Merge pull request #117 from rafinskipg/master

Change to use tokenObject

package.json

@@ -44,10 +44,11 @@
     "body-parser": "^1.12.0",
     "bunyan": "^1.5.1",
     "composr-cli": "^0.5.2",
-    "composr-core": "~3.0.0",
+    "composr-core": "~4.0.0",
     "config": "^1.21.0",
     "connect-timeout": "^1.6.1",
     "corbel-js": "~0.6.6",
+    "corbel-token-verifier": "0.0.2",
     "cors": "^2.5.3",
     "debug": "~2.2.0",
     "es6-promise": "~3.0.2",

src/app.js

@@ -12,7 +12,7 @@ var engine = require('./lib/engine')
 var config = require('config')
 var configChecker = require('./utils/envConfigChecker')
 var logger = require('./utils/composrLogger')
-var ComposrError = require('./lib/ComposrError')
+var ComposrError = require('composr-core').ComposrError
 var yn = require('yn')
 
 /* ************************************
@@ -54,17 +54,17 @@ server.on('uncaughtException', function (req, res, route, err) {
   if (res.headersSent) {
     return (false)
   }
+  var status = err.statusCode || err.status || 500
+  var body = err.message || err.errorDescription || err.body || err.data || err
 
   if (err instanceof ComposrError === false) {
-    err = new ComposrError('error:internal:server:error', err.message, err.status || err.statusCode || 500)
+    err = new ComposrError('error:internal:server:error', body, status)
   }
-  var status = err.statusCode || err.status || 500
-  var body = err.body || err.data || err
 
   logger.warn('[App]', 'Error caught by router uncaughtException', req.path())
   logger.error(status, body, route)
 
-  res.send(status, body)
+  res.send(status, err)
   hub.emit('http:end', req, res)
 })
 

src/lib/auth.js

@@ -1,6 +1,6 @@
 'use strict'
 
-var ComposrError = require('./ComposrError')
+var ComposrError = require('composr-core').ComposrError
 
 var getAuth = function (req, res) {
   if (!req) {

src/lib/connectors/corbel.js

@@ -3,7 +3,8 @@
 var corbel = require('corbel-js')
 var config = require('config')
 var _ = require('lodash')
-var ComposrError = require('../ComposrError')
+var tokenVerifier = require('corbel-token-verifier')
+var ComposrError = require('composr-core').ComposrError
 var logger = require('../../utils/composrLogger')
 var https = require('https')
 
@@ -14,10 +15,10 @@ var corbelConfig = config.get('corbel.options')
 corbelConfig = _.extend(corbelConfig, config.get('corbel.credentials'))
 
 var extractDomain = function (accessToken) {
-  try {
-    var decoded = corbel.jwt.decode(accessToken.replace('Bearer ', ''))
-    return decoded.domainId
-  } catch (e) {
+  var decoded = tokenVerifier(accessToken)
+  if (decoded) {
+    return decoded.getDomainId()
+  } else {
     logger.error('[Corbel-JS]', 'error:invalid:token', accessToken)
     return null
   }

src/lib/modules/cache.js

@@ -2,7 +2,6 @@
 
 var redisConnector = require('../connectors/redis')
 var logger = require('../../utils/composrLogger')
-var corbel = require('corbel-js')
 var timeParser = require('parse-duration')
 
 var DEFAULT_CACHE_DURATION = '1m'
@@ -53,22 +52,18 @@ function getKey (path, verb, authorization, version, type) {
   return identifier + '-' + version + '-' + verb + '-' + path
 }
 
-function getIdentifier (authorization, maybeType) {
+function getIdentifier (tokenObject, maybeType) {
   var type = maybeType || USER_CACHE_TYPE
   var identifier = 'no-token'
-  var authorizationSanitized = authorization ? authorization.replace('Bearer ', '') : ''
-
-  if (authorizationSanitized && type !== ANONYMOUS_CACHE_TYPE) {
-    try {
-      var decoded = corbel.jwt.decode(authorizationSanitized)
-      if (decoded.userId && type === USER_CACHE_TYPE) {
-        identifier = decoded.userId
-      } else if (decoded.clientId) {
-        identifier = decoded.clientId
-      }
-    } catch (e) {
-      logger.debug('[Cache]', 'Unable to parse authorization header', e)
+
+  if (tokenObject && type !== ANONYMOUS_CACHE_TYPE) {
+    if (tokenObject.isUser() && type === USER_CACHE_TYPE) {
+      identifier = tokenObject.getUserId()
+    } else if (tokenObject.getClientId()) {
+      identifier = tokenObject.getClientId()
     }
+  } else if (!tokenObject) {
+    logger.debug('[Cache]', 'Unable to parse authorization header')
   }
 
   return identifier

src/lib/phraseHooks/cacheHook.js

@@ -8,13 +8,12 @@ var engine = require('../engine')
 module.exports = function (phraseModel, verb) {
   if (engine.services.redis) {
     return function cacheHook (req, res, next) {
-      var authHeader = req.header('Authorization')
       var path = req.getHref()
 
       if (!req.header('Ignore-Cache') && phraseModel.json[verb].cache && verb === 'get') {
         logger.debug('[Cache-Hook]', 'Requesting to cache...')
 
