Use platform APIs for text encoding and hashing

This commit is contained in:
Quentin Gliech 2022-03-03 15:41:40 +01:00
parent 2086dc8f32
commit ace7ad7065
No known key found for this signature in database
GPG Key ID: 22D62B84552719FC
4 changed files with 13 additions and 7 deletions

View File

@ -29,6 +29,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel {
} = options;
this._request = options.platform.request;
this._encoding = options.platform.encoding;
this._crypto = options.platform.crypto;
this._state = state;
this._code = code;
this._attemptLogin = attemptLogin;
@ -63,6 +64,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel {
clientId: "hydrogen-web",
request: this._request,
encoding: this._encoding,
crypto: this._crypto,
});
const method = new OIDCLoginMethod({oidcApi, nonce, codeVerifier, code, homeserver, startedAt, redirectUri});
const status = await this._attemptLogin(method);

View File

@ -28,6 +28,7 @@ export class StartOIDCLoginViewModel extends ViewModel {
issuer: this._issuer,
request: this.platform.request,
encoding: this.platform.encoding,
crypto: this.platform.crypto,
});
}

View File

@ -135,6 +135,7 @@ export class Client {
clientId: "hydrogen-web",
request: this._platform.request,
encoding: this._platform.encoding,
crypto: this._platform.crypto,
});
await oidcApi.validate();
@ -265,6 +266,7 @@ export class Client {
clientId: "hydrogen-web",
request: this._platform.request,
encoding: this._platform.encoding,
crypto: this._platform.crypto,
});
// TODO: stop/pause the refresher?

View File

@ -54,14 +54,16 @@ export class OidcApi {
_issuer: string;
_clientId: string;
_requestFn: any;
_base64: any;
_encoding: any;
_crypto: any;
_metadataPromise: Promise<any>;
constructor({ issuer, clientId, request, encoding }) {
constructor({ issuer, clientId, request, encoding, crypto }) {
this._issuer = issuer;
this._clientId = clientId;
this._requestFn = request;
this._base64 = encoding.base64;
this._encoding = encoding;
this._crypto = crypto;
}
get metadataUrl() {
@ -110,10 +112,9 @@ export class OidcApi {
async _generateCodeChallenge(
codeVerifier: string
): Promise<string> {
const encoder = new TextEncoder();
const data = encoder.encode(codeVerifier);
const digest = await window.crypto.subtle.digest("SHA-256", data);
const base64Digest = this._base64.encode(digest);
const data = this._encoding.utf8.encode(codeVerifier);
const digest = await this._crypto.digest("SHA-256", data);
const base64Digest = this._encoding.base64.encode(digest);
return base64Digest.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
}