mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-24 16:49:26 +01:00
Added refresh token check for each API call. refactored logout messaging from authService
This commit is contained in:
parent
0b63eb58ba
commit
0bd77352b0
@ -34,7 +34,7 @@ var loadMenuRan = false,
|
||||
autofillTimeout = null;
|
||||
|
||||
chrome.runtime.onMessage.addListener(function (msg, sender, sendResponse) {
|
||||
if (msg.command === 'loggedOut' || msg.command === 'loggedIn' || msg.command === 'unlocked' || msg.command === 'locked') {
|
||||
if (msg.command === 'loggedIn' || msg.command === 'unlocked' || msg.command === 'locked') {
|
||||
if (loadMenuRan) {
|
||||
return;
|
||||
}
|
||||
@ -43,6 +43,17 @@ chrome.runtime.onMessage.addListener(function (msg, sender, sendResponse) {
|
||||
setIcon();
|
||||
refreshBadgeAndMenu();
|
||||
}
|
||||
else if (msg.command === 'logout') {
|
||||
logout(msg.expired, function () {
|
||||
if (loadMenuRan) {
|
||||
return;
|
||||
}
|
||||
loadMenuRan = true;
|
||||
|
||||
setIcon();
|
||||
refreshBadgeAndMenu();
|
||||
});
|
||||
}
|
||||
else if (msg.command === 'syncCompleted' && msg.successfully) {
|
||||
if (loadMenuRan) {
|
||||
return;
|
||||
@ -584,6 +595,30 @@ function loadContextMenuOptions(title, idSuffix, login) {
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: Fix callback hell by moving to promises
|
||||
function logout(expired, callback) {
|
||||
userService.getUserId(function (userId) {
|
||||
syncService.setLastSync(new Date(0), function () {
|
||||
settingsService.clear(function () {
|
||||
tokenService.clearToken(function () {
|
||||
cryptoService.clearKey(function () {
|
||||
cryptoService.clearKeyHash(function () {
|
||||
userService.clearUserIdAndEmail(function () {
|
||||
loginService.clear(userId, function () {
|
||||
folderService.clear(userId, function () {
|
||||
chrome.runtime.sendMessage({ command: 'doneLoggingOut', expired: expired });
|
||||
callback();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function copyToClipboard(text) {
|
||||
if (window.clipboardData && window.clipboardData.setData) {
|
||||
// IE specific code path to prevent textarea being shown while dialog is visible.
|
||||
|
@ -190,7 +190,7 @@
|
||||
params: { animation: null }
|
||||
});
|
||||
})
|
||||
.run(function ($rootScope, userService, authService, cryptoService, tokenService, $state, constantsService, stateService) {
|
||||
.run(function ($rootScope, userService, cryptoService, tokenService, $state, constantsService, stateService) {
|
||||
$rootScope.$on('$stateChangeStart', function (event, toState, toParams) {
|
||||
if ($state.current.name.indexOf('tabs.') > -1 && toState.name.indexOf('tabs.') > -1) {
|
||||
stateService.purgeState();
|
||||
@ -220,9 +220,7 @@
|
||||
|
||||
if (!isAuthenticated || tokenService.isTokenExpired()) {
|
||||
event.preventDefault();
|
||||
authService.logOut(function () {
|
||||
$state.go('home');
|
||||
});
|
||||
chrome.runtime.sendMessage({ command: 'logout' });
|
||||
}
|
||||
});
|
||||
});
|
||||
|
@ -1,7 +1,7 @@
|
||||
angular
|
||||
.module('bit.global')
|
||||
|
||||
.controller('mainController', function ($scope, $state, authService, toastr, i18nService) {
|
||||
.controller('mainController', function ($scope, $state, authService, toastr, i18nService, $analytics) {
|
||||
var self = this;
|
||||
self.currentYear = new Date().getFullYear();
|
||||
self.animation = '';
|
||||
@ -23,9 +23,12 @@ angular
|
||||
else if (msg.command === 'syncStarted') {
|
||||
$scope.$broadcast('syncStarted');
|
||||
}
|
||||
else if (msg.command === 'logout') {
|
||||
else if (msg.command === 'doneLoggingOut') {
|
||||
authService.logOut(function () {
|
||||
$analytics.eventTrack('Logged Out');
|
||||
if (msg.expired) {
|
||||
toastr.warning(i18nService.loginExpired, i18nService.loggedOut);
|
||||
}
|
||||
$state.go('home');
|
||||
});
|
||||
}
|
||||
|
@ -1,7 +1,7 @@
|
||||
angular
|
||||
.module('bit.lock')
|
||||
|
||||
.controller('lockController', function ($scope, $state, $analytics, i18nService, authService, cryptoService, toastr,
|
||||
.controller('lockController', function ($scope, $state, $analytics, i18nService, cryptoService, toastr,
|
||||
userService, SweetAlert) {
|
||||
$scope.i18n = i18nService;
|
||||
$('#master-password').focus();
|
||||
@ -15,10 +15,7 @@
|
||||
cancelButtonText: i18nService.cancel
|
||||
}, function (confirmed) {
|
||||
if (confirmed) {
|
||||
authService.logOut(function () {
|
||||
$analytics.eventTrack('Logged Out');
|
||||
$state.go('home');
|
||||
});
|
||||
