Domain-locked web tokens. (#5894)

* Domain-locking web tokens. * JS part. * Fix linting issues.
2017-06-22 20:05:40 +02:00
parent 4d5280e43c
commit 53609f703e
13 changed files with 85 additions and 48 deletions
--- a/js/src/api/rpc/signer/signer.js
+++ b/js/src/api/rpc/signer/signer.js
@@ -42,9 +42,9 @@ export default class Signer {
      .execute('signer_generateAuthorizationToken');
  }

-  generateWebProxyAccessToken () {
+  generateWebProxyAccessToken (domain) {
    return this._transport
-      .execute('signer_generateWebProxyAccessToken');
+      .execute('signer_generateWebProxyAccessToken', domain);
  }

  rejectRequest (requestId) {
--- a/js/src/jsonrpc/interfaces/signer.js
+++ b/js/src/jsonrpc/interfaces/signer.js
@@ -30,7 +30,11 @@ export default {

  generateWebProxyAccessToken: {
    desc: 'Generates a new web proxy access token.',
-    params: [],
+    params: [{
+      type: String,
+      desc: 'Domain for which the token is valid. Only requests to this domain will be allowed.',
+      example: 'https://parity.io'
+    }],
    returns: {
      type: String,
      desc: 'The new web proxy access token.',
--- a/js/src/views/Web/store.js
+++ b/js/src/views/Web/store.js
@@ -59,15 +59,17 @@ export default class Store {
  }

  @action gotoUrl = (_url) => {
-    transaction(() => {
-      let url = (_url || this.nextUrl).trim().replace(/\/+$/, '');
+    let url = (_url || this.nextUrl).trim().replace(/\/+$/, '');

-      if (!hasProtocol.test(url)) {
-        url = `https://${url}`;
-      }
+    if (!hasProtocol.test(url)) {
+      url = `https://${url}`;
+    }

-      this.setNextUrl(url);
-      this.setCurrentUrl(this.nextUrl);
+    return this.generateToken(url).then(() => {
+      transaction(() => {
+        this.setNextUrl(url);
+        this.setCurrentUrl(this.nextUrl);
+      });
    });
  }

@@ -134,11 +136,11 @@ export default class Store {
    this.nextUrl = url;
  }

-  generateToken = () => {
+  generateToken = (_url) => {
    this.setToken(null);

    return this._api.signer
-      .generateWebProxyAccessToken()
+      .generateWebProxyAccessToken(_url)
      .then((token) => {
        this.setToken(token);
      })
--- a/js/src/views/Web/store.spec.js
+++ b/js/src/views/Web/store.spec.js
@@ -62,15 +62,16 @@ describe('views/Web/Store', () => {
    describe('gotoUrl', () => {
      it('uses the nextUrl when none specified', () => {
        store.setNextUrl('https://parity.io');
-        store.gotoUrl();

-        expect(store.currentUrl).to.equal('https://parity.io');
+        return store.gotoUrl().then(() => {
+          expect(store.currentUrl).to.equal('https://parity.io');
+        });
      });

      it('adds https when no protocol', () => {
-        store.gotoUrl('google.com');
-
-        expect(store.currentUrl).to.equal('https://google.com');
+        return store.gotoUrl('google.com').then(() => {
+          expect(store.currentUrl).to.equal('https://google.com');
+        });
      });
    });

--- a/js/src/views/Web/web.js
+++ b/js/src/views/Web/web.js
@@ -37,7 +37,6 @@ export default class Web extends Component {

  componentDidMount () {
    this.store.gotoUrl(this.props.params.url);
-    return this.store.generateToken();
  }

  componentWillReceiveProps (props) {