yetangitu/OpenSTF
1
0
Fork 0
mirror of https://github.com/openstf/stf synced 2025-10-04 18:29:17 +02:00
Code Issues Releases Wiki Activity

Use capital letter in Bearer as per rfc spec

Browse source
This commit is contained in:
Vishal Banthia 2015-12-18 16:00:24 +09:00
parent b1f7f67eb7
commit 484e56be12
2 changed files with 15 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

22
doc/API.md
View file

@ -22,7 +22,7 @@ Put access token in the header of every request
Curl Sample Curl Sample
```bash ```bash
curl -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user curl -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user
``` ```
NodeJS Sample NodeJS Sample
@ -37,7 +37,7 @@ var AUTH_TOKEN = 'xx-xxxx-xx';
var client = new Swagger({ var client = new Swagger({
url: SWAGGER_URL url: SWAGGER_URL
, authorizations: { , authorizations: {
accessTokenAuth: new Swagger.ApiKeyAuthorization('Authorization', 'bearer ' + AUTH_TOKEN, 'header') accessTokenAuth: new Swagger.ApiKeyAuthorization('Authorization', 'Bearer ' + AUTH_TOKEN, 'header')
} }
, success: function() { , success: function() {
client.user.getUser(function(user) { client.user.getUser(function(user) {
@ -51,7 +51,7 @@ var clientWithPromise = new Swagger({
url: SWAGGER_URL url: SWAGGER_URL
, usePromise: true , usePromise: true
, authorizations: { , authorizations: {
accessTokenAuth: new Swagger.ApiKeyAuthorization('Authorization', 'bearer ' + AUTH_TOKEN, 'header') accessTokenAuth: new Swagger.ApiKeyAuthorization('Authorization', 'Bearer ' + AUTH_TOKEN, 'header')
} }
}) })
@ -75,7 +75,7 @@ GET /api/v1/devices
Curl Sample Curl Sample
```bash ```bash
curl -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/devices curl -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/devices
``` ```
NodeJS Sample NodeJS Sample
@ -108,7 +108,7 @@ GET /api/v1/devices/{serial}
Curl Sample Curl Sample
```bash ```bash
curl -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/devices/xxxxxxxxx curl -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/devices/xxxxxxxxx
``` ```
NodeJS Sample NodeJS Sample
@ -142,7 +142,7 @@ GET /api/v1/user
Curl Sample Curl Sample
```bash ```bash
curl -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user curl -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user
``` ```
NodeJS Sample NodeJS Sample
@ -167,7 +167,7 @@ GET /api/v1/user/devices
Curl Sample Curl Sample
```bash ```bash
curl -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices curl -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices
``` ```
NodeJS Sample NodeJS Sample
@ -198,7 +198,7 @@ POST /api/v1/user/devices
Curl Sample Curl Sample
```bash ```bash
curl -X POST --header "Content-Type:application/json" --data '{"serial":"EP7351U3WQ"}' -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices curl -X POST --header "Content-Type:application/json" --data '{"serial":"EP7351U3WQ"}' -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices
``` ```
NodeJS Sample NodeJS Sample
@ -226,7 +226,7 @@ DELETE /api/v1/user/devices/{serial}
Curl Sample Curl Sample
```bash ```bash
curl -X DELETE -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial} curl -X DELETE -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial}
``` ```
NodeJS Sample NodeJS Sample
@ -254,7 +254,7 @@ POST /api/v1/user/devices/{serial}/remoteConnect
Curl Sample Curl Sample
```bash ```bash
curl -X POST --header "Content-Type:application/json" -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial}/remoteConnect curl -X POST --header "Content-Type:application/json" -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial}/remoteConnect
``` ```
NodeJS Sample NodeJS Sample
@ -280,7 +280,7 @@ DELETE /api/v1/user/devices/{serial}/remoteConnect
Curl Sample Curl Sample
```bash ```bash
curl -X DELETE -H "Authorization: bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial}/remoteConnect curl -X DELETE -H "Authorization: Bearer OAUTH-TOKEN" https://stf.example.org/api/v1/user/devices/{serial}/remoteConnect
``` ```
NodeJS Sample NodeJS Sample

6
lib/units/api/helpers/securityHandlers.js
View file

@ -9,16 +9,18 @@ module.exports = {
accessTokenAuth: accessTokenAuth accessTokenAuth: accessTokenAuth
} }
// Specifications: https://tools.ietf.org/html/rfc6750#section-2.1
function accessTokenAuth(req, res, next) { function accessTokenAuth(req, res, next) {
if (req.headers.authorization) { if (req.headers.authorization) {
var authHeader = req.headers.authorization.split(' ') var authHeader = req.headers.authorization.split(' ')
, format = authHeader[0] , format = authHeader[0]
, tokenId = authHeader[1] , tokenId = authHeader[1]
if (format !== 'bearer') { if (format !== 'Bearer') {
return res.status(401).json({ return res.status(401).json({
success: false success: false
, description: 'Authorization header should be in "bearer $AUTH_TOKEN" format' , description: 'Authorization header should be in "Bearer $AUTH_TOKEN" format'
}) })
} }