Skip to content

Commit

Permalink
Fix base 64 parsing (#80)
Browse files Browse the repository at this point in the history
  • Loading branch information
@renan628
renan628 authored Oct 15, 2024
1 parent df2acb3 commit c45f586
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 8 deletions.
11 changes: 5 additions & 6 deletions src/middleware.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,12 +146,11 @@ describe('middleware', () => {
jest.useRealTimers();
});

const previewToken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJpc3MiOiJodHRwczovL2Nyb2N0LmlvIiwi'
+ 'YXVkIjoiaHR0cHM6Ly9jcm9jdC5pbyIsImlhdCI6MTQ0MDk3OTEwMCwiZXhwIjoxNDQwOTc5M'
+ 'jAwLCJtZXRhZGF0YSI6eyJleHBlcmllbmNlTmFtZSI6IkRldmVsb3BlcnMgZXhwZXJpZW5jZS'
+ 'IsImV4cGVyaW1lbnROYW1lIjoiRGV2ZWxvcGVycyBleHBlcmltZW50IiwiYXVkaWVuY2VOYW1l'
+ 'IjoiRGV2ZWxvcGVycyBhdWRpZW5jZSIsInZhcmlhbnROYW1lIjoiSmF2YVNjcmlwdCBEZXZlbG'
+ '9wZXJzIn19.';
const previewToken = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Nyb2N0LmlvIiwiYXVkIjoiaHR0cH'
+ 'M6Ly9jcm9jdC5pbyIsImlhdCI6MTQ0MDk3OTEwMCwiZXhwIjoxNDQwOTc5MjAwLCJtZXRhZGF0YSI6eyJleHBlcmllbmN'
+ 'lTmFtZSI6IkRldmVsb3BlcnMgZXhwZXJpZW5jZSIsImV4cGVyaW1lbnROYW1lIjoiRGV2ZWxvcGVycyBleHBlcmltZW50'
+ 'IiwiYXVkaWVuY2VOYW1lIjoi8J-RqOKAjfCfkrsgRGV2ZWxvcGVycyBhdWRpZW5jZSIsInZhcmlhbnROYW1lIjoiSmF2Y'
+ 'VNjcmlwdCBEZXZlbG9wZXJzIn19.ZmfcfhPoxFs0cY86ixGBCDab3rPSMoUG4cboWX0NEOY';

const UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;

Expand Down
5 changes: 3 additions & 2 deletions src/middleware.ts
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
import {NextRequest, NextMiddleware, NextResponse} from 'next/server';
import {NextMiddleware, NextRequest, NextResponse} from 'next/server';
import cookie from 'cookie';
import {v4 as uuidv4} from 'uuid';
import {Token} from '@croct/sdk/token';
import {base64UrlDecode} from '@croct/sdk/base64Url';
import {Header, QueryParameter} from '@/config/http';
import {
CookieOptions,
Expand Down Expand Up @@ -181,7 +182,7 @@ function isPreviewTokenValid(token: unknown): token is string {
const now = Math.floor(Date.now() / 1000);

try {
const payload = JSON.parse(atob(token.split('.')[1]).toString());
const payload = JSON.parse(base64UrlDecode(token.split('.')[1]).toString());

return Number.isInteger(payload.exp) && payload.exp > now;
} catch {
Expand Down

0 comments on commit c45f586

Please sign in to comment.