debian-mirror-gitlab/app/assets/javascripts/authentication/webauthn/util.js

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

131 lines
3.4 KiB
JavaScript
Raw Normal View History

2020-11-24 15:15:51 +05:30
export function supported() {
return Boolean(
2023-05-27 22:25:52 +05:30
navigator.credentials?.create && navigator.credentials?.get && window.PublicKeyCredential,
2020-11-24 15:15:51 +05:30
);
}
export function isHTTPS() {
return window.location.protocol.startsWith('https');
}
2022-04-04 11:22:00 +05:30
/**
* Converts a base64 string to an ArrayBuffer
*
* @param {String} str - A base64 encoded string
* @returns {ArrayBuffer}
*/
export const base64ToBuffer = (str) => {
const rawStr = atob(str);
const buffer = new ArrayBuffer(rawStr.length);
const arr = new Uint8Array(buffer);
for (let i = 0; i < rawStr.length; i += 1) {
arr[i] = rawStr.charCodeAt(i);
2020-11-24 15:15:51 +05:30
}
2022-04-04 11:22:00 +05:30
return arr.buffer;
};
2020-11-24 15:15:51 +05:30
2022-04-04 11:22:00 +05:30
/**
* Converts ArrayBuffer to a base64-encoded string
*
* @param {ArrayBuffer, String} str -
* @returns {String} - ArrayBuffer to a base64-encoded string.
* When input is a string, returns the input as-is.
*/
export const bufferToBase64 = (input) => {
if (typeof input === 'string') {
return input;
2020-11-24 15:15:51 +05:30
}
2022-04-04 11:22:00 +05:30
const arr = new Uint8Array(input);
return btoa(String.fromCharCode(...arr));
};
2020-11-24 15:15:51 +05:30
2022-05-07 20:08:51 +05:30
/**
* Return a URL-safe base64 string.
*
* RFC: https://datatracker.ietf.org/doc/html/rfc4648#section-5
* @param {String} base64Str
* @returns {String}
*/
export const base64ToBase64Url = (base64Str) => {
return base64Str.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
};
2020-11-24 15:15:51 +05:30
/**
* Returns a copy of the given object with the id property converted to buffer
*
* @param {Object} param
*/
function convertIdToBuffer({ id, ...rest }) {
return {
...rest,
id: base64ToBuffer(id),
};
}
/**
* Returns a copy of the given array with all `id`s of the items converted to buffer
*
* @param {Array} items
*/
function convertIdsToBuffer(items) {
return items.map(convertIdToBuffer);
}
/**
* Returns an object with keys of the given props, and values from the given object converted to base64
*
* @param {String} obj
* @param {Array} props
*/
function convertPropertiesToBase64(obj, props) {
return props.reduce(
(acc, property) => Object.assign(acc, { [property]: bufferToBase64(obj[property]) }),
{},
);
}
export function convertGetParams({ allowCredentials, challenge, ...rest }) {
return {
...rest,
...(allowCredentials ? { allowCredentials: convertIdsToBuffer(allowCredentials) } : {}),
challenge: base64ToBuffer(challenge),
};
}
export function convertGetResponse(webauthnResponse) {
return {
type: webauthnResponse.type,
id: webauthnResponse.id,
rawId: bufferToBase64(webauthnResponse.rawId),
response: convertPropertiesToBase64(webauthnResponse.response, [
'clientDataJSON',
'authenticatorData',
'signature',
'userHandle',
]),
clientExtensionResults: webauthnResponse.getClientExtensionResults(),
};
}
export function convertCreateParams({ challenge, user, excludeCredentials, ...rest }) {
return {
...rest,
challenge: base64ToBuffer(challenge),
user: convertIdToBuffer(user),
...(excludeCredentials ? { excludeCredentials: convertIdsToBuffer(excludeCredentials) } : {}),
};
}
export function convertCreateResponse(webauthnResponse) {
return {
type: webauthnResponse.type,
id: webauthnResponse.id,
rawId: bufferToBase64(webauthnResponse.rawId),
clientExtensionResults: webauthnResponse.getClientExtensionResults(),
response: convertPropertiesToBase64(webauthnResponse.response, [
'clientDataJSON',
'attestationObject',
]),
};
}