MAJOR: Updates for Authenticated Web UI and CLI #30
@ -24,7 +24,7 @@ var recase = require('recase').create({});
|
||||
var camelCopy = recase.camelCopy.bind(recase);
|
||||
//var snakeCopy = recase.snakeCopy.bind(recase);
|
||||
|
||||
var urequest = require('@coolaj86/urequest');
|
||||
var urequest = require('@root/request');
|
||||
var urequestAsync = require('util').promisify(urequest);
|
||||
var common = require('../lib/cli-common.js');
|
||||
|
||||
@ -673,7 +673,11 @@ function parseConfig(err, text) {
|
||||
// Create / retrieve account (sign-in, more or less)
|
||||
// TODO hit directory resource /.well-known/openid-configuration -> acme_uri (?)
|
||||
// Occassionally rotate the key just for the sake of testing the key rotation
|
||||
return urequestAsync({ method: 'HEAD', url: RC.resolve('/acme/new-nonce') }).then(function (resp) {
|
||||
return urequestAsync({
|
||||
method: 'HEAD'
|
||||
, url: RC.resolve('/acme/new-nonce')
|
||||
, headers: { "User-Agent": 'Telebit/' + pkg.version }
|
||||
}).then(function (resp) {
|
||||
var nonce = resp.headers['replay-nonce'];
|
||||
var newAccountUrl = RC.resolve('/acme/new-acct');
|
||||
return keypairs.signJws({
|
||||
@ -695,7 +699,10 @@ function parseConfig(err, text) {
|
||||
url: newAccountUrl
|
||||
, method: 'POST'
|
||||
, json: jws // TODO default to post when body is present
|
||||
, headers: { "Content-Type": 'application/jose+json' }
|
||||
, headers: {
|
||||
"Content-Type": 'application/jose+json'
|
||||
, "User-Agent": 'Telebit/' + pkg.version
|
||||
}
|
||||
}).then(function (resp) {
|
||||
//nonce = resp.headers['replay-nonce'];
|
||||
if (!resp.body || 'valid' !== resp.body.status) {
|
||||
|
||||
@ -17,7 +17,7 @@ var path = require('path');
|
||||
var os = require('os');
|
||||
var fs = require('fs');
|
||||
var fsp = fs.promises;
|
||||
var urequest = require('@coolaj86/urequest');
|
||||
var urequest = require('@root/request');
|
||||
var urequestAsync = require('util').promisify(urequest);
|
||||
var common = require('../lib/cli-common.js');
|
||||
var http = require('http');
|
||||
@ -489,6 +489,7 @@ controllers.newAccount = function (req, res) {
|
||||
account.thumb = thumb;
|
||||
account.pub = jwk;
|
||||
account.contact = req.body.contact;
|
||||
account.useragent = req.headers["user-agent"];
|
||||
DB.accounts.push(account);
|
||||
state.config.accounts = DB.accounts;
|
||||
saveConfig(function () {});
|
||||
@ -618,18 +619,36 @@ function jwsEggspress(req, res, next) {
|
||||
req.body = JSON.parse(req.body);
|
||||
}
|
||||
|
||||
// Check if this is a key we already trust
|
||||
var ua = req.headers['user-agent'];
|
||||
var vjwk;
|
||||
var pubs;
|
||||
// Check if this is a key we already trust
|
||||
DB.pubs.some(function (jwk) {
|
||||
if (jwk.kid === req.jws.header.kid) {
|
||||
vjwk = jwk;
|
||||
}
|
||||
});
|
||||
|
||||
// Check for CLI or Browser User-Agent
|
||||
// (both should connect as part of setup)
|
||||
if (/Telebit/i.test(ua) && !/Mozilla/i.test(ua)) {
|
||||
pubs = DB.pubs.filter(function (jwk) {
|
||||
if (/Telebit/i.test(jwk.useragent) && !/Mozilla/i.test(jwk.useragent)) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
} else {
|
||||
pubs = DB.pubs.filter(function (jwk) {
|
||||
if (!/Telebit/i.test(jwk.useragent) || /Mozilla/i.test(jwk.useragent)) {
|
||||
return true;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// Check if there aren't any keys that we trust
|
||||
// and this has signed itself, then make it a key we trust
|
||||
// (TODO: move this all to the new account function)
|
||||
if ((0 === DB.pubs.length && req.jws.header.jwk)) {
|
||||
if ((0 === pubs.length && req.jws.header.jwk)) {
|
||||
vjwk = req.jws.header.jwk;
|
||||
if (!vjwk.kid) { throw Error("Impossible: no key id"); }
|
||||
}
|
||||
@ -642,15 +661,16 @@ function jwsEggspress(req, res, next) {
|
||||
|
||||
// Run the verification
|
||||
