From 170eb8a7436f82c31994fa202867e4f15a53566c Mon Sep 17 00:00:00 2001
From: Timo Hocker <timo@scode.ovh>
Date: Sun, 13 Dec 2020 13:37:11 +0100
Subject: [PATCH] improve signature structure, more tests

---
 lib/Blacklist.ts       |  7 +++++
 lib/Gateway.ts         | 30 ++++++++++---------
 lib/KeyStore.ts        |  7 +++++
 package.json           |  9 ++++--
 test/spec/Blacklist.ts | 66 ++++++++++++++++++++++++++++++++++++++++++
 test/spec/KeyStore.ts  |  7 +++++
 yarn.lock              | 16 +++++-----
 7 files changed, 118 insertions(+), 24 deletions(-)
 create mode 100644 test/spec/Blacklist.ts

diff --git a/lib/Blacklist.ts b/lib/Blacklist.ts
index a5b3e81..b637f3f 100644
--- a/lib/Blacklist.ts
+++ b/lib/Blacklist.ts
@@ -1,3 +1,10 @@
+/*
+ * Copyright (C) Sapphirecode - All Rights Reserved
+ * This file is part of Auth-Server-Helper which is released under MIT.
+ * See file 'LICENSE' for full license details.
+ * Created by Timo Hocker <timo@scode.ovh>, December 2020
+ */
+
 interface Signature {
   hash: string;
   iat: Date;
diff --git a/lib/Gateway.ts b/lib/Gateway.ts
index d7df7c4..f3e8561 100644
--- a/lib/Gateway.ts
+++ b/lib/Gateway.ts
@@ -1,7 +1,11 @@
-import {
-  get_signature_info,
-  verify_signature
-} from '@sapphirecode/crypto-helper';
+/*
+ * Copyright (C) Sapphirecode - All Rights Reserved
+ * This file is part of Auth-Server-Helper which is released under MIT.
+ * See file 'LICENSE' for full license details.
+ * Created by Timo Hocker <timo@scode.ovh>, December 2020
+ */
+
+import { verify_signature_get_info } from '@sapphirecode/crypto-helper';
 import { run_regex } from '@sapphirecode/utilities';
 import keystore from './KeyStore';
 import blacklist from './Blacklist';
@@ -38,6 +42,8 @@ class GatewayClass {
   }
 
   private get_cookie_auth (req: Request): string | null {
+    if (typeof this._options.cookie_name === 'undefined')
+      return null;
     let auth = null;
     run_regex (
       /[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu,
@@ -57,17 +63,15 @@ class GatewayClass {
     if (auth === null)
       return false;
 
-    const data = get_signature_info (auth);
-    const key = keystore.get_key (data.iat / 1000);
-    const valid = verify_signature (
+    const data = verify_signature_get_info (
       auth,
-      key,
-      data.obj.valid_for * 1000
-    ) === null;
+      (info) => keystore.get_key (info.iat),
+      (info) => info.valid_for * 1000
+    );
 
-    return valid
-      && data.obj.type === 'access_token'
-      && blacklist.is_valid (data.obj.id);
+    return data !== null
+      && data.type === 'access_token'
+      && blacklist.is_valid (data.id);
   }
 
   public process_request (
diff --git a/lib/KeyStore.ts b/lib/KeyStore.ts
index 1979e98..d99cefb 100644
--- a/lib/KeyStore.ts
+++ b/lib/KeyStore.ts
@@ -1,3 +1,10 @@
+/*
+ * Copyright (C) Sapphirecode - All Rights Reserved
+ * This file is part of Auth-Server-Helper which is released under MIT.
+ * See file 'LICENSE' for full license details.
+ * Created by Timo Hocker <timo@scode.ovh>, December 2020
+ */
+
 import { create_salt } from '@sapphirecode/crypto-helper';
 
