Merge pull request #167 from PerimeterX/bugfix/tokenDecryptionFailed

Drop Token version number from original token field.

Author: AsafAklerPX

lib/pxcontext.js

@@ -31,7 +31,7 @@ class PxContext {
             this.cookieOrigin = 'header';
             config.logger.debug('Mobile SDK token detected');
             this.originalToken = this.headers[mobileSdkOriginalTokenHeader];
-            const tokenObject = this.getTokenObject(mobileHeader);
+            const tokenObject = pxUtil.getTokenObject(mobileHeader);
             this.cookies[tokenObject.key] = tokenObject.value;
         } else {
             let cookies = req.cookies;
@@ -78,19 +78,6 @@ class PxContext {
         return false;
     }
 
-    getTokenObject(cookie, delimiter = ':') {
-        if (cookie.indexOf(delimiter) > -1) {
-            const [version, ...extractedCookie] = cookie.split(delimiter);
-            if (version === '3') {
-                return { key: '_px3', value: extractedCookie.join(delimiter) };
-            }
-            if (version === '1') {
-                return { key: '_px', value: extractedCookie.join(delimiter) };
-            }
-        }
-        return { key: '_px3', value: cookie };
-    }
-
     isMobile() {
         return this.cookieOrigin === 'header';
     }

lib/pxoriginaltoken.js

@@ -1,9 +1,10 @@
 const TokenV3 = require('./cookie/tokenV3');
 const TokenV1 = require('./cookie/tokenV1');
+const pxUtil = require('./pxutil');
 
 function evalCookie(ctx, config) {
     try {
-        const noVersionOriginalToken = ctx.originalToken;
+        const noVersionOriginalToken = pxUtil.getTokenObject(ctx.originalToken).value;
         const cookie = (ctx.cookies['_px3'] ? new TokenV3(ctx, config, noVersionOriginalToken) : new TokenV1(ctx, config, noVersionOriginalToken));
         config.logger.debug('Original token found, Evaluating');
 

lib/pxutil.js

@@ -249,6 +249,19 @@ function isReqInMonitorMode(pxConfig, pxCtx) {
     );
 }
 
+function getTokenObject(cookie, delimiter = ':') {
+    if (cookie.indexOf(delimiter) > -1) {
+        const [version, ...extractedCookie] = cookie.split(delimiter);
+        if (version === '3') {
+            return { key: '_px3', value: extractedCookie.join(delimiter) };
+        }
+        if (version === '1') {
+            return { key: '_px', value: extractedCookie.join(delimiter) };
+        }
+    }
+    return { key: '_px3', value: cookie };
+}
+
 module.exports = {
     formatHeaders,
     filterSensitiveHeaders,
@@ -266,4 +279,5 @@ module.exports = {
     isStringMatchWith,
     generateHMAC,
     isReqInMonitorMode,
+    getTokenObject,
 };