-        cacheModule.get(path, verb, authHeader, phraseModel.getVersion(), phraseModel.json[verb].cache)
+        cacheModule.get(path, verb, req.tokenObject, phraseModel.getVersion(), phraseModel.json[verb].cache)
           .then(function (response) {
             if (response) {
               logger.debug('[Cache-Hook]', 'Found item, sending to client')
@@ -40,20 +39,3 @@ module.exports = function (phraseModel, verb) {
     return null
   }
 }
-
-/*
-
-function corbelDriverSetup (req, res, next) {
-  var authorization = req.headers.authorization
-
-  var corbelDriver = connection.getTokenDriver(authorization, true)
-  if (config.get('composrLog.logLevel') === 'debug') {
-    corbelDriver.on('request', function () {
-      logger.debug('[CorbelAuthHook]', '>>> corbelDriver request: ', arguments)
-    })
-  }
-
-  req.corbelDriver = corbelDriver
-
-  return next()
-}*/

src/lib/phraseHooks/corbelAuthHook.js

@@ -1,10 +1,9 @@
 'use strict'
 
 var connection = require('../connectors/corbel')
-var ComposrError = require('../ComposrError')
+var ComposrError = require('composr-core').ComposrError
 var logger = require('../../utils/composrLogger')
 var config = require('config')
-var corbel = require('corbel-js')
 var redisConnector = require('../connectors/redis')
 var timeParser = require('parse-duration')
 var yn = require('yn')
@@ -18,37 +17,27 @@ var signRequestsActive = yn(config.get('signRequests.active'))
  */
 module.exports.authUser = function () {
   return function authUser (req, res, next) {
-    var authHeader = req.header('Authorization') || ''
-    var token = authHeader.replace('Bearer ', '')
-
-    if (!token) {
+    if (!req.tokenObject) {
       logger.debug('[CorbelAuthHook]', 'Missing token')
       return next(new ComposrError('error:unauthorized', 'Authorization missing', 401))
     }
 
-    try {
-      var jwtDecoded = corbel.jwt.decode(token)
-
-      if (jwtDecoded.userId) {
-        req.userId = jwtDecoded.userId
-        var _key = 'req_signature-' + jwtDecoded.userId
-        /**
-         * Signing Composr API Requests
-         */
-        if (signRequestsActive) {
-          logger.debug('[CorbelAuthHook]', 'Storing request in redis...')
-          redisConnector.set(_key, token, _durationInMilliseconds)
-        }
-
-        logger.debug('[CorbelAuthHook]', 'Valid user token, continuing...')
-        return next()
-      } else {
-        logger.debug('[CorbelAuthHook]', 'Not a user token')
-        return next(new ComposrError('unauthorized:token', 'Only users can perform this action', 401))
+    if (req.tokenObject.isUser()) {
+      req.userId = req.tokenObject.getUserId()
+      var _key = 'req_signature-' + req.tokenObject.getUserId()
+      /**
+       * Signing Composr API Requests
+       */
+      if (signRequestsActive) {
+        logger.debug('[CorbelAuthHook]', 'Storing request in redis...')
+        redisConnector.set(_key, req.tokenObject.getToken(), _durationInMilliseconds)
       }
-    } catch (e) {
-      logger.debug('[CorbelAuthHook]', 'Malformed user token')
-      return next(new ComposrError('error:malformed:token', 'Your token is malformed', 400))
+
+      logger.debug('[CorbelAuthHook]', 'Valid user token, continuing...')
+      return next()
+    } else {
+      logger.debug('[CorbelAuthHook]', 'Not a user token')
+      return next(new ComposrError('unauthorized:token', 'Only users can perform this action', 401))
     }
   }
 }
@@ -58,22 +47,13 @@ module.exports.authUser = function () {
  */
 module.exports.authClient = function () {
   return function authClient (req, res, next) {
-    var authHeader = req.header('Authorization') || ''
-    var token = authHeader.replace('Bearer ', '')
-
-    if (!token) {
+    if (!req.tokenObject) {
       logger.debug('[CorbelAuthHook]', 'Missing token')
       return next(new ComposrError('error:unauthorized', 'Authorization missing', 401))
     }
 
-    try {
-      corbel.jwt.decode(token)
-      logger.debug('[CorbelAuthHook]', 'Valid client or user token, continuing...')
-      return next()
-    } catch (e) {
-      logger.debug('[CorbelAuthHook]', 'Malformed client token')
-      return next(new ComposrError('error:malformed:token', 'Your token is malformed', 400))
-    }
+    logger.debug('[CorbelAuthHook]', 'Valid client or user token, continuing...')
+    return next()
   }
 }
 
