From ef2f840f5ad58bae09e772158977f066690bc3d5 Mon Sep 17 00:00:00 2001
From: Shane Tomlinson <stomlinson@mozilla.com>
Date: Wed, 21 Dec 2011 20:28:49 +0000
Subject: [PATCH] Updating user.getAssertion to take an audience instead of
assuming the origin. Update tests.
---
.../static/dialog/controllers/actions.js | 2 +-
resources/static/dialog/resources/helpers.js | 2 +-
.../static/dialog/resources/internal_api.js | 2 +-
resources/static/shared/user.js | 19 ++++++++++------
.../test/qunit/shared/user_unit_test.js | 22 +++++++++----------
5 files changed, 26 insertions(+), 21 deletions(-)
diff --git a/resources/static/dialog/controllers/actions.js b/resources/static/dialog/controllers/actions.js
index b984c738d..2640fe368 100644
--- a/resources/static/dialog/controllers/actions.js
+++ b/resources/static/dialog/controllers/actions.js
@@ -135,7 +135,7 @@ BrowserID.Modules.Actions = (function() {
doEmailConfirmed: function() {
var self=this;
// yay! now we need to produce an assertion.
- user.getAssertion(self.confirmEmail, function(assertion) {
+ user.getAssertion(self.confirmEmail, user.getOrigin(), function(assertion) {
self.publish("assertion_generated", {
assertion: assertion
});
diff --git a/resources/static/dialog/resources/helpers.js b/resources/static/dialog/resources/helpers.js
index 58c848a98..4741fc972 100644
--- a/resources/static/dialog/resources/helpers.js
+++ b/resources/static/dialog/resources/helpers.js
@@ -66,7 +66,7 @@
var self=this;
var wait = bid.Screens.wait;
wait.show("wait", bid.Wait.generateKey);
- user.getAssertion(email, function(assert) {
+ user.getAssertion(email, user.getOrigin(), function(assert) {
assert = assert || null;
wait.hide();
animateClose(function() {
diff --git a/resources/static/dialog/resources/internal_api.js b/resources/static/dialog/resources/internal_api.js
index 73f4d9415..04970a618 100644
--- a/resources/static/dialog/resources/internal_api.js
+++ b/resources/static/dialog/resources/internal_api.js
@@ -128,7 +128,7 @@
// User must be authenticated to get an assertion.
if(authenticated) {
user.setOrigin(origin);
- user.getAssertion(email, function(assertion) {
+ user.getAssertion(email, user.getOrigin(), function(assertion) {
complete(assertion || null);
}, complete.bind(null, null));
}
diff --git a/resources/static/shared/user.js b/resources/static/shared/user.js
index 10011b41d..54dca8ff0 100644
--- a/resources/static/shared/user.js
+++ b/resources/static/shared/user.js
@@ -339,11 +339,15 @@ BrowserID.User = (function() {
url: info.prov
}, function(keypair, cert) {
persistEmailKeypair(email, "primary", keypair, cert, function() {
- User.getAssertion(email, function(assertion) {
+ // We are getting an assertion for browserid.org.
+ User.getAssertion(email, "https://browserid.org", function(assertion) {
if(assertion) {
network.authenticateWithAssertion(email, assertion, function(status) {
var message = status ? "primary.verified" : "primary.could_not_add";
- onComplete(message);
+ onComplete(message, {
+ email: email,
+ assertion: assertion
+ });
}, onFailure);
}
else {
@@ -764,10 +768,11 @@ BrowserID.User = (function() {
* Get an assertion for an identity
* @method getAssertion
* @param {string} email - Email to get assertion for.
+ * @param {string} audience - Audience to use for the assertion.
* @param {function} [onSuccess] - Called with assertion on success.
* @param {function} [onFailure] - Called on error.
*/
- getAssertion: function(email, onSuccess, onFailure) {
+ getAssertion: function(email, audience, onSuccess, onFailure) {
// we use the current time from the browserid servers
// to avoid issues with clock drift on user's machine.
