diff --git a/resources/static/common/js/user.js b/resources/static/common/js/user.js
index c0fc1103baed0c40776ee17ec7d603fa363966c7..c5433499a1e4f4a4ae765dc7d0a8ddb6f7fbfaeb 100644
--- a/resources/static/common/js/user.js
+++ b/resources/static/common/js/user.js
@@ -116,6 +116,12 @@ BrowserID.User = (function() {
complete(onComplete, status);
}
+ function markAddressVerified(email) {
+ var idInfo = storage.getEmail(email) || {};
+ idInfo.verified = true;
+ storage.addSecondaryEmail(email, idInfo);
+ }
+
function completeAddressVerification(completeFunc, token, password, onComplete, onFailure) {
User.tokenInfo(token, function(info) {
var invalidInfo = { valid: false };
@@ -125,17 +131,10 @@ BrowserID.User = (function() {
if (valid) {
result = _.extend({ valid: valid }, info);
- var email = info.email,
- idInfo = storage.getEmail(email);
-
// Now that the address is verified, its verified bit has to be
// updated as well or else the user will be forced to verify the
// address again.
- if (idInfo) {
- idInfo.verified = true;
- storage.addEmail(email, idInfo);
- }
-
+ markAddressVerified(info.email);
storage.setReturnTo("");
}
@@ -163,6 +162,11 @@ BrowserID.User = (function() {
// data.
storage.setReturnTo("");
+ // Now that the address is verified, its verified bit has to be
+ // updated as well or else the user will be forced to verify the
+ // address again.
+ markAddressVerified(email);
+
// To avoid too many address_info requests, returns from each
// address_info request are cached. If the user is doing
// a addressVerificationPoll, it means the user was registering the address
@@ -290,7 +294,6 @@ BrowserID.User = (function() {
pollDuration = config.pollDuration;
}
// END TESTING API
-
},
reset: function() {
diff --git a/resources/static/dialog/js/misc/state.js b/resources/static/dialog/js/misc/state.js
index d4e679fcbdd69199eb8bb3d3747b05335eb7055a..2f87712883cee7008236b049cbb3987a091a2c22 100644
--- a/resources/static/dialog/js/misc/state.js
+++ b/resources/static/dialog/js/misc/state.js
@@ -60,6 +60,25 @@ BrowserID.State = (function() {
startAction(actionName, actionInfo);
}
+ function handleEmailConfirmed(msg, info) {
+ self.email = self.stagedEmail;
+
+ if (info.mustAuth) {
+ // If the mustAuth flag comes in, the user has to authenticate.
+ // This is not a cancelable authentication. mustAuth is set
+ // after a user verifies an address but is not authenticated
+ // to the password level.
+ redirectToState("authenticate_specified_email", {
+ email: self.stagedEmail,
+ mustAuth: info.mustAuth,
+ cancelable: !info.mustAuth
+ });
+ }
+ else {
+ redirectToState("email_chosen", { email: self.stagedEmail });
+ }
+ }
+
handleState("start", function(msg, info) {
self.hostname = info.hostname;
@@ -130,13 +149,14 @@ BrowserID.State = (function() {
startAction("doAuthenticateWithRequiredEmail", {
email: info.email,
secondary_auth: true,
-
+ cancelable: ("cancelable" in info) ? info.cancelable : true,
// This is a user is already authenticated to the assertion
// level who has chosen a secondary email address from the
// pick_email screen. They would have been shown the
// siteTOSPP there.
