diff --git a/resources/static/dialog/controllers/actions.js b/resources/static/dialog/controllers/actions.js
index b984c738d5b324ae491cb86a840a24ce91acca5d..2640fe368a2343670e14c536981cebd92c6c22a4 100644
--- a/resources/static/dialog/controllers/actions.js
+++ b/resources/static/dialog/controllers/actions.js
@@ -135,7 +135,7 @@ BrowserID.Modules.Actions = (function() {
doEmailConfirmed: function() {
var self=this;
// yay! now we need to produce an assertion.
- user.getAssertion(self.confirmEmail, function(assertion) {
+ user.getAssertion(self.confirmEmail, user.getOrigin(), function(assertion) {
self.publish("assertion_generated", {
assertion: assertion
});
diff --git a/resources/static/dialog/resources/helpers.js b/resources/static/dialog/resources/helpers.js
index 58c848a98a59336091df2d90d9c2d0473b5e29b7..4741fc9727a398aa10d9ae6f9acc374cdfed6142 100644
--- a/resources/static/dialog/resources/helpers.js
+++ b/resources/static/dialog/resources/helpers.js
@@ -66,7 +66,7 @@
var self=this;
var wait = bid.Screens.wait;
wait.show("wait", bid.Wait.generateKey);
- user.getAssertion(email, function(assert) {
+ user.getAssertion(email, user.getOrigin(), function(assert) {
assert = assert || null;
wait.hide();
animateClose(function() {
diff --git a/resources/static/dialog/resources/internal_api.js b/resources/static/dialog/resources/internal_api.js
index 73f4d9415d1a89037bdb477309737736b8c9864d..04970a618181fd8b3f543dc4587cfb7ddee34455 100644
--- a/resources/static/dialog/resources/internal_api.js
+++ b/resources/static/dialog/resources/internal_api.js
@@ -128,7 +128,7 @@
// User must be authenticated to get an assertion.
if(authenticated) {
user.setOrigin(origin);
- user.getAssertion(email, function(assertion) {
+ user.getAssertion(email, user.getOrigin(), function(assertion) {
complete(assertion || null);
}, complete.bind(null, null));
}
diff --git a/resources/static/shared/user.js b/resources/static/shared/user.js
index 10011b41daff13f5bfd30147b746b963593b2fad..54dca8ff0975cb66542ce7585320ca24d318b005 100644
--- a/resources/static/shared/user.js
+++ b/resources/static/shared/user.js
@@ -339,11 +339,15 @@ BrowserID.User = (function() {
url: info.prov
}, function(keypair, cert) {
persistEmailKeypair(email, "primary", keypair, cert, function() {
- User.getAssertion(email, function(assertion) {
+ // We are getting an assertion for browserid.org.
+ User.getAssertion(email, "https://browserid.org", function(assertion) {
if(assertion) {
network.authenticateWithAssertion(email, assertion, function(status) {
var message = status ? "primary.verified" : "primary.could_not_add";
- onComplete(message);
+ onComplete(message, {
+ email: email,
+ assertion: assertion
+ });
}, onFailure);
}
else {
@@ -764,10 +768,11 @@ BrowserID.User = (function() {
* Get an assertion for an identity
* @method getAssertion
* @param {string} email - Email to get assertion for.
+ * @param {string} audience - Audience to use for the assertion.
* @param {function} [onSuccess] - Called with assertion on success.
* @param {function} [onFailure] - Called on error.
*/
- getAssertion: function(email, onSuccess, onFailure) {
+ getAssertion: function(email, audience, onSuccess, onFailure) {
// we use the current time from the browserid servers
// to avoid issues with clock drift on user's machine.
// (issue #329)
@@ -784,12 +789,12 @@ BrowserID.User = (function() {
// assertions are valid for 2 minutes
var expirationMS = serverTime.getTime() + (2 * 60 * 1000);
var expirationDate = new Date(expirationMS);
- var tok = new jwt.JWT(null, expirationDate, origin);
+ var tok = new jwt.JWT(null, expirationDate, audience);
// yield!
setTimeout(function() {
assertion = vep.bundleCertsAndAssertion([idInfo.cert], tok.sign(sk));
- storage.site.set(self.getOrigin(), "email", email);
+ storage.site.set(audience, "email", email);
if (onSuccess) {
onSuccess(assertion);
}
@@ -811,7 +816,7 @@ BrowserID.User = (function() {
// we have no key for this identity, go generate the key,
// sync it and then get the assertion recursively.
User.syncEmailKeypair(email, function() {
- User.getAssertion(email, onSuccess, onFailure);
+ User.getAssertion(email, audience, onSuccess, onFailure);
}, onFailure);
}
}
@@ -863,7 +868,7 @@ BrowserID.User = (function() {
var remembered = storage.site.get(origin, "remember");
var email = storage.site.get(origin, "email");
if (remembered && email) {
- self.getAssertion(email, onComplete, onFailure);
+ self.getAssertion(email, origin, onComplete, onFailure);
}
else if (onComplete) {
onComplete(null);
diff --git a/resources/static/test/qunit/shared/user_unit_test.js b/resources/static/test/qunit/shared/user_unit_test.js
index eb0e5c3c3726c9bb79aa169238d5a9af7f4eb682..f2c37d15f22b4621115cb4e1f9b8ce469b19f1a6 100644
--- a/resources/static/test/qunit/shared/user_unit_test.js
+++ b/resources/static/test/qunit/shared/user_unit_test.js
@@ -843,7 +843,7 @@ var jwcert = require("./jwcert");
lib.setOrigin(testOrigin);
lib.removeEmail("testuser@testuser.com");
lib.syncEmailKeypair("testuser@testuser.com", function() {
- lib.getAssertion("testuser@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
testAssertion(assertion, start);
equal(storage.site.get(testOrigin, "email"), "testuser@testuser.com", "email address was persisted");
}, failure("getAssertion failure"));
@@ -855,7 +855,7 @@ var jwcert = require("./jwcert");
lib.setOrigin(testOrigin);
lib.removeEmail("testuser@testuser.com");
storage.addEmail("testuser@testuser.com", {});
- lib.getAssertion("testuser@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
testAssertion(assertion, start);
equal(storage.site.get(testOrigin, "email"), "testuser@testuser.com", "email address was persisted");
}, failure("getAssertion failure"));
@@ -864,7 +864,7 @@ var jwcert = require("./jwcert");
asyncTest("getAssertion with unknown email", function() {
lib.syncEmailKeypair("testuser@testuser.com", function() {
- lib.getAssertion("testuser2@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser2@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
equal("undefined", typeof assertion, "email was unknown, we do not have an assertion");
equal(storage.site.get(testOrigin, "email"), undefined, "email address was not set");
start();
@@ -874,15 +874,15 @@ var jwcert = require("./jwcert");
asyncTest("getAssertion with XHR failure", function() {
lib.setOrigin(testOrigin);
- xhr.useResult("ajaxError");
- lib.syncEmailKeypair("testuser@testuser.com", function() {
- ok(false, "xhr failure should never succeed");
- start();
- }, function() {
- ok(true, "xhr failure should always be a failure");
- start();
- });
+ storage.addEmail("testuser@testuser.com", {});
+ xhr.useResult("ajaxError");
+ lib.getAssertion(
+ "testuser@testuser.com",
+ lib.getOrigin(),
+ testHelpers.unexpectedSuccess,
+ testHelpers.expectedXHRFailure
+ );
});