chrome.runtime.sendMessage({ command: 'logout' });
|
||||
}
|
||||
});
|
||||
};
|
||||
|
@ -39,30 +39,10 @@
|
||||
return deferred.promise;
|
||||
};
|
||||
|
||||
// TODO: Fix callback hell by moving to promises
|
||||
_service.logOut = function (callback) {
|
||||
userService.getUserId(function (userId) {
|
||||
syncService.setLastSync(new Date(0), function () {
|
||||
settingsService.clear(function () {
|
||||
tokenService.clearToken(function () {
|
||||
cryptoService.clearKey(function () {
|
||||
cryptoService.clearKeyHash(function () {
|
||||
userService.clearUserIdAndEmail(function () {
|
||||
loginService.clear(userId, function () {
|
||||
folderService.clear(userId, function () {
|
||||
$rootScope.vaultLogins = null;
|
||||
$rootScope.vaultFolders = null;
|
||||
chrome.runtime.sendMessage({ command: 'loggedOut' });
|
||||
callback();
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
};
|
||||
|
||||
return _service;
|
||||
|
@ -1,7 +1,7 @@
|
||||
angular
|
||||
.module('bit.settings')
|
||||
|
||||
.controller('settingsController', function ($scope, authService, $state, SweetAlert, utilsService, $analytics,
|
||||
.controller('settingsController', function ($scope, $state, SweetAlert, utilsService, $analytics,
|
||||
i18nService, constantsService, cryptoService) {
|
||||
utilsService.initListSectionItemListeners($(document), angular);
|
||||
$scope.lockOption = '';
|
||||
@ -38,10 +38,7 @@
|
||||
}, function (confirmed) {
|
||||
if (confirmed) {
|
||||
cryptoService.toggleKey(function () { });
|
||||
authService.logOut(function () {
|
||||
$analytics.eventTrack('Logged Out');
|
||||
$state.go('home');
|
||||
});
|
||||
chrome.runtime.sendMessage({ command: 'logout' });
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -58,10 +55,7 @@
|
||||
cancelButtonText: i18nService.cancel
|
||||
}, function (confirmed) {
|
||||
if (confirmed) {
|
||||
authService.logOut(function () {
|
||||
$analytics.eventTrack('Logged Out');
|
||||
$state.go('home');
|
||||
});
|
||||
chrome.runtime.sendMessage({ command: 'logout' });
|
||||
}
|
||||
});
|
||||
};
|
||||
|
@ -1,5 +1,5 @@
|
||||
function ApiService(tokenService) {
|
||||
this.baseUrl = 'http://localhost:4000';
|
||||
this.baseUrl = 'https://api.bitwarden.com';
|
||||
this.tokenService = tokenService;
|
||||
|
||||
initApiService();
|
||||
@ -36,7 +36,7 @@ function initApiService() {
|
||||
|
||||
ApiService.prototype.getAccountRevisionDate = function (success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/accounts/revision-date?access_token2=' + token,
|
||||
@ -45,15 +45,17 @@ function initApiService() {
|
||||
success(response);
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.getProfile = function (success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/accounts/profile?access_token2=' + token,
|
||||
@ -62,9 +64,11 @@ function initApiService() {
|
||||
success(new ProfileResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
@ -80,7 +84,7 @@ function initApiService() {
|
||||
success();
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
};
|
||||
@ -97,7 +101,7 @@ function initApiService() {
|
||||
success();
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
};
|
||||
@ -106,7 +110,7 @@ function initApiService() {
|
||||
|
||||
ApiService.prototype.getIncludedDomains = function (success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/settings/domains?excluded=false&access_token2=' + token,
|
||||
@ -115,9 +119,11 @@ function initApiService() {
|
||||
success(new DomainsResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
@ -125,7 +131,7 @@ function initApiService() {
|
||||
|
||||
ApiService.prototype.getLogin = function (id, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/sites/' + id + '?access_token2=' + token,
|
||||
@ -134,15 +140,17 @@ function initApiService() {
|
||||
success(new LoginResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.postLogin = function (loginRequest, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/sites?access_token2=' + token,
|
||||
@ -153,15 +161,17 @@ function initApiService() {
|
||||
success(new LoginResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.putLogin = function (id, loginRequest, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/sites/' + id + '?access_token2=' + token,
|
||||
@ -172,9 +182,11 @@ function initApiService() {
|
||||
success(new LoginResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
@ -182,7 +194,7 @@ function initApiService() {
|
||||
|
||||
ApiService.prototype.getFolder = function (id, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/folders/' + id + '?access_token2=' + token,
