Module: PWN::Plugins::OAuth2
- Defined in:
- lib/pwn/plugins/oauth2.rb
Overview
This plugin is somewhat of a hack used for extracting OAuth2 tokens from HTTP responses to be used for subsequent HTTP requests.
Class Method Summary collapse
-
.authors ⇒ Object
- Author(s)
-
0day Inc.
-
.decode(opts) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::OAuth2.decode( oauth2_token: ‘required oauth2 token’ ).
-
.get_value_by_key(opts) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::OAuth2.get_value_by_key( oauth2_token: ‘required oauth2 token’, key: ‘required oauth2 token key name located within the Base64 encoded token as symbol, e.g. :company_id’ ).
-
.help ⇒ Object
Display Usage for this Module.
Class Method Details
.authors ⇒ Object
- Author(s)
-
0day Inc. <[email protected]>
45 46 47 48 49 |
# File 'lib/pwn/plugins/oauth2.rb', line 45 public_class_method def self. "AUTHOR(S): 0day Inc. <[email protected]> " end |
.decode(opts) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::OAuth2.decode(
oauth2_token: 'required oauth2 token')
16 17 18 19 20 21 |
# File 'lib/pwn/plugins/oauth2.rb', line 16 public_class_method def self.decode(opts) oauth2_token = opts[:oauth2_token] Base64.decode64(oauth2_token) rescue StandardError => e raise e end |
.get_value_by_key(opts) ⇒ Object
- Supported Method Parameters
-
PWN::Plugins::OAuth2.get_value_by_key(
oauth2_token: 'required oauth2 token', key: 'required oauth2 token key name located within the Base64 encoded token as symbol, e.g. :company_id')
29 30 31 32 33 34 35 36 37 38 39 40 41 |
# File 'lib/pwn/plugins/oauth2.rb', line 29 public_class_method def self.get_value_by_key(opts) oauth2_token = opts[:oauth2_token] # Make sure we're receiving a symbol. Convert to string first in case an int is passed. key = opts[:key].to_s.to_sym # Holy omg...strip out the ugly tail of this stuff. readable_oauth2_token = Base64.decode64(oauth2_token).match(/^(.*?)\]\}/).to_s json_oauth2_token_body = JSON.parse(readable_oauth2_token.split(/^\{(.*?)\}/)[-1], symbolize_names: true) json_oauth2_token_body[key] rescue StandardError => e raise e end |
.help ⇒ Object
Display Usage for this Module
53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/pwn/plugins/oauth2.rb', line 53 public_class_method def self.help puts %{USAGE: #{self}.decode(oauth2_token: 'required oauth2 token')" #{self}.get_value_by_key( oauth2_token: 'required oauth2 token', key: 'required oauth2 token key name located within the Base64 encoded token as symbol, e.g. :company_id' ) #{self}.authors } end |