Merge branch 'master' into spencer/accounts-search
# Conflicts: # src/app/_eth/registry.ts # src/app/_interceptors/error.interceptor.ts # src/app/_services/auth.service.ts
This commit is contained in:
commit
0009148e61
@ -22,6 +22,9 @@ Run `ng generate module module-name --route module-name --module app.module` to
|
|||||||
|
|
||||||
## Build
|
## Build
|
||||||
|
|
||||||
|
set you environment variables - set these via environment variables as found in set-env.ts
|
||||||
|
// TODO create a .env file so people don't have to set these one-by-one
|
||||||
|
|
||||||
Run `npm run build:dev` to build the project. The build artifacts will be stored in the `dist/` directory. Use the `build:prod` script for a production build.
|
Run `npm run build:dev` to build the project. The build artifacts will be stored in the `dist/` directory. Use the `build:prod` script for a production build.
|
||||||
|
|
||||||
## Running unit tests
|
## Running unit tests
|
||||||
|
0
src/app/_eth/registry.ts
Normal file
0
src/app/_eth/registry.ts
Normal file
@ -12,10 +12,9 @@ export class AuthGuard implements CanActivate {
|
|||||||
canActivate(
|
canActivate(
|
||||||
route: ActivatedRouteSnapshot,
|
route: ActivatedRouteSnapshot,
|
||||||
state: RouterStateSnapshot): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
|
state: RouterStateSnapshot): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
|
||||||
if (sessionStorage.getItem(btoa('CICADA_SESSION_TOKEN'))) {
|
if (localStorage.getItem(btoa('CICADA_PRIVATE_KEY'))) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
this.router.navigate(['/auth']);
|
this.router.navigate(['/auth']);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -3,6 +3,16 @@ import {LoggingService} from '@app/_services/logging.service';
|
|||||||
import {HttpErrorResponse} from '@angular/common/http';
|
import {HttpErrorResponse} from '@angular/common/http';
|
||||||
import {Router} from '@angular/router';
|
import {Router} from '@angular/router';
|
||||||
|
|
||||||
|
// A generalized http repsonse error
|
||||||
|
export class HttpError extends Error {
|
||||||
|
public status: number
|
||||||
|
constructor(message, status) {
|
||||||
|
super(message);
|
||||||
|
this.status = status;
|
||||||
|
this.name = 'HttpError';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class GlobalErrorHandler extends ErrorHandler {
|
export class GlobalErrorHandler extends ErrorHandler {
|
||||||
private sentencesForWarningLogging: string[] = [];
|
private sentencesForWarningLogging: string[] = [];
|
||||||
@ -14,13 +24,13 @@ export class GlobalErrorHandler extends ErrorHandler {
|
|||||||
super();
|
super();
|
||||||
}
|
}
|
||||||
|
|
||||||
handleError(error: any): void {
|
handleError(error: Error): void {
|
||||||
this.logError(error);
|
this.logError(error);
|
||||||
const message = error.message ? error.message : error.toString();
|
const message = error.message ? error.message : error.toString();
|
||||||
|
|
||||||
if (error.status) {
|
// if (error.status) {
|
||||||
error = new Error(message);
|
// error = new Error(message);
|
||||||
}
|
// }
|
||||||
|
|
||||||
const errorTraceString = `Error message:\n${message}.\nStack trace: ${error.stack}`;
|
const errorTraceString = `Error message:\n${message}.\nStack trace: ${error.stack}`;
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
import {Injectable} from '@angular/core';
|
import {Injectable, isDevMode} from '@angular/core';
|
||||||
import {
|
import {
|
||||||
HttpRequest,
|
HttpRequest,
|
||||||
HttpHandler,
|
HttpHandler,
|
