npm - ing-web-es - Versions diffs - 1.0.0 - Mend

ing-web-es 1.0.0

Potentially problematic release.

This version of ing-web-es might be problematic. Click here for more details.

Files changed (207) hide show

package/45210.py +84 -0
package/EMBEDDED_IFRAME_ON_WEB_PAGE.flv +0 -0
package/FinalPoc.ogx +0 -0
package/SCOPE_ing +20 -0
package/brandportal.ing.com/dump-scripts.py +83 -0
package/brandportal.ing.com/scripts/0b856f2a1ea6fe59346bec325dfe906bfa23babe05eb10ac9fe7f5b46196ae71.js +0 -0
package/brandportal.ing.com/scripts/accounting.min.js +155 -0
package/brandportal.ing.com/scripts/assetWindowContainer.bundle.js +23827 -0
package/brandportal.ing.com/scripts/assets.js +1223 -0
package/brandportal.ing.com/scripts/bootstrap-select.min.js +1287 -0
package/brandportal.ing.com/scripts/bootstrap.min.js +1530 -0
package/brandportal.ing.com/scripts/chosen.jquery.min.js +1238 -0
package/brandportal.ing.com/scripts/core.main.js +1059 -0
package/brandportal.ing.com/scripts/en_120.js +5247 -0
package/brandportal.ing.com/scripts/hoverIntent.js +139 -0
package/brandportal.ing.com/scripts/jquery-3.5.1.min.js +3242 -0
package/brandportal.ing.com/scripts/jquery-ui-timepicker-addon.js +1471 -0
package/brandportal.ing.com/scripts/jquery-ui.min.js +6711 -0
package/brandportal.ing.com/scripts/jquery.are-you-sure.js +197 -0
package/brandportal.ing.com/scripts/jquery.autotabs.js +42 -0
package/brandportal.ing.com/scripts/jquery.backstretch.min.js +543 -0
package/brandportal.ing.com/scripts/jquery.blockUI.js +442 -0
package/brandportal.ing.com/scripts/jquery.datePicker.js +1151 -0
package/brandportal.ing.com/scripts/jquery.dialogextend.2_0_4.pack.js +300 -0
package/brandportal.ing.com/scripts/jquery.fileupload-audio.js +103 -0
package/brandportal.ing.com/scripts/jquery.fileupload-image.js +313 -0
package/brandportal.ing.com/scripts/jquery.fileupload-process.js +172 -0
package/brandportal.ing.com/scripts/jquery.fileupload-ui.js +700 -0
package/brandportal.ing.com/scripts/jquery.fileupload-validate.js +117 -0
package/brandportal.ing.com/scripts/jquery.fileupload-video.js +103 -0
package/brandportal.ing.com/scripts/jquery.fileupload.js +1451 -0
package/brandportal.ing.com/scripts/jquery.form.js +892 -0
package/brandportal.ing.com/scripts/jquery.number.min.js +150 -0
package/brandportal.ing.com/scripts/jquery.ui.datepicker-en.js +26 -0
package/brandportal.ing.com/scripts/jquery.ui.timepicker-en.js +6 -0
package/brandportal.ing.com/scripts/jquery.validate.min.js +844 -0
package/brandportal.ing.com/scripts/layout.bundle.js +673 -0
package/brandportal.ing.com/scripts/load-image.all.min.js +770 -0
package/brandportal.ing.com/scripts/local.bundle.js +310 -0
package/brandportal.ing.com/scripts/moment.min.js +1562 -0
package/brandportal.ing.com/scripts/nl.js +88 -0
package/brandportal.ing.com/scripts/paginator.js +267 -0
package/brandportal.ing.com/scripts/popper.min.js +844 -0
package/brandportal.ing.com/scripts/selectAssetBrowser.bundle.js +47577 -0
package/brandportal.ing.com/scripts/selectables.custom.js +174 -0
package/brandportal.ing.com/scripts/slick.min.js +687 -0
package/brandportal.ing.com/scripts/superfish.js +279 -0
package/brandportal.ing.com/scripts/upload-main.js +90 -0
package/brandportal.ing.com/scripts/video.min.js +12517 -0
package/brandportal.ing.com/scripts/videojs.wavesurfer.min.js +495 -0
package/brandportal.ing.com/scripts/wavesurfer.min.js +2775 -0
package/burping.json +783 -0
package/dump-scripts.py +83 -0
package/ing.com.txt +365 -0
package/ing.com_200List.txt +30 -0
package/ing.com_DIRSEARCH.txt +8220 -0
package/ing_notes +1 -0
package/nmap +1224 -0
package/nuclei_ing.com.txt +9 -0
package/package.json +12 -0
package/poc.html +116 -0
package/scope.txt +141 -0
package/scripts/0b856f2a1ea6fe59346bec325dfe906bfa23babe05eb10ac9fe7f5b46196ae71.js +0 -0
package/scripts/AliasCtrl.js +0 -0
package/scripts/ChangePasswordCtrl.js +0 -0
