forked from bugjam/jwt-inspector
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjwt-panel.js
77 lines (68 loc) · 2.26 KB
/
jwt-panel.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
function bearer_token(h) {
return h && h.name == "Authorization" && h.value && h.value.startsWith("Bearer ") ? h.value.substring(7) : null;
}
function isObject(obj) {
var type = typeof obj;
return type === 'function' || type === 'object' && !!obj;
}
const ts_claims = ["exp","iat","nbf"];
function renderClaims(claims) {
var dl = document.createElement("dl");
for(var c in claims) {
var dt = document.createElement("dt");
dt.appendChild(document.createTextNode(Encoder.htmlEncode(String(c))));
dl.appendChild(dt);
var dd = document.createElement("dd");
if(isObject(claims[c])) {
dd.appendChild(renderClaims(claims[c]));
} else {
dd.appendChild(document.createTextNode(Encoder.htmlEncode(String(claims[c]))));
if(ts_claims.includes(c)) {
var ts = document.createElement("span");
ts.className = "ts";
var d = new Date(claims[c]*1000);
ts.appendChild(document.createTextNode(d.toLocaleString()));
dd.appendChild(ts);
}
}
dl.appendChild(dd);
}
return dl;
}
function render(claims, url, time) {
var div = document.getElementById("claims");
var dl = renderClaims(claims);
div.innerHTML = "";
div.appendChild(dl);
var caption = document.getElementById("caption");
caption.innerHTML = "Bearer token extracted from request to "+Encoder.htmlEncode(String(url));
var ts = document.createElement("span");
ts.className = "ts";
ts.appendChild(document.createTextNode(Encoder.htmlEncode(String(time))));
caption.appendChild(ts);
}
function updateCopyButton(tok) {
var b = document.getElementById("copy_token");
b.dataset.token = tok;
b.disabled = false;
}
function copyToken() {
var t = this.dataset.token;
navigator.clipboard.writeText(t);
}
function onRequestFinished(request) {
var tok = bearer_token(request.request.headers.find(bearer_token));
if(!tok) return;
try {
var parts = tok.split('.');
var claims = JSON.parse(atob(parts[1]));
render(claims, request.request.url, request.startedDateTime);
updateCopyButton(tok);
} catch (error) {
// Not a token we can extract and decode
}
}
chrome.devtools.network.onRequestFinished.addListener(onRequestFinished);
window.onload = function() {
document.getElementById("copy_token").onclick = copyToken;
}