diff options
author | Ruben Davila <rdavila84@gmail.com> | 2016-09-09 18:39:22 +0300 |
---|---|---|
committer | Ruben Davila <rdavila84@gmail.com> | 2016-09-09 18:39:22 +0300 |
commit | 2cad277d74b6a7367ac11b94652a6efc18eda850 (patch) | |
tree | c3720b686e5d556f46d1c09f9b30b073966d7c48 /app/assets/javascripts/u2f/authenticate.js | |
parent | e36534dbd2045df23d12627f15c64f6dc523149b (diff) | |
parent | 2b3a1da6f3ceb4c78c055f14dfe93dbe818366d3 (diff) |
Merge branch 'master' into 8-12-stable
Diffstat (limited to 'app/assets/javascripts/u2f/authenticate.js')
-rw-r--r-- | app/assets/javascripts/u2f/authenticate.js | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/app/assets/javascripts/u2f/authenticate.js b/app/assets/javascripts/u2f/authenticate.js index 9ba847fb0c2..ce2930c7fc7 100644 --- a/app/assets/javascripts/u2f/authenticate.js +++ b/app/assets/javascripts/u2f/authenticate.js @@ -1,3 +1,7 @@ +// Authenticate U2F (universal 2nd factor) devices for users to authenticate with. +// +// State Flow #1: setup -> in_progress -> authenticated -> POST to server +// State Flow #2: setup -> in_progress -> error -> setup (function() { var bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; }; @@ -15,6 +19,17 @@ this.appId = u2fParams.app_id; this.challenge = u2fParams.challenge; this.signRequests = u2fParams.sign_requests.map(function(request) { + // The U2F Javascript API v1.1 requires a single challenge, with + // _no challenges per-request_. The U2F Javascript API v1.0 requires a + // challenge per-request, which is done by copying the single challenge + // into every request. + // + // In either case, we don't need the per-request challenges that the server + // has generated, so we can remove them. + // + // Note: The server library fixes this behaviour in (unreleased) version 1.0.0. + // This can be removed once we upgrade. + // https://github.com/castle/ruby-u2f/commit/103f428071a81cd3d5f80c2e77d522d5029946a4 return _(request).omit('challenge'); }); } @@ -41,6 +56,7 @@ })(this), 10); }; + // Rendering # U2FAuthenticate.prototype.templates = { "notSupported": "#js-authenticate-u2f-not-supported", "setup": '#js-authenticate-u2f-setup', @@ -75,6 +91,8 @@ U2FAuthenticate.prototype.renderAuthenticated = function(deviceResponse) { this.renderTemplate('authenticated'); + // Prefer to do this instead of interpolating using Underscore templates + // because of JSON escaping issues. return this.container.find("#js-device-response").val(deviceResponse); }; |