Skip to content

Commit a95f43a

Browse files
author
GCHQ 77703
committed
Implement tests, fix options argument
1 parent 8559f5c commit a95f43a

6 files changed

Lines changed: 314 additions & 44 deletions

File tree

src/core/operations/JWTSign.mjs

Lines changed: 12 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -27,53 +27,23 @@ class JWTSign extends Operation {
2727
this.args = [
2828
{
2929
name: "Private / Secret Key",
30-
type: "shortString",
30+
type: "text",
3131
value: "secret_cat"
3232
},
3333
{
3434
name: "Signing Algorithm",
35-
type: "populateOption",
35+
type: "option",
3636
value: [
37-
{
38-
name: "HS256",
39-
value: "HS256"
40-
},
41-
{
42-
name: "HS384",
43-
value: "HS384",
44-
},
45-
{
46-
name: "HS512",
47-
value: "HS512",
48-
},
49-
{
50-
name: "RS256",
51-
value: "RS256",
52-
},
53-
{
54-
name: "RS384",
55-
value: "RS384",
56-
},
57-
{
58-
name: "RS512",
59-
value: "RS512",
60-
},
61-
{
62-
name: "ES256",
63-
value: "ES256",
64-
},
65-
{
66-
name: "ES384",
67-
value: "ES384",
68-
},
69-
{
70-
name: "ES512",
71-
value: "ES512",
72-
},
73-
{
74-
name: "None",
75-
value: "none",
76-
},
37+
"HS256",
38+
"HS384",
39+
"HS512",
40+
"RS256",
41+
"RS384",
42+
"RS512",
43+
"ES256",
44+
"ES384",
45+
"ES512",
46+
"None"
7747
]
7848
}
7949
];

src/core/operations/JWTVerify.mjs

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ class JWTVerify extends Operation {
2727
this.args = [
2828
{
2929
name: "Private / Secret Key",
30-
type: "shortString",
30+
type: "text",
3131
value: "secret_cat"
3232
},
3333
];
@@ -42,7 +42,12 @@ class JWTVerify extends Operation {
4242
const [key] = args;
4343

4444
try {
45-
return jwt.verify(input, key);
45+
return jwt.verify(input, key, { algorithms: [
46+
"HS256",
47+
"HS384",
48+
"HS512",
49+
"none"
50+
]});
4651
} catch (err) {
4752
return err;
4853
}

test/index.mjs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,9 @@ import "./tests/operations/SetUnion";
6464
import "./tests/operations/SymmetricDifference";
6565
import "./tests/operations/TranslateDateTimeFormat";
6666
import "./tests/operations/Magic";
67+
import "./tests/operations/JWTSign";
68+
import "./tests/operations/JWTDecode";
69+
import "./tests/operations/JWTVerify";
6770

6871
let allTestsPassing = true;
6972
const testStatusCounts = {

test/tests/operations/JWTDecode.mjs

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
/**
2+
* JWT Decode tests
3+
*
4+
* @author gchq77703 []
5+
*
6+
* @copyright Crown Copyright 2018
7+
* @license Apache-2.0
8+
*/
9+
import TestRegister from "../../TestRegister";
10+
11+
const outputObject = JSON.stringify({
12+
String: "SomeString",
13+
Number: 42,
14+
iat: 1
15+
});
16+
17+
TestRegister.addTests([
18+
{
19+
name: "JSON Decode: HS",
20+
input: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.0ha6-j4FwvEIKPVZ-hf3S_R9Hy_UtXzq4dnedXcUrXk",
21+
expectedOutput: outputObject,
22+
recipeConfig: [
23+
{
24+
op: "JWT Decode",
25+
args: [],
26+
}
27+
],
28+
},
29+
{
30+
name: "JSON Decode: RS",
31+
input: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.MjEJhtZk2nXzigi24piMzANmrj3mILHJcDl0xOjl5a8EgdKVL1oaMEjTkMQp5RA8YrqeRBFaX-BGGCKOXn5zPY1DJwWsBUyN9C-wGR2Qye0eogH_3b4M9EW00TPCUPXm2rx8URFj7Wg9VlsmrGzLV2oKkPgkVxuFSxnpO3yjn1Y",
32+
expectedOutput: outputObject,
33+
recipeConfig: [
34+
{
35+
op: "JWT Decode",
36+
args: [],
37+
}
38+
],
39+
},
40+
{
41+
name: "JSON Decode: ES",
42+
input: "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.WkECT51jSfpRkcpQ4x0h5Dwe7CFBI6u6Et2gWp91HC7mpN_qCFadRpsvJLtKubm6cJTLa68xtei0YrDD8fxIUA",
43+
expectedOutput: outputObject,
44+
recipeConfig: [
45+
{
46+
op: "JWT Decode",
47+
args: [],
48+
}
49+
],
50+
}
51+
]);

