Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-08 09:43:42 +01:00
Code Issues Projects Releases Wiki Activity

add api, appid, and token services

Browse Source
This commit is contained in:
Kyle Spearrin 2018-01-09 16:19:55 -05:00
parent 9a74f3e4ea
commit 7ce34ac139
8 changed files with 721 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/abstractions/api.service.ts Normal file
View File

@ -0,0 +1,37 @@
import { EnvironmentUrls } from '../models/domain/environmentUrls';
import { CipherRequest } from '../models/request/cipherRequest';
import { FolderRequest } from '../models/request/folderRequest';
import { PasswordHintRequest } from '../models/request/passwordHintRequest';
import { RegisterRequest } from '../models/request/registerRequest';
import { TokenRequest } from '../models/request/tokenRequest';
import { TwoFactorEmailRequest } from '../models/request/twoFactorEmailRequest';
import { CipherResponse } from '../models/response/cipherResponse';
import { FolderResponse } from '../models/response/folderResponse';
import { IdentityTokenResponse } from '../models/response/identityTokenResponse';
import { SyncResponse } from '../models/response/syncResponse';
export interface ApiService {
urlsSet: boolean;
baseUrl: string;
identityBaseUrl: string;
deviceType: string;
logoutCallback: Function;
setUrls(urls: EnvironmentUrls);
postIdentityToken(request: TokenRequest): Promise<IdentityTokenResponse | any>;
refreshIdentityToken(): Promise<any>;
postTwoFactorEmail(request: TwoFactorEmailRequest): Promise<any>;
getAccountRevisionDate(): Promise<number>;
postPasswordHint(request: PasswordHintRequest): Promise<any>;
postRegister(request: RegisterRequest): Promise<any>;
postFolder(request: FolderRequest): Promise<FolderResponse>;
putFolder(id: string, request: FolderRequest): Promise<FolderResponse>;
deleteFolder(id: string): Promise<any>;
postCipher(request: CipherRequest): Promise<CipherResponse>;
putCipher(id: string, request: CipherRequest): Promise<CipherResponse>;
deleteCipher(id: string): Promise<any>;
postCipherAttachment(id: string, data: FormData): Promise<CipherResponse>;
deleteCipherAttachment(id: string, attachmentId: string): Promise<any>;
getSync(): Promise<SyncResponse>;
}

4
src/abstractions/appId.service.ts Normal file
View File

@ -0,0 +1,4 @@
export interface AppIdService {
getAppId(): Promise<string>;
getAnonymousAppId(): Promise<string>;
}

3
src/abstractions/index.ts
View File

@ -1,5 +1,8 @@
export { ApiService } from './api.service';
export { AppIdService } from './appId.service';
export { CryptoService } from './crypto.service'; export { CryptoService } from './crypto.service';
export { MessagingService } from './messaging.service'; export { MessagingService } from './messaging.service';
export { PlatformUtilsService } from './platformUtils.service'; export { PlatformUtilsService } from './platformUtils.service';
export { StorageService } from './storage.service'; export { StorageService } from './storage.service';
export { TokenService } from './token.service';
export { UtilsService } from './utils.service'; export { UtilsService } from './utils.service';

23
src/abstractions/token.service.ts Normal file
View File

@ -0,0 +1,23 @@
export interface TokenService {
token: string;
decodedToken: any;
refreshToken: string;
setTokens(accessToken: string, refreshToken: string): Promise<any>;
setToken(token: string): Promise<any>;
getToken(): Promise<string>;
setRefreshToken(refreshToken: string): Promise<any>;
getRefreshToken(): Promise<string>;
setTwoFactorToken(token: string, email: string): Promise<any>;
getTwoFactorToken(email: string): Promise<string>;
clearTwoFactorToken(email: string): Promise<any>;
clearToken(): Promise<any>;
decodeToken(): any;
getTokenExpirationDate(): Date;
tokenSecondsRemaining(offsetSeconds?: number): number;
tokenNeedsRefresh(minutes?: number): boolean;
getUserId(): string;
getEmail(): string;
getName(): string;
getPremium(): boolean;
getIssuer(): string;
}

