[Remove] backend build file
This commit is contained in:
tv0924@icloud.com
parent
cc52c85fd5
commit
b41b086980
2 changed files with 1 additions and 81 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
|
@ -217,6 +217,7 @@ $RECYCLE.BIN/
|
|||
|
||||
!dist/
|
||||
dist/*
|
||||
packages/*/dist/*
|
||||
!dist/*.zip
|
||||
|
||||
# End of https://www.toptal.com/developers/gitignore/api/node,macos,windows,linux
|
||||
81
packages/backend/dist/index.js
vendored
81
packages/backend/dist/index.js
vendored
|
|
@ -1,81 +0,0 @@
|
|||
// packages/backend/src/controller/implictGrant.ts
|
||||
var ImplicitGrantController = class {
|
||||
isImplicitGrantReq(req) {
|
||||
const query = req.getQuery();
|
||||
if (query.includes("client_id=") && query.includes("response_type=token")) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
isSendTokenToClient(req) {
|
||||
const path = req.getPath();
|
||||
const query = req.getQuery();
|
||||
if (query.includes("access_token=") && query.includes("state=") || path.includes("&access_token=") || /access_token=%/i.test(query)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
testReq(req) {
|
||||
if (this.isImplicitGrantReq(req)) {
|
||||
return "isImplicitGrantReq";
|
||||
}
|
||||
if (this.isSendTokenToClient(req)) {
|
||||
return "isSendTokenToClient";
|
||||
}
|
||||
return false;
|
||||
}
|
||||
};
|
||||
|
||||
// packages/backend/src/controller/authZCodeGrant.ts
|
||||
var AuthZCodeGrantController = class {
|
||||
constructor() {
|
||||
}
|
||||
isAuthZReq(req) {
|
||||
const query = req.getQuery();
|
||||
if (query.includes("client_id=") && query.includes("response_type=code")) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
isSendCodeToClient(req) {
|
||||
const path = req.getPath();
|
||||
const query = req.getQuery();
|
||||
if (query.includes("code=") && query.includes("state=") || path.includes("&code=") || /code=%/i.test(query)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
testReq(req) {
|
||||
if (this.isAuthZReq(req)) {
|
||||
return "isAuthZReq";
|
||||
}
|
||||
if (this.isSendCodeToClient(req)) {
|
||||
return "isSendCodeToClient";
|
||||
}
|
||||
return false;
|
||||
}
|
||||
// isAccessTokenReq(req: Response) {
|
||||
// }
|
||||
};
|
||||
|
||||
// packages/backend/src/index.ts
|
||||
var implicitGrantController = new ImplicitGrantController();
|
||||
var authZCodeGrantController = new AuthZCodeGrantController();
|
||||
function init(sdk) {
|
||||
sdk.events.onInterceptRequest(async (sdk2, req) => {
|
||||
const result = authZCodeGrantController.testReq(req) || implicitGrantController.testReq(req);
|
||||
if (result) {
|
||||
await sdk2.findings.create({
|
||||
title: "Possible SSO Request Detected",
|
||||
description: `SSO-related parameters detected in request:
|
||||
|
||||
${req.getMethod()} ${req.getUrl()} : ${result}`,
|
||||
request: req,
|
||||
reporter: ""
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
export {
|
||||
init
|
||||
};
|
||||
Loading…
Add table
Add a link
Reference in a new issue