bitwarden-estensione-browser/src/services/tokenService.js

function TokenService(utilsService) {
    this.utilsService = utilsService;

    initTokenService();
}

function initTokenService() {
    var _token,
        _decodedToken,
        _refreshToken;

    TokenService.prototype.setTokens = function (accessToken, refreshToken, callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        var self = this;
        self.setToken(accessToken, function () {
            self.setRefreshToken(refreshToken, function () {
                callback();
            });
        });
    };

    TokenService.prototype.setToken = function (token, callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        _token = token;
        _decodedToken = null;
        chrome.storage.local.set({
            'accessToken': token
        }, function () {
            callback();
        });
    };

    TokenService.prototype.getToken = function (callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        if (_token) {
            return callback(_token);
        }

        chrome.storage.local.get('accessToken', function (obj) {
            if (obj && obj.accessToken) {
                _token = obj.accessToken;
            }

            return callback(_token);
        });
    };

    TokenService.prototype.setRefreshToken = function (refreshToken, callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        _refreshToken = refreshToken;
        chrome.storage.local.set({
            'refreshToken': refreshToken
        }, function () {
            callback();
        });
    };

    TokenService.prototype.getRefreshToken = function (callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        if (_refreshToken) {
            return callback(_refreshToken);
        }

        chrome.storage.local.get('refreshToken', function (obj) {
            if (obj && obj.refreshToken) {
                _refreshToken = obj.refreshToken;
            }

            return callback(_refreshToken);
        });
    };

    TokenService.prototype.setTwoFactorToken = function (token, email, callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        var obj = {};
        obj['twoFactorToken_' + email] = token;

        chrome.storage.local.set(obj, function () {
            callback();
        });
    };

    TokenService.prototype.getTwoFactorToken = function (email) {
        return this.utilsService.getObjFromStorage('twoFactorToken_' + email).then(function (token) {
            return token;
        });
    };

    TokenService.prototype.clearTwoFactorToken = function (email, callback) {
        if (!callback || typeof callback !== 'function') {
            throw 'callback function required';
        }

        chrome.storage.local.remove('twoFactorToken_' + email, function () {
            callback();
        });
    };

    TokenService.prototype.clearToken = function () {
        var self = this;
        return Q.all([
            self.utilsService.removeFromStorage('accessToken'),
            self.utilsService.removeFromStorage('refreshToken')
        ]).then(function () {
            _token = _decodedToken = _refreshToken = null;
        });
    };

    // jwthelper methods
    // ref https://github.com/auth0/angular-jwt/blob/master/src/angularJwt/services/jwt.js

    TokenService.prototype.decodeToken = function () {
        if (_decodedToken) {
            return _decodedToken;
        }

        if (!_token) {
            throw 'Token not found.';
        }

        var parts = _token.split('.');
        if (parts.length !== 3) {
            throw 'JWT must have 3 parts';
        }

        var decoded = urlBase64Decode(parts[1]);
        if (!decoded) {
            throw 'Cannot decode the token';
        }

        _decodedToken = JSON.parse(decoded);
        return _decodedToken;
    };

    TokenService.prototype.getTokenExpirationDate = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.exp === 'undefined') {
            return null;
        }

        var d = new Date(0); // The 0 here is the key, which sets the date to the epoch
        d.setUTCSeconds(decoded.exp);

        return d;
    };

    TokenService.prototype.tokenSecondsRemaining = function (offsetSeconds) {
        var d = this.getTokenExpirationDate();
        offsetSeconds = offsetSeconds || 0;
        if (d === null) {
            return 0;
        }

        var msRemaining = d.valueOf() - (new Date().valueOf() + (offsetSeconds * 1000));
        return Math.round(msRemaining / 1000);
    };

    TokenService.prototype.tokenNeedsRefresh = function (minutes) {
        minutes = minutes || 5; // default 5 minutes
        var sRemaining = this.tokenSecondsRemaining();
        return sRemaining < (60 * minutes);
    };

    TokenService.prototype.getUserId = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.sub === 'undefined') {
            throw 'No user id found';
        }

        return decoded.sub;
    };

    TokenService.prototype.getEmail = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.email === 'undefined') {
            throw 'No email found';
        }

        return decoded.email;
    };

    TokenService.prototype.getName = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.name === 'undefined') {
            throw 'No name found';
        }

        return decoded.name;
    };

    TokenService.prototype.getPremium = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.premium === 'undefined') {
            return false;
        }

        return !!decoded.premium;
    };

    TokenService.prototype.getIssuer = function () {
        var decoded = this.decodeToken();

        if (typeof decoded.iss === 'undefined') {
            throw 'No issuer found';
        }

        return decoded.iss;
    };

    function urlBase64Decode(str) {
        var output = str.replace(/-/g, '+').replace(/_/g, '/');
        switch (output.length % 4) {
            case 0: { break; }
            case 2: { output += '=='; break; }
            case 3: { output += '='; break; }
            default: {
                throw 'Illegal base64url string!';
            }
        }

