mirror of
https://github.com/bitwarden/browser.git
synced 2024-10-06 05:28:51 +02:00
use getHibpBreach proxy
This commit is contained in:
parent
cbcf0adad5
commit
7cd8b63b94
@ -52,6 +52,7 @@ import { VerifyDeleteRecoverRequest } from '../models/request/verifyDeleteRecove
|
|||||||
import { VerifyEmailRequest } from '../models/request/verifyEmailRequest';
|
import { VerifyEmailRequest } from '../models/request/verifyEmailRequest';
|
||||||
|
|
||||||
import { BillingResponse } from '../models/response/billingResponse';
|
import { BillingResponse } from '../models/response/billingResponse';
|
||||||
|
import { BreachAccountResponse } from '../models/response/breachAccountResponse';
|
||||||
import { CipherResponse } from '../models/response/cipherResponse';
|
import { CipherResponse } from '../models/response/cipherResponse';
|
||||||
import {
|
import {
|
||||||
CollectionGroupDetailsResponse,
|
CollectionGroupDetailsResponse,
|
||||||
@ -247,6 +248,8 @@ export abstract class ApiService {
|
|||||||
|
|
||||||
getUserPublicKey: (id: string) => Promise<UserKeyResponse>;
|
getUserPublicKey: (id: string) => Promise<UserKeyResponse>;
|
||||||
|
|
||||||
|
getHibpBreach: (username: string) => Promise<BreachAccountResponse[]>;
|
||||||
|
|
||||||
getActiveBearerToken: () => Promise<string>;
|
getActiveBearerToken: () => Promise<string>;
|
||||||
fetch: (request: Request) => Promise<Response>;
|
fetch: (request: Request) => Promise<Response>;
|
||||||
}
|
}
|
||||||
|
@ -58,6 +58,7 @@ import { VerifyDeleteRecoverRequest } from '../models/request/verifyDeleteRecove
|
|||||||
import { VerifyEmailRequest } from '../models/request/verifyEmailRequest';
|
import { VerifyEmailRequest } from '../models/request/verifyEmailRequest';
|
||||||
|
|
||||||
import { BillingResponse } from '../models/response/billingResponse';
|
import { BillingResponse } from '../models/response/billingResponse';
|
||||||
|
import { BreachAccountResponse } from '../models/response/breachAccountResponse';
|
||||||
import { CipherResponse } from '../models/response/cipherResponse';
|
import { CipherResponse } from '../models/response/cipherResponse';
|
||||||
import {
|
import {
|
||||||
CollectionGroupDetailsResponse,
|
CollectionGroupDetailsResponse,
|
||||||
@ -818,6 +819,13 @@ export class ApiService implements ApiServiceAbstraction {
|
|||||||
return new UserKeyResponse(r);
|
return new UserKeyResponse(r);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// HIBP APIs
|
||||||
|
|
||||||
|
async getHibpBreach(username: string): Promise<BreachAccountResponse[]> {
|
||||||
|
const r = await this.send('GET', '/hibp/breach?username=' + username, null, true, true);
|
||||||
|
return r.map((a: any) => new BreachAccountResponse(a));
|
||||||
|
}
|
||||||
|
|
||||||
// Helpers
|
// Helpers
|
||||||
|
|
||||||
async getActiveBearerToken(): Promise<string> {
|
async getActiveBearerToken(): Promise<string> {
|
||||||
|
@ -5,9 +5,9 @@ import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
|
|||||||
import { Utils } from '../misc/utils';
|
import { Utils } from '../misc/utils';
|
||||||
|
|
||||||
import { BreachAccountResponse } from '../models/response/breachAccountResponse';
|
import { BreachAccountResponse } from '../models/response/breachAccountResponse';
|
||||||
|
import { ErrorResponse } from '../models/response/errorResponse';
|
||||||
|
|
||||||
const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
|
const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
|
||||||
const HibpBreachApi = 'https://haveibeenpwned.com/api/v2/breachedaccount/';
|
|
||||||
|
|
||||||
export class AuditService implements AuditServiceAbstraction {
|
export class AuditService implements AuditServiceAbstraction {
|
||||||
constructor(private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
|
constructor(private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
|
||||||
@ -18,7 +18,7 @@ export class AuditService implements AuditServiceAbstraction {
|
|||||||
const hashStart = hash.substr(0, 5);
|
const hashStart = hash.substr(0, 5);
|
||||||
const hashEnding = hash.substr(5);
|
const hashEnding = hash.substr(5);
|
||||||
|
|
||||||
const response = await fetch(new Request(PwnedPasswordsApi + hashStart));
|
const response = await fetch(PwnedPasswordsApi + hashStart);
|
||||||
const leakedHashes = await response.text();
|
const leakedHashes = await response.text();
|
||||||
const match = leakedHashes.split(/\r?\n/).find((v) => {
|
const match = leakedHashes.split(/\r?\n/).find((v) => {
|
||||||
return v.split(':')[0] === hashEnding;
|
return v.split(':')[0] === hashEnding;
|
||||||
@ -28,13 +28,14 @@ export class AuditService implements AuditServiceAbstraction {
|
|||||||
}
|
}
|
||||||
|
|
||||||
async breachedAccounts(username: string): Promise<BreachAccountResponse[]> {
|
async breachedAccounts(username: string): Promise<BreachAccountResponse[]> {
|
||||||
const response = await fetch(new Request(HibpBreachApi + username));
|
try {
|
||||||
if (response.status === 404) {
|
return await this.apiService.getHibpBreach(username);
|
||||||
|
} catch (e) {
|
||||||
|
const error = e as ErrorResponse;
|
||||||
|
if (error.statusCode === 404) {
|
||||||
return [];
|
return [];
|
||||||
} else if (response.status !== 200) {
|
}
|
||||||
throw new Error();
|
throw new Error();
|
||||||
}
|
}
|
||||||
const responseJson = await response.json();
|
|
||||||
return responseJson.map((a: any) => new BreachAccountResponse(a));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user