CyberChef/src/core/operations/JWTVerify.mjs

/**
 * @author gchq77703 []
 * @copyright Crown Copyright 2018
 * @license Apache-2.0
 */

import Operation from "../Operation.mjs";
import jwt from "jsonwebtoken";
import OperationError from "../errors/OperationError.mjs";

/**
 * JWT Verify operation
 */
class JWTVerify extends Operation {

    /**
     * JWTVerify constructor
     */
    constructor() {
        super();

        this.name = "JWT Verify";
        this.module = "Crypto";
        this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";
        this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";
        this.inputType = "string";
        this.outputType = "JSON";
        this.args = [
            {
                name: "Private/Secret Key",
                type: "text",
                value: "secret"
            },
        ];
    }

    /**
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    run(input, args) {
        const [key] = args;

        try {
            const verified = jwt.verify(input, key, { algorithms: [
                "HS256",
                "HS384",
                "HS512",
                "RS256",
                "RS384",
                "RS512",
                "ES256",
                "ES384",
                "ES512",
                "none"
            ]});

            if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
                throw new OperationError(verified.message);
            }

            return verified;
        } catch (err) {
            throw new OperationError(err);
        }
    }

}

export default JWTVerify;
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`/**`
			`* @author gchq77703 []`
			`* @copyright Crown Copyright 2018`
			`* @license Apache-2.0`
			`*/`

Imports now specify the file extension to support Node v12 2019-07-09 13:23:59 +02:00			`import Operation from "../Operation.mjs";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`import jwt from "jsonwebtoken";`
Imports now specify the file extension to support Node v12 2019-07-09 13:23:59 +02:00			`import OperationError from "../errors/OperationError.mjs";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00
			`/**`
			`* JWT Verify operation`
			`*/`
			`class JWTVerify extends Operation {`

			`/**`
			`* JWTVerify constructor`
			`*/`
			`constructor() {`
			`super();`

			`this.name = "JWT Verify";`
			`this.module = "Crypto";`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";`
			`this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`this.inputType = "string";`
			`this.outputType = "JSON";`
			`this.args = [`
			`{`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`name: "Private/Secret Key",`
Implement tests, fix options argument 2018-08-29 23:43:10 +02:00			`type: "text",`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`value: "secret"`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`},`
			`];`
			`}`

			`/**`
			`* @param {string} input`
			`* @param {Object[]} args`
			`* @returns {string}`
			`*/`
			`run(input, args) {`
			`const [key] = args;`

			`try {`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`const verified = jwt.verify(input, key, { algorithms: [`
Implement tests, fix options argument 2018-08-29 23:43:10 +02:00			`"HS256",`
			`"HS384",`
			`"HS512",`
Update JWTVerify.mjs Enable verification of RSASHA256 and 512 tokens 2021-02-06 08:27:54 +01:00			`"RS256",`
Update JWTVerify.mjs Enabled ESRSA verification. 2021-02-06 08:58:49 +01:00			`"RS384",`
Update JWTVerify.mjs Enable verification of RSASHA256 and 512 tokens 2021-02-06 08:27:54 +01:00			`"RS512",`
Update JWTVerify.mjs Enabled ESRSA verification. 2021-02-06 08:58:49 +01:00			`"ES256",`
			`"ES384",`
			`"ES512",`
Implement tests, fix options argument 2018-08-29 23:43:10 +02:00			`"none"`
			`]});`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00
Updated dependencies and linter 2019-07-05 13:22:52 +02:00			`if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`throw new OperationError(verified.message);`
			`}`

			`return verified;`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`} catch (err) {`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`throw new OperationError(err);`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`}`
			`}`

			`}`

			`export default JWTVerify;`