@wireapp/core 42.25.2 → 42.26.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.d.ts +34 -0
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.js +126 -67
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.d.ts +1 -0
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.js +5 -1
- package/lib/messagingProtocols/mls/MLSService/MLSService.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/MLSService/MLSService.js +11 -1
- package/package.json +2 -2
|
@@ -18,8 +18,42 @@ declare class E2EIServiceInternal {
|
|
|
18
18
|
private init;
|
|
19
19
|
private getDirectory;
|
|
20
20
|
private getInitialNonce;
|
|
21
|
+
/**
|
|
22
|
+
* Start of the ACME enrollment flow
|
|
23
|
+
* Stores the received data in local storage for later use (e.g. in the continue flow)
|
|
24
|
+
*
|
|
25
|
+
* @returns authData
|
|
26
|
+
*/
|
|
27
|
+
private getAndStoreInitialEnrollmentData;
|
|
28
|
+
/**
|
|
29
|
+
* Continuation of the ACME enrollment flow
|
|
30
|
+
* Needs to be called after the user has authenticated with the OIDC provider
|
|
31
|
+
* Stores the received certificate data in local storage for later use
|
|
32
|
+
*
|
|
33
|
+
* @param oAuthIdToken
|
|
34
|
+
* @returns RotateBundle
|
|
35
|
+
*/
|
|
36
|
+
private getRotateBundleAndStoreCertificateData;
|
|
37
|
+
/**
|
|
38
|
+
* This function starts a new ACME enrollment flow for either a new client
|
|
39
|
+
* or a client that wants to refresh its certificate but has no valid refresh token
|
|
40
|
+
*/
|
|
21
41
|
private startNewOAuthFlow;
|
|
42
|
+
/**
|
|
43
|
+
* This function continues an ACME flow for either a new client
|
|
44
|
+
* or a client that wants to refresh its certificate but has no valid refresh token
|
|
45
|
+
*
|
|
46
|
+
* @param oAuthIdToken
|
|
47
|
+
* @returns RotateBundle | undefined
|
|
48
|
+
*/
|
|
22
49
|
private continueOAuthFlow;
|
|
50
|
+
/**
|
|
51
|
+
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
52
|
+
*
|
|
53
|
+
* @param oAuthIdToken
|
|
54
|
+
* @returns
|
|
55
|
+
*/
|
|
56
|
+
startRefreshCertficateFlow(oAuthIdToken: string): Promise<RotateBundle | undefined>;
|
|
23
57
|
}
|
|
24
58
|
export { E2EIServiceInternal };
|
|
25
59
|
//# sourceMappingURL=E2EIServiceInternal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"E2EIServiceInternal.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.ts"],"names":[],"mappings":"AAyBA,OAAO,EACL,aAAa,EAKb,UAAU,EACV,YAAY,EACb,MAAM,qBAAqB,CAAC;AAW7B,cAAM,mBAAmB;IACvB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuD;IAC9E,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAa;IAC9C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAsB;IACzD,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;IACnC,OAAO,CAAC,QAAQ,CAAC,CAAiB;IAClC,OAAO,CAAC,WAAW,CAAC,CAAc;IAClC,OAAO,CAAC,aAAa,CAAS;IAE9B,OAAO;WAea,WAAW,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAwBrE,uBAAuB,CAAC,wBAAwB,EAAE,OAAO;IAYzD,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC;YAelF,YAAY;IAyB1B,OAAO,CAAC,aAAa;YAKP,IAAI;YAeJ,YAAY;YAeZ,eAAe;
|
|
1
|
+
{"version":3,"file":"E2EIServiceInternal.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.ts"],"names":[],"mappings":"AAyBA,OAAO,EACL,aAAa,EAKb,UAAU,EACV,YAAY,EACb,MAAM,qBAAqB,CAAC;AAW7B,cAAM,mBAAmB;IACvB,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuD;IAC9E,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAa;IAC9C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAY;IACtC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAsB;IACzD,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;IACnC,OAAO,CAAC,QAAQ,CAAC,CAAiB;IAClC,OAAO,CAAC,WAAW,CAAC,CAAc;IAClC,OAAO,CAAC,aAAa,CAAS;IAE9B,OAAO;WAea,WAAW,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAwBrE,uBAAuB,CAAC,wBAAwB,EAAE,OAAO;IAYzD,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC;YAelF,YAAY;IAyB1B,OAAO,CAAC,aAAa;YAKP,IAAI;YAeJ,YAAY;YAeZ,eAAe;IAa7B;;;;;OAKG;YACW,gCAAgC;IAgD9C;;;;;;;OAOG;YACW,sCAAsC;IAsEpD;;;OAGG;YACW,iBAAiB;IA0B/B;;;;;;OAMG;YACW,iBAAiB;IAmB/B;;;;;OAKG;IACU,0BAA0B,CAAC,YAAY,EAAE,MAAM;CAkB7D;AAED,OAAO,EAAC,mBAAmB,EAAC,CAAC"}