siteTOSPP: false
});
+ complete(info.complete);
});
handleState("new_user", function(msg, info) {
@@ -196,15 +216,9 @@ BrowserID.State = (function() {
handleState("user_staged", handleEmailStaged.curry("doConfirmUser"));
- handleState("user_confirmed", function() {
- self.email = self.stagedEmail;
- redirectToState("email_chosen", { email: self.stagedEmail} );
- });
+ handleState("user_confirmed", handleEmailConfirmed);
- handleState("staged_address_confirmed", function() {
- self.email = self.stagedEmail;
- redirectToState("email_chosen", { email: self.stagedEmail} );
- });
+ handleState("staged_address_confirmed", handleEmailConfirmed);
handleState("primary_user", function(msg, info) {
addPrimaryUser = !!info.add;
@@ -348,8 +362,8 @@ BrowserID.State = (function() {
}
else {
redirectToState("email_valid_and_ready", info);
+ oncomplete();
}
- oncomplete();
}, oncomplete);
}
});
@@ -487,9 +501,7 @@ BrowserID.State = (function() {
handleState("email_staged", handleEmailStaged.curry("doConfirmEmail"));
- handleState("email_confirmed", function() {
- redirectToState("email_chosen", { email: self.stagedEmail } );
- });
+ handleState("email_confirmed", handleEmailConfirmed);
handleState("cancel_state", function(msg, info) {
cancelState(info);
diff --git a/resources/static/dialog/js/modules/check_registration.js b/resources/static/dialog/js/modules/check_registration.js
index c6823889f51fbcb548252c32acd0a45bc92cde7b..f782037da457ad4b4a40527bf98d68c71c40dd04 100644
--- a/resources/static/dialog/js/modules/check_registration.js
+++ b/resources/static/dialog/js/modules/check_registration.js
@@ -41,7 +41,7 @@ BrowserID.Modules.CheckRegistration = (function() {
if (status === "complete") {
// TODO - move the syncEmails somewhere else, perhaps into user.js
user.syncEmails(function() {
- self.close(self.verificationMessage);
+ self.close(self.verificationMessage, { mustAuth: false });
oncomplete && oncomplete();
});
}
@@ -49,18 +49,22 @@ BrowserID.Modules.CheckRegistration = (function() {
// if we have a password (because it was just chosen in dialog),
// then we can authenticate the user and proceed
if (self.password) {
+ // XXX Move all of this authentication stuff into user.js. This
+ // high level shouldn't have to worry about this stuff.
user.authenticate(self.email, self.password, function (authenticated) {
if (authenticated) {
user.syncEmails(function() {
- self.close(self.verificationMessage);
+ self.close(self.verificationMessage, { mustAuth: false });
oncomplete && oncomplete();
});
} else {
- self.close("authenticate_specified_email", { email: self.email });
+ // unable to log the user in, make them authenticate manually.
+ self.close(self.verificationMessage, { mustAuth: true });
}
});
} else {
- self.close("authenticate_specified_email", { email: self.email });
+ // no password to log the user in, make them authenticate manually.
+ self.close(self.verificationMessage, { mustAuth: true });
}
oncomplete && oncomplete();
diff --git a/resources/static/dialog/js/modules/required_email.js b/resources/static/dialog/js/modules/required_email.js
index 09d184e5d4d47baccc32527dd25063a1aeefde5e..e950984c3514bb3fc2a5f9c1ef11f97ca1d4c7e6 100644
--- a/resources/static/dialog/js/modules/required_email.js
+++ b/resources/static/dialog/js/modules/required_email.js
@@ -124,7 +124,8 @@ BrowserID.Modules.RequiredEmail = (function() {
showTemplate({
signin: true,
password: auth_level !== "password",
- secondary_auth: secondaryAuth
+ secondary_auth: secondaryAuth,
+ cancelable: options.cancelable
});
ready();
}
@@ -219,7 +220,8 @@ BrowserID.Modules.RequiredEmail = (function() {
password: false,
secondary_auth: false,
primary: false,
- personaTOSPP: false
+ personaTOSPP: false,
+ cancelable: true
}, templateData);
self.renderDialog("required_email", templateData);
diff --git a/resources/static/dialog/views/required_email.ejs b/resources/static/dialog/views/required_email.ejs
index 0bb323a27b3e7478b621349e3b0375a6e69226ee..500327fbfee2c46573f4bf473542d07848b2d8b5 100644
--- a/resources/static/dialog/views/required_email.ejs
+++ b/resources/static/dialog/views/required_email.ejs
@@ -57,7 +57,7 @@
<button id="verify_address" tabindex="3"><%= gettext("verify email") %></button>
<% } %>
- <% if (secondary_auth) { %>
+ <% if (cancelable && secondary_auth) { %>
<a href="#" id="cancel" class="action" tabindex="4"><%= gettext("cancel") %></a>
<% } %>
</p>
diff --git a/resources/static/test/cases/common/js/user.js b/resources/static/test/cases/common/js/user.js
