@wireapp/core 43.14.0 → 43.14.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.d.ts +13 -10
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.js +53 -65
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.d.ts +1 -5
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.js +0 -19
- package/lib/messagingProtocols/mls/MLSService/MLSService.d.ts.map +1 -1
- package/lib/messagingProtocols/mls/MLSService/MLSService.js +52 -58
- package/package.json +2 -2
|
@@ -1,4 +1,6 @@
|
|
|
1
|
+
import { AcmeService } from './Connection/AcmeServer';
|
|
1
2
|
import { InitParams, RotateBundle } from './E2EIService.types';
|
|
3
|
+
import { InitialData } from './Storage/E2EIStorage.schema';
|
|
2
4
|
export declare class E2EIServiceInternal {
|
|
3
5
|
private readonly coreCryptoClient;
|
|
4
6
|
private readonly apiClient;
|
|
@@ -9,11 +11,12 @@ export declare class E2EIServiceInternal {
|
|
|
9
11
|
private readonly dispatchNewCrlDistributionPoints;
|
|
10
12
|
private static instance;
|
|
11
13
|
private readonly logger;
|
|
12
|
-
private
|
|
13
|
-
private
|
|
14
|
-
private isInitialized;
|
|
14
|
+
private _acmeService?;
|
|
15
|
+
private _initialData?;
|
|
15
16
|
private constructor();
|
|
16
17
|
static getInstance(params?: InitParams): Promise<E2EIServiceInternal>;
|
|
18
|
+
get acmeService(): AcmeService;
|
|
19
|
+
get initialData(): InitialData;
|
|
17
20
|
startCertificateProcess(hasActiveCertificate: boolean): Promise<{
|
|
18
21
|
challenge: {
|
|
19
22
|
url: string;
|
|
@@ -23,6 +26,13 @@ export declare class E2EIServiceInternal {
|
|
|
23
26
|
keyAuth: string;
|
|
24
27
|
}>;
|
|
25
28
|
continueCertificateProcess(oAuthIdToken: string): Promise<RotateBundle | undefined>;
|
|
29
|
+
/**
|
|
30
|
+
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
31
|
+
*
|
|
32
|
+
* @param oAuthIdToken
|
|
33
|
+
* @returns
|
|
34
|
+
*/
|
|
35
|
+
renewCertificate(oAuthIdToken: string, hasActiveCertificate: boolean): Promise<RotateBundle>;
|
|
26
36
|
private initIdentity;
|
|
27
37
|
private init;
|
|
28
38
|
private getDirectory;
|
|
@@ -56,12 +66,5 @@ export declare class E2EIServiceInternal {
|
|
|
56
66
|
* @returns RotateBundle | undefined
|
|
57
67
|
*/
|
|
58
68
|
private continueOAuthFlow;
|
|
59
|
-
/**
|
|
60
|
-
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
61
|
-
*
|
|
62
|
-
* @param oAuthIdToken
|
|
63
|
-
* @returns
|
|
64
|
-
*/
|
|
65
|
-
startRefreshCertficateFlow(oAuthIdToken: string, hasActiveCertificate: boolean): Promise<RotateBundle>;
|
|
66
69
|
}
|
|
67
70
|
//# sourceMappingURL=E2EIServiceInternal.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"E2EIServiceInternal.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"E2EIServiceInternal.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/E2EIdentityService/E2EIServiceInternal.ts"],"names":[],"mappings":"AAwBA,OAAO,EAAC,WAAW,EAAC,MAAM,yBAAyB,CAAC;AACpD,OAAO,EAAyD,UAAU,EAAE,YAAY,EAAC,MAAM,qBAAqB,CAAC;AAUrH,OAAO,EAAW,WAAW,EAAC,MAAM,8BAA8B,CAAC;AAInE,qBAAa,mBAAmB;IAO5B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,wDAAwD;IACxD,OAAO,CAAC,QAAQ,CAAC,cAAc;IAC/B,OAAO,CAAC,QAAQ,CAAC,iBAAiB;IAClC,OAAO,CAAC,QAAQ,CAAC,gCAAgC;IAZnD,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAsB;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuD;IAC9E,OAAO,CAAC,YAAY,CAAC,CAAc;IACnC,OAAO,CAAC,YAAY,CAAC,CAAc;IAEnC,OAAO;WAYa,WAAW,CAAC,MAAM,CAAC,EAAE,UAAU,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAiClF,IAAI,WAAW,IAAI,WAAW,CAK7B;IAED,IAAI,WAAW,IAAI,WAAW,CAK7B;IAEY,uBAAuB,CAAC,oBAAoB,EAAE,OAAO;;;;;;;;IAOrD,0BAA0B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC;IAQhG;;;;;OAKG;IACU,gBAAgB,CAAC,YAAY,EAAE,MAAM,EAAE,oBAAoB,EAAE,OAAO;YASnE,YAAY;YAuBZ,IAAI;YASJ,YAAY;YAUZ,eAAe;IAQ7B;;;;;OAKG;YACW,uBAAuB;IAyCrC;;;;;;;OAOG;YACW,sCAAsC;IAiEpD;;;OAGG;YACW,iBAAiB;IAyB/B;;;;;;OAMG;YACW,iBAAiB;CAShC"}
|
|
@@ -45,7 +45,6 @@ class E2EIServiceInternal {
|
|
|
45
45
|
this.keyPackagesAmount = keyPackagesAmount;
|
|
46
46
|
this.dispatchNewCrlDistributionPoints = dispatchNewCrlDistributionPoints;
|
|
47
47
|
this.logger = (0, logdown_1.default)('@wireapp/core/E2EIdentityServiceInternal');
|
|
48
|
-
this.isInitialized = false;
|
|
49
48
|
}
|
|
50
49
|
// ############ Public Functions ############
|
|
51
50
|
static async getInstance(params) {
|
|
@@ -60,17 +59,28 @@ class E2EIServiceInternal {
|
|
|
60
59
|
if (!discoveryUrl || !user || !clientId) {
|
|
61
60
|
throw new Error('discoveryUrl, user and clientId are required to initialize E2EIServiceInternal');
|
|
62
61
|
}
|
|
63
|
-
E2EIStorage_1.E2EIStorage.store.initialData({ discoveryUrl, user, clientId });
|
|
64
62
|
await E2EIServiceInternal.instance.init({ clientId, discoveryUrl, user });
|
|
65
63
|
}
|
|
66
64
|
}
|
|
67
65
|
return E2EIServiceInternal.instance;
|
|
68
66
|
}
|
|
67
|
+
get acmeService() {
|
|
68
|
+
if (!this._acmeService) {
|
|
69
|
+
throw new Error('Error while trying to get AcmeService. E2EIServiceInternal has not been initialized');
