Use platform APIs for text encoding and hashing

This commit is contained in:
Quentin Gliech 2022-03-03 15:41:40 +01:00
parent 8fbff2fd07
commit d5b5c371b4
No known key found for this signature in database
GPG Key ID: 22D62B84552719FC
4 changed files with 13 additions and 7 deletions

View File

@ -29,6 +29,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel {
} = options; } = options;
this._request = options.platform.request; this._request = options.platform.request;
this._encoding = options.platform.encoding; this._encoding = options.platform.encoding;
this._crypto = options.platform.crypto;
this._state = state; this._state = state;
this._code = code; this._code = code;
this._attemptLogin = attemptLogin; this._attemptLogin = attemptLogin;
@ -63,6 +64,7 @@ export class CompleteOIDCLoginViewModel extends ViewModel {
clientId: "hydrogen-web", clientId: "hydrogen-web",
request: this._request, request: this._request,
encoding: this._encoding, encoding: this._encoding,
crypto: this._crypto,
}); });
const method = new OIDCLoginMethod({oidcApi, nonce, codeVerifier, code, homeserver, startedAt, redirectUri}); const method = new OIDCLoginMethod({oidcApi, nonce, codeVerifier, code, homeserver, startedAt, redirectUri});
const status = await this._attemptLogin(method); const status = await this._attemptLogin(method);

View File

@ -28,6 +28,7 @@ export class StartOIDCLoginViewModel extends ViewModel {
issuer: this._issuer, issuer: this._issuer,
request: this.platform.request, request: this.platform.request,
encoding: this.platform.encoding, encoding: this.platform.encoding,
crypto: this.platform.crypto,
}); });
} }

View File

@ -137,6 +137,7 @@ export class Client {
clientId: "hydrogen-web", clientId: "hydrogen-web",
request: this._platform.request, request: this._platform.request,
encoding: this._platform.encoding, encoding: this._platform.encoding,
crypto: this._platform.crypto,
}); });
await oidcApi.validate(); await oidcApi.validate();
@ -267,6 +268,7 @@ export class Client {
clientId: "hydrogen-web", clientId: "hydrogen-web",
request: this._platform.request, request: this._platform.request,
encoding: this._platform.encoding, encoding: this._platform.encoding,
crypto: this._platform.crypto,
}); });
// TODO: stop/pause the refresher? // TODO: stop/pause the refresher?

View File

@ -54,14 +54,16 @@ export class OidcApi {
_issuer: string; _issuer: string;
_clientId: string; _clientId: string;
_requestFn: any; _requestFn: any;
_base64: any; _encoding: any;
_crypto: any;
_metadataPromise: Promise<any>; _metadataPromise: Promise<any>;
constructor({ issuer, clientId, request, encoding }) { constructor({ issuer, clientId, request, encoding, crypto }) {
this._issuer = issuer; this._issuer = issuer;
this._clientId = clientId; this._clientId = clientId;
this._requestFn = request; this._requestFn = request;
this._base64 = encoding.base64; this._encoding = encoding;
this._crypto = crypto;
} }
get metadataUrl() { get metadataUrl() {
@ -110,10 +112,9 @@ export class OidcApi {
async _generateCodeChallenge( async _generateCodeChallenge(
codeVerifier: string codeVerifier: string
): Promise<string> { ): Promise<string> {
const encoder = new TextEncoder(); const data = this._encoding.utf8.encode(codeVerifier);
const data = encoder.encode(codeVerifier); const digest = await this._crypto.digest("SHA-256", data);
const digest = await window.crypto.subtle.digest("SHA-256", data); const base64Digest = this._encoding.base64.encode(digest);
const base64Digest = this._base64.encode(digest);
return base64Digest.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); return base64Digest.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
} }