whs-authz-authn/caido-plugin-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
caido-plugin-test/packages/backend/src/index.ts
tv0924@icloud.com 5fed2eb7d0 [Update] index
2025-05-31 11:47:52 +09:00

49 lines
1.8 KiB
TypeScript
Raw Blame History

import type { SDK, DefineAPI } from "caido:plugin";
import type { Request, Response } from "caido:utils";
// import { ImplicitGrantController } from "./controller/implictGrant";
// import { AuthZCodeGrantController } from "./controller/authZCodeGrant";
import { CsrfCheck } from "./controller/csrfCheck";
import { PKCECheck } from "./controller/PKCECheck";
export type API = DefineAPI<{}>;
const csrfCheck = new CsrfCheck();
// const implicitGrantController = new ImplicitGrantController();
// const authZCodeGrantController = new AuthZCodeGrantController();
const pkceCheckController = new PKCECheck();
export function init(sdk: SDK<API>) {
// sdk.events.onInterceptRequest(async (sdk, req: Request) => {
// const result = csrfCheck.checker(req);
// if (result) {
// await sdk.findings.create({
// title: "Possible SSO Request Detected",
// description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
// request: req,
// reporter: "",
// });
// }
// });
sdk.events.onInterceptResponse(
async (sdk: SDK<DefineAPI<{}>, {}>, req: Request, resp: Response) => {
await csrfCheck.checker(sdk, req, resp);
await pkceCheckController.test(sdk, req);
// sdk.events.onInterceptRequest(async (sdk, req: Request) => {
// const result =
// authZCodeGrantController.testReq(req) ||
// implicitGrantController.testReq(req);
// if (result) {
// await pkceCheckController.test(sdk, req);
// await sdk.findings.create({
// title: "Possible SSO Request Detected",
// description: `SSO-related parameters detected in request:\n\n${req.getMethod()} ${req.getUrl()} : ${result}`,
// request: req,
// reporter: "",
// });
}
);
}
Reference in a new issue View git blame Copy permalink