@tapni/auth 1.0.32 → 1.0.34

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tapni/auth",
-  "version": "1.0.32",
+  "version": "1.0.34",
   "type": "module",
   "main": "./dist/TapniAuth.umd.js",
   "module": "./dist/TapniAuth.es.js",
@@ -34,6 +34,7 @@
     "@capacitor/device": "^6.0.2",
     "@capacitor/preferences": "^6.0.3",
     "@codetrix-studio/capacitor-google-auth": "^3.4.0-rc.4",
+    "@eslint/js": "^9.13.0",
     "@otplib/preset-browser": "^12.0.1",
     "@recognizebv/capacitor-plugin-msauth": "^3.6.3",
     "@tapni/capacitor-reactive-localstorage-vue3": "^0.0.17",
@@ -41,20 +42,20 @@
     "await-to-js": "^3.0.0",
     "axios": "^1.7.8",
     "buffer": "^6.0.3",
+    "eslint": "^9.13.0",
+    "eslint-config-prettier": "^9.1.0",
+    "eslint-plugin-prettier": "^5.2.1",
+    "eslint-plugin-vue": "^9.29.1",
+    "js-sha256": "^0.11.0",
     "jwt-decode": "^4.0.0",
+    "prettier": "3.3.3",
     "qr-code-styling": "^1.8.4",
     "vue": "^3.5.13",
     "vue-cookies": "^1.8.4",
     "vue-router": "^4.5.0",
     "vue3-select-component": "^0.7.0",
     "vuex": "^4.1.0",
-    "vuex-router-sync": "v6.0.0-rc.1",
-    "prettier": "3.3.3",
-    "eslint": "^9.13.0",
-    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-prettier": "^5.2.1",
-    "eslint-plugin-vue": "^9.29.1",
-    "@eslint/js": "^9.13.0"
+    "vuex-router-sync": "v6.0.0-rc.1"
   },
   "devDependencies": {
     "@rollup/plugin-inject": "^5.0.5",

package/src/mixins/saml.mixin.js

@@ -3,7 +3,7 @@ import UtilService from '@/services/UtilService';
 import { Capacitor } from "@capacitor/core";
 import { EventBus } from '@/store/event-bus.js';
 export default {
-	data () {
+	data() {
 		return {
 			code_verifier: '',
 			code_challenge: '',
@@ -15,7 +15,7 @@ export default {
 	computed: {
 	},
 	watch: {
-		'$route.path' (nv) {
+		'$route.path'(nv) {
 			if (nv === '/callback/saml') {
 				this.handleSamlRedirect(nv)
 			}
@@ -36,8 +36,14 @@ export default {
 			this.code_verifier = UtilService.generateRandomString(28);
 			localStorage.setItem("pkce_code_verifier", this.code_verifier);
 			console.log('SAMLLL2.1');
-			// Hash and base64-urlencode the secret to use as the challenge
-			this.code_challenge = await UtilService.pkceChallengeFromVerifier(this.code_verifier);
+			try {
+				console.log('Starting PKCE challenge generation');
+				this.code_challenge = await UtilService.pkceChallengeFromVerifier(this.code_verifier);
+				console.log('PKCE challenge generated successfully');
+			} catch (error) {
+				console.error('Error generating PKCE challenge:', error);
+				throw error;
+			}
 			console.log('SAMLLL2.2');
 			const platform = Capacitor.getPlatform();
 			console.log('SAMLLL2.3');

package/src/services/UtilService.js

@@ -6,6 +6,51 @@ import itLocale from '../store/locales/it.js';
 import frLocale from '../store/locales/fr.js';
 import srLocale from '../store/locales/sr.js';
 import trLocale from '../store/locales/tr';
+import { sha256 } from 'js-sha256';
+
+// Helper function to safely get random values
+const getRandomValues = (array) => {
+	try {
+		return window.crypto.getRandomValues(array);
+	} catch (e) {
+		console.log('Web Crypto API failed for getRandomValues, using Math.random fallback');
+		for (let i = 0; i < array.length; i++) {
+			array[i] = Math.floor(Math.random() * 256);
+		}
+		return array;
+	}
+};
+
+// Helper function to safely perform crypto digest
+const performDigest = async (data) => {
+	try {
+		return await window.crypto.subtle.digest('SHA-256', data);
+	} catch (e) {
+		console.log('Web Crypto API failed for digest, using js-sha256 fallback');
+		const hash = sha256(data);
+		return new Uint8Array(hash.match(/.{1,2}/g).map(byte => parseInt(byte, 16))).buffer;
+	}
+};
+
+// Helper function to safely perform crypto encrypt
+const performEncrypt = async (algorithm, key, data) => {
+	try {
+		return await window.crypto.subtle.encrypt(algorithm, key, data);
+	} catch (e) {
+		console.log('Web Crypto API failed for encrypt, using fallback');
+		throw new Error('Encryption not supported in this environment');
+	}
+};
+
+// Helper function to safely perform crypto decrypt
+const performDecrypt = async (algorithm, key, data) => {
+	try {
+		return await window.crypto.subtle.decrypt(algorithm, key, data);
+	} catch (e) {
+		console.log('Web Crypto API failed for decrypt, using fallback');
+		throw new Error('Decryption not supported in this environment');
+	}
+};
 