|
|
70
|
+
}
|
|
71
|
+
return this._acmeService;
|
|
72
|
+
}
|
|
73
|
+
get initialData() {
|
|
74
|
+
if (!this._initialData) {
|
|
75
|
+
throw new Error('Error while trying to get InitialData. E2EIServiceInternal has not been initialized');
|
|
76
|
+
}
|
|
77
|
+
return this._initialData;
|
|
78
|
+
}
|
|
69
79
|
async startCertificateProcess(hasActiveCertificate) {
|
|
70
80
|
// Step 0: Check if we have a handle in local storage
|
|
71
81
|
// If we don't have a handle, we need to start a new OAuth flow
|
|
72
|
-
await this.initIdentity(hasActiveCertificate);
|
|
73
|
-
return this.startNewOAuthFlow();
|
|
82
|
+
const identity = await this.initIdentity(hasActiveCertificate);
|
|
83
|
+
return this.startNewOAuthFlow(identity);
|
|
74
84
|
}
|
|
75
85
|
async continueCertificateProcess(oAuthIdToken) {
|
|
76
86
|
// If we don't have a handle, we need to start a new OAuth flow
|
|
@@ -79,26 +89,33 @@ class E2EIServiceInternal {
|
|
|
79
89
|
}
|
|
80
90
|
throw new Error('Error while trying to continue OAuth flow. No enrollment in progress found');
|
|
81
91
|
}
|
|
92
|
+
/**
|
|
93
|
+
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
94
|
+
*
|
|
95
|
+
* @param oAuthIdToken
|
|
96
|
+
* @returns
|
|
97
|
+
*/
|
|
98
|
+
async renewCertificate(oAuthIdToken, hasActiveCertificate) {
|
|
99
|
+
const identity = await this.initIdentity(hasActiveCertificate);
|
|
100
|
+
const authData = await this.getEnrollmentChallenges(identity);
|
|
101
|
+
return this.getRotateBundleAndStoreCertificateData(identity, oAuthIdToken, authData.authChallenges);
|
|
102
|
+
}
|
|
82
103
|
// ############ Internal Functions ############
|
|
83
104
|
async initIdentity(hasActiveCertificate) {
|
|
84
|
-
const { user } =
|
|
105
|
+
const { user } = this.initialData;
|
|
85
106
|
// How long the issued certificate should be maximal valid
|
|
86
107
|
const ciphersuite = E2EIService_types_1.Ciphersuite.MLS_128_DHKEMX25519_AES128GCM_SHA256_Ed25519;
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
else {
|
|
91
|
-
this.identity = await this.coreCryptoClient.e2eiNewActivationEnrollment(user.displayName, user.handle, this.certificateTtl, ciphersuite, user.teamId);
|
|
92
|
-
}
|
|
108
|
+
return hasActiveCertificate
|
|
109
|
+
? this.coreCryptoClient.e2eiNewRotateEnrollment(this.certificateTtl, ciphersuite, user.displayName, user.handle, user.teamId)
|
|
110
|
+
: this.coreCryptoClient.e2eiNewActivationEnrollment(user.displayName, user.handle, this.certificateTtl, ciphersuite, user.teamId);
|
|
93
111
|
}
|
|
94
112
|
async init(params) {
|
|
95
113
|
const { user, clientId, discoveryUrl } = params;
|
|
96
114
|
if (!user || !clientId) {
|
|
97
|
-
|
|
98
|
-
throw new Error();
|
|
115
|
+
throw new Error('user and clientId are required to initialize E2eIdentityService');
|
|
99
116
|
}
|
|
100
|
-
this.
|
|
101
|
-
this.
|
|
117
|
+
this._initialData = { user, clientId, discoveryUrl };
|
|
118
|
+
this._acmeService = new AcmeServer_1.AcmeService(discoveryUrl);
|
|
102
119
|
}
|
|
103
120
|
async getDirectory(identity, connection) {
|
|
104
121
|
const directory = await connection.getDirectory();
|
|
@@ -121,21 +138,18 @@ class E2EIServiceInternal {
|
|
|
121
138
|
*
|
|
122
139
|
* @returns authData
|
|
123
140
|
*/
|
|
124
|
-
async getEnrollmentChallenges() {
|
|
125
|
-
if (!this.isInitialized || !this.identity || !this.acmeService) {
|
|
126
|
-
throw new Error('Error while trying to start OAuth flow. E2eIdentityService is not fully initialized');
|
|
127
|
-
}
|
|
141
|
+
async getEnrollmentChallenges(identity) {
|
|
128
142
|
// Get the directory
|
|
129
|
-
const
|
|
143
|
+
const { acmeService: acmeService } = this;
|
|
144
|
+
const directory = await this.getDirectory(identity, acmeService);
|
|
130
145
|
if (!directory) {
|
|
131
146
|
throw new Error('Error while trying to start OAuth flow. No directory received');
|
|
132
147
|
}
|
|
133
148
|
// Step 1: Get a new nonce from ACME server
|
|
134
|
-
const nonce = await this.getInitialNonce(directory,
|
|
149
|
+
const nonce = await this.getInitialNonce(directory, acmeService);
|
|
135
150
|
if (!nonce) {
|
|
136
151
|
throw new Error('Error while trying to start OAuth flow. No nonce received');
|
|
137
152
|
}
|
|
138
|
-
const { acmeService, identity } = this;
|
|
139
153
|
// Step 2: Create a new account
|
|
140
154
|
const newAccountNonce = await (0, Account_1.createNewAccount)({
|
|
141
155
|
connection: acmeService,
|
|
@@ -157,10 +171,7 @@ class E2EIServiceInternal {
|
|
|
157
171
|
authzUrls: orderData.authzUrls,
|
|
158
172
|
nonce: orderData.nonce,
|
|
159
173
|
});
|
|
160
|
-
|
|
161
|
-
E2EIStorage_1.E2EIStorage.store.authData(authChallenges);
|
|
162
|
-
E2EIStorage_1.E2EIStorage.store.orderData({ orderUrl: orderData.orderUrl });
|
|
163
|
-
return authChallenges;
|
|
174
|
+
return { authChallenges, orderUrl: orderData.orderUrl };
|
