Home Explore Help
Sign In
SMusatov
/
hoppscotch
mirror of https://github.com/hoppscotch/hoppscotch.git
1
0
Fork 0
Files Wiki
Tree: d13b381097
Branches Tags
hoppscotch
/
packages
/
hoppscotch-app
/
helpers
/
curl
/
sub_helpers
/
auth.ts

auth.ts 3.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 
  1. import { HoppRESTAuth } from "@hoppscotch/data"
    2. 

  2. import parser from "yargs-parser"
    3. 

  3. import * as O from "fp-ts/Option"
    4. 

  4. import * as S from "fp-ts/string"
    5. 

  5. import { pipe } from "fp-ts/function"
    6. 

  6. import { getDefaultRESTRequest } from "~/newstore/RESTSession"
    7. 

  7. import { objHasProperty } from "~/helpers/functional/object"
    8. 

  8. 

  9. const defaultRESTReq = getDefaultRESTRequest()
    10. 

  10. 

  11. const getAuthFromAuthHeader = (headers: Record<string, string>) =>
    12. 

  12.   pipe(
    13. 

  13.     headers.Authorization,
    14. 

  14.     O.fromNullable,
    15. 

  15.     O.map((a) => a.split(" ")),
    16. 

  16.     O.filter((a) => a.length > 1),
    17. 

  17.     O.chain((kv) =>
    18. 

  18.       O.fromNullable(
    19. 

  19.         (() => {
    20. 

  20.           switch (kv[0].toLowerCase()) {
    21. 

  21.             case "bearer":
    22. 

  22.               return <HoppRESTAuth>{
    23. 

  23.                 authActive: true,
    24. 

  24.                 authType: "bearer",
    25. 

  25.                 token: kv[1],
    26. 

  26.               }
    27. 

  27.             case "basic": {
    28. 

  28.               const [username, password] = pipe(
    29. 

  29.                 O.tryCatch(() => atob(kv[1])),
    30. 

  30.                 O.map(S.split(":")),
    31. 

  31.                 // can have a username with no password
    32. 

  32.                 O.filter((arr) => arr.length > 0),
    33. 

  33.                 O.map(
    34. 

  34.                   ([username, password]) =>
    35. 

  35.                     <[string, string]>[username, password]
    36. 

  36.                 ),
    37. 

  37.                 O.getOrElse(() => ["", ""])
    38. 

  38.               )
    39. 

  39. 

  40.               if (!username) return undefined
    41. 

  41. 

  42.               return <HoppRESTAuth>{
    43. 

  43.                 authActive: true,
    44. 

  44.                 authType: "basic",
    45. 

  45.                 username,
    46. 

  46.                 password: password ?? "",
    47. 

  47.               }
    48. 

  48.             }
    49. 

  49.             default:
    50. 

  50.               return undefined
    51. 

  51.           }
    52. 

  52.         })()
    53. 

  53.       )
    54. 

  54.     )
    55. 

  55.   )
    56. 

  56. 

  57. const getAuthFromParsedArgs = (parsedArguments: parser.Arguments) =>
    58. 

  58.   pipe(
    59. 

  59.     parsedArguments,
    60. 

  60.     O.fromPredicate(objHasProperty("u", "string")),
    61. 

  61.     O.chain((args) =>
    62. 

  62.       pipe(
    63. 

  63.         args.u,
    64. 

  64.         S.split(":"),
    65. 

  65.         // can have a username with no password
    66. 

  66.         O.fromPredicate((arr) => arr.length > 0 && arr[0].length > 0),
    67. 

  67.         O.map(
    68. 

  68.           ([username, password]) => <[string, string]>[username, password ?? ""]
    69. 

  69.         )
    70. 

  70.       )
    71. 

  71.     ),
    72. 

  72.     O.map(
    73. 

  73.       ([username, password]) =>
    74. 

  74.         <HoppRESTAuth>{
    75. 

  75.           authActive: true,
    76. 

  76.           authType: "basic",
    77. 

  77.           username,
    78. 

  78.           password,
    79. 

  79.         }
    80. 

  80.     )
    81. 

  81.   )
    82. 

  82. 

  83. const getAuthFromURLObject = (urlObject: URL) =>
    84. 

  84.   pipe(
    85. 

  85.     urlObject,
    86. 

  86.     (url) => [url.username, url.password ?? ""],
    87. 

  87.     // can have a username with no password
    88. 

  88.     O.fromPredicate(([username, _]) => !!username && username.length > 0),
    89. 

  89.     O.map(
    90. 

  90.       ([username, password]) =>
    91. 

  91.         <HoppRESTAuth>{
    92. 

  92.           authActive: true,
    93. 

  93.           authType: "basic",
    94. 

  94.           username,
    95. 

  95.           password,
    96. 

  96.         }
    97. 

  97.     )
    98. 

  98.   )
    99. 

  99. 

  100. /**
    101. 

  101.  * Preference order:
    102. 

  102.  *    - Auth headers
    103. 

  103.  *    - --user or -u argument
    104. 

  104.  *    - Creds provided along with URL
    105. 

  105.  */
    106. 

  106. export const getAuthObject = (
    107. 

  107.   parsedArguments: parser.Arguments,
    108. 

  108.   headers: Record<string, string>,
    109. 

  109.   urlObject: URL
    110. 

  110. ): HoppRESTAuth =>
    111. 

  111.   pipe(
    112. 

  112.     getAuthFromAuthHeader(headers),
    113. 

  113.     O.alt(() => getAuthFromParsedArgs(parsedArguments)),
    114. 

  114.     O.alt(() => getAuthFromURLObject(urlObject)),
    115. 

  115.     O.getOrElse(() => defaultRESTReq.auth)
    116. 

  116.   )
    117.