| 1007 | * @category security |
| 1008 | */ |
| 1009 | export const securityDecode = <Security extends HttpApiSecurity.HttpApiSecurity>( |
| 1010 | self: Security |
| 1011 | ): Effect.Effect< |
| 1012 | HttpApiSecurity.HttpApiSecurity.Type<Security>, |
| 1013 | never, |
| 1014 | HttpServerRequest.HttpServerRequest | HttpServerRequest.ParsedSearchParams |
| 1015 | > => { |
| 1016 | switch (self._tag) { |
| 1017 | case "Bearer": { |
| 1018 | return Effect.map( |
| 1019 | HttpServerRequest.HttpServerRequest, |
| 1020 | (request) => Redacted.make((request.headers.authorization ?? "").slice(bearerLen)) as any |
| 1021 | ) |
| 1022 | } |
| 1023 | case "ApiKey": { |
| 1024 | const key = self.in === "header" ? self.key.toLowerCase() : self.key |
| 1025 | const schema = Schema.Struct({ |
| 1026 | [key]: Schema.String |
| 1027 | }) |
| 1028 | const decode = unify( |
| 1029 | self.in === "query" |
| 1030 | ? HttpServerRequest.schemaSearchParams(schema) |
| 1031 | : self.in === "cookie" |
| 1032 | ? HttpServerRequest.schemaCookies(schema) |
| 1033 | : HttpServerRequest.schemaHeaders(schema) |
| 1034 | ) |
| 1035 | return Effect.match(decode, { |
| 1036 | onFailure: () => Redacted.make("") as any, |
| 1037 | onSuccess: (match) => Redacted.make(match[key]) |
| 1038 | }) |
| 1039 | } |
| 1040 | case "Basic": { |
| 1041 | const empty: HttpApiSecurity.HttpApiSecurity.Type<Security> = { |
| 1042 | username: "", |
| 1043 | password: Redacted.make("") |
| 1044 | } as any |
| 1045 | return HttpServerRequest.HttpServerRequest.pipe( |
| 1046 | Effect.flatMap((request) => Encoding.decodeBase64String((request.headers.authorization ?? "").slice(basicLen))), |
| 1047 | Effect.match({ |
| 1048 | onFailure: () => empty, |
| 1049 | onSuccess: (header) => { |
| 1050 | const parts = header.split(":") |
| 1051 | if (parts.length !== 2) { |
| 1052 | return empty |
| 1053 | } |
| 1054 | return { |
| 1055 | username: parts[0], |
| 1056 | password: Redacted.make(parts[1]) |
| 1057 | } as any |
| 1058 | } |
| 1059 | }) |
| 1060 | ) |
| 1061 | } |
| 1062 | } |
| 1063 | } |
| 1064 | |
| 1065 | /** |
| 1066 | * Set a cookie from an `HttpApiSecurity.HttpApiKey` instance. |