test/tests/operations/JWTSign.mjs

Lines changed: 163 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,163 @@
1+
/**
2+
* JWT Sign tests
3+
*
4+
* @author gchq77703 []
5+
*
6+
* @copyright Crown Copyright 2018
7+
* @license Apache-2.0
8+
*/
9+
import TestRegister from "../../TestRegister";
10+
11+
const inputObject = JSON.stringify({
12+
String: "SomeString",
13+
Number: 42,
14+
iat: 1
15+
});
16+
17+
const hsKey = "secret_cat";
18+
const rsKey = `-----BEGIN RSA PRIVATE KEY-----
19+
MIICWwIBAAKBgQDdlatRjRjogo3WojgGHFHYLugdUWAY9iR3fy4arWNA1KoS8kVw
20+
33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQsHUfQrSDv+MuSUMAe8jzKE4qW
21+
+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5Do2kQ+X5xK9cipRgEKwIDAQAB
22+
AoGAD+onAtVye4ic7VR7V50DF9bOnwRwNXrARcDhq9LWNRrRGElESYYTQ6EbatXS
23+
3MCyjjX2eMhu/aF5YhXBwkppwxg+EOmXeh+MzL7Zh284OuPbkglAaGhV9bb6/5Cp
24+
uGb1esyPbYW+Ty2PC0GSZfIXkXs76jXAu9TOBvD0ybc2YlkCQQDywg2R/7t3Q2OE
25+
2+yo382CLJdrlSLVROWKwb4tb2PjhY4XAwV8d1vy0RenxTB+K5Mu57uVSTHtrMK0
26+
GAtFr833AkEA6avx20OHo61Yela/4k5kQDtjEf1N0LfI+BcWZtxsS3jDM3i1Hp0K
27+
Su5rsCPb8acJo5RO26gGVrfAsDcIXKC+bQJAZZ2XIpsitLyPpuiMOvBbzPavd4gY
28+
6Z8KWrfYzJoI/Q9FuBo6rKwl4BFoToD7WIUS+hpkagwWiz+6zLoX1dbOZwJACmH5
29+
fSSjAkLRi54PKJ8TFUeOP15h9sQzydI8zJU+upvDEKZsZc/UhT/SySDOxQ4G/523
30+
Y0sz/OZtSWcol/UMgQJALesy++GdvoIDLfJX5GBQpuFgFenRiRDabxrE9MNUZ2aP
31+
FaFp+DyAe+b4nDwuJaW2LURbr8AEZga7oQj0uYxcYw==
32+
-----END RSA PRIVATE KEY-----`;
33+
const esKey = `-----BEGIN PRIVATE KEY-----
34+
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2
35+
OF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r
36+
1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G
37+
-----END PRIVATE KEY-----`;
38+
39+
TestRegister.addTests([
40+
{
41+
name: "JSON Sign: HS256",
42+
input: inputObject,
43+
expectedOutput: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.0ha6-j4FwvEIKPVZ-hf3S_R9Hy_UtXzq4dnedXcUrXk",
44+
recipeConfig: [
45+
{
46+
op: "JWT Sign",
47+
args: [hsKey, "HS256"],
48+
}
49+
],
50+
},
51+
{
52+
name: "JSON Sign: HS384",
53+