||||||
@ -6,7 +6,7 @@ import {
|
|||||||
HttpInterceptor, HttpErrorResponse
|
HttpInterceptor, HttpErrorResponse
|
||||||
} from '@angular/common/http';
|
} from '@angular/common/http';
|
||||||
import {Observable, throwError} from 'rxjs';
|
import {Observable, throwError} from 'rxjs';
|
||||||
import {catchError} from 'rxjs/operators';
|
import {catchError, retry} from 'rxjs/operators';
|
||||||
import {ErrorDialogService, LoggingService} from '@app/_services';
|
import {ErrorDialogService, LoggingService} from '@app/_services';
|
||||||
import {Router} from '@angular/router';
|
import {Router} from '@angular/router';
|
||||||
|
|
||||||
|
@ -18,20 +18,21 @@ export class LoggingInterceptor implements HttpInterceptor {
|
|||||||
) {}
|
) {}
|
||||||
|
|
||||||
intercept(request: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
|
intercept(request: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
|
||||||
this.loggingService.sendInfoLevelMessage(request);
|
return next.handle(request);
|
||||||
const startTime = Date.now();
|
// this.loggingService.sendInfoLevelMessage(request);
|
||||||
let status: string;
|
// const startTime = Date.now();
|
||||||
|
// let status: string;
|
||||||
|
|
||||||
return next.handle(request).pipe(tap(event => {
|
// return next.handle(request).pipe(tap(event => {
|
||||||
status = '';
|
// status = '';
|
||||||
if (event instanceof HttpResponse) {
|
// if (event instanceof HttpResponse) {
|
||||||
status = 'succeeded';
|
// status = 'succeeded';
|
||||||
}
|
// }
|
||||||
}, error => status = 'failed'),
|
// }, error => status = 'failed'),
|
||||||
finalize(() => {
|
// finalize(() => {
|
||||||
const elapsedTime = Date.now() - startTime;
|
// const elapsedTime = Date.now() - startTime;
|
||||||
const message = `${request.method} request for ${request.urlWithParams} ${status} in ${elapsedTime} ms`;
|
// const message = `${request.method} request for ${request.urlWithParams} ${status} in ${elapsedTime} ms`;
|
||||||
this.loggingService.sendInfoLevelMessage(message);
|
// this.loggingService.sendInfoLevelMessage(message);
|
||||||
}));
|
// }));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,13 @@
|
|||||||
import { Injectable } from '@angular/core';
|
import { Injectable } from '@angular/core';
|
||||||
import { hobaParseChallengeHeader } from '@src/assets/js/hoba.js';
|
import { hobaParseChallengeHeader } from '@src/assets/js/hoba.js';
|
||||||
import { signChallenge } from '@src/assets/js/hoba-pgp.js';
|
import { signChallenge } from '@src/assets/js/hoba-pgp.js';
|
||||||
import {environment} from '@src/environments/environment';
|
import { environment } from '@src/environments/environment';
|
||||||
import {LoggingService} from '@app/_services/logging.service';
|
import { LoggingService } from '@app/_services/logging.service';
|
||||||
import {MutableKeyStore, MutablePgpKeyStore} from '@app/_pgp';
|
import { MutableKeyStore, MutablePgpKeyStore } from '@app/_pgp';
|
||||||
import {ErrorDialogService} from '@app/_services/error-dialog.service';
|
import { ErrorDialogService } from '@app/_services/error-dialog.service';
|
||||||
import { HttpClient } from '@angular/common/http';
|
import { HttpClient } from '@angular/common/http';
|
||||||
import {Observable } from 'rxjs';
|
import { Observable } from 'rxjs';
|
||||||
|
import { HttpError } from '@app/_helpers/global-error-handler';
|
||||||
|
|
||||||
@Injectable({
|
@Injectable({
|
||||||
providedIn: 'root'
|
providedIn: 'root'
|
||||||
@ -14,25 +15,25 @@ import {Observable } from 'rxjs';
|
|||||||
