[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 (function () { 2 'use strict'; 3 4 /** 5 * @package Joomla.Plugin 6 * @subpackage Multifactorauth.webauthn 7 * 8 * @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org> 9 * @license GNU General Public License version 2 or later; see LICENSE.txt 10 */ 11 (function (Joomla, document) { 12 var authData = null; 13 14 var arrayToBase64String = function arrayToBase64String(a) { 15 return btoa(String.fromCharCode.apply(String, a)); 16 }; 17 18 var base64url2base64 = function base64url2base64(input) { 19 var output = input.replace(/-/g, '+').replace(/_/g, '/'); 20 var pad = output.length % 4; 21 22 if (pad) { 23 if (pad === 1) { 24 throw new Error('InvalidLengthError: Input base64url string is the wrong length to determine padding'); 25 } 26 27 output += new Array(5 - pad).join('='); 28 } 29 30 return output; 31 }; 32 33 var displayError = function displayError(message) { 34 try { 35 Joomla.renderMessages({ 36 error: message 37 }); 38 } catch (e) { 39 alert(message); 40 } 41 }; 42 43 var handleError = function handleError(message) { 44 try { 45 document.getElementById('plg_multifactorauth_webauthn_validate_button').style.disabled = 'null'; 46 } catch (e) {// Do nothing 47 } 48 49 displayError(message); 50 }; 51 52 var setUp = function setUp(e) { 53 e.preventDefault(); // Make sure the browser supports Webauthn 54 55 if (!('credentials' in navigator)) { 56 displayError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NOTAVAILABLE_HEAD')); 57 return false; 58 } 59 60 var rawPKData = document.forms['com-users-method-edit'].querySelectorAll('input[name="pkRequest"]')[0].value; 61 var publicKey = JSON.parse(atob(rawPKData)); // Convert the public key information to a format usable by the browser's credentials manager 62 63 publicKey.challenge = Uint8Array.from(window.atob(base64url2base64(publicKey.challenge)), function (c) { 64 return c.charCodeAt(0); 65 }); 66 publicKey.user.id = Uint8Array.from(window.atob(publicKey.user.id), function (c) { 67 return c.charCodeAt(0); 68 }); 69 70 if (publicKey.excludeCredentials) { 71 publicKey.excludeCredentials = publicKey.excludeCredentials.map(function (data) { 72 data.id = Uint8Array.from(window.atob(base64url2base64(data.id)), function (c) { 73 return c.charCodeAt(0); 74 }); 75 return data; 76 }); 77 } // Ask the browser to prompt the user for their authenticator 78 79 80 navigator.credentials.create({ 81 publicKey: publicKey 82 }).then(function (data) { 83 var publicKeyCredential = { 84 id: data.id, 85 type: data.type, 86 rawId: arrayToBase64String(new Uint8Array(data.rawId)), 87 response: { 88 clientDataJSON: arrayToBase64String(new Uint8Array(data.response.clientDataJSON)), 89 attestationObject: arrayToBase64String(new Uint8Array(data.response.attestationObject)) 90 } 91 }; // Store the WebAuthn reply 92 93 document.getElementById('com-users-method-code').value = btoa(JSON.stringify(publicKeyCredential)); // Submit the form 94 95 document.forms['com-users-method-edit'].submit(); 96 }, function (error) { 97 // An error occurred: timeout, request to provide the authenticator refused, hardware / software 98 // error... 99 handleError(error); 100 }); 101 return false; 102 }; 103 104 var validate = function validate() { 105 // Make sure the browser supports Webauthn 106 if (!('credentials' in navigator)) { 107 displayError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NOTAVAILABLE_HEAD')); 108 return; 109 } 110 111 var publicKey = authData; 112 113 if (!publicKey.challenge) { 114 handleError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NO_STORED_CREDENTIAL')); 115 return; 116 } 117 118 publicKey.challenge = Uint8Array.from(window.atob(base64url2base64(publicKey.challenge)), function (c) { 119 return c.charCodeAt(0); 120 }); 121 122 if (publicKey.allowCredentials) { 123 publicKey.allowCredentials = publicKey.allowCredentials.map(function (data) { 124 data.id = Uint8Array.from(window.atob(base64url2base64(data.id)), function (c) { 125 return c.charCodeAt(0); 126 }); 127 return data; 128 }); 129 } 130 131 navigator.credentials.get({ 132 publicKey: publicKey 133 }).then(function (data) { 134 var publicKeyCredential = { 135 id: data.id, 136 type: data.type, 137 rawId: arrayToBase64String(new Uint8Array(data.rawId)), 138 response: { 139 authenticatorData: arrayToBase64String(new Uint8Array(data.response.authenticatorData)), 140 clientDataJSON: arrayToBase64String(new Uint8Array(data.response.clientDataJSON)), 141 signature: arrayToBase64String(new Uint8Array(data.response.signature)), 142 userHandle: data.response.userHandle ? arrayToBase64String(new Uint8Array(data.response.userHandle)) : null 143 } 144 }; 145 document.getElementById('users-mfa-code').value = btoa(JSON.stringify(publicKeyCredential)); 146 document.getElementById('users-mfa-captive-form').submit(); 147 }, function (error) { 148 // Example: timeout, interaction refused... 149 handleError(error); 150 }); 151 }; 152 153 var onValidateClick = function onValidateClick(event) { 154 event.preventDefault(); 155 authData = JSON.parse(window.atob(Joomla.getOptions('com_users.authData'))); 156 document.getElementById('users-mfa-captive-button-submit').style.disabled = 'disabled'; 157 validate(); 158 return false; 159 }; 160 161 document.getElementById('multifactorauth-webauthn-missing').style.display = 'none'; 162 163 if (typeof navigator.credentials === 'undefined') { 164 document.getElementById('multifactorauth-webauthn-missing').style.display = 'block'; 165 document.getElementById('multifactorauth-webauthn-controls').style.display = 'none'; 166 } 167 168 window.addEventListener('DOMContentLoaded', function () { 169 if (Joomla.getOptions('com_users.pagetype') === 'validate') { 170 document.getElementById('users-mfa-captive-button-submit').addEventListener('click', onValidateClick); 171 } else { 172 document.querySelectorAll('.multifactorauth_webauthn_setup').forEach(function (btn) { 173 btn.addEventListener('click', setUp); 174 }); 175 } 176 }); 177 })(Joomla, document); 178 179 })();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |