CyberChef/src/core/operations/JWTVerify.mjs

/**
 * @author gchq77703 []
 * @copyright Crown Copyright 2018
 * @license Apache-2.0
 */

import Operation from "../Operation";
import jwt from "jsonwebtoken";
import OperationError from "../errors/OperationError";

/**
 * JWT Verify operation
 */
class JWTVerify extends Operation {

    /**
     * JWTVerify constructor
     */
    constructor() {
        super();

        this.name = "JWT Verify";
        this.module = "Crypto";
        this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";
        this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";
        this.inputType = "string";
        this.outputType = "JSON";
        this.args = [
            {
                name: "Private/Secret Key",
                type: "text",
                value: "secret"
            },
        ];
    }

    /**
     * @param {string} input
     * @param {Object[]} args
     * @returns {string}
     */
    run(input, args) {
        const [key] = args;

        try {
            const verified = jwt.verify(input, key, { algorithms: [
                "HS256",
                "HS384",
                "HS512",
                "none"
            ]});

            if (verified.hasOwnProperty("name") && verified.name === "JsonWebTokenError") {
                throw new OperationError(verified.message);
            }

            return verified;
        } catch (err) {
            throw new OperationError(err);
        }
    }

}

export default JWTVerify;
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00			`/**`
			`* @author gchq77703 []`
			`* @copyright Crown Copyright 2018`
			`* @license Apache-2.0`
			`*/`

			`import Operation from "../Operation";`
			`import jwt from "jsonwebtoken";`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`import OperationError from "../errors/OperationError";`
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00
			`/**`
			`* JWT Verify operation`
			`*/`
			`class JWTVerify extends Operation {`

			`/**`
			`* JWTVerify constructor`
			`*/`
			`constructor() {`
			`super();`

			`this.name = "JWT Verify";`
			`this.module = "Crypto";`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`this.description = "Verifies that a JSON Web Token is valid and has been signed with the provided secret / private key.<br><br>The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.";`
			`this.infoURL = "https://wikipedia.org/wiki/JSON_Web_Token";`
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00			`this.inputType = "string";`
			`this.outputType = "JSON";`
			`this.args = [`
			`{`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`name: "Private/Secret Key",`
Implement tests, fix options argument 2018-08-29 22:43:10 +01:00			`type: "text",`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`value: "secret"`
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00			`},`
			`];`
			`}`

			`/**`
			`* @param {string} input`
			`* @param {Object[]} args`
			`* @returns {string}`
			`*/`
			`run(input, args) {`
			`const [key] = args;`

			`try {`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`const verified = jwt.verify(input, key, { algorithms: [`
Implement tests, fix options argument 2018-08-29 22:43:10 +01:00			`"HS256",`
			`"HS384",`
			`"HS512",`
			`"none"`
			`]});`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00
			`if (verified.hasOwnProperty("name") && verified.name === "JsonWebTokenError") {`
			`throw new OperationError(verified.message);`
			`}`

			`return verified;`
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00			`} catch (err) {`
Tidied up JWT operations 2018-08-31 13:58:06 +00:00			`throw new OperationError(err);`
Add JWT Verify, Decode and Sign 2018-08-26 23:16:13 +01:00			`}`
			`}`

			`}`

			`export default JWTVerify;`