        //polyfill https://github.com/davidchambers/Base64.js
        return window.decodeURIComponent(escape(window.atob(output)));
    }
}
Setup Webpack & TypeScript (#316) * TypeScript and WebPack. * Minor cleanup. * Add background.js as entry point to webpack. * Use downloaded fonts for better performance. Remove google-fonts-webpack-plugin. * Add the remaining entry points and setup notification bar. * Update readme for webpack. * Convert CipherItems to TypeScript to demonstrate how a component looks in TS. * Fix edge requirering a custom angular version. * Rewrite gulp tasks for packaging releases. * Re-add the webpack gulp plugin. * Remove unessesary line in analytics. 2017-10-29 03:14:14 +01:00			`function TokenService(utilsService) {`
convert to promises. loginService cipher refactor 2017-10-13 23:07:20 +02:00			`this.utilsService = utilsService;`
promise conversions 2017-10-17 15:25:22 +02:00
more services and async callthroughs for vault list/add 2016-09-04 06:34:24 +02:00			`initTokenService();`
lint fixes 2017-07-14 21:34:05 +02:00			`}`
setup various pages and services 2016-09-03 06:03:13 +02:00
more services and async callthroughs for vault list/add 2016-09-04 06:34:24 +02:00			`function initTokenService() {`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`var _token,`
			`_decodedToken,`
			`_refreshToken;`

			`TokenService.prototype.setTokens = function (accessToken, refreshToken, callback) {`
			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

			`var self = this;`
			`self.setToken(accessToken, function () {`
			`self.setRefreshToken(refreshToken, function () {`
			`callback();`
			`});`
			`});`
			`};`
setup various pages and services 2016-09-03 06:03:13 +02:00
			`TokenService.prototype.setToken = function (token, callback) {`
Few fixes to services and login 2016-09-02 07:20:41 +02:00			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

setup various services and login page 2016-09-02 06:50:57 +02:00			`_token = token;`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`_decodedToken = null;`
setup various services and login page 2016-09-02 06:50:57 +02:00			`chrome.storage.local.set({`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`'accessToken': token`
setup various services and login page 2016-09-02 06:50:57 +02:00			`}, function () {`
			`callback();`
			`});`
			`};`

setup various pages and services 2016-09-03 06:03:13 +02:00			`TokenService.prototype.getToken = function (callback) {`
Few fixes to services and login 2016-09-02 07:20:41 +02:00			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

setup various services and login page 2016-09-02 06:50:57 +02:00			`if (_token) {`
			`return callback(_token);`
			`}`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`chrome.storage.local.get('accessToken', function (obj) {`
			`if (obj && obj.accessToken) {`
			`_token = obj.accessToken;`
setup various services and login page 2016-09-02 06:50:57 +02:00			`}`

			`return callback(_token);`
			`});`
			`};`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`TokenService.prototype.setRefreshToken = function (refreshToken, callback) {`
Few fixes to services and login 2016-09-02 07:20:41 +02:00			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`_refreshToken = refreshToken;`
			`chrome.storage.local.set({`
			`'refreshToken': refreshToken`
			`}, function () {`
setup various services and login page 2016-09-02 06:50:57 +02:00			`callback();`
			`});`
			`};`
replace jwthelper 2016-09-03 06:11:57 +02:00
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`TokenService.prototype.getRefreshToken = function (callback) {`
			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

			`if (_refreshToken) {`
			`return callback(_refreshToken);`
			`}`

			`chrome.storage.local.get('refreshToken', function (obj) {`
			`if (obj && obj.refreshToken) {`
			`_refreshToken = obj.refreshToken;`
			`}`

			`return callback(_refreshToken);`
			`});`
			`};`

two factor page cleanup 2017-06-27 04:24:10 +02:00			`TokenService.prototype.setTwoFactorToken = function (token, email, callback) {`
			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

			`var obj = {};`
			`obj['twoFactorToken_' + email] = token;`

			`chrome.storage.local.set(obj, function () {`
			`callback();`
			`});`
			`};`

promise conversions 2017-10-17 15:25:22 +02:00			`TokenService.prototype.getTwoFactorToken = function (email) {`
			`return this.utilsService.getObjFromStorage('twoFactorToken_' + email).then(function (token) {`
			`return token;`
two factor page cleanup 2017-06-27 04:24:10 +02:00			`});`
			`};`

			`TokenService.prototype.clearTwoFactorToken = function (email, callback) {`
			`if (!callback \|\| typeof callback !== 'function') {`
			`throw 'callback function required';`
			`}`

