/
user_manager.ts
99 lines (90 loc) · 3.63 KB
/
user_manager.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
import { IUserManager, UARoleSet } from "node-opcua-address-space";
import { NodeId } from "node-opcua-nodeid";
import { IdentityMappingRuleType } from "node-opcua-types";
import { make_errorLog } from "node-opcua-debug";
import { ServerSession } from "./server_session";
const errorLog = make_errorLog(__filename);
export type ValidUserFunc = (this: ServerSession, username: string, password: string) => boolean;
export type ValidUserAsyncFunc = (
this: ServerSession,
username: string,
password: string,
callback: (err: Error | null, isAuthorized?: boolean) => void
) => void;
export interface IUserManagerEx extends IUserManager {
/** synchronous function to check the credentials - can be overruled by isValidUserAsync */
isValidUser?: ValidUserFunc;
/** asynchronous function to check if the credentials - overrules isValidUser */
isValidUserAsync?: ValidUserAsyncFunc;
}
export type UserManagerOptions = IUserManagerEx | UAUserManagerBase;
export interface IUAUserManager extends IUserManager {
getUserRoles(user: string): NodeId[];
isValidUser(session: ServerSession, username: string, password: string): Promise<boolean>;
getIdentitiesForRole(role: NodeId): IdentityMappingRuleType[];
}
export abstract class UAUserManagerBase implements IUAUserManager {
getUserRoles(user: string): NodeId[] {
throw new Error("Method not implemented.");
}
isValidUser(session: ServerSession, username: string, password: string): Promise<boolean> {
throw new Error("Method not implemented.");
}
getIdentitiesForRole(role: NodeId): IdentityMappingRuleType[] {
return [];
}
bind(roleSet: UARoleSet): void {
/** */
}
}
export class UAUserManager1 extends UAUserManagerBase {
constructor(private options: IUserManagerEx) {
super();
}
getUserRoles(user: string): NodeId[] {
if (!this.options.getUserRoles) return [];
try {
return this.options.getUserRoles(user);
} catch (err) {
errorLog("[NODE-OPCUA-E27] userManager provided getUserRoles method has thrown an exception, please fix your code! ");
errorLog(err);
return [];
}
}
async isValidUser(session: ServerSession, username: string, password: string): Promise<boolean> {
if (typeof this.options.isValidUserAsync === "function") {
return new Promise<boolean>((resolve, reject) => {
this.options.isValidUserAsync?.call(session, username, password, (err, isAuthorized) => {
if (err) return reject();
resolve(isAuthorized!);
});
});
} else if (typeof this.options.isValidUser === "function") {
try {
const authorized = this.options.isValidUser!.call(session, username, password);
return authorized;
} catch (err) {
errorLog("[NODE-OPCUA-E26] userManager provided isValidUser method has thrown an exception, please fix your code!");
errorLog(err);
return false;
}
} else {
return false;
}
}
getIdentitiesForRole(role: NodeId): IdentityMappingRuleType[] {
return [];
}
}
export function makeUserManager(options?: UserManagerOptions): UAUserManagerBase {
if (options instanceof UAUserManagerBase) {
return options;
}
options = options || {};
if (typeof options.isValidUser !== "function") {
options.isValidUser = (/*userName,password*/) => {
return false;
};
}
return new UAUserManager1(options as IUserManagerEx);
}