2018-08-27 00:16:13 +02:00
/ * *
* @ author gchq77703 [ ]
* @ copyright Crown Copyright 2018
* @ license Apache - 2.0
* /
2019-07-09 13:23:59 +02:00
import Operation from "../Operation.mjs" ;
2018-08-27 00:16:13 +02:00
import jwt from "jsonwebtoken" ;
2019-07-09 13:23:59 +02:00
import OperationError from "../errors/OperationError.mjs" ;
2020-12-01 14:38:01 +01:00
import { JWT _ALGORITHMS } from "../lib/JWT.mjs" ;
2018-08-27 00:16:13 +02:00
/ * *
* JWT Sign operation
* /
class JWTSign extends Operation {
/ * *
* JWTSign constructor
* /
constructor ( ) {
super ( ) ;
this . name = "JWT Sign" ;
this . module = "Crypto" ;
2018-08-31 15:58:06 +02:00
this . description = "Signs a JSON object as a JSON Web Token using a provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA." ;
this . infoURL = "https://wikipedia.org/wiki/JSON_Web_Token" ;
2018-08-27 00:16:13 +02:00
this . inputType = "JSON" ;
this . outputType = "string" ;
this . args = [
{
2018-08-31 15:58:06 +02:00
name : "Private/Secret Key" ,
2018-08-29 23:43:10 +02:00
type : "text" ,
2018-08-31 15:58:06 +02:00
value : "secret"
2018-08-27 00:16:13 +02:00
} ,
{
2018-08-31 15:58:06 +02:00
name : "Signing algorithm" ,
2018-08-29 23:43:10 +02:00
type : "option" ,
2020-12-01 14:38:01 +01:00
value : JWT _ALGORITHMS
2018-08-27 00:16:13 +02:00
}
] ;
}
/ * *
* @ param { JSON } input
* @ param { Object [ ] } args
* @ returns { string }
* /
run ( input , args ) {
const [ key , algorithm ] = args ;
2018-08-31 15:58:06 +02:00
try {
return jwt . sign ( input , key , {
2024-03-13 18:26:23 +01:00
algorithm : algorithm === "None" ? "none" : algorithm ,
// To utilize jsonwebtoken 9+ library and maintain backwards compatibility for regression tests
// This could be turned into operation args in a future PR
allowInsecureKeySizes : true ,
allowInvalidAsymmetricKeyTypes : true
2018-08-31 15:58:06 +02:00
} ) ;
} catch ( err ) {
throw new OperationError ( ` Error: Have you entered the key correctly? The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.
$ { err } ` );
}
2018-08-27 00:16:13 +02:00
}
}
export default JWTSign ;