From ace7ad706541194128757d663ee6d1336ca591ab Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Thu, 3 Mar 2022 15:41:40 +0100 Subject: [PATCH] Use platform APIs for text encoding and hashing --- src/domain/login/CompleteOIDCLoginViewModel.js | 2 ++ src/domain/login/StartOIDCLoginViewModel.js | 1 + src/matrix/Client.js | 2 ++ src/matrix/net/OidcApi.ts | 15 ++++++++------- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/src/domain/login/CompleteOIDCLoginViewModel.js b/src/domain/login/CompleteOIDCLoginViewModel.js index f3a9c441..ca65c7c7 100644 --- a/src/domain/login/CompleteOIDCLoginViewModel.js +++ b/src/domain/login/CompleteOIDCLoginViewModel.js @@ -29,6 +29,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel { } = options; this._request = options.platform.request; this._encoding = options.platform.encoding; + this._crypto = options.platform.crypto; this._state = state; this._code = code; this._attemptLogin = attemptLogin; @@ -63,6 +64,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel { clientId: "hydrogen-web", request: this._request, encoding: this._encoding, + crypto: this._crypto, }); const method = new OIDCLoginMethod({oidcApi, nonce, codeVerifier, code, homeserver, startedAt, redirectUri}); const status = await this._attemptLogin(method); diff --git a/src/domain/login/StartOIDCLoginViewModel.js b/src/domain/login/StartOIDCLoginViewModel.js index 89600d58..a06b764f 100644 --- a/src/domain/login/StartOIDCLoginViewModel.js +++ b/src/domain/login/StartOIDCLoginViewModel.js @@ -28,6 +28,7 @@ export class StartOIDCLoginViewModel extends ViewModel { issuer: this._issuer, request: this.platform.request, encoding: this.platform.encoding, + crypto: this.platform.crypto, }); } diff --git a/src/matrix/Client.js b/src/matrix/Client.js index 0eb380e5..7d0d87a0 100644 --- a/src/matrix/Client.js +++ b/src/matrix/Client.js @@ -135,6 +135,7 @@ export class Client { clientId: "hydrogen-web", request: this._platform.request, encoding: this._platform.encoding, + crypto: this._platform.crypto, }); await oidcApi.validate(); @@ -265,6 +266,7 @@ export class Client { clientId: "hydrogen-web", request: this._platform.request, encoding: this._platform.encoding, + crypto: this._platform.crypto, }); // TODO: stop/pause the refresher? diff --git a/src/matrix/net/OidcApi.ts b/src/matrix/net/OidcApi.ts index 3dfe4cdd..f7c08dca 100644 --- a/src/matrix/net/OidcApi.ts +++ b/src/matrix/net/OidcApi.ts @@ -54,14 +54,16 @@ export class OidcApi { _issuer: string; _clientId: string; _requestFn: any; - _base64: any; + _encoding: any; + _crypto: any; _metadataPromise: Promise; - constructor({ issuer, clientId, request, encoding }) { + constructor({ issuer, clientId, request, encoding, crypto }) { this._issuer = issuer; this._clientId = clientId; this._requestFn = request; - this._base64 = encoding.base64; + this._encoding = encoding; + this._crypto = crypto; } get metadataUrl() { @@ -110,10 +112,9 @@ export class OidcApi { async _generateCodeChallenge( codeVerifier: string ): Promise { - const encoder = new TextEncoder(); - const data = encoder.encode(codeVerifier); - const digest = await window.crypto.subtle.digest("SHA-256", data); - const base64Digest = this._base64.encode(digest); + const data = this._encoding.utf8.encode(codeVerifier); + const digest = await this._crypto.digest("SHA-256", data); + const base64Digest = this._encoding.base64.encode(digest); return base64Digest.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); }