diff --git a/README.md b/README.md index e0a7dc1..43bc34a 100644 --- a/README.md +++ b/README.md @@ -802,6 +802,7 @@ app.use(oauth2Guard({ })); app.use((req, res, next) => { + // req.accessToken = 'ey123...'; // req.grantedAuthorities = ['caseworker', 'caseworker-jid']; // req.userClaims = { // sub: '', diff --git a/modules/oauth2/guard-middleware.js b/modules/oauth2/guard-middleware.js index 3d83df5..65a4d48 100644 --- a/modules/oauth2/guard-middleware.js +++ b/modules/oauth2/guard-middleware.js @@ -38,19 +38,19 @@ export const oauth2Guard = (config) => { config = withDefaults(config); return async (req, res, next) => { - const accessToken = config.accessTokenSupplier(req); + req.accessToken = config.accessTokenSupplier(req); - if (!accessToken) + if (!req.accessToken) return config.onError({req, res, next, error: 'Access token missing'}); try { - const claims = await config.jwtVerifier(accessToken); + const claims = await config.jwtVerifier(req.accessToken); const scopes = config.scopesExtractor(claims); req.grantedAuthorities = scopes; if (scopes.includes('profile')) { - req.userClaims = await config.userInfoRetriever(accessToken); + req.userClaims = await config.userInfoRetriever(req.accessToken); req.grantedAuthorities = config.rolesExtractor(req.userClaims); } diff --git a/modules/oauth2/guard-middleware.test.js b/modules/oauth2/guard-middleware.test.js index bd0ec65..17471f1 100644 --- a/modules/oauth2/guard-middleware.test.js +++ b/modules/oauth2/guard-middleware.test.js @@ -112,4 +112,16 @@ describe('oauth2Guard', () => { jwtVerifier: () => Promise.resolve({'scope': 'data-store/scope1 data-store/scope2'}), })(req, res, next); }); + + test('should populate access token', (done) => { + const req = newReq({authorization: 'Bearer validJwtToken'}); + const res = {}; + const next = () => { + expect(req.accessToken).toEqual('validJwtToken'); + done(); + }; + oauth2Guard({ + jwtVerifier: () => Promise.resolve({'scope': 'test'}), + })(req, res, next); + }); });