Skip to content

Commit 13935e2

Browse files
hiranya911hiranya911
authored
Validating the private key string (#20)
1 parent 00e6d63 commit 13935e2

File tree

3 files changed

+20
-2
lines changed

3 files changed

+20
-2
lines changed

package.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,8 @@
2424
"dependencies": {
2525
"@types/jsonwebtoken": "^7.1.33",
2626
"faye-websocket": "0.9.3",
27-
"jsonwebtoken": "7.1.9"
27+
"jsonwebtoken": "7.1.9",
28+
"node-forge": "0.7.1"
2829
},
2930
"devDependencies": {
3031
"@types/chai": "^3.4.34",

src/auth/credential.ts

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
*/
1616

1717
import * as jwt from 'jsonwebtoken';
18+
import * as forge from 'node-forge';
1819

1920
// Use untyped import syntax for Node built-ins
2021
import fs = require('fs');
@@ -167,6 +168,14 @@ export class Certificate {
167168
if (typeof errorMessage !== 'undefined') {
168169
throw new FirebaseAppError(AppErrorCodes.INVALID_CREDENTIAL, errorMessage);
169170
}
171+
172+
try {
173+
forge.pki.privateKeyFromPem(this.privateKey);
174+
} catch (error) {
175+
throw new FirebaseAppError(
176+
AppErrorCodes.INVALID_CREDENTIAL,
177+
'Failed to parse private key: ' + error);
178+
}
170179
}
171180
}
172181

test/unit/auth/credential.spec.ts

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -171,7 +171,7 @@ describe('Credential', () => {
171171
}).to.throw('Certificate object must contain a string "client_email" property');
172172
});
173173

174-
it('should throw if certificate object does not contain a valid "private_key"', () => {
174+
it('should throw if certificate object does not contain a "private_key"', () => {
175175
mockCertificateObject.private_key = '';
176176

177177
expect(() => {
@@ -185,6 +185,14 @@ describe('Credential', () => {
185185
}).to.throw('Certificate object must contain a string "private_key" property');
186186
});
187187

188+
it('should throw if certificate object does not contain a valid "private_key"', () => {
189+
mockCertificateObject.private_key = 'invalid.key';
190+
191+
expect(() => {
192+
return new Certificate(mockCertificateObject);
193+
}).to.throw('Failed to parse private key: Error: Invalid PEM formatted message.');
194+
});
195+
188196
it('should not throw given a valid certificate object', () => {
189197
expect(() => {
190198
return new Certificate(mockCertificateObject);

0 commit comments

Comments
 (0)