began rework of dialog for certs, not working yet

8f7ae0c5 · Ben Adida · e67416d8 · 8f7ae0c5 · 8f7ae0c5 · 8f7ae0c5
Commit 8f7ae0c5 authored 13 years ago by Ben Adida
--- a/browserid/app.js
+++ b/browserid/app.js
@@ -137,6 +137,21 @@ function router(app) {
    res.json(ca.PUBLIC_KEY.toSimpleObject());
  });

+  // vep bundle of JavaScript
+  app.get("/vepbundle", function(req, res) {
+    fs.readFile(__dirname + "/../lib/jwcrypto/vepbundle.js", function(error, content) {
+      if (error) {
+        res.writeHead(500);
+        res.end("oops");
+        console.log(error);
+      } else {
+        res.writeHead(200, {'Content-Type': 'text/javascript'});
+        res.write(content);
+        res.end();
+      }
+    });
+  });
+
  // FIXME: remove this call
  app.get('/users/:identity.xml', function(req, resp, next) {
    webfinger.renderUserPage(req.params.identity, function (resultDocument) {

--- a/browserid/lib/wsapi.js
+++ b/browserid/lib/wsapi.js
@@ -127,8 +127,10 @@ function setup(app) {
  /* First half of account creation.  Stages a user account for creation.
   * this involves creating a secret url that must be delivered to the
   * user via their claimed email address.  Upon timeout expiry OR clickthrough
-   * the staged user account transitions to a valid user account */
-  app.post('/wsapi/stage_user', checkParams([ "email", "pass", "pubkey", "site" ]), function(req, resp) {
+   * the staged user account transitions to a valid user account
+   * MODIFICATIONS for Certs: no more pubkey in params. Null is passed to DB layer for now.
+   */
+  app.post('/wsapi/stage_user', checkParams([ "email", "pass", "site" ]), function(req, resp) {

    // we should be cloning this object here.
    var stageParams = req.body;
@@ -252,10 +254,11 @@ function setup(app) {
    });
  });

-  app.post('/wsapi/add_email', checkAuthed, checkParams(["email", "pubkey", "site"]), function (req, resp) {
+  // MODIFICATIONS for cert: remove pubkey
+  app.post('/wsapi/add_email', checkAuthed, checkParams(["email", "site"]), function (req, resp) {
    try {
-      // on failure stageEmail may throw
-      db.stageEmail(req.session.authenticatedUser, req.body.email, req.body.pubkey, function(secret) {
+      // on failure stageEmail may throw, null pubkey
+      db.stageEmail(req.session.authenticatedUser, req.body.email, null, function(secret) {

        // store the email being added in session data
        req.session.pendingAddition = req.body.email;

--- a/browserid/static/dialog/resources/browserid-identities.js
+++ b/browserid/static/dialog/resources/browserid-identities.js
@@ -34,6 +34,10 @@
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
+
+var jwk = require("./jwk");
+var vep = require("./vep");
+
 var BrowserIDIdentities = (function() {
  "use strict";
  function getIssuedIdentities() {
@@ -142,6 +146,8 @@ var BrowserIDIdentities = (function() {
      var self = this;
      if (email === self.stagedEmail) {
        self.stagedEmail = null;
+
+        // FIXME for certs, maybe call certKey here?
        self.persistIdentity(self.stagedEmail, self.stagedKeypair, "browserid.org:443", function() {
          self.syncIdentities(onSuccess, onFailure);
        }, onFailure);
@@ -223,9 +229,11 @@ var BrowserIDIdentities = (function() {
     * @param {function} [onFailure] - Called on error.
     */
    syncIdentity: function(email, issuer, onSuccess, onFailure) {
-      var keypair = CryptoStubs.genKeyPair();
-      network.setKey(email, keypair, function() {
-        Identities.persistIdentity(email, keypair, issuer, function() {
+      // var keypair = CryptoStubs.genKeyPair();
+      var keypair = jwk.KeyPair.generate(vep.params.algorithm, vep.params.keysize);
+//      network.setKey(email, keypair, function() {
+      network.certKey(email, keypair.publicKey, function(cert) {
+        Identities.persistIdentity(email, keypair, cert, issuer, function() {
          if (onSuccess) {
            onSuccess(keypair);
          }
@@ -265,11 +273,12 @@ var BrowserIDIdentities = (function() {
     * @param {function} [onSuccess] - Called on successful completion. 
     * @param {function} [onFailure] - Called on error.
     */
-    persistIdentity: function(email, keypair, issuer, onSuccess, onFailure) {
+    persistIdentity: function(email, keypair, cert, issuer, onSuccess, onFailure) {
      var new_email_obj= {
        created: new Date(),
-        pub: keypair.pub,
-        priv: keypair.priv
+        pub: keypair.publicKey,
+        priv: keypair.secretKey,
+        cert: cert
      };

      if (issuer) {

--- a/browserid/static/dialog/resources/browserid-network.js
+++ b/browserid/static/dialog/resources/browserid-network.js
@@ -308,6 +308,26 @@ var BrowserIDNetwork = (function() {
      });
    },

+    /**
+     * Certify the public key for the email address.
+     * @method certKey
+     */
+    certKey: function(email, pubkey, onSuccess, onError) {
+      withCSRF(function() { 
+        $.ajax({
+          type: 'POST',
+          url: '/wsapi/cert_key',
+          data: {
+            email: email,
+            pubkey: pubkey,
+            csrf: csrf_token
+          },
+          success: onSuccess,
+          error: onError
+        });
+      });
+    },
+
    /**
     * Sync emails
     * @method syncEmails

--- a/browserid/views/dialog.ejs
+++ b/browserid/views/dialog.ejs
@@ -9,4 +9,5 @@
  <body>
 	</body>
 </html>
+<script type='text/javascript' src='/vepbundle'></script>
 <script type='text/javascript' src='steal/steal<%= production ? ".production" : "" %>.js?dialog'></script>
--- a/jwcrypto @ c28da68b
+++ b/jwcrypto @ c28da68b
-Subproject commit 8cbb157af1dd2b544d08422a4c3c32ff26d6534a
+Subproject commit c28da68bc54050419dd4bcbe770eafaa6aa10ff6