Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-25 16:59:17 +01:00
Code Issues Projects Releases Wiki Activity

Added refresh token check for each API call. refactored logout messaging from authService

Browse Source
This commit is contained in:
Kyle Spearrin 2017-01-19 00:21:20 -05:00
parent 0b63eb58ba
commit 0bd77352b0
8 changed files with 159 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/background.js
View File

@ -34,7 +34,7 @@ var loadMenuRan = false,
autofillTimeout = null; autofillTimeout = null;
chrome.runtime.onMessage.addListener(function (msg, sender, sendResponse) { chrome.runtime.onMessage.addListener(function (msg, sender, sendResponse) {
if (msg.command === 'loggedOut' || msg.command === 'loggedIn' || msg.command === 'unlocked' || msg.command === 'locked') { if (msg.command === 'loggedIn' || msg.command === 'unlocked' || msg.command === 'locked') {
if (loadMenuRan) { if (loadMenuRan) {
return; return;
} }
@ -43,6 +43,17 @@ chrome.runtime.onMessage.addListener(function (msg, sender, sendResponse) {
setIcon(); setIcon();
refreshBadgeAndMenu(); refreshBadgeAndMenu();
} }
else if (msg.command === 'logout') {
logout(msg.expired, function () {
if (loadMenuRan) {
return;
}
loadMenuRan = true;
setIcon();
refreshBadgeAndMenu();
});
}
else if (msg.command === 'syncCompleted' && msg.successfully) { else if (msg.command === 'syncCompleted' && msg.successfully) {
if (loadMenuRan) { if (loadMenuRan) {
return; return;
@ -584,6 +595,30 @@ function loadContextMenuOptions(title, idSuffix, login) {
} }
} }
// TODO: Fix callback hell by moving to promises
function logout(expired, callback) {
userService.getUserId(function (userId) {
syncService.setLastSync(new Date(0), function () {
settingsService.clear(function () {
tokenService.clearToken(function () {
cryptoService.clearKey(function () {
cryptoService.clearKeyHash(function () {
userService.clearUserIdAndEmail(function () {
loginService.clear(userId, function () {
folderService.clear(userId, function () {
chrome.runtime.sendMessage({ command: 'doneLoggingOut', expired: expired });
callback();
});
});
});
});
});
});
});
});
});
}
function copyToClipboard(text) { function copyToClipboard(text) {
if (window.clipboardData && window.clipboardData.setData) { if (window.clipboardData && window.clipboardData.setData) {
// IE specific code path to prevent textarea being shown while dialog is visible. // IE specific code path to prevent textarea being shown while dialog is visible.

6
src/popup/app/config.js
View File

@ -190,7 +190,7 @@
params: { animation: null } params: { animation: null }
}); });
}) })
.run(function ($rootScope, userService, authService, cryptoService, tokenService, $state, constantsService, stateService) { .run(function ($rootScope, userService, cryptoService, tokenService, $state, constantsService, stateService) {
$rootScope.$on('$stateChangeStart', function (event, toState, toParams) { $rootScope.$on('$stateChangeStart', function (event, toState, toParams) {
if ($state.current.name.indexOf('tabs.') > -1 && toState.name.indexOf('tabs.') > -1) { if ($state.current.name.indexOf('tabs.') > -1 && toState.name.indexOf('tabs.') > -1) {
stateService.purgeState(); stateService.purgeState();
@ -220,9 +220,7 @@
if (!isAuthenticated || tokenService.isTokenExpired()) { if (!isAuthenticated || tokenService.isTokenExpired()) {
event.preventDefault(); event.preventDefault();
authService.logOut(function () { chrome.runtime.sendMessage({ command: 'logout' });
$state.go('home');
});
} }
}); });
}); });