447
src/services/api.service.ts Normal file
View File

@ -0,0 +1,447 @@
import { ConstantsService } from './constants.service';
import { ApiService as ApiServiceInterface } from '../abstractions/api.service';
import { PlatformUtilsService } from '../abstractions/platformUtils.service';
import { TokenService } from '../abstractions/token.service';
import { EnvironmentUrls } from '../models/domain/environmentUrls';
import { CipherRequest } from '../models/request/cipherRequest';
import { FolderRequest } from '../models/request/folderRequest';
import { PasswordHintRequest } from '../models/request/passwordHintRequest';
import { RegisterRequest } from '../models/request/registerRequest';
import { TokenRequest } from '../models/request/tokenRequest';
import { TwoFactorEmailRequest } from '../models/request/twoFactorEmailRequest';
import { CipherResponse } from '../models/response/cipherResponse';
import { ErrorResponse } from '../models/response/errorResponse';
import { FolderResponse } from '../models/response/folderResponse';
import { IdentityTokenResponse } from '../models/response/identityTokenResponse';
import { SyncResponse } from '../models/response/syncResponse';
export class ApiService implements ApiServiceInterface {
urlsSet: boolean = false;
baseUrl: string;
identityBaseUrl: string;
deviceType: string;
logoutCallback: Function;
constructor(private tokenService: TokenService, platformUtilsService: PlatformUtilsService,
logoutCallback: Function) {
this.logoutCallback = logoutCallback;
this.deviceType = platformUtilsService.getDevice().toString();
}
setUrls(urls: EnvironmentUrls) {
this.urlsSet = true;
if (urls.base != null) {
this.baseUrl = urls.base + '/api';
this.identityBaseUrl = urls.base + '/identity';
return;
}
if (urls.api != null && urls.identity != null) {
this.baseUrl = urls.api;
this.identityBaseUrl = urls.identity;
return;
}
/* tslint:disable */
// Desktop
//this.baseUrl = 'http://localhost:4000';
//this.identityBaseUrl = 'http://localhost:33656';
// Desktop HTTPS
//this.baseUrl = 'https://localhost:44377';
//this.identityBaseUrl = 'https://localhost:44392';
// Desktop external
//this.baseUrl = 'http://192.168.1.3:4000';
//this.identityBaseUrl = 'http://192.168.1.3:33656';
// Preview
//this.baseUrl = 'https://preview-api.bitwarden.com';
//this.identityBaseUrl = 'https://preview-identity.bitwarden.com';
// Production
this.baseUrl = 'https://api.bitwarden.com';
this.identityBaseUrl = 'https://identity.bitwarden.com';
/* tslint:enable */
}
// Auth APIs
async postIdentityToken(request: TokenRequest): Promise<IdentityTokenResponse | any> {
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', {
body: this.qsStringify(request.toIdentityToken()),
cache: 'no-cache',
headers: new Headers({
'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8',
'Accept': 'application/json',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
let responseJson: any = null;
const typeHeader = response.headers.get('content-type');
if (typeHeader != null && typeHeader.indexOf('application/json') > -1) {
responseJson = await response.json();
}
if (responseJson != null) {
if (response.status === 200) {
return new IdentityTokenResponse(responseJson);
} else if (response.status === 400 && responseJson.TwoFactorProviders2 &&
Object.keys(responseJson.TwoFactorProviders2).length) {
await this.tokenService.clearTwoFactorToken(request.email);
return responseJson.TwoFactorProviders2;
}
}
return Promise.reject(new ErrorResponse(responseJson, response.status, true));
}
async refreshIdentityToken(): Promise<any> {
try {
await this.doRefreshToken();
} catch (e) {
return Promise.reject(null);
}
}
// Two Factor APIs
async postTwoFactorEmail(request: TwoFactorEmailRequest): Promise<any> {
const response = await fetch(new Request(this.baseUrl + '/two-factor/send-email-login', {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Account APIs
async getAccountRevisionDate(): Promise<number> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/accounts/revision-date', {
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
}));
if (response.status === 200) {
return (await response.json() as number);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async postPasswordHint(request: PasswordHintRequest): Promise<any> {
const response = await fetch(new Request(this.baseUrl + '/accounts/password-hint', {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async postRegister(request: RegisterRequest): Promise<any> {
const response = await fetch(new Request(this.baseUrl + '/accounts/register', {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Folder APIs
async postFolder(request: FolderRequest): Promise<FolderResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/folders', {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status === 200) {
const responseJson = await response.json();
