Skip to content

Commit

Permalink
fix(pds): better type ReqCtx
Browse files Browse the repository at this point in the history
  • Loading branch information
matthieusieben committed Mar 8, 2024
1 parent 3d5e5b9 commit f12ca33
Showing 1 changed file with 6 additions and 4 deletions.
10 changes: 6 additions & 4 deletions packages/pds/src/auth-verifier.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ import { getVerificationMaterial } from '@atproto/common'

type ReqCtx = {
req: express.Request
// StreamAuthVerifier does not have "res"
res?: express.Response
}

// @TODO sync-up with current method names, consider backwards compat.
Expand Down Expand Up @@ -519,10 +521,10 @@ export class AuthVerifier {

protected async setAuthHeaders(ctx: ReqCtx) {
// Prevent caching (on proxies) of auth dependent responses
ctx.req.res?.setHeader('Cache-Control', 'private')
ctx.res?.setHeader('Cache-Control', 'private')

// Make sure that browsers do not return cached responses when the auth header changes
ctx.req.res?.appendHeader('Vary', 'Authorization')
ctx.res?.appendHeader('Vary', 'Authorization')

/**
* Return next DPoP nonce in response headers for DPoP bound tokens.
Expand All @@ -533,8 +535,8 @@ export class AuthVerifier {
const dpopNonce = this._oauthVerifier.nextDpopNonce()
if (dpopNonce) {
const name = 'DPoP-Nonce'
ctx.req.res?.setHeader(name, dpopNonce)
ctx.req.res?.appendHeader('Access-Control-Expose-Headers', name)
ctx.res?.setHeader(name, dpopNonce)
ctx.res?.appendHeader('Access-Control-Expose-Headers', name)
}
}
}
Expand Down

0 comments on commit f12ca33

Please sign in to comment.