diff --git a/src/pass.ts b/src/pass.ts index ec831eb..806630c 100644 --- a/src/pass.ts +++ b/src/pass.ts @@ -130,9 +130,9 @@ export class PassData { return Promise.reject(); } - const encodedUri = encodeURI(`serialNumber=${payload.serialNumber}&vaccineName=${payload.receipt.vaccineName}&vaccinationDate=${payload.receipt.vaccinationDate}&organization=${payload.receipt.organization}&dose=${payload.receipt.numDoses}`); + const encodedUri = `serialNumber=${encodeURIComponent(payload.serialNumber)}&vaccineName=${encodeURIComponent(payload.receipt.vaccineName)}&vaccinationDate=${encodeURIComponent(payload.receipt.vaccinationDate)}&organization=${encodeURIComponent(payload.receipt.organization)}&dose=${encodeURIComponent(payload.receipt.numDoses)}`; const qrCodeUrl = `${verifierHost}/verify?${encodedUri}`; - + // console.log(qrCodeUrl); // Create QR Code Object diff --git a/src/photo.ts b/src/photo.ts index 721158d..496f859 100644 --- a/src/photo.ts +++ b/src/photo.ts @@ -70,10 +70,10 @@ export class Photo { console.log(JSON.stringify(responseJson,null,2)); - if (responseJson["result"] != 'OK') + if (responseJson["result"] != 'OK') return Promise.reject(); - const encodedUri = encodeURI(`serialNumber=${payload.serialNumber}&vaccineName=${payload.receipt.vaccineName}&vaccinationDate=${payload.receipt.vaccinationDate}&organization=${payload.receipt.organization}&dose=${payload.receipt.numDoses}`); + const encodedUri = `serialNumber=${encodeURIComponent(payload.serialNumber)}&vaccineName=${encodeURIComponent(payload.receipt.vaccineName)}&vaccinationDate=${encodeURIComponent(payload.receipt.vaccinationDate)}&organization=${encodeURIComponent(payload.receipt.organization)}&dose=${encodeURIComponent(payload.receipt.numDoses)}`; const qrCodeUrl = `${verifierHost}/verify?${encodedUri}`; // Create QR Code Object @@ -102,25 +102,25 @@ export class Photo { vaccineNameProper = 'Pfizer (Comirnaty)' if (vaccineName.includes('MODERNA')) - vaccineNameProper = 'Moderna (SpikeVax)' + vaccineNameProper = 'Moderna (SpikeVax)' if (vaccineName.includes('ASTRAZENECA')) - vaccineNameProper = 'AstraZeneca (Vaxzevria)' + vaccineNameProper = 'AstraZeneca (Vaxzevria)' let doseVaccine = "#" + String(payload.receipt.numDoses) + ": " + vaccineNameProper; - + document.getElementById('vaccineName').innerText = doseVaccine; document.getElementById('vaccinationDate').innerText = payload.receipt.vaccinationDate; document.getElementById('organization').innerText = payload.receipt.organization; document.getElementById('name').innerText = payload.receipt.name; document.getElementById('dob').innerText = payload.receipt.dateOfBirth; - + const codeWriter = new BrowserQRCodeSvgWriter(); const svg = codeWriter.write(qrCode.message,200,200); svg.setAttribute('style','background-color: white'); document.getElementById('qrcode').appendChild(svg); - + const blobPromise = toBlob(body); return blobPromise; } catch (e) { diff --git a/src/process.ts b/src/process.ts index 572d615..0191ff1 100644 --- a/src/process.ts +++ b/src/process.ts @@ -1,7 +1,7 @@ import {PayloadBody, Receipt} from "./payload"; import * as PdfJS from 'pdfjs-dist' import {COLORS} from "./colors"; -import { getCertificatesInfoFromPDF } from "@ninja-labs/verify-pdf"; // ES6 +import { getCertificatesInfoFromPDF } from "@ninja-labs/verify-pdf"; // ES6 import * as Sentry from '@sentry/react'; import { TextItem } from "pdfjs-dist/types/display/api"; @@ -83,12 +83,14 @@ async function loadPDF(signedPdfBuffer : ArrayBuffer): Promise { '8h9+TbL3ACHDqA4fi5sAbZ7nMXp8RK4o5A==\r\n'+ '-----END CERTIFICATE-----'; - const issuedpemCertificate = ( result.pemCertificate.trim() == refcert.trim()); - + const pdfCert = result.pemCertificate.trim(); + const pdfOrg = result.issuedBy.organizationName; + const issuedpemCertificate = (pdfCert == refcert.trim()); + //console.log(`pdf is signed by this cert ${result.pemCertificate.trim()}`); //console.log(issuedpemCertificate); //console.log(`PDF is signed by ${result.issuedBy.organizationName}, issued to ${result.issuedTo.commonName}`); - + // const bypass = window.location.href.includes('grassroots2'); if (( issuedpemCertificate )) { @@ -98,6 +100,13 @@ async function loadPDF(signedPdfBuffer : ArrayBuffer): Promise { return Promise.resolve(receipt); } else { + // According to the Sentry docs, this can be up to 8KB in size + // https://develop.sentry.dev/sdk/data-handling/#variable-size + Sentry.setContext("certificate", { + pdfCert: pdfCert, + pdfOrg: pdfOrg, + }); + Sentry.captureMessage('Certificate validation failed'); console.error('invalid certificate'); return Promise.reject(`invalid certificate + ${JSON.stringify(result)}`); } @@ -142,11 +151,11 @@ async function getPdfDetails(fileBuffer: ArrayBuffer): Promise { if (value.includes('Product name')) { vaccineName = (content.items[i+1] as TextItem).str; vaccineName = vaccineName.split(' ')[0]; - } + } if (value.includes('Date of birth')) dateOfBirth = (content.items[i+1] as TextItem).str; if (value.includes('Authorized organization')) - organization = (content.items[i+1] as TextItem).str; + organization = (content.items[i+1] as TextItem).str; if (value.includes('You have received')) numDoses = Number(value.split(' ')[3]); }