Your IP : 216.73.216.14

Current Path : /var/www/fidelitychain/www/library/
Upload File :
Current File : //var/www/fidelitychain/www/library/checkAuth.js

const jwt = require('jsonwebtoken');
const axios = require('axios');
const jwkToPem = require('jwk-to-pem');

// curl -X POST -H "Content-Type: application/json" -H  "Authorization: Bearer eyJ4NXQiOiJZVEE1WmpZNVl6aGxPVFpoWVRRNU9EazJOell5WmpObFpEa3lZbUV5WmpJM05ESmtPRGsxWkRnd09XUmpPVFl6T0dSall6Z3pNek5rTUdNNU1USXlNZyIsImtpZCI6IllUQTVaalk1WXpobE9UWmhZVFE1T0RrMk56WXlaak5sWkRreVltRXlaakkzTkRKa09EazFaRGd3T1dSak9UWXpPR1JqWXpnek16TmtNR001TVRJeU1nX1JTMjU2IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImF1dCI6IkFQUExJQ0FUSU9OIiwiYXVkIjpbIjNrdWRTMWRVVkg1QjY1VGhScGtyOXpmUUxla2EiLCJodHRwczpcL1wvd3d3LmZ0Y29vcC5pdFwvSW5Db29wZXJhemlvbmVTZXJ2aWNlcyJdLCJuYmYiOjE2ODk2OTI4NDgsImF6cCI6IjNrdWRTMWRVVkg1QjY1VGhScGtyOXpmUUxla2EiLCJpc3MiOiJodHRwczpcL1wvYXV0aC50ZXN0LmluY29vcGVyYXppb25lLml0Ojk0NDNcL29hdXRoMlwvdG9rZW4iLCJleHAiOjE2ODk2OTY0NDgsImlhdCI6MTY4OTY5Mjg0OCwianRpIjoiOTkzNTY2MWMtOGY0ZS00M2YxLTgxZjUtYmRjNjQ3MTFmOWY3In0.bYVJ9dvQL63Z1E14im79P9M1LhZ7lPdBd7DTbN3XDy9r7NLlHeUtZdKTN7_eL2eGscflfYHFvA4ZPapaVYSM2dgdZpzD8S4AbGuDmRbAzAx81fesCBz7o9ovnSxS_nZPFn0PcBBdB8GMUF21fM4LfKkXxySpBqDxTVAlYil0wHlZ_ObMVwhcxJ6irSNtT8XdyGKFuREMEMWgoXGQ-ZC-5e_vCd112JRDdVeFMoIOa8A1YnvB5aPRdV44c1DjRkzPAAU8kl1saXvKv9C_avh1hc49mpoezsE50vPmo4XiPHcfiKarXn1qi1Yiu9FiRuBaTBIFDE4sLltXb6zovTda8w" -d '{"walletAddresses":["0xC3675843A73F7A850382e14F2528D1654368C6b6","0x99846f5FF165D66cC2BDEc067F989A3422365895"]}' http://127.0.0.1:6033/api/address2account


async function checkAuth(req, res, next) {
    const token = req.headers.authorization;
    if (!token) {
         return res.status(401).json({ message: 'Missing authorization token' });
    }
    const bearerToken = token.replace("Bearer ", "");

    const jwkUrl = 'https://auth.test.incooperazione.it:9443/oauth2/jwks';

    try {
        const response = await axios.get(jwkUrl);
        const jwk = response.data.keys[0];
//        console.log('JWK received:', jwk);
        const isValidToken = await validateToken(bearerToken, jwk);
        if (isValidToken) {
            next();
        } else {
            return res.status(401).json({ message: 'Invalid token [1001]' });
        }
    } catch (error) {
//        console.error('Error getting the JWK:', error);
        return res.status(401).json({ message: 'Invalid token [1002]' });
    }
}

async function validateToken(bearerToken, jwk) {
    return new Promise((resolve, reject) => {
        const pemPublicKey = jwkToPem(jwk);

        jwt.verify(bearerToken, pemPublicKey, (err, decoded) => {
            if (err) {
//                console.error('Error verifying token:', err);
                resolve(false); // Risolvi la promessa con false in caso di errore
            } else {
//                console.log('Decoded token:', decoded);
                resolve(true); // Risolvi la promessa con true se la verifica va a buon fine
            }
        });
    });
}

module.exports = {
    checkAuth
};