// (issue #329)
@@ -784,12 +789,12 @@ BrowserID.User = (function() {
// assertions are valid for 2 minutes
var expirationMS = serverTime.getTime() + (2 * 60 * 1000);
var expirationDate = new Date(expirationMS);
- var tok = new jwt.JWT(null, expirationDate, origin);
+ var tok = new jwt.JWT(null, expirationDate, audience);
// yield!
setTimeout(function() {
assertion = vep.bundleCertsAndAssertion([idInfo.cert], tok.sign(sk));
- storage.site.set(self.getOrigin(), "email", email);
+ storage.site.set(audience, "email", email);
if (onSuccess) {
onSuccess(assertion);
}
@@ -811,7 +816,7 @@ BrowserID.User = (function() {
// we have no key for this identity, go generate the key,
// sync it and then get the assertion recursively.
User.syncEmailKeypair(email, function() {
- User.getAssertion(email, onSuccess, onFailure);
+ User.getAssertion(email, audience, onSuccess, onFailure);
}, onFailure);
}
}
@@ -863,7 +868,7 @@ BrowserID.User = (function() {
var remembered = storage.site.get(origin, "remember");
var email = storage.site.get(origin, "email");
if (remembered && email) {
- self.getAssertion(email, onComplete, onFailure);
+ self.getAssertion(email, origin, onComplete, onFailure);
}
else if (onComplete) {
onComplete(null);
diff --git a/resources/static/test/qunit/shared/user_unit_test.js b/resources/static/test/qunit/shared/user_unit_test.js
index eb0e5c3c3..f2c37d15f 100644
--- a/resources/static/test/qunit/shared/user_unit_test.js
+++ b/resources/static/test/qunit/shared/user_unit_test.js
@@ -843,7 +843,7 @@ var jwcert = require("./jwcert");
lib.setOrigin(testOrigin);
lib.removeEmail("testuser@testuser.com");
lib.syncEmailKeypair("testuser@testuser.com", function() {
- lib.getAssertion("testuser@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
testAssertion(assertion, start);
equal(storage.site.get(testOrigin, "email"), "testuser@testuser.com", "email address was persisted");
}, failure("getAssertion failure"));
@@ -855,7 +855,7 @@ var jwcert = require("./jwcert");
lib.setOrigin(testOrigin);
lib.removeEmail("testuser@testuser.com");
storage.addEmail("testuser@testuser.com", {});
- lib.getAssertion("testuser@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
testAssertion(assertion, start);
equal(storage.site.get(testOrigin, "email"), "testuser@testuser.com", "email address was persisted");
}, failure("getAssertion failure"));
@@ -864,7 +864,7 @@ var jwcert = require("./jwcert");
asyncTest("getAssertion with unknown email", function() {
lib.syncEmailKeypair("testuser@testuser.com", function() {
- lib.getAssertion("testuser2@testuser.com", function onSuccess(assertion) {
+ lib.getAssertion("testuser2@testuser.com", lib.getOrigin(), function onSuccess(assertion) {
equal("undefined", typeof assertion, "email was unknown, we do not have an assertion");
equal(storage.site.get(testOrigin, "email"), undefined, "email address was not set");
start();
@@ -874,15 +874,15 @@ var jwcert = require("./jwcert");
asyncTest("getAssertion with XHR failure", function() {
lib.setOrigin(testOrigin);
- xhr.useResult("ajaxError");
- lib.syncEmailKeypair("testuser@testuser.com", function() {
- ok(false, "xhr failure should never succeed");
- start();
- }, function() {
- ok(true, "xhr failure should always be a failure");
- start();
- });
+ storage.addEmail("testuser@testuser.com", {});
+ xhr.useResult("ajaxError");
+ lib.getAssertion(
+ "testuser@testuser.com",
+ lib.getOrigin(),
+ testHelpers.unexpectedSuccess,
+ testHelpers.expectedXHRFailure
+ );
});
--
GitLab