Added scopes

pomgui · Sep 8, 2020 · 88d08e8 · 88d08e8
1 parent 1932fc2
commit 88d08e8
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 6 deletions.
diff --git a/lib/service/PiService.ts b/lib/service/PiService.ts
@@ -96,11 +96,11 @@ function decorator(path: string, defineRoute: IRouterMatcher<void>, options?: Pi
 
     async function checkSecurityAnd(items: { [secname: string]: string[] }, req: Request): Promise<boolean> {
         const ANDlist = Object.entries(items)
-            .map(([secname, values]) => {
+            .map(([secname, scopes]) => {
                 const def = _security.definition[secname];
                 assert(def, `OpenApi spec: securityDefinitions does not define '${secname}'`);
-                const value = getSecItemValue(def, req);
-                const promiseLike = _security.validator(secname, value);
+                const requestValue = getSecItemValue(def, req);
+                const promiseLike = _security.validator(secname, scopes, requestValue);
                 return Promise.resolve(promiseLike);
             })
         const ANDresult = await Promise.all(ANDlist);

diff --git a/lib/service/types.ts b/lib/service/types.ts
@@ -37,11 +37,12 @@ export type PiSecurityValidator = {
     /**
      * Custom validator of the access token/basic auth.
      * @param name Name of the security definition on openapi spec.
-     * @param value Value to be validated. The content will depend on the type 
+     * @param scopes Security scope defined on each operation
+     * @param requestValue Value to be validated. The content will depend on the type 
      *              of the security definition for that name.
      *              type    value
      *              ----    -------
-     *              basic   Value sent in "Authorization" header
+     *              basic   base64-decoded value. It was sent in "Authorization" header.
      *              apiKey  Key sent in the header/query with the name defined in the spec.
      *              oauth2  Not supported.
      * @return true/false depending on the result of the validation.
@@ -50,7 +51,7 @@ export type PiSecurityValidator = {
      * necessary to get the final result.
      * @see https://swagger.io/docs/specification/2-0/authentication/
      */
-    (name: string, value: any): boolean | Promise<boolean>;
+    (name: string, scopes: string[], requestValue: any): boolean | Promise<boolean>;
 }
 
 export type PiSecurityDefItem = {