Add new Algorithm select. Add logging.

luckymarmot · Jul 19, 2017 · dda6e2a · dda6e2a
1 parent f50d9c5
commit dda6e2a
Showing 1 changed file with 41 additions and 12 deletions.
diff --git a/src/JsonWebTokenDynamicValue.js b/src/JsonWebTokenDynamicValue.js
@@ -1,43 +1,72 @@
 import jsrsasign from 'jsrsasign';
 
+// list from
+// https://kjur.github.io/jsrsasign/api/symbols/KJUR.jws.JWS.html#.sign
+const SUPPORTED_ALGS = [
+  'HS256',
+  'HS384',
+  'HS512',
+  'RS256',
+  'RS384',
+  'RS512',
+  'ES256',
+  'ES384',
+  'ES512',
+  'PS256',
+  'PS384',
+  'PS512'
+]
+let ALGS_CHOICES = {}
+SUPPORTED_ALGS.forEach(alg => {
+  ALGS_CHOICES[alg] = alg
+})
+
 @registerDynamicValueClass
 class JsonWebTokenDynamicValue {
   static identifier = 'de.choffmeister.PawExtensions.JsonWebTokenDynamicValue';
-  static title = 'Json Web Token';
-  static help = 'https://github.com/choffmeister/Paw-JsonWebTokenDynamicValue';
-
+  static title = 'Json Web Token (JWT)';
+  static help = 'https://github.com/luckymarmot/Paw-JsonWebTokenDynamicValue';
   static inputs = [
-    InputField('header', 'Header', 'JSON', {persisted: true, defaultValue: '{"typ": "JWT", "alg": "HS256"}'}),
-    DynamicValueInput('payload', 'Payload', 'JSON'),
-    DynamicValueInput('addTimeFields', 'Add Time Fields (iat & exp)', 'Checkbox', {defaultValue: true}),
-    DynamicValueInput('signatureSecret', 'Secret', 'SecureValue'),
-    DynamicValueInput('signatureSecretIsBase64', 'Secret is Base64', 'Checkbox')
+    InputField('alg', 'Algorithm', 'Select', {choices: ALGS_CHOICES, defaultValue: 'HS256'}),
+    InputField('header', 'Header', 'JSON', {defaultValue: '{}'}),
+    InputField('payload', 'Payload', 'JSON'),
+    InputField('addTimeFields', 'Add Time Fields (iat & exp)', 'Checkbox', {defaultValue: true}),
+    InputField('signatureSecret', 'Secret', 'SecureValue'),
+    InputField('signatureSecretIsBase64', 'Secret is Base64', 'Checkbox')
   ];
 
+  title() {
+    return 'JSON Web Token'
+  }
+
   evaluate() {
     const now = Math.floor((new Date()).getTime() / 1000);
-
     const header = {
       typ: "JWT",
       alg: "HS256",
       ...this.header
     }
+
     let payload
     if(this.addTimeFields) {
       payload = {
         iat: now,
         exp: now + 60,
         ...this.payload,
       }
-    } 
-    else {
-      payload = this.payload
+    } else {
+      payload = { ...this.payload }
     }
 
     const secret = this.signatureSecretIsBase64
       ? {b64: jsrsasign.b64utob64(this.signatureSecret)}
       : {rstr: this.signatureSecret};
 
+    console.log(`Sign JWT: Header: ${JSON.stringify(header)} Payload: ${JSON.stringify(payload)}`)
+    if (SUPPORTED_ALGS.indexOf(header.alg) < 0) {
+      console.error(`Unsupported algorithm '${header.alg}' (supports ${SUPPORTED_ALGS.join(', ')})`)
+    }
+
     return jsrsasign.jws.JWS.sign(null, header, payload, secret);
   }
 }