9
src/popup/app/global/mainController.js
View File

@ -1,7 +1,7 @@
angular angular
.module('bit.global') .module('bit.global')
.controller('mainController', function ($scope, $state, authService, toastr, i18nService) { .controller('mainController', function ($scope, $state, authService, toastr, i18nService, $analytics) {
var self = this; var self = this;
self.currentYear = new Date().getFullYear(); self.currentYear = new Date().getFullYear();
self.animation = ''; self.animation = '';
@ -23,9 +23,12 @@ angular
else if (msg.command === 'syncStarted') { else if (msg.command === 'syncStarted') {
$scope.$broadcast('syncStarted'); $scope.$broadcast('syncStarted');
} }
else if (msg.command === 'logout') { else if (msg.command === 'doneLoggingOut') {
authService.logOut(function () { authService.logOut(function () {
toastr.warning(i18nService.loginExpired, i18nService.loggedOut); $analytics.eventTrack('Logged Out');
if (msg.expired) {
toastr.warning(i18nService.loginExpired, i18nService.loggedOut);
}
$state.go('home'); $state.go('home');
}); });
} }

7
src/popup/app/lock/lockController.js
View File

@ -1,7 +1,7 @@
angular angular
.module('bit.lock') .module('bit.lock')
.controller('lockController', function ($scope, $state, $analytics, i18nService, authService, cryptoService, toastr, .controller('lockController', function ($scope, $state, $analytics, i18nService, cryptoService, toastr,
userService, SweetAlert) { userService, SweetAlert) {
$scope.i18n = i18nService; $scope.i18n = i18nService;
$('#master-password').focus(); $('#master-password').focus();
@ -15,10 +15,7 @@
cancelButtonText: i18nService.cancel cancelButtonText: i18nService.cancel
}, function (confirmed) { }, function (confirmed) {
if (confirmed) { if (confirmed) {
authService.logOut(function () { chrome.runtime.sendMessage({ command: 'logout' });
$analytics.eventTrack('Logged Out');
$state.go('home');
});
} }
}); });
}; };

26
src/popup/app/services/authService.js
View File

@ -39,30 +39,10 @@
return deferred.promise; return deferred.promise;
}; };
// TODO: Fix callback hell by moving to promises
_service.logOut = function (callback) { _service.logOut = function (callback) {
userService.getUserId(function (userId) { $rootScope.vaultLogins = null;
syncService.setLastSync(new Date(0), function () { $rootScope.vaultFolders = null;
settingsService.clear(function () { callback();
tokenService.clearToken(function () {
cryptoService.clearKey(function () {
cryptoService.clearKeyHash(function () {
userService.clearUserIdAndEmail(function () {
loginService.clear(userId, function () {
folderService.clear(userId, function () {
$rootScope.vaultLogins = null;
$rootScope.vaultFolders = null;
chrome.runtime.sendMessage({ command: 'loggedOut' });
callback();
});
});
});
});
});
});
});
});
});
}; };
return _service; return _service;

12
src/popup/app/settings/settingsController.js
View File

@ -1,7 +1,7 @@
angular angular
.module('bit.settings') .module('bit.settings')
.controller('settingsController', function ($scope, authService, $state, SweetAlert, utilsService, $analytics, .controller('settingsController', function ($scope, $state, SweetAlert, utilsService, $analytics,
i18nService, constantsService, cryptoService) { i18nService, constantsService, cryptoService) {
utilsService.initListSectionItemListeners($(document), angular); utilsService.initListSectionItemListeners($(document), angular);
$scope.lockOption = ''; $scope.lockOption = '';
@ -38,10 +38,7 @@
}, function (confirmed) { }, function (confirmed) {
if (confirmed) { if (confirmed) {
cryptoService.toggleKey(function () { }); cryptoService.toggleKey(function () { });
authService.logOut(function () { chrome.runtime.sendMessage({ command: 'logout' });
$analytics.eventTrack('Logged Out');
$state.go('home');
});
} }
}); });
} }
@ -58,10 +55,7 @@
cancelButtonText: i18nService.cancel cancelButtonText: i18nService.cancel
}, function (confirmed) { }, function (confirmed) {
if (confirmed) { if (confirmed) {
authService.logOut(function () { chrome.runtime.sendMessage({ command: 'logout' });
$analytics.eventTrack('Logged Out');
$state.go('home');
});
} }
}); });
}; };

