CyberChef/src/core/operations/JWTVerify.mjs

/**
 * @author gchq77703 []
 * @copyright Crown Copyright 2018
 * @license Apache-2.0
 */
import Operation from "../Operation.mjs";
import jwt from "jsonwebtoken";
import OperationError from "../errors/OperationError.mjs";
import {JWT_ALGORITHMS} from "../lib/JWT.mjs";


/**
 * JWT Verify operation
 */
class JWTVerify extends Operation {

    /**
     * JWTVerify constructor
     */
    constructor() {
        super();

        this.name = "JWT Verify";
        this.module = "Crypto";
        this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";
        this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";
        this.inputType = "string";
        this.outputType = "JSON";
        this.args = [
            {
                name: "Public/Secret Key",
                type: "text",
                value: "secret"
            },
        ];
    }

    /**
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    run(input, args) {
        const [key] = args;
        const algos = JWT_ALGORITHMS;
        algos[algos.indexOf("None")] = "none";

        try {
            const verified = jwt.verify(input, key, { algorithms: algos });

            if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {
                throw new OperationError(verified.message);
            }

            return verified;
        } catch (err) {
            throw new OperationError(err);
        }
    }

}

export default JWTVerify;
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`/**`
			`* @author gchq77703 []`
			`* @copyright Crown Copyright 2018`
			`* @license Apache-2.0`
			`*/`
Imports now specify the file extension to support Node v12 2019-07-09 13:23:59 +02:00			`import Operation from "../Operation.mjs";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`import jwt from "jsonwebtoken";`
Imports now specify the file extension to support Node v12 2019-07-09 13:23:59 +02:00			`import OperationError from "../errors/OperationError.mjs";`
Added in a new file to store the list of JWT algorithms that can be used, as this error was occurring due to a mismatch between what you could sign and what you could verify 2020-12-01 14:38:01 +01:00			`import {JWT_ALGORITHMS} from "../lib/JWT.mjs";`

Tidied up JWT ops 2021-02-09 15:14:59 +01:00
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`/**`
			`* JWT Verify operation`
			`*/`
			`class JWTVerify extends Operation {`

			`/**`
			`* JWTVerify constructor`
			`*/`
			`constructor() {`
			`super();`

			`this.name = "JWT Verify";`
			`this.module = "Crypto";`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";`
			`this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`this.inputType = "string";`
			`this.outputType = "JSON";`
			`this.args = [`
			`{`
Update JWTVerify.mjs 2021-02-06 09:35:46 +01:00			`name: "Public/Secret Key",`
Implement tests, fix options argument 2018-08-29 23:43:10 +02:00			`type: "text",`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`value: "secret"`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`},`
			`];`
			`}`

			`/**`
			`* @param {string} input`
			`* @param {Object[]} args`
			`* @returns {string}`
			`*/`
			`run(input, args) {`
			`const [key] = args;`
Tidied up JWT tests 2021-02-09 15:23:02 +01:00			`const algos = JWT_ALGORITHMS;`
			`algos[algos.indexOf("None")] = "none";`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00
			`try {`
Tidied up JWT tests 2021-02-09 15:23:02 +01:00			`const verified = jwt.verify(input, key, { algorithms: algos });`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00
Updated dependencies and linter 2019-07-05 13:22:52 +02:00			`if (Object.prototype.hasOwnProperty.call(verified, "name") && verified.name === "JsonWebTokenError") {`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`throw new OperationError(verified.message);`
			`}`

			`return verified;`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`} catch (err) {`
Tidied up JWT operations 2018-08-31 15:58:06 +02:00			`throw new OperationError(err);`
Add JWT Verify, Decode and Sign 2018-08-27 00:16:13 +02:00			`}`
			`}`

			`}`

			`export default JWTVerify;`