.0.5.tgz", + "integrity": "sha512-BLxsnmK3KyPunz5wmCCpqy0YelEoxxGmH73Is+Z74oOTMtExcjkr3dDR6quwrjh1YspA8DH9gnX1o069KiS9AQ==", "dev": true, "requires": { "ajv": "^6.12.4", "debug": "^4.3.2", - "espree": "^9.0.0", + "espree": "^9.2.0", "globals": "^13.9.0", "ignore": "^4.0.6", "import-fresh": "^3.2.1", @@ -345,12 +345,12 @@ } }, "@humanwhocodes/config-array": { - "version": "0.6.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.6.0.tgz", - "integrity": "sha512-JQlEKbcgEUjBFhLIF4iqM7u/9lwgHRBcpHrmUNCALK0Q3amXN6lxdoXLnF0sm11E9VqTmBALR87IlUg1bZ8A9A==", + "version": "0.9.2", + "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.9.2.tgz", + "integrity": "sha512-UXOuFCGcwciWckOpmfKDq/GyhlTf9pN/BzG//x8p8zTOFEcGuA68ANXheFS0AGvy3qgZqLBUkMs7hqzqCKOVwA==", "dev": true, "requires": { - "@humanwhocodes/object-schema": "^1.2.0", + "@humanwhocodes/object-schema": "^1.2.1", "debug": "^4.1.1", "minimatch": "^3.0.4" } @@ -408,9 +408,9 @@ "dev": true }, "@mapbox/node-pre-gyp": { - "version": "1.0.7", - "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.7.tgz", - "integrity": "sha512-PplSvl4pJ5N3BkVjAdDzpPhVUPdC73JgttkR+LnBx2OORC1GCQsBjUeEuipf9uOaAM1SbxcdZFfR3KDTKm2S0A==", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/@mapbox/node-pre-gyp/-/node-pre-gyp-1.0.8.tgz", + "integrity": "sha512-CMGKi28CF+qlbXh26hDe6NxCd7amqeAzEqnS6IHeO6LoaKyM/n+Xw3HT1COdq8cuioOdlKdqn/hCmqPUOMOywg==", "optional": true, "requires": { "detect-libc": "^1.0.3", @@ -418,7 +418,7 @@ "make-dir": "^3.1.0", "node-fetch": "^2.6.5", "nopt": "^5.0.0", - "npmlog": "^6.0.0", + "npmlog": "^5.0.1", "rimraf": "^3.0.2", "semver": "^7.3.5", "tar": "^6.1.11" @@ -466,34 +466,34 @@ "dev": true }, "@squeep/api-dingus": { - "version": "git+https://git.squeep.com/squeep-api-dingus/#47f38ca4c67e902ccef0b7114a0d144f476258bd", - "from": "git+https://git.squeep.com/squeep-api-dingus/#v1.2.2", + "version": "git+https://git.squeep.com/squeep-api-dingus/#a1b8b75e64c862276563e874c11a0228ac681946", + "from": "git+https://git.squeep.com/squeep-api-dingus/#v1.2.3", "requires": { - "mime-db": "^1.50.0", + "mime-db": "^1.51.0", "uuid": "^8.3.2" } }, "@squeep/html-template-helper": { - "version": "git+https://git.squeep.com/squeep-html-template-helper#8cd7ec91b9c27722e16b34275166bfdd9aa20f25", - "from": "git+https://git.squeep.com/squeep-html-template-helper#v1.0.0" + "version": "git+https://git.squeep.com/squeep-html-template-helper#d3f76b9e76b8f133e8158c1087bb01b32c38d9bb", + "from": "git+https://git.squeep.com/squeep-html-template-helper#v1.0.1" }, "@squeep/indieauth-helper": { - "version": "git+https://git.squeep.com/squeep-indieauth-helper/#e648aedc1c912cd07da0b1dad7be3910248b25c9", - "from": "git+https://git.squeep.com/squeep-indieauth-helper/#v1.0.0", + "version": "git+https://git.squeep.com/squeep-indieauth-helper/#f8f7fc8165426471f3d290f10cda2ea2cdb7f643", + "from": "git+https://git.squeep.com/squeep-indieauth-helper/#v1.0.1", "requires": { - "@squeep/web-linking": "git+https://git.squeep.com/squeep-web-linking/#v1.0.0", - "axios": "^0.23.0", + "@squeep/web-linking": "git+https://git.squeep.com/squeep-web-linking/#v1.0.2", + "axios": "^