initial commit

Author: cjihrig

.travis.yml

@@ -0,0 +1,6 @@
+sudo: false
+language: node_js
+node_js:
+  - "4"
+  - "5"
+  - "6"

README.md

@@ -1,2 +1,9 @@
 # nuisance
-hapi authentication requiring multiple strategies
+
+[![Current Version](https://img.shields.io/npm/v/nuisance.svg)](https://www.npmjs.org/package/nuisance)
+[![Build Status via Travis CI](https://travis-ci.org/continuationlabs/nuisance.svg?branch=master)](https://travis-ci.org/continuationlabs/nuisance)
+![Dependencies](http://img.shields.io/david/continuationlabs/nuisance.svg)
+
+[![belly-button-style](https://cdn.rawgit.com/continuationlabs/belly-button/master/badge.svg)](https://github.com/continuationlabs/belly-button)
+
+`nuisance` is a hapi plugin that allows multiple authentication strategies to be aggregated into a single strategy. hapi allows you specify multiple strategies on a route, however this approach only requires that a single strategy is successful. `nuisance`, on the other hand, requires that **all** of the strategies are successful.

lib/index.js

@@ -0,0 +1,38 @@
+'use strict';
+
+const Assert = require('assert');
+const Boom = require('boom');
+const Insync = require('insync');
+
+
+module.exports.register = function (server, options, next) {
+  server.auth.scheme('nuisance', function nuisanceScheme (server, options) {
+    Assert.strictEqual(Array.isArray(options.strategies), true);
+
+    return {
+      authenticate (request, reply) {
+        const credentials = {};
+
+        Insync.each(options.strategies, function eachIterator (strategy, next) {
+          server.auth.test(strategy, request, function testCb (err, creds) {
+            credentials[strategy] = creds;
+            next(err);
+          });
+        }, function eachCb (err) {
+          if (err) {
+            return reply(Boom.unauthorized());
+          }
+
+          reply.continue({ credentials });
+        });
+      }
+    };
+  });
+
+  next();
+};
+
+
+module.exports.register.attributes = {
+  pkg: require('../package.json')
+};

package.json

@@ -0,0 +1,41 @@
+{
+  "name": "nuisance",
+  "version": "0.1.0",
+  "description": "hapi authentication requiring multiple strategies",
+  "author": "Continuation Labs <contact@continuation.io> (http://continuation.io/)",
+  "main": "lib/index.js",
+  "homepage": "https://github.com/cjihrig/nuisance",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/cjihrig/nuisance"
+  },
+  "bugs": {
+    "url": "https://github.com/cjihrig/nuisance/issues"
+  },
+  "license": "MIT",
+  "scripts": {
+    "lint": "belly-button -f",
+    "test": "npm run lint && lab -v -a code -c"
+  },
+  "engines": {
+    "node": ">=4.0.0"
+  },
+  "dependencies": {
+    "boom": "3.x.x",
+    "insync": "2.x.x"
+  },
+  "devDependencies": {
+    "belly-button": "2.x.x",
+    "code": "2.x.x",
+    "hapi": "13.x.x",
+    "lab": "10.x.x"
+  },
+  "keywords": [
+    "hapi",
+    "plugin",
+    "auth",
+    "authentication",
+    "scheme",
+    "strategy"
+  ]
+}

test/index.js

@@ -0,0 +1,143 @@
+'use strict';
+
+const Boom = require('boom');
+const Code = require('code');
+const Hapi = require('hapi');
+const Lab = require('lab');
+const Plugin = require('../lib');
+
+const lab = exports.lab = Lab.script();
+const expect = Code.expect;
+const describe = lab.describe;
+const it = lab.it;
+
+function prepareServer (callback) {
+  const server = new Hapi.Server();
+
+  server.connection();
+  server.register([Plugin], (err) => {
+    if (err) {
+      return callback(err);
+    }
+
+    server.auth.scheme('test', function (server, options) {
+      return {
+        authenticate (request, reply) {
+          const header = request.headers[options.header];
+
+          if (header === options.value) {
+            return reply.continue({
+              credentials: { [options.header]: options.value }
+            });
+          }
+
+          reply(Boom.unauthorized());
+        }
+      };
+    });
+
+    server.auth.strategy('fooAuth', 'test', { header: 'foo', value: 42 });
+    server.auth.strategy('barAuth', 'test', { header: 'bar', value: 53 });
+    server.auth.strategy('bazAuth', 'test', { header: 'baz', value: 64 });
+
+    server.auth.strategy('fooOnly', 'nuisance', {
+      strategies: ['fooAuth']
+    });
+    server.auth.strategy('fooBar', 'nuisance', {
+      strategies: ['fooAuth', 'barAuth']
+    });
+    server.auth.strategy('fooBarBaz', 'nuisance', {
+      strategies: ['fooAuth', 'barAuth', 'bazAuth']
+    });
+
+    server.route([
+      {
+        method: 'GET',
+        path: '/foo',
+        config: {
+          auth: 'fooOnly',
+          handler: function (request, reply) {
+            reply(request.auth);
+          }
+        }
+      },
+      {
+        method: 'GET',
+        path: '/foo/bar',
+        config: {
+          auth: 'fooBar',
+          handler: function (request, reply) {
+            reply(request.auth);
+          }
+        }
+      },
+      {
+        method: 'GET',
+        path: '/foo/bar/baz',
+        config: {
+          auth: 'fooBarBaz',
+          handler: function (request, reply) {
+            reply(request.auth);
+          }
+        }
+      }
+    ]);
+
+    callback(null, server);
+  });
+}
+
+describe('Nuisance', () => {
+  it('authenticates multiple strategies at once', (done) => {
+    prepareServer((err, server) => {
+      expect(err).to.not.exist();
+
+      server.inject({
+        method: 'GET',
+        url: '/foo/bar/baz',
+        headers: {
+          foo: 42,
+          bar: 53,
+          baz: 64
+        }
+      }, (res) => {
+        expect(res.statusCode).to.equal(200);
+        expect(res.result).to.deep.include({
+          isAuthenticated: true,
+          credentials: {
+            fooAuth: { foo: 42 },
+            barAuth: { bar: 53 },
+            bazAuth: { baz: 64 }
+          },
+          strategy: 'fooBarBaz',
+          mode: 'required',
+          error: null
+        });
+        done();
+      });
+    });
+  });
+
+  it('authenticates fails if any strategies fail', (done) => {
+    prepareServer((err, server) => {
+      expect(err).to.not.exist();
+
+      server.inject({
+        method: 'GET',
+        url: '/foo/bar/baz',
+        headers: {
+          foo: 42,
+          bar: 53,
+          baz: 63 // fails
+        }
+      }, (res) => {
+        expect(res.statusCode).to.equal(401);
+        expect(res.result).to.deep.equal({
+          statusCode: 401,
+          error: 'Unauthorized'
+        });
+        done();
+      });
+    });
+  });
+});