diff --git a/browserid/static/dialog/resources/browserid-identities.js b/browserid/static/dialog/resources/browserid-identities.js
index f33acef45da33db6098e2ea7abad44d5e758c681..d5140f92924e18f78f25f170e0d0baf7485cdaa1 100644
--- a/browserid/static/dialog/resources/browserid-identities.js
+++ b/browserid/static/dialog/resources/browserid-identities.js
@@ -124,7 +124,7 @@ var BrowserIDIdentities = (function() {
var email = emails_to_add.shift();
- self.syncIdentity(email, "browserid.org:443", addNextEmail, onFailure);
+ self.syncIdentity(email, addNextEmail, onFailure);
}
addNextEmail();
@@ -157,19 +157,21 @@ var BrowserIDIdentities = (function() {
* Stage an identity - this creates an identity that must be verified.
* Used when creating a new account or resetting the password of an
* existing account.
+ * FIXME: rename to indicate new account
* @method stageIdentity
* @param {string} email - Email address.
* @param {function} [onSuccess] - Called on successful completion.
* @param {function} [onFailure] - Called on error.
*/
stageIdentity: function(email, password, onSuccess, onFailure) {
- var self=this,
- keypair = CryptoStubs.genKeyPair();
+ var self=this;
+ // FIXME: keysize
+ var keypair = jwk.KeyPair.generate(vep.params.algorithm, 64);
self.stagedEmail = email;
self.stagedKeypair = keypair;
- network.stageUser(email, password, keypair, function() {
+ network.stageUser(email, password, function() {
if (onSuccess) {
onSuccess(keypair);
}
@@ -186,12 +188,16 @@ var BrowserIDIdentities = (function() {
confirmIdentity: function(email, onSuccess, onFailure) {
var self = this;
if (email === self.stagedEmail) {
+ var keypair = self.stagedKeypair;
+
self.stagedEmail = null;
+ self.stagedKeypair = null;
- // FIXME for certs, maybe call certKey here?
- self.persistIdentity(self.stagedEmail, self.stagedKeypair, "browserid.org:443", function() {
+ // certify
+ Identities.certifyIdentity(email, keypair, function() {
self.syncIdentities(onSuccess, onFailure);
- }, onFailure);
+ });
+
}
else if (onFailure) {
onFailure();
@@ -260,6 +266,19 @@ var BrowserIDIdentities = (function() {
}, onFailure);
},
+ /**
+ * Certify an identity
+ */
+ certifyIdentity: function(email, keypair, onSuccess, onFailure) {
+ network.certKey(email, keypair.publicKey, function(cert) {
+ Identities.persistIdentity(email, keypair, cert, function() {
+ if (onSuccess) {
+ onSuccess();
+ }
+ }, onFailure);
+ }, onFailure);
+ },
+
/**
* Sync an identity with the server. Creates and stores locally and on the
* server a keypair for the given email address.
@@ -269,17 +288,11 @@ var BrowserIDIdentities = (function() {
* @param {function} [onSuccess] - Called on successful completion.
* @param {function} [onFailure] - Called on error.
*/
- syncIdentity: function(email, issuer, onSuccess, onFailure) {
+ syncIdentity: function(email, onSuccess, onFailure) {
// FIXME use true key sizes
//var keypair = jwk.KeyPair.generate(vep.params.algorithm, vep.params.keysize);
var keypair = jwk.KeyPair.generate(vep.params.algorithm, 64);
- network.certKey(email, keypair.publicKey, function(cert) {
- Identities.persistIdentity(email, keypair, cert, issuer, function() {
- if (onSuccess) {
- onSuccess(keypair);
- }
- }, onFailure);
- }, onFailure);
+ Identities.certifyIdentity(email, keypair, onSuccess, onFailure);
},
/**
@@ -293,8 +306,8 @@ var BrowserIDIdentities = (function() {
* @param {function} [onFailure] - Called on error.
*/
addIdentity: function(email, onSuccess, onFailure) {
- var self = this,
- keypair = CryptoStubs.genKeyPair();
+ var self = this;
+ var keypair = jwk.KeyPair.generate(vep.params.algorithm, 64);
self.stagedEmail = email;
self.stagedKeypair = keypair;
@@ -315,7 +328,7 @@ var BrowserIDIdentities = (function() {
* @param {function} [onSuccess] - Called on successful completion.