0.24.0", "iconv": "^3.0.1", "microformats-parser": "^1.4.0" } }, "@squeep/mystery-box": { - "version": "git+https://git.squeep.com/squeep-mystery-box/#8df7723f7bbd9ad239bd5a3f66d6e9a8cd3c8100", - "from": "git+https://git.squeep.com/squeep-mystery-box/#v1.0.1" + "version": "git+https://git.squeep.com/squeep-mystery-box/#c6559eefb2fa776d6e4eedb876470790a53339c1", + "from": "git+https://git.squeep.com/squeep-mystery-box/#v1.0.2" }, "@squeep/web-linking": { - "version": "git+https://git.squeep.com/squeep-web-linking/#3436c07c25324507228f3d538d345ea35751c623", - "from": "git+https://git.squeep.com/squeep-web-linking/#v1.0.0" + "version": "git+https://git.squeep.com/squeep-web-linking/#e0d9ba95109a2bbb61dbdce7a582f5579aa77c5c", + "from": "git+https://git.squeep.com/squeep-web-linking/#v1.0.2" }, "@ungap/promise-all-settled": { "version": "1.1.2", @@ -508,9 +508,9 @@ "optional": true }, "acorn": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.6.0.tgz", - "integrity": "sha512-U1riIR+lBSNi3IbxtaHOIKdH8sLFv3NYfNv8sg7ZsNhcfl4HF2++BfqqrNAxoCLQW1iiylOj76ecnaUxz+z9yw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.7.0.tgz", + "integrity": "sha512-V/LGr1APy+PXIwKebEWrkZPwoeoF+w1jiOBUmuxuiUIaOHtob8Qc9BTrYo7VuI5fR8tqsy+buA2WFooR5olqvQ==", "dev": true }, "acorn-jsx": { @@ -611,14 +611,14 @@ } }, "argon2": { - "version": "0.28.2", - "resolved": "https://registry.npmjs.org/argon2/-/argon2-0.28.2.tgz", - "integrity": "sha512-8oRk3kPlL0lLletENzhpbF9zoZJqvIHwTkjBseMrg1uD4gBMqhqnjJz1z3lEtwT0oqQAEkEwsEpsjaQBBRHcWw==", + "version": "0.28.3", + "resolved": "https://registry.npmjs.org/argon2/-/argon2-0.28.3.tgz", + "integrity": "sha512-NkEJOImg+T7nnkx6/Fy8EbjZsF20hbBBKdVP/YUxujuLTAjIODmrFeY4vVpekKwGAGDm6roXxluFQ+CIaoVrbg==", "optional": true, "requires": { - "@mapbox/node-pre-gyp": "^1.0.1", + "@mapbox/node-pre-gyp": "^1.0.7", "@phc/format": "^1.0.0", - "node-addon-api": "^3.0.2", + "node-addon-api": "^4.2.0", "opencollective-postinstall": "^2.0.3" } }, @@ -629,9 +629,9 @@ "dev": true }, "axios": { - "version": "0.23.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.23.0.tgz", - "integrity": "sha512-NmvAE4i0YAv5cKq8zlDoPd1VLKAqX5oLuZKs8xkJa4qi6RGn0uhCYFjWtHHC9EM/MwOwYWOs53W+V0aqEXq1sg==", + "version": "0.24.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-0.24.0.tgz", + "integrity": "sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==", "requires": { "follow-redirects": "^1.14.4" } @@ -721,6 +721,7 @@ "version": "3.0.0", "resolved": "https://registry.npmjs.org/camel-case/-/camel-case-3.0.0.tgz", "integrity": "sha1-yjw2iKTpzzpM2nd9xNy8cTJJz3M=", + "dev": true, "requires": { "no-case": "^2.2.0", "upper-case": "^1.1.1" @@ -784,6 +785,7 @@ "version": "4.2.4", "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-4.2.4.tgz", "integrity": "sha512-EJUDT7nDVFDvaQgAo2G/PJvxmp1o/c6iXLbswsBbUFXi1Nr+AjA2cKmfbKDMjMvzEe75g3P6JkaDDAKk96A85A==", + "dev": true, "requires": { "source-map": "~0.6.0" }, @@ -791,7 +793,8 @@ "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true } } }, @@ -839,7 +842,8 @@ "commander": { "version": "2.17.1", "resolved": "https://registry.npmjs.org/commander/-/commander-2.17.1.tgz", - "integrity": "sha512-wPMUt6FnH2yzG95SA6mzjQOEKUU3aLaDEmzs1ti+1E9h+CsrZghRlqEM/EJ4KscsQVG8uNN4uVreUeT8+drlgg==" + "integrity": "sha512-wPMUt6FnH2yzG95SA6mzjQOEKUU3aLaDEmzs1ti+1E9h+CsrZghRlqEM/EJ4KscsQVG8uNN4uVreUeT8+drlgg==", + "dev": true }, "commondir": { "version": "1.0.1", @@ -1029,13 +1033,13 @@ "dev": true }, "eslint": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.2.0.tgz", - "integrity": "sha512-erw7XmM+CLxTOickrimJ1SiF55jiNlVSp2qqm0NuBWPtHYQCegD5ZMaW0c3i5ytPqL+SSLaCxdvQXFPLJn+ABw==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.5.0.tgz", + "integrity": "sha512-tVGSkgNbOfiHyVte8bCM8OmX+xG9PzVG/B4UCF60zx7j61WIVY/AqJECDgpLD4DbbESD0e174gOg3ZlrX15GDg==", "dev": true, "requires": { - "@eslint/eslintrc": "^1.0.4", - "@humanwhocodes/config-array": "^0.6.0", + "@eslint/eslintrc": "^1.0.5", + "@humanwhocodes/config-array": "^0.9.2", "ajv": "^6.10.0", "chalk": "^4.0.0", "cross-spawn": "^7.0.2", @@ -1043,10 +1047,10 @@ "doctrine": "^3.0.0", "enquirer": "^2.3.5", "escape-string-regexp": "^4.0.0", - "eslint-scope": "^6.0.0", + "eslint-scope": "^7.1.0", "eslint-utils": "^3.0.0", - "eslint-visitor-keys": "^3.0.0", - "espree": "^9.0.0", + "eslint-visitor-keys": "^3.1.0", + "espree": "^9.2.0", "esquery": "^1.4.0", "esutils": "^2.0.2", "fast-deep-equal": "^3.1.3", @@ -1154,15 +1158,15 @@ } }, "eslint-plugin-sonarjs": { - "version": "0.10.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.10.0.tgz", - "integrity": "sha512-FBRIBmWQh2UAfuLSnuYEfmle33jIup9hfkR0X8pkfjeCKNpHUG8qyZI63ahs3aw8CJrv47QJ9ccdK3ZxKH016A==", + "version": "0.11.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-sonarjs/-/eslint-plugin-sonarjs-0.11.0.tgz", + "integrity": "sha512-ei/WuZiL0wP+qx2KrxKyZs3+eDbxiGAhFSm3GKCOOAUkg+G2ny6TSXDB2j67tvyqHefi+eoQsAgGQvz+nEtIBw==", "dev": true }, "eslint-scope": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-6.0.0.tgz", - "integrity": "sha512-uRDL9MWmQCkaFus8RF5K9/L/2fn+80yoW3jkD53l4shjCh26fCtvJGasxjUqP5OT87SYTxCVA3BwTUzuELx9kA==", + "version": "7.1.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-7.1.0.tgz", + "integrity": "sha512-aWwkhnS0qAXqNOgKOK0dJ2nvzEbhEvpy8OlJ9kZ0FeZnA6zpjv1/Vei+puGFFX7zkPCkHHXb7IDX3A+7yPrRWg==", "dev": true, "requires": { "esrecurse": "^4.3.0", @@ -1193,14 +1197,14 @@ "dev": true }, "espree": { - "version": "9.0.0", - "resolved": "https://registry.npmjs.org/espree/-/espree-9.0.0.tgz", - "integrity": "sha512-r5EQJcYZ2oaGbeR0jR0fFVijGOcwai07/690YRXLINuhmVeRY4UKSAsQPe/0BNuDgwP7Ophoc1PRsr2E3tkbdQ==", + "version": "9.2.0", + "resolved": "https://registry.npmjs.org/espree/-/espree-9.2.0.tgz", + "integrity": "sha512-oP3utRkynpZWF/F2x/HZJ+AGtnIclaR7z1pYPxy7NYM2fSO6LgK/Rkny8anRSPK/VwEA1eqm2squui0T7ZMOBg==", "dev": true, "requires": { - "acorn": "^8.5.0", + "acorn": "^8.6.0", "acorn-jsx": "^5.3.1", - "eslint-visitor-keys": "^3.0.0" + "eslint-visitor-keys": "^3.1.0" } }, "esprima": { @@ -1324,9 +1328,9 @@ "dev": true }, "follow-redirects": { - "version": "1.14.5", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.5.tgz", - "integrity": "sha512-wtphSXy7d4/OR+MvIFbCVBDzZ5520qV8XfPklSN5QtxuMUJZ+b0Wnst1e1lCDocfzuCkHqj8k0FpZqO+UIaKNA==" + "version": "1.14.