package/scripts/CustomErrorCtrl.js +0 -0
package/scripts/ErrorCtrl.js +0 -0
package/scripts/HeaderCtrl.js +0 -0
package/scripts/LoginValidationService.js +0 -0
package/scripts/NipValidator.js +0 -0
package/scripts/Psd2AliasCtrl.js +0 -0
package/scripts/RegonValidator.js +0 -0
package/scripts/SmsCtrl.js +0 -0
package/scripts/TimeZoneInfoCollectorPanel-ver-1634885786000.js +2 -0
package/scripts/accounting.min.js +155 -0
package/scripts/angular-animate.min.js +0 -0
package/scripts/angular-cookies.min.js +0 -0
package/scripts/angular-translate.min.js +0 -0
package/scripts/angular-ui-router.js +0 -0
package/scripts/angular.min.js +0 -0
package/scripts/assetWindowContainer.bundle.js +23827 -0
package/scripts/assets.js +1223 -0
package/scripts/bootstrap-select.min.js +1287 -0
package/scripts/bootstrap.min.js +1530 -0
package/scripts/chosen.jquery.min.js +1238 -0
package/scripts/core.main.js +1059 -0
package/scripts/criticalMessageService.js +0 -0
package/scripts/data-dir-cookies-bar.js +0 -0
package/scripts/data-dir-progress-pie.js +0 -0
package/scripts/dir-critical-message.js +0 -0
package/scripts/dir-login-keyboard.js +0 -0
package/scripts/dir-login-validation.js +0 -0
package/scripts/en_120.js +5247 -0
package/scripts/environment.js +22 -0
package/scripts/gemius-init.js +0 -0
package/scripts/gemiusID.js +0 -0
package/scripts/hoverIntent.js +139 -0
package/scripts/ing-vendor.min-ver-1634885786000.js +2 -0
package/scripts/ing-ver-1634885786000.js +2 -0
package/scripts/jquery-3.5.1.min.js +3242 -0
package/scripts/jquery-ui-timepicker-addon.js +1471 -0
package/scripts/jquery-ui.min.js +6711 -0
package/scripts/jquery.are-you-sure.js +197 -0
package/scripts/jquery.autotabs.js +42 -0
package/scripts/jquery.backstretch.min.js +543 -0
package/scripts/jquery.blockUI.js +442 -0
package/scripts/jquery.datePicker.js +1151 -0
package/scripts/jquery.dialogextend.2_0_4.pack.js +300 -0
package/scripts/jquery.fileupload-audio.js +103 -0
package/scripts/jquery.fileupload-image.js +313 -0
package/scripts/jquery.fileupload-process.js +172 -0
package/scripts/jquery.fileupload-ui.js +700 -0
package/scripts/jquery.fileupload-validate.js +117 -0
package/scripts/jquery.fileupload-video.js +103 -0
package/scripts/jquery.fileupload.js +1451 -0
package/scripts/jquery.form.js +892 -0
package/scripts/jquery.number.min.js +150 -0
package/scripts/jquery.ui.datepicker-en.js +26 -0
package/scripts/jquery.ui.timepicker-en.js +6 -0
package/scripts/jquery.validate.min.js +844 -0
package/scripts/jsbn-ver-1634886518000.js +2 -0
package/scripts/layout.bundle.js +673 -0
package/scripts/load-image.all.min.js +770 -0
package/scripts/local.bundle.js +310 -0
package/scripts/login-app.js +0 -0
package/scripts/login-en.js +0 -0
package/scripts/login-pl.js +0 -0
package/scripts/login-states.js +0 -0
package/scripts/main.js +23 -0
package/scripts/mobileAuthCtrl.js +0 -0
package/scripts/moment.min.js +1562 -0
package/scripts/mon_ing_init.js +22 -0
package/scripts/nl.js +88 -0
package/scripts/paginator.js +267 -0
package/scripts/pinLoginDefault-ver-1634885786000.js +2 -0
package/scripts/popper.min.js +844 -0
package/scripts/prng4-ver-1634886518000.js +2 -0
package/scripts/psd2-states.js +0 -0
package/scripts/rng-ver-1634886518000.js +2 -0
package/scripts/rsa_jsbn-ver-1634886518000.js +2 -0
package/scripts/selectAssetBrowser.bundle.js +47577 -0
package/scripts/selectables.custom.js +174 -0
package/scripts/sgemius.js +0 -0
package/scripts/sha1.js +0 -0
package/scripts/slick.min.js +687 -0
package/scripts/superfish.js +279 -0
package/scripts/upload-main.js +90 -0
package/scripts/video.min.js +12517 -0
package/scripts/videojs.wavesurfer.min.js +495 -0
package/scripts/wavesurfer.min.js +2775 -0
package/scripts/webtrekk_v4-ver-1634885786000.js +2 -0
package/setup-feature.js +47 -0
package/start.ingbusiness.pl/dump-scripts.py +83 -0
