Timo/auth-server-helper
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

improve signature structure, more tests
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
Timo Hocker 2020-12-13 13:37:11 +01:00
parent 68c06b6742
commit 170eb8a743
7 changed files with 118 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/Blacklist.ts
View File

@ -1,3 +1,10 @@
/*
* Copyright (C) Sapphirecode - All Rights Reserved
* This file is part of Auth-Server-Helper which is released under MIT.
* See file 'LICENSE' for full license details.
* Created by Timo Hocker <timo@scode.ovh>, December 2020
*/
interface Signature { interface Signature {
hash: string; hash: string;
iat: Date; iat: Date;

30
lib/Gateway.ts
View File

@ -1,7 +1,11 @@
import { /*
get_signature_info, * Copyright (C) Sapphirecode - All Rights Reserved
verify_signature * This file is part of Auth-Server-Helper which is released under MIT.
} from '@sapphirecode/crypto-helper'; * See file 'LICENSE' for full license details.
* Created by Timo Hocker <timo@scode.ovh>, December 2020
*/
import { verify_signature_get_info } from '@sapphirecode/crypto-helper';
import { run_regex } from '@sapphirecode/utilities'; import { run_regex } from '@sapphirecode/utilities';
import keystore from './KeyStore'; import keystore from './KeyStore';
import blacklist from './Blacklist'; import blacklist from './Blacklist';
@ -38,6 +42,8 @@ class GatewayClass {
} }
private get_cookie_auth (req: Request): string | null { private get_cookie_auth (req: Request): string | null {
if (typeof this._options.cookie_name === 'undefined')
return null;
let auth = null; let auth = null;
run_regex ( run_regex (
/[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu, /[\^;](?<name>[^;=]+)=(?<value>[^;]+)/gu,
@ -57,17 +63,15 @@ class GatewayClass {
if (auth === null) if (auth === null)
return false; return false;
const data = get_signature_info (auth); const data = verify_signature_get_info (
const key = keystore.get_key (data.iat / 1000);
const valid = verify_signature (
auth, auth,
key, (info) => keystore.get_key (info.iat),
data.obj.valid_for * 1000 (info) => info.valid_for * 1000
) === null; );
return valid return data !== null
&& data.obj.type === 'access_token' && data.type === 'access_token'
&& blacklist.is_valid (data.obj.id); && blacklist.is_valid (data.id);
} }
public process_request ( public process_request (

7
lib/KeyStore.ts
View File

@ -1,3 +1,10 @@
/*
* Copyright (C) Sapphirecode - All Rights Reserved
* This file is part of Auth-Server-Helper which is released under MIT.
* See file 'LICENSE' for full license details.
* Created by Timo Hocker <timo@scode.ovh>, December 2020
*/
import { create_salt } from '@sapphirecode/crypto-helper'; import { create_salt } from '@sapphirecode/crypto-helper';
class KeyStore { class KeyStore {

9
package.json
View File

@ -11,7 +11,7 @@
"devDependencies": { "devDependencies": {
"@sapphirecode/eslint-config-ts": "^1.1.27", "@sapphirecode/eslint-config-ts": "^1.1.27",
"@types/jasmine": "^3.6.2", "@types/jasmine": "^3.6.2",
"@types/node": "^14.14.12", "@types/node": "^10.0.0",
"eslint": "^7.14.0", "eslint": "^7.14.0",
"jasmine": "^3.6.3", "jasmine": "^3.6.3",
"jasmine-ts": "^0.3.0", "jasmine-ts": "^0.3.0",
@ -37,7 +37,10 @@
"middleware" "middleware"
], ],
"dependencies": { "dependencies": {
"@sapphirecode/crypto-helper": "^1.1.62", "@sapphirecode/crypto-helper": "^1.2.0",
"@sapphirecode/utilities": "^1.8.8" "@sapphirecode/utilities": "^1.8.8"
},
"engines": {
"node": ">=10.0.0"
} }
} }

