[ Index ]

PHP Cross Reference of Joomla 4.2.2 documentation

title

Body

[close]

/media/plg_multifactorauth_webauthn/js/ -> webauthn-es5.js (source)

[Summary view] [Print] [Text view] 

   1  (function () {
   2    'use strict';
   3  
   4    /**
   5     * @package     Joomla.Plugin
   6     * @subpackage  Multifactorauth.webauthn
   7     *
   8     * @copyright   (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
   9     * @license     GNU General Public License version 2 or later; see LICENSE.txt
  10     */
  11    (function (Joomla, document) {
  12      var authData = null;
  13  
  14      var arrayToBase64String = function arrayToBase64String(a) {
  15        return btoa(String.fromCharCode.apply(String, a));
  16      };
  17  
  18      var base64url2base64 = function base64url2base64(input) {
  19        var output = input.replace(/-/g, '+').replace(/_/g, '/');
  20        var pad = output.length % 4;
  21  
  22        if (pad) {
  23          if (pad === 1) {
  24            throw new Error('InvalidLengthError: Input base64url string is the wrong length to determine padding');
  25          }
  26  
  27          output += new Array(5 - pad).join('=');
  28        }
  29  
  30        return output;
  31      };
  32  
  33      var displayError = function displayError(message) {
  34        try {
  35          Joomla.renderMessages({
  36            error: message
  37          });
  38        } catch (e) {
  39          alert(message);
  40        }
  41      };
  42  
  43      var handleError = function handleError(message) {
  44        try {
  45          document.getElementById('plg_multifactorauth_webauthn_validate_button').style.disabled = 'null';
  46        } catch (e) {// Do nothing
  47        }
  48  
  49        displayError(message);
  50      };
  51  
  52      var setUp = function setUp(e) {
  53        e.preventDefault(); // Make sure the browser supports Webauthn
  54  
  55        if (!('credentials' in navigator)) {
  56          displayError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NOTAVAILABLE_HEAD'));
  57          return false;
  58        }
  59  
  60        var rawPKData = document.forms['com-users-method-edit'].querySelectorAll('input[name="pkRequest"]')[0].value;
  61        var publicKey = JSON.parse(atob(rawPKData)); // Convert the public key information to a format usable by the browser's credentials manager
  62  
  63        publicKey.challenge = Uint8Array.from(window.atob(base64url2base64(publicKey.challenge)), function (c) {
  64          return c.charCodeAt(0);
  65        });
  66        publicKey.user.id = Uint8Array.from(window.atob(publicKey.user.id), function (c) {
  67          return c.charCodeAt(0);
  68        });
  69  
  70        if (publicKey.excludeCredentials) {
  71          publicKey.excludeCredentials = publicKey.excludeCredentials.map(function (data) {
  72            data.id = Uint8Array.from(window.atob(base64url2base64(data.id)), function (c) {
  73              return c.charCodeAt(0);
  74            });
  75            return data;
  76          });
  77        } // Ask the browser to prompt the user for their authenticator
  78  
  79  
  80        navigator.credentials.create({
  81          publicKey: publicKey
  82        }).then(function (data) {
  83          var publicKeyCredential = {
  84            id: data.id,
  85            type: data.type,
  86            rawId: arrayToBase64String(new Uint8Array(data.rawId)),
  87            response: {
  88              clientDataJSON: arrayToBase64String(new Uint8Array(data.response.clientDataJSON)),
  89              attestationObject: arrayToBase64String(new Uint8Array(data.response.attestationObject))
  90            }
  91          }; // Store the WebAuthn reply
  92  
  93          document.getElementById('com-users-method-code').value = btoa(JSON.stringify(publicKeyCredential)); // Submit the form
  94  
  95          document.forms['com-users-method-edit'].submit();
  96        }, function (error) {
  97          // An error occurred: timeout, request to provide the authenticator refused, hardware / software
  98          // error...
  99          handleError(error);
 100        });
 101        return false;
 102      };
 103  
 104      var validate = function validate() {
 105        // Make sure the browser supports Webauthn
 106        if (!('credentials' in navigator)) {
 107          displayError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NOTAVAILABLE_HEAD'));
 108          return;
 109        }
 110  
 111        var publicKey = authData;
 112  
 113        if (!publicKey.challenge) {
 114          handleError(Joomla.Text._('PLG_MULTIFACTORAUTH_WEBAUTHN_ERR_NO_STORED_CREDENTIAL'));
 115          return;
 116        }
 117  
 118        publicKey.challenge = Uint8Array.from(window.atob(base64url2base64(publicKey.challenge)), function (c) {
 119          return c.charCodeAt(0);
 120        });
 121  
 122        if (publicKey.allowCredentials) {
 123          publicKey.allowCredentials = publicKey.allowCredentials.map(function (data) {
 124            data.id = Uint8Array.from(window.atob(base64url2base64(data.id)), function (c) {
 125              return c.charCodeAt(0);
 126            });
 127            return data;
 128          });
 129        }
 130  
 131        navigator.credentials.get({
 132          publicKey: publicKey
 133        }).then(function (data) {
 134          var publicKeyCredential = {
 135            id: data.id,
 136            type: data.type,
 137            rawId: arrayToBase64String(new Uint8Array(data.rawId)),
 138            response: {
 139              authenticatorData: arrayToBase64String(new Uint8Array(data.response.authenticatorData)),
 140              clientDataJSON: arrayToBase64String(new Uint8Array(data.response.clientDataJSON)),
 141              signature: arrayToBase64String(new Uint8Array(data.response.signature)),
 142              userHandle: data.response.userHandle ? arrayToBase64String(new Uint8Array(data.response.userHandle)) : null
 143            }
 144          };
 145          document.getElementById('users-mfa-code').value = btoa(JSON.stringify(publicKeyCredential));
 146          document.getElementById('users-mfa-captive-form').submit();
 147        }, function (error) {
 148          // Example: timeout, interaction refused...
 149          handleError(error);
 150        });
 151      };
 152  
 153      var onValidateClick = function onValidateClick(event) {
 154        event.preventDefault();
 155        authData = JSON.parse(window.atob(Joomla.getOptions('com_users.authData')));
 156        document.getElementById('users-mfa-captive-button-submit').style.disabled = 'disabled';
 157        validate();
 158        return false;
 159      };
 160  
 161      document.getElementById('multifactorauth-webauthn-missing').style.display = 'none';
 162  
 163      if (typeof navigator.credentials === 'undefined') {
 164        document.getElementById('multifactorauth-webauthn-missing').style.display = 'block';
 165        document.getElementById('multifactorauth-webauthn-controls').style.display = 'none';
 166      }
 167  
 168      window.addEventListener('DOMContentLoaded', function () {
 169        if (Joomla.getOptions('com_users.pagetype') === 'validate') {
 170          document.getElementById('users-mfa-captive-button-submit').addEventListener('click', onValidateClick);
 171        } else {
 172          document.querySelectorAll('.multifactorauth_webauthn_setup').forEach(function (btn) {
 173            btn.addEventListener('click', setUp);
 174          });
 175        }
 176      });
 177    })(Joomla, document);
 178  
 179  })();

Body

Body

Body

Body


Generated: Wed Sep 7 05:41:13 2022 Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer