[Add] is authZ|implict grant type
This commit is contained in:
tv0924@icloud.com
parent
d21ee1eac0
commit
889d7cfbf2
12 changed files with 2437 additions and 0 deletions
44
packages/backend/src/index.ts
Normal file
44
packages/backend/src/index.ts
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
import type { SDK, DefineAPI } from "caido:plugin";
|
||||
import type { Request } from "caido:utils";
|
||||
import { ImplicitGrantController } from "./controller/implictGrant";
|
||||
import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
|
||||
|
||||
export type API = DefineAPI<{}>;
|
||||
|
||||
const implicitGrantController = new ImplicitGrantController();
|
||||
const authZCodeGrantController = new AuthZCodeGrantController();
|
||||
|
||||
// function matchSSORequest(req: Request): boolean {
|
||||
// const raw = req.getRaw().toString();
|
||||
|
||||
// // 조건 3: Raw request에 SAMLRequest 또는 SAMLResponse 포함
|
||||
// if (raw.includes("SAMLRequest=") || raw.includes("SAMLResponse=")) {
|
||||
// return true;
|
||||
// }
|
||||
|
||||
// return false;
|
||||
// }
|
||||
|
||||
// function matchAccessTokenResponse(resp: Response): boolean {
|
||||
// const raw = resp.getRaw().toString();
|
||||
|
||||
// const match = /"access_token"\s*:\s*"([^"]+)"/.exec(raw);
|
||||
// return !!match;
|
||||
// }
|
||||
|
||||
export function init(sdk: SDK<API>) {
|
||||
sdk.events.onInterceptRequest(async (sdk, req: Request) => {
|
||||
const result =
|
||||
authZCodeGrantController.testReq(req) ||
|
||||
implicitGrantController.testReq(req);
|
||||
|
||||
if (result) {
|
||||
await sdk.findings.create({
|
||||
title: "Possible SSO Request Detected",
|
||||
description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
|
||||
request: req,
|
||||
reporter: "",
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue