From 49bfe6ab74229ba4da5342382b87dcd6fca239fa Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 Nov 2012 15:58:46 +0100 Subject: works - but not quite what i want. Exposing jqXHR to error function --- src/jqueryRest.js | 23 +++++++++++------------ src/srp.js | 27 ++++++++++++++++----------- 2 files changed, 27 insertions(+), 23 deletions(-) (limited to 'src') diff --git a/src/jqueryRest.js b/src/jqueryRest.js index 54a0908..a7928d5 100644 --- a/src/jqueryRest.js +++ b/src/jqueryRest.js @@ -1,31 +1,30 @@ jqueryRest = function() { // we do not fetch the salt from the server - function register(session, callback) + function register(session) { - sendVerifier(session, callback); + return sendVerifier(session); } - function sendVerifier(session, callback) { + function sendVerifier(session) { var salt = session.getSalt(); - $.post("users.json", { user: + return $.post("users.json", { user: { login: session.getI(), password_salt: salt, - password_verifier: session.getV(salt).toString(16)} - }, callback); + password_verifier: session.getV(salt).toString(16) + } + }); } - function handshake(session, callback) { - $.post("sessions.json", { login: session.getI(), - A: session.getAstr()}, callback); + function handshake(session) { + return $.post("sessions.json", { login: session.getI(), A: session.getAstr()}); } - function authenticate(session, success) { - $.ajax({ + function authenticate(session) { + return $.ajax({ url: "sessions/" + session.getI() + ".json", type: 'PUT', data: {client_auth: session.getM()}, - success: success }); } diff --git a/src/srp.js b/src/srp.js index 6d1e8c1..6a377ce 100644 --- a/src/srp.js +++ b/src/srp.js @@ -2,8 +2,6 @@ function SRP(remote, session) { var srp = this; session = session || new this.Session(); - remote = remote || new this.Remote(); - remote.onError = remote.onError || this.error; session.onError = session.onError || this.error; this.remote = remote; this.session = session; @@ -12,7 +10,9 @@ function SRP(remote, session) this.identify = function(success, error) { store_callbacks(success, error); - remote.handshake(session, receive_salts); + remote.handshake(session) + .success(receive_salts) + .error(srp.error); // Receive login salts from the server, start calculations function receive_salts(response) @@ -28,7 +28,9 @@ function SRP(remote, session) else { session.calculations(response.salt, response.B); - remote.authenticate(session, confirm_authentication); + remote.authenticate(session) + .success(confirm_authentication) + .error(srp.error); } } @@ -47,12 +49,15 @@ function SRP(remote, session) this.register = function(success, error) { store_callbacks(success, error); - remote.register(session, srp.registered_user); + remote.register(session) + .success(srp.registered_user) + .error(srp.error); }; // The user has been registered successfully, now login this.registered_user = function(response) { + // TODO: This can go if response has an error code if(response.errors) { srp.error(response.errors) } @@ -61,12 +66,6 @@ function SRP(remote, session) } }; - // Minimal error handling - set remote.onError to sth better to overwrite. - this.error = function(text) - { - alert(text); - }; - // This function is called when authentication is successful. // It's a dummy. Please hand the real thing to the call to identify. this.success = function() @@ -74,6 +73,12 @@ function SRP(remote, session) alert("Login successful."); }; + // Minimal error handling - set remote.onError to sth better to overwrite. + this.error = function(text) + { + alert(text); + }; + function store_callbacks(success, error) { if (typeof success == "function") { srp.success = success; -- cgit v1.2.3 From 2e365cba5263ec50f10fb074c054ef19adb8f7b0 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 Nov 2012 17:36:49 +0100 Subject: first step at cleaning up the srp --- src/jqueryRest.js | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ src/srp.js | 19 +++++++++++++++++++ 2 files changed, 69 insertions(+) (limited to 'src') diff --git a/src/jqueryRest.js b/src/jqueryRest.js index a7928d5..29f737c 100644 --- a/src/jqueryRest.js +++ b/src/jqueryRest.js @@ -35,3 +35,53 @@ jqueryRest = function() { authenticate: authenticate }; }; + +srp.remote = (function(){ + + function signup(){ + jqueryRest().register(srp.session) + .success(srp.signedUp) + .error(srp.error) + }; + + function login(){ + jqueryRest().handshake(srp.session) + .success(receiveSalts) + .error(srp.error) + }; + + function receiveSalts(response){ + // B = 0 will make the algorithm always succeed + // -> refuse such a server answer + if(response.B === 0) { + srp.error("Server send random number 0 - could not login."); + } + else if(! response.salt || response.salt === 0) { + srp.error("Server