From 44f7e6f800dc1f6f2fc29e713bc49e1255856b2e Mon Sep 17 00:00:00 2001
From: Azul <azul@riseup.net>
Date: Wed, 31 Jan 2018 10:06:21 +0100
Subject: git subrepo clone https://leap.se/git/srp_js
 app/assets/javascripts/srp

subrepo:
  subdir:   "app/assets/javascripts/srp"
  merged:   "2088cbe"
upstream:
  origin:   "https://leap.se/git/srp_js"
  branch:   "master"
  commit:   "2088cbe"
git-subrepo:
  version:  "0.3.1"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "a7ee886"
---
 app/assets/javascripts/srp/src/jqueryRest.js | 103 +++++++++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100644 app/assets/javascripts/srp/src/jqueryRest.js

(limited to 'app/assets/javascripts/srp/src/jqueryRest.js')

diff --git a/app/assets/javascripts/srp/src/jqueryRest.js b/app/assets/javascripts/srp/src/jqueryRest.js
new file mode 100644
index 0000000..0c58eb2
--- /dev/null
+++ b/app/assets/javascripts/srp/src/jqueryRest.js
@@ -0,0 +1,103 @@
+srp.remote = (function(){
+  var jqueryRest = (function() {
+
+    // TODO: Do we need to differentiate between PUT and POST?
+    function register(session) {
+      return $.post("/1/users.json", {user: session.signup() });
+    }
+
+    function update(session, token) {
+      return $.ajax({
+        url: "/1/users/" + session.id() + ".json",
+        type: 'PUT',
+        headers: { Authorization: 'Token token="' + token + '"' },
+        data: {user: session.update() }
+      });
+    }
+
+    function handshake(session) {
+      return $.post("/1/sessions.json", session.handshake());
+    }
+
+    function authenticate(session) {
+      return $.ajax({
+        url: "/1/sessions/" + session.login() + ".json",
+        type: 'PUT',
+        data: {client_auth: session.getM()}
+      });
+    }
+
+    return {
+      register: register,
+      update: update,
+      handshake: handshake,
+      authenticate: authenticate
+    };
+  }());
+
+
+  function signup(){
+    jqueryRest.register(srp.session)
+    .done(srp.signedUp)
+    .fail(error)
+  };
+
+  function update(submitEvent){
+    var form = submitEvent.target;
+    var token = form.dataset.token;
+    jqueryRest.update(srp.session, token)
+    .done(srp.updated)
+    .fail(error)
+  };
+
+  function login(){
+    jqueryRest.handshake(srp.session)
+    .done(receiveSalts)
+    .fail(error)
+  };
+
+  function receiveSalts(response){
+    // B = 0 will make the algorithm always succeed
+    // -> refuse such a server answer
+    if(response.B === 0) {
+      srp.error("Server send random number 0 - could not login.");
+    }
+    else if(! response.salt || response.salt === 0) {
+      srp.error("Server failed to send salt - could not login.");
+    }
+    else
+    {
+      srp.session.calculations(response.salt, response.B);
+      jqueryRest.authenticate(srp.session)
+      .done(confirmAuthentication)
+      .fail(error);
+    }
+  };
+
+  // Receive M2 from the server and verify it
+  // If an error occurs, raise it as an alert.
+  function confirmAuthentication(response)
+  {
+    if (srp.session.validate(response.M2))
+      srp.loggedIn();
+    else
+      srp.error("Server key does not match");
+  };
+
+  // The server will send error messages as json alongside
+  // the http error response.
+  function error(xhr, text, thrown)
+  {
+    if (xhr.responseText && xhr.responseText != "")
+      srp.error($.parseJSON(xhr.responseText));
+    else
+      srp.error("Server did not respond.");
+  };
+
+  return {
+    signup: signup,
+    update: update,
+    login: login
+  }
+
+}());
-- 
cgit v1.2.3