improve signature structure, more tests
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
This commit is contained in:
parent
68c06b6742
commit
170eb8a743
@ -1,3 +1,10 @@
|
||||
/*
|
||||
* Copyright (C) Sapphirecode - All Rights Reserved
|
||||
* This file is part of Auth-Server-Helper which is released under MIT.
|
||||
* See file 'LICENSE' for full license details.
|
||||
* Created by Timo Hocker <timo@scode.ovh>, December 2020
|
||||
*/
|
||||
|
||||
interface Signature {
|
||||
hash: string;
|
||||
iat: Date;
|
||||
|
||||
@ -1,7 +1,11 @@
|
||||
import {
|
||||
get_signature_info,
|
||||
verify_signature
|
||||
} from '@sapphirecode/crypto-helper';
|
||||
/*
|
||||
* Copyright (C) Sapphirecode - All Rights Reserved
|
||||
* This file is part of Auth-Server-Helper which is released under MIT.
|
||||
* See file 'LICENSE' for full license details.
|
||||
* Created by Timo Hocker <timo@scode.ovh>, December 2020
|
||||
*/
|
||||
|
||||
import { verify_signature_get_info } from '@sapphirecode/crypto-helper';
|
||||
import { run_regex } from '@sapphirecode/utilities';
|
||||
import keystore from './KeyStore';
|
||||
import blacklist from './Blacklist';
|
||||
@ -38,6 +42,8 @@ class GatewayClass {
|
||||
}
|
||||
|
||||
private get_cookie_auth (req: Request): string | null {
|
||||
if (typeof this._options.cookie_name === 'undefined')
|
||||
return null;
|
||||
let auth = null;
|
||||
run_regex (
|
||||
/[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu,
|
||||
@ -57,17 +63,15 @@ class GatewayClass {
|
||||
if (auth === null)
|
||||
return false;
|
||||
|
||||
const data = get_signature_info (auth);
|
||||
const key = keystore.get_key (data.iat / 1000);
|
||||
const valid = verify_signature (
|
||||
const data = verify_signature_get_info (
|
||||
auth,
|
||||
key,
|
||||
data.obj.valid_for * 1000
|
||||
) === null;
|
||||
(info) => keystore.get_key (info.iat),
|
||||
(info) => info.valid_for * 1000
|
||||
);
|
||||
|
||||
return valid
|
||||
&& data.obj.type === 'access_token'
|
||||
&& blacklist.is_valid (data.obj.id);
|
||||
return data !== null
|
||||
&& data.type === 'access_token'
|
||||
&& blacklist.is_valid (data.id);
|
||||
}
|
||||
|
||||
public process_request (
|
||||
|
||||
@ -1,3 +1,10 @@
|
||||
/*
|
||||
* Copyright (C) Sapphirecode - All Rights Reserved
|
||||
* This file is part of Auth-Server-Helper which is released under MIT.
|
||||
* See file 'LICENSE' for full license details.
|
||||
* Created by Timo Hocker <timo@scode.ovh>, December 2020
|
||||
*/
|
||||
|
||||
import { create_salt } from '@sapphirecode/crypto-helper';
|
||||
|
||||
class KeyStore {
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
"devDependencies": {
|
||||
"@sapphirecode/eslint-config-ts": "^1.1.27",
|
||||
"@types/jasmine": "^3.6.2",
|
||||
"@types/node": "^14.14.12",
|
||||
"@types/node": "^10.0.0",
|
||||
"eslint": "^7.14.0",
|
||||
"jasmine": "^3.6.3",
|
||||
"jasmine-ts": "^0.3.0",
|
||||
@ -37,7 +37,10 @@
|
||||
"middleware"
|
||||
],
|
||||
"dependencies": {
|
||||
"@sapphirecode/crypto-helper": "^1.1.62",
|
||||
"@sapphirecode/crypto-helper": "^1.2.0",
|
||||
"@sapphirecode/utilities": "^1.8.8"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=10.0.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
66
test/spec/Blacklist.ts
Normal file
66
test/spec/Blacklist.ts
Normal file
@ -0,0 +1,66 @@
|
||||
/*
|
||||
* Copyright (C) Sapphirecode - All Rights Reserved
|
||||
* This file is part of Auth-Server-Helper which is released under MIT.
|
||||
* See file 'LICENSE' for full license details.