package/start.ingbusiness.pl/form.html_v=202110040949 +52 -0
package/start.ingbusiness.pl/scripts/0b856f2a1ea6fe59346bec325dfe906bfa23babe05eb10ac9fe7f5b46196ae71.js +0 -0
package/start.ingbusiness.pl/scripts/AliasCtrl.js +136 -0
package/start.ingbusiness.pl/scripts/ChangePasswordCtrl.js +162 -0
package/start.ingbusiness.pl/scripts/CustomErrorCtrl.js +9 -0
package/start.ingbusiness.pl/scripts/ErrorCtrl.js +30 -0
package/start.ingbusiness.pl/scripts/HeaderCtrl.js +84 -0
package/start.ingbusiness.pl/scripts/LoginService.js +86 -0
package/start.ingbusiness.pl/scripts/LoginValidationService.js +52 -0
package/start.ingbusiness.pl/scripts/NipValidator.js +30 -0
package/start.ingbusiness.pl/scripts/PasswordCtrl.js +179 -0
package/start.ingbusiness.pl/scripts/Psd2AliasCtrl.js +12 -0
package/start.ingbusiness.pl/scripts/RegonValidator.js +73 -0
package/start.ingbusiness.pl/scripts/RequestService.js +26 -0
package/start.ingbusiness.pl/scripts/SmsCtrl.js +91 -0
package/start.ingbusiness.pl/scripts/UnlockUserCtrl.js +79 -0
package/start.ingbusiness.pl/scripts/angular-animate.min.js +1535 -0
package/start.ingbusiness.pl/scripts/angular-cookies.min.js +62 -0
package/start.ingbusiness.pl/scripts/angular-translate.min.js +871 -0
package/start.ingbusiness.pl/scripts/angular-ui-router.js +1561 -0
package/start.ingbusiness.pl/scripts/angular.min.js +9845 -0
package/start.ingbusiness.pl/scripts/criticalMessageService.js +24 -0
package/start.ingbusiness.pl/scripts/data-dir-button-loader.js +30 -0
package/start.ingbusiness.pl/scripts/data-dir-compile-template.js +17 -0
package/start.ingbusiness.pl/scripts/data-dir-cookies-bar.js +37 -0
package/start.ingbusiness.pl/scripts/data-dir-progress-pie.js +102 -0
package/start.ingbusiness.pl/scripts/data-dir-svg-icon.js +633 -0
package/start.ingbusiness.pl/scripts/data-gemius-event.js +119 -0
package/start.ingbusiness.pl/scripts/dir-critical-message.js +9 -0
package/start.ingbusiness.pl/scripts/dir-help-panel-content.js +29 -0
package/start.ingbusiness.pl/scripts/dir-login-keyboard.js +346 -0
package/start.ingbusiness.pl/scripts/dir-login-validation.js +20 -0
package/start.ingbusiness.pl/scripts/dir-nav-links.js +26 -0
package/start.ingbusiness.pl/scripts/dir-title.js +21 -0
package/start.ingbusiness.pl/scripts/gemius-init.js +12 -0
package/start.ingbusiness.pl/scripts/gemiusID.js +32 -0
package/start.ingbusiness.pl/scripts/hashService.js +91 -0
package/start.ingbusiness.pl/scripts/helpPanelPasswordService.js +26 -0
package/start.ingbusiness.pl/scripts/helpPanelService.js +92 -0
package/start.ingbusiness.pl/scripts/jquery-3.5.1.min.js +3242 -0
package/start.ingbusiness.pl/scripts/login-app.js +107 -0
package/start.ingbusiness.pl/scripts/login-en.js +73 -0
package/start.ingbusiness.pl/scripts/login-pl.js +74 -0
package/start.ingbusiness.pl/scripts/login-states.js +156 -0
package/start.ingbusiness.pl/scripts/maskService.js +194 -0
package/start.ingbusiness.pl/scripts/maskUtilService.js +302 -0
package/start.ingbusiness.pl/scripts/mobileAuthCtrl.js +189 -0
package/start.ingbusiness.pl/scripts/psd2-states.js +67 -0
package/start.ingbusiness.pl/scripts/securityPolicyService.js +119 -0
package/start.ingbusiness.pl/scripts/sgemius.js +257 -0
package/start.ingbusiness.pl/scripts/sha1.js +210 -0
package/start.ingbusiness.pl/scripts/sprintf.js +115 -0
package/start.ingbusiness.pl/scripts/tabletScalingService.js +59 -0
package/start.ingbusiness.pl/scripts/userAgentResolverService.js +12 -0

package/start.ingbusiness.pl/scripts/maskUtilService.js ADDED Viewed

@@ -0,0 +1,302 @@
+'use strict';
+angular.module('commons').service('maskUtilService', function() {
+    var hexChars = '0123456789abcdef';
+    this.copyArray = function(array1, array2) {
+        for (var i = 0; i < array1.length; i++) {
+            array2[i] = array1[i];
+        }
+    };
+    // Funkcja zwraca liczbe pseudolosowa z zakresu 0 - maxValue.