 class KeyStore {
diff --git a/package.json b/package.json
index db7ffb6..71db5c2 100644
--- a/package.json
+++ b/package.json
@@ -11,7 +11,7 @@
   "devDependencies": {
     "@sapphirecode/eslint-config-ts": "^1.1.27",
     "@types/jasmine": "^3.6.2",
-    "@types/node": "^14.14.12",
+    "@types/node": "^10.0.0",
     "eslint": "^7.14.0",
     "jasmine": "^3.6.3",
     "jasmine-ts": "^0.3.0",
@@ -37,7 +37,10 @@
     "middleware"
   ],
   "dependencies": {
-    "@sapphirecode/crypto-helper": "^1.1.62",
+    "@sapphirecode/crypto-helper": "^1.2.0",
     "@sapphirecode/utilities": "^1.8.8"
+  },
+  "engines": {
+    "node": ">=10.0.0"
   }
-}
+}
\ No newline at end of file
diff --git a/test/spec/Blacklist.ts b/test/spec/Blacklist.ts
new file mode 100644
index 0000000..fd4ba97
--- /dev/null
+++ b/test/spec/Blacklist.ts
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) Sapphirecode - All Rights Reserved
+ * This file is part of Auth-Server-Helper which is released under MIT.
+ * See file 'LICENSE' for full license details.
+ * Created by Timo Hocker <timo@scode.ovh>, December 2020
+ */
+
+import blacklist from '../../lib/Blacklist';
+
+// eslint-disable-next-line max-lines-per-function
+describe ('blacklist', () => {
+  beforeAll (() => {
+    jasmine.clock ()
+      .install ();
+    jasmine.clock ()
+      .mockDate (new Date);
+  });
+
+  it ('should validate any string', () => {
+    expect (blacklist.is_valid ('foo'))
+      .toBeTrue ();
+    expect (blacklist.is_valid ('bar'))
+      .toBeTrue ();
+    expect (blacklist.is_valid ('baz'))
+      .toBeTrue ();
+  });
+
+  it ('should blacklist strings', () => {
+    blacklist.add_signature ('foo');
+    blacklist.add_signature ('bar');
+    expect (blacklist.is_valid ('foo'))
+      .toBeFalse ();
+    expect (blacklist.is_valid ('bar'))
+      .toBeFalse ();
+    expect (blacklist.is_valid ('baz'))
+      .toBeTrue ();
+  });
+
+  it ('should remove one string', () => {
+    blacklist.remove_signature ('foo');
+    expect (blacklist.is_valid ('foo'))
+      .toBeTrue ();
+    expect (blacklist.is_valid ('bar'))
+      .toBeFalse ();
+    expect (blacklist.is_valid ('baz'))
+      .toBeTrue ();
+  });
+
+  it ('should clear after time', () => {
+    jasmine.clock ()
+      .tick (5000);
+    blacklist.add_signature ('baz');
+    blacklist.clear_before (new Date (Date.now () - 100));
+    expect (blacklist.is_valid ('foo'))
+      .toBeTrue ();
+    expect (blacklist.is_valid ('bar'))
+      .toBeTrue ();
+    expect (blacklist.is_valid ('baz'))
+      .toBeFalse ();
+  });
+
+  afterAll (() => {
+    jasmine.clock ()
+      .uninstall ();
+  });
+});
diff --git a/test/spec/KeyStore.ts b/test/spec/KeyStore.ts
index 1bafbe8..8308fa4 100644
--- a/test/spec/KeyStore.ts
+++ b/test/spec/KeyStore.ts
@@ -1,3 +1,10 @@
+/*
+ * Copyright (C) Sapphirecode - All Rights Reserved
+ * This file is part of Auth-Server-Helper which is released under MIT.
+ * See file 'LICENSE' for full license details.
+ * Created by Timo Hocker <timo@scode.ovh>, December 2020
+ */
+
 import ks from '../../lib/KeyStore';
 
 /* eslint-disable-next-line max-lines-per-function */
diff --git a/yarn.lock b/yarn.lock
index a678fc7..b2c4d74 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -244,10 +244,10 @@
     "@nodelib/fs.scandir" "2.1.3"
     fastq "^1.6.0"
 
-"@sapphirecode/crypto-helper@^1.1.62":
-  version "1.1.62"
-  resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.1.62.tgz#e5d610a3596166d47d1a509ae9a949c740994d92"
-  integrity sha512-J5Tk5/WYu9SaXeNI9hqkWz9X8NeH9zDTMDYddF3y/QofKpNW33AI30aVmLmEWbMvi8sHfQw5GidGAdRApciXYg==
+"@sapphirecode/crypto-helper@^1.2.0":
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.2.1.tgz#d60277b982b7bd023267488e9fb454f41d6c8a30"
+  integrity sha512-qN3q4f+/Q3gjxbVG9/ZGTqC0hP3trxdbePFI08z8a95bgJ45Inv8ieDr8SJRaX/gylIL/DvKeW/wTXdeSnDKCw==
   dependencies:
     "@sapphirecode/encoding-helper" "^1.0.38"
 
@@ -302,10 +302,10 @@
   resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee"
   integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4=
 
-"@types/node@^14.14.12":
-  version "14.14.12"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.12.tgz#0b1d86f8c40141091285dea02e4940df73bba43f"
-  integrity sha512-ASH8OPHMNlkdjrEdmoILmzFfsJICvhBsFfAum4aKZ/9U4B6M6tTmTPh+f3ttWdD74CEGV5XvXWkbyfSdXaTd7g==
+"@types/node@^10.0.0":
+  version "10.17.49"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.49.tgz#ecf0b67bab4b84d0ec9b0709db4aac3824a51c4a"
+  integrity sha512-PGaJNs5IZz5XgzwJvL/1zRfZB7iaJ5BydZ8/Picm+lUNYoNO9iVTQkVy5eUh0dZDrx3rBOIs3GCbCRmMuYyqwg==
 
 "@typescript-eslint/eslint-plugin@^4.1.0":
   version "4.9.1"