@shoper/cli 0.2.1-2 → 0.2.1-4

package/build/cli/auth/tokens/api/cli_auth_tokens_api.js

@@ -40,4 +40,7 @@ export class CliAuthTokensApi extends FeatureApi {
     getTokensCount() {
         return this.#service.getTokensCount();
     }
+    validateToken(token) {
+        return this.#service.validateToken(token);
+    }
 }

package/build/cli/auth/tokens/cli_auth_tokens_utils.js

@@ -1,4 +1,5 @@
 import jwt from 'jsonwebtoken';
+import differenceBy from 'lodash/differenceBy.js';
 export class CLiAuthTokensUtils {
     static getTokenPayload(token) {
         try {
@@ -23,4 +24,36 @@ export class CLiAuthTokensUtils {
             return true;
         return tokenPayload.exp - Math.floor(Date.now() / 1000) < 0;
     }
+    static isValidJWT(token) {
+        const parts = token.split('.');
+        if (parts.length !== 3) {
+            return { isValid: false, message: 'Invalid token format. JWT should have 3 parts.' };
+        }
+        try {
+            const decoded = jwt.decode(token, { complete: true });
+            if (!decoded) {
+                return { isValid: false, message: 'Failed to decode token.' };
+            }
+            const payload = decoded.payload;
+            const expectedPayloadKeys = ['exp', 'iat', 'iss', 'nbf', 'scope', 'id', 'name', 'key'];
+            const missingKeys = differenceBy(expectedPayloadKeys, Object.keys(payload));
+            if (missingKeys.length > 0) {
+                return { isValid: false, message: `Missing keys in payload: ${missingKeys.join(', ')}` };
+            }
+            const unexpectedKeys = differenceBy(Object.keys(payload), expectedPayloadKeys);
+            if (unexpectedKeys.length > 0) {
+                return { isValid: false, message: `Unexpected keys in payload: ${unexpectedKeys.join(', ')}` };
+            }
+            // Check if the token has expired
+            const now = Math.floor(Date.now() / 1000); // Current time in seconds
+            if (payload.exp < now) {
+                return { isValid: false, message: 'Token has expired.' };
+            }
+            // If all checks pass, consider the token valid (structure and keys checked)
+            return { isValid: true, message: 'Token is valid (structure and keys checked).' };
+        }
+        catch {
+            return { isValid: false, message: 'Error decoding the token. Invalid format.' };
+        }
+    }
 }

package/build/cli/auth/tokens/service/cli_auth_tokens_service.js

@@ -16,6 +16,9 @@ export class CLiAuthTokensService {
         tokens.push(tokeItem);
         this._setTokens(tokens);
     }
+    validateToken(token) {
+        return CLiAuthTokensUtils.isValidJWT(token);
+    }
     hasToken(index) {
         return index <= this.getTokensCount();
     }

package/build/cli/commands/auth/cli_auth_add_token_command.js

@@ -16,6 +16,13 @@ export class CliAuthAddTokenCommand extends BaseCliCommand {
         const cliAuthTokensApi = this.getApi(CLI_AUTH_TOKENS_API_NAME);
         try {
             const { input: token } = await promptInput('Please paste your CLI token:');
+            const { isValid, message } = cliAuthTokensApi.validateToken(token);
+            if (!isValid) {
+                renderOnce(React.createElement(Error, { header: "Error: Failed to add token: " },
+                    React.createElement(Box, null,
+                        React.createElement(Text, null, message))));
+                return;
+            }
             cliAuthTokensApi.addToken(token);
             cliAuthTokensApi.setDefaultToken(cliAuthTokensApi.getTokensCount());
             renderOnce(React.createElement(Success, null,

package/package.json

@@ -2,7 +2,7 @@
     "name": "@shoper/cli",
     "packageManager": "yarn@3.2.0",
     "sideEffects": false,
-    "version": "0.2.1-2",
+    "version": "0.2.1-4",
     "description": "CLI tool for Shoper",
     "author": "Joanna Firek",
     "license": "MIT",