Merge pull request #2 from httpland/beta

Beta

Author: TomokiMiyauci

CHANGELOG.md

@@ -1,3 +1,25 @@
+# [1.1.0-beta.3](https://github.com/httpland/authorization-parser/compare/1.1.0-beta.2...1.1.0-beta.3) (2023-05-02)
+
+
+### Performance Improvements
+
+* **parse:** optimize regex pattern ([b86dcd6](https://github.com/httpland/authorization-parser/commit/b86dcd6c5a5a8c88fbd0808b0775e5565870bdd0))
+
+# [1.1.0-beta.2](https://github.com/httpland/authorization-parser/compare/1.1.0-beta.1...1.1.0-beta.2) (2023-05-02)
+
+
+### Performance Improvements
+
+* **parse:** remove complex regex pattern ([dbed45b](https://github.com/httpland/authorization-parser/commit/dbed45bc16066302a38393292fd5906641a94223))
+* **parse:** simplify regex pattern ([9af9114](https://github.com/httpland/authorization-parser/commit/9af9114094ff5afe406a0bcda4437fa646b49ef2))
+
+# [1.1.0-beta.1](https://github.com/httpland/authorization-parser/compare/1.0.0...1.1.0-beta.1) (2023-04-29)
+
+
+### Features
+
+* use external validation for token ([1928b53](https://github.com/httpland/authorization-parser/commit/1928b535d796de70988bd792be4d423d8e4ec0e5))
+
 # 1.0.0 (2023-04-28)
 
 

_abnf.ts

@@ -1,44 +1,13 @@
-import {
-  atomic,
-  either,
-  maybe,
-  namedCapture,
-  sequence,
-  suffix,
-} from "npm:compose-regexp";
+import { either, namedCapture, sequence, suffix } from "npm:compose-regexp";
 import { optimize } from "https://esm.sh/regexp-tree";
 
 const tchar = /[!#$%&'*+.^_`|~\dA-Za-z-]/;
-const token = atomic(suffix("+", tchar));
-const authScheme = namedCapture("authScheme", token);
+const token = suffix("+", tchar);
 const SP = / /;
-const ALPHA = /[A-Za-z]/;
-const DIGIT = /\d/;
-const token68 = sequence(
-  atomic(suffix("+", either(ALPHA, DIGIT, /[-._~+/]/))),
-  atomic(suffix("*", "=")),
-);
-
-const challenge = sequence(
-  authScheme,
-  maybe(
-    atomic(suffix("+", SP)),
-    either(
-      namedCapture("token68", token68),
-      namedCapture("authParam", atomic(/.*/)),
-    ),
-  ),
-);
 
 const OWS = /[ \t]*/;
 const BWS = OWS;
 
-const element = sequence(
-  atomic(
-    maybe(atomic(/.*?/), atomic(suffix("*", OWS, ",", OWS, maybe(/.*?/)))),
-  ),
-);
-
 const DQUOTE = /"/;
 const obsText = /[\x80-\xFF]/;
 const HTAB = /\t/;
@@ -48,7 +17,7 @@ const quotedPair = sequence("\\", either(HTAB, SP, VCHAR, obsText));
 
 const quotedString = sequence(
   DQUOTE,
-  atomic(suffix("*", either(qdtext, quotedPair))),
+  suffix("*", either(qdtext, quotedPair)),
   DQUOTE,
 );
 
@@ -64,13 +33,5 @@ const authParam = sequence(
 );
 
 if (import.meta.main) {
-  console.log("challenge:", optimize(challenge).toRegExp());
-  console.log("element: ", element);
   console.log("authParam: ", optimize(authParam).toRegExp());
-  console.log("token: ", optimize(token).toRegExp());
-  console.log("token68: ", optimize(token68).toRegExp());
-  console.log(
-    "quoted-string: ",
-    optimize(quotedString).toRegExp(),
-  );
 }

_dev_deps.ts

@@ -1,6 +1,7 @@
 export {
   assert,
   assertEquals,
+  assertFalse,
   assertIsError,
   assertThrows,
 } from "https://deno.land/[email protected]/testing/asserts.ts";

