Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Commit

Permalink
fix lint error
Browse files Browse the repository at this point in the history
  • Loading branch information
@kg0r0
kg0r0 committed Jul 11, 2019
1 parent cdac8bf commit 3c55b1f
Show file tree
Hide file tree
Showing 5 changed files with 79 additions and 88 deletions.
9 changes: 2 additions & 7 deletions src/assertion.ts
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
import { Request } from "express";
import {
isBase64UrlEncoded,
randomBase64URLBuffer,
preFormatAssertionResultReq,
isRequestBody,
assertionResultReqValidator,
assertionClientDataJSONValidator,
Fido2MiddleWareConfig,
Expand Down Expand Up @@ -51,7 +49,7 @@ function findAuthr(credID: String, authenticators: AuthrInfo[]) {
*/
export async function assertionOptions(req: Request) {
if (!req.body || !req.body.username)
throw new Error("Request missing username field!")
throw new Error("Request missing username field!");

const cacheData = await cache.getAsync(req.body.username);
const authenticators = cacheData ? cacheData.authenticators : [];
Expand Down Expand Up @@ -96,10 +94,7 @@ export async function assertionResult(req: Request) {
base64url.decode(req.body.response.clientDataJSON)
);

assertionClientDataJSONValidator(
req,
clientData
);
assertionClientDataJSONValidator(req, clientData);

let authenticators;
if (req.session) {
Expand Down
6 changes: 2 additions & 4 deletions src/attestation.ts
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
import { Request } from "express";
import {
isBase64UrlEncoded,
randomBase64URLBuffer,
preFormatAttestationResultReq,
isRequestBody,
Fido2MiddleWareConfig,
AuthrInfo,
attestationResultReqValidator
Expand Down Expand Up @@ -52,7 +50,7 @@ interface AttestationExpected {
*/
export async function attestationOptions(req: Request) {
if (!req.body || !req.body.username || !req.body.displayName)
throw new Error("Request missing display name or username field!")
throw new Error("Request missing display name or username field!");

let excludeCredentials;
if (!fido2MiddlewareConfig.db) {
Expand Down Expand Up @@ -113,7 +111,7 @@ export async function attestationOptions(req: Request) {
* @returns {undefined}
*/
export async function attestationResult(req: Request) {
attestationResultReqValidator(req.body)
attestationResultReqValidator(req.body);
const fido2Lib = new fido2lib.Fido2Lib();
const expected: AttestationExpected = {
challenge: req.session ? req.session.challenge : "",
Expand Down
56 changes: 31 additions & 25 deletions src/util.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,61 +147,67 @@ export function preFormatAssertionResultReq(
export function assertionClientDataJSONValidator(
req: Request,
clientDataJSON: ClientDataJSON
):boolean {
): boolean {
if (req.session && clientDataJSON.challenge !== req.session.challenge)
throw new Error("Challenges don't match!")
throw new Error("Challenges don't match!");

if (clientDataJSON.origin !== fido2MiddlewareConfig.origin)
throw new Error("Origins don't match!")
if (clientDataJSON.origin !== fido2MiddlewareConfig.origin)
throw new Error("Origins don't match!");

if (clientDataJSON.type !== "webauthn.get")
throw new Error("Type don't match!")
throw new Error("Type don't match!");

if (clientDataJSON.tokenBinding)
throw new Error("Token Binding don`t support!")
throw new Error("Token Binding don`t support!");

return true;
}

export function attestationResultReqValidator(body: any): boolean {
if (!(body != null && isRequestBody(body)))
throw new Error("Response missing one or more of id/rawId/response/type fields")
throw new Error(
"Response missing one or more of id/rawId/response/type fields"
);

if (body.type !== "public-key")
throw new Error("type is not public-key!")
if (body.type !== "public-key") throw new Error("type is not public-key!");

if (!isBase64UrlEncoded(body.id))
throw new Error("Invalid id!")
if (!isBase64UrlEncoded(body.id)) throw new Error("Invalid id!");

return true;
}

/**
*
* @param body
*
* @param body
* @returns {boolean}
*/
export function assertionResultReqValidator(body: any): boolean {
if (!(body != null && isRequestBody(body)))
throw new Error("Response missing one or more of id/rawId/response/type fields")
throw new Error(
"Response missing one or more of id/rawId/response/type fields"
);

if (body.type !== "public-key")
throw new Error("type is not public-key!")
if (body.type !== "public-key") throw new Error("type is not public-key!");

if (!isBase64UrlEncoded(body.id))
throw new Error("Invalid id!")
if (!isBase64UrlEncoded(body.id)) throw new Error("Invalid id!");

if (!body.response.authenticatorData || typeof body.response.authenticatorData !== "string")
throw new Error("AuthenticatorData is missing")
if (
!body.response.authenticatorData ||
typeof body.response.authenticatorData !== "string"
)
throw new Error("AuthenticatorData is missing");

if (!isBase64UrlEncoded(body.response.authenticatorData))
throw new Error("AuthenticatorData is not base64url encoded")
throw new Error("AuthenticatorData is not base64url encoded");

if (body.response.userHandle && typeof body.response.userHandle !== "string")
throw new Error("userHandle is not of type DOMString")
throw new Error("userHandle is not of type DOMString");

if (typeof body.response.signature !== "string" || !isBase64UrlEncoded(body.response.signature))
throw new Error("Signature is not base64url encoded")
if (
typeof body.response.signature !== "string" ||
!isBase64UrlEncoded(body.response.signature)
)
throw new Error("Signature is not base64url encoded");

