1 files changed, 76 insertions, 0 deletions

diff --git a/src/srp.js b/src/srp.js
new file mode 100644
index 0000000..972b211
--- /dev/null
+++ b/src/srp.js
@@ -0,0 +1,76 @@
+function SRP(remote, session)
+{
+  var srp = this;
+  session = session || new this.Session();
+  remote = remote || new this.Remote();
+  remote.onError = remote.onError || this.error;
+  session.onError = session.onError || this.error;
+  this.remote = remote;
+  this.session = session;
+
+  // Start the login process by identifying the user
+  this.identify = function()
+  {
+    remote.handshake(session, receive_salts);
+
+    // Receive login salts from the server, start calculations
+    function receive_salts(response)
+    {
+      // B = 0 will make the algorithm always succeed
+      // -> refuse such a server answer
+      if(response.B === 0) {
+        srp.error("Server send random number 0 - this is not allowed");
+      } else {
+        session.calculations(response.s, response.B);
+        remote.authenticate(session, confirm_authentication);
+      }
+    }
+
+    // Receive M2 from the server and verify it
+    // If an error occurs, raise it as an alert.
+    function confirm_authentication(response)
+    {
+      if (session.validate(response.M))
+        srp.success();
+      else
+        srp.error("Server key does not match");
+    };
+  };
+
+  // Initiate the registration process
+  this.register = function()
+  {
+    remote.register(session, srp.registered_user);
+  };
+
+  // The user has been registered successfully, now login
+  this.registered_user = function(response)
+  {
+    if(response.ok)
+    {
+      srp.identify();
+    }
+  };  
+
+  // Minimal error handling - set remote.onError to sth better to overwrite.
+  this.error = function(text)
+  {
+    alert(text);
+  };
+
+  // This function is called when authentication is successful.
+  // Developers can set this to other functions in specific implementations
+  // and change the functionality.
+  this.success = function()
+  {
+    var forward_url = document.getElementById("srp_forward").value;
+    if(forward_url.charAt(0) != "#")
+      window.location = forward_url;
+    else
+    {
+      window.location = forward_url;
+      alert("Login successful.");
+    }
+  };
+};
+