return verifyJws(vjwk, req.jws).then(function (verified) {
|
||||
if (true !== verified) {
|
||||
return;
|
||||
}
|
||||
if (true !== verified) { return; }
|
||||
|
||||
// Mark as verified
|
||||
req.jws.verified = verified;
|
||||
vjwk.useragent = ua;
|
||||
|
||||
// (double check) DO NOT save if there are existing pubs
|
||||
if (0 !== DB.pubs.length) { return; }
|
||||
if (0 !== pubs.length) { return; }
|
||||
|
||||
DB.pubs.push(vjwk);
|
||||
return keystore.set(vjwk.kid + PUBEXT, vjwk);
|
||||
}).then(function () {
|
||||
next();
|
||||
|
||||
@ -227,6 +227,7 @@ ssh -o ProxyCommand="$proxy_cmd" hot-skunk-45.telebit.io</code></pre>
|
||||
</div>
|
||||
|
||||
<script src="/js/vue.js"></script>
|
||||
<script src="/js/bluecrypt-acme.js"></script>
|
||||
<script src="/js/telebit.js"></script>
|
||||
<script src="/js/telebit-token.js"></script>
|
||||
<script src="/js/app.js"></script>
|
||||
|
||||
2828
lib/admin/js/bluecrypt-acme.js
Normal file
2828
lib/admin/js/bluecrypt-acme.js
Normal file
File diff suppressed because it is too large
Load Diff
@ -78,8 +78,8 @@ if ('undefined' !== typeof fetch) {
|
||||
});
|
||||
};
|
||||
} else {
|
||||
common.requestAsync = require('util').promisify(require('@coolaj86/urequest'));
|
||||
common.reqLocalAsync = require('util').promisify(require('@coolaj86/urequest'));
|
||||
common.requestAsync = require('util').promisify(require('@root/request'));
|
||||
common.reqLocalAsync = require('util').promisify(require('@root/request'));
|
||||
}
|
||||
|
||||
common.parseUrl = function (hostname) {
|
||||
|
||||
@ -9,7 +9,7 @@ var fs = require('fs');
|
||||
var mkdirp = require('mkdirp');
|
||||
var os = require('os');
|
||||
var homedir = os.homedir();
|
||||
var urequest = require('@coolaj86/urequest');
|
||||
var urequest = require('@root/request');
|
||||
|
||||
common._NOTIFICATIONS = {
|
||||
'newsletter': [ 'newsletter', 'communityMember' ]
|
||||
|
||||
37
package-lock.json
generated
37
package-lock.json
generated
@ -9,6 +9,11 @@
|
||||
"resolved": "https://registry.npmjs.org/@coolaj86/urequest/-/urequest-1.3.6.tgz",
|
||||
"integrity": "sha512-9rBXLFSb5D19opGeXdD/WuiFJsA4Pk2r8VUGEAeUZUxB1a2zB47K85BKAx3Gy9i4nZwg22ejlJA+q9DVrpQlbA=="
|
||||
},
|
||||
"@root/request": {
|
||||
"version": "1.3.10",
|
||||
"resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.10.tgz",
|
||||
"integrity": "sha512-GSn8dfsGp0juJyXS9k7B/DjYm7Axe85wiCHfPs30eQ+/V6p2aqey45e1czb3ZwP+iPmzWCKXahhWnZhSDIil6w=="
|
||||
},
|
||||
"accepts": {
|
||||
"version": "1.3.5",
|
||||
"resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.5.tgz",
|
||||
@ -38,7 +43,8 @@
|
||||
"ansi-regex": {
|
||||
"version": "2.1.1",
|
||||
"resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz",
|
||||
"integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
|
||||
"integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=",
|
||||
"optional": true
|
||||
},
|
||||
"aproba": {
|
||||
"version": "1.2.0",
|
||||
@ -136,12 +142,14 @@
|
||||
"code-point-at": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz",
|
||||
"integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c="
|
||||
"integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=",
|
||||
"optional": true
|
||||
},
|
||||
"console-control-strings": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
|
||||
"integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4="
|
||||
"integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=",
|
||||
"optional": true
|
||||
},
|
||||
"core-util-is": {
|
||||
"version": "1.0.2",
|
||||
@ -233,6 +241,7 @@
|
||||
"version": "1.4.1",
|
||||
"resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.1.tgz",
|
||||
"integrity": "sha512-1MkrZNvWTKCaigbn+W15elq2BB/L22nqrSY5DKlo3X6+vclJm8Bb5djXJBmEX6fS3+zCh/F4VBK5Z2KxJt4s2Q==",
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"once": "^1.4.0"
|
||||
}
|
||||
@ -243,9 +252,9 @@
