Updating router, exposing issues with current auth pipeline

avoidwork · Oct 22, 2019 · 2f99d0a · 2f99d0a
1 parent 257f73f
commit 2f99d0a
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 37 deletions.
diff --git a/lib/utility.js b/lib/utility.js
@@ -67,7 +67,7 @@ function auth (obj, config) {
 
 	let keys, sesh, fnCookie, fnSession, luscaCsp, luscaCsrf, luscaXframe, luscaP3p, luscaHsts, luscaXssProtection,
 		luscaNoSniff,
-		passportAuth, passportInit, passportSession;
+		passportInit, passportSession;
 
 	function csrfWrapper (req, res, next) {
 		if (req.unprotect) {
@@ -241,7 +241,7 @@ function auth (obj, config) {
 				}, authDelay);
 			}));
 
-			passportAuth = passport.authenticate("basic", {session: stateless === false});
+			const passportAuth = passport.authenticate("basic", {session: stateless === false});
 
 			if (async || config.auth.local.enabled) {
 				obj.get("/auth/basic", passportAuth).blacklist(passportAuth);
@@ -250,9 +250,7 @@ function auth (obj, config) {
 				obj.always(passportAuth).blacklist(passportAuth);
 			}
 		}());
-	}
-
-	if (config.auth.bearer.enabled) {
+	} else if (config.auth.bearer.enabled) {
 		(function () {
 			function validate (arg, cb) {
 				if (obj.config.auth.bearer.tokens.includes(arg)) {
@@ -276,7 +274,7 @@ function auth (obj, config) {
 				}, authDelay);
 			}));
 
-			passportAuth = passport.authenticate("bearer", {session: stateless === false});
+			const passportAuth = passport.authenticate("bearer", {session: stateless === false});
 
 			if (async || config.auth.local.enabled) {
 				obj.get("/auth/bearer", passportAuth).blacklist(passportAuth);
@@ -285,9 +283,7 @@ function auth (obj, config) {
 				obj.always(passportAuth).blacklist(passportAuth);
 			}
 		}());
-	}
-
-	if (config.auth.jwt.enabled) {
+	} else if (config.auth.jwt.enabled) {
 		(function () {
 			const opts = {
 				jwtFromRequest: ExtractJwt.fromAuthHeaderWithScheme(config.auth.jwt.scheme),
@@ -313,12 +309,10 @@ function auth (obj, config) {
 				}, authDelay);
 			}));
 
-			passportAuth = passport.authenticate("jwt", {session: false});
+			const passportAuth = passport.authenticate("jwt", {session: false});
 			obj.always(passportAuth).blacklist(passportAuth);
 		}());
-	}
-
-	if (config.auth.local.enabled) {
+	} else if (config.auth.local.enabled) {
 		passport.use(new LocalStrategy((username, password, done) => {
 			delay(() => {
 				config.auth.local.auth(username, password, (err, user) => {
@@ -351,9 +345,7 @@ function auth (obj, config) {
 
 			passportInit(req, res, mid);
 		};
-	}
-
-	if (config.auth.oauth2.enabled) {
+	} else if (config.auth.oauth2.enabled) {
 		passport.use(new OAuth2Strategy({
 			authorizationURL: config.auth.oauth2.auth_url,
 			tokenURL: config.auth.oauth2.token_url,
@@ -377,9 +369,7 @@ function auth (obj, config) {
 		obj.get("/auth/oauth2/callback", middleware.asyncFlag);
 		obj.get("/auth/oauth2/callback", passport.authenticate("oauth2", {failureRedirect: config.auth.uri.login}));
 		obj.get("/auth/oauth2/callback", redirect);
-	}
-
-	if (config.auth.saml.enabled) {
+	} else if (config.auth.saml.enabled) {
 		(function () {
 			let arg = config.auth.saml;
 

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "tenso",
   "description": "Tensō is an HTTP/HTTP2 REST API framework",
-  "version": "12.1.0",
+  "version": "12.2.0",
   "homepage": "http://avoidwork.github.io/tenso",
   "author": "Jason Mulligan <[email protected]>",
   "repository": {
@@ -47,7 +47,7 @@
     "tiny-merge": "^1.0.0",
     "tiny-uuid4": "^1.0.1",
     "tiny-xml": "^2.0.0",
-    "woodland": "^8.0.3",
+    "woodland": "^9.0.1",
     "yamljs": "^0.3.0",
     "yargs": "^14.2.0"
   },