|
|
@@ -147,22 +147,25 @@ class E2EIServiceInternal {
|
|
|
147
147
|
throw error;
|
|
148
148
|
}
|
|
149
149
|
}
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
150
|
+
/**
|
|
151
|
+
* Start of the ACME enrollment flow
|
|
152
|
+
* Stores the received data in local storage for later use (e.g. in the continue flow)
|
|
153
|
+
*
|
|
154
|
+
* @returns authData
|
|
155
|
+
*/
|
|
156
|
+
async getAndStoreInitialEnrollmentData() {
|
|
154
157
|
if (!this.isInitialized || !this.identity || !this.acmeService) {
|
|
155
|
-
|
|
158
|
+
throw new Error('Error while trying to start OAuth flow. E2eIdentityService is not fully initialized');
|
|
156
159
|
}
|
|
157
160
|
// Get the directory
|
|
158
161
|
const directory = await this.getDirectory(this.identity, this.acmeService);
|
|
159
162
|
if (!directory) {
|
|
160
|
-
|
|
163
|
+
throw new Error('Error while trying to start OAuth flow. No directory received');
|
|
161
164
|
}
|
|
162
165
|
// Step 1: Get a new nonce from ACME server
|
|
163
166
|
const nonce = await this.getInitialNonce(directory, this.acmeService);
|
|
164
167
|
if (!nonce) {
|
|
165
|
-
|
|
168
|
+
throw new Error('Error while trying to start OAuth flow. No nonce received');
|
|
166
169
|
}
|
|
167
170
|
// Step 2: Create a new account
|
|
168
171
|
const newAccountNonce = await (0, Account_1.createNewAccount)({
|
|
@@ -185,7 +188,92 @@ class E2EIServiceInternal {
|
|
|
185
188
|
authzUrl: orderData.authzUrl,
|
|
186
189
|
nonce: orderData.nonce,
|
|
187
190
|
});
|
|
188
|
-
//
|
|
191
|
+
// Store the values in local storage for later use (e.g. in the continue flow)
|
|
192
|
+
E2EIStorage_1.E2EIStorage.store.authData(authData);
|
|
193
|
+
E2EIStorage_1.E2EIStorage.store.orderData({ orderUrl: orderData.orderUrl });
|
|
194
|
+
return { authData };
|
|
195
|
+
}
|
|
196
|
+
/**
|
|
197
|
+
* Continuation of the ACME enrollment flow
|
|
198
|
+
* Needs to be called after the user has authenticated with the OIDC provider
|
|
199
|
+
* Stores the received certificate data in local storage for later use
|
|
200
|
+
*
|
|
201
|
+
* @param oAuthIdToken
|
|
202
|
+
* @returns RotateBundle
|
|
203
|
+
*/
|
|
204
|
+
async getRotateBundleAndStoreCertificateData(oAuthIdToken) {
|
|
205
|
+
if (!this.isInitialized || !this.identity || !this.acmeService) {
|
|
206
|
+
throw new Error('Error while trying to start OAuth flow. E2eIdentityService is not fully initialized');
|
|
207
|
+
}
|
|
208
|
+
const authData = E2EIStorage_1.E2EIStorage.get.authData();
|
|
209
|
+
if (!authData.authorization.wireOidcChallenge) {
|
|
210
|
+
throw new Error('Error while trying to continue OAuth flow. No wireOidcChallenge received');
|
|
211
|
+
}
|
|
212
|
+
// Step 7: Do OIDC client challenge
|
|
213
|
+
const oidcData = await (0, OidcChallenge_1.doWireOidcChallenge)({
|
|
214
|
+
oAuthIdToken,
|
|
215
|
+
authData,
|
|
216
|
+
connection: this.acmeService,
|
|
217
|
+
identity: this.identity,
|
|
218
|
+
nonce: authData.nonce,
|
|
219
|
+
});
|
|
220
|
+
this.logger.log('received oidcData', oidcData);
|
|
221
|
+
if (!oidcData.data.validated) {
|
|
222
|
+
throw new Error('Error while trying to continue OAuth flow. OIDC challenge not validated');
|
|
223
|
+
}
|
|
224
|
+
const { user: wireUser, clientId } = E2EIStorage_1.E2EIStorage.get.initialData();
|
|
225
|
+
//Step 8: Do DPOP Challenge
|
|
226
|
+
const dpopData = await (0, DpopChallenge_1.doWireDpopChallenge)({
|
|
227
|
+
authData,
|
|
228
|
+
clientId,
