mirror of
https://github.com/gchq/CyberChef.git
synced 2025-04-22 07:46:16 -04:00
Merge branch '1073-jwt-verify' of https://github.com/mt3571/CyberChef into mt3571-1073-jwt-verify
This commit is contained in:
n1474335
commit
5bc523aeff
3 changed files with 33 additions and 18 deletions
24
src/core/lib/JWT.mjs
Normal file
24
src/core/lib/JWT.mjs
Normal file
|
|
@ -0,0 +1,24 @@
|
||||||
|
/**
|
||||||
|
* JWT resources
|
||||||
|
*
|
||||||
|
* @author mt3571 [mt3571@protonmail.com]
|
||||||
|
* @copyright Crown Copyright 2020
|
||||||
|
* @license Apache-2.0
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* List of the JWT algorithms that can be used
|
||||||
|
*/
|
||||||
|
export const JWT_ALGORITHMS = [
|
||||||
|
"HS256",
|
||||||
|
"HS384",
|
||||||
|
"HS512",
|
||||||
|
"RS256",
|
||||||
|
"RS384",
|
||||||
|
"RS512",
|
||||||
|
"ES256",
|
||||||
|
"ES384",
|
||||||
|
"ES512",
|
||||||
|
"None"
|
||||||
|
];
|
||||||
|
|
@ -8,6 +8,9 @@ import Operation from "../Operation.mjs";
|
||||||
import jwt from "jsonwebtoken";
|
import jwt from "jsonwebtoken";
|
||||||
import OperationError from "../errors/OperationError.mjs";
|
import OperationError from "../errors/OperationError.mjs";
|
||||||
|
|
||||||
|
import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* JWT Sign operation
|
* JWT Sign operation
|
||||||
*/
|
*/
|
||||||
|
|
@ -34,18 +37,7 @@ class JWTSign extends Operation {
|
||||||
{
|
{
|
||||||
name: "Signing algorithm",
|
name: "Signing algorithm",
|
||||||
type: "option",
|
type: "option",
|
||||||
value: [
|
value: JWT_ALGORITHMS
|
||||||
"HS256",
|
|
||||||
"HS384",
|
|
||||||
"HS512",
|
|
||||||
"RS256",
|
|
||||||
"RS384",
|
|
||||||
"RS512",
|
|
||||||
"ES256",
|
|
||||||
"ES384",
|
|
||||||
"ES512",
|
|
||||||
"None"
|
|
||||||
]
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,9 @@ import Operation from "../Operation.mjs";
|
||||||
import jwt from "jsonwebtoken";
|
import jwt from "jsonwebtoken";
|
||||||
import OperationError from "../errors/OperationError.mjs";
|
import OperationError from "../errors/OperationError.mjs";
|
||||||
|
|
||||||
|
|
||||||
|
import {JWT_ALGORITHMS} from "../lib/JWT.mjs";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* JWT Verify operation
|
* JWT Verify operation
|
||||||
*/
|
*/
|
||||||
|
|
@ -43,12 +46,8 @@ class JWTVerify extends Operation {
|
||||||
const [key] = args;
|
const [key] = args;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const verified = jwt.verify(input, key, { algorithms: [
|
const verified = jwt.verify(input, key, { algorithms: JWT_ALGORITHMS});
|
||||||
"HS256",
|
|
||||||
"HS384",
|
|
||||||
"HS512",
|
|
||||||
"none"
|
|
||||||
]});
|
|
||||||
|
|
||||||
if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
|
if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
|
||||||
throw new OperationError(verified.message);
|
throw new OperationError(verified.message);
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue