1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-13 10:24:20 +01:00
bitwarden-browser/src/services/audit.service.ts
2018-09-11 15:54:18 -04:00

41 lines
1.7 KiB
TypeScript

import { ApiService } from '../abstractions/api.service';
import { AuditService as AuditServiceAbstraction } from '../abstractions/audit.service';
import { CryptoFunctionService } from '../abstractions/cryptoFunction.service';
import { Utils } from '../misc/utils';
import { BreachAccountResponse } from '../models/response/breachAccountResponse';
const PwnedPasswordsApi = 'https://api.pwnedpasswords.com/range/';
const HibpBreachApi = 'https://haveibeenpwned.com/api/v2/breachedaccount/';
export class AuditService implements AuditServiceAbstraction {
constructor(private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
async passwordLeaked(password: string): Promise<number> {
const hashBytes = await this.cryptoFunctionService.hash(password, 'sha1');
const hash = Utils.fromBufferToHex(hashBytes).toUpperCase();
const hashStart = hash.substr(0, 5);
const hashEnding = hash.substr(5);
const response = await fetch(new Request(PwnedPasswordsApi + hashStart));
const leakedHashes = await response.text();
const match = leakedHashes.split(/\r?\n/).find((v) => {
return v.split(':')[0] === hashEnding;
});
return match != null ? parseInt(match.split(':')[1], 10) : 0;
}
async breachedAccounts(username: string): Promise<BreachAccountResponse[]> {
const response = await fetch(new Request(HibpBreachApi + username));
if (response.status === 404) {
return [];
} else if (response.status !== 200) {
throw new Error();
}
const responseJson = await response.json();
return responseJson.map((a: any) => new BreachAccountResponse(a));
}
}