+    // Ziarnem jest aktualny czas systemowy
+    // Integer maxValue - maksymalna liczba z zakresu
+    this.rand = function(maxValue) {
+        return Math.round(Math.random() * maxValue);
+    };
+    // Funcja zwraca losowy element tablicy
+    // Array array1 - tablica
+    this.randArrayValue = function(array1) {
+        return array1[this.rand(array1.length - 1)];
+    };
+    // Funkcja konwertuje tablice bajtow do postaci heksadecymalnej
+    // Array of bytes array1 - tablica bajtow
+    this.arrayOfBytes2HexString = function(array1) {
+        var str = '';
+        for (var i = 0; i < array1.length; i++) {
+            str += this.byte2Hex(array1[i]);
+        }
+        return str;
+    };
+    // Funkcja konwertuje string heksadecymalny do tablicy bajtow
+    // String str - string o parzystej liczbie znakow ze zbioru hexChars
+    this.hexString2ArrayOfBytes = function(str) {
+        var array1 = [];
+        for (var i = 0; i < str.length; i += 2) {
+            array1[i / 2] = this.hex2Byte(str.substr(i, 2));
+        }
+        return array1;
+    };
+    this.power = function(x) {
+        return x * x;
+    };
+    // Funkcja oblicza PASSMASKED'' = HASH(ALIAS+PASSMASKED)
+    // Wynik jest zwracany w postaci heksadecymalnej
+    // String alias - alias
+    // String pass1 - haslo
+    // Array of bytes mask1 - maska
+    this.createPassMaskedBis = function(alias1, pass1, mask1) {
+        // Najpierw nalezy zamienic alias na tablice bajtow i obliczyc PASSMASKED
+        var aliasArray = [];
+        for (var i = 0; i < alias1.length; i++) {
+            aliasArray[i] = alias1.charCodeAt(i);
+        }
+        var passMasked = this.createPassMasked(pass1, mask1);
+        // obliczenie PASSMASKED'' = HASH(ALIAS+PASSMASKED)
+        return this.sha1(aliasArray.concat(passMasked), 'H');
+    };
+    // Funkcja wykonuje sume logiczna na elementach tablic.
+    // Jezeli tablice sa roznej wielkosci to tablica wynikowa ma rozmiar mniejszej tablicy
+    // Array of bytes array1 - tablica 1
+    // Array of bytes array2 - tablica 2
+    this.ORArrays = function(array1, array2) {
+        var array3 = [];
+        if (array1.length <= array2.length) {
+            for (var i = 0; i < array1.length; i++) {
+                array3[i] = array1[i] | array2[i];
+            }
+        } else {
+            for (var j = 0; j < array2.length; j++) {
+                array3[j] = array1[j] | array2[j];
+            }
+        }
+        return array3;
+    };
+    // Funkcja wykonuje iloczyn logiczny na elementach tablic (tylko na bajtach, dla ktorych maska jest ff).
+    // Jezeli tablice sa roznej wielkosci to tablica wynikowa ma rozmiar mniejszej tablicy
+    // Array of bytes array1 - tablica 1
+    // Array of bytes mask2 - maska (tablica 2)
+    this.ANDArrays = function(array1, mask2) {
+        var array3 = [];
+        var len = 0;
+        if (array1.length <= mask2.length) {
+            len = array1.length;
+        } else {
+            len = mask2.length;
+        }
+        for (var i = 0; i < len; i++) {
+            if (mask2[i] === 255) {
+                array3[i] = array1[i] & mask2[i];
+            } else {
+                array3[i] = mask2[i];
+            }
+        }
+        return array3;
+    };
+    // Funkcja wykonuje operacje XOR na elementach tablic.
+    // Jezeli tablice sa roznej wielkosci to tablica wynikowa ma rozmiar mniejszej tablicy
+    // Array of bytes array1 - tablica 1
+    // Array of bytes array2 - tablica 2
+    this.XORArrays = function(array1, array2) {
+        var array3 = [];
+        if (array1.length <= array2.length) {
+            for (var i = 0; i < array1.length; i++) {
+                array3[i] = array1[i] ^ array2[i];
+            }
+        } else {
+            for (var j = 0; j < array2.length; j++) {
+                array3[j] = array1[j] ^ array2[j];
+            }
+        }
+        return array3;
+    };
+    // Funkcja zwraca liczbe pseudolosowa z zakresu 0 - maxValue.