input: inputObject,
54+
expectedOutput: "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ._bPK-Y3mIACConbJqkGFMQ_L3vbxgKXy9gSxtL9hA5XTganozTSXxD0vX0N1yT5s",
55+
recipeConfig: [
56+
{
57+
op: "JWT Sign",
58+
args: [hsKey, "HS384"],
59+
}
60+
],
61+
},
62+
{
63+
name: "JSON Sign: HS512",
64+
input: inputObject,
65+
expectedOutput: "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.vZIJU4XYMFt3FLE1V_RZOxEetmV4RvxtPZQGzJthK_d47pjwlEb6pQE23YxHFmOj8H5RLEdqqLPw4jNsOyHRzA",
66+
recipeConfig: [
67+
{
68+
op: "JWT Sign",
69+
args: [hsKey, "HS512"],
70+
}
71+
],
72+
},
73+
{
74+
name: "JSON Sign: ES256",
75+
input: inputObject,
76+
expectedOutput: inputObject,
77+
recipeConfig: [
78+
{
79+
op: "JWT Sign",
80+
args: [esKey, "ES256"],
81+
},
82+
{
83+
op: "JWT Decode",
84+
args: []
85+
}
86+
],
87+
},
88+
{
89+
name: "JSON Sign: ES384",
90+
input: inputObject,
91+
expectedOutput: inputObject,
92+
recipeConfig: [
93+
{
94+
op: "JWT Sign",
95+
args: [esKey, "ES384"],
96+
},
97+
{
98+
op: "JWT Decode",
99+
args: []
100+
}
101+
],
102+
},
103+
{
104+
name: "JSON Sign: ES512",
105+
input: inputObject,
106+
expectedOutput: inputObject,
107+
recipeConfig: [
108+
{
109+
op: "JWT Sign",
110+
args: [esKey, "ES512"],
111+
},
112+
{
113+
op: "JWT Decode",
114+
args: []
115+
}
116+
],
117+
},
118+
{
119+
name: "JSON Sign: RS256",
120+
input: inputObject,
121+
expectedOutput: inputObject,
122+
recipeConfig: [
123+
{
124+
op: "JWT Sign",
125+
args: [rsKey, "RS256"],
126+
},
127+
{
128+
op: "JWT Decode",
129+
args: []
130+
}
131+
],
132+
},
133+
{
134+
name: "JSON Sign: RS384",
135+
input: inputObject,
136+
expectedOutput: inputObject,
137+
recipeConfig: [
138+
{
139+
op: "JWT Sign",
140+
args: [rsKey, "RS384"],
141+
},
142+
{
143+
op: "JWT Decode",
144+
args: []
145+
}
146+
],
147+
},
148+
{
149+
name: "JSON Sign: RS512",
150+
input: inputObject,
151+
expectedOutput: inputObject,
152+
recipeConfig: [
153+
{
154+
op: "JWT Sign",
155+
args: [esKey, "RS512"],
156+
},
157+
{
158+
op: "JWT Decode",
159+
args: []
160+
}
161+
],
162+
}
163+
]);

