chore: add param to make auth optional (to handle more granularly)

2025-12-10 23:20:05 +01:00 · 2025-01-05 20:57:45 +01:00 · 2025-01-05 20:57:45 +01:00 · d9597882bf
commit d9597882bf
parent 10a926c25b
3 changed files with 19 additions and 13 deletions
--- a/jwt-authorizer/src/authorizer.rs
+++ b/jwt-authorizer/src/authorizer.rs
@ -265,7 +265,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(self.into_iter().map(Arc::new).collect())
+        AuthorizationLayer::new(self.into_iter().map(Arc::new).collect(), false)
    }
 }

@ -274,7 +274,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(self.into_iter().collect())
+        AuthorizationLayer::new(self.into_iter().collect(), false)
    }
 }

@ -283,7 +283,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(self.into_iter().map(Arc::new).collect())
+        AuthorizationLayer::new(self.into_iter().map(Arc::new).collect(), false)
    }
 }

@ -292,7 +292,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(self.into_iter().collect())
+        AuthorizationLayer::new(self.into_iter().collect(), false)
    }
 }

@ -301,7 +301,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(vec![Arc::new(self)])
+        AuthorizationLayer::new(vec![Arc::new(self)], false)
    }
 }

@ -310,7 +310,7 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    fn into_layer(self) -> AuthorizationLayer<C> {
-        AuthorizationLayer::new(vec![self])
+        AuthorizationLayer::new(vec![self], false)
    }
 }

--- a/jwt-authorizer/src/builder.rs
+++ b/jwt-authorizer/src/builder.rs
@ -237,7 +237,7 @@ where
            )
            .await?,
        );
-        Ok(AuthorizationLayer::new(vec![auth]))
+        Ok(AuthorizationLayer::new(vec![auth], false))
    }

    pub async fn build(self) -> Result<Authorizer<C>, InitError> {
--- a/jwt-authorizer/src/layer.rs
+++ b/jwt-authorizer/src/layer.rs
@ -42,7 +42,11 @@ where
            .collect();

        if tkns_auths.is_empty() {
-            return Box::pin(future::ready(Err(AuthError::MissingToken())));
+            if self.token_optional {
+                return Box::pin(future::ready(Ok(request)));
+            } else {
+                return Box::pin(future::ready(Err(AuthError::MissingToken())));
+            }
        }

        Box::pin(async move {
@ -76,14 +80,15 @@ where
    C: Clone + DeserializeOwned + Send,
 {
    auths: Vec<Arc<Authorizer<C>>>,
+    token_optional: bool,
 }

 impl<C> AuthorizationLayer<C>
 where
    C: Clone + DeserializeOwned + Send,
 {
-    pub fn new(auths: Vec<Arc<Authorizer<C>>>) -> AuthorizationLayer<C> {
-        Self { auths }
+    pub fn new(auths: Vec<Arc<Authorizer<C>>>, token_optional: bool) -> AuthorizationLayer<C> {
+        Self { auths, token_optional }
    }
 }

@ -94,7 +99,7 @@ where
    type Service = AuthorizationService<S, C>;

    fn layer(&self, inner: S) -> Self::Service {
-        AuthorizationService::new(inner, self.auths.clone())
+        AuthorizationService::new(inner, self.auths.clone(), self.token_optional)
    }
 }

@ -122,6 +127,7 @@ where
 {
    pub inner: S,
    pub auths: Vec<Arc<Authorizer<C>>>,
+    pub token_optional: bool,
 }

 impl<S, C> AuthorizationService<S, C>
@ -150,8 +156,8 @@ where
    /// Authorize requests using a custom scheme.
    ///
    /// The `Authorization` header is required to have the value provided.
-    pub fn new(inner: S, auths: Vec<Arc<Authorizer<C>>>) -> AuthorizationService<S, C> {
-        Self { inner, auths }
+    pub fn new(inner: S, auths: Vec<Arc<Authorizer<C>>>, token_optional: bool) -> AuthorizationService<S, C> {
+        Self { inner, auths, token_optional }
    }
 }