Welcome to mirror list, hosted at ThFree Co, Russian Federation.

authenticate.js.coffee « u2f « javascripts « assets « app - gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/assets/javascripts/u2f/authenticate.js.coffee
blob: 918c0a560fdd902be56e4098d34d951ac37fc3c8 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

# Authenticate U2F (universal 2nd factor) devices for users to authenticate with.
#
# State Flow #1: setup -> in_progress -> authenticated -> POST to server
# State Flow #2: setup -> in_progress -> error -> setup

class @U2FAuthenticate
  constructor: (@container, u2fParams) ->
    @appId = u2fParams.app_id
    @challenge = u2fParams.challenge

    # The U2F Javascript API v1.1 requires a single challenge, with
    # _no challenges per-request_. The U2F Javascript API v1.0 requires a
    # challenge per-request, which is done by copying the single challenge
    # into every request.
    #
    # In either case, we don't need the per-request challenges that the server
    # has generated, so we can remove them.
    #
    # Note: The server library fixes this behaviour in (unreleased) version 1.0.0.
    # This can be removed once we upgrade.
    # https://github.com/castle/ruby-u2f/commit/103f428071a81cd3d5f80c2e77d522d5029946a4
    @signRequests = u2fParams.sign_requests.map (request) -> _(request).omit('challenge')

  start: () =>
    if U2FUtil.isU2FSupported()
      @renderSetup()
    else
      @renderNotSupported()

  authenticate: () =>
    u2f.sign(@appId, @challenge, @signRequests, (response) =>
      if response.errorCode
        error = new U2FError(response.errorCode)
        @renderError(error);
      else
        @renderAuthenticated(JSON.stringify(response))
    , 10)

  #############
  # Rendering #
  #############

  templates: {
    "notSupported": "#js-authenticate-u2f-not-supported",
    "setup": '#js-authenticate-u2f-setup',
    "inProgress": '#js-authenticate-u2f-in-progress',
    "error": '#js-authenticate-u2f-error',
    "authenticated": '#js-authenticate-u2f-authenticated'
  }

  renderTemplate: (name, params) =>
    templateString = $(@templates[name]).html()
    template = _.template(templateString)
    @container.html(template(params))

  renderSetup: () =>
    @renderTemplate('setup')
    @container.find('#js-login-u2f-device').on('click', @renderInProgress)

  renderInProgress: () =>
    @renderTemplate('inProgress')
    @authenticate()

  renderError: (error) =>
    @renderTemplate('error', {error_message: error.message()})
    @container.find('#js-u2f-try-again').on('click', @renderSetup)

  renderAuthenticated: (deviceResponse) =>
    @renderTemplate('authenticated')
    # Prefer to do this instead of interpolating using Underscore templates
    # because of JSON escaping issues.
    @container.find("#js-device-response").val(deviceResponse)

  renderNotSupported: () =>
    @renderTemplate('notSupported')
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 12:11:23 +0300