Skip to content

Commit

Permalink
Merge pull request #3 from viniciussanchez/patch-3
Browse files Browse the repository at this point in the history 
Error when passing authentication type other than bearer
  • Loading branch information
@snakeice
snakeice authored Aug 26, 2019
2 parents a2f469e + 1cff649 commit cac5b50
Showing 1 changed file with 11 additions and 12 deletions.
23 changes: 11 additions & 12 deletions src/Horse.JWT.pas
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,8 @@

interface

uses
Horse, System.Classes, System.JSON, Web.HTTPApp, System.SysUtils,
JOSE.Core.JWT, JOSE.Core.JWK, JOSE.Core.Builder, JOSE.Consumer.Validators,
JOSE.Consumer, JOSE.Context, REST.JSON;
uses Horse, System.Classes, System.JSON, Web.HTTPApp, System.SysUtils, JOSE.Core.JWT, JOSE.Core.JWK, JOSE.Core.Builder,
JOSE.Consumer.Validators, JOSE.Consumer, JOSE.Context, REST.JSON;

procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: TProc);
function HorseJWT(ASecretJWT: string; AHeader: string = 'authorization'): THorseCallback; overload;
Expand All @@ -25,8 +23,7 @@ function HorseJWT(ASecretJWT: string; AHeader: string = 'authorization'): THorse
Result := Middleware;
end;

function HorseJWT(ASecretJWT: string; ASessionClass: TClass; AHeader: string = 'authorization')
: THorseCallback; overload;
function HorseJWT(ASecretJWT: string; ASessionClass: TClass; AHeader: string = 'authorization'): THorseCallback; overload;
begin
Result := HorseJWT(ASecretJWT, AHeader);
SessionClass := ASessionClass;
Expand All @@ -46,16 +43,20 @@ procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: TProc);
raise EHorseCallbackInterrupted.Create;
end;

if Pos('bearer', LowerCase(LToken)) = 0 then
begin
Res.Send('Invalid authorization type').Status(401);
raise EHorseCallbackInterrupted.Create;
end;

LToken := LToken.Replace('bearer ', '', [rfIgnoreCase]);
LValidations := TJOSEConsumerBuilder.NewConsumer.SetVerificationKey(SecretJWT).SetSkipVerificationKeyValidation
.SetRequireExpirationTime.Build;

LValidations := TJOSEConsumerBuilder.NewConsumer.SetVerificationKey(SecretJWT)
.SetSkipVerificationKeyValidation.SetRequireExpirationTime.Build;
try

LJWT := TJOSEContext.Create(LToken, TJWTClaims);
try
try

LValidations.ProcessContext(LJWT);
LJSON := LJWT.GetClaims.JSON;

Expand All @@ -65,9 +66,7 @@ procedure Middleware(Req: THorseRequest; Res: THorseResponse; Next: TProc);
LSession := TJSONValue.Create;

TJson.JsonToObject(LSession, LJSON);

THorseHackRequest(Req).SetSession(LSession);

except
on E: exception do
begin
Expand Down

0 comments on commit cac5b50

Please sign in to comment.