Merge pull request #2 from mayademcom/create-authorization-decorator

Create authorization decorator

Author: mfozmen

package-lock.json

@@ -21,11 +21,7 @@
     "test:e2e": "jest --config ./test/jest-e2e.json"
   },
   "peerDependencies": {
-    "@nestjs/common": "^11.0.1",
-    "@nestjs/core": "^11.0.1",
-    "@nestjs/platform-express": "^11.0.1",
-    "reflect-metadata": "^0.2.2",
-    "rxjs": "^7.8.1"
+    "@nestjs/common": "^11.x"
   },
   "devDependencies": {
     "@eslint/eslintrc": "^3.2.0",

package.json

@@ -0,0 +1,163 @@
+import { ExecutionContext, UnauthorizedException } from '@nestjs/common';
+import { ROUTE_ARGS_METADATA } from '@nestjs/common/constants';
+import { Authorization } from './authorization.decorator';
+import Chance from 'chance';
+import { AuthorizationOptions } from '../models';
+
+interface ParamMetadata {
+  index: number;
+  factory: (data: any, ctx: ExecutionContext) => string | null;
+}
+describe('Authorization Decorator', () => {
+  const chance = new Chance();
+
+  function getParamDecoratorFactory(options?: AuthorizationOptions) {
+    class TestController {
+      public getDecoratorValue(@Authorization(options) value: string) {
+        return value;
+      }
+    }
+
+    const args = Reflect.getMetadata(
+      ROUTE_ARGS_METADATA,
+      TestController,
+      'getDecoratorValue',
+    ) as Record<string, ParamMetadata>;
+
+    return args[Object.keys(args)[0]].factory;
+  }
+
+  let mockExecutionContext: ExecutionContext;
+
+  beforeEach(() => {
+    mockExecutionContext = {
+      switchToHttp: jest.fn().mockReturnValue({
+        getRequest: jest.fn(),
+      }),
+    } as unknown as ExecutionContext;
+  });
+
+  it('should extract token with Bearer prefix', () => {
+    const token = chance.string({ length: 20 });
+    const mockRequest = {
+      headers: { authorization: `Bearer ${token}` },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory();
+    const actualToken = factory(undefined, mockExecutionContext);
+
+    expect(actualToken).toBe(token);
+  });
+
+  it('should return null when no authorization header', () => {
+    const mockRequest = { headers: {} };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory();
+    const actualToken = factory(undefined, mockExecutionContext);
+
+    expect(actualToken).toBeNull();
+  });
+
+  it('should extract token without prefix', () => {
+    const token = chance.string({ length: 20 });
+    const mockRequest = {
+      headers: { authorization: token },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory();
+    const actualToken = factory(undefined, mockExecutionContext);
+
+    expect(actualToken).toBe(token);
+  });
+
+  it('should throw when required and missing', () => {
+    const mockRequest = { headers: {} };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory({ required: true });
+
+    expect(() => factory({ required: true }, mockExecutionContext)).toThrow(
+      UnauthorizedException,
+    );
+  });
+
+  it('should handle custom prefix', () => {
+    const token = chance.string({ length: 20 });
+    const mockRequest = {
+      headers: { authorization: `Token ${token}` },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory({
+      prefix: 'Token',
+    });
+    const actualToken = factory({ prefix: 'Token' }, mockExecutionContext);
+
+    expect(actualToken).toBe(token);
+  });
+
+  it('should return token as-is when no prefix matches', () => {
+    const token = chance.string({ length: 20 });
+    const mockRequest = {
+      headers: { authorization: `CustomPrefix ${token}` },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory();
+    const actualToken = factory(undefined, mockExecutionContext);
+
+    expect(actualToken).toBe(`CustomPrefix ${token}`);
+  });
+
+  it('should handle empty prefix option', () => {
+    const token = chance.string({ length: 20 });
+    const mockRequest = {
+      headers: { authorization: token },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory({ prefix: '' });
+    const actualToken = factory({ prefix: '' }, mockExecutionContext);
+
+    expect(actualToken).toBe(token);
+  });
+
+  it('should return empty when prefix matches but token part is empty', () => {
+    const mockRequest = {
+      headers: { authorization: 'Bearer' },
+    };
+
+    (
+      mockExecutionContext.switchToHttp().getRequest as jest.Mock
+    ).mockReturnValue(mockRequest);
+
+    const factory = getParamDecoratorFactory();
+    const actualToken = factory(undefined, mockExecutionContext);
+
+    expect(actualToken).toBe('');
+  });
+});

src/decorators/authorization.decorator.spec.ts

@@ -0,0 +1,48 @@
+// decorators/authorization.decorator.ts
+
+import {
+  ExecutionContext,
+  UnauthorizedException,
+  createParamDecorator,
+} from '@nestjs/common';
+
+import { AuthorizationOptions } from '../models';
+
+/**
+ * Extract authorization token from request headers
+ * @example
+ * // Required token (throws if missing)
+ * async webhook(@Authorization({ required: true }) token: string) {}
+ *
+ * // Optional token
+ * async webhook(@Authorization() token: string | null) {}
+ *
+ * // Custom prefix
+ * async webhook(@Authorization({ prefix: 'Token' }) token: string) {}
+ */
+export const Authorization = createParamDecorator(
+  (
+    data: AuthorizationOptions | undefined,
+    ctx: ExecutionContext,
+  ): string | null => {
+    const { required = false, prefix = 'Bearer' } = data || {};
+
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
+    const request = ctx.switchToHttp().getRequest();
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+    const authHeader = request.headers.authorization as string;
+    if (required && !authHeader)
+      throw new UnauthorizedException('Authorization header is required');
+
+    if (authHeader) return parseToken(authHeader, prefix);
+
+    return null;
+  },
+);
+
+function parseToken(authHeader: string, prefix?: string) {
+  if (prefix && authHeader.startsWith(prefix))
+    return authHeader.substring(prefix.length).trim();
+
+  return authHeader;
+}

src/decorators/authorization.decorator.ts

@@ -0,0 +1 @@
+export * from './authorization.decorator';

src/decorators/index.ts

@@ -1 +1,4 @@
+export * from './decorators/authorization.decorator';
 export * from './hasura.module';
+export * from './hasura.service';
+export * from './models';

src/index.ts

@@ -0,0 +1,4 @@
+export interface AuthorizationOptions {
+  required?: boolean;
+  prefix?: string;
+}

src/models/authorization-options.interface.ts

@@ -1,3 +1,4 @@
 export * from './hasura-config.interface';
 export * from './hasura-async-config.type';
 export * from './hasura-request-builder.interface';
+export * from './authorization-options.interface';