@@ -86,7 +66,7 @@ module.exports.authClient = function () {
  */
 module.exports.corbelDriverSetup = function () {
   return function corbelDriverSetup (req, res, next) {
-    var authorization = req.headers.authorization
+    var authorization = req.header('Authorization')
 
     var corbelDriver = connection.getTokenDriver(authorization, true)
     if (config.get('composrLog.logLevel') === 'debug') {

src/lib/phraseHooks/index.js

@@ -6,6 +6,9 @@ var _ = require('lodash')
 var mandatoryHooks = [{
   description: 'httpStartEvent hook',
   hookFunction: require('./httpStart')
+}, {
+  description: 'tokenObject hook',
+  hookFunction: require('./tokenObjectHook')
 }]
 
 var hooks = {

src/lib/phraseHooks/tokenObjectHook.js

@@ -0,0 +1,27 @@
+'use strict'
+
+var ComposrError = require('composr-core').ComposrError
+var logger = require('../../utils/composrLogger')
+var tokenVerifier = require('corbel-token-verifier')
+
+/**
+ * Token Object Middleware
+ */
+module.exports = function () {
+  return function tokenObjectHook (req, res, next) {
+    var authHeader = req.header('Authorization') || ''
+    var tokenObject = tokenVerifier(authHeader)
+
+    if (authHeader && !tokenObject) {
+      logger.debug('[CorbelAuthHook]', 'Malformed user token')
+      return next(new ComposrError('error:malformed:token', 'Your token is malformed', 400))
+    } else if (!tokenObject) {
+      logger.debug('[CorbelAuthHook]', 'Request without token')
+    } else {
+      logger.debug('[CorbelAuthHook]', 'Request with token')
+      req.tokenObject = tokenObject
+    }
+
+    return next()
+  }
+}

src/lib/phraseHooks/validateHook.js

@@ -1,5 +1,5 @@
 'use strict'
-var ComposrError = require('../ComposrError')
+var ComposrError = require('composr-core').ComposrError
 // TODO: Maybe we can find better packages than these
 var validateRaml = require('raml-validate')()
 var sanitizeRaml = require('raml-sanitize')()

src/lib/router.js

@@ -36,17 +36,16 @@ function analyzePhrase (acc) {
   }
 }
 
-function doCheckCache (routeItem, response, path, authorization) {
+function doCheckCache (routeItem, response, path, tokenObject) {
   if (routeItem.phrase.json[routeItem.verb].middlewares && routeItem.phrase.json[routeItem.verb].middlewares.indexOf('cache') !== -1) {
     var options = routeItem.phrase.json[routeItem.verb].cache
-
     switch (routeItem.verb) {
       case 'get':
-        hub.emit('cache-add', path, routeItem.verb, authorization, routeItem.phrase.getVersion(), response, options)
+        hub.emit('cache-add', path, routeItem.verb, tokenObject, routeItem.phrase.getVersion(), response, options)
         break
       default:
         // Another request deletes the 'get' path cache
-        hub.emit('cache-remove', path, 'get', authorization, routeItem.phrase.getVersion(), routeItem.domain, options)
+        hub.emit('cache-remove', path, 'get', tokenObject, routeItem.phrase.getVersion(), routeItem.domain, options)
     }
   }
 }
@@ -96,7 +95,7 @@ function executePhrase (req, res, next, routeItem) {
       hub.emit('phrase:execution:end', res.statusCode, routeItem.domain, routeItem.id, routeItem.verb)
 
       if (response.status.toString().indexOf('2') === 0) {
-        doCheckCache(routeItem, response, req.getHref(), req.header('Authorization'))
+        doCheckCache(routeItem, response, req.getHref(), req.tokenObject)
       }
 
       return next()

src/lib/server.js

@@ -5,7 +5,7 @@ var config = require('config')
 var bunyanLogger = require('../utils/bunyanLogger')
 var restify = require('restify')
 var jsonFormatter = restify.formatters['application/json; q=0.4']
-var ComposrError = require('./ComposrError')
+var ComposrError = require('composr-core').ComposrError
 
 var _server = {
   name: config.get('serverName'),

src/middlewares/http.js

@@ -4,7 +4,7 @@
 
 'use strict'
 
-var ComposrError = require('../lib/ComposrError')
+var ComposrError = require('composr-core').ComposrError
 var hub = require('../lib/hub')
 
 module.exports = function (restify, server, logger) {

src/routes/BaseResource.endpoint.js

@@ -1,7 +1,7 @@
 'use strict'
 var hub = require('../lib/hub')
 var connection = require('../lib/connectors/corbel')
-var ComposrError = require('../lib/ComposrError')
+var ComposrError = require('composr-core').ComposrError
 var logger = require('../utils/composrLogger')
 var auth = require('../lib/auth')
 

src/routes/doc.js

@@ -1,7 +1,7 @@
 'use strict'
 
 var engine = require('../lib/engine')
-var ComposrError = require('../lib/ComposrError')
+var ComposrError = require('composr-core').ComposrError
 
 module.exports = function (server) {
   server.get('/doc/:domain/', serveDocumentation)