fix: add required wrappers for passwords client to setup encryption (b8e8747c) · Commits · e / infra / ecloud / nextcloud-apps / Ecloud Accounts

.gitignore

+1 −0

Original line number	Diff line number	Diff line
		@@ -19,3 +19,4 @@ translationtool.phar
		.php-cs-fixer.cache
		.phpunit.result.cache
		junit.xml
		css/

lib/Controller/AccountController.php

+7 −2

Original line number	Diff line number	Diff line
		@@ -113,18 +113,21 @@ class AccountController extends Controller {
		$captchaProvider = $this->getCaptchaProvider();
		$this->initialState->provideInitialState('captchaProvider', $captchaProvider);

		if ($captchaProvider === self::HCAPTCHA_PROVIDER) {
		$csp = $response->getContentSecurityPolicy();
		$csp->allowEvalWasm();

		if ($captchaProvider === self::HCAPTCHA_PROVIDER) {
		foreach (self::HCAPTCHA_DOMAINS as $domain) {
		$csp->addAllowedScriptDomain($domain);
		$csp->addAllowedFrameDomain($domain);
		$csp->addAllowedStyleDomain($domain);
		$csp->addAllowedConnectDomain($domain);
		}
		$response->setContentSecurityPolicy($csp);
		$hcaptchaSiteKey = $this->config->getSystemValue(Application::APP_ID . '.hcaptcha_site_key');
		$this->initialState->provideInitialState('hCaptchaSiteKey', $hcaptchaSiteKey);
		}
		$response->setContentSecurityPolicy($csp);

		return $response;
		}

		@@ -218,6 +221,8 @@ class AccountController extends Controller {
		$this->session->remove(self::SESSION_VERIFIED_DISPLAYNAME);
		$this->session->remove(self::CAPTCHA_VERIFIED_CHECK);

		$user = $this->userService->getUser($username);
		$this->userSession->setUser($user);
		$response->setStatus(200);
		$response->setData(['success' => true]);

src/Signup.vue

+17 −15

Original line number	Diff line number	Diff line
		@@ -30,8 +30,8 @@ import HCaptchaForm from './signup/HCaptchaForm.vue'
		import CaptchaForm from './signup/CaptchaForm.vue'
		import RecoveryEmailForm from './signup/RecoveryEmailForm.vue'
		import SuccessSection from './signup/SuccessSection.vue'
		import PasswordsClient from "passwords-client";
		import {EnhancedApi} from 'passwords-client/legacy';
		import ClientService from './passwords/ClientService.js'
		import LegacyPasswordsApi from './passwords/LegacyPasswordsApi.js'

		const APPLICATION_NAME = 'ecloud-accounts'

		@@ -91,7 +91,7 @@ export default {
		this.showRecoveryEmailForm = true
		}
		},
		submitRecoveryEmailForm(data) {
		async submitRecoveryEmailForm(data) {
		if (data.isFormValid) {
		const data = {
		password: this.formData.password,
		@@ -99,9 +99,9 @@ export default {
		language: this.formData.selectedLanguage,
		newsletterEos: this.formData.newsletterEos,
		newsletterProduct: this.formData.newsletterProduct,
		newsletterB2B: this.formData.newsletterB2B
		newsletterB2B: this.formData.newsletterB2B,
		}
		this.submitForm(data)
		await this.submitForm(data)
		}
		},
		async submitForm(data) {
		@@ -111,7 +111,6 @@ export default {
		await Axios.post(url, data)
		await this.setupEncryption()


		// If the execution reaches here, the response status is in the 2xx range
		this.showRegistrationForm = false
		this.showCaptchaForm = false
		@@ -132,17 +131,20 @@ export default {
		async setupEncryption() {
		const token = this.formData.password
		const user = this.formData.username
		let baseUrl = generateUrl('', [], {})
		if (baseUrl.indexOf(location.origin) === -1) {
		baseUrl = new URL(location.origin + baseUrl).href
		let baseUrl = new URL(generateUrl('/', [], {}), location.origin).href
		if (baseUrl.indexOf('index.php') !== -1) {
		baseUrl = baseUrl.substr(0, baseUrl.indexOf('index.php'))
		}

		const server = { baseUrl, user, token }
		const client = new PasswordsClient(server, { baseUrl, user, token })
		const api = new EnhancedApi()
		api.initialize(client, { cseMode: 'CSEv1r1' })

		await api.setAccountChallenge(this.formData.password)
		ClientService.initialize(baseUrl, user, token, null, { cseMode: 'CSEv1r1' })
		const api = new LegacyPasswordsApi()
		api.initialize(ClientService.getClient(), { cseMode: 'CSEv1r1' })
		try {
		await api.setAccountChallenge(token)
		} catch (error) {
		console.error('[passwords] setAccountChallenge failed', error)
		throw error
		}
		},
		showMessage(message, type) {
		type === 'success' ? showSuccess(message) : showError(message)

src/passwords/ApiRequest.js

0 → 100644

+22 −0

Original line number	Diff line number	Diff line
		import { ApiRequest as OriginalApiRequest } from 'passwords-client/http'

		export default class ApiRequest extends OriginalApiRequest {

		/**
		* @param {string} url
		* @param {object} options
		* @return {Promise<Response>}
		* @private
		*/
		async _executeRequest(url, options) {
		try {
		const request = new Request(url, options)
		this._api.emit('request.before', request)
		return await fetch(request, options)
		} catch (e) {
		this._api.emit('request.error', e)
		throw e
		}
		}

		}

src/passwords/ClientService.js

0 → 100644

+39 −0

Original line number	Diff line number	Diff line
		/* eslint-disable new-parens */
		/* eslint-disable padded-blocks */
		import EnhancedClassLoader from 'passwords-client/enhanced-class-loader'
		import PasswordsClient from 'passwords-client'
		import LegacyPasswordsApi from './LegacyPasswordsApi.js'
		import ApiRequest from './ApiRequest.js'

		export default new class ClientService {
		constructor() {
		this._client = null
		this._events = null
		}

		initialize(baseUrl, user, token, events = null, legacyConfig = {}) {
		const server = { baseUrl, user, token }
		const config = { baseUrl, user, token }

		const classes = {
		legacy: () => {
		const client = new LegacyPasswordsApi()
		client.initialize(this.getClient(), legacyConfig)
		return client
		},
		'network.request': ApiRequest,
		}

		const classLoader = new EnhancedClassLoader(classes)
		this._client = new PasswordsClient(server, config, classLoader)
		this._events = events
		}

		getClient() {
		return this._client
		}

		getLegacyClient() {
		return this.getClient().getInstance('legacy')
		}
		}