2018-06-05 15:01:40 +02:00
|
|
|
|
require('../scripts/u2f');
|
|
|
|
|
|
|
|
|
|
document.addEventListener('DOMContentLoaded', function (event) {
|
2017-06-26 20:49:20 +02:00
|
|
|
|
init();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
var parentUrl = null,
|
2017-06-27 05:52:49 +02:00
|
|
|
|
parentOrigin = null,
|
|
|
|
|
version = null,
|
|
|
|
|
stop = false,
|
|
|
|
|
sentSuccess = false;
|
2017-06-26 20:49:20 +02:00
|
|
|
|
|
|
|
|
|
function init() {
|
2017-06-27 05:52:49 +02:00
|
|
|
|
start();
|
|
|
|
|
onMessage();
|
|
|
|
|
info('ready');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function start() {
|
|
|
|
|
sentSuccess = false;
|
|
|
|
|
|
2017-06-26 20:49:20 +02:00
|
|
|
|
if (!u2f.isSupported) {
|
|
|
|
|
error('U2F is not supported in this browser.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var data = getQsParam('data');
|
|
|
|
|
if (!data) {
|
|
|
|
|
error('No data.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
parentUrl = getQsParam('parent');
|
|
|
|
|
if (!parentUrl) {
|
|
|
|
|
error('No parent.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-06-27 05:52:49 +02:00
|
|
|
|
else {
|
|
|
|
|
var link = document.createElement('a');
|
|
|
|
|
link.href = parentUrl;
|
|
|
|
|
parentOrigin = link.origin;
|
|
|
|
|
}
|
2017-06-26 20:49:20 +02:00
|
|
|
|
|
|
|
|
|
var versionQs = getQsParam('v');
|
|
|
|
|
if (!versionQs) {
|
|
|
|
|
error('No version.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
version = parseInt(versionQs);
|
|
|
|
|
var jsonString = b64Decode(data);
|
|
|
|
|
var json = JSON.parse(jsonString);
|
|
|
|
|
}
|
|
|
|
|
catch (e) {
|
|
|
|
|
error('Cannot parse data.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!json.appId || !json.challenge || !json.keys || !json.keys.length) {
|
|
|
|
|
error('Invalid data parameters.');
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-27 05:52:49 +02:00
|
|
|
|
stop = false
|
2017-06-26 20:49:20 +02:00
|
|
|
|
initU2f(json);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function initU2f(obj) {
|
2017-06-27 05:52:49 +02:00
|
|
|
|
if (stop) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-26 20:49:20 +02:00
|
|
|
|
u2f.sign(obj.appId, obj.challenge, obj.keys, function (data) {
|
|
|
|
|
if (data.errorCode) {
|
2017-07-24 17:48:19 +02:00
|
|
|
|
if (data.errorCode !== 5) {
|
|
|
|
|
error('U2F Error: ' + data.errorCode);
|
2017-07-24 17:52:31 +02:00
|
|
|
|
setTimeout(function () {
|
|
|
|
|
initU2f(obj);
|
|
|
|
|
}, 1000)
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
initU2f(obj);
|
2017-06-26 20:49:20 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
success(data);
|
2017-06-27 14:14:03 +02:00
|
|
|
|
}, 10);
|
2017-06-26 20:49:20 +02:00
|
|
|
|
}
|
|
|
|
|
|
2017-06-27 05:52:49 +02:00
|
|
|
|
function onMessage() {
|
|
|
|
|
window.addEventListener('message', function (event) {
|
|
|
|
|
if (!event.origin || event.origin === '' || event.origin !== parentOrigin) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (event.data === 'stop') {
|
|
|
|
|
stop = true;
|
|
|
|
|
}
|
|
|
|
|
else if (event.data === 'start' && stop) {
|
|
|
|
|
start();
|
|
|
|
|
}
|
|
|
|
|
}, false);
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-26 20:49:20 +02:00
|
|
|
|
function error(message) {
|
|
|
|
|
parent.postMessage('error|' + message, parentUrl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function success(data) {
|
2017-06-27 05:52:49 +02:00
|
|
|
|
if (sentSuccess) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-26 20:49:20 +02:00
|
|
|
|
var dataString = JSON.stringify(data);
|
|
|
|
|
parent.postMessage('success|' + dataString, parentUrl);
|
2017-06-27 05:52:49 +02:00
|
|
|
|
sentSuccess = true;
|
2017-06-26 20:49:20 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function info(message) {
|
|
|
|
|
parent.postMessage('info|' + message, parentUrl);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function getQsParam(name) {
|
|
|
|
|
var url = window.location.href;
|
|
|
|
|
name = name.replace(/[\[\]]/g, '\\$&');
|
|
|
|
|
var regex = new RegExp('[?&]' + name + '(=([^&#]*)|&|#|$)'),
|
|
|
|
|
results = regex.exec(url);
|
|
|
|
|
if (!results) return null;
|
|
|
|
|
if (!results[2]) return '';
|
|
|
|
|
return decodeURIComponent(results[2].replace(/\+/g, ' '));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function b64Decode(str) {
|
|
|
|
|
return decodeURIComponent(Array.prototype.map.call(atob(str), function (c) {
|
|
|
|
|
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
|
|
|
|
|
}).join(''));
|
|
|
|
|
}
|