admin/ota-admin-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add role checks (#21)

Browse Source 
* Add role checks

* Remove moved Roles enum
This commit is contained in:
John Wu
2021-03-22 11:29:35 -07:00
committed by GitHub
parent 03de4f5826
commit aea873e920
19 changed files with 1305 additions and 893 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/utils/jwt.js Normal file
View File

@@ -0,0 +1,14 @@
export const parsePayload = (token) => {
if (!token) return null;
const parts = token.split(".");
if (parts.length < 2) return null;
return JSON.parse(decode(parts[1]));
};
export const decode = (payload) => {
const l = (payload.length % 4);
if (l > 0) {
payload += "=".repeat(4 - l);
}
return atob(payload);
};

15
src/utils/jwt.test.js Normal file
View File

@@ -0,0 +1,15 @@
import { parsePayload } from "./jwt";
import { TEST_TOKEN } from "./testing";
describe("JWT Helper", () => {
it("Should decode", () => {
const start = Date.now()
const v = parsePayload(TEST_TOKEN);
const diff = Date.now() - start;
expect(diff < 2).toBeTruthy();
expect(typeof v).toEqual("object");
expect(v.exp).toBeTruthy();
});
});

35
src/utils/roles.js Normal file
View File

@@ -0,0 +1,35 @@
import { parsePayload } from "./jwt";
export const Roles = {
CREATE: "efcc3025-e2d8-4212-8227-805c7be39d2c",
READ: "a729bbd4-2038-4649-9127-16782bb1e701",
}
export const hasRoleToken = (roles, token) => {
if (!roles || roles.length === 0) return true;
const groups = getGroups(token);
if (!groups) return false;
return hasRole(roles, groups);
}
export const getGroups = (token) => {
const payload = parsePayload(token);
if (!payload || !payload["custom:groups"]) return null;
return payload["custom:groups"];
}
export const hasRole = (roles, groups) => {
if (!roles || roles.length === 0) return true;
if (!groups) return false;
for (let role of roles) {
if (groups.indexOf(role) > -1) return true;
}
return false;
}

10
src/utils/roles.test.js Normal file
View File

@@ -0,0 +1,10 @@
import { hasRoleToken, Roles } from "./roles";
import { TEST_TOKEN } from "./testing";
describe("Roles Helper", () => {
it("Check roles", () => {
expect(hasRoleToken([Roles.CREATE], TEST_TOKEN)).toEqual(true);
expect(hasRoleToken([Roles.READ], TEST_TOKEN)).toEqual(false);
})
});

8
src/utils/testing.js Normal file
View File

@@ -0,0 +1,8 @@
export const TEST_TOKEN = "eyJraWQiOiJlUTNuZFJLaUVcL084VUZ5RHFsYjN0S1RzWG00SzVPMlc4NXd3VWkzT2tNZz0iLCJhbGciOiJSUzI1NiJ9.eyJhdF9oYXNoIjoiOUlyV2RLaUxJU0FZUnFha1F2b2xmZyIsInN1YiI6IjJiMDk1NTY2LTllNDYtNGQ4ZS1iMTA5LTI0MTM1ZGYyMmVlNiIsImNvZ25pdG86Z3JvdXBzIjpbInVzLXdlc3QtMl9BV3dqTFh5bTJfQXp1cmVBRCJdLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC51cy13ZXN0LTIuYW1hem9uYXdzLmNvbVwvdXMtd2VzdC0yX0FXd2pMWHltMiIsImNvZ25pdG86dXNlcm5hbWUiOiJhenVyZWFkX2p3dUBmaXNrZXJpbmMuY29tIiwiZ2l2ZW5fbmFtZSI6IkpvaG4iLCJjdXN0b206Z3JvdXBzIjoiWzhkODI3OGE1LTljMGUtNGM3Zi05MThhLTgxMWZkMWQyMzZlNCwgNmMzY2Y5OGQtMGFkYS00OGM2LWFlOTQtYjE3MWNmYTI3NWZjLCA1NmVmNGJlYy1kNzM5LTRkZGYtYTAwMy1lY2M4MTMwODViOGQsIGVmY2MzMDI1LWUyZDgtNDIxMi04MjI3LTgwNWM3YmUzOWQyYywgNTUxNWE5OGYtNDY2OC00MTIxLThlOGQtZmVlMjgyNTY5OWNmLCA4Njk1NmEyZi04ZDQ2LTQ3ZmYtOWIyOS1mOTkwNzlhZTNjMWQsIGM0ZDQzNjFjLTg4ODItNDdiNC04NjQxLWZkM2FiNjhhZTcyMiwgN2JjZGNkYjItMzI3OS00NGJmLWE5OTgtNzcxYmFiNGIzM2UxXSIsImF1ZCI6IjdjazJ0Zm9xYXZjNzJjNDVoaDd0Z2U0MmtkIiwiY3VzdG9tOnNlc3Npb24tZHVyYXRpb24iOiI5MDAiLCJpZGVudGl0aWVzIjpbeyJ1c2VySWQiOiJqd3VAZmlza2VyaW5jLmNvbSIsInByb3ZpZGVyTmFtZSI6IkF6dXJlQUQiLCJwcm92aWRlclR5cGUiOiJTQU1MIiwiaXNzdWVyIjoiaHR0cHM6XC9cL3N0cy53aW5kb3dzLm5ldFwvNWFhNGI2NDAtYzlmYy00YTliLWIzYTMtZDRhN2QwMDhmYjVlXC8iLCJwcmltYXJ5IjoidHJ1ZSIsImRhdGVDcmVhdGVkIjoiMTYxNDM2NDk3NDU4NSJ9XSwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE2MTU4MjEzMDksImV4cCI6MTYxNTkyNzM0OSwiaWF0IjoxNjE1OTIzNzUwLCJmYW1pbHlfbmFtZSI6Ild1IiwiZW1haWwiOiJqd3VAZmlza2VyaW5jLmNvbSJ9.R3k-YGK0MrUdW030Xj2WxM7mdsm1tlobeDq3YRMIKMtdkJsf5qjwM_wqVPbErH-8OrFLW7YIPuMo2Rh5PCGvg4I6kL-tWfDOY4o5b5r_VdiifXov0be_ukdt5pZblhgg0dYSLmFaFZsxNjEng8-obl_FnWp6VtG1lnRGwORY3pFe88W7OM3zLMC0g-otfAEQ2KSOaV9bfUoRAaZaGlHe8ooIQx8Qoer9qYsnymK0Sk7jSZKwhtFsziSarhreHmBkCLaWBHDjc9PQDtBvO8wg1KMKmM-6oewA0xTKPtsuHxnvtVANYaR7Nqp9cbF940YRf2IK5FB7KWFtcR7Y6igLXw";
export const TEST_AUTH_OBJECT = {
idToken: {
jwtToken: TEST_TOKEN,
},
};
export const TEST_EXPECTED_GROUPS =
"[8d8278a5-9c0e-4c7f-918a-811fd1d236e4, 6c3cf98d-0ada-48c6-ae94-b171cfa275fc, 56ef4bec-d739-4ddf-a003-ecc813085b8d, efcc3025-e2d8-4212-8227-805c7be39d2c, 5515a98f-4668-4121-8e8d-fee2825699cf, 86956a2f-8d46-47ff-9b29-f99079ae3c1d, c4d4361c-8882-47b4-8641-fd3ab68ae722, 7bcdcdb2-3279-44bf-a998-771bab4b33e1]";