* @param {function} [onFailure] - Called on error.
*/
- persistIdentity: function(email, keypair, cert, issuer, onSuccess, onFailure) {
+ persistIdentity: function(email, keypair, cert, onSuccess, onFailure) {
var new_email_obj= {
created: new Date(),
pub: keypair.publicKey.toSimpleObject(),
@@ -323,10 +336,6 @@ var BrowserIDIdentities = (function() {
cert: cert
};
- if (issuer) {
- new_email_obj.issuer = issuer;
- }
-
addEmail(email, new_email_obj);
if (onSuccess) {
@@ -362,7 +371,6 @@ var BrowserIDIdentities = (function() {
assertion;
if (storedID) {
- // assertion = CryptoStubs.createAssertion(network.origin, email, storedID.priv, storedID.issuer);
// parse the secret key
var sk = jwk.SecretKey.fromSimpleObject(storedID.priv);
var tok = new jwt.JWT(null, new Date(), network.origin);
diff --git a/browserid/static/dialog/test/qunit/browserid-identities_unit_test.js b/browserid/static/dialog/test/qunit/browserid-identities_unit_test.js
index 045e7d50451844a575129e1d1e243bd189e0e15c..39cebdbdc534a13d709a58cc45de61111b3bc7e7 100644
--- a/browserid/static/dialog/test/qunit/browserid-identities_unit_test.js
+++ b/browserid/static/dialog/test/qunit/browserid-identities_unit_test.js
@@ -38,16 +38,19 @@
* This test assumes for authentication that there is a user named
* "testuser@testuser.com" with the password "testuser"
*/
+var jwk = require("./jwk");
+
steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-identities", function() {
- var credentialsValid, unknownEmails, keyRefresh, syncValid;
+ var credentialsValid, unknownEmails, keyRefresh, syncValid, userEmails;
var netStub = {
reset: function() {
credentialsValid = syncValid = true;
unknownEmails = [];
keyRefresh = [];
+ userEmails = {"testuser@testuser.com": {}};
},
- stageUser: function(email, password, keypair, onSuccess) {
+ stageUser: function(email, password, onSuccess) {
onSuccess();
},
@@ -59,7 +62,7 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
onSuccess(credentialsValid);
},
- addEmail: function(email, keypair, onSuccess, onFailure) {
+ addEmail: function(email, onSuccess, onFailure) {
onSuccess();
},
@@ -67,6 +70,19 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
onSuccess();
},
+ listEmails: function(onSuccess, onFailure) {
+ onSuccess(userEmails);
+ },
+
+ certKey: function(email, pubkey, onSuccess, onFailure) {
+ if (syncValid) {
+ onSuccess("foocert");
+ }
+ else {
+ onFailure();
+ }
+ },
+
syncEmails: function(issued_identities, onSuccess, onFailure) {
onSuccess({
unknown_emails: unknownEmails,
@@ -285,7 +301,7 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
clearEmails();
syncValid = true;
- BrowserIDIdentities.syncIdentity("testemail@testemail.com", "issuer", function(keypair) {
+ BrowserIDIdentities.syncIdentity("testemail@testemail.com", function(keypair) {
var identities = BrowserIDIdentities.getStoredIdentities();
ok("testemail@testemail.com" in identities, "Valid email is synced");
@@ -300,7 +316,7 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
clearEmails();
syncValid = false;
- BrowserIDIdentities.syncIdentity("testemail@testemail.com", "issuer", function(keypair) {
+ BrowserIDIdentities.syncIdentity("testemail@testemail.com", function(keypair) {
ok(false, "sync was invalid, this should have failed");
start();
}, function() {
@@ -316,7 +332,8 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("persistIdentity", function() {
- BrowserIDIdentities.persistIdentity("testemail2@testemail.com", { pub: "pub", priv: "priv" }, undefined, function onSuccess() {
+ var user_kp = jwk.KeyPair.generate("RS",64);
+ BrowserIDIdentities.persistIdentity("testemail2@testemail.com", user_kp, undefined, function onSuccess() {
var identities = BrowserIDIdentities.getStoredIdentities();