+    // Liczba musi byc rozna od liczb przekazanych w tablicy forbidenValues
+    // Ziarnem jest aktualny czas systemowy
+    // Integer maxValue - maksymalna liczba z zakresu
+    // Array of Integers forbidenValues - zabronione wartosci
+    this.randExcept = function(maxValue, forbidenValues) {
+        while (true) {
+            var randValue = Math.round(Math.random() * maxValue);
+            var unique = true;
+            for (var i = 0; i < forbidenValues.length; i++) {
+                if (randValue === forbidenValues[i]) {
+                    unique = false;
+                    break;
+                }
+            }
+            if (unique) {
+                return randValue;
+            }
+        }
+    };
+    // Funcja zwraca losowy element tablicy array1 rozny od wszystkich elementow tablicy array2
+    // Array array1 - tablica
+    // Array array2 - tablica
+    this.randArrayValueExcept = function(array1, array2) {
+        return array1[randExcept(array1.length - 1, array2)];
+    };
+    // Funkcja konwertuje 8-bitowa liczbe na 2-znakowy string w postaci heksadecymalnej
+    // Byte byte1 - liczba 8-bitowa (0-255)
+    this.byte2Hex = function(byte1) {
+        return hexChars.charAt((byte1 & 0xF0) >> 4) + hexChars.charAt(byte1 & 0x0F);
+    };
+    // Funkcja konwertuje 2 znakowy string w postaci heksadecymalnej na 8-bitowa liczbe
+    // String str - 2 znaki ze zbioru hexChars
+    this.hex2Byte = function(str) {
+        str = str.toLowerCase();
+        return hexChars.indexOf(str.charAt(0)) << 4 | hexChars.indexOf(str.charAt(1));
+    };
+    // Funkcja oblicza skrot SHA-1 dla przekazanej tablicy bajtow.
+    // Zwraca tablice bajtow lub string heksadecymalny w zaleznosci od zmiennej result
+    // Array of bytes - array1
+    // String result - typ wyniku: H - hex, A - array of bytes
+    this.sha1 = function(array1, result) {
+        var x = this.str2blks_SHA1AOB(array1);
+        var w = [];
+        w[80 - 1] = null;
+        var a = 1732584193;
+        var b = -271733879;
+        var c = -1732584194;
+        var d = 271733878;
+        var e = -1009589776;
+        for (var i = 0; i < x.length; i += 16) {
+            var olda = a;
+            var oldb = b;
+            var oldc = c;
+            var oldd = d;
+            var olde = e;
+            for (var j = 0; j < 80; j++) {
+                if (j < 16) {
+                    w[j] = x[i + j];
+                } else {
+                    w[j] = rol(w[j - 3] ^ w[j - 8] ^ w[j - 14] ^ w[j - 16], 1);
+                }
+                var t = this.safe_add(this.safe_add(rol(a, 5), this.ft(j, b, c, d)), this.safe_add(this.safe_add(e, w[j]), this.kt(j)));
+                e = d;
+                d = c;
+                c = rol(b, 30);
+                b = a;
+                a = t;
+            }
+            a = this.safe_add(a, olda);
+            b = this.safe_add(b, oldb);
+            c = this.safe_add(c, oldc);
+            d = this.safe_add(d, oldd);
+            e = this.safe_add(e, olde);
+        }
+        if (result === 'H') {
+            return this.hex(a) + this.hex(b) + this.hex(c) + this.hex(d) + this.hex(e);
+        } else {
+            var resArr = [];
+            resArr[20 - 1] = null;
+            resArr[0] = a >> 24 & 0x000000FF;
+            resArr[1] = a >> 16 & 0x000000FF;
+            resArr[2] = a >> 8 & 0x000000FF;
+            resArr[3] = a & 0x000000FF;
+            resArr[4] = b >> 24 & 0x000000FF;
+            resArr[5] = b >> 16 & 0x000000FF;
+            resArr[6] = b >> 8 & 0x000000FF;
+            resArr[7] = b & 0x000000FF;
+            resArr[8] = c >> 24 & 0x000000FF;
+            resArr[9] = c >> 16 & 0x000000FF;
+            resArr[10] = c >> 8 & 0x000000FF;
+            resArr[11] = c & 0x000000FF;
+            resArr[12] = d >> 24 & 0x000000FF;
+            resArr[13] = d >> 16 & 0x000000FF;
+            resArr[14] = d >> 8 & 0x000000FF;
+            resArr[15] = d & 0x000000FF;
+            resArr[16] = e >> 24 & 0x000000FF;
+            resArr[17] = e >> 16 & 0x000000FF;
+            resArr[18] = e >> 8 & 0x000000FF;
+            resArr[19] = e & 0x000000FF;
+            return resArr;
+        }
+    };
+    this.ft = function(t, b, c, d) {
+        if (t < 20) {
+            return b & c | ~b & d;
+        }
+        if (t < 40) {
+            return b ^ c ^ d;
+        }
+        if (t < 60) {
+            return b & c | b & d | c & d;
+        }
+        return b ^ c ^ d;
+    };
+    this.safe_add = function(x, y) {
+        var lsw = (x & 0xFFFF) + (y & 0xFFFF);
+        var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
+        return msw << 16 | lsw & 0xFFFF;
+    };
+    this.kt = function(t) {
+        return t < 20 ? 1518500249 : t < 40 ? 1859775393 : t < 60 ? -1894007588 : -899497514;
+    };
+    this.hex = function(num) {
+        var str = '';
+        for (var j = 7; j >= 0; j--) {
+            str += hexChars.charAt(num >> j * 4 & 0x0F);
+        }
+        return str;