|
|
229
|
+
connection: this.acmeService,
|
|
230
|
+
identity: this.identity,
|
|
231
|
+
userDomain: wireUser.domain,
|
|
232
|
+
apiClient: this.apiClient,
|
|
233
|
+
expirySecs: 30,
|
|
234
|
+
nonce: oidcData.nonce,
|
|
235
|
+
});
|
|
236
|
+
this.logger.log('acme dpopData', JSON.stringify(dpopData));
|
|
237
|
+
if (!(0, Helper_1.isResponseStatusValid)(dpopData.data.status)) {
|
|
238
|
+
throw new Error('Error while trying to continue OAuth flow. DPOP challenge not validated');
|
|
239
|
+
}
|
|
240
|
+
//Step 9: Finalize Order
|
|
241
|
+
const orderData = E2EIStorage_1.E2EIStorage.get.orderData();
|
|
242
|
+
const finalizeOrderData = await (0, Order_1.finalizeOrder)({
|
|
243
|
+
connection: this.acmeService,
|
|
244
|
+
identity: this.identity,
|
|
245
|
+
nonce: dpopData.nonce,
|
|
246
|
+
orderUrl: orderData.orderUrl,
|
|
247
|
+
});
|
|
248
|
+
if (!finalizeOrderData.certificateUrl) {
|
|
249
|
+
throw new Error('Error while trying to continue OAuth flow. No certificateUrl received');
|
|
250
|
+
}
|
|
251
|
+
// Step 9: Get certificate
|
|
252
|
+
const { certificate } = await (0, Certificate_1.getCertificate)({
|
|
253
|
+
certificateUrl: finalizeOrderData.certificateUrl,
|
|
254
|
+
nonce: finalizeOrderData.nonce,
|
|
255
|
+
connection: this.acmeService,
|
|
256
|
+
identity: this.identity,
|
|
257
|
+
});
|
|
258
|
+
if (!certificate) {
|
|
259
|
+
throw new Error('Error while trying to continue OAuth flow. No certificate received');
|
|
260
|
+
}
|
|
261
|
+
E2EIStorage_1.E2EIStorage.store.certificate(certificate);
|
|
262
|
+
// Step 10: Initialize MLS with the certificate
|
|
263
|
+
return await this.coreCryptoClient.e2eiRotateAll(this.identity, certificate, this.keyPackagesAmount);
|
|
264
|
+
}
|
|
265
|
+
/**
|
|
266
|
+
* This function starts a new ACME enrollment flow for either a new client
|
|
267
|
+
* or a client that wants to refresh its certificate but has no valid refresh token
|
|
268
|
+
*/
|
|
269
|
+
async startNewOAuthFlow() {
|
|
270
|
+
if (this.e2eServiceExternal.isEnrollmentInProgress()) {
|
|
271
|
+
return this.exitWithError('Error while trying to start OAuth flow. There is already a flow in progress');
|
|
272
|
+
}
|
|
273
|
+
if (!this.isInitialized || !this.identity) {
|
|
274
|
+
return this.exitWithError('Error while trying to start OAuth flow. E2eIdentityService is not fully initialized');
|
|
275
|
+
}
|
|
276
|
+
const { authData } = await this.getAndStoreInitialEnrollmentData();
|
|
189
277
|
// Step 6: Start E2E OAuth flow
|
|
190
278
|
const { authorization: { wireOidcChallenge }, } = authData;
|
|
191
279
|
if (wireOidcChallenge) {
|
|
@@ -193,13 +281,18 @@ class E2EIServiceInternal {
|
|
|
193
281
|
const handle = await this.coreCryptoClient.e2eiEnrollmentStash(this.identity);
|
|
194
282
|
// stash the handle in local storage
|
|
195
283
|
E2EIStorage_1.E2EIStorage.store.handle(bazinga64_1.Encoder.toBase64(handle).asString);
|
|
196
|
-
E2EIStorage_1.E2EIStorage.store.authData(authData);
|
|
197
|
-
E2EIStorage_1.E2EIStorage.store.orderData({ orderUrl: orderData.orderUrl });
|
|
198
284
|
// we need to pass back the aquired wireOidcChallenge to the UI
|
|
199
285
|
return wireOidcChallenge;
|
|
200
286
|
}
|
|
201
287
|
return undefined;
|
|
202
288
|
}
|
|
289
|
+
/**
|
|
290
|
+
* This function continues an ACME flow for either a new client
|
|
291
|
+
* or a client that wants to refresh its certificate but has no valid refresh token
|
|
292
|
+
*
|
|
293
|
+
* @param oAuthIdToken
|
|
294
|
+
* @returns RotateBundle | undefined
|
|
295
|
+
*/
|
|
203
296
|
async continueOAuthFlow(oAuthIdToken) {
|
|
204
297
|
// If we have a handle, the user has already started the process to authenticate with the OIDC provider. We can continue the flow.