|
164
175
|
}
|
|
165
176
|
/**
|
|
166
177
|
* Continuation of the ACME enrollment flow
|
|
@@ -170,29 +181,26 @@ class E2EIServiceInternal {
|
|
|
170
181
|
* @param oAuthIdToken
|
|
171
182
|
* @returns RotateBundle
|
|
172
183
|
*/
|
|
173
|
-
async getRotateBundleAndStoreCertificateData(oAuthIdToken, authData) {
|
|
174
|
-
if (!this.isInitialized || !this.identity || !this.acmeService) {
|
|
175
|
-
throw new Error('Error while trying to start OAuth flow. E2eIdentityService is not fully initialized');
|
|
176
|
-
}
|
|
184
|
+
async getRotateBundleAndStoreCertificateData(identity, oAuthIdToken, authData) {
|
|
177
185
|
// Step 7: Do OIDC client challenge
|
|
178
186
|
const oidcData = await (0, OidcChallenge_1.doWireOidcChallenge)({
|
|
179
187
|
oAuthIdToken,
|
|
180
188
|
authData,
|
|
181
189
|
connection: this.acmeService,
|
|
182
|
-
identity
|
|
190
|
+
identity,
|
|
183
191
|
nonce: authData.nonce,
|
|
184
192
|
});
|
|
185
193
|
this.logger.log('received oidcData', oidcData);
|
|
186
194
|
if (!oidcData.data.validated) {
|
|
187
195
|
throw new Error('Error while trying to continue OAuth flow. OIDC challenge not validated');
|
|
188
196
|
}
|
|
189
|
-
const { user: wireUser, clientId } =
|
|
197
|
+
const { user: wireUser, clientId } = this.initialData;
|
|
190
198
|
//Step 8: Do DPOP Challenge
|
|
191
199
|
const dpopData = await (0, DpopChallenge_1.doWireDpopChallenge)({
|
|
192
200
|
authData,
|
|
193
201
|
clientId,
|
|
194
202
|
connection: this.acmeService,
|
|
195
|
-
identity
|
|
203
|
+
identity,
|
|
196
204
|
userDomain: wireUser.domain,
|
|
197
205
|
apiClient: this.apiClient,
|
|
198
206
|
expirySecs: 30,
|
|
@@ -206,7 +214,7 @@ class E2EIServiceInternal {
|
|
|
206
214
|
const orderData = E2EIStorage_1.E2EIStorage.get.orderData();
|
|
207
215
|
const finalizeOrderData = await (0, Order_1.finalizeOrder)({
|
|
208
216
|
connection: this.acmeService,
|
|
209
|
-
identity
|
|
217
|
+
identity,
|
|
210
218
|
nonce: dpopData.nonce,
|
|
211
219
|
orderUrl: orderData.orderUrl,
|
|
212
220
|
});
|
|
@@ -218,13 +226,13 @@ class E2EIServiceInternal {
|
|
|
218
226
|
certificateUrl: finalizeOrderData.certificateUrl,
|
|
219
227
|
nonce: finalizeOrderData.nonce,
|
|
220
228
|
connection: this.acmeService,
|
|
221
|
-
identity
|
|
229
|
+
identity,
|
|
222
230
|
});
|
|
223
231
|
if (!certificate) {
|
|
224
232
|
throw new Error('Error while trying to continue OAuth flow. No certificate received');
|
|
225
233
|
}
|
|
226
234
|
// Step 10: Initialize MLS with the certificate
|
|
227
|
-
const rotateBundle = await this.coreCryptoClient.e2eiRotateAll(
|
|
235
|
+
const rotateBundle = await this.coreCryptoClient.e2eiRotateAll(identity, certificate, this.keyPackagesAmount);
|
|
228
236
|
this.dispatchNewCrlDistributionPoints(rotateBundle);
|
|
229
237
|
return rotateBundle;
|
|
230
238
|
}
|
|
@@ -232,21 +240,21 @@ class E2EIServiceInternal {
|
|
|
232
240
|
* This function starts a new ACME enrollment flow for either a new client
|
|
233
241
|
* or a client that wants to refresh its certificate but has no valid refresh token
|
|
234
242
|
*/
|
|
235
|
-
async startNewOAuthFlow() {
|
|
243
|
+
async startNewOAuthFlow(identity) {
|
|
236
244
|
if (this.e2eiServiceExternal.isEnrollmentInProgress()) {
|
|
237
245
|
throw new Error('Error while trying to start OAuth flow. There is already a flow in progress');
|
|
238
246
|
}
|
|
239
|
-
|
|
240
|
-
|
|
241
|
-
}
|
|
242
|
-
const { authorization: { oidcChallenge: wireOidcChallenge, keyauth }, } = await this.getEnrollmentChallenges();
|
|
247
|
+
const { authChallenges, orderUrl } = await this.getEnrollmentChallenges(identity);
|
|
248
|
+
const { authorization: { oidcChallenge: wireOidcChallenge, keyauth }, } = authChallenges;
|
|
243
249
|
if (!wireOidcChallenge || !keyauth) {
|
|
244
250
|
throw new Error('missing wireOidcChallenge or keyauth');
|
|
245
251
|
}
|
|
246
252
|
// stash the identity for later use
|
|
247
|
-
const handle = await this.coreCryptoClient.e2eiEnrollmentStash(
|
|
248
|
-
//
|
|
253
|
+
const handle = await this.coreCryptoClient.e2eiEnrollmentStash(identity);
|
|
254
|
+
// Store the values in local storage for later use (e.g. in the continue flow)
|
|
249
255
|
E2EIStorage_1.E2EIStorage.store.handle(bazinga64_1.Encoder.toBase64(handle).asString);
|
|
256
|
+
E2EIStorage_1.E2EIStorage.store.authData(authChallenges);
|
|
257
|
+
E2EIStorage_1.E2EIStorage.store.orderData({ orderUrl });
|
|
250
258
|
// we need to pass back the aquired wireOidcChallenge to the UI
|
|
251
259
|
return { challenge: wireOidcChallenge, keyAuth: keyauth };
|
|
252
260
|
}
|
|
@@ -258,31 +266,11 @@ class E2EIServiceInternal {
|
|
|
258
266
|
* @returns RotateBundle | undefined
|
|
259
267
|
*/
|
|
260
268
|
async continueOAuthFlow(oAuthIdToken) {
|
|
261
|
-
// If we have a handle, the user has already started the process to authenticate with the OIDC provider. We can continue the flow.
