(request)
| 250 | } |
| 251 | |
| 252 | async _authenticate(request) { |
| 253 | |
| 254 | const config = this.lookup(request.route); |
| 255 | |
| 256 | const errors = []; |
| 257 | request.auth.mode = config.mode; |
| 258 | |
| 259 | // Injection bypass |
| 260 | |
| 261 | if (request.auth.credentials) { |
| 262 | internals.validate(null, { credentials: request.auth.credentials, artifacts: request.auth.artifacts }, request.auth.strategy, config, request, errors); |
| 263 | return; |
| 264 | } |
| 265 | |
| 266 | // Try each strategy |
| 267 | |
| 268 | for (const name of config.strategies) { |
| 269 | const strategy = this.#strategies[name]; |
| 270 | |
| 271 | const bind = strategy.methods; |
| 272 | const realm = strategy.realm; |
| 273 | const response = await request._core.toolkit.execute(strategy.methods.authenticate, request, { bind, realm, auth: true }); |
| 274 | |
| 275 | const message = (response.isAuth ? internals.validate(response.error, response.data, name, config, request, errors) : internals.validate(response, null, name, config, request, errors)); |
| 276 | if (!message) { |
| 277 | return; |
| 278 | } |
| 279 | |
| 280 | if (message !== internals.missing) { |
| 281 | return message; |
| 282 | } |
| 283 | } |
| 284 | |
| 285 | // No more strategies |
| 286 | |
| 287 | const err = Boom.unauthorized('Missing authentication', errors); |
| 288 | if (config.mode === 'required') { |
| 289 | throw err; |
| 290 | } |
| 291 | |
| 292 | request.auth.isAuthenticated = false; |
| 293 | request.auth.credentials = null; |
| 294 | request.auth.error = err; |
| 295 | request._log(['auth', 'unauthenticated']); |
| 296 | } |
| 297 | |
| 298 | static access(request) { |
| 299 |
no test coverage detected