|
|
205
298
|
try {
|
|
@@ -207,70 +300,36 @@ class E2EIServiceInternal {
|
|
|
207
300
|
return this.exitWithError('Error while trying to continue OAuth flow. AcmeService is not initialized');
|
|
208
301
|
}
|
|
209
302
|
const handle = E2EIStorage_1.E2EIStorage.get.handle();
|
|
210
|
-
const authData = E2EIStorage_1.E2EIStorage.get.authData();
|
|
211
|
-
if (!authData.authorization.wireOidcChallenge) {
|
|
212
|
-
return this.exitWithError('Error while trying to continue OAuth flow. No wireOidcChallenge received');
|
|
213
|
-
}
|
|
214
303
|
this.identity = await this.coreCryptoClient.e2eiEnrollmentStashPop(bazinga64_1.Decoder.fromBase64(handle).asBytes);
|
|
215
304
|
this.logger.log('retrieved identity from stash');
|
|
216
|
-
|
|
217
|
-
const oidcData = await (0, OidcChallenge_1.doWireOidcChallenge)({
|
|
218
|
-
oAuthIdToken,
|
|
219
|
-
authData,
|
|
220
|
-
connection: this.acmeService,
|
|
221
|
-
identity: this.identity,
|
|
222
|
-
nonce: authData.nonce,
|
|
223
|
-
});
|
|
224
|
-
this.logger.log('received oidcData', oidcData);
|
|
225
|
-
if (!oidcData.data.validated) {
|
|
226
|
-
return this.exitWithError('Error while trying to continue OAuth flow. OIDC challenge not validated');
|
|
227
|
-
}
|
|
228
|
-
const { user: wireUser, clientId } = E2EIStorage_1.E2EIStorage.get.initialData();
|
|
229
|
-
//Step 8: Do DPOP Challenge
|
|
230
|
-
const dpopData = await (0, DpopChallenge_1.doWireDpopChallenge)({
|
|
231
|
-
authData,
|
|
232
|
-
clientId,
|
|
233
|
-
connection: this.acmeService,
|
|
234
|
-
identity: this.identity,
|
|
235
|
-
userDomain: wireUser.domain,
|
|
236
|
-
apiClient: this.apiClient,
|
|
237
|
-
expirySecs: 30,
|
|
238
|
-
nonce: oidcData.nonce,
|
|
239
|
-
});
|
|
240
|
-
this.logger.log('acme dpopData', JSON.stringify(dpopData));
|
|
241
|
-
if (!(0, Helper_1.isResponseStatusValid)(dpopData.data.status)) {
|
|
242
|
-
return this.exitWithError('Error while trying to continue OAuth flow. DPOP challenge not validated');
|
|
243
|
-
}
|
|
244
|
-
//Step 9: Finalize Order
|
|
245
|
-
const orderData = E2EIStorage_1.E2EIStorage.get.orderData();
|
|
246
|
-
const finalizeOrderData = await (0, Order_1.finalizeOrder)({
|
|
247
|
-
connection: this.acmeService,
|
|
248
|
-
identity: this.identity,
|
|
249
|
-
nonce: dpopData.nonce,
|
|
250
|
-
orderUrl: orderData.orderUrl,
|
|
251
|
-
});
|
|
252
|
-
if (!finalizeOrderData.certificateUrl) {
|
|
253
|
-
return this.exitWithError('Error while trying to continue OAuth flow. No certificateUrl received');
|
|
254
|
-
}
|
|
255
|
-
// Step 9: Get certificate
|
|
256
|
-
const { certificate } = await (0, Certificate_1.getCertificate)({
|
|
257
|
-
certificateUrl: finalizeOrderData.certificateUrl,
|
|
258
|
-
nonce: finalizeOrderData.nonce,
|
|
259
|
-
connection: this.acmeService,
|
|
260
|
-
identity: this.identity,
|
|
261
|
-
});
|
|
262
|
-
if (!certificate) {
|
|
263
|
-
return this.exitWithError('Error while trying to continue OAuth flow. No certificate received');
|
|
264
|
-
}
|
|
265
|
-
E2EIStorage_1.E2EIStorage.store.certificate(certificate);
|
|
266
|
-
// Step 10: Initialize MLS with the certificate
|
|
267
|
-
// TODO: This is not working yet (since we initialize mls beforehand) and will be replaced by a new core-crypto function later on
|
|
268
|
-
return await this.coreCryptoClient.e2eiRotateAll(this.identity, certificate, this.keyPackagesAmount);
