From 7c3a9d61e6e736c8f439a5094585efac3a4cfa12 Mon Sep 17 00:00:00 2001
From: Vincent Salucci <26154748+vincentsalucci@users.noreply.github.com>
Date: Mon, 10 Aug 2020 08:38:31 -0500
Subject: [PATCH] [SSO] Login - added launchSsoBrowser method (#144)

* Added launchSsoBrowser method

* Updated let -> const

* Saved state/verifier to storage
---
 src/angular/components/login.component.ts | 38 +++++++++++++++++++++--
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/src/angular/components/login.component.ts b/src/angular/components/login.component.ts
index 75fea94b45..81a32a8f05 100644
--- a/src/angular/components/login.component.ts
+++ b/src/angular/components/login.component.ts
@@ -2,14 +2,17 @@ import {
     Input,
     OnInit,
 } from '@angular/core';
+
 import { Router } from '@angular/router';
 
 import { AuthResult } from '../../models/domain/authResult';
 
 import { AuthService } from '../../abstractions/auth.service';
+import { CryptoFunctionService } from '../../abstractions/cryptoFunction.service';
+import { EnvironmentService } from '../../abstractions/environment.service';
 import { I18nService } from '../../abstractions/i18n.service';
+import { PasswordGenerationService } from '../../abstractions/passwordGeneration.service';
 import { PlatformUtilsService } from '../../abstractions/platformUtils.service';
-import { StateService } from '../../abstractions/state.service';
 import { StorageService } from '../../abstractions/storage.service';
 
 import { ConstantsService } from '../../services/constants.service';
@@ -37,7 +40,9 @@ export class LoginComponent implements OnInit {
 
     constructor(protected authService: AuthService, protected router: Router,
         protected platformUtilsService: PlatformUtilsService, protected i18nService: I18nService,
-        private storageService: StorageService, protected stateService: StorageService) { }
+        protected stateService: StorageService, protected environmentService: EnvironmentService,
+        protected passwordGenerationService: PasswordGenerationService,
+        protected cryptoFunctionService: CryptoFunctionService, private storageService: StorageService) { }
 
     async ngOnInit() {
         if (this.email == null || this.email === '') {
@@ -109,4 +114,33 @@ export class LoginComponent implements OnInit {
         this.showPassword = !this.showPassword;
         document.getElementById('masterPassword').focus();
     }
+
+    async launchSsoBrowser(clientId: string, ssoRedirectUri: string) {
+        // Generate necessary sso params
+        const passwordOptions: any = {
+            type: 'password',
+            length: 64,
+            uppercase: true,
+            lowercase: true,
+            numbers: true,
+            special: false,
+        };
+        const state = await this.passwordGenerationService.generatePassword(passwordOptions);
+        const ssoCodeVerifier = await this.passwordGenerationService.generatePassword(passwordOptions);
+        const codeVerifierHash = await this.cryptoFunctionService.hash(ssoCodeVerifier, 'sha256');
+        const codeChallenge = Utils.fromBufferToUrlB64(codeVerifierHash);
+
+        // Save sso params
+        await this.storageService.save(ConstantsService.ssoStateKey, state);
+        await this.storageService.save(ConstantsService.ssoCodeVerifierKey, ssoCodeVerifier);
+
+        // Build URI
+        const webUrl = this.environmentService.webVaultUrl == null ? 'https://vault.bitwarden.com' :
+            this.environmentService.webVaultUrl;
+
+        // Launch browser
+        this.platformUtilsService.launchUri(webUrl + '/#/sso?clientId=' + clientId +
+            '&redirectUri=' + encodeURIComponent(ssoRedirectUri) +
+            '&state=' + state + '&codeChallenge=' + codeChallenge);
+    }
 }