Mirrors/CyberChef
2
0
Fork 0
mirror of https://github.com/gchq/CyberChef synced 2025-01-12 04:28:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add 'header' ingredient to JWT Sign operation

Browse source 
Expose the 'header' option of the jsonwebtoken module [1] as an ingredient.
This allows for adding and overwriting JWT header fields such as 'type' or 'kid'.

[1]: https://github.com/auth0/node-jsonwebtoken?tab=readme-ov-file#usage
This commit is contained in:
Merlin Beutlberger 2025-01-04 18:15:10 +01:00
parent 3822c6c520
commit 71c8c8aac0
2 changed files with 28 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/core/operations/JWTSign.mjs
View file

@ -36,6 +36,11 @@ class JWTSign extends Operation {
name: "Signing algorithm", name: "Signing algorithm",
type: "option", type: "option",
value: JWT_ALGORITHMS value: JWT_ALGORITHMS
},
{
name: "Header",
type: "text",
value: "{}"
} }
]; ];
} }
@ -46,11 +51,12 @@ class JWTSign extends Operation {
* @returns {string} * @returns {string}
*/ */
run(input, args) { run(input, args) {
const [key, algorithm] = args; const [key, algorithm, header] = args;
try { try {
return jwt.sign(input, key, { return jwt.sign(input, key, {
algorithm: algorithm === "None" ? "none" : algorithm algorithm: algorithm === "None" ? "none" : algorithm,
header: JSON.parse(header || "{}")
}); });
} catch (err) { } catch (err) {
throw new OperationError(`Error: Have you entered the key correctly? The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA. throw new OperationError(`Error: Have you entered the key correctly? The key should be either the secret for HMAC algorithms or the PEM-encoded private key for RSA and ECDSA.

29
tests/operations/tests/JWTSign.mjs
View file

@ -44,7 +44,18 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [hsKey, "HS256"], args: [hsKey, "HS256", "{}"],
}
],
},
{
name: "JWT Sign: HS256 with custom header",
input: inputObject,
expectedOutput: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImN1c3RvbS5rZXkifQ.eyJTdHJpbmciOiJTb21lU3RyaW5nIiwiTnVtYmVyIjo0MiwiaWF0IjoxfQ.kXln8btJburfRlND8IDZAQ8NZGFFZhvHyooHa6N9za8",
recipeConfig: [
{
op: "JWT Sign",
args: [hsKey, "HS256", `{"kid":"custom.key"}`],
} }
], ],
}, },
@ -55,7 +66,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [hsKey, "HS384"], args: [hsKey, "HS384", "{}"],
} }
], ],
}, },
@ -66,7 +77,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [hsKey, "HS512"], args: [hsKey, "HS512", "{}"],
} }
], ],
}, },
@ -77,7 +88,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [esKey, "ES256"], args: [esKey, "ES256", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",
@ -92,7 +103,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [esKey, "ES384"], args: [esKey, "ES384", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",
@ -107,7 +118,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [esKey, "ES512"], args: [esKey, "ES512", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",
@ -122,7 +133,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [rsKey, "RS256"], args: [rsKey, "RS256", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",
@ -137,7 +148,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [rsKey, "RS384"], args: [rsKey, "RS384", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",
@ -152,7 +163,7 @@ TestRegister.addTests([
recipeConfig: [ recipeConfig: [
{ {
op: "JWT Sign", op: "JWT Sign",
args: [esKey, "RS512"], args: [esKey, "RS512", "{}"],
}, },
{ {
op: "JWT Decode", op: "JWT Decode",