index d4e63d85f1de282bd88162ff84fe9d710ed663fc..46f7a2376315a1cc18af304fd5f0d8b429cd48b0 100644
--- a/resources/static/test/cases/common/js/user.js
+++ b/resources/static/test/cases/common/js/user.js
@@ -329,6 +329,8 @@
lib.waitForUserValidation("registered@testuser.com", function(status) {
equal(status, "mustAuth", "mustAuth response expected");
+ testHelpers.testEmailMarkedVerified("registered@testuser.com");
+
ok(!storage.getReturnTo(), "staged on behalf of is cleared when validation completes");
start();
}, testHelpers.unexpectedXHRFailure);
@@ -342,6 +344,8 @@
lib.waitForUserValidation("registered@testuser.com", function(status) {
equal(status, "mustAuth", "mustAuth response expected");
+ testHelpers.testEmailMarkedVerified("registered@testuser.com");
+
ok(!storage.getReturnTo(), "staged on behalf of is cleared when validation completes");
start();
}, testHelpers.unexpectedXHRFailure);
@@ -852,6 +856,7 @@
xhr.useResult("complete");
lib.waitForEmailValidation("registered@testuser.com", function(status) {
ok(!storage.getReturnTo(), "staged on behalf of is cleared when validation completes");
+ testHelpers.testEmailMarkedVerified("registered@testuser.com");
equal(status, "mustAuth", "mustAuth response expected");
start();
}, testHelpers.unexpectedXHRFailure);
@@ -865,6 +870,7 @@
xhr.useResult("complete");
lib.waitForEmailValidation("registered@testuser.com", function(status) {
ok(!storage.getReturnTo(), "staged on behalf of is cleared when validation completes");
+ testHelpers.testEmailMarkedVerified("registered@testuser.com");
equal(status, "complete", "complete response expected");
start();
}, testHelpers.unexpectedXHRFailure);
@@ -876,6 +882,7 @@
lib.waitForEmailValidation("registered@testuser.com", function(status) {
ok(!storage.getReturnTo(), "staged on behalf of is cleared when validation completes");
+ testHelpers.testEmailMarkedVerified("registered@testuser.com");
equal(status, "mustAuth", "mustAuth response expected");
start();
}, testHelpers.unexpectedXHRFailure);
diff --git a/resources/static/test/cases/dialog/js/misc/state.js b/resources/static/test/cases/dialog/js/misc/state.js
index eaec7deb5cc6a0dd5583b7448d34a5969fe930f8..8fda485c5018cb0fd0febbd4133a6ffb4f118d91 100644
--- a/resources/static/test/cases/dialog/js/misc/state.js
+++ b/resources/static/test/cases/dialog/js/misc/state.js
@@ -568,6 +568,33 @@
mediator.publish("window_unload");
});
+ function testAuthenticateSpecifiedEmail(specified, expected) {
+ var options = {
+ email: TEST_EMAIL,
+ complete: function() {
+ testActionStarted("doAuthenticateWithRequiredEmail", {
+ cancelable: expected
+ });
+ start();
+ }
+ };
+
+ if (typeof specified !== "undefined") options.cancelable = specified;
+
+ mediator.publish("authenticate_specified_email", options);
+ }
+
+ asyncTest("authenticate_specified_email with false specified - call doAuthenticateWithRequiredEmail using specified cancelable", function() {
+ testAuthenticateSpecifiedEmail(false, false);
+ });
+
+ asyncTest("authenticate_specified_email with true specified - call doAuthenticateWithRequiredEmail using specified cancelable", function() {
+ testAuthenticateSpecifiedEmail(true, true);
+ });
+
+ asyncTest("authenticate_specified_email without cancelable - call doAuthenticateWithRequiredEmail, cancelable defaults to true", function() {
+ testAuthenticateSpecifiedEmail(undefined, true);
+ });
}());
diff --git a/resources/static/test/cases/dialog/js/modules/check_registration.js b/resources/static/test/cases/dialog/js/modules/check_registration.js
index 8a8319d80c9af2c9d700611716d5e146359cf903..e7499d31eb145d214e40743adbb3858c9d820a2b 100644
--- a/resources/static/test/cases/dialog/js/modules/check_registration.js
+++ b/resources/static/test/cases/dialog/js/modules/check_registration.js
@@ -44,8 +44,8 @@
function testVerifiedUserEvent(event_name, message, password) {
createController("waitForUserValidation", event_name, false, password);
- register(event_name, function() {
- ok(true, message);
+ register(event_name, function(msg, info) {
+ equal(info.mustAuth, false, "user does not need to verify");
start();
});
controller.startCheck();
@@ -54,39 +54,22 @@
function testMustAuthUserEvent(event_name, message) {
createController("waitForUserValidation", event_name);
register(event_name, function(msg, info) {
- // we want the email, type and known all sent back to the caller so that
- // this information does not need to be queried again.
