Extension: load/save from cookies/local storage.

Author: sebadoom

src/extension/dom-elements.js

@@ -3,3 +3,13 @@ export * from '../dom-elements.js';
 export const shareJwtLink = document.querySelector('.jwt-clipboard-btn');
 export const shareJwtTextElement =
   document.getElementById('share-this-jwt-text');
+
+export const cookiesOptGroup =
+  document.querySelector('optgroup[label="Cookies"]');
+export const webStorageOptGroup =
+  document.querySelector('optgroup[label="Web Storage"]');
+
+export const storageSelect = cookiesOptGroup.parentElement;
+
+export const saveBackElement = document.querySelector('.save-back');
+export const saveBackLink = document.getElementById('save-back-link');

src/extension/injected/webstorage.js

@@ -0,0 +1,33 @@
+function readFrom(storage, result) {
+  for (let i = 0; i < storage.length; ++i) {
+    const key = storage.key(i);
+    result.push({
+      name: key,
+      value: storage.getItem(key),
+      type: storage === window.sessionStorage ? 'session' : 'local'
+    });
+  }
+}
+
+const result = [];
+
+readFrom(window.localStorage, result);
+readFrom(window.sessionStorage, result);
+
+chrome.runtime.sendMessage({
+  type: 'storage',
+  tokens: result
+}, function response(ignored) {
+
+});
+
+chrome.runtime.onMessage.addListener((message, sender, sendResponse) => {
+  if (message.type !== 'sessionSave' && message.type !== 'localSave') {
+    return;
+  }
+
+  const storage = message.type === 'sessionSave' ?
+    window.sessionStorage :
+    window.localStorage;
+  storage.setItem(message.name, message.value);
+});

src/extension/page-inspector.js

@@ -1,100 +1,184 @@
-function loadFromStorageAndCookies() {
-  // Populate cookies/LocalStorage combobox
-  function checkLoadJwtFromLength() {
-      var optGroups = [
-          $('optgroup[label="Cookies"]'),
-          $('optgroup[label="Web Storage"]')
-      ];
-
-      optGroups.forEach(function(optGroup) {
-          var hasJWTs =
-            optGroup.children(':not(.load-from-no-jwts)').length > 0;
-          if(hasJWTs) {
-              optGroup.children('.load-from-no-jwts').remove();
-          } else {
-              optGroup.empty();
-              optGroup.append($('<option/>', {
-                  'class': 'load-from-no-jwts',
-                  'text': 'No JWTs found',
-                  'disabled': true
-              }));
-          }
-      });
+import { isToken } from '../editor/jwt.js'
+import { getTokenEditorValue, setTokenEditorValue } from '../editor';
+import { 
+  cookiesOptGroup,
+  webStorageOptGroup,
+  saveBackElement,
+  saveBackLink,
+  storageSelect  
+} from './dom-elements.js';
+import strings from '../strings.js';
+
+function updateOptGroups() {
+  var optGroups = [cookiesOptGroup, webStorageOptGroup];
+
+  optGroups.forEach(optGroup => {
+    const hasJWTs = optGroup.querySelectorAll(':not(.load-from-no-jwts)')
+                            .length > 0;
+    if (hasJWTs) {
+      const toRemove = optGroup.querySelectorAll('.load-from-no-jwts');
+      Array.prototype.forEach.call(toRemove, e => e.remove());
+    } else {      
+      const noJwtOption = document.createElement('option');
+      noJwtOption.classList.add('load-from-no-jwts');
+      noJwtOption.text = strings.extension.noJwtsFound;
+      noJwtOption.disabled = true;
+
+      optGroup.innerHTML = ''; // Remove all elements
+      optGroup.appendChild(noJwtOption);      
+    }
+  });
+}
+
+function messageHandler(message) {
+  if (message.type !== 'cookies' && message.type !== 'storage') {
+    return;
   }
 
-  function jwtMessage(message) {
-      if(message.type !== 'cookies' && message.type !== 'storage') {
+  const elements = [];
+
+  message.tokens.forEach(token => {
+    if (!isToken(token.value)) {
+      if(message.type === 'cookies') {
+        return;
+      }
+
+      try {
+        // Try again after parsing it first, some people do
+        //localStorage.setItem('jwt', JSON.stringify(token))
+        token.value = JSON.parse(token.value);
+        if (!isToken(token.value)) {
+          // Not a valid token, ignore it.
           return;
+        }
+      } catch (e) {
+        // Not a valid token, ignore it.
+        return;
       }
+    }
 
-      var elements = [];
-
-      message.tokens.forEach(function(token) {
-          if(!isToken(token.value)) {
-              if(message.type === 'storage') {
-                  try {
-                      // Try again after parsing it first, some people do
-                      //localStorage.setItem('jwt', JSON.stringify(token))
-                      token.value = JSON.parse(token.value);
-                      if(!isToken(token.value)) {
-                          return;
-                      }
-                  } catch(e) {
-                      return;
-                  }
-              } else {
-                  return;
-              }
-          }
-
-          var e = $('<option/>').text(token.name)
-                                .val(token.value)
-                                .data('type', token.type)
-          if(token.cookie) {
-              e.data('cookie', token.cookie);
-          }
-          elements.push(e);
-      });
+    const e = document.createElement('option');
+    e.text = token.name;
+    e.value = token.value;
+    e.setAttribute('data-type', token.type);
 