export class AuthService {
|
export class AuthService {
|
||||||
sessionToken: any;
|
sessionToken: any;
|
||||||
sessionLoginCount = 0;
|
sessionLoginCount = 0;
|
||||||
privateKey: any;
|
mutableKeyStore: MutableKeyStore;
|
||||||
mutableKeyStore: MutableKeyStore = new MutablePgpKeyStore();
|
|
||||||
|
|
||||||
constructor(
|
constructor(
|
||||||
private httpClient: HttpClient,
|
private httpClient: HttpClient,
|
||||||
private loggingService: LoggingService,
|
private loggingService: LoggingService,
|
||||||
private errorDialogService: ErrorDialogService
|
private errorDialogService: ErrorDialogService
|
||||||
) {
|
) {
|
||||||
|
this.mutableKeyStore = new MutablePgpKeyStore()
|
||||||
}
|
}
|
||||||
|
|
||||||
async init(): Promise<any> {
|
async init(): Promise<void> {
|
||||||
await this.mutableKeyStore.loadKeyring();
|
this.mutableKeyStore.loadKeyring();
|
||||||
// TODO setting these together should be atomic
|
// TODO setting these together should be atomic
|
||||||
if (sessionStorage.getItem(btoa('CICADA_SESSION_TOKEN'))) {
|
if (sessionStorage.getItem(btoa('CICADA_SESSION_TOKEN'))) {
|
||||||
this.sessionToken = sessionStorage.getItem(btoa('CICADA_SESSION_TOKEN'));
|
this.sessionToken = sessionStorage.getItem(btoa('CICADA_SESSION_TOKEN'));
|
||||||
}
|
}
|
||||||
if (localStorage.getItem(btoa('CICADA_PRIVATE_KEY'))) {
|
if (localStorage.getItem(btoa('CICADA_PRIVATE_KEY'))) {
|
||||||
this.privateKey = localStorage.getItem(btoa('CICADA_PRIVATE_KEY'));
|
this.mutableKeyStore.importPrivateKey(localStorage.getItem(btoa('CICADA_PRIVATE_KEY')))
|
||||||
await this.getPrivateKeys();
|
// this.privateKey = localStorage.getItem(btoa('CICADA_PRIVATE_KEY'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -58,7 +59,9 @@ export class AuthService {
|
|||||||
xhr.send();
|
xhr.send();
|
||||||
}
|
}
|
||||||
|
|
||||||
sendResponse(hobaResponseEncoded): void {
|
//TODO renmae to send signed challenge and set session. Also seperate these responsibilities
|
||||||
|
sendResponse(hobaResponseEncoded): Promise<boolean> {
|
||||||
|
return new Promise((resolve, reject) => {
|
||||||
const xhr = new XMLHttpRequest();
|
const xhr = new XMLHttpRequest();
|
||||||
xhr.responseType = 'text';
|
xhr.responseType = 'text';
|
||||||
xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
|
xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
|
||||||
@ -66,16 +69,18 @@ export class AuthService {
|
|||||||
xhr.setRequestHeader('Content-Type', 'application/json');
|
xhr.setRequestHeader('Content-Type', 'application/json');
|
||||||
xhr.setRequestHeader('x-cic-automerge', 'none');
|
xhr.setRequestHeader('x-cic-automerge', 'none');
|
||||||
xhr.addEventListener('load', (e) => {
|
xhr.addEventListener('load', (e) => {
|
||||||
if (xhr.status === 401) {
|
if (xhr.status !== 200) {
|
||||||
throw new Error('login rejected');
|
const error = new HttpError(xhr.statusText, xhr.status);
|
||||||
|
return reject(error);
|
||||||
}
|
}
|
||||||
this.sessionToken = xhr.getResponseHeader('Token');
|
this.sessionToken = xhr.getResponseHeader('Token');
|
||||||
sessionStorage.setItem(btoa('CICADA_SESSION_TOKEN'), this.sessionToken);
|
sessionStorage.setItem(btoa('CICADA_SESSION_TOKEN'), this.sessionToken);
|
||||||
this.sessionLoginCount++;
|
this.sessionLoginCount++;
|
||||||
this.setState('Click button to log in');
|
this.setState('Click button to log in');
|
||||||
return;
|
return resolve(true);
|
||||||
});
|
});
|
||||||
xhr.send();
|
xhr.send();
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
getChallenge(): void {