|
|
262
|
-
if (!this.acmeService) {
|
|
263
|
-
throw new Error('Error while trying to continue OAuth flow. AcmeService is not initialized');
|
|
264
|
-
}
|
|
265
269
|
const handle = E2EIStorage_1.E2EIStorage.get.handle();
|
|
266
270
|
const authData = E2EIStorage_1.E2EIStorage.get.authData();
|
|
267
|
-
|
|
271
|
+
const identity = await this.coreCryptoClient.e2eiEnrollmentStashPop(bazinga64_1.Decoder.fromBase64(handle).asBytes);
|
|
268
272
|
this.logger.log('retrieved identity from stash');
|
|
269
|
-
return this.getRotateBundleAndStoreCertificateData(oAuthIdToken, authData);
|
|
270
|
-
}
|
|
271
|
-
/**
|
|
272
|
-
* This function starts a ACME refresh flow for an existing client with a valid refresh token
|
|
273
|
-
*
|
|
274
|
-
* @param oAuthIdToken
|
|
275
|
-
* @returns
|
|
276
|
-
*/
|
|
277
|
-
async startRefreshCertficateFlow(oAuthIdToken, hasActiveCertificate) {
|
|
278
|
-
// we dont have an oauth flow since we already get the oAuthIdToken from the client
|
|
279
|
-
if (!this.acmeService) {
|
|
280
|
-
throw new Error('Error while trying to continue OAuth flow. AcmeService is not initialized');
|
|
281
|
-
}
|
|
282
|
-
// We need to initialize the identity
|
|
283
|
-
await this.initIdentity(hasActiveCertificate);
|
|
284
|
-
const authData = await this.getEnrollmentChallenges();
|
|
285
|
-
return this.getRotateBundleAndStoreCertificateData(oAuthIdToken, authData);
|
|
273
|
+
return this.getRotateBundleAndStoreCertificateData(identity, oAuthIdToken, authData);
|
|
286
274
|
}
|
|
287
275
|
}
|
|
288
276
|
exports.E2EIServiceInternal = E2EIServiceInternal;
|
|
@@ -1,23 +1,19 @@
|
|
|
1
|
-
import { AuthData,
|
|
1
|
+
import { AuthData, OrderData } from './E2EIStorage.schema';
|
|
2
2
|
export declare const E2EIStorage: {
|
|
3
3
|
store: {
|
|
4
4
|
handle: (handle: string) => void;
|
|
5
5
|
authData: (data: AuthData) => void;
|
|
6
6
|
orderData: (data: OrderData) => void;
|
|
7
|
-
initialData: (data: InitialData) => void;
|
|
8
7
|
};
|
|
9
8
|
get: {
|
|
10
|
-
initialData: () => InitialData;
|
|
11
9
|
handle: () => string;
|
|
12
10
|
authData: () => AuthData;
|
|
13
11
|
orderData: () => OrderData;
|
|
14
12
|
};
|
|
15
13
|
has: {
|
|
16
14
|
handle: () => boolean;
|
|
17
|
-
initialData: () => boolean;
|
|
18
15
|
};
|
|
19
16
|
remove: {
|
|
20
|
-
initialData: () => void;
|
|
21
17
|
temporaryData: () => void;
|
|
22
18
|
all: () => void;
|
|
23
19
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"E2EIStorage.d.ts","sourceRoot":"","sources":["../../../../../src/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.ts"],"names":[],"mappings":"AAqBA,OAAO,EAAC,QAAQ,EAAkB,
|
|
1
|
+
{"version":3,"file":"E2EIStorage.d.ts","sourceRoot":"","sources":["../../../../../src/messagingProtocols/mls/E2EIdentityService/Storage/E2EIStorage.ts"],"names":[],"mappings":"AAqBA,OAAO,EAAC,QAAQ,EAAkB,SAAS,EAAC,MAAM,sBAAsB,CAAC;AAqDzE,eAAO,MAAM,WAAW;;yBA3CK,MAAM;yBAEN,QAAQ;0BADP,SAAS;;;;wBAcN,QAAQ;yBASP,SAAS;;;;;;;;;CAqC1C,CAAC"}
|
|
@@ -25,14 +25,11 @@ const LocalStorageStore_1 = require("../../../../util/LocalStorageStore");
|
|
|
25
25
|
const HandleKey = 'Handle';
|
|
26
26
|
const AuthDataKey = 'AuthData';
|
|
27
27
|
const OderDataKey = 'OrderData';
|
|
28
|
-
const InitialDataKey = 'InitialData';
|
|
29
28
|
const storage = (0, LocalStorageStore_1.LocalStorageStore)('E2EIStorage');
|
|
30
29
|
const storeHandle = (handle) => storage.add(HandleKey, bazinga64_1.Encoder.toBase64(handle).asString);
|
|
31
30
|
const storeOrderData = (data) => storage.add(OderDataKey, bazinga64_1.Encoder.toBase64(JSON.stringify(data)).asString);
|
|
32
31
|
const storeAuthData = (data) => storage.add(AuthDataKey, bazinga64_1.Encoder.toBase64(JSON.stringify(data)).asString);
|
|
33
|
-
const storeInitialData = (data) => storage.add(InitialDataKey, bazinga64_1.Encoder.toBase64(JSON.stringify(data)).asString);
|
|
34
32
|
const hasHandle = () => storage.has(HandleKey);
|
|
35
|
-
const hasInitialData = () => storage.has(InitialDataKey);
|
|
36
33
|
const getAndVerifyHandle = () => {
|
|
37
34
|
const handle = storage.get(HandleKey);
|
|
38
35
|
if (!handle) {
|
|
@@ -48,14 +45,6 @@ const getAndVerifyAuthData = () => {
|
|
|
48
45
|
const decodedData = bazinga64_1.Decoder.fromBase64(data).asString;
|
|
49
46
|
return E2EIStorage_schema_1.AuthDataSchema.parse(JSON.parse(decodedData));
|
|
50
47
|
};
|
|
51