121
src/services/apiService.js
View File

@ -1,5 +1,5 @@
function ApiService(tokenService) { function ApiService(tokenService) {
this.baseUrl = 'http://localhost:4000'; this.baseUrl = 'https://api.bitwarden.com';
this.tokenService = tokenService; this.tokenService = tokenService;
initApiService(); initApiService();
@ -36,7 +36,7 @@ function initApiService() {
ApiService.prototype.getAccountRevisionDate = function (success, error) { ApiService.prototype.getAccountRevisionDate = function (success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/accounts/revision-date?access_token2=' + token, url: self.baseUrl + '/accounts/revision-date?access_token2=' + token,
@ -45,15 +45,17 @@ function initApiService() {
success(response); success(response);
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.getProfile = function (success, error) { ApiService.prototype.getProfile = function (success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/accounts/profile?access_token2=' + token, url: self.baseUrl + '/accounts/profile?access_token2=' + token,
@ -62,9 +64,11 @@ function initApiService() {
success(new ProfileResponse(response)); success(new ProfileResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
@ -80,7 +84,7 @@ function initApiService() {
success(); success();
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}; };
@ -97,7 +101,7 @@ function initApiService() {
success(); success();
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}; };
@ -106,7 +110,7 @@ function initApiService() {
ApiService.prototype.getIncludedDomains = function (success, error) { ApiService.prototype.getIncludedDomains = function (success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/settings/domains?excluded=false&access_token2=' + token, url: self.baseUrl + '/settings/domains?excluded=false&access_token2=' + token,
@ -115,9 +119,11 @@ function initApiService() {
success(new DomainsResponse(response)); success(new DomainsResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
@ -125,7 +131,7 @@ function initApiService() {
ApiService.prototype.getLogin = function (id, success, error) { ApiService.prototype.getLogin = function (id, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/sites/' + id + '?access_token2=' + token, url: self.baseUrl + '/sites/' + id + '?access_token2=' + token,
@ -134,15 +140,17 @@ function initApiService() {
success(new LoginResponse(response)); success(new LoginResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.postLogin = function (loginRequest, success, error) { ApiService.prototype.postLogin = function (loginRequest, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: self.baseUrl + '/sites?access_token2=' + token, url: self.baseUrl + '/sites?access_token2=' + token,
@ -153,15 +161,17 @@ function initApiService() {
success(new LoginResponse(response)); success(new LoginResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.putLogin = function (id, loginRequest, success, error) { ApiService.prototype.putLogin = function (id, loginRequest, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: self.baseUrl + '/sites/' + id + '?access_token2=' + token, url: self.baseUrl + '/sites/' + id + '?access_token2=' + token,
@ -172,9 +182,11 @@ function initApiService() {
success(new LoginResponse(response)); success(new LoginResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
@ -182,7 +194,7 @@ function initApiService() {
ApiService.prototype.getFolder = function (id, success, error) { ApiService.prototype.getFolder = function (id, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/folders/' + id + '?access_token2=' + token, url: self.baseUrl + '/folders/' + id + '?access_token2=' + token,
@ -191,15 +203,17 @@ function initApiService() {
success(new FolderResponse(response)); success(new FolderResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}); }, function (jqXHR) {
handleError(error, jqXHR, true);
});
}; };
ApiService.prototype.postFolder = function (folderRequest, success, error) { ApiService.prototype.postFolder = function (folderRequest, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: self.baseUrl + '/folders?access_token2=' + token, url: self.baseUrl + '/folders?access_token2=' + token,
@ -210,15 +224,17 @@ function initApiService() {