|
||||
* Created by Timo Hocker <timo@scode.ovh>, December 2020
|
||||
*/
|
||||
|
||||
import blacklist from '../../lib/Blacklist';
|
||||
|
||||
// eslint-disable-next-line max-lines-per-function
|
||||
describe ('blacklist', () => {
|
||||
beforeAll (() => {
|
||||
jasmine.clock ()
|
||||
.install ();
|
||||
jasmine.clock ()
|
||||
.mockDate (new Date);
|
||||
});
|
||||
|
||||
it ('should validate any string', () => {
|
||||
expect (blacklist.is_valid ('foo'))
|
||||
.toBeTrue ();
|
||||
expect (blacklist.is_valid ('bar'))
|
||||
.toBeTrue ();
|
||||
expect (blacklist.is_valid ('baz'))
|
||||
.toBeTrue ();
|
||||
});
|
||||
|
||||
it ('should blacklist strings', () => {
|
||||
blacklist.add_signature ('foo');
|
||||
blacklist.add_signature ('bar');
|
||||
expect (blacklist.is_valid ('foo'))
|
||||
.toBeFalse ();
|
||||
expect (blacklist.is_valid ('bar'))
|
||||
.toBeFalse ();
|
||||
expect (blacklist.is_valid ('baz'))
|
||||
.toBeTrue ();
|
||||
});
|
||||
|
||||
it ('should remove one string', () => {
|
||||
blacklist.remove_signature ('foo');
|
||||
expect (blacklist.is_valid ('foo'))
|
||||
.toBeTrue ();
|
||||
expect (blacklist.is_valid ('bar'))
|
||||
.toBeFalse ();
|
||||
expect (blacklist.is_valid ('baz'))
|
||||
.toBeTrue ();
|
||||
});
|
||||
|
||||
it ('should clear after time', () => {
|
||||
jasmine.clock ()
|
||||
.tick (5000);
|
||||
blacklist.add_signature ('baz');
|
||||
blacklist.clear_before (new Date (Date.now () - 100));
|
||||
expect (blacklist.is_valid ('foo'))
|
||||
.toBeTrue ();
|
||||
expect (blacklist.is_valid ('bar'))
|
||||
.toBeTrue ();
|
||||
expect (blacklist.is_valid ('baz'))
|
||||
.toBeFalse ();
|
||||
});
|
||||
|
||||
afterAll (() => {
|
||||
jasmine.clock ()
|
||||
.uninstall ();
|
||||
});
|
||||
});
|
||||
@ -1,3 +1,10 @@
|
||||
/*
|
||||
* Copyright (C) Sapphirecode - All Rights Reserved
|
||||
* This file is part of Auth-Server-Helper which is released under MIT.
|
||||
* See file 'LICENSE' for full license details.
|
||||
* Created by Timo Hocker <timo@scode.ovh>, December 2020
|
||||
*/
|
||||
|
||||
import ks from '../../lib/KeyStore';
|
||||
|
||||
/* eslint-disable-next-line max-lines-per-function */
|
||||
|
||||
16
yarn.lock
16
yarn.lock
@ -244,10 +244,10 @@
|
||||
"@nodelib/fs.scandir" "2.1.3"
|
||||
fastq "^1.6.0"
|
||||
|
||||
"@sapphirecode/crypto-helper@^1.1.62":
|
||||
version "1.1.62"
|
||||
resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.1.62.tgz#e5d610a3596166d47d1a509ae9a949c740994d92"
|
||||
integrity sha512-J5Tk5/WYu9SaXeNI9hqkWz9X8NeH9zDTMDYddF3y/QofKpNW33AI30aVmLmEWbMvi8sHfQw5GidGAdRApciXYg==
|
||||
"@sapphirecode/crypto-helper@^1.2.0":
|
||||
version "1.2.1"
|
||||
resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.2.1.tgz#d60277b982b7bd023267488e9fb454f41d6c8a30"
|
||||
integrity sha512-qN3q4f+/Q3gjxbVG9/ZGTqC0hP3trxdbePFI08z8a95bgJ45Inv8ieDr8SJRaX/gylIL/DvKeW/wTXdeSnDKCw==
|
||||
dependencies:
|
||||
"@sapphirecode/encoding-helper" "^1.0.38"
|
||||
|
||||
@ -302,10 +302,10 @@
|
||||
resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee"
|
||||
integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4=
|
||||
|
||||
"@types/node@^14.14.12":
|
||||
version "14.14.12"
|
||||
resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.12.tgz#0b1d86f8c40141091285dea02e4940df73bba43f"
|
||||
integrity sha512-ASH8OPHMNlkdjrEdmoILmzFfsJICvhBsFfAum4aKZ/9U4B6M6tTmTPh+f3ttWdD74CEGV5XvXWkbyfSdXaTd7g==
|
||||
"@types/node@^10.0.0":
|
||||
version "10.17.49"
|
||||
resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.49.tgz#ecf0b67bab4b84d0ec9b0709db4aac3824a51c4a"
|
||||
integrity sha512-PGaJNs5IZz5XgzwJvL/1zRfZB7iaJ5BydZ8/Picm+lUNYoNO9iVTQkVy5eUh0dZDrx3rBOIs3GCbCRmMuYyqwg==
|
||||
|
||||
"@typescript-eslint/eslint-plugin@^4.1.0":
|
||||
version "4.9.1"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user