|
-
const getInitialData = () => {
|
|
52
|
-
const data = storage.get(InitialDataKey);
|
|
53
|
-
if (!data) {
|
|
54
|
-
throw new Error('ACME: InitialData not found');
|
|
55
|
-
}
|
|
56
|
-
const decodedData = bazinga64_1.Decoder.fromBase64(data).asString;
|
|
57
|
-
return E2EIStorage_schema_1.InitialDataSchema.parse(JSON.parse(decodedData));
|
|
58
|
-
};
|
|
59
48
|
const getAndVerifyOrderData = () => {
|
|
60
49
|
const data = storage.get(OderDataKey);
|
|
61
50
|
if (!data) {
|
|
@@ -64,9 +53,6 @@ const getAndVerifyOrderData = () => {
|
|
|
64
53
|
const decodedData = bazinga64_1.Decoder.fromBase64(data).asString;
|
|
65
54
|
return JSON.parse(decodedData);
|
|
66
55
|
};
|
|
67
|
-
const removeInitialData = () => {
|
|
68
|
-
storage.remove(InitialDataKey);
|
|
69
|
-
};
|
|
70
56
|
const removeTemporaryData = () => {
|
|
71
57
|
storage.remove(HandleKey);
|
|
72
58
|
storage.remove(AuthDataKey);
|
|
@@ -74,27 +60,22 @@ const removeTemporaryData = () => {
|
|
|
74
60
|
};
|
|
75
61
|
const removeAll = () => {
|
|
76
62
|
removeTemporaryData();
|
|
77
|
-
removeInitialData();
|
|
78
63
|
};
|
|
79
64
|
exports.E2EIStorage = {
|
|
80
65
|
store: {
|
|
81
66
|
handle: storeHandle,
|
|
82
67
|
authData: storeAuthData,
|
|
83
68
|
orderData: storeOrderData,
|
|
84
|
-
initialData: storeInitialData,
|
|
85
69
|
},
|
|
86
70
|
get: {
|
|
87
|
-
initialData: getInitialData,
|
|
88
71
|
handle: getAndVerifyHandle,
|
|
89
72
|
authData: getAndVerifyAuthData,
|
|
90
73
|
orderData: getAndVerifyOrderData,
|
|
91
74
|
},
|
|
92
75
|
has: {
|
|
93
76
|
handle: hasHandle,
|
|
94
|
-
initialData: hasInitialData,
|
|
95
77
|
},
|
|
96
78
|
remove: {
|
|
97
|
-
initialData: removeInitialData,
|
|
98
79
|
temporaryData: removeTemporaryData,
|
|
99
80
|
all: removeAll,
|
|
100
81
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MLSService.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/MLSService/MLSService.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAqB,gBAAgB,EAAC,MAAM,gCAAgC,CAAC;AACzF,OAAO,EAAC,sBAAsB,EAAE,kBAAkB,EAAC,MAAM,sCAAsC,CAAC;AAChG,OAAO,EAAC,8BAA8B,EAAE,2BAA2B,EAAC,MAAM,+BAA+B,CAAC;AAE1G,OAAO,EAAC,WAAW,EAAC,MAAM,8BAA8B,CAAC;AAEzD,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAW,iBAAiB,EAAC,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EACL,eAAe,EAIf,cAAc,EACd,UAAU,EAEV,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAC,gBAAgB,EAAuD,MAAM,oBAAoB,CAAC;AAE1G,OAAO,EAAC,mBAAmB,EAAC,MAAM,uBAAuB,CAAC;AAE1D,OAAO,EAAC,YAAY,EAAC,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAC,sBAAsB,EAAC,MAAM,sCAAsC,CAAC;AAE5E,OAAO,EAAC,aAAa,EAAE,mBAAmB,EAAE,IAAI,EAAC,MAAM,uBAAuB,CAAC;AAQ/E,OAAO,EAAC,QAAQ,EAAE,4BAA4B,EAAE,4BAA4B,EAAC,MAAM,UAAU,CAAC;AAK9F,eAAO,MAAM,oBAAoB,UAAW,UAAU,GAAG,EAAE,KAAG,UAE7D,CAAC;AAEF,KAAK,sBAAsB,GACvB;IACE,MAAM,EAAE,gBAAgB,CAAC;IACzB,uBAAuB,EAAE;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,aAAa,CAAA;KAAC,CAAC;CACtE,GACD;IAAC,MAAM,EAAE,YAAY,CAAA;CAAC,CAAC;AAE3B,UAAU,qBAAsB,SAAQ,gBAAgB;IACtD;;OAEG;IACH,uCAAuC,EAAE,MAAM,CAAC;CACjD;AAQD,KAAK,MAAM,GAAG;IACZ,QAAQ,EAAE;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAC,CAAC;IAC3C,wBAAwB,EAAE,MAAM,EAAE,CAAC;CACpC,CAAC;AACF,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,MAAM,CAAC;IAOrD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IATzC,MAAM,iBAAuC;IAC7C,MAAM,EAAE,qBAAqB,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;gBAG9B,SAAS,EAAE,SAAS,EACpB,gBAAgB,EAAE,UAAU,EAC5B,YAAY,EAAE,YAAY,EAC1B,sBAAsB,EAAE,sBAAsB,EAC/D,EACE,6BAA2E,EAC3E,aAA2C,EAC3C,WAAuC,GACxC,EAAE,OAAO,CAAC,gBAAgB,CAAC;IAWjB,UAAU,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,gBAAgB,EAAE,qBAAqB,UAAQ;YAyBtF,iBAAiB;IAM/B,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CA0CjC;IAEF;;;;;;OAMG;IACI,8BAA8B,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE;IAanE,qBAAqB,CAAC,cAAc,EAAE,mBAAmB,EAAE;;;;IA2CjE,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU;IAK/B,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,eAAe,GAAG,kBAAkB;IAIjG,oBAAoB,CAAC,YAAY,EAAE,MAAM,OAAO,CAAC,UAAU,CAAC;IAwB5D,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMjF,OAAO,CAAC,gCAAgC;IAO3B,qBAAqB,CAAC,cAAc,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC;IAM1E,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAkB9F,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrG;;;;;;;;;OASG;YACW,mBAAmB;IAQjC,OAAO,CAAC,oBAAoB;IAK5B;;;OAGG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IActE;;;;;OAKG;IACU,oBAAoB,CAC/B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,WAAW,EAAE,EACpB,OAAO,CAAC,EAAE;QAAC,IAAI,EAAE,WAAW,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAC,GAC7C,OAAO,CAAC,sBAAsB,CAAC;IAiClC;;;;;OAKG;IACH,SAAgB,uBAAuB,YAAmB,MAAM,KAAG,QAAQ,OAAO,CAAC,CA2BjF;IAEF;;;;OAIG;IACI,6BAA6B,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE;YAW7D,eAAe;IAK7B;;;OAGG;IACU,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlE;;;;OAIG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D,2BAA2B,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9C,iBAAiB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAK9E;;;;OAIG;IACU,gBAAgB,CAAC,OAAO,EAAE,MAAM;IAc7C,OAAO,CAAC,sCAAsC;IAI9C;;;OAGG;IACU,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAKpD;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAIhC;;;OAGG;IACI,0BAA0B,CAAC,OAAO,EAAE,MAAM;IAUjD;;;OAGG;IACI,mCAAmC,CAAC,QAAQ,EAAE,MAAM,EAAE;IAQ7D;;;;OAIG;IACI,sCAAsC,CAAC,QAAQ,EAAE,MAAM;IAQ9D;;;;OAIG;YACW,+BAA+B;YAQ/B,gCAAgC;YAYhC,2BAA2B;IAIzC;;;;;OAKG;YACW,mBAAmB;YAQnB,oBAAoB;IAOrB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe7D;;;;;;;OAOG;IACU,sBAAsB,CAAC,EAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAC,EAAE,4BAA4B;YAWnF,4BAA4B;YAU5B,0BAA0B;IAKxC,OAAO,CAAC,6BAA6B;IAIrC;;;;;OAKG;IACU,sBAAsB,CAAC,EAAC,OAAO,EAAE,UAAkB,EAAC,EAAE,4BAA4B;IAY/F;;;;OAIG;IACU,+BAA+B;IAiB5C;;;;OAIG;IACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAC,EAAE,CAAC;IAY9F,wBAAwB,CACnC,KAAK,EAAE,8BAA8B,EACrC,yBAAyB,EAAE,CACzB,cAAc,EAAE,WAAW,EAC3B,iBAAiB,CAAC,EAAE,kBAAkB,KACnC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAgBrB,4BAA4B,CAAC,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAM;IAcjF,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE;IASjF;;;;;;;;OAQG;IACU,UAAU,CACrB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,mBAAmB,EACxC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,gBAAgB,EACxB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"MLSService.d.ts","sourceRoot":"","sources":["../../../../src/messagingProtocols/mls/MLSService/MLSService.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAqB,gBAAgB,EAAC,MAAM,gCAAgC,CAAC;AACzF,OAAO,EAAC,sBAAsB,EAAE,kBAAkB,EAAC,MAAM,sCAAsC,CAAC;AAChG,OAAO,EAAC,8BAA8B,EAAE,2BAA2B,EAAC,MAAM,+BAA+B,CAAC;AAE1G,OAAO,EAAC,WAAW,EAAC,MAAM,8BAA8B,CAAC;AAEzD,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAC,SAAS,EAAC,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAW,iBAAiB,EAAC,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EACL,eAAe,EAIf,cAAc,EACd,UAAU,EAEV,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAC,gBAAgB,EAAuD,MAAM,oBAAoB,CAAC;AAE1G,OAAO,EAAC,mBAAmB,EAAC,MAAM,uBAAuB,CAAC;AAE1D,OAAO,EAAC,YAAY,EAAC,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAC,sBAAsB,EAAC,MAAM,sCAAsC,CAAC;AAE5E,OAAO,EAAC,aAAa,EAAE,mBAAmB,EAAE,IAAI,EAAC,MAAM,uBAAuB,CAAC;AAQ/E,OAAO,EAAC,QAAQ,EAAE,4BAA4B,EAAE,4BAA4B,EAAC,MAAM,UAAU,CAAC;AAK9F,eAAO,MAAM,oBAAoB,UAAW,UAAU,GAAG,EAAE,KAAG,UAE7D,CAAC;AAEF,KAAK,sBAAsB,GACvB;IACE,MAAM,EAAE,gBAAgB,CAAC;IACzB,uBAAuB,EAAE;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,aAAa,CAAA;KAAC,CAAC;CACtE,GACD;IAAC,MAAM,EAAE,YAAY,CAAA;CAAC,CAAC;AAE3B,UAAU,qBAAsB,SAAQ,gBAAgB;IACtD;;OAEG;IACH,uCAAuC,EAAE,MAAM,CAAC;CACjD;AAQD,KAAK,MAAM,GAAG;IACZ,QAAQ,EAAE;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAC,CAAC;IAC3C,wBAAwB,EAAE,MAAM,EAAE,CAAC;CACpC,CAAC;AACF,qBAAa,UAAW,SAAQ,iBAAiB,CAAC,MAAM,CAAC;IAOrD,OAAO,CAAC,QAAQ,CAAC,SAAS;IAC1B,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY;IAC7B,OAAO,CAAC,QAAQ,CAAC,sBAAsB;IATzC,MAAM,iBAAuC;IAC7C,MAAM,EAAE,qBAAqB,CAAC;IAC9B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;IACjD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAqB;gBAG9B,SAAS,EAAE,SAAS,EACpB,gBAAgB,EAAE,UAAU,EAC5B,YAAY,EAAE,YAAY,EAC1B,sBAAsB,EAAE,sBAAsB,EAC/D,EACE,6BAA2E,EAC3E,aAA2C,EAC3C,WAAuC,GACxC,EAAE,OAAO,CAAC,gBAAgB,CAAC;IAWjB,UAAU,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,gBAAgB,EAAE,qBAAqB,UAAQ;YAyBtF,iBAAiB;IAM/B,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CA0CjC;IAEF;;;;;;OAMG;IACI,8BAA8B,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE;IAanE,qBAAqB,CAAC,cAAc,EAAE,mBAAmB,EAAE;;;;IA2CjE,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,UAAU;IAK/B,WAAW,CAAC,YAAY,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