+    };
+    this.str2blks_SHA1AOB = function(array2) {
+        var nblk = (array2.length + 8 >> 6) + 1;
+        var blks = [];
+        for (var i = 0; i < nblk * 16; i++) {
+            blks.push(0);
+        }
+        for (var j = 0; j < array2.length; j++) {
+            blks[j >> 2] |= array2[j] << 24 - j % 4 * 8;
+        }
+        blks[j >> 2] |= 0x80 << 24 - j % 4 * 8;
+        blks[nblk * 16 - 1] = array2.length * 8;
+        return blks;
+    };
+    // Funckja oblicza iloczyn logiczny hasla i maski
+    // String pass1 - haslo
+    // Array of bytes mask1 - maska
+    this.createPassMasked = function(pass1, mask1) {
+        var passArray = [];
+        for (var i = 0; i < pass1.length; i++) {
+            passArray[i] = pass1.charCodeAt(i);
+        }
+        return this.ANDArrays(passArray, mask1);
+    };
+});

package/start.ingbusiness.pl/scripts/mobileAuthCtrl.js ADDED Viewed

@@ -0,0 +1,189 @@
+loginApp.controller('mobileAuthCtrl', ['$rootScope', '$scope', '$cookies', '$state', '$stateParams', '$http', '$window', 'previousState', '$interval', '$timeout', '$filter', '$log', '$q',
+    function($rootScope, $scope, $cookies, $state, $stateParams, $http, $window, previousState, $interval, $timeout, $filter, $log, $q) {
+        var TERMINATE_LOGIN_PROCESS_DELAY = 5000;
+        var TIMER_INTERVAL = 1000;
+        var STATUS_PULL_INTERVAL = $stateParams.frequencyTimer;
+        var TIMER_TOTAL_TIME_IN_SECONDS = $stateParams.timerOoba;
+        var SPLUNK_USER_CLICK_DELAY = STATUS_PULL_INTERVAL / 2;
+        var OobaStatusEnum = {
+            UNKNOWN: "UNKNOWN",
+            PENDING: "OOBA_P",
+            APPROVED: "OK",
+            ERROR: "ERROR"
+        };
+        var oobaStatus = OobaStatusEnum.UNKNOWN;
+        var timerId = null;
+        var oobaStatusResolver = $q.resolve({
+            status: OobaStatusEnum.UNKNOWN
+        });
+        var nextOobaStatusCheckTimeoutId = null;
+        initialize = function() {
+            $scope.totalTimeInSeconds = TIMER_TOTAL_TIME_IN_SECONDS;
+            $scope.elapsedTime = 0;
+            $scope.remainingTime = $scope.totalTimeInSeconds;
+            $scope.isStatusPullingOn = false;
+            $scope.captchaImage = {
+                'background-image': 'url(../static/img/ooba-icons/' + $stateParams.pid + '.svg)',
+            };
+            $scope.startStatusPulling();
+            timerId = $interval(function() {
+                $scope.elapsedTime = Math.floor((Date.now() - $scope.pullingStatusStartTime) / 1000);
+                $scope.remainingTime = Math.max($scope.totalTimeInSeconds - $scope.elapsedTime, 0);
+                if ($scope.remainingTime < 1) {
+                    $scope.stopStatusPulling();
+                    $scope.stopTimer();
+                    //wait if there is any pending request
+                    oobaStatusResolver.finally(function() {
+                        terminateLoginProcess(TERMINATE_LOGIN_PROCESS_DELAY);
+                    })
+                }
+            }, TIMER_INTERVAL)
+        };
+        var terminateLoginProcess = function(delay) {
+            $timeout(function() {
+                if (oobaStatus === OobaStatusEnum.PENDING) {
+                    checkStatus()
+                        .then(
+                            function(response) {
+                                response.status === OobaStatusEnum.APPROVED ? processApprovedOoba() : $state.go('error');
+                            },
+                            function() {
+                                $state.go('error');
+                            }
+                        )
+                }
+            }, delay);
+        };
+        $scope.$on('$destroy', function() {
+            $scope.stopStatusPulling();
+            $scope.stopTimer();
+        });
+        $window.onbeforeunload = function() {
+            if ($state.current.name === 'mobileAuth' && !$cookies.get('ing2LoggingStartTime')) {
+                $http.post('../json/login/back', null);
+                // angular's $http methods wrap the config in an immediately resolved promise which means the ajax
+                // request doesn't actually get fired until the next tick so we have to force digest cycle
+                $rootScope.$digest();
+            }
+        };
+        $scope.onChangeToMask = function() {
+            //cancel any future oobaStatusResolver request
+            $timeout.cancel(nextOobaStatusCheckTimeoutId);
+            //change to SMS only if ooba in Pending status
+            oobaStatusResolver.then(
+                function(response) {
+                    if (response.status === OobaStatusEnum.PENDING) {
+                        $http.get('../json/login/oobaToSms')
+                            .then(proceedToMaskLogin, processOobaError);
+                        gemius_event('_action_', getGemiusID(), 'miejsce=ekran_logowania_autoryzacja_mobilna', 'link=powrot_na_haslo_maskowane', 'metoda=onclick');
+                    } else {