66
test/spec/Blacklist.ts Normal file
View File

@ -0,0 +1,66 @@
/*
* Copyright (C) Sapphirecode - All Rights Reserved
* This file is part of Auth-Server-Helper which is released under MIT.
* See file 'LICENSE' for full license details.
* Created by Timo Hocker <timo@scode.ovh>, December 2020
*/
import blacklist from '../../lib/Blacklist';
// eslint-disable-next-line max-lines-per-function
describe ('blacklist', () => {
beforeAll (() => {
jasmine.clock ()
.install ();
jasmine.clock ()
.mockDate (new Date);
});
it ('should validate any string', () => {
expect (blacklist.is_valid ('foo'))
.toBeTrue ();
expect (blacklist.is_valid ('bar'))
.toBeTrue ();
expect (blacklist.is_valid ('baz'))
.toBeTrue ();
});
it ('should blacklist strings', () => {
blacklist.add_signature ('foo');
blacklist.add_signature ('bar');
expect (blacklist.is_valid ('foo'))
.toBeFalse ();
expect (blacklist.is_valid ('bar'))
.toBeFalse ();
expect (blacklist.is_valid ('baz'))
.toBeTrue ();
});
it ('should remove one string', () => {
blacklist.remove_signature ('foo');
expect (blacklist.is_valid ('foo'))
.toBeTrue ();
expect (blacklist.is_valid ('bar'))
.toBeFalse ();
expect (blacklist.is_valid ('baz'))
.toBeTrue ();
});
it ('should clear after time', () => {
jasmine.clock ()
.tick (5000);
blacklist.add_signature ('baz');
blacklist.clear_before (new Date (Date.now () - 100));
expect (blacklist.is_valid ('foo'))
.toBeTrue ();
expect (blacklist.is_valid ('bar'))
.toBeTrue ();
expect (blacklist.is_valid ('baz'))
.toBeFalse ();
});
afterAll (() => {
jasmine.clock ()
.uninstall ();
});
});

7
test/spec/KeyStore.ts
View File

@ -1,3 +1,10 @@
/*
* Copyright (C) Sapphirecode - All Rights Reserved
* This file is part of Auth-Server-Helper which is released under MIT.
* See file 'LICENSE' for full license details.
* Created by Timo Hocker <timo@scode.ovh>, December 2020
*/
import ks from '../../lib/KeyStore'; import ks from '../../lib/KeyStore';
/* eslint-disable-next-line max-lines-per-function */ /* eslint-disable-next-line max-lines-per-function */

16
yarn.lock
View File

@ -244,10 +244,10 @@
"@nodelib/fs.scandir" "2.1.3" "@nodelib/fs.scandir" "2.1.3"
fastq "^1.6.0" fastq "^1.6.0"
"@sapphirecode/crypto-helper@^1.1.62": "@sapphirecode/crypto-helper@^1.2.0":
version "1.1.62" version "1.2.1"
resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.1.62.tgz#e5d610a3596166d47d1a509ae9a949c740994d92" resolved "https://registry.yarnpkg.com/@sapphirecode/crypto-helper/-/crypto-helper-1.2.1.tgz#d60277b982b7bd023267488e9fb454f41d6c8a30"
integrity sha512-J5Tk5/WYu9SaXeNI9hqkWz9X8NeH9zDTMDYddF3y/QofKpNW33AI30aVmLmEWbMvi8sHfQw5GidGAdRApciXYg== integrity sha512-qN3q4f+/Q3gjxbVG9/ZGTqC0hP3trxdbePFI08z8a95bgJ45Inv8ieDr8SJRaX/gylIL/DvKeW/wTXdeSnDKCw==
dependencies: dependencies:
"@sapphirecode/encoding-helper" "^1.0.38" "@sapphirecode/encoding-helper" "^1.0.38"
@ -302,10 +302,10 @@
resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee" resolved "https://registry.yarnpkg.com/@types/json5/-/json5-0.0.29.tgz#ee28707ae94e11d2b827bcbe5270bcea7f3e71ee"
integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4= integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4=
"@types/node@^14.14.12": "@types/node@^10.0.0":
version "14.14.12" version "10.17.49"
resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.12.tgz#0b1d86f8c40141091285dea02e4940df73bba43f" resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.49.tgz#ecf0b67bab4b84d0ec9b0709db4aac3824a51c4a"
integrity sha512-ASH8OPHMNlkdjrEdmoILmzFfsJICvhBsFfAum4aKZ/9U4B6M6tTmTPh+f3ttWdD74CEGV5XvXWkbyfSdXaTd7g== integrity sha512-PGaJNs5IZz5XgzwJvL/1zRfZB7iaJ5BydZ8/Picm+lUNYoNO9iVTQkVy5eUh0dZDrx3rBOIs3GCbCRmMuYyqwg==
"@typescript-eslint/eslint-plugin@^4.1.0": "@typescript-eslint/eslint-plugin@^4.1.0":
version "4.9.1" version "4.9.1"