|
|
305
|
+
return await this.getRotateBundleAndStoreCertificateData(oAuthIdToken);
|
|
269
306
|
}
|
|
270
307
|
catch (error) {
|
|
271
308
|
this.logger.error('Error while trying to continue OAuth flow', error);
|
|
272
309
|
throw error;
|
|
273
310
|
}
|
|
274
311
|
}
|
|
312
|
+
/**
|
|
313
|
+
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
314
|
+
*
|
|
315
|
+
* @param oAuthIdToken
|
|
316
|
+
* @returns
|
|
317
|
+
*/
|
|
318
|
+
async startRefreshCertficateFlow(oAuthIdToken) {
|
|
319
|
+
// we dont have an oauth flow since we already get the oAuthIdToken from the client
|
|
320
|
+
try {
|
|
321
|
+
if (!this.acmeService) {
|
|
322
|
+
return this.exitWithError('Error while trying to continue OAuth flow. AcmeService is not initialized');
|
|
323
|
+
}
|
|
324
|
+
// We need to initialize the identity
|
|
325
|
+
await this.initIdentity(true);
|
|
326
|
+
await this.getAndStoreInitialEnrollmentData();
|
|
327
|
+
return await this.getRotateBundleAndStoreCertificateData(oAuthIdToken);
|
|
328
|
+
}
|
|
329
|
+
catch (error) {
|
|
330
|
+
this.logger.error('Error while trying do the certificate refresh flow', error);
|
|
331
|
+
throw error;
|
|
332
|
+
}
|
|
333
|
+
}
|
|
275
334
|
}
|
|
276
335
|
exports.E2EIServiceInternal = E2EIServiceInternal;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"E2EIStorage.d.ts","sourceRoot":"","sources":["../../../../../src/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAC,QAAQ,EAAkB,WAAW,EAAqB,SAAS,EAAC,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"E2EIStorage.d.ts","sourceRoot":"","sources":["../../../../../src/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.ts"],"names":[],"mappings":"AAmBA,OAAO,EAAC,QAAQ,EAAkB,WAAW,EAAqB,SAAS,EAAC,MAAM,sBAAsB,CAAC;AA2FzG,eAAO,MAAM,WAAW;;yBA/EK,MAAM;yBAEN,QAAQ;0BADP,SAAS;4BAEP,WAAW;4BACX,MAAM;;;2BA0BX,WAAW;+BAoBP,MAAM;;wBA9BJ,QAAQ;yBAoBP,SAAS;;;;;;;;;;;;;CAiE1C,CAAC"}
|
|
@@ -79,11 +79,13 @@ const getCertificateData = () => {
|
|
|
79
79
|
const atob = window.atob(data);
|
|
80
80
|
return atob;
|
|
81
81
|
};
|
|
82
|
+
const removeInitialData = () => {
|
|
83
|
+
storage.remove(InitialDataKey);
|
|
84
|
+
};
|
|
82
85
|
const removeTemporaryData = () => {
|
|
83
86
|
storage.remove(HandleKey);
|
|
84
87
|
storage.remove(AuthDataKey);
|
|
85
88
|
storage.remove(OderDataKey);
|
|
86
|
-
storage.remove(InitialDataKey);
|
|
87
89
|
};
|
|
88
90
|
const removeCertificateData = () => {
|
|
89
91
|
storage.remove(CertificateDataKey);
|
|
@@ -91,6 +93,7 @@ const removeCertificateData = () => {
|
|
|
91
93
|
const removeAll = () => {
|
|
92
94
|
removeTemporaryData();
|
|
93
95
|
removeCertificateData();
|
|
96
|
+
removeInitialData();
|
|
94
97
|
};
|
|
95
98
|
exports.E2EIStorage = {
|
|
96
99
|
store: {
|
|
@@ -113,6 +116,7 @@ exports.E2EIStorage = {
|
|
|
113
116
|
certificateData: hasCertificateData,
|
|
114
117
|
},
|
|
115
118
|
remove: {
|
|
119
|
+
initialData: removeInitialData,
|
|
116
120
|
temporaryData: removeTemporaryData,
|
|
117
121
|
certificateData: removeCertificateData,
|
|
118
122
|