 export default {
 	getFirstBrowserLanguage() {
@@ -212,30 +257,52 @@ export default {
 	},
 	generateRandomString(length) {
 		let array = new Uint32Array(length);
-		window.crypto.getRandomValues(array);
+		getRandomValues(array);
 		return Array.from(array, (dec) => ('0' + dec.toString(16)).substr(-2)).join('');
 	},
 	async pkceChallengeFromVerifier(v) {
-		const encoder = new TextEncoder();
-		const data = encoder.encode(v);
-		const hashed = await window.crypto.subtle.digest('SHA-256', data);
-		// base64 url encode
-		return btoa(String.fromCharCode.apply(null, new Uint8Array(hashed)))
-			.replace(/\+/g, '-')
-			.replace(/\//g, '_')
-			.replace(/=+$/, '');
+		try {
+			console.log('Creating TextEncoder');
+			const encoder = new TextEncoder();
+			console.log('Encoding verifier');
+			const data = encoder.encode(v);
+			console.log('Starting crypto digest');
+			const hashed = await performDigest(data);
+			console.log('Crypto digest completed');
+			// base64 url encode
+			const base64 = btoa(String.fromCharCode.apply(null, new Uint8Array(hashed)))
+				.replace(/\+/g, '-')
+				.replace(/\//g, '_')
+				.replace(/=+$/, '');
+			console.log('Base64 encoding completed');
+			return base64;
+		} catch (error) {
+			console.log('Web Crypto API failed, falling back to js-sha256');
+			// Fallback to js-sha256
+			const hash = sha256(v);
+			const base64 = btoa(String.fromCharCode.apply(null, new Uint8Array(hash.match(/.{1,2}/g).map(byte => parseInt(byte, 16)))))
+				.replace(/\+/g, '-')
+				.replace(/\//g, '_')
+				.replace(/=+$/, '');
+			return base64;
+		}
 	},
-	encryptAES(key, iv, data) {
-		let encoder = new TextEncoder();
-		let encoded = encoder.encode(data, storage);
-		return window.crypto.subtle.encrypt(
-			{
-				name: 'AES-CBC',
-				iv: iv
-			},
-			key,
-			encoded
-		);
+	async encryptAES(key, iv, data) {
+		try {
+			let encoder = new TextEncoder();
+			let encoded = encoder.encode(data);
+			return await performEncrypt(
+				{
+					name: 'AES-CBC',
+					iv: iv
+				},
+				key,
+				encoded
+			);
+		} catch (error) {
+			console.error('AES encryption failed:', error);
+			throw error;
+		}
 	},
 	async decryptAES(key, iv, data) {
 		try {
@@ -248,11 +315,11 @@ export default {
 
 			key = encoder.encode(key);
 			iv = encoder.encode(iv);
-			data = fromBase64(data, storage);
+			data = fromBase64(data);
 
 			const secretKey = await window.crypto.subtle.importKey('raw', key, 'AES-CBC', true, ['encrypt', 'decrypt']);
 
-			let decoded = await window.crypto.subtle.decrypt({ name: 'AES-CBC', iv }, secretKey, data);
+			let decoded = await performDecrypt({ name: 'AES-CBC', iv }, secretKey, data);
 
 			decoded = decoder.decode(decoded);
 			decoded = decoded.replace(/ /g, '+');
@@ -260,7 +327,8 @@ export default {
 
 			return decoded;
 		} catch (err) {
-			console.log(err);
+			console.error('AES decryption failed:', err);
+			throw err;
 		}
 	}
 };