From ab008fe78c02845c68cd76773a4f4e08af2ed275 Mon Sep 17 00:00:00 2001 From: Marnix Dessing Date: Thu, 13 Oct 2022 16:09:29 +0200 Subject: [PATCH] fix: prevent escaping javascript and url in mustache --- .projen/deps.json | 4 ++ .projenrc.js | 1 + package.json | 1 + src/app/code/IrmaApi.ts | 67 +++++++++++++++++----------- src/app/issue/homeRequestHandler.ts | 2 +- src/app/templates/issue.mustache | 6 +-- test/__snapshots__/main.test.ts.snap | 4 +- yarn.lock | 5 +++ 8 files changed, 58 insertions(+), 32 deletions(-) diff --git a/.projen/deps.json b/.projen/deps.json index 979459ad..b1dd2603 100644 --- a/.projen/deps.json +++ b/.projen/deps.json @@ -185,6 +185,10 @@ "name": "cookie", "type": "runtime" }, + { + "name": "date-fns", + "type": "runtime" + }, { "name": "dotenv", "type": "runtime" diff --git a/.projenrc.js b/.projenrc.js index 3f1ce28f..e7476c20 100644 --- a/.projenrc.js +++ b/.projenrc.js @@ -28,6 +28,7 @@ const project = new awscdk.AwsCdkTypeScriptApp({ 'openid-client', '@types/cookie', 'cookie', + 'date-fns', ], /* Runtime dependencies of this module. */ // description: undefined, /* The description is just a string that helps people understand the purpose of the package. */ diff --git a/package.json b/package.json index 1183777a..886e8f8d 100644 --- a/package.json +++ b/package.json @@ -80,6 +80,7 @@ "cdk-remote-stack": "^2.0.10", "constructs": "^10.0.5", "cookie": "^0.5.0", + "date-fns": "^2.29.3", "dotenv": "^16.0.3", "mustache": "^4.2.0", "openid-client": "*" diff --git a/src/app/code/IrmaApi.ts b/src/app/code/IrmaApi.ts index 779d7d8e..5006f3d8 100644 --- a/src/app/code/IrmaApi.ts +++ b/src/app/code/IrmaApi.ts @@ -4,6 +4,7 @@ import { } from '@aws-sdk/client-secrets-manager'; import { aws4Interceptor } from 'aws4-axios'; import * as axios from 'axios'; +import { parse, differenceInYears } from 'date-fns'; export class IrmaApi { @@ -109,43 +110,57 @@ export class IrmaApi { } constructIrmaIssueRequest(brpData: any) { - console.log(brpData); + + // Get persoonsgegevens + const gegevens = brpData.Persoon.Persoonsgegevens; + + // Calculate age attributes + const birthDateStr: string = gegevens.Geboortedatum; + const birthDate = parse(birthDateStr, 'dd-MM-yyyy', new Date()); + const age = differenceInYears(birthDate, new Date()); + const over12 = age >= 12 ? 'yes' : 'no'; + const over16 = age >= 16 ? 'yes' : 'no'; + const over18 = age >= 18 ? 'yes' : 'no'; + const over21 = age >= 21 ? 'yes' : 'no'; + const over65 = age >= 65 ? 'yes' : 'no'; + + // Return the issue request return { type: 'issuing', credentials: [ { credential: this.demo ? 'irma-demo.gemeente.address' : 'irma.gemeente.address', - validity: 1678455605, + validity: 1678455605, // TODO check if up to date attributes: { - street: 'Kortestraat', - houseNumber: '6', - zipcode: '6511PP', - municipality: 'Nijmegen', - city: 'Nijmegen', + street: brpData.Persoon.Adres.Straat, + houseNumber: brpData.Persoon.Adres.Huisnummer, + zipcode: brpData.Persoon.Adres.Postcode, + municipality: brpData.Persoon.Adres.Gemeente, + city: brpData.Persoon.Adres.Woonplaats, }, }, { credential: this.demo ? 'irma-demo.gemeente.personalData' : 'irma.gemeente.personalData', - validity: 1678455605, + validity: 1678455605, // TODO check if up to date attributes: { - initials: '', - firstnames: 'Test', - prefix: '', - familyname: 'Test', - fullname: 'Test Test', - dateofbirth: '20-10-1996', - gender: 'M', - nationality: 'yes', - surname: 'Test', - cityofbirth: 'Nijmegen', - countryofbirth: 'Nederland', - over12: 'yes', - over16: 'yes', - over18: 'yes', - over21: 'yes', - over65: 'no', - bsn: '1234', - digidlevel: '12', + initials: gegevens.Voorletters, + firstnames: gegevens.Voornamen, + prefix: gegevens.Voorvoegsel, + familyname: gegevens.Achternaam, + fullname: gegevens.Naam, + dateofbirth: gegevens.Geboortedatum, + gender: gegevens.Geslacht, + nationality: gegevens.NederlandseNationaliteit == 'Ja' ? 'yes' : 'no', + surname: gegevens.Achternaam, + cityofbirth: gegevens.Geboorteplaats, + countryofbirth: gegevens.Geboorteland, + over12: over12, + over16: over16, + over18: over18, + over21: over21, + over65: over65, + bsn: brpData.Persoon.BSN.BSN, + digidlevel: '12', // TODO check what this should be? }, }, ], diff --git a/src/app/issue/homeRequestHandler.ts b/src/app/issue/homeRequestHandler.ts index 476fba36..ab815367 100644 --- a/src/app/issue/homeRequestHandler.ts +++ b/src/app/issue/homeRequestHandler.ts @@ -45,7 +45,7 @@ async function handleLoggedinRequest(session: Session, brpClient: ApiClient, irm title: 'overzicht', shownav: true, volledigenaam: naam, - irmaSession: irmaSession, + irmaSession: JSON.stringify(irmaSession), irmaServer: `https://${irmaApi.getHost()}`, sessionResultEndpoint: `https://${process.env.APPLICATION_URL_BASE}/result`, }; diff --git a/src/app/templates/issue.mustache b/src/app/templates/issue.mustache index 885f1c69..672594fb 100644 --- a/src/app/templates/issue.mustache +++ b/src/app/templates/issue.mustache @@ -24,9 +24,9 @@