Fixed problem in replacing JWTs in messages

stfbk · Aug 10, 2023 · 6ecd133 · 6ecd133
1 parent c3260e5
commit 6ecd133
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 10 deletions.
diff --git a/tool/src/main/java/migt/Check.java b/tool/src/main/java/migt/Check.java
@@ -259,6 +259,10 @@ private boolean execute_http(HTTPReqRes message,
     private boolean execute_json() throws ParsingException {
         DecodeOperation_API tmp = ((DecodeOperation_API) this.imported_api);
 
+        if (isParamCheck) {
+            throw new ParsingException("Cannot execute a 'check param' in a json, please use 'check'");
+        }
+
         String j = "";
 
         switch (in) {
@@ -284,18 +288,18 @@ private boolean execute_json() throws ParsingException {
         String found = "";
         // https://github.com/json-path/JsonPath
         try {
-            found = JsonPath.read(j, what);
+            Object found_obj = JsonPath.read(j, what);
+            found = (String) found_obj;
         } catch (com.jayway.jsonpath.PathNotFoundException e) {
             applicable = true;
             return op == IS_NOT_PRESENT;
+        } catch (java.lang.ClassCastException e) {
+            throw new ParsingException("Invalid JSON Path in check operation, the value matched is an array, please " +
+                    "specify the element to be matched with the correct json PATH, i.e. by using ...[0]");
         }
 
         applicable = true; // at this point the path has been found so the check is applicable
 
-        if (isParamCheck) {
-            throw new ParsingException("Cannot execute a 'check param' in a json, please use 'check'");
-        }
-
         switch (op) {
             case IS:
                 return op_val.equals(found);

diff --git a/tool/src/main/java/migt/HTTPReqRes.java b/tool/src/main/java/migt/HTTPReqRes.java
@@ -23,8 +23,8 @@ public class HTTPReqRes implements Cloneable {
     public boolean isResponse = false;
     public int body_offset_req; // identifies the index where the body ends in the request
     public int body_offset_resp; // the index where teh body of the response starts
-    byte[] body_req; // the body of the request message
-    byte[] body_resp; // the body of the response message
+    byte[] body_req = null; // the body of the request message
+    byte[] body_resp = null; // the body of the response message
     // host data
     private String host;
     private int port = 0;

diff --git a/tool/src/main/java/migt/Operation.java b/tool/src/main/java/migt/Operation.java
@@ -373,8 +373,8 @@ public void setAPI(Operation_API api) {
         matchedMessages.add(new Operation.MatchedMessage(
                 api.message,
                 0,
-                api.message.isRequest,
-                api.message.isResponse,
+                api.is_request,
+                !api.is_request,
                 false
         ));
 

diff --git a/tool/src/main/java/migt/Tools.java b/tool/src/main/java/migt/Tools.java
@@ -741,7 +741,8 @@ public static byte[] editMessageParam(IExtensionHelpers helpers,
                 }
 
                 matcher = pattern.matcher(new String(messageInfo.getBody(isRequest)));
-                messageInfo.setBody(isRequest, matcher.replaceAll(new_value));
+                String new_body = matcher.replaceFirst(new_value);
+                messageInfo.setBody(isRequest, new_body);
                 //Automatically update content-lenght
                 return messageInfo.getMessage(isRequest, helpers);