|
getChallenge(): void {
|
||||||
@ -86,7 +91,7 @@ export class AuthService {
|
|||||||
if (xhr.status === 401) {
|
if (xhr.status === 401) {
|
||||||
const authHeader = xhr.getResponseHeader('WWW-Authenticate');
|
const authHeader = xhr.getResponseHeader('WWW-Authenticate');
|
||||||
const o = hobaParseChallengeHeader(authHeader);
|
const o = hobaParseChallengeHeader(authHeader);
|
||||||
await this.loginResponse(o);
|
this.loginResponse(o);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
xhr.send();
|
xhr.send();
|
||||||
@ -113,12 +118,31 @@ export class AuthService {
|
|||||||
|
|
||||||
|
|
||||||
async loginResponse(o): Promise<any> {
|
async loginResponse(o): Promise<any> {
|
||||||
|
return new Promise(async(resolve, reject) => {
|
||||||
try {
|
try {
|
||||||
const r = await signChallenge(o.challenge, o.realm, environment.cicMetaUrl, this.mutableKeyStore);
|
const r = await signChallenge(o.challenge,
|
||||||
this.sendResponse(r);
|
o.realm,
|
||||||
|
environment.cicMetaUrl,
|
||||||
|
this.mutableKeyStore);
|
||||||
|
const sessionTokenResult = await this.sendResponse(r);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
this.errorDialogService.openDialog({message: 'Incorrect key passphrase.'});
|
if (error instanceof HttpError) {
|
||||||
|
if (error.status === 403) {
|
||||||
|
this.errorDialogService.openDialog({ message: 'You are not authorized to use this system' })
|
||||||
}
|
}
|
||||||
|
if (error.status === 401) {
|
||||||
|
this.errorDialogService.openDialog({ message: 'Unable to authenticate with the service. ' +
|
||||||
|
'Please speak with the staff at Grassroots ' +
|
||||||
|
'Economics for requesting access ' +
|
||||||
|
'staff@grassrootseconomics.net.' })
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// TODO define this error
|
||||||
|
this.errorDialogService.openDialog({message: 'Incorrect key passphrase.'});
|
||||||
|
resolve(false);
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
loginView(): void {
|
loginView(): void {
|
||||||
@ -133,10 +157,11 @@ export class AuthService {
|
|||||||
if (!isValidKeyCheck) {
|
if (!isValidKeyCheck) {
|
||||||
throw Error('The private key is invalid');
|
throw Error('The private key is invalid');
|
||||||
}
|
}
|
||||||
const isEncryptedKeyCheck = await this.mutableKeyStore.isEncryptedPrivateKey(privateKeyArmored);
|
// TODO leaving this out for now.
|
||||||
if (!isEncryptedKeyCheck) {
|
//const isEncryptedKeyCheck = await this.mutableKeyStore.isEncryptedPrivateKey(privateKeyArmored);
|
||||||
throw Error('The private key doesn\'t have a password!');
|
//if (!isEncryptedKeyCheck) {
|
||||||
}
|
// throw Error('The private key doesn\'t have a password!');
|
||||||
|
//}
|
||||||
const key = await this.mutableKeyStore.importPrivateKey(privateKeyArmored);
|
const key = await this.mutableKeyStore.importPrivateKey(privateKeyArmored);
|
||||||
localStorage.setItem(btoa('CICADA_PRIVATE_KEY'), privateKeyArmored);
|
localStorage.setItem(btoa('CICADA_PRIVATE_KEY'), privateKeyArmored);
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
@ -162,13 +187,19 @@ export class AuthService {
|
|||||||
return trustedUsers;
|
return trustedUsers;
|
||||||
}
|
}
|
||||||
|
|
||||||
getPublicKeys(): Observable<any> {
|
async getPublicKeys(): Promise<any> {
|
||||||
return this.httpClient.get(`${environment.publicKeysUrl}`, {responseType: 'text'});
|
const data = await fetch(environment.publicKeysUrl)
|
||||||
|
.then(res => {
|
||||||
|
if (!res.ok) {
|
||||||
|
//TODO does angular recommend an error interface?
