darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-06 11:23:48 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
6a21915ceee653b6bb81515b238c86207ef28d1f
notifications-admin/app/assets/javascripts/authenticateSecurityKey.js
Leo Hemsted 6a21915cee add webauthn authentication js tests 
notably i had to change `window.location = foo` to
`window.location.assign` so that i could have something to spy on with
jest. mocking sucks. Otherwise this is pretty similar to the
registerSecurityKey.test.js file.
2021-06-02 12:06:09 +01:00

64 lines
2.2 KiB
JavaScript
Raw Blame History

(function (window) {
"use strict";
window.GOVUK.Modules.AuthenticateSecurityKey = function () {
this.start = function (component) {
$(component)
.on('click', function (event) {
event.preventDefault();
fetch('/webauthn/authenticate')
.then(response => {
if (!response.ok) {
throw Error(response.statusText);
}
return response.arrayBuffer();
})
.then(data => {
var options = window.CBOR.decode(data);
// triggers browser dialogue to login with authenticator
return window.navigator.credentials.get(options);
})
.then(credential => {
return fetch('/webauthn/authenticate', {
method: 'POST',
headers: { 'X-CSRFToken': component.data('csrfToken') },
body: window.CBOR.encode({
credentialId: new Uint8Array(credential.rawId),
authenticatorData: new Uint8Array(credential.response.authenticatorData),
signature: new Uint8Array(credential.response.signature),
clientDataJSON: new Uint8Array(credential.response.clientDataJSON),
})
});
})
.then(response => {
if (response.status === 403) {
// flask will have `flash`ed an error message up
window.location.reload();
return;
}
return response.arrayBuffer()
.then(cbor => {
return Promise.resolve(window.CBOR.decode(cbor));
})
.catch(() => {
throw Error(response.statusText);
})
.then(data => {
window.location.assign(data.redirect_url);
});
})
.catch(error => {
console.error(error);
// some browsers will show an error dialogue for some
// errors; to be safe we always pop up an alert
var message = error.message || error;
alert('Error during authentication.\n\n' + message);
});
});
};
};
}) (window);
Reference in New Issue View Git Blame Copy Permalink