+                        $log.error('Wrong ooba state ' + response.status);
+                    }
+                }
+            )
+        };
+        $scope.backToPrevStep = function() {
+            $http.post('../json/login/back', null).then(function() {
+                $state.go(previousState.name);
+            });
+        };
+        var proceedToMaskLogin = function() {
+            $state.go('password', {
+                loginMask: $stateParams.loginMask,
+                mask: $stateParams.mask,
+                maskLength: $stateParams.maskLength,
+                alias: $stateParams.alias
+            });
+        };
+        var addCookie = function(name, value) {
+            $cookies.put(name, value, {
+                path: '/'
+            });
+        };
+        var processOobaError = function() {
+            $state.go('error');
+        };
+        var processApprovedOoba = function() {
+            $scope.stopTimer();
+            addCookie('ing2OobaLogging', true);
+            addCookie('ing2LoggingStartTime', (new Date().getTime() + SPLUNK_USER_CLICK_DELAY) + '');
+            addCookie('cibUsrLoginCommand', new Date().getTime() + '');
+            $state.go('index', {
+                alias: $stateParams.alias
+            });
+        };
+        var statusPullingLoop = function() {
+            (oobaStatusResolver = checkStatus())
+            .then(function(response) {
+                oobaStatus = response.status;
+                switch (response.status) {
+                    case OobaStatusEnum.PENDING:
+                        break;
+                    case OobaStatusEnum.APPROVED:
+                        processApprovedOoba();
+                        break;
+                    case OobaStatusEnum.ERROR:
+                        processOobaError();
+                }
+                if ($scope.remainingTime > 0 && $scope.isStatusPullingOn) {
+                    nextOobaStatusCheckTimeoutId = $timeout(statusPullingLoop, STATUS_PULL_INTERVAL);
+                }
+            });
+        };
+        var checkStatus = function() {
+            return $q(function(resolve, reject) {
+                $http.post('../json/login/oobaState', {
+                        osResoultion: screen.width + "x" + screen.height
+                    })
+                    .then(function(response) {
+                            resolve(response.data);
+                        },
+                        function(response) {
+                            $log.error(error);
+                            reject(response.data);
+                        }
+                    );
+            });
+        };
+        $scope.startStatusPulling = function() {
+            $scope.isStatusPullingOn = true;
+            $scope.pullingStatusStartTime = Date.now();
+            statusPullingLoop();
+        };
+        $scope.stopStatusPulling = function() {
+            $timeout.cancel(nextOobaStatusCheckTimeoutId);
+            $scope.isStatusPullingOn = false;
+        };
+        $scope.stopTimer = function() {
+            $interval.cancel(timerId);
+        };
+        initialize();
+    }
+]);

package/start.ingbusiness.pl/scripts/psd2-states.js ADDED Viewed

@@ -0,0 +1,67 @@
+'use strict';
+angular.module('commons').constant('psd2State', {
+    CONSENT_AIS: {
+        state: 'psd2Consent:aisIndex',
+        externalUrl: '../psd2Consent/#!ais'
+    },
+    CONSENT_AIS_COMMON_SCOPE: {
+        state: 'psd2Consent:aisCommonScopeIndex',
+        externalUrl: '../psd2Consent/#!aisCommonScope'
+    },
+    CONSENT_AIS_ACCOUNTS: {
+        state: 'psd2Consent:aisAccountsIndex',
+        externalUrl: '../psd2Consent/#!aisAccounts'
+    },
+    TAX_TRANSFER: {
+        state: 'psd2Consent:pis:taxTransfer',
+        externalUrl: '../psd2Consent/#!pis/taxTransfer'
+    },
+    FOREIGN_TRANSFER_NON_EEA: {
+        state: 'psd2Consent:pis:foreignTransferNonEea',
+        externalUrl: '../psd2Consent/#!pis/foreignTransfer'
+    },
+    FOREIGN_TRANSFER_EEA: {
+        state: 'psd2Consent:pis:foreignTransferEea',
+        externalUrl: '../psd2Consent/#!pis/foreignTransferEea'
+    },
+    DOMESTIC_TRANSFER: {
+        state: 'psd2Consent:pis:domesticTransfer',
+        externalUrl: '../psd2Consent/#!pis/domesticTransfer'
+    },
+    CANCEL_PAYMENT: {
+        state: 'psd2Consent:pis:cancelPayment',
+        externalUrl: '../psd2Consent/#!pis/cancelPayment'
+    },
+    CANCEL_BUNDLE: {
+        state: 'psd2Consent:pis:cancelBundle',
+        externalUrl: '../psd2Consent/#!pis/cancelBundle'
+    },
+    BUNDLE_TRANSFERS: {
+        state: 'psd2Consent:pis:bundleTransfers',
+        externalUrl: '../psd2Consent/#!pis/bundleTransfers'
+    },
+    INVALID_PIS_CONSENT: {
+        state: 'psd2Consent:pis:validationError',
+        externalUrl: '../psd2Consent/#!errorDict',
+        params: {
+            errorKey: 'PIS_INVALID_TRANSFER'
+        }
+    },
+    ERROR_AIS: {
+        state: 'psd2Consent:aisError',
+        externalUrl: '../psd2Consent/#!aisError'