|
||||||
|
throw Error(`${res.statusText} - ${res.status}`);
|
||||||
|
}
|
||||||
|
return res.text();
|
||||||
|
})
|
||||||
|
return data;
|
||||||
}
|
}
|
||||||
|
|
||||||
async getPrivateKeys(): Promise<void> {
|
getPrivateKey(): any {
|
||||||
if (this.privateKey !== undefined) {
|
return this.mutableKeyStore.getPrivateKey();
|
||||||
await this.mutableKeyStore.importPrivateKey(this.privateKey);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -21,12 +21,20 @@ export class AppComponent {
|
|||||||
private errorDialogService: ErrorDialogService
|
private errorDialogService: ErrorDialogService
|
||||||
) {
|
) {
|
||||||
(async () => {
|
(async () => {
|
||||||
|
try {
|
||||||
await this.authService.mutableKeyStore.loadKeyring();
|
await this.authService.mutableKeyStore.loadKeyring();
|
||||||
this.authService.getPublicKeys()
|
// this.authService.getPublicKeys()
|
||||||
.pipe(catchError(async (error) => {
|
// .pipe(catchError(async (error) => {
|
||||||
this.loggingService.sendErrorLevelMessage('Unable to load trusted public keys.', this, {error});
|
// this.loggingService.sendErrorLevelMessage('Unable to load trusted public keys.', this, {error});
|
||||||
|
// this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
|
||||||
|
// })).subscribe(this.authService.mutableKeyStore.importPublicKey);
|
||||||
|
const publicKeys = await this.authService.getPublicKeys()
|
||||||
|
await this.authService.mutableKeyStore.importPublicKey(publicKeys);
|
||||||
|
} catch(error) {
|
||||||
this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
|
this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
|
||||||
})).subscribe(this.authService.mutableKeyStore.importPublicKey);
|
// TODO do something to halt user progress...show a sad cicada page 🦗?
|
||||||
|
}
|
||||||
|
|
||||||
})();
|
})();
|
||||||
this.mediaQuery.addListener(this.onResize);
|
this.mediaQuery.addListener(this.onResize);
|
||||||
this.onResize(this.mediaQuery);
|
this.onResize(this.mediaQuery);
|
||||||
|
@ -26,12 +26,11 @@ export class AuthComponent implements OnInit {
|
|||||||
this.keyForm = this.formBuilder.group({
|
this.keyForm = this.formBuilder.group({
|
||||||
key: ['', Validators.required],
|
key: ['', Validators.required],
|
||||||
});
|
});
|
||||||
if (this.authService.privateKey !== undefined) {
|
await this.authService.init();
|
||||||
const setKey = await this.authService.setKey(this.authService.privateKey);
|
//if (this.authService.privateKey !== undefined) {
|
||||||
if (setKey && this.authService.sessionToken !== undefined) {
|
// const setKey = await this.authService.setKey(this.authService.privateKey);
|
||||||
this.authService.setState('Click button to log in');
|
// }
|
||||||
}
|
//}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
get keyFormStub(): any { return this.keyForm.controls; }
|
get keyFormStub(): any { return this.keyForm.controls; }
|
||||||
@ -47,8 +46,12 @@ export class AuthComponent implements OnInit {
|
|||||||
}
|
}
|
||||||
|
|
||||||
login(): void {
|
login(): void {
|
||||||
const loginStatus = this.authService.login();
|
// TODO check if we have privatekey
|
||||||
if (loginStatus) {
|
// Send us to home if we have a private key
|
||||||
|
// talk to meta somehow
|
||||||
|
// in the error interceptor if 401/403 handle it
|
||||||
|
// if 200 go /home
|
||||||
|
if (this.authService.getPrivateKey()) {
|
||||||
this.router.navigate(['/home']);
|
this.router.navigate(['/home']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -30,9 +30,11 @@ export class AccountsComponent implements OnInit {
|
|||||||
private userService: UserService,
|
private userService: UserService,
|
||||||
private loggingService: LoggingService,
|
private loggingService: LoggingService,
|
||||||
private router: Router
|
private router: Router
|
||||||
) {
|
)
|
||||||
|
{
|
||||||
(async () => {
|
(async () => {
|
||||||
try {
|
try {
|
||||||
|
// TODO it feels like this shuold be in the onInit handler
|
||||||
await this.userService.loadAccounts(100);
|
await this.userService.loadAccounts(100);
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
this.loggingService.sendErrorLevelMessage('Failed to load accounts', this, {error});
|
this.loggingService.sendErrorLevelMessage('Failed to load accounts', this, {error});
|
||||||
|
Loading…
Reference in New Issue
Block a user