all: removeAll,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MLSService.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/MLSService/MLSService.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAqB,gBAAgB,EAAC,MAAM,gCAAgC,CAAC;AACzF,OAAO,EAAC,sBAAsB,EAAE,kBAAkB,EAAC,MAAM,sCAAsC,CAAC;AAChG,OAAO,EAAC,8BAA8B,EAAE,2BAA2B,EAAC,MAAM,+BAA+B,CAAC;AAE1G,OAAO,EAAC,WAAW,EAAC,MAAM,8BAA8B,CAAC;AAEzD,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAW,iBAAiB,EAAC,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EACL,eAAe,EAIf,cAAc,EACd,UAAU,EAEV,gBAAgB,EAChB,uBAAuB,EACvB,oBAAoB,EACpB,OAAO,EACP,YAAY,EACZ,YAAY,EACZ,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAC,gBAAgB,EAAsB,MAAM,oBAAoB,CAAC;AAEzE,OAAO,EAAC,mBAAmB,EAAC,MAAM,uBAAuB,CAAC;AAE1D,OAAO,EAAC,YAAY,EAAC,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAC,sBAAsB,EAAC,MAAM,sCAAsC,CAAC;AAE5E,OAAO,EAAC,aAAa,EAAE,mBAAmB,EAAE,IAAI,EAAC,MAAM,uBAAuB,CAAC;AAG/E,OAAO,EAAC,QAAQ,EAAE,4BAA4B,EAAE,4BAA4B,EAAC,MAAM,UAAU,CAAC;AAK9F,eAAO,MAAM,oBAAoB,UAAW,UAAU,GAAG,EAAE,KAAG,UAE7D,CAAC;AAEF,UAAU,qBAAsB,SAAQ,gBAAgB;IACtD;;OAEG;IACH,uCAAuC,EAAE,MAAM,CAAC;CACjD;AASD,KAAK,MAAM,GAAG;IACZ,QAAQ,EAAE;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAC,CAAC;CAC5C,CAAC;AACF,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,MAAM,CAAC;IAOrD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IATzC,MAAM,iBAAuC;IAC7C,MAAM,EAAE,qBAAqB,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;gBAG9B,SAAS,EAAE,SAAS,EACpB,gBAAgB,EAAE,UAAU,EAC5B,YAAY,EAAE,YAAY,EAC1B,sBAAsB,EAAE,sBAAsB,EAC/D,EACE,6BAA2E,EAC3E,aAA2C,EAC3C,kBAAqD,EACrD,qBAA2D,GAC5D,EAAE,OAAO,CAAC,gBAAgB,CAAC;IAYjB,UAAU,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,gBAAgB,EAAE,qBAAqB,UAAQ;IAyBpG,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAuCjC;IAEF;;;;;;OAMG;IACI,8BAA8B,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE;IAW5D,qBAAqB,CAAC,cAAc,EAAE,mBAAmB,EAAE;;;;IA8CjE,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU;IAK/B,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,eAAe,GAAG,kBAAkB;IAIjG,oBAAoB,CAAC,YAAY,EAAE,MAAM,OAAO,CAAC,UAAU,CAAC;IAwB5D,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMpE,mBAAmB,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB;IAI7F,qBAAqB,CAAC,cAAc,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC;IAI1E,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiB9F,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrG;;;;;;;;;OASG;YACW,mBAAmB;IAQjC,OAAO,CAAC,oBAAoB;IAK5B;;;OAGG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAatE;;;;;OAKG;IACU,oBAAoB,CAC/B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,WAAW,EAAE,EACpB,OAAO,CAAC,EAAE;QAAC,IAAI,EAAE,WAAW,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAC,GAC7C,OAAO,CAAC,sBAAsB,CAAC;IAiClC;;;;;OAKG;IACH,SAAgB,uBAAuB,YAAmB,MAAM,KAAG,QAAQ,OAAO,CAAC,CA2BjF;IAEF;;;;OAIG;IACI,6BAA6B,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE;YAW7D,eAAe;IAK7B;;;OAGG;IACU,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlE;;;;OAIG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D,2BAA2B,IAAI,OAAO,CAAC,MAAM,CAAC;IAO9C,iBAAiB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAQ9E;;;;OAIG;IACU,gBAAgB,CAAC,OAAO,EAAE,MAAM;IAc7C,OAAO,CAAC,sCAAsC;IAI9C;;;OAGG;IACU,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAKpD;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAIhC;;;OAGG;IACI,0BAA0B,CAAC,OAAO,EAAE,MAAM;IAUjD;;;OAGG;IACI,mCAAmC,CAAC,QAAQ,EAAE,MAAM,EAAE;IAQ7D;;;;OAIG;IACI,sCAAsC,CAAC,QAAQ,EAAE,MAAM;IAQ9D;;;;OAIG;YACW,+BAA+B;YAQ/B,gCAAgC;YAYhC,2BAA2B;IAIzC;;;;;OAKG;YACW,mBAAmB;YAYnB,oBAAoB;IAOrB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAc7D;;;;;;;OAOG;IACU,sBAAsB,CAAC,EAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAC,EAAE,4BAA4B;YAWnF,4BAA4B;YAU5B,0BAA0B;IAKxC,OAAO,CAAC,6BAA6B;IAIrC;;;;;OAKG;IACU,sBAAsB,CAAC,EAAC,OAAO,EAAE,UAAkB,EAAC,EAAE,4BAA4B;IAY/F;;;;OAIG;IACU,+BAA+B;IAiB5C;;;;OAIG;IACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAC,EAAE,CAAC;IAY9F,wBAAwB,CACnC,KAAK,EAAE,8BAA8B,EACrC,yBAAyB,EAAE,CACzB,cAAc,EAAE,WAAW,EAC3B,iBAAiB,CAAC,EAAE,kBAAkB,KACnC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAKrB,4BAA4B,CAAC,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAM;IAcjF,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE;IASjF;;;;;;;;OAQG;IACU,UAAU,CACrB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,mBAAmB,EACxC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,gBAAgB,EACxB,SAAS,EAAE,MAAM,EACjB,wBAAwB,EAAE,OAAO,EACjC,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"MLSService.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/MLSService/MLSService.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAqB,gBAAgB,EAAC,MAAM,gCAAgC,CAAC;AACzF,OAAO,EAAC,sBAAsB,EAAE,kBAAkB,EAAC,MAAM,sCAAsC,CAAC;AAChG,OAAO,EAAC,8BAA8B,EAAE,2BAA2B,EAAC,MAAM,+BAA+B,CAAC;AAE1G,OAAO,EAAC,WAAW,EAAC,MAAM,8BAA8B,CAAC;AAEzD,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAW,iBAAiB,EAAC,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EACL,eAAe,EAIf,cAAc,EACd,UAAU,EAEV,gBAAgB,EAChB,uBAAuB,EACvB,oBAAoB,EACpB,OAAO,EACP,YAAY,EACZ,YAAY,EACZ,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAC,gBAAgB,EAAsB,MAAM,oBAAoB,CAAC;AAEzE,OAAO,EAAC,mBAAmB,EAAC,MAAM,uBAAuB,CAAC;AAE1D,OAAO,EAAC,YAAY,EAAC,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAC,sBAAsB,EAAC,MAAM,sCAAsC,CAAC;AAE5E,OAAO,EAAC,aAAa,EAAE,mBAAmB,EAAE,IAAI,EAAC,MAAM,uBAAuB,CAAC;AAG/E,OAAO,EAAC,QAAQ,EAAE,4BAA4B,EAAE,4BAA4B,EAAC,MAAM,UAAU,CAAC;AAK9F,eAAO,MAAM,oBAAoB,UAAW,UAAU,GAAG,EAAE,KAAG,UAE7D,CAAC;AAEF,UAAU,qBAAsB,SAAQ,gBAAgB;IACtD;;OAEG;IACH,uCAAuC,EAAE,MAAM,CAAC;CACjD;AASD,KAAK,MAAM,GAAG;IACZ,QAAQ,EAAE;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAC,CAAC;CAC5C,CAAC;AACF,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,MAAM,CAAC;IAOrD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IATzC,MAAM,iBAAuC;IAC7C,MAAM,EAAE,qBAAqB,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;gBAG9B,SAAS,EAAE,SAAS,EACpB,gBAAgB,EAAE,UAAU,EAC5B,YAAY,EAAE,YAAY,EAC1B,sBAAsB,EAAE,sBAAsB,EAC/D,EACE,6BAA2E,EAC3E,aAA2C,EAC3C,kBAAqD,EACrD,qBAA2D,GAC5D,EAAE,OAAO,CAAC,gBAAgB,CAAC;IAYjB,UAAU,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,gBAAgB,EAAE,qBAAqB,UAAQ;IAyBpG,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAuCjC;IAEF;;;;;;OAMG;IACI,8BAA8B,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE;IAW5D,qBAAqB,CAAC,cAAc,EAAE,mBAAmB,EAAE;;;;IA8CjE,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU;IAK/B,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,eAAe,GAAG,kBAAkB;IAIjG,oBAAoB,CAAC,YAAY,EAAE,MAAM,OAAO,CAAC,UAAU,CAAC;IAwB5D,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMpE,mBAAmB,CAAC,oBAAoB,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB;IAI7F,qBAAqB,CAAC,cAAc,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC;IAI1E,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAiB9F,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrG;;;;;;;;;OASG;YACW,mBAAmB;IAQjC,OAAO,CAAC,oBAAoB;IAK5B;;;OAGG