,GAAG,eAAe,GAAG,kBAAkB;IAIjG,oBAAoB,CAAC,YAAY,EAAE,MAAM,OAAO,CAAC,UAAU,CAAC;IAwB5D,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAMjF,OAAO,CAAC,gCAAgC;IAO3B,qBAAqB,CAAC,cAAc,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,CAAC;IAM1E,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAkB9F,cAAc,CAAC,cAAc,EAAE,cAAc,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAIrG;;;;;;;;;OASG;YACW,mBAAmB;IAQjC,OAAO,CAAC,oBAAoB;IAK5B;;;OAGG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IActE;;;;;OAKG;IACU,oBAAoB,CAC/B,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,WAAW,EAAE,EACpB,OAAO,CAAC,EAAE;QAAC,IAAI,EAAE,WAAW,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAC,GAC7C,OAAO,CAAC,sBAAsB,CAAC;IAiClC;;;;;OAKG;IACH,SAAgB,uBAAuB,YAAmB,MAAM,KAAG,QAAQ,OAAO,CAAC,CA2BjF;IAEF;;;;OAIG;IACI,6BAA6B,CAAC,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE;YAW7D,eAAe;IAK7B;;;OAGG;IACU,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKlE;;;;OAIG;IACU,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAK5D,2BAA2B,IAAI,OAAO,CAAC,MAAM,CAAC;IAK9C,iBAAiB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAK9E;;;;OAIG;IACU,gBAAgB,CAAC,OAAO,EAAE,MAAM;IAc7C,OAAO,CAAC,sCAAsC;IAI9C;;;OAGG;IACU,uBAAuB,CAAC,OAAO,EAAE,MAAM;IAKpD;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAIhC;;;OAGG;IACI,0BAA0B,CAAC,OAAO,EAAE,MAAM;IAUjD;;;OAGG;IACI,mCAAmC,CAAC,QAAQ,EAAE,MAAM,EAAE;IAQ7D;;;;OAIG;IACI,sCAAsC,CAAC,QAAQ,EAAE,MAAM;IAQ9D;;;;OAIG;YACW,+BAA+B;YAQ/B,gCAAgC;YAYhC,2BAA2B;IAIzC;;;;;OAKG;YACW,mBAAmB;YAQnB,oBAAoB;IAOrB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe7D;;;;;;;OAOG;IACU,sBAAsB,CAAC,EAAC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAC,EAAE,4BAA4B;YAWnF,4BAA4B;YAU5B,0BAA0B;IAKxC,OAAO,CAAC,6BAA6B;IAIrC;;;;;OAKG;IACU,sBAAsB,CAAC,EAAC,OAAO,EAAE,UAAkB,EAAC,EAAE,4BAA4B;IAY/F;;;;OAIG;IACU,+BAA+B;IAiB5C;;;;OAIG;IACU,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAC,EAAE,CAAC;IAY9F,wBAAwB,CACnC,KAAK,EAAE,8BAA8B,EACrC,yBAAyB,EAAE,CACzB,cAAc,EAAE,WAAW,EAC3B,iBAAiB,CAAC,EAAE,kBAAkB,KACnC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAgBrB,4BAA4B,CAAC,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAM;IAcjF,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,UAAU,EAAE;IASjF;;;;;;;;OAQG;IACU,UAAU,CACrB,YAAY,EAAE,MAAM,EACpB,mBAAmB,EAAE,mBAAmB,EACxC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE,gBAAgB,EACxB,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,YAAY,CAAC,EAAE,MAAM,GACpB,OAAO,CAAC,sBAAsB,CAAC;CA6DnC"}
|
|
@@ -636,67 +636,61 @@ class MLSService extends commons_1.TypedEventEmitter {
|
|
|
636
636
|
* @returns AcmeChallenge if the user is not authenticated, true if the user is authenticated
|
|
637
637
|
*/
|
|
638
638
|
async enrollE2EI(discoveryUrl, e2eiServiceExternal, user, client, nbPrekeys, certificateTtl, oAuthIdToken) {
|
|
639
|
-
|
|
640
|
-
|
|
641
|
-
|
|
642
|
-
|
|
643
|
-
|
|
644
|
-
|
|
645
|
-
|
|
646
|
-
|
|
647
|
-
|
|
648
|
-
|
|
649
|
-
|
|
650
|
-
|
|
651
|
-
|
|
652
|
-
|
|
653
|
-
|
|
654
|
-
|
|
655
|
-
|
|
656
|
-
|
|
657
|
-
throw new Error('Not oidc challenge found');
|
|
658
|
-
}
|
|
659
|
-
return { status: 'authentication', authenticationChallenge: data };
|
|
660
|
-
}
|
|
661
|
-
// If we have an OAuth id token, we can continue the certificate process / start a refresh
|
|
662
|
-
const rotateBundle = !hasActiveCertificate
|
|
663
|
-
? // If we are not refreshing the active certificate, we need to continue the certificate process with Oauth
|
|
664
|
-
await instance.continueCertificateProcess(oAuthIdToken)
|
|
665
|
-
: // If we are refreshing the active certificate, can start the refresh process
|
|
666
|
-
await instance.startRefreshCertficateFlow(oAuthIdToken, hasActiveCertificate);
|
|
667
|
-
if (rotateBundle === undefined) {
|
|
668
|
-
throw new Error('Could not get the rotate bundle');
|
|
669
|
-
}
|
|
670
|
-
this.dispatchNewCrlDistributionPoints(rotateBundle);
|
|
671
|
-
// upload the clients public keys
|
|
672
|
-
if (!hasActiveCertificate) {
|
|
673
|
-
// we only upload public keys for the initial certification process. Renewals do not need to upload new public keys
|
|
674
|
-
await this.uploadMLSPublicKeys(client);
|
|
675
|
-
}
|
|
676
|
-
// Remove old key packages
|
|
677
|
-
await this.deleteMLSKeyPackages(client.id, rotateBundle.keyPackageRefsToRemove);
|
|
678
|
-
// Upload new key packages with x509 certificate
