fix: Use @fastify/error to create errors FST_BEARER_AUTH_MISSING_AUTH…

…ORIZATION_HEADER and FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER (#179)

lib/errors.js

@@ -6,10 +6,14 @@ const FST_BEARER_AUTH_INVALID_KEYS_OPTION_TYPE = createError('FST_BEARER_AUTH_IN
 const FST_BEARER_AUTH_INVALID_LOG_LEVEL = createError('FST_BEARER_AUTH_INVALID_LOG_LEVEL', 'fastify.log does not have level \'%s\'')
 const FST_BEARER_AUTH_KEYS_OPTION_INVALID_KEY_TYPE = createError('FST_BEARER_AUTH_KEYS_OPTION_INVALID_KEY_TYPE', 'options.keys has to contain only string entries')
 const FST_BEARER_AUTH_INVALID_SPEC = createError('FST_BEARER_AUTH_INVALID_SPEC', 'options.specCompliance has to be set to \'rfc6750\' or \'rfc6749\'')
+const FST_BEARER_AUTH_MISSING_AUTHORIZATION_HEADER = createError('FST_BEARER_AUTH_MISSING_AUTHORIZATION_HEADER', 'missing authorization header', 401)
+const FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER = createError('FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER', 'invalid authorization header', 401)
 
 module.exports = {
   FST_BEARER_AUTH_INVALID_KEYS_OPTION_TYPE,
   FST_BEARER_AUTH_INVALID_LOG_LEVEL,
   FST_BEARER_AUTH_KEYS_OPTION_INVALID_KEY_TYPE,
-  FST_BEARER_AUTH_INVALID_SPEC
+  FST_BEARER_AUTH_INVALID_SPEC,
+  FST_BEARER_AUTH_MISSING_AUTHORIZATION_HEADER,
+  FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER
 }

lib/verify-bearer-auth-factory.js

@@ -4,7 +4,9 @@ const authenticate = require('./authenticate')
 const {
   FST_BEARER_AUTH_INVALID_KEYS_OPTION_TYPE,
   FST_BEARER_AUTH_KEYS_OPTION_INVALID_KEY_TYPE,
-  FST_BEARER_AUTH_INVALID_SPEC
+  FST_BEARER_AUTH_INVALID_SPEC,
+  FST_BEARER_AUTH_MISSING_AUTHORIZATION_HEADER,
+  FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER
 } = require('./errors')
 
 const validSpecs = new Set([
@@ -60,26 +62,27 @@ module.exports = function verifyBearerAuthFactory (options, done) {
       return authorizationHeader.substring(0, bearerTypePrefixLength).toLowerCase() !== bearerTypePrefix
     }
 
-  function handleUnauthorized (request, reply, done, message) {
-    const noHeaderError = Error(message)
-    if (verifyErrorLogLevel) request.log[verifyErrorLogLevel]('unauthorized: %s', noHeaderError.message)
+  function handleUnauthorized (request, reply, done, error) {
+    if (verifyErrorLogLevel) request.log[verifyErrorLogLevel]('unauthorized: %s', error.message)
     if (contentType) reply.header('content-type', contentType)
     reply.code(401)
     if (!addHook) {
-      done(noHeaderError)
+      done(error)
       return
     }
-    reply.send(errorResponse(noHeaderError))
+    reply.send(errorResponse(error))
   }
 
   return function verifyBearerAuth (request, reply, done) {
     const authorizationHeader = request.raw.headers.authorization
     if (!authorizationHeader) {
-      return handleUnauthorized(request, reply, done, 'missing authorization header')
+      const error = new FST_BEARER_AUTH_MISSING_AUTHORIZATION_HEADER()
+      return handleUnauthorized(request, reply, done, error)
     }
 
     if (verifyBearerType(authorizationHeader)) {
-      return handleUnauthorized(request, reply, done, 'invalid authorization header')
+      const error = new FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER()
+      return handleUnauthorized(request, reply, done, error)
     }
 
     const key = authorizationHeader.substring(bearerTypePrefixLength).trim()
@@ -106,7 +109,8 @@ module.exports = function verifyBearerAuthFactory (options, done) {
     Promise.resolve(retVal).then((val) => {
       // if val is not truthy return 401
       if (val === false) {
-        handleUnauthorized(request, reply, done, 'invalid authorization header')
+        const error = new FST_BEARER_AUTH_INVALID_AUTHORIZATION_HEADER()
+        handleUnauthorized(request, reply, done, error)
         return
       }
       if (val === true) {