-      if(message.type === 'cookies') {
-          $('optgroup[label="Cookies"]').append(elements);
-      } else {
-          $('optgroup[label="Web Storage"]').append(elements);
-      }
+    if(token.cookie) {
+      e.setAttribute('data-cookie', JSON.stringify(token.cookie));
+    }
+
+    elements.push(e);
+  });
 
-      checkLoadJwtFromLength();
+  if (message.type === 'cookies') {
+    elements.forEach(e => cookiesOptGroup.appendChild(e));
+  } else {
+    elements.forEach(e => webStorageOptGroup.appendChild(e));
   }
 
-  chrome.runtime.onMessage.addListener(jwtMessage);
+  updateOptGroups();
+}
 
-  chrome.tabs.executeScript({
-      file: 'js/webstorage.js',
-      runAt: "document_idle"
+function saveCookie(url, cookie, oldCookie) {
+  // Some cookies get duplicated otherwise (chrome.cookies.set bug?)
+  chrome.cookies.remove({
+      url: url,
+      name: oldCookie.name,
+      storeId: oldCookie.storeId
+  });
+  chrome.cookies.set({
+      url: url,
+      name: oldCookie.name,
+      value: cookie.value,
+      domain: oldCookie.domain,
+      path: oldCookie.path,
+      secure: oldCookie.secure,
+      httpOnly: oldCookie.httpOnly,
+      expirationDate: oldCookie.expirationDate,
+      storeId: oldCookie.storeId
+  });
+}
+
+function saveBackClick() {
+  const selected = storageSelect.options[storageSelect.selectedIndex];
+  const type = selected.getAttribute('data-type');
+  const name = selected.text;
+  const value = getTokenEditorValue().token;
+
+  selected.value = value;
+
+  chrome.tabs.query({ active: true, currentWindow: true }, tabs => {
+    const data = {
+      type: type + 'Save',
+      name: name,
+      value: value
+    };
+    if(type === 'cookie') {
+      saveCookie(tabs[0].url, data, 
+                 JSON.parse(selected.getAttribute('data-cookie')));
+    } else {
+      chrome.tabs.sendMessage(tabs[0].id, data);
+    }
   });
+}
+
+function storedJwtSelect() {
+  const selected = storageSelect.options[storageSelect.selectedIndex];
 
-  chrome.tabs.query({ active: true, currentWindow: true }, function(tabs) {
-      chrome.cookies.getAll({
-          url: tabs[0].url,
-      }, function(cookies) {
-          var result = cookies.map(function(cookie) {
-              return {
-                  name: cookie.name,
-                  value: cookie.value,
-                  type: 'cookie',
-                  cookie: cookie
-              }
-          });
-
-          jwtMessage({
-              type: 'cookies',
-              tokens: result
-          });
+  if(selected.getAttribute('name') === '0') { // "None" selected
+    saveBackElement.classList.add('hide');
+    return;
+  }
+  saveBackElement.classList.remove('hide');
+
+  const type = selected.parentElement.getAttribute('label').toLowerCase();
+
+  const name = selected.text;
+  const value = selected.value;
+
+  setTokenEditorValue(value);
+
+  saveBackLink.firstChild.textContent = strings.extension.saveBackTo + type;
+}
+
+function setupListeners() {
+  saveBackElement.addEventListener('click', saveBackClick);
+  storageSelect.addEventListener('change', storedJwtSelect);
+}
+
+function getCookies() {
+  chrome.tabs.query({ active: true, currentWindow: true }, tabs => {
+    chrome.cookies.getAll({
+      url: tabs[0].url,
+    }, cookies => {
+      const result = cookies.map(cookie => {
+        return {
+          name: cookie.name,
+          value: cookie.value,
+          type: 'cookie',
+          cookie: cookie
+        }
+      });
+
+      messageHandler({
+        type: 'cookies',
+        tokens: result
       });
+    });
   });
+}
+
+function setupInjectedCode() {
+  chrome.runtime.onMessage.addListener(messageHandler);
 
-  checkLoadJwtFromLength();
+  chrome.tabs.executeScript({
+    file: 'js/webstorage.js',
+    runAt: "document_idle"
+  });
 }
 
 export function setupTokenPageInspector() {
-
+  setupInjectedCode();
+  getCookies();
+  updateOptGroups();
+  setupListeners();
 }

src/strings.js

@@ -3,7 +3,9 @@ export default {
     alreadyInstalled: 'Already installed',
     addToChrome: 'Add to Chrome',
     shareThisJwt: 'Share this JWT',
-    jwtIoUrlCopied: 'JWT.io URL copied'
+    jwtIoUrlCopied: 'JWT.io URL copied',
+    noJwtsFound: 'No JWTs found',
+    saveBackTo: 'Save back to '
   },
   editor: {
     signatureVerified: 'signature verified',

views/extension/index.pug

@@ -40,7 +40,7 @@ block content
               img(src="/img/ico_logo.svg")
 
           .pull-right.save-back.hide
-            a(href="#") Save back to localStorage
+            a#save-back-link(href="#") Save back to localStorage
 
           .pull-right.keyboard-info
             span Press Ctrl + Shift + K to open the JWT debugger

webpack.extension-dev.js

@@ -5,6 +5,7 @@ const common = require('./webpack.common.js');
 module.exports = merge(common, {
   entry: {
     index: './src/extension/index.js',
+    webstorage: './src/extension/injected/webstorage.js'
   },
   output: {
     filename: '[name].js',