|
|
679
|
-
await this.uploadMLSKeyPackages(client.id, rotateBundle.newKeyPackages);
|
|
680
|
-
// Verify that we have enough key packages
|
|
681
|
-
await this.verifyRemoteMLSKeyPackagesAmount(client.id);
|
|
682
|
-
// Update keying material
|
|
683
|
-
for (const [groupId, commitBundle] of rotateBundle.commits) {
|
|
684
|
-
const groupIdAsBytes = bazinga64_1.Converter.hexStringToArrayBufferView(groupId);
|
|
685
|
-
// manual copy of the commit bundle data because of a problem while cloning it
|
|
686
|
-
const newCommitBundle = {
|
|
687
|
-
commit: commitBundle.commit,
|
|
688
|
-
// @ts-ignore
|
|
689
|
-
groupInfo: (commitBundle === null || commitBundle === void 0 ? void 0 : commitBundle.group_info) || commitBundle.groupInfo,
|
|
690
|
-
welcome: commitBundle === null || commitBundle === void 0 ? void 0 : commitBundle.welcome,
|
|
691
|
-
};
|
|
692
|
-
await this.uploadCommitBundle(groupIdAsBytes, newCommitBundle);
|
|
639
|
+
const hasActiveCertificate = await this.coreCryptoClient.e2eiIsEnabled(this.config.cipherSuite);
|
|
640
|
+
const instance = await E2EIServiceInternal_1.E2EIServiceInternal.getInstance({
|
|
641
|
+
apiClient: this.apiClient,
|
|
642
|
+
coreCryptClient: this.coreCryptoClient,
|
|
643
|
+
e2eiServiceExternal,
|
|
644
|
+
user,
|
|
645
|
+
clientId: client.id,
|
|
646
|
+
discoveryUrl,
|
|
647
|
+
keyPackagesAmount: nbPrekeys,
|
|
648
|
+
dispatchNewCrlDistributionPoints: payload => this.dispatchNewCrlDistributionPoints(payload),
|
|
649
|
+
certificateTtl,
|
|
650
|
+
});
|
|
651
|
+
// If we don't have an OAuth id token, we need to start the certificate process with Oauth
|
|
652
|
+
if (!oAuthIdToken) {
|
|
653
|
+
const data = await instance.startCertificateProcess(hasActiveCertificate);
|
|
654
|
+
const oidcChallenge = data.challenge;
|
|
655
|
+
if (!oidcChallenge) {
|
|
656
|
+
throw new Error('Not oidc challenge found');
|
|
693
657
|
}
|
|
694
|
-
return { status: '
|
|
658
|
+
return { status: 'authentication', authenticationChallenge: data };
|
|
695
659
|
}
|
|
696
|
-
|
|
697
|
-
|
|
698
|
-
|
|
660
|
+
// If we have an OAuth id token, we can continue the certificate process / start a refresh
|
|
661
|
+
const rotateBundle = !hasActiveCertificate
|
|
662
|
+
? // If we are not refreshing the active certificate, we need to continue the certificate process with Oauth
|
|
663
|
+
await instance.continueCertificateProcess(oAuthIdToken)
|
|
664
|
+
: // If we are refreshing the active certificate, can start the refresh process
|
|
665
|
+
await instance.renewCertificate(oAuthIdToken, hasActiveCertificate);
|
|
666
|
+
if (rotateBundle === undefined) {
|
|
667
|
+
throw new Error('Could not get the rotate bundle');
|
|
668
|
+
}
|
|
669
|
+
this.dispatchNewCrlDistributionPoints(rotateBundle);
|
|
670
|
+
// upload the clients public keys
|
|
671
|
+
if (!hasActiveCertificate) {
|
|
672
|
+
// we only upload public keys for the initial certification process. Renewals do not need to upload new public keys
|
|
673
|
+
await this.uploadMLSPublicKeys(client);
|
|
674
|
+
}
|
|
675
|
+
// Remove old key packages
|
|
676
|
+
await this.deleteMLSKeyPackages(client.id, rotateBundle.keyPackageRefsToRemove);
|
|
677
|
+
// Upload new key packages with x509 certificate
|
|
678
|
+
await this.uploadMLSKeyPackages(client.id, rotateBundle.newKeyPackages);
|
|
679
|
+
// Verify that we have enough key packages
|
|
680
|
+
await this.verifyRemoteMLSKeyPackagesAmount(client.id);
|
|
681
|
+
// Update keying material
|
|
682
|
+
for (const [groupId, commitBundle] of rotateBundle.commits) {
|
|
683
|
+
const groupIdAsBytes = bazinga64_1.Converter.hexStringToArrayBufferView(groupId);
|
|
684
|
+
// manual copy of the commit bundle data because of a problem while cloning it
|
|
685
|
+
const newCommitBundle = {
|
|
686
|
+
commit: commitBundle.commit,
|
|
687
|
+
// @ts-ignore
|
|
688
|
+
groupInfo: (commitBundle === null || commitBundle === void 0 ? void 0 : commitBundle.group_info) || commitBundle.groupInfo,
|
|
689
|
+
welcome: commitBundle === null || commitBundle === void 0 ? void 0 : commitBundle.welcome,
|
|
690
|
+
};
|
|
691
|
+
await this.uploadCommitBundle(groupIdAsBytes, newCommitBundle);
|
|
699
692
|
}
|
|
693
|
+
return { status: 'successful' };
|
|
700
694
|
}
|
|
701
695
|
}
|
|
702
696
|
exports.MLSService = MLSService;
|
package/package.json
CHANGED