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.6.tgz", + "integrity": "sha512-fhUl5EwSJbbl8AR+uYL2KQDxLkdSjZGR36xy46AO7cOMTrCMON6Sa28FmAnC2tRTDbd/Uuzz3aJBv7EBN7JH8A==" }, "foreground-child": { "version": "2.0.0", @@ -1378,16 +1382,16 @@ "dev": true }, "gauge": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.0.tgz", - "integrity": "sha512-F8sU45yQpjQjxKkm1UOAhf0U/O0aFt//Fl7hsrNVto+patMHjs7dPI9mFOGUKbhrgKm0S3EjW3scMFuQmWSROw==", + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-3.0.2.tgz", + "integrity": "sha512-+5J6MS/5XksCuXq++uFRsnUd7Ovu1XenbeuIuNRJxYWjgQbPuFhT14lAvsWfqfAmnwluf1OwMjz39HjfLPci0Q==", "optional": true, "requires": { - "ansi-regex": "^5.0.1", "aproba": "^1.0.3 || ^2.0.0", "color-support": "^1.1.2", "console-control-strings": "^1.0.0", "has-unicode": "^2.0.1", + "object-assign": "^4.1.1", "signal-exit": "^3.0.0", "string-width": "^4.2.3", "strip-ansi": "^6.0.1", @@ -1496,7 +1500,8 @@ "he": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", - "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==" + "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==", + "dev": true }, "html-escaper": { "version": "2.0.2", @@ -1508,6 +1513,7 @@ "version": "3.5.21", "resolved": "https://registry.npmjs.org/html-minifier/-/html-minifier-3.5.21.tgz", "integrity": "sha512-LKUKwuJDhxNa3uf/LPR/KVjm/l3rBqtYeCOAekvG8F1vItxMUpueGd94i/asDDr8/1u7InxzFA5EeGjhhG5mMA==", + "dev": true, "requires": { "camel-case": "3.0.x", "clean-css": "4.2.x", @@ -1522,6 +1528,7 @@ "version": "2.0.0", "resolved": "https://registry.npmjs.org/html-minifier-lint/-/html-minifier-lint-2.0.0.tgz", "integrity": "sha1-i0vuyTHaiNsEyHc+5WgYjfO111g=", + "dev": true, "requires": { "html-minifier": "3.x" } @@ -1863,7 +1870,8 @@ "lower-case": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/lower-case/-/lower-case-1.1.4.tgz", - "integrity": "sha1-miyr0bno4K6ZOkv31YdcOcQujqw=" + "integrity": "sha1-miyr0bno4K6ZOkv31YdcOcQujqw=", + "dev": true }, "lru-cache": { "version": "6.0.0", @@ -2134,14 +2142,15 @@ "version": "2.3.2", "resolved": "https://registry.npmjs.org/no-case/-/no-case-2.3.2.tgz", "integrity": "sha512-rmTZ9kz+f3rCvK2TD1Ue/oZlns7OGoIWP4fc3llxxRXlOkHKoWPPWJOfFYpITabSow43QJbRIoHQXtt10VldyQ==", + "dev": true, "requires": { "lower-case": "^1.1.1" } }, "node-addon-api": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-3.2.1.tgz", - "integrity": "sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A==", + "version": "4.2.0", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-4.2.0.tgz", + "integrity": "sha512-eazsqzwG2lskuzBqCGPi7Ac2UgOoMz8JVOXVhTvvPDYhthvNpefx8jWD8Np7Gv+2Sz0FlPWZk0nJV0z598Wn8Q==", "optional": true }, "node-fetch": { @@ -2331,14 +2340,14 @@ "dev": true }, "npmlog": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.0.tgz", - "integrity": "sha512-03ppFRGlsyUaQFbGC2C8QWJN/C/K7PsfyD9aQdhVKAQIH4sQBc8WASqFBP7O+Ut4d2oo5LoeoboB3cGdBZSp6Q==", + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-5.0.1.tgz", + "integrity": "sha512-AqZtDUWOMKs1G/8lwylVjrdYgqA4d9nu8hc+0gzRxlDb1I10+FHBGMXs6aiQHFdCUUlqH99MUMuLfzWDNDtfxw==", "optional": true, "requires": { "are-we-there-yet": "^2.0.0", "console-control-strings": "^1.1.0", - "gauge": "^4.0.0", + "gauge": "^3.0.0", "set-blocking": "^2.0.0" } }, @@ -2477,6 +2486,7 @@ "version": "2.1.1", "resolved": "https://registry.npmjs.org/param-case/-/param-case-2.1.1.tgz", "integrity": "sha1-35T9jPZTHs915r75oIWPvHK+Ikc=", + "dev": true, "requires": { "no-case": "^2.2.0" } @@ -2695,7 +2705,8 @@ "relateurl": { "version": "0.2.7", "resolved": "https://registry.npmjs.org/relateurl/-/relateurl-0.2.7.tgz", - "integrity": "sha1-VNvzd+UUQKypCkzSdGANP/LYiKk=" + "integrity": "sha1-VNvzd+UUQKypCkzSdGANP/LYiKk=", + "dev": true }, "release-zalgo": { "version": "1.0.0", @@ -2998,6 +3009,7 @@ "version": "3.4.10", "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.4.10.tgz", "integrity": "sha512-Y2VsbPVs0FIshJztycsO2SfPk7/KAF/T72qzv9u5EpQ4kB2hQoHlhNQTsNyy6ul7lQtqJN/AoWeS23OzEiEFxw==", + "dev": true, "requires": { "commander": "~2.19.0", "source-map": "~0.6.1" @@ -3006,19 +3018,22 @@ "commander": { "version": "2.19.0", "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz", - "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg==" + "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg==", + "dev": true }, "source-map": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz", - "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==" + "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==", + "dev": true } } }, "upper-case": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/upper-case/-/upper-case-1.1.3.tgz", - "integrity": "sha1-9rRQHC7EzdJrp4vnIilh3ndiFZg=" + "integrity": "sha1-9rRQHC7EzdJrp4vnIilh3ndiFZg=", + "dev": true }, "uri-js": { "version": "4.4.1", diff --git a/package.json b/package.json index fa39a8d..85ad94d 100644 --- a/package.json +++ b/package.json @@ -30,20 +30,20 @@ "coverage-check" ], "dependencies": { - "@squeep/api-dingus": "git+https://git.squeep.com/squeep-api-dingus/#v1.2.2", - "@squeep/html-template-helper": "git+https://git.squeep.com/squeep-html-template-helper#v1.0.0", - "@squeep/indieauth-helper": "git+https://git.squeep.com/squeep-indieauth-helper/#v1.0.0", - "@squeep/mystery-box": "git+https://git.squeep.com/squeep-mystery-box/#v1.0.1" + "@squeep/api-dingus": "git+https://git.squeep.com/squeep-api-dingus/#v1.2.3", + "@squeep/html-template-helper": "git+https://git.squeep.com/squeep-html-template-helper#v1.0.1", + "@squeep/indieauth-helper": "git+https://git.squeep.com/squeep-indieauth-helper/#v1.0.1", + "@squeep/mystery-box": "git+https://git.squeep.com/squeep-mystery-box/#v1.0.2" }, "optionalDependencies": { - "argon2": "^0.28.2", + "argon2": "^0.28.3", "node-linux-pam": "^0.2.1" }, "devDependencies": { - "eslint": "^8.2.0", + "eslint": "^8.5.0", "eslint-plugin-node": "^11.1.0", "eslint-plugin-security": "^1.4.0", - "eslint-plugin-sonarjs": "^0.10.0", + "eslint-plugin-sonarjs": "^0.11.0", "html-minifier-lint": "^2.0.0", "mocha": "^9.1.3", "nyc": "^15.1.0", diff --git a/test/lib/authenticator.js b/test/lib/authenticator.js index cc75652..3ab6fb3 100644 --- a/test/lib/authenticator.js +++ b/test/lib/authenticator.js @@ -406,4 +406,41 @@ describe('Authenticator', function () { }); // convenience wrappers }); // sessionCheck + describe('apiRequiredLocal', function () { + let req, res, ctx; + beforeEach(function () { + ctx = {}; + req = { + getHeader: sinon.stub(), + }; + res = { + end: sinon.stub(), + setHeader: sinon.stub(), + }; + }); + it('covers valid basic auth', async function () { + req.getHeader.returns('Basic Zm9vOmJhcg=='); + sinon.stub(authenticator, 'sessionCheck').resolves(false); + sinon.stub(authenticator, 'isValidAuthorization').resolves(true); + const result = await authenticator.apiRequiredLocal(req, res, ctx); + assert(authenticator.sessionCheck.called); + assert(authenticator.isValidAuthorization.called); + assert.strictEqual(result, true); + }); + it('requests basic auth when missing, ignores session', async function () { + req.getHeader.returns(); + sinon.stub(authenticator, 'isValidAuthorization').resolves(true); + try { + await authenticator.apiRequiredLocal(req, res, ctx, false); + assert.fail(noExpectedException); + } catch (e) { + console.log(e); + assert.strictEqual(e.statusCode, 401); + assert(!authenticator.sessionCheck.called); + assert(!authenticator.isValidAuthorization.called); + assert(res.setHeader.called); + } + }); + }); // apiRequiredLocal + }); // Authenticator diff --git a/test/lib/template/ia-html.js b/test/lib/template/ia-html.js index 8bb1a6c..0b2d649 100644 --- a/test/lib/template/ia-html.js +++ b/test/lib/template/ia-html.js @@ -3,14 +3,7 @@ const assert = require('assert'); const { IAHTML } = require('../../../lib/template'); -const stubLogger = require('../../stub-logger'); -const lint = require('html-minifier-lint').lint; // eslint-disable-line node/no-unpublished-require - -function lintHtml(html) { - const result = lint(html); - stubLogger.debug('validHtml', '', { result, html }); - assert(!result); -} +const lintHtml = require('../../lint-html'); describe('Template IAHTML', function () { let ctx, options; diff --git a/test/lib/template/login-html.js b/test/lib/template/login-html.js index 4d23911..6bf0b8f 100644 --- a/test/lib/template/login-html.js +++ b/test/lib/template/login-html.js @@ -3,14 +3,7 @@ const assert = require('assert'); const { LoginHTML } = require('../../../lib/template'); -const stubLogger = require('../../stub-logger'); -const lint = require('html-minifier-lint').lint; // eslint-disable-line node/no-unpublished-require - -function lintHtml(html) { - const result = lint(html); - stubLogger.debug('validHtml', '', { result, html }); - assert(!result); -} +const lintHtml = require('../../lint-html'); describe('Template LoginHTML', function () { let ctx, options; diff --git a/test/lint-html.js b/test/lint-html.js new file mode 100644 index 0000000..4b5cd47 --- /dev/null +++ b/test/lint-html.js @@ -0,0 +1,13 @@ +'use strict'; + +const assert = require('assert'); +const stubLogger = require('./stub-logger'); +const { lint } = require('html-minifier-lint'); // eslint-disable-line node/no-unpublished-require + +function lintHtml(html) { + const result = lint(html); + stubLogger.debug('lintHtml', '', { result, html }); + assert(!result); +} + +module.exports = lintHtml;