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAatE;;;;;OAKG;IACU,oBAAoB,CAC/B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,WAAW,EAAE,EACpB,OAAO,CAAC,EAAE;QAAC,IAAI,EAAE,WAAW,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAC,GAC7C,OAAO,CAAC,sBAAsB,CAAC;IAiClC;;;;;OAKG;IACH,SAAgB,uBAAuB,YAAmB,MAAM,KAAG,QAAQ,OAAO,CAAC,CA2BjF;IAEF;;;;OAIG;IACI,6BAA6B,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE;YAW7D,eAAe;IAK7B;;;OAGG;IACU,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlE;;;;OAIG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D,2BAA2B,IAAI,OAAO,CAAC,MAAM,CAAC;IAO9C,iBAAiB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAQ9E;;;;OAIG;IACU,gBAAgB,CAAC,OAAO,EAAE,MAAM;IAc7C,OAAO,CAAC,sCAAsC;IAI9C;;;OAGG;IACU,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAKpD;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAIhC;;;OAGG;IACI,0BAA0B,CAAC,OAAO,EAAE,MAAM;IAUjD;;;OAGG;IACI,mCAAmC,CAAC,QAAQ,EAAE,MAAM,EAAE;IAQ7D;;;;OAIG;IACI,sCAAsC,CAAC,QAAQ,EAAE,MAAM;IAQ9D;;;;OAIG;YACW,+BAA+B;YAQ/B,gCAAgC;YAYhC,2BAA2B;IAIzC;;;;;OAKG;YACW,mBAAmB;YAYnB,oBAAoB;IAOrB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAc7D;;;;;;;OAOG;IACU,sBAAsB,CAAC,EAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAC,EAAE,4BAA4B;YAWnF,4BAA4B;YAU5B,0BAA0B;IAKxC,OAAO,CAAC,6BAA6B;IAIrC;;;;;OAKG;IACU,sBAAsB,CAAC,EAAC,OAAO,EAAE,UAAkB,EAAC,EAAE,4BAA4B;IAY/F;;;;OAIG;IACU,+BAA+B;IAiB5C;;;;OAIG;IACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAC,EAAE,CAAC;IAY9F,wBAAwB,CACnC,KAAK,EAAE,8BAA8B,EACrC,yBAAyB,EAAE,CACzB,cAAc,EAAE,WAAW,EAC3B,iBAAiB,CAAC,EAAE,kBAAkB,KACnC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAKrB,4BAA4B,CAAC,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAM;IAcjF,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE;IASjF;;;;;;;;OAQG;IACU,UAAU,CACrB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,mBAAmB,EACxC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,gBAAgB,EACxB,SAAS,EAAE,MAAM,EACjB,wBAAwB,EAAE,OAAO,EACjC,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC;CA4DpC"}
|
|
@@ -620,14 +620,24 @@ class MLSService extends commons_1.TypedEventEmitter {
|
|
|
620
620
|
discoveryUrl,
|
|
621
621
|
keyPackagesAmount: nbPrekeys,
|
|
622
622
|
});
|
|
623
|
+
// If we don't have an OAuth id token, we need to start the certificate process with Oauth
|
|
623
624
|
if (!oAuthIdToken) {
|
|
624
625
|
const challengeData = await instance.startCertificateProcess(refreshActiveCertificate);
|
|
625
626
|
if (challengeData) {
|
|
626
627
|
return challengeData;
|
|
627
628
|
}
|
|
629
|
+
// If we have an OAuth id token, we can continue the certificate process / start a refresh
|
|
628
630
|
}
|
|
629
631
|
else {
|
|
630
|
-
|
|
632
|
+
let rotateBundle;
|
|
633
|
+
// If we are not refreshing the active certificate, we need to continue the certificate process with Oauth
|
|
634
|
+
if (!refreshActiveCertificate) {
|
|
635
|
+
rotateBundle = await instance.continueCertificateProcess(oAuthIdToken);
|
|
636
|
+
// If we are refreshing the active certificate, can start the refresh process
|
|
637
|
+
}
|
|
638
|
+
else {
|
|
639
|
+
rotateBundle = await instance.startRefreshCertficateFlow(oAuthIdToken);
|
|
640
|
+
}
|
|
631
641
|
if (rotateBundle !== undefined) {
|
|
632
642
|
// upload the clients public keys
|
|
633
643
|
await this.uploadMLSPublicKeys(client);
|
package/package.json
CHANGED