success(new FolderResponse(response)); success(new FolderResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.putFolder = function (id, folderRequest, success, error) { ApiService.prototype.putFolder = function (id, folderRequest, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: self.baseUrl + '/folders/' + id + '?access_token2=' + token, url: self.baseUrl + '/folders/' + id + '?access_token2=' + token,
@ -229,9 +245,11 @@ function initApiService() {
success(new FolderResponse(response)); success(new FolderResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
@ -239,7 +257,7 @@ function initApiService() {
ApiService.prototype.getCipher = function (id, success, error) { ApiService.prototype.getCipher = function (id, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/ciphers/' + id + '?access_token2=' + token, url: self.baseUrl + '/ciphers/' + id + '?access_token2=' + token,
@ -248,15 +266,17 @@ function initApiService() {
success(new CipherResponse(response)); success(new CipherResponse(response));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.getCiphers = function (success, error) { ApiService.prototype.getCiphers = function (success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'GET', type: 'GET',
url: self.baseUrl + '/ciphers?access_token2=' + token, url: self.baseUrl + '/ciphers?access_token2=' + token,
@ -270,15 +290,17 @@ function initApiService() {
success(new ListResponse(data)); success(new ListResponse(data));
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
ApiService.prototype.deleteCipher = function (id, success, error) { ApiService.prototype.deleteCipher = function (id, success, error) {
var self = this; var self = this;
this.tokenService.getToken(function (token) { handleTokenState(self).then(function (token) {
$.ajax({ $.ajax({
type: 'POST', type: 'POST',
url: self.baseUrl + '/ciphers/' + id + '/delete?access_token2=' + token, url: self.baseUrl + '/ciphers/' + id + '/delete?access_token2=' + token,
@ -287,20 +309,57 @@ function initApiService() {
success(); success();
}, },
error: function (jqXHR, textStatus, errorThrown) { error: function (jqXHR, textStatus, errorThrown) {
handleError(error, jqXHR, textStatus, errorThrown); handleError(error, jqXHR);
} }
}); });
}, function (jqXHR) {
handleError(error, jqXHR, true);
}); });
}; };
// Helpers // Helpers
function handleError(errorCallback, jqXHR, textStatus, errorThrown) { function handleError(errorCallback, jqXHR, tokenError) {
if (jqXHR.status === 401 || jqXHR.status === 403) { if (tokenError || jqXHR.status === 401 || jqXHR.status === 403) {
chrome.runtime.sendMessage({ command: 'logout' }); chrome.runtime.sendMessage({ command: 'logout', expired: true });
return; return;
} }
errorCallback(new ErrorResponse(jqXHR)); errorCallback(new ErrorResponse(jqXHR));
} }
function handleTokenState(self) {
var deferred = Q.defer();
self.tokenService.getToken(function (accessToken) {
if (self.tokenService.tokenNeedsRefresh()) {
self.tokenService.getRefreshToken(function (refreshToken) {
$.ajax({
type: 'POST',
url: self.baseUrl + '/connect/token',
data: {
grant_type: 'refresh_token',
client_id: 'browser',
refresh_token: refreshToken
},
contentType: 'application/x-www-form-urlencoded; charset=utf-8',
dataType: 'json',
success: function (response) {
var token = new IdentityTokenResponse(response);
tokenService.setTokens(token.accessToken, token.refreshToken, function () {
deferred.resolve(token.accessToken);
});
},
error: function (jqXHR, textStatus, errorThrown) {
deferred.reject(jqXHR);
}
});
});
}
else {
deferred.resolve(accessToken);
}
});
return deferred.promise
}
}; };

17
src/services/tokenService.js
View File

@ -145,6 +145,23 @@ function initTokenService() {
return !(d.valueOf() > (new Date().valueOf() + (offsetSeconds * 1000))); return !(d.valueOf() > (new Date().valueOf() + (offsetSeconds * 1000)));
}; };
TokenService.prototype.tokenSecondsRemaining = function (offsetSeconds) {
var d = this.getTokenExpirationDate();
offsetSeconds = offsetSeconds || 0;
if (d === null) {
return 0;
}
var msRemaining = d.valueOf() - (new Date().valueOf() + (offsetSeconds * 1000));
return Math.round(msRemaining / 1000);
};
TokenService.prototype.tokenNeedsRefresh = function (minutes) {
minutes = minutes || 5; // default 5 minutes
var sRemaining = this.tokenSecondsRemaining();
return sRemaining < (60 * minutes);
};
TokenService.prototype.isTwoFactorScheme = function () { TokenService.prototype.isTwoFactorScheme = function () {
return this.getScheme() !== 'Application'; return this.getScheme() !== 'Application';
}; };