(req: IncomingMessage, expectedToken: string, rpcBody: string | undefined)
| 340 | } |
| 341 | |
| 342 | function isAuthorized(req: IncomingMessage, expectedToken: string, rpcBody: string | undefined) { |
| 343 | const requestToken = resolveRequestToken(req, rpcBody); |
| 344 | return requestToken.length > 0 && timingSafeStringEqual(requestToken, expectedToken); |
| 345 | } |
| 346 | |
| 347 | function resolveRequestToken(req: IncomingMessage, rpcBody: string | undefined): string { |
| 348 | const authHeader = typeof req.headers.authorization === 'string' ? req.headers.authorization : ''; |
no test coverage detected