return new FolderResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async putFolder(id: string, request: FolderRequest): Promise<FolderResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/folders/' + id, {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'PUT',
}));
if (response.status === 200) {
const responseJson = await response.json();
return new FolderResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async deleteFolder(id: string): Promise<any> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/folders/' + id, {
cache: 'no-cache',
headers: new Headers({
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
method: 'DELETE',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Cipher APIs
async postCipher(request: CipherRequest): Promise<CipherResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/ciphers', {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status === 200) {
const responseJson = await response.json();
return new CipherResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async putCipher(id: string, request: CipherRequest): Promise<CipherResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/ciphers/' + id, {
body: JSON.stringify(request),
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Content-Type': 'application/json; charset=utf-8',
'Device-Type': this.deviceType,
}),
method: 'PUT',
}));
if (response.status === 200) {
const responseJson = await response.json();
return new CipherResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async deleteCipher(id: string): Promise<any> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/ciphers/' + id, {
cache: 'no-cache',
headers: new Headers({
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
method: 'DELETE',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Attachments APIs
async postCipherAttachment(id: string, data: FormData): Promise<CipherResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/ciphers/' + id + '/attachment', {
body: data,
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status === 200) {
const responseJson = await response.json();
return new CipherResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
async deleteCipherAttachment(id: string, attachmentId: string): Promise<any> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/ciphers/' + id + '/attachment/' + attachmentId, {
cache: 'no-cache',
headers: new Headers({
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
method: 'DELETE',
}));
if (response.status !== 200) {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Sync APIs
async getSync(): Promise<SyncResponse> {
const authHeader = await this.handleTokenState();
const response = await fetch(new Request(this.baseUrl + '/sync', {
cache: 'no-cache',
headers: new Headers({
'Accept': 'application/json',
'Authorization': authHeader,
'Device-Type': this.deviceType,
}),
}));
if (response.status === 200) {
const responseJson = await response.json();
return new SyncResponse(responseJson);
} else {
const error = await this.handleError(response, false);
return Promise.reject(error);
}
}
// Helpers
private async handleError(response: Response, tokenError: boolean): Promise<ErrorResponse> {
if ((tokenError && response.status === 400) || response.status === 401 || response.status === 403) {
this.logoutCallback(true);
return null;
}
let responseJson: any = null;
const typeHeader = response.headers.get('content-type');
if (typeHeader != null && typeHeader.indexOf('application/json') > -1) {
responseJson = await response.json();
}
return new ErrorResponse(responseJson, response.status, tokenError);
}
private async handleTokenState(): Promise<string> {
let accessToken: string;
if (this.tokenService.tokenNeedsRefresh()) {
const tokenResponse = await this.doRefreshToken();
accessToken = tokenResponse.accessToken;
} else {
accessToken = await this.tokenService.getToken();
}
return 'Bearer ' + accessToken;
}
private async doRefreshToken(): Promise<IdentityTokenResponse> {
const refreshToken = await this.tokenService.getRefreshToken();
if (refreshToken == null || refreshToken === '') {
throw new Error();
}
const response = await fetch(new Request(this.identityBaseUrl + '/connect/token', {
body: this.qsStringify({
grant_type: 'refresh_token',
client_id: 'browser',
refresh_token: refreshToken,
}),
cache: 'no-cache',
headers: new Headers({
'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8',
'Accept': 'application/json',
'Device-Type': this.deviceType,
}),
method: 'POST',
}));
if (response.status === 200) {
const responseJson = await response.json();
const tokenResponse = new IdentityTokenResponse(responseJson);
await this.tokenService.setTokens(tokenResponse.accessToken, tokenResponse.refreshToken);
return tokenResponse;
} else {
const error = await this.handleError(response, true);
return Promise.reject(error);
}
}
private qsStringify(params: any): string {
return Object.keys(params).map((key) => {
return encodeURIComponent(key) + '=' + encodeURIComponent(params[key]);
}).join('&');
}
}

28
src/services/appId.service.ts Normal file
View File

@ -0,0 +1,28 @@
import { UtilsService } from './utils.service';
import { AppIdService as AppIdServiceInterface } from '../abstractions/appId.service';
import { StorageService } from '../abstractions/storage.service';
export class AppIdService implements AppIdServiceInterface {
constructor(private storageService: StorageService) {
}
getAppId(): Promise<string> {
return this.makeAndGetAppId('appId');
}
getAnonymousAppId(): Promise<string> {
return this.makeAndGetAppId('anonymousAppId');
}
private async makeAndGetAppId(key: string) {
const existingId = await this.storageService.get<string>(key);
if (existingId != null) {
return existingId;
}
const guid = UtilsService.newGuid();
await this.storageService.save(key, guid);
return guid;
}
}

3
src/services/index.ts
View File

@ -1,3 +1,6 @@
export { ApiService } from './api.service';
export { AppIdService } from './appId.service';
export { ConstantsService } from './constants.service'; export { ConstantsService } from './constants.service';
export { CryptoService } from './crypto.service'; export { CryptoService } from './crypto.service';
export { TokenService } from './token.service';
export { UtilsService } from './utils.service'; export { UtilsService } from './utils.service';

176
src/services/token.service.ts Normal file
View File

@ -0,0 +1,176 @@
import { ConstantsService } from './constants.service';
import { UtilsService } from './utils.service';
import { StorageService } from '../abstractions/storage.service';
import { TokenService as TokenServiceInterface } from '../abstractions/token.service';
const Keys = {
accessToken: 'accessToken',
refreshToken: 'refreshToken',
twoFactorTokenPrefix: 'twoFactorToken_',
};
export class TokenService implements TokenServiceInterface {
token: string;
decodedToken: any;
refreshToken: string;
constructor(private storageService: StorageService) {
}
setTokens(accessToken: string, refreshToken: string): Promise<any> {
return Promise.all([
this.setToken(accessToken),
this.setRefreshToken(refreshToken),
]);
}
setToken(token: string): Promise<any> {
this.token = token;
this.decodedToken = null;
return this.storageService.save(Keys.accessToken, token);
}
async getToken(): Promise<string> {
if (this.token != null) {
return this.token;
}
this.token = await this.storageService.get<string>(Keys.accessToken);
return this.token;
}
setRefreshToken(refreshToken: string): Promise<any> {
this.refreshToken = refreshToken;
return this.storageService.save(Keys.refreshToken, refreshToken);
}
async getRefreshToken(): Promise<string> {
if (this.refreshToken != null) {
return this.refreshToken;
}
this.refreshToken = await this.storageService.get<string>(Keys.refreshToken);
return this.refreshToken;
}
setTwoFactorToken(token: string, email: string): Promise<any> {
return this.storageService.save(Keys.twoFactorTokenPrefix + email, token);
}
getTwoFactorToken(email: string): Promise<string> {
return this.storageService.get<string>(Keys.twoFactorTokenPrefix + email);
}
clearTwoFactorToken(email: string): Promise<any> {
return this.storageService.remove(Keys.twoFactorTokenPrefix + email);
}
clearToken(): Promise<any> {
this.token = null;
this.decodedToken = null;
this.refreshToken = null;
return Promise.all([
this.storageService.remove(Keys.accessToken),
this.storageService.remove(Keys.refreshToken),
]);
}
// jwthelper methods
// ref https://github.com/auth0/angular-jwt/blob/master/src/angularJwt/services/jwt.js
decodeToken(): any {
if (this.decodedToken) {
return this.decodedToken;
}
if (this.token == null) {
throw new Error('Token not found.');
}
const parts = this.token.split('.');
if (parts.length !== 3) {
throw new Error('JWT must have 3 parts');
}
const decoded = UtilsService.urlBase64Decode(parts[1]);
if (decoded == null) {
throw new Error('Cannot decode the token');
}
this.decodedToken = JSON.parse(decoded);
return this.decodedToken;
}
getTokenExpirationDate(): Date {
const decoded = this.decodeToken();
if (typeof decoded.exp === 'undefined') {
return null;
}
const d = new Date(0); // The 0 here is the key, which sets the date to the epoch
d.setUTCSeconds(decoded.exp);
return d;
}
tokenSecondsRemaining(offsetSeconds: number = 0): number {
const d = this.getTokenExpirationDate();
if (d == null) {
return 0;
}
const msRemaining = d.valueOf() - (new Date().valueOf() + (offsetSeconds * 1000));
return Math.round(msRemaining / 1000);
}
tokenNeedsRefresh(minutes: number = 5): boolean {
const sRemaining = this.tokenSecondsRemaining();
return sRemaining < (60 * minutes);
}
getUserId(): string {
const decoded = this.decodeToken();
if (typeof decoded.sub === 'undefined') {
throw new Error('No user id found');
}
return decoded.sub as string;
}
getEmail(): string {
const decoded = this.decodeToken();
if (typeof decoded.email === 'undefined') {
throw new Error('No email found');
}
return decoded.email as string;
}
getName(): string {
const decoded = this.decodeToken();
if (typeof decoded.name === 'undefined') {
throw new Error('No name found');
}
return decoded.name as string;
}
getPremium(): boolean {
const decoded = this.decodeToken();
if (typeof decoded.premium === 'undefined') {
return false;
}
return decoded.premium as boolean;
}
getIssuer(): string {
const decoded = this.decodeToken();
if (typeof decoded.iss === 'undefined') {
throw new Error('No issuer found');
}
return decoded.iss as string;
}
}