search

node-oauth / node-oauth2-server

🚀 The successor to oauthjs/oauth2-server. 🔒 Complete, compliant, maintained and well tested OAuth2 Server for node.js. Includes native async await and PKCE.
https://www.npmjs.com/package/@node-oauth/oauth2-server
MIT License
288 stars 39 forks source link

Improve bearer validation #234

Closed jorenvandeweyer closed 11 months ago

jorenvandeweyer commented 1 year ago

Summary

Validate the bearer token with the correct regex as described in the spec.

Linked issue(s)

fixes #127

Involved parts of the project

authenticate handler

Added tests?

already existed

OAuth2 standard

https://datatracker.ietf.org/doc/html/rfc6750#section-2.1

Reproduction

NA

jankapunkt commented 1 year ago

Maybe we should also add a test or two, checking for a valid bearer token and a set of invalid bearer token.

jorenvandeweyer commented 1 year ago

Maybe we should also add a test or two, checking for a valid bearer token and a set of invalid bearer token.

@jankapunkt I'll add some tests after 5.0.0 is merged into development