return true;
}
}
4 changes: 3 additions & 1 deletion test/attestation.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@ describe("attestationOptions()", () => {
try {
await attestationOptions(requestMock);
} catch (e) {
expect(e.message).to.equal("Request missing display name or username field!");
expect(e.message).to.equal(
"Request missing display name or username field!"
);
}
});
});
92 changes: 41 additions & 51 deletions test/util.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,10 +118,7 @@ describe("preformatAssertionResultReq()", () => {
tokenBinding: ""
};
try {
assertionClientDataJSONValidator(
requestMock,
clinetDataJSON
);
assertionClientDataJSONValidator(requestMock, clinetDataJSON);
} catch (e) {
expect(e.message).to.equal("Challenges don't match!");
}
Expand All @@ -135,10 +132,7 @@ describe("preformatAssertionResultReq()", () => {
tokenBinding: ""
};
try {
assertionClientDataJSONValidator(
requestMock,
clinetDataJSON
);
assertionClientDataJSONValidator(requestMock, clinetDataJSON);
} catch (e) {
expect(e.message).to.equal("Origins don't match!");
}
Expand All @@ -152,10 +146,7 @@ describe("preformatAssertionResultReq()", () => {
tokenBinding: ""
};
try {
assertionClientDataJSONValidator(
requestMock,
clinetDataJSON
);
assertionClientDataJSONValidator(requestMock, clinetDataJSON);
} catch (e) {
expect(e.message).to.equal("Type don't match!");
}
Expand All @@ -169,10 +160,7 @@ describe("preformatAssertionResultReq()", () => {
tokenBinding: "tokenBinding"
};
try {
assertionClientDataJSONValidator(
requestMock,
clinetDataJSON
);
assertionClientDataJSONValidator(requestMock, clinetDataJSON);
} catch (e) {
expect(e.message).to.equal("Token Binding don`t support!");
}
Expand All @@ -187,17 +175,19 @@ describe("preformatAssertionResultReq()", () => {
response: {},
type: "public-key"
};
expect(attestationResultReqValidator(body)).to.equal(true)
})
expect(attestationResultReqValidator(body)).to.equal(true);
});

it("should return 'Response missing one or more of id/rawId/response/type fields'", () => {
const body = {};
try {
attestationResultReqValidator(body);
} catch(e) {
expect(e.message).to.equal("Response missing one or more of id/rawId/response/type fields");
} catch (e) {
expect(e.message).to.equal(
"Response missing one or more of id/rawId/response/type fields"
);
}
})
});

it("should return 'type is not public-key!'", () => {
const body = {
Expand All @@ -207,11 +197,11 @@ describe("preformatAssertionResultReq()", () => {
type: "type"
};
try {
attestationResultReqValidator(body)
attestationResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("type is not public-key!");
}
})
});

it("should return 'Invalid id!'", () => {
const body = {
Expand All @@ -221,15 +211,12 @@ describe("preformatAssertionResultReq()", () => {
type: "public-key"
};
try {
attestationResultReqValidator(body)
attestationResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("Invalid id!");
}
})



})
});
});

describe("assertionResultReqValidator()", () => {
it("should return true", () => {
Expand All @@ -243,17 +230,19 @@ describe("preformatAssertionResultReq()", () => {
},
type: "public-key"
};
expect(assertionResultReqValidator(body)).to.equal(true);
})
expect(assertionResultReqValidator(body)).to.equal(true);
});

it("should return 'Response missing one or more of id/rawId/response/type fields'", () => {
const body = {}
const body = {};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("Response missing one or more of id/rawId/response/type fields");
expect(e.message).to.equal(
"Response missing one or more of id/rawId/response/type fields"
);
}
})
});

it("should return 'type is not public-key!'", () => {
const body = {
Expand All @@ -263,11 +252,11 @@ describe("preformatAssertionResultReq()", () => {
type: "type"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("type is not public-key!");
}
})
});

it("should return 'Invalid id!'", () => {
const body = {
Expand All @@ -277,11 +266,11 @@ describe("preformatAssertionResultReq()", () => {
type: "public-key"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("Invalid id!");
}
})
});

it("should return 'AuthenticatorData is missing'", () => {
const body = {
Expand All @@ -291,11 +280,11 @@ describe("preformatAssertionResultReq()", () => {
type: "public-key"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("AuthenticatorData is missing");
}
})
});

it("should return 'AuthenticatorData is not base64url encoded'", () => {
const body = {
Expand All @@ -307,28 +296,30 @@ describe("preformatAssertionResultReq()", () => {
type: "public-key"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("AuthenticatorData is not base64url encoded");
expect(e.message).to.equal(
"AuthenticatorData is not base64url encoded"
);
}
})
});

it("should return 'userHandle is not of type DOMString'", () => {
const body = {
id: "id",
rawId: "rawId",
response: {
authenticatorData: "authenticatorData",
userHandle: 100,
userHandle: 100
},
type: "public-key"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("userHandle is not of type DOMString");
}
})
});

it("should return 'Signature is not base64url encoded'", () => {
const body = {
Expand All @@ -342,11 +333,10 @@ describe("preformatAssertionResultReq()", () => {
type: "public-key"
};
try {
assertionResultReqValidator(body)
assertionResultReqValidator(body);
} catch (e) {
expect(e.message).to.equal("Signature is not base64url encoded");
}
})

})
});
});
});

0 comments on commit 3c55b1f

Please sign in to comment.