mirror of
https://github.com/pocketbase/pocketbase.git
synced 2025-03-18 21:57:50 +02:00
updated jsvm $security.parse* token helpers to return the payload as plain object
This commit is contained in:
parent
5b2575b754
commit
865865fdeb
@ -60,6 +60,9 @@
|
||||
_This is arbitrary chosen and may change in the future depending on the users feedback and usage patterns._
|
||||
_If you are experiencing OOM errors during large image thumb generations, especially in container environment, you can try defining the `GOMEMLIMIT=500MiB` env variable before starting the executable._
|
||||
|
||||
- Minor JSVM updates and fixes:
|
||||
- updated `$security.parseUnverifiedJWT(token)` and `$security.parseJWT(token, key)` to return the payload result as plain object
|
||||
|
||||
|
||||
## v0.20.0-rc3
|
||||
|
||||
|
@ -501,8 +501,12 @@ func securityBinds(vm *goja.Runtime) {
|
||||
obj.Set("pseudorandomStringWithAlphabet", security.PseudorandomStringWithAlphabet)
|
||||
|
||||
// jwt
|
||||
obj.Set("parseUnverifiedJWT", security.ParseUnverifiedJWT)
|
||||
obj.Set("parseJWT", security.ParseJWT)
|
||||
obj.Set("parseUnverifiedJWT", func(token string) (map[string]any, error) {
|
||||
return security.ParseUnverifiedJWT(token)
|
||||
})
|
||||
obj.Set("parseJWT", func(token string, verificationKey string) (map[string]any, error) {
|
||||
return security.ParseJWT(token, verificationKey)
|
||||
})
|
||||
obj.Set("createJWT", security.NewJWT)
|
||||
|
||||
// encryption
|
||||
|
@ -784,40 +784,58 @@ func TestSecurityJWTBinds(t *testing.T) {
|
||||
app, _ := tests.NewTestApp()
|
||||
defer app.Cleanup()
|
||||
|
||||
vm := goja.New()
|
||||
baseBinds(vm)
|
||||
securityBinds(vm)
|
||||
|
||||
sceneraios := []struct {
|
||||
js string
|
||||
expected string
|
||||
name string
|
||||
js string
|
||||
}{
|
||||
{
|
||||
`$security.parseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY")`,
|
||||
`{"name":"John Doe","sub":"1234567890"}`,
|
||||
"$security.parseUnverifiedJWT",
|
||||
`
|
||||
const result = $security.parseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY")
|
||||
if (result.name != "John Doe") {
|
||||
throw new Error("Expected result.name 'John Doe', got " + result.name)
|
||||
}
|
||||
if (result.sub != "1234567890") {
|
||||
throw new Error("Expected result.sub '1234567890', got " + result.sub)
|
||||
}
|
||||
`,
|
||||
},
|
||||
{
|
||||
`$security.parseJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY", "test")`,
|
||||
`{"name":"John Doe","sub":"1234567890"}`,
|
||||
"$security.parseJWT",
|
||||
`
|
||||
const result = $security.parseJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY", "test")
|
||||
if (result.name != "John Doe") {
|
||||
throw new Error("Expected result.name 'John Doe', got " + result.name)
|
||||
}
|
||||
if (result.sub != "1234567890") {
|
||||
throw new Error("Expected result.sub '1234567890', got " + result.sub)
|
||||
}
|
||||
`,
|
||||
},
|
||||
{
|
||||
`$security.createJWT({"exp": 123}, "test", 0)`, // overwrite the exp claim for static token
|
||||
`"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEyM30.7gbv7w672gApdBRASI6OniCtKwkKjhieSxsr6vxSrtw"`,
|
||||
"$security.createJWT",
|
||||
`
|
||||
// overwrite the exp claim for static token
|
||||
const result = $security.createJWT({"exp": 123}, "test", 0)
|
||||
|
||||
const expected = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEyM30.7gbv7w672gApdBRASI6OniCtKwkKjhieSxsr6vxSrtw";
|
||||
if (result != expected) {
|
||||
throw new Error("Expected token \n" + expected + ", got \n" + result)
|
||||
}
|
||||
`,
|
||||
},
|
||||
}
|
||||
|
||||
for _, s := range sceneraios {
|
||||
t.Run(s.js, func(t *testing.T) {
|
||||
result, err := vm.RunString(s.js)
|
||||
t.Run(s.name, func(t *testing.T) {
|
||||
vm := goja.New()
|
||||
baseBinds(vm)
|
||||
securityBinds(vm)
|
||||
|
||||
_, err := vm.RunString(s.js)
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to execute js script, got %v", err)
|
||||
}
|
||||
|
||||
raw, _ := json.Marshal(result.Export())
|
||||
|
||||
if string(raw) != s.expected {
|
||||
t.Fatalf("Expected \n%s, \ngot \n%s", s.expected, raw)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
8004
plugins/jsvm/internal/types/generated/types.d.ts
vendored
8004
plugins/jsvm/internal/types/generated/types.d.ts
vendored
File diff suppressed because it is too large
Load Diff
@ -590,9 +590,6 @@ declare namespace $security {
|
||||
let randomStringWithAlphabet: security.randomStringWithAlphabet
|
||||
let pseudorandomString: security.pseudorandomString
|
||||
let pseudorandomStringWithAlphabet: security.pseudorandomStringWithAlphabet
|
||||
let parseUnverifiedJWT: security.parseUnverifiedJWT
|
||||
let parseJWT: security.parseJWT
|
||||
let createJWT: security.newJWT
|
||||
let encrypt: security.encrypt
|
||||
let decrypt: security.decrypt
|
||||
let hs256: security.hs256
|
||||
@ -601,6 +598,17 @@ declare namespace $security {
|
||||
let md5: security.md5
|
||||
let sha256: security.sha256
|
||||
let sha512: security.sha512
|
||||
let createJWT: security.newJWT
|
||||
|
||||
/**
|
||||
* {@inheritDoc security.parseUnverifiedJWT}
|
||||
*/
|
||||
export function parseUnverifiedJWT(token: string): _TygojaDict
|
||||
|
||||
/**
|
||||
* {@inheritDoc security.parseJWT}
|
||||
*/
|
||||
export function parseJWT(token: string, verificationKey: string): _TygojaDict
|
||||
}
|
||||
|
||||
// -------------------------------------------------------------------
|
||||
|
Loading…
x
Reference in New Issue
Block a user