(params: {
req: http.IncomingMessage;
res: http.ServerResponse;
authHook: HttpAuthHook | null;
expectedToken?: string;
daemonRequest: Pick<DaemonRequest, 'command' | 'positionals'>;
})
| 775 | } |
| 776 | |
| 777 | async function authorizeAuxiliaryHttpRequest(params: { |
| 778 | req: http.IncomingMessage; |
| 779 | res: http.ServerResponse; |
| 780 | authHook: HttpAuthHook | null; |
| 781 | expectedToken?: string; |
| 782 | daemonRequest: Pick<DaemonRequest, 'command' | 'positionals'>; |
| 783 | }): Promise<{ tenantId?: string } | null> { |
| 784 | const { req, res, authHook, expectedToken, daemonRequest } = params; |
| 785 | const token = resolveToken({}, req.headers); |
| 786 | const tokenError = enforceDaemonToken(token, expectedToken); |
| 787 | if (tokenError) { |
| 788 | sendRestJsonError(res, tokenError); |
| 789 | return null; |
| 790 | } |
| 791 | |
| 792 | const syntheticRpc: JsonRpcRequest = { |
| 793 | jsonrpc: '2.0', |
| 794 | id: null, |
| 795 | method: 'agent_device.command', |
| 796 | }; |
| 797 | const authResult = await runHttpAuthHook(authHook, { |
| 798 | headers: req.headers, |
| 799 | rpcRequest: syntheticRpc, |
| 800 | daemonRequest: { |
| 801 | token, |
| 802 | session: 'default', |
| 803 | command: daemonRequest.command, |
| 804 | positionals: daemonRequest.positionals, |
| 805 | }, |
| 806 | }); |
| 807 | if (!authResult.ok) { |
| 808 | res.statusCode = authResult.statusCode; |
| 809 | res.setHeader('content-type', 'application/json'); |
| 810 | res.end( |
| 811 | JSON.stringify({ |
| 812 | ok: false, |
| 813 | error: |
| 814 | authResult.response.error?.data?.message ?? |
| 815 | authResult.response.error?.message ?? |
| 816 | 'Unauthorized', |
| 817 | }), |
| 818 | ); |
| 819 | return null; |
| 820 | } |
| 821 | |
| 822 | return { tenantId: authResult.tenantId }; |
| 823 | } |
| 824 | |
| 825 | function enforceDaemonToken( |
| 826 | requestToken: string, |
no test coverage detected