debian-mirror-gitlab/app/assets/javascripts/authentication/u2f/authenticate.js

108 lines
3.6 KiB
JavaScript
Raw Normal View History

2018-05-09 12:01:36 +05:30
import $ from 'jquery';
2020-04-08 14:13:33 +05:30
import { template as lodashTemplate, omit } from 'lodash';
2018-03-27 19:54:05 +05:30
import importU2FLibrary from './util';
2018-03-17 18:26:18 +05:30
import U2FError from './error';
2017-09-10 17:25:29 +05:30
2016-09-29 09:46:39 +05:30
// Authenticate U2F (universal 2nd factor) devices for users to authenticate with.
//
// State Flow #1: setup -> in_progress -> authenticated -> POST to server
// State Flow #2: setup -> in_progress -> error -> setup
2018-03-17 18:26:18 +05:30
export default class U2FAuthenticate {
constructor(container, form, u2fParams, fallbackButton, fallbackUI) {
2018-03-27 19:54:05 +05:30
this.u2fUtils = null;
2018-03-17 18:26:18 +05:30
this.container = container;
this.renderAuthenticated = this.renderAuthenticated.bind(this);
this.renderError = this.renderError.bind(this);
this.renderInProgress = this.renderInProgress.bind(this);
this.renderTemplate = this.renderTemplate.bind(this);
this.authenticate = this.authenticate.bind(this);
this.start = this.start.bind(this);
this.appId = u2fParams.app_id;
this.challenge = u2fParams.challenge;
this.form = form;
this.fallbackButton = fallbackButton;
this.fallbackUI = fallbackUI;
if (this.fallbackButton) {
this.fallbackButton.addEventListener('click', this.switchToFallbackUI.bind(this));
2016-09-13 17:45:13 +05:30
}
2018-03-17 18:26:18 +05:30
// The U2F Javascript API v1.1 requires a single challenge, with
// _no challenges per-request_. The U2F Javascript API v1.0 requires a
// challenge per-request, which is done by copying the single challenge
// into every request.
//
// In either case, we don't need the per-request challenges that the server
// has generated, so we can remove them.
//
// Note: The server library fixes this behaviour in (unreleased) version 1.0.0.
// This can be removed once we upgrade.
// https://github.com/castle/ruby-u2f/commit/103f428071a81cd3d5f80c2e77d522d5029946a4
2020-04-08 14:13:33 +05:30
this.signRequests = u2fParams.sign_requests.map(request => omit(request, 'challenge'));
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
this.templates = {
2020-06-23 00:09:42 +05:30
setup: '#js-authenticate-token-2fa-setup',
inProgress: '#js-authenticate-token-2fa-in-progress',
error: '#js-authenticate-token-2fa-error',
authenticated: '#js-authenticate-token-2fa-authenticated',
2016-09-13 17:45:13 +05:30
};
2018-03-17 18:26:18 +05:30
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
start() {
2018-03-27 19:54:05 +05:30
return importU2FLibrary()
2018-12-13 13:39:08 +05:30
.then(utils => {
2018-03-27 19:54:05 +05:30
this.u2fUtils = utils;
this.renderInProgress();
})
2018-11-08 19:23:39 +05:30
.catch(() => this.switchToFallbackUI());
2018-03-17 18:26:18 +05:30
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
authenticate() {
2018-12-13 13:39:08 +05:30
return this.u2fUtils.sign(
this.appId,
this.challenge,
this.signRequests,
response => {
2018-03-17 18:26:18 +05:30
if (response.errorCode) {
const error = new U2FError(response.errorCode, 'authenticate');
2018-03-27 19:54:05 +05:30
return this.renderError(error);
2018-03-17 18:26:18 +05:30
}
2018-03-27 19:54:05 +05:30
return this.renderAuthenticated(JSON.stringify(response));
2018-12-13 13:39:08 +05:30
},
10,
);
2018-03-17 18:26:18 +05:30
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
renderTemplate(name, params) {
const templateString = $(this.templates[name]).html();
2020-04-08 14:13:33 +05:30
const template = lodashTemplate(templateString);
2018-03-17 18:26:18 +05:30
return this.container.html(template(params));
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
renderInProgress() {
this.renderTemplate('inProgress');
return this.authenticate();
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
renderError(error) {
this.renderTemplate('error', {
error_message: error.message(),
error_code: error.errorCode,
});
2020-06-23 00:09:42 +05:30
return this.container.find('#js-token-2fa-try-again').on('click', this.renderInProgress);
2018-03-17 18:26:18 +05:30
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
renderAuthenticated(deviceResponse) {
this.renderTemplate('authenticated');
const container = this.container[0];
container.querySelector('#js-device-response').value = deviceResponse;
container.querySelector(this.form).submit();
this.fallbackButton.classList.add('hidden');
}
2016-09-13 17:45:13 +05:30
2018-03-17 18:26:18 +05:30
switchToFallbackUI() {
this.fallbackButton.classList.add('hidden');
this.container[0].classList.add('hidden');
this.fallbackUI.classList.remove('hidden');
}
}