- ok(true, message);
- equal(info.email, "registered@testuser.com", "correct email");
+ equal(info.mustAuth, true, "user needs to verify");
start();
});
controller.startCheck();
}
- asyncTest("user validation with mustAuth result - callback with email, type and known set to true", function() {
+ asyncTest("user validation with mustAuth result - userVerified with mustAuth: true", function() {
xhr.useResult("mustAuth");
- testMustAuthUserEvent("authenticate_specified_email", "user must authenticate");
+ testMustAuthUserEvent("user_verified");
});
- asyncTest("user validation with pending->complete with auth_level = assertion, no authentication info given - authenticate_specified_email triggered", function() {
+ asyncTest("user validation with pending->complete with auth_level = assertion, no authentication info given - user_verified with mustAuth triggered", function() {
user.init({ pollDuration: 100 });
xhr.useResult("pending");
xhr.setContextInfo("auth_level", "assertion");
- testMustAuthUserEvent("authenticate_specified_email", "user must authenticate");
-
- // use setTimeout to simulate a delay in the user opening the email.
- setTimeout(function() {
- xhr.useResult("complete");
- }, 50);
- });
-
-
- asyncTest("user validation with pending->complete with auth_level = assertion, authentication info given - user_verified triggered", function() {
- user.init({ pollDuration: 100 });
- xhr.useResult("pending");
- xhr.setContextInfo("auth_level", "password");
-
- testVerifiedUserEvent("user_verified", "user verified after authenticating", "password");
+ testMustAuthUserEvent("user_verified");
// use setTimeout to simulate a delay in the user opening the email.
setTimeout(function() {
@@ -99,7 +82,7 @@
xhr.useResult("pending");
xhr.setContextInfo("auth_level", "password");
- testVerifiedUserEvent("user_verified", "User verified");
+ testVerifiedUserEvent("user_verified");
// use setTimeout to simulate a delay in the user opening the email.
setTimeout(function() {
diff --git a/resources/static/test/testHelpers/helpers.js b/resources/static/test/testHelpers/helpers.js
index 55035dbfb4511d44ed59a3f7ea6689261827a031..3f2acbbab02a6d914c0daff71fb5bb1604f15fd9 100644
--- a/resources/static/test/testHelpers/helpers.js
+++ b/resources/static/test/testHelpers/helpers.js
@@ -1,5 +1,5 @@
-/*jshint browsers: true laxbreak: true, expr: true */
-/*global BrowserID: true, ok: true, equal: true, start: true */
+/*jshint browser: true laxbreak: true, expr: true */
+/*global BrowserID: true, ok: true, equal: true, start: true, deepEqual: true, notEqual: true */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -291,6 +291,12 @@ BrowserID.TestHelpers = (function() {
testRPTosPPNotShown: function(msg) {
TestHelpers.testNotHasClass("body", "rptospp", msg || "RP TOS/PP not shown");
+ },
+
+ testEmailMarkedVerified: function(email, msg) {
+ var emailInfo = storage.getEmail(email);
+ equal(emailInfo && emailInfo.verified, true,
+ "verified bit set for " + email);
}
};