|
||||
@ -191,15 +203,17 @@ function initApiService() {
|
||||
success(new FolderResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.postFolder = function (folderRequest, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/folders?access_token2=' + token,
|
||||
@ -210,15 +224,17 @@ function initApiService() {
|
||||
success(new FolderResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.putFolder = function (id, folderRequest, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/folders/' + id + '?access_token2=' + token,
|
||||
@ -229,9 +245,11 @@ function initApiService() {
|
||||
success(new FolderResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
@ -239,7 +257,7 @@ function initApiService() {
|
||||
|
||||
ApiService.prototype.getCipher = function (id, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/ciphers/' + id + '?access_token2=' + token,
|
||||
@ -248,15 +266,17 @@ function initApiService() {
|
||||
success(new CipherResponse(response));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.getCiphers = function (success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'GET',
|
||||
url: self.baseUrl + '/ciphers?access_token2=' + token,
|
||||
@ -270,15 +290,17 @@ function initApiService() {
|
||||
success(new ListResponse(data));
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
ApiService.prototype.deleteCipher = function (id, success, error) {
|
||||
var self = this;
|
||||
this.tokenService.getToken(function (token) {
|
||||
handleTokenState(self).then(function (token) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/ciphers/' + id + '/delete?access_token2=' + token,
|
||||
@ -287,20 +309,57 @@ function initApiService() {
|
||||
success();
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
handleError(error, jqXHR, textStatus, errorThrown);
|
||||
handleError(error, jqXHR);
|
||||
}
|
||||
});
|
||||
}, function (jqXHR) {
|
||||
handleError(error, jqXHR, true);
|
||||
});
|
||||
};
|
||||
|
||||
// Helpers
|
||||
|
||||
function handleError(errorCallback, jqXHR, textStatus, errorThrown) {
|
||||
if (jqXHR.status === 401 || jqXHR.status === 403) {
|
||||
chrome.runtime.sendMessage({ command: 'logout' });
|
||||
function handleError(errorCallback, jqXHR, tokenError) {
|
||||
if (tokenError || jqXHR.status === 401 || jqXHR.status === 403) {
|
||||
chrome.runtime.sendMessage({ command: 'logout', expired: true });
|
||||
return;
|
||||
}
|
||||
|
||||
errorCallback(new ErrorResponse(jqXHR));
|
||||
}
|
||||
|
||||
function handleTokenState(self) {
|
||||
var deferred = Q.defer();
|
||||
self.tokenService.getToken(function (accessToken) {
|
||||
if (self.tokenService.tokenNeedsRefresh()) {
|
||||
self.tokenService.getRefreshToken(function (refreshToken) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: self.baseUrl + '/connect/token',
|
||||
data: {
|
||||
grant_type: 'refresh_token',
|
||||
client_id: 'browser',
|
||||
refresh_token: refreshToken
|
||||
},
|
||||
contentType: 'application/x-www-form-urlencoded; charset=utf-8',
|
||||
dataType: 'json',
|
||||
success: function (response) {
|
||||
var token = new IdentityTokenResponse(response);
|
||||
tokenService.setTokens(token.accessToken, token.refreshToken, function () {
|
||||
deferred.resolve(token.accessToken);
|
||||
});
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
deferred.reject(jqXHR);
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
else {
|
||||
deferred.resolve(accessToken);
|
||||
}
|
||||
});
|
||||
|
||||
return deferred.promise
|
||||
}
|
||||
};
|
||||
|
@ -145,6 +145,23 @@ function initTokenService() {
|
||||
return !(d.valueOf() > (new Date().valueOf() + (offsetSeconds * 1000)));
|
||||
};
|
||||
|
||||
TokenService.prototype.tokenSecondsRemaining = function (offsetSeconds) {
|
||||
var d = this.getTokenExpirationDate();
|
||||
offsetSeconds = offsetSeconds || 0;
|
||||
if (d === null) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
var msRemaining = d.valueOf() - (new Date().valueOf() + (offsetSeconds * 1000));
|
||||
return Math.round(msRemaining / 1000);
|
||||
};
|
||||
|
||||
TokenService.prototype.tokenNeedsRefresh = function (minutes) {
|
||||
minutes = minutes || 5; // default 5 minutes
|
||||
var sRemaining = this.tokenSecondsRemaining();
|
||||
return sRemaining < (60 * minutes);
|
||||
};
|
||||
|
||||
TokenService.prototype.isTwoFactorScheme = function () {
|
||||
return this.getScheme() !== 'Application';
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user