Dynamic Authorization Middleware with Type Safety in Hono

[Puszkarek]

I’m working on creating a wrapper function for an authorization middleware. The goal is to check user permissions within an organization dynamically, while preserving the type safety and validation already provided by zValidator.

Here’s the code I've so far:

import { zValidator } from '@hono/zod-validator';
import { type Env, Hono, type Input } from 'hono';
import { z } from 'zod';

import type { Context } from 'hono';
import { createMiddleware } from 'hono/factory';

export type UUID = z.infer<typeof uuidSchema>;
const uuidSchema = z.string().uuid();

export const organizationAuthorization = <E extends Env, P extends string, I extends Input>(
  extractor: (c: Context<E, P, I>) => UUID,
) =>
  createMiddleware<E, P, I>(async c => {
    const organizationId = extractor(c);

    // ... code here
  });

export const organizationsRouter = new Hono<Env>().get(
  '/:organizationId',
  zValidator('param', z.object({ organizationId: uuidSchema })),
  organizationAuthorization(c => c.req.valid('param').organizationId),
  async c => {
    const id = c.req.valid('param').organizationId;

    // ... code here
  },
);

When I use the organizationAuthorization wrapper, TypeScript complains that the param value is invalid. Specifically, it seems to lose the type context provided by zValidator. Here’s the error:

I want to make the organizationAuthorization wrapper dynamic so that it can work with any validated parameter (e.g., param, query, or json) without losing the type safety provided by zValidator. Ideally, I’d like to avoid manually specifying types in the wrapper to keep it flexible.

Am I missing something in the type definitions or implementation of the wrapper?

I’ve reviewed the Hono library’s types and middleware patterns, but I’m not sure how to achieve this. Does someone has any suggestions?