|
||||
"integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
|
||||
},
|
||||
"esprima": {
|
||||
"version": "4.0.0",
|
||||
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.0.tgz",
|
||||
"integrity": "sha512-oftTcaMu/EGrEIu904mWteKIv8vMuOgGYo7EhVJJN00R/EED9DCua/xxHRdYnKtcECzVg7xOWhflvJMnqcFZjw=="
|
||||
"version": "4.0.1",
|
||||
"resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
|
||||
"integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A=="
|
||||
},
|
||||
"etag": {
|
||||
"version": "1.8.1",
|
||||
@ -396,6 +405,7 @@
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz",
|
||||
"integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"number-is-nan": "^1.0.0"
|
||||
}
|
||||
@ -411,9 +421,9 @@
|
||||
"integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
|
||||
},
|
||||
"js-yaml": {
|
||||
"version": "3.12.0",
|
||||
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.12.0.tgz",
|
||||
"integrity": "sha512-PIt2cnwmPfL4hKNwqeiuz4bKfnzHTBv6HyVgjahA6mPLwPDzjDWrplJBMjHUFxku/N3FlmrbyPclad+I+4mJ3A==",
|
||||
"version": "3.13.1",
|
||||
"resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz",
|
||||
"integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==",
|
||||
"requires": {
|
||||
"argparse": "^1.0.7",
|
||||
"esprima": "^4.0.0"
|
||||
@ -602,7 +612,8 @@
|
||||
"number-is-nan": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
|
||||
"integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
|
||||
"integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=",
|
||||
"optional": true
|
||||
},
|
||||
"object-assign": {
|
||||
"version": "4.1.1",
|
||||
@ -621,6 +632,7 @@
|
||||
"version": "1.4.0",
|
||||
"resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
|
||||
"integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"wrappy": "1"
|
||||
}
|
||||
@ -954,6 +966,7 @@
|
||||
"version": "1.0.2",
|
||||
"resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
|
||||
"integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"code-point-at": "^1.0.0",
|
||||
"is-fullwidth-code-point": "^1.0.0",
|
||||
@ -972,6 +985,7 @@
|
||||
"version": "3.0.1",
|
||||
"resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
|
||||
"integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
|
||||
"optional": true,
|
||||
"requires": {
|
||||
"ansi-regex": "^2.0.0"
|
||||
}
|
||||
@ -1105,7 +1119,8 @@
|
||||
"wrappy": {
|
||||
"version": "1.0.2",
|
||||
"resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
|
||||
"integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
|
||||
"integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=",
|
||||
"optional": true
|
||||
},
|
||||
"ws": {
|
||||
"version": "6.0.0",
|
||||
|
||||
@ -53,10 +53,10 @@
|
||||
},
|
||||
"homepage": "https://git.coolaj86.com/coolaj86/telebit.js#readme",
|
||||
"dependencies": {
|
||||
"@coolaj86/urequest": "^1.3.5",
|
||||
"@root/request": "^1.3.10",
|
||||
"finalhandler": "^1.1.1",
|
||||
"greenlock": "^2.6.7",
|
||||
"js-yaml": "^3.11.0",
|
||||
"js-yaml": "^3.13.1",
|
||||
"keyfetch": "^1.1.8",
|
||||
"keypairs": "^1.2.14",
|
||||
"mkdirp": "^0.5.1",
|
||||
|
||||
@ -5,7 +5,7 @@ var pin = Math.round(Math.random() * 999999).toString().padStart(6, '0'); // '32
|
||||
|
||||
console.log('Pair Code:', pin);
|
||||
|
||||
var urequest = require('@coolaj86/urequest');
|
||||
var urequest = require('@root/request');
|
||||
var req = {
|
||||
url: 'https://api.telebit.ppl.family/api/telebit.cloud/pair_request'
|
||||
, method: 'POST'
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
var stateUrl = 'https://api.telebit.ppl.family/api/telebit.cloud/pair_state/bca27428719e9c67805359f1';
|
||||
|
||||
var urequest = require('@coolaj86/urequest');
|
||||
var urequest = require('@root/request');
|
||||
var req = {
|
||||
url: stateUrl
|
||||
, method: 'GET'
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user