Parse and create HTTP Authorization headers.
ISC License
Parses and generates HTTP Authorization and Proxy-Authorization headers strictly following RFC-7235. Supports legacy style auth-schemes (Basic, Digest, Bearer) as well as the more modern key-value auth params.
npm install --save @mitmaro/http-authorization-header
const http = require('http');
const {parse} = require('@mitmaro/http-authorization-header');
const httpServer = http.createServer((req, res) => {
const authHeader = req.getHeader('Authorization');
// authHeader => 'myscheme foo=bar, baz=foobar, buzz="quoted \"value!\""
const authData = parse(authHeader);
console.log(authData);
/*
{
scheme: 'myscheme',
values: [
['foo', 'bar'],
['baz', 'foobar],
['buzz', 'quotes "value!"']
]
}
*/
}).listen();
const {create, createToken68} = require('@mitmaro/http-authorization-header');
// legacy header value support (Basic, Digest, Bearer)
const basicAuthHeader = createToken68('Basic', Buffer.from('username:password').toString('base64'));
// Basic dXNlcm5hbWU6cGFzc3dvcmQ=
// modern form
const rfc7235Header = create('Custom', [['foo', 'bar'], ['foo', 'fuzz'], ['buzz', 'quoted "value!"']]);
// Custom foo=bar,foo=fuzz,buzz="quoted \"value!\""
const {
create,
createUnsafe,
createToken68,
createToken68Unsafe,
parse,
InvalidHeaderError,
InvalidInputError,
} = require('@mitmaro/http-authorization-header');
If the library is not in compliance with RFC-7235 then create an issue explaining the issue with sample data, or even better create a pull request that adds a test that fails.
Development is done using Node 8 and NPM 5, and tested against both Node 6 and Node 8. To get started
git clone [email protected]:MitMaro/http-authorization-header.git
cd http-authorization-header
npm install
npm run test
Based on auth-header which was licensed under CC0-1.0. This project is released under the ISC license.