_tools/meta.ts

@@ -44,11 +44,6 @@ export const makeOptions = (version: string): BuildOptions => ({
       version: "1.2.0",
       subPath: "to_lower_case.js",
     },
-    "https://deno.land/x/[email protected]/trim.ts": {
-      name: "@miyauci/prelude",
-      version: "1.2.0",
-      subPath: "trim.js",
-    },
     "https://deno.land/x/[email protected]/head.ts": {
       name: "@miyauci/prelude",
       version: "1.2.0",
@@ -64,5 +59,24 @@ export const makeOptions = (version: string): BuildOptions => ({
       version: "1.3.1",
       subPath: "is_nullable.js",
     },
+    "https://deno.land/x/[email protected]/quoted_string.ts": {
+      name: "@httpland/http-utils",
+      version: "1.2.0",
+      subPath: "quoted_string.js",
+    },
+    "https://deno.land/x/[email protected]/token.ts": {
+      name: "@httpland/http-utils",
+      version: "1.2.0",
+      subPath: "token.js",
+    },
+    "https://deno.land/x/[email protected]/list.ts": {
+      name: "@httpland/http-utils",
+      version: "1.2.0",
+      subPath: "list.js",
+    },
+    "https://esm.sh/[email protected]?pin=v118": {
+      name: "escape-string-regexp",
+      version: "5.0.0",
+    },
   },
 });

_tools/publish_npm.ts

@@ -16,11 +16,12 @@ if (import.meta.main) {
   const tag = isPrerelease?.[0] ?? "latest";
 
   const pkg = makeOptions(version);
-  const result = await Deno.run({
-    cmd: ["npm", "publish", pkg.outDir, "--tag", String(tag)],
-    stdout: "piped",
-  })
-    .output();
+  const command = new Deno.Command("npm", {
+    args: ["publish", pkg.outDir, "--tag", String(tag)],
+  });
+  const result = await command.output();
 
-  console.log(new TextDecoder().decode(result));
+  if (!result.success) {
+    console.error(new TextDecoder().decode(result.stderr));
+  }
 }

authorization.json

@@ -97,6 +97,11 @@
     "header": "<invalid>",
     "must_fail": true
   },
+  {
+    "name": "invalid params",
+    "header": "scheme==",
+    "must_fail": true
+  },
   {
     "name": "token68 and auth param",
     "header": "Basic YWxhZGRpbjpvcGVuc2VzYW1l a=a",

deno.json

@@ -4,19 +4,13 @@
     "build:npm": "deno run -A _tools/build_npm.ts"
   },
   "fmt": {
-    "files": {
-      "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
-    }
+    "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
   },
   "lint": {
-    "files": {
-      "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
-    }
+    "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
   },
   "test": {
-    "files": {
-      "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
-    }
+    "exclude": ["CHANGELOG.md", "CODE_OF_CONDUCT.md"]
   },
   "compilerOptions": {
     "noImplicitReturns": true,

deno.lock

@@ -2,8 +2,17 @@
 // This module is browser compatible.
 
 export { toLowerCase } from "https://deno.land/x/[email protected]/to_lower_case.ts";
-export { trim } from "https://deno.land/x/[email protected]/trim.ts";
 export { head } from "https://deno.land/x/[email protected]/head.ts";
 export { isString } from "https://deno.land/x/[email protected]/is_string.ts";
 export { isNullable } from "https://deno.land/x/[email protected]/is_nullable.ts";
 export { mapValues } from "https://deno.land/[email protected]/collections/map_values.ts";
+export {
+  isQuotedString,
+  type QuotedString,
+} from "https://deno.land/x/[email protected]/quoted_string.ts";
+export {
+  isToken,
+  type Token,
+} from "https://deno.land/x/[email protected]/token.ts";
+export { parseListFields } from "https://deno.land/x/[email protected]/list.ts";
+export { default as escapeStringRegExp } from "https://esm.sh/[email protected]?pin=v118";

deps.ts

@@ -1,15 +1,19 @@
 // Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
 // This module is browser compatible.
 
-import { duplicate, parseList } from "./utils.ts";
-import { head, isString, toLowerCase } from "./deps.ts";
+import { divideWhile, duplicate, isToken68, trimStartBy } from "./utils.ts";
+import {
+  head,
+  isString,
+  isToken,
+  parseListFields,
+  type QuotedString,
+  type Token,
+  toLowerCase,
+} from "./deps.ts";
 import { Msg } from "./constants.ts";
 import type { Authorization, AuthParams } from "./types.ts";
 
-/** Generate from _abnf.ts. */
-const reAuthorization =
-  /^(?<authScheme>(?=([\w!#$%&'*+.^`|~-]+))\2)(?:(?=( +))\3(?:(?<token68>(?=((?:[A-Za-z]|\d|[+./_~-])+))\5(?=(=*))\6)|(?<authParam>(?=(.*))\8)))?$/;
-
 /** Parse string into {@link Authorization}.
  *
  * @example
@@ -39,28 +43,28 @@ const reAuthorization =
  * @throws {Error} If the auth param key is duplicated.
  */
 export function parseAuthorization(input: string): Authorization {
-  const result = reAuthorization.exec(input);
+  const result = divideWhile(input, isToken);
 
-  if (!result || !result.groups) throw SyntaxError(Msg.InvalidSyntax);
+  if (!result) throw new SyntaxError(Msg.InvalidSyntax);
 
-  const groups = result.groups as ParsedGroups;
-  const { authScheme } = groups;
-  const params = isString(groups.authParam)
-    ? parseAuthParams(groups.authParam)
-    : groups.token68;
+  const [authScheme, rest] = result;
 
-  return { authScheme, params: params ?? null };
-}
+  // challenge = auth-scheme
+  if (!rest) return { authScheme, params: null };
+  if (!rest.startsWith(" ")) throw new SyntaxError(Msg.InvalidSyntax);
 
-type ParsedGroups = {
-  readonly authScheme: string;
-  readonly token68: string | undefined;
-  readonly authParam: string | undefined;
-};
+  const maybeToken68OrAuthParam = trimStartBy(rest, " ");
 
-/** Generate from _abnf.ts. */
-const reAuthParam =
-  /^(?<key>(?=([\w!#$%&'*+.^`|~-]+))\2)[\t ]*=[\t ]*(?:(?<token>(?=([\w!#$%&'*+.^`|~-]+))\4)|(?<quotedString>"(?=((?:\t| |!|[ \x23-\x5B\x5D-\x7E]|[\x80-\xFF]|\\(?:\t| |[\x21-\x7E]|[\x80-\xFF]))*))\6"))$/;
+  // challenge = auth-scheme [ 1*SP ( token68 ) ]
+  if (isToken68(maybeToken68OrAuthParam)) {
+    return { authScheme, params: maybeToken68OrAuthParam };
+  }
+
+  // challenge = auth-scheme [ 1*SP ( #auth-param ) ]
+  const params = parseAuthParams(maybeToken68OrAuthParam);
+
+  return { authScheme, params };
+}
 
 type AuthParamGroups =
   & { key: string }
@@ -69,26 +73,13 @@ type AuthParamGroups =
     quotedString: string;
   });
 
-/** Parse string into {@link AuthParam}.
+/** Parse string into {@link AuthParams}.
  * @throws {SyntaxError} It the input is invalid [auth-param](https://www.rfc-editor.org/rfc/rfc9110.html#section-11.2-5).
  * @throws {Error} If the auth param key is duplicated.
  */
 export function parseAuthParams(input: string): AuthParams {
-  const list = parseList(input);
-
-  const entries = list.map((el) => {
-    const result = reAuthParam.exec(el);
-
-    if (!result || !result.groups) throw SyntaxError(Msg.InvalidSyntax);
-
-    const groups = result.groups as AuthParamGroups;
-    const value = isString(groups.token)
-      ? groups.token
-      : groups.quotedString.replace(/\\(.)/g, "$1");
-
-    return [groups.key, value] as const;
-  });
-
+  const list = parseListFields(input);
+  const entries = list.map(parseAuthParam);
   const duplicates = duplicate(
     entries
       .map<string>(head)
@@ -99,3 +90,25 @@ export function parseAuthParams(input: string): AuthParams {
 
   return Object.fromEntries(entries);
 }
+
+type AuthParam = [key: string, value: Token | QuotedString];
+
+/** Generate from _abnf.ts. */
+const reAuthParam =
+  /^(?<key>[\w!#$%&'*+.^`|~-]+?)[\t ]*?=[\t ]*?(?:(?<token>[\w!#$%&'*+.^`|~-]+?)|(?<quotedString>"(?:[\t !\x23-\x5B\x5D-\x7E\x80-\xFF]|\\[\t \x21-\x7E\x80-\xFF])*?"))$/;
+
+/** Parse string into {@link AuthParam}.
+ * @throws {SyntaxError} It the input is invalid [auth-param](https://www.rfc-editor.org/rfc/rfc9110.html#section-11.2-5).
+ */
+function parseAuthParam(input: string): AuthParam {
+  const result = reAuthParam.exec(input);
+
+  if (!result || !result.groups) throw new SyntaxError(Msg.InvalidSyntax);
+
+  const groups = result.groups as AuthParamGroups;
+  const value = isString(groups.token)
+    ? groups.token as Token
+    : groups.quotedString.replace(/\\(.)/g, "$1") as QuotedString;
+
+  return [groups.key as Token, value];
+}