UI redirect to 127.0.0.1 when localhost requested (#7236)

* JS redirect from localhost -> 127.0.0.1

* ui-no-validation for 127.0.0.1

* Update with tests

js/src/util/host.js

@@ -0,0 +1,40 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+export function createLocation (token, location = window.location) {
+  const { hash, port, protocol } = location;
+  let query = '';
+
+  if (hash && hash.indexOf('?') !== -1) {
+    // TODO: currently no app uses query-params visible in the shell, this may need adjustment if they do
+    query = hash;
+  } else {
+    query = `${hash || '#/'}${token ? '?token=' : ''}${token || ''}`;
+  }
+
+  return `${protocol}//127.0.0.1:${port}/${query}`;
+}
+
+export function redirectLocalhost (token) {
+  // we don't want localhost, rather we want 127.0.0.1
+  if (window.location.hostname !== 'localhost') {
+    return false;
+  }
+
+  window.location.assign(createLocation(token, window.location));
+
+  return true;
+}

js/src/util/host.spec.js

@@ -0,0 +1,49 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import { createLocation } from './host';
+
+describe('createLocation', () => {
+  it('only changes the host with no token', () => {
+    expect(
+      createLocation('', { protocol: 'http:', port: 3000, hostname: 'localhost' })
+    ).to.equal('http://127.0.0.1:3000/#/');
+  });
+
+  it('preserves hash when changing the host', () => {
+    expect(
+      createLocation('', { protocol: 'http:', port: 3000, hostname: 'localhost', hash: '#/accounts' })
+    ).to.equal('http://127.0.0.1:3000/#/accounts');
+  });
+
+  it('adds the token when required', () => {
+    expect(
+      createLocation('test', { protocol: 'http:', port: 3000, hostname: 'localhost' })
+    ).to.equal('http://127.0.0.1:3000/#/?token=test');
+  });
+
+  it('preserves hash when token adjusted', () => {
+    expect(
+      createLocation('test', { protocol: 'http:', port: 3000, hostname: 'localhost', hash: '#/accounts' })
+    ).to.equal('http://127.0.0.1:3000/#/accounts?token=test');
+  });
+
+  it('does not override already-passed parameters', () => {
+    expect(
+      createLocation('test', { protocol: 'http:', port: 3000, hostname: 'localhost', hash: '#/accounts?token=abc' })
+    ).to.equal('http://127.0.0.1:3000/#/accounts?token=abc');
+  });
+});

js/src/util/token.js

@@ -0,0 +1,54 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import qs from 'querystring';
+import store from 'store';
+
+const TOKEN_QS = 'token=';
+
+function parseTokenQuery (query) {
+  try {
+    return qs.parse(query).token;
+  } catch (error) {
+    return null;
+  }
+}
+
+export function retrieveToken (location = window.location) {
+  const hashIndex = location.hash
+    ? location.hash.indexOf(TOKEN_QS)
+    : -1;
+  const searchIndex = location.search
+    ? location.search.indexOf(TOKEN_QS)
+    : -1;
+
+  let token = null;
+
+  if (hashIndex !== -1) {
+    // extract from hash (e.g. http://127.0.0.1:8180/#/auth?token=...)
+    token = parseTokenQuery(location.hash.substr(hashIndex));
+  } else if (searchIndex !== -1) {
+    // extract from query (e.g. http://127.0.0.1:3000/?token=...)
+    token = parseTokenQuery(location.search);
+  }
+
+  if (!token) {
+    // we don't have a token, attempt from localStorage
+    token = store.get('sysuiToken');
+  }
+
+  return token;
+}

js/src/util/token.spec.js

@@ -0,0 +1,55 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import { retrieveToken } from './token';
+
+describe('retrieveToken', () => {
+  it('returns nothing when not found in hash, search or localStorage', () => {
+    expect(retrieveToken()).not.to.be.ok;
+  });
+
+  describe('localStorage', () => {
+    beforeEach(() => {
+      localStorage.setItem('sysuiToken', 'yQls-7TX1-t0Jb-0001');
+    });
+
+    afterEach(() => {
+      localStorage.removeItem('sysuiToken');
+    });
+
+    it('retrieves the token', () => {
+      expect(retrieveToken()).to.equal('yQls-7TX1-t0Jb-0001');
+    });
+  });
+
+  describe('URL', () => {
+    it('retrieves the token from search', () => {
+      expect(
+        retrieveToken({
+          search: 'token=yQls-7TX1-t0Jb-0002'
+        })
+      ).to.equal('yQls-7TX1-t0Jb-0002');
+    });
+
+    it('retrieves the token from hash', () => {
+      expect(
+        retrieveToken({
+          hash: '#/auth?token=yQls-7TX1-t0Jb-0003'
+        })
+      ).to.equal('yQls-7TX1-t0Jb-0003');
+    });
+  });
+});