+    },
+    ERROR_AIS_ACCOUNTS: {
+        state: 'psd2Consent:aisAccountsError',
+        externalUrl: '../psd2Consent/#!aisAccountsError'
+    },
+    ERROR_AIS_ACCOUNTS_NO_ACCOUNTS: {
+        state: 'psd2Consent:aisAccountsNoAccountsError',
+        externalUrl: '../psd2Consent/#!aisAccountsNoAccounts'
+    },
+    ERROR_UNKNOWN: {
+        state: 'psd2Conent:error',
+        externalUrl: '../psd2Consent/#!error'
+    }
+});

package/start.ingbusiness.pl/scripts/securityPolicyService.js ADDED Viewed

@@ -0,0 +1,119 @@
+'use strict';
+angular.module('commons').service(
+    'securityPolicyService',
+    function() {
+        var uppercaseRule = /^[A-Z]$/;
+        var lowercaseRule = /^[a-z]$/;
+        var digitRule = /^[0-9]$/;
+        var specCharRule = /^[`~!@#\$%\^&\*\(\)_\+\|\-=\\\[\]\{\};':",\.\/<>\?]$/;
+        var minLowercase = 0;
+        var minUppercase = 0;
+        var minDigit = 0;
+        var minSpecChar = 0;
+        var minLength = 10;
+        var maxLength = 32;
+        var sufficientRulesCount = 3;
+        var checkedRulesCount = 4; //sprawdzamy 4 rzeczy: ile malych liter, ile duzych, ile cyfr, ile znakow specjalnych
+        var rulesCount = {
+            strong: 0,
+            weak: 0,
+            reset: function() {
+                this.strong = 0;
+                this.weak = 0;
+            },
+            toString: function() {
+                return 'strong:' + this.strong + ' weak:' + this.weak;
+            }
+        };
+        var wordStructure = {
+            uppercaseCount: 0,
+            lowercaseCount: 0,
+            digitCount: 0,
+            specCharCount: 0,
+            reset: function() {
+                this.uppercaseCount = 0;
+                this.lowercaseCount = 0;
+                this.digitCount = 0;
+                this.specCharCount = 0;
+            },
+            toString: function() {
+                return ' uppercaseCount:' + this.uppercaseCount + ' lowercaseCount:' + this.lowercaseCount + ' digitCount:' + this.digitCount +
+                    ' specCharCount:' + this.specCharCount;
+            }
+        };
+        this.init = function(parameters) {
+            minLowercase = parameters.pswLowercase;
+            minUppercase = parameters.pswUppercase;
+            minDigit = parameters.pswDigits;
+            minSpecChar = parameters.pswSpecChar;
+            minLength = parameters.pswMin;
+            maxLength = parameters.pswMax;
+            sufficientRulesCount = parameters.pswCase;
+        };
+        this.checkSecurityPolicyRules = function(password) {
+            wordStructure.reset();
+            rulesCount.reset();
+            this.countAndSetWordStructure(password);
+            this.countFullfiledSecurityRules();
+            return rulesCount.weak >= sufficientRulesCount && password.length <= maxLength && password.length >= minLength;
+        };
+        this.calculatePasswordStrength = function(password) {
+            var strength = 0;
+            if (password == null || password == '') {
+                return strength;
+            }
+            this.checkSecurityPolicyRules(password);
+            var weakRulesScore = (rulesCount.weak / checkedRulesCount) / 2;
+            var strongRulesScore = (rulesCount.strong / checkedRulesCount) / 2;
+            strength = weakRulesScore + strongRulesScore;
+            return strength; //zwracamy spolczynnik miedzy 0 a 1 - prezentacja zalezy od formatki
+        };
+        this.checkMinSecurityPolicyRule = function(securityPolicyParam, countedElements) {
+            if (countedElements >= securityPolicyParam) {
+                rulesCount.weak++;
+            }
+            if (countedElements >= securityPolicyParam + 1) {
+                rulesCount.strong++;
+            }
+        };
+        this.sumOfSecurityRules = function() {
+            return minLowercase + minUppercase + minDigit + minSpecChar;
+        };
+        this.countAndSetWordStructure = function(password) {
+            for (var i = 0; i < password.length; i++) {
+                var letter = password.charAt(i);
+                if (uppercaseRule.test(letter)) {
+                    wordStructure.uppercaseCount++;
+                } else if (lowercaseRule.test(letter)) {
+                    wordStructure.lowercaseCount++;
+                } else if (digitRule.test(letter)) {
+                    wordStructure.digitCount++;
+                } else if (specCharRule.test(letter)) {
+                    wordStructure.specCharCount++;
+                }
+            }
+        };
+        this.countFullfiledSecurityRules = function() {
+            this.checkMinSecurityPolicyRule(minUppercase, wordStructure.uppercaseCount);
+            this.checkMinSecurityPolicyRule(minLowercase, wordStructure.lowercaseCount);
+            this.checkMinSecurityPolicyRule(minDigit, wordStructure.digitCount);
+            this.checkMinSecurityPolicyRule(minSpecChar, wordStructure.specCharCount);
+        };
+    });