updated jsvm $security.parse* token helpers to return the payload as plain object

2025-03-18 13:47:47 +02:00 · 2023-12-04 20:46:33 +02:00 · 2023-12-04 20:46:33 +02:00 · 865865fdeb
commit 865865fdeb
parent 5b2575b754
5 changed files with 4086 additions and 4001 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -60,6 +60,9 @@
  _This is arbitrary chosen and may change in the future depending on the users feedback and usage patterns._
  _If you are experiencing OOM errors during large image thumb generations, especially in container environment, you can try defining the `GOMEMLIMIT=500MiB` env variable before starting the executable._

+- Minor JSVM updates and fixes:
+  - updated `$security.parseUnverifiedJWT(token)` and `$security.parseJWT(token, key)` to return the payload result as plain object
+

 ## v0.20.0-rc3

--- a/plugins/jsvm/binds.go
+++ b/plugins/jsvm/binds.go
@ -501,8 +501,12 @@ func securityBinds(vm *goja.Runtime) {
 	obj.Set("pseudorandomStringWithAlphabet", security.PseudorandomStringWithAlphabet)

 	// jwt
-	obj.Set("parseUnverifiedJWT", security.ParseUnverifiedJWT)
-	obj.Set("parseJWT", security.ParseJWT)
+	obj.Set("parseUnverifiedJWT", func(token string) (map[string]any, error) {
+		return security.ParseUnverifiedJWT(token)
+	})
+	obj.Set("parseJWT", func(token string, verificationKey string) (map[string]any, error) {
+		return security.ParseJWT(token, verificationKey)
+	})
 	obj.Set("createJWT", security.NewJWT)

 	// encryption
--- a/plugins/jsvm/binds_test.go
+++ b/plugins/jsvm/binds_test.go
@ -784,40 +784,58 @@ func TestSecurityJWTBinds(t *testing.T) {
 	app, _ := tests.NewTestApp()
 	defer app.Cleanup()

-	vm := goja.New()
-	baseBinds(vm)
-	securityBinds(vm)
-
 	sceneraios := []struct {
-		js       string
-		expected string
+		name string
+		js   string
 	}{
 		{
-			`$security.parseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY")`,
-			`{"name":"John Doe","sub":"1234567890"}`,
+			"$security.parseUnverifiedJWT",
+			`
+				const result = $security.parseUnverifiedJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY")
+				if (result.name != "John Doe") {
+					throw new Error("Expected result.name 'John Doe', got " + result.name)
+				}
+				if (result.sub != "1234567890") {
+					throw new Error("Expected result.sub '1234567890', got " + result.sub)
+				}
+			`,
 		},
 		{
-			`$security.parseJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY", "test")`,
-			`{"name":"John Doe","sub":"1234567890"}`,
+			"$security.parseJWT",
+			`
+				const result = $security.parseJWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0.aXzC7q7z1lX_hxk5P0R368xEU7H1xRwnBQQcLAmG0EY", "test")
+				if (result.name != "John Doe") {
+					throw new Error("Expected result.name 'John Doe', got " + result.name)
+				}
+				if (result.sub != "1234567890") {
+					throw new Error("Expected result.sub '1234567890', got " + result.sub)
+				}
+			`,
 		},
 		{
-			`$security.createJWT({"exp": 123}, "test", 0)`, // overwrite the exp claim for static token
-			`"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEyM30.7gbv7w672gApdBRASI6OniCtKwkKjhieSxsr6vxSrtw"`,
+			"$security.createJWT",
+			`
+				// overwrite the exp claim for static token
+				const result = $security.createJWT({"exp": 123}, "test", 0)
+
+				const expected = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEyM30.7gbv7w672gApdBRASI6OniCtKwkKjhieSxsr6vxSrtw";
+				if (result != expected) {
+					throw new Error("Expected token \n" + expected + ", got \n" + result)
+				}
+			`,
 		},
 	}

 	for _, s := range sceneraios {
-		t.Run(s.js, func(t *testing.T) {
-			result, err := vm.RunString(s.js)
+		t.Run(s.name, func(t *testing.T) {
+			vm := goja.New()
+			baseBinds(vm)
+			securityBinds(vm)
+
+			_, err := vm.RunString(s.js)
 			if err != nil {
 				t.Fatalf("Failed to execute js script, got %v", err)
 			}
-
-			raw, _ := json.Marshal(result.Export())
-
-			if string(raw) != s.expected {
-				t.Fatalf("Expected \n%s, \ngot \n%s", s.expected, raw)
-			}
 		})
 	}
 }
--- a/plugins/jsvm/internal/types/generated/types.d.ts
+++ b/plugins/jsvm/internal/types/generated/types.d.ts
--- a/plugins/jsvm/internal/types/types.go
+++ b/plugins/jsvm/internal/types/types.go
@ -590,9 +590,6 @@ declare namespace $security {
  let randomStringWithAlphabet:       security.randomStringWithAlphabet
  let pseudorandomString:             security.pseudorandomString
  let pseudorandomStringWithAlphabet: security.pseudorandomStringWithAlphabet
-  let parseUnverifiedJWT:             security.parseUnverifiedJWT
-  let parseJWT:                       security.parseJWT
-  let createJWT:                      security.newJWT
  let encrypt:                        security.encrypt
  let decrypt:                        security.decrypt
  let hs256:                          security.hs256
@ -601,6 +598,17 @@ declare namespace $security {
  let md5:                            security.md5
  let sha256:                         security.sha256
  let sha512:                         security.sha512
+  let createJWT:                      security.newJWT
+
+  /**
+   * {@inheritDoc security.parseUnverifiedJWT}
+   */
+  export function parseUnverifiedJWT(token: string): _TygojaDict
+
+  /**
+   * {@inheritDoc security.parseJWT}
+   */
+  export function parseJWT(token: string, verificationKey: string): _TygojaDict
 }

 // -------------------------------------------------------------------