			`chrome.storage.local.remove('twoFactorToken_' + email, function () {`
			`callback();`
			`});`
			`};`

convert to promises. loginService cipher refactor 2017-10-13 23:07:20 +02:00			`TokenService.prototype.clearToken = function () {`
			`var self = this;`
			`return Q.all([`
			`self.utilsService.removeFromStorage('accessToken'),`
			`self.utilsService.removeFromStorage('refreshToken')`
			`]).then(function () {`
			`_token = _decodedToken = _refreshToken = null;`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`});`
			`};`

replace jwthelper 2016-09-03 06:11:57 +02:00			`// jwthelper methods`
			`// ref https://github.com/auth0/angular-jwt/blob/master/src/angularJwt/services/jwt.js`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`TokenService.prototype.decodeToken = function () {`
			`if (_decodedToken) {`
			`return _decodedToken;`
			`}`

			`if (!_token) {`
			`throw 'Token not found.';`
			`}`
replace jwthelper 2016-09-03 06:11:57 +02:00
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`var parts = _token.split('.');`
replace jwthelper 2016-09-03 06:11:57 +02:00			`if (parts.length !== 3) {`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`throw 'JWT must have 3 parts';`
replace jwthelper 2016-09-03 06:11:57 +02:00			`}`

			`var decoded = urlBase64Decode(parts[1]);`
			`if (!decoded) {`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`throw 'Cannot decode the token';`
replace jwthelper 2016-09-03 06:11:57 +02:00			`}`

cache _decodedToken 2017-02-05 03:58:16 +01:00			`_decodedToken = JSON.parse(decoded);`
			`return _decodedToken;`
replace jwthelper 2016-09-03 06:11:57 +02:00			`};`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`TokenService.prototype.getTokenExpirationDate = function () {`
			`var decoded = this.decodeToken();`
replace jwthelper 2016-09-03 06:11:57 +02:00
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`if (typeof decoded.exp === 'undefined') {`
replace jwthelper 2016-09-03 06:11:57 +02:00			`return null;`
			`}`

			`var d = new Date(0); // The 0 here is the key, which sets the date to the epoch`
			`d.setUTCSeconds(decoded.exp);`

			`return d;`
			`};`

Added refresh token check for each API call. refactored logout messaging from authService 2017-01-19 06:21:20 +01:00			`TokenService.prototype.tokenSecondsRemaining = function (offsetSeconds) {`
			`var d = this.getTokenExpirationDate();`
			`offsetSeconds = offsetSeconds \|\| 0;`
			`if (d === null) {`
			`return 0;`
			`}`

			`var msRemaining = d.valueOf() - (new Date().valueOf() + (offsetSeconds * 1000));`
			`return Math.round(msRemaining / 1000);`
			`};`

			`TokenService.prototype.tokenNeedsRefresh = function (minutes) {`
			`minutes = minutes \|\| 5; // default 5 minutes`
			`var sRemaining = this.tokenSecondsRemaining();`
			`return sRemaining < (60 * minutes);`
			`};`

convert to identityserver auth 2017-01-18 05:07:46 +01:00			`TokenService.prototype.getUserId = function () {`
			`var decoded = this.decodeToken();`

			`if (typeof decoded.sub === 'undefined') {`
			`throw 'No user id found';`
			`}`

			`return decoded.sub;`
			`};`

			`TokenService.prototype.getEmail = function () {`
			`var decoded = this.decodeToken();`

adjusted token service gets for new claims 2017-01-25 04:57:21 +01:00			`if (typeof decoded.email === 'undefined') {`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`throw 'No email found';`
			`}`

adjusted token service gets for new claims 2017-01-25 04:57:21 +01:00			`return decoded.email;`
			`};`

			`TokenService.prototype.getName = function () {`
			`var decoded = this.decodeToken();`

			`if (typeof decoded.name === 'undefined') {`
			`throw 'No name found';`
			`}`

			`return decoded.name;`
convert to identityserver auth 2017-01-18 05:07:46 +01:00			`};`

get premium status from token 2017-07-11 20:54:36 +02:00			`TokenService.prototype.getPremium = function () {`
			`var decoded = this.decodeToken();`

			`if (typeof decoded.premium === 'undefined') {`
			`return false;`
			`}`

			`return !!decoded.premium;`
			`};`

choose auth scheme based on token issuer 2017-05-06 05:19:38 +02:00			`TokenService.prototype.getIssuer = function () {`
			`var decoded = this.decodeToken();`

			`if (typeof decoded.iss === 'undefined') {`
			`throw 'No issuer found';`
			`}`

			`return decoded.iss;`
			`};`

replace jwthelper 2016-09-03 06:11:57 +02:00			`function urlBase64Decode(str) {`
			`var output = str.replace(/-/g, '+').replace(/_/g, '/');`
			`switch (output.length % 4) {`
			`case 0: { break; }`
			`case 2: { output += '=='; break; }`
			`case 3: { output += '='; break; }`
			`default: {`
			`throw 'Illegal base64url string!';`
			`}`
			`}`
formatting 2016-09-22 19:15:42 +02:00
			`//polyfill https://github.com/davidchambers/Base64.js`
			`return window.decodeURIComponent(escape(window.atob(output)));`
lint fixes 2017-07-14 21:34:05 +02:00			`}`
			`}`