test/tests/operations/JWTVerify.mjs

Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
/**
2+
* JWT Verify tests
3+
*
4+
* @author gchq77703 []
5+
*
6+
* @copyright Crown Copyright 2018
7+
* @license Apache-2.0
8+
*/
9+
import TestRegister from "../../TestRegister";
10+
11+
const outputObject = JSON.stringify({
12+
String: "SomeString",
13+
Number: 42,
14+
iat: 1
15+
});
16+
17+
const invalidAlgorithm = JSON.stringify({
18+
name: "JsonWebTokenError",
19+
message: "invalid algorithm"
20+
});
21+
22+
const hsKey = "secret_cat";
23+
const rsKey = `-----BEGIN RSA PRIVATE KEY-----
24+
MIICWwIBAAKBgQDdlatRjRjogo3WojgGHFHYLugdUWAY9iR3fy4arWNA1KoS8kVw
25+
33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQsHUfQrSDv+MuSUMAe8jzKE4qW
26+
+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5Do2kQ+X5xK9cipRgEKwIDAQAB
27+
AoGAD+onAtVye4ic7VR7V50DF9bOnwRwNXrARcDhq9LWNRrRGElESYYTQ6EbatXS
28+
3MCyjjX2eMhu/aF5YhXBwkppwxg+EOmXeh+MzL7Zh284OuPbkglAaGhV9bb6/5Cp
29+
uGb1esyPbYW+Ty2PC0GSZfIXkXs76jXAu9TOBvD0ybc2YlkCQQDywg2R/7t3Q2OE
30+
2+yo382CLJdrlSLVROWKwb4tb2PjhY4XAwV8d1vy0RenxTB+K5Mu57uVSTHtrMK0
31+
GAtFr833AkEA6avx20OHo61Yela/4k5kQDtjEf1N0LfI+BcWZtxsS3jDM3i1Hp0K
32+
Su5rsCPb8acJo5RO26gGVrfAsDcIXKC+bQJAZZ2XIpsitLyPpuiMOvBbzPavd4gY
33+
6Z8KWrfYzJoI/Q9FuBo6rKwl4BFoToD7WIUS+hpkagwWiz+6zLoX1dbOZwJACmH5
34+
fSSjAkLRi54PKJ8TFUeOP15h9sQzydI8zJU+upvDEKZsZc/UhT/SySDOxQ4G/523
35+
Y0sz/OZtSWcol/UMgQJALesy++GdvoIDLfJX5GBQpuFgFenRiRDabxrE9MNUZ2aP
36+
FaFp+DyAe+b4nDwuJaW2LURbr8AEZga7oQj0uYxcYw==
37+
-----END RSA PRIVATE KEY-----`;
38+
const esKey = `-----BEGIN PRIVATE KEY-----
39+
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2
40+
OF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r
41+
1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G
42+
-----END PRIVATE KEY-----`;
43+
44+
TestRegister.addTests([
45+
{
46+
name: "JSON Verify: HS",
47+
input: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.0ha6-j4FwvEIKPVZ-hf3S_R9Hy_UtXzq4dnedXcUrXk",
48+
expectedOutput: outputObject,
49+
recipeConfig: [
50+
{
51+
op: "JWT Verify",
52+
args: [hsKey],
53+
}
54+
],
55+
},
56+
{
57+
name: "JSON Verify: RS",
58+
input: "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.MjEJhtZk2nXzigi24piMzANmrj3mILHJcDl0xOjl5a8EgdKVL1oaMEjTkMQp5RA8YrqeRBFaX-BGGCKOXn5zPY1DJwWsBUyN9C-wGR2Qye0eogH_3b4M9EW00TPCUPXm2rx8URFj7Wg9VlsmrGzLV2oKkPgkVxuFSxnpO3yjn1Y",
59+
expectedOutput: invalidAlgorithm,
60+
recipeConfig: [
61+
{
62+
op: "JWT Verify",
63+
args: [rsKey],
64+
}
65+
],
66+
},
67+
{
68+
name: "JSON Verify: ES",
69+
input: "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.WkECT51jSfpRkcpQ4x0h5Dwe7CFBI6u6Et2gWp91HC7mpN_qCFadRpsvJLtKubm6cJTLa68xtei0YrDD8fxIUA",
70+
expectedOutput: invalidAlgorithm,
71+
recipeConfig: [
72+
{
73+
op: "JWT Verify",
74+
args: [esKey],
75+
}
76+
],
77+
}
78+
]);

0 commit comments

Comments
 (0)