refactor(myinfo): replace node-jose with jose for SSO (opengovsg#328)

amandalim857 · Jul 12, 2023 · 2a37a0a · 2a37a0a
1 parent 555316b
commit 2a37a0a
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 12 deletions.
diff --git a/lib/express/myinfo/controllers.js b/lib/express/myinfo/controllers.js
@@ -5,7 +5,7 @@ const path = require('path')
 const express = require('express')
 const { pick, partition } = require('lodash')
 
-const jose = require('node-jose')
+const jose = require('jose')
 const jwt = require('jsonwebtoken')
 
 const assertions = require('../../assertions')
@@ -27,20 +27,31 @@ module.exports =
       const verifier = crypto.createVerify('RSA-SHA256')
       verifier.update(baseString)
       verifier.end()
-      return verifier.verify(serviceProvider.pubKey, signature, 'base64')
+      return verifier.verify(MOCKPASS_PUBLIC_KEY, signature, 'base64')
     }
 
     const encryptPersona = async (persona) => {
-      const signedPersona = jwt.sign(persona, MOCKPASS_PRIVATE_KEY, {
-        algorithm: 'RS256',
-      })
-      const serviceCertAsKey = await jose.JWK.asKey(serviceProvider.cert, 'pem')
-      const encryptedAndSignedPersona = await jose.JWE.createEncrypt(
-        { format: 'compact' },
-        serviceCertAsKey,
+      /*
+       * We sign and encrypt the persona. It's important to note that although a signature is
+       * usually derived from the payload hash and is thus much smaller than the payload itself,
+       * we're specifically contructeding a JWT, which contains the original payload.
+       *
+       * We then construct a JWE and provide two headers specifying the encryption algorithms used.
+       * You can read about them here: https://www.rfc-editor.org/rfc/inline-errata/rfc7518.html
+       *
+       * These values weren't picked arbitrarily; they were the defaults used by a library we
+       * formerly used: node-jose. We opted to continue using them for backwards compatibility.
+       */
+      const privateKey = await jose.importPKCS8(MOCKPASS_PRIVATE_KEY.toString())
+      const sign = await new jose.SignJWT(persona)
+        .setProtectedHeader({ alg: 'RS256' })
+        .sign(privateKey)
+      const publicKey = await jose.importX509(serviceProvider.toString())
+      const encryptedAndSignedPersona = await new jose.CompactEncrypt(
+        Buffer.from(sign),
       )
-        .update(JSON.stringify(signedPersona))
-        .final()
+        .setProtectedHeader({ alg: 'RSA-OAEP', enc: 'A128CBC-HS256' })
+        .encrypt(publicKey)
       return encryptedAndSignedPersona
     }
 
@@ -142,7 +153,6 @@ module.exports =
               redirect_uri,
             })
           : {}
-
         if (!tokenTemplate) {
           res.status(400).send({
             code: 400,

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -41,6 +41,7 @@
     "dotenv": "^16.0.0",
     "expiry-map": "^2.0.0",
     "express": "^4.16.3",
+    "jose": "^4.14.4",
     "jsonwebtoken": "^9.0.0",
     "lodash": "^4.17.11",
     "morgan": "^1.9.1",