Created method for handilng email-address-based fingerprint.

2024-04-01 17:50:28 -04:00 · 2024-04-01 17:50:28 -04:00 · 79b912591d
parent bdb1aa0a04
commit 79b912591d
4 changed files with 24 additions and 9 deletions
--- a/apps/desktop/src/auth/login/login-approval.component.ts
+++ b/apps/desktop/src/auth/login/login-approval.component.ts
@ -75,9 +75,10 @@ export class LoginApprovalComponent implements OnInit, OnDestroy {
      this.authRequestResponse = await this.apiService.getAuthRequest(this.notificationId);
      const publicKey = Utils.fromB64ToArray(this.authRequestResponse.publicKey);
      this.email = await this.stateService.getEmail();
-      this.fingerprintPhrase = (
-        await this.cryptoService.getFingerprint(this.email, publicKey)
-      ).join("-");
+      this.fingerprintPhrase = await this.authRequestService.getFingerprintPhrase(
+        this.email,
+        publicKey,
+      );
      this.updateTimeText();

      this.interval = setInterval(() => {
--- a/libs/angular/src/auth/components/login-via-auth-request.component.ts
+++ b/libs/angular/src/auth/components/login-via-auth-request.component.ts
@ -197,9 +197,10 @@ export class LoginViaAuthRequestComponent
    const derivedPublicKeyArrayBuffer = await this.cryptoFunctionService.rsaExtractPublicKey(
      adminAuthReqStorable.privateKey,
    );
-    this.fingerprintPhrase = (
-      await this.cryptoService.getFingerprint(this.email, derivedPublicKeyArrayBuffer)
-    ).join("-");
+    this.fingerprintPhrase = await this.authRequestService.getFingerprintPhrase(
+      this.email,
+      derivedPublicKeyArrayBuffer,
+    );

    // Request denied
    if (adminAuthReqResponse.isAnswered && !adminAuthReqResponse.requestApproved) {
@ -241,9 +242,10 @@ export class LoginViaAuthRequestComponent
    const publicKey = Utils.fromBufferToB64(this.authRequestKeyPair.publicKey);
    const accessCode = await this.passwordGenerationService.generatePassword({ length: 25 });

-    this.fingerprintPhrase = (
-      await this.cryptoService.getFingerprint(this.email, this.authRequestKeyPair.publicKey)
-    ).join("-");
+    this.fingerprintPhrase = await this.authRequestService.getFingerprintPhrase(
+      this.email,
+      this.authRequestKeyPair.publicKey,
+    );

    this.authRequest = new CreateAuthRequest(
      this.email,
--- a/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts
+++ b/libs/auth/src/common/abstractions/auth-request.service.abstraction.ts
@ -66,4 +66,12 @@ export abstract class AuthRequestServiceAbstraction {
   * @remark We should only be receiving approved push notifications to prevent enumeration.
   */
  abstract sendAuthRequestPushNotification: (notification: AuthRequestPushNotification) => void;
+
+  /**
+   * Creates a dash-delimited fingerprint for use in confirming the `AuthRequest` between the requesting and approving device.
+   * @param email The email address of the user.
+   * @param publicKey The public key for the user.
+   * @returns
+   */
+  abstract getFingerprintPhrase(email: string, publicKey: Uint8Array): Promise<string>;
 }
--- a/libs/auth/src/common/services/auth-request/auth-request.service.ts
+++ b/libs/auth/src/common/services/auth-request/auth-request.service.ts
@ -138,4 +138,8 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
      this.authRequestPushNotificationSubject.next(notification.id);
    }
  }
+
+  async getFingerprintPhrase(email: string, publicKey: Uint8Array): Promise<string> {
+    return (await this.cryptoService.getFingerprint(email.toLowerCase(), publicKey)).join("-");
+  }
 }