ok("testemail2@testemail.com" in identities, "Our new email is added");
start();
@@ -357,6 +374,8 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("syncIdentities with no pre-loaded identities and no identities to add", function() {
clearEmails();
+ userEmails = {};
+
BrowserIDIdentities.syncIdentities(function onSuccess() {
var identities = BrowserIDIdentities.getStoredIdentities();
ok(true, "we have synced identities");
@@ -369,7 +388,8 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("syncIdentities with no pre-loaded identities and identities to add", function() {
clearEmails();
- keyRefresh = ["testuser@testuser.com"];
+ userEmails = {"testuser@testuser.com": {}};
+
BrowserIDIdentities.syncIdentities(function onSuccess() {
var identities = BrowserIDIdentities.getStoredIdentities();
ok("testuser@testuser.com" in identities, "Our new email is added");
@@ -382,6 +402,7 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("syncIdentities with identities preloaded and none to add", function() {
clearEmails();
+ userEmails = {"testuser@testuser.com": {}};
addEmail("testuser@testuser.com", {});
BrowserIDIdentities.syncIdentities(function onSuccess() {
@@ -398,7 +419,8 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("syncIdentities with identities preloaded and one to add", function() {
clearEmails();
addEmail("testuser@testuser.com", {});
- keyRefresh = ["testuser2@testuser.com"];
+ userEmails = {"testuser@testuser.com": {},
+ "testuser2@testuser.com": {}};
BrowserIDIdentities.syncIdentities(function onSuccess() {
var identities = BrowserIDIdentities.getStoredIdentities();
@@ -416,8 +438,8 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
clearEmails();
addEmail("testuser@testuser.com", {});
addEmail("testuser2@testuser.com", {});
- unknownEmails = ["testuser2@testuser.com"];
-
+ userEmails = {"testuser@testuser.com": {}};
+
BrowserIDIdentities.syncIdentities(function onSuccess() {
var identities = BrowserIDIdentities.getStoredIdentities();
ok("testuser@testuser.com" in identities, "Our old email address is still there");
@@ -432,13 +454,13 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("getIdentityAssertion with known email", function() {
clearEmails();
- var keypair = CryptoStubs.genKeyPair();
- addEmail("testuser@testuser.com", { priv: keypair.priv, issuer: "issuer" });
-
- BrowserIDIdentities.getIdentityAssertion("testuser@testuser.com", function onSuccess(assertion) {
- equal("string", typeof assertion, "we have an assertion!");
- start();
- });
+ var keypair = jwk.KeyPair.generate("RS",64);
+ BrowserIDIdentities.certifyIdentity("testuser@testuser.com", keypair, function() {
+ BrowserIDIdentities.getIdentityAssertion("testuser@testuser.com", function onSuccess(assertion) {
+ equal("string", typeof assertion, "we have an assertion!");
+ start();
+ });
+ }, failure("getIdentityAssertion failure"));
stop();
});
@@ -446,14 +468,14 @@ steal.plugins("jquery", "funcunit/qunit").then("/dialog/resources/browserid-iden
test("getIdentityAssertion with unknown email", function() {
clearEmails();
- var keypair = CryptoStubs.genKeyPair();
- addEmail("testuser@testuser.com", { priv: keypair.priv, issuer: "issuer" });
-
- BrowserIDIdentities.getIdentityAssertion("testuser2@testuser.com", function onSuccess(assertion) {
- equal("undefined", typeof assertion, "email was unknown, we do not have an assertion");
- start();
- });
-
+ var keypair = jwk.KeyPair.generate("RS",64);
+ BrowserIDIdentities.certifyIdentity("testuser@testuser.com", keypair, function() {
+ BrowserIDIdentities.getIdentityAssertion("testuser2@testuser.com", function onSuccess(assertion) {
+ equal("undefined", typeof assertion, "email was unknown, we do not have an assertion");
+ start();
+ });
+ }, failure("getIdentityAssertion failure"));
+
stop();
});