From e92b0d9d40f1c9c3ead3a468b1ab448058adbe45 Mon Sep 17 00:00:00 2001 From: Chinmoy Chakraborty Date: Fri, 8 Sep 2023 14:27:34 +0530 Subject: [PATCH] Remove hardcoded IP and prevent service from crashing on error. --- src/guard/ws.guard.ts | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/guard/ws.guard.ts b/src/guard/ws.guard.ts index 149257e..bb5d19b 100644 --- a/src/guard/ws.guard.ts +++ b/src/guard/ws.guard.ts @@ -6,13 +6,17 @@ import * as jwt from 'jsonwebtoken'; const jwksClient = require('jwks-rsa'); const client = jwksClient({ - jwksUri: 'http://103.154.251.109:9011/.well-known/jwks.json', + jwksUri: process.env.TRANSPORT_SOCKET_JWT_AUTH_URL, requestHeaders: {}, // Optional timeout: 30000, // Defaults to 30s }); const getKey = (header, callback) => { client.getSigningKey(header.kid, function (err, key) { + if (err || !key || !(key.publicKey || key.rsaPublicKey)) { + callback(err, null); + return; + } const signingKey = key.publicKey || key.rsaPublicKey; callback(null, signingKey); }); @@ -27,18 +31,24 @@ export class WsGuard implements CanActivate { canActivate( context: any, ): boolean | any | Promise | Observable { - this.logger.error(`Trying to authenticate user`); + this.logger.log(`Trying to authenticate user`); const bearerToken = context.args[0].handshake.headers.authorization.split(' ')[1]; return new Promise(function (resolve, reject) { jwt.verify(bearerToken, getKey, function (err, decoded) { + if (err || !decoded || !decoded['sub'] || !decoded['preferred_username']) { + reject('User could not be resolved!'); + return; + } console.log(decoded); context.args[0].handshake.headers.userId = decoded.sub; context.args[0].handshake.headers.userPhone = decoded['preferred_username']; - if (err) resolve(false); resolve(true); }); + }) + .catch(err => { + this.logger.error(err); }); } }