add utils and insecurity

[PavelLinearB]

Description

A clear and concise summary of the change and which issue (if any) it fixes. Should also include relevant motivation and context.

Resolved or fixed issue:

Affirmation

• My code follows the CONTRIBUTING.md guidelines

[orca-security-us]

Orca Security Scan Summary

Status	Check	Issues by priority
Passed	Infrastructure as Code	0   0   0   0	View in Orca
Passed	Secrets	0   0   0   0	View in Orca
Passed	Vulnerabilities	0   0   0   0	View in Orca

[jit-ci]

❌ Jit has detected 1 important finding in this PR that you should review.
The finding is detailed below as a comment.
It’s highly recommended that you fix this security issue before merge.

Repository Risks:

• Database Integration: Connects to a database, often involving sensitive data that must be securely managed.

Repository Context:

graph LR
    GitHub$Repository#linear-b/juice-shop["GitHub Repository<br/>linear-b/juice-shop"]:::GitHub$Repository
    DBIntegration#redis["DBIntegration<br/>redis"]:::DBIntegration
    GitHub$Repository#linear-b/juice-shop -- "Is accessible to" --> DBIntegration#redis

Loading

[jit-ci]

Security control: Secret Detection

Type: Private-Key

Description: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.

Severity: HIGH

---

Jit Bot commands and options (e.g., ignore issue)

You can trigger Jit actions by commenting on this PR review:

• #jit_ignore_fp Ignore and mark this specific single instance of finding as “False Positive”
• #jit_ignore_accept Ignore and mark this specific single instance of finding as “Accept Risk”
• #jit_ignore_type_in_file Ignore any finding of type "private-key" in lib/insecurity.ts; future occurrences will also be ignored.
• #jit_undo_ignore Undo ignore command

[gitstream-cm]

📜 PR Summary 📜

• Changed ctf.key file:

  • Added an equals sign (=) at the beginning of the existing secret key in the CTF key file.

• Added a new file insecurity.ts:

  • Handles security-related functions for users and tokens.
  • Manages JWT authorization, token verification, and signature creation.
  • Adds HTML and filename sanitization functions.
  • Implements functions to check and append user roles and IDs.
  • Contains utility functions for handling JWTs from requests and validating user roles.

• Added a new file utils.ts:

  • Provides general utility functions used across the project.
  • Includes string manipulation, date formatting, and file operations.
  • Provides functions to handle configuration keys and challenge enablement.
  • Contains custom error processing and JSON parsing functions.
  • Implements environment checks for Docker, Heroku, Windows, and Gitpod.

[gitstream-cm]

✨ gitStream Review ✨

Here are the code review comments based on the provided diff:

Security Risks:

1. Hardcoded Private Key:

   • Issue: The private key is hardcoded in the lib/insecurity.ts file. This is a major security risk because if this key becomes known, all signed tokens could be forged.
   • Suggestion: Use environment variables to securely store sensitive keys and secrets. Consider using services like AWS Secrets Manager, Azure Key Vault, or similar services to manage cryptographic keys.

2. MD5 Hashing:

   • Issue: MD5 is used in the hash function. MD5 is considered cryptographically broken and unsuitable for further protection.
   • Suggestion: Consider using a stronger hashing algorithm like SHA-256.

3. Insecure Comparison:

   • Issue: The token verification and role checks rely on multiple function calls without constant-time comparison, which may be vulnerable to timing attacks.
   • Suggestion: Use crypto.timingSafeEqual for comparing hashes or sensitive data securely.

4. Token Generation Secret:

   • Issue: The HMAC secret 'pa4qacea4VK9t9nGv7yZtwmj' is hardcoded.
   • Suggestion: Like the private key, this should be stored securely via environment variables or in a secrets manager.

5. JWT Verification:

   • Issue: verify function uses jws.verify without checking the payload thoroughly.
   • Suggestion: Consider validating the token after decoding to prevent JWT-based attacks (e.g., algorithm confusion).

Performance Improvements:

1. Repeated Read Operations:
   • Issue: fs.readFileSync is used to read files, which blocks the event loop.
   • Suggestion: Consider asynchronous operations where feasible to avoid blocking code execution.

Best Practices:

1. Error Handling:

   • Issue: Functions like generateCoupon decode values without proper error handling, which could result in runtime errors.
   • Suggestion: Add error handling logic to catch and manage exceptions gracefully.

2. Use of const and let:

   • Issue: Code uses let where const could suffice.
   • Suggestion: Use const for variables that should not be re-assigned, enhancing readability and maintaining integrity.

Code Style and Readability:

1. Code Comments:

   • Observation: Some complex functions lack comments explaining their purpose and logic.
   • Suggestion: Add comments to explain non-trivial parts of the code to make it more readable.

2. String Literals:

   • Suggestion: Consider using template literals where appropriate for better readability, particularly when concatenating strings (e.g., jwt.verify error message logging).

3. Sanitization Functions:

   • Issue: Multiple sanitization methods are provided. It's unclear which are necessary.
   • Suggestion: Ensure all are necessary and remove any redundant sanitization functions to prevent overhead and maintain clean code.

General Improvements:

1. Dependency Importation:

   • Observation: Some of the dependencies such as z85 lack TypeScript definitions, causing lint errors.
   • Suggestion: Either write type definitions for these libraries or adjust imports to not silence errors, to ensure type safety.

2. Encapsulation and Module Concerns:

   • Observation: The authenticatedUsers object is mutable and managed directly in the lib/insecurity.ts file.
   • Suggestion: Consider encapsulating and managing state changes through functions to ensure better encapsulation and modularity.

By addressing these issues, the overall security, performance, and maintainability of the code can be significantly improved.