failed to send salt - could not login."); + } + else + { + srp.session.calculations(response.salt, response.B); + jqueryRest().authenticate(srp.session) + .success(confirmAuthentication) + .error(srp.error); + } + }; + + // Receive M2 from the server and verify it + // If an error occurs, raise it as an alert. + function confirmAuthentication(response) + { + if (srp.session.validate(response.M2)) + srp.loggedIn(); + else + srp.error("Server key does not match"); + }; + + + return { + signup: signup, + login: login + } + +}()); diff --git a/src/srp.js b/src/srp.js index 6a377ce..5b76a88 100644 --- a/src/srp.js +++ b/src/srp.js @@ -1,3 +1,22 @@ +var srp = (function(){ + + function signup() + { + this.remote.signup(); + }; + + function login() + { + this.remote.login(); + }; + + return { + signup: signup, + login: login + } +}()); + + function SRP(remote, session) { var srp = this; -- cgit v1.2.3 From a41d7f306aa1dbcae17643cc9c3b457632ee8909 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 Nov 2012 17:49:18 +0100 Subject: removed the SRP class - using just a plain srp object now --- src/srp.js | 92 ------------------------------------------------------ src/srp_session.js | 5 ++- 2 files changed, 2 insertions(+), 95 deletions(-) (limited to 'src') diff --git a/src/srp.js b/src/srp.js index 5b76a88..e57b7e9 100644 --- a/src/srp.js +++ b/src/srp.js @@ -16,95 +16,3 @@ var srp = (function(){ } }()); - -function SRP(remote, session) -{ - var srp = this; - session = session || new this.Session(); - session.onError = session.onError || this.error; - this.remote = remote; - this.session = session; - - // Start the login process by identifying the user - this.identify = function(success, error) - { - store_callbacks(success, error); - remote.handshake(session) - .success(receive_salts) - .error(srp.error); - - // Receive login salts from the server, start calculations - function receive_salts(response) - { - // B = 0 will make the algorithm always succeed - // -> refuse such a server answer - if(response.B === 0) { - srp.error("Server send random number 0 - could not login."); - } - else if(! response.salt || response.salt === 0) { - srp.error("Server failed to send salt - could not login."); - } - else - { - session.calculations(response.salt, response.B); - remote.authenticate(session) - .success(confirm_authentication) - .error(srp.error); - } - } - - // Receive M2 from the server and verify it - // If an error occurs, raise it as an alert. - function confirm_authentication(response) - { - if (session.validate(response.M2)) - srp.success(); - else - srp.error("Server key does not match"); - }; - }; - - // Initiate the registration process - this.register = function(success, error) - { - store_callbacks(success, error); - remote.register(session) - .success(srp.registered_user) - .error(srp.error); - }; - - // The user has been registered successfully, now login - this.registered_user = function(response) - { - // TODO: This can go if response has an error code - if(response.errors) { - srp.error(response.errors) - } - else { - srp.identify(); - } - }; - - // This function is called when authentication is successful. - // It's a dummy. Please hand the real thing to the call to identify. - this.success = function() - { - alert("Login successful."); - }; - - // Minimal error handling - set remote.onError to sth better to overwrite. - this.error = function(text) - { - alert(text); - }; - - function store_callbacks(success, error) { - if (typeof success == "function") { - srp.success = success; - } - if (typeof error == "function") { - srp.error = error; - } - } -}; - diff --git a/src/srp_session.js b/src/srp_session.js index 8f45a44..7f1232f 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -1,4 +1,4 @@ -SRP.prototype.Session = function(login, password) { +srp.Session = function(login, password) { // Variables session will be used in the SRP protocol var Nstr = "eeaf0ab9adb38dd69c33f80afa8fc5e86072618775ff3c0b9ea2314c9c256576d674df7496ea81d3383b4813d692c6e0e0d5d8e250b98be48e495c1d6089dad15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e57ec68edbc3c05726cc02fd4cbf4976eaa9afd5138fe8376435b9fc61d2fc0eb06e3"; @@ -154,6 +154,5 @@ SRP.prototype.Session = function(login, password) { } return str; } +}; - -} -- cgit v1.2.3 From 082f859bbdaedf4f03eb85aea9b8f88ffda2fe6d Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 19 Nov 2012 18:11:20 +0100 Subject: further cleanup --- src/jqueryRest.js | 62 ++++++++++++++++++++++-------------------------------- src/srp_session.js | 16 ++++++++++++++ 2 files changed, 41 insertions(+), 37 deletions(-) (limited to 'src') diff --git a/src/jqueryRest.js b/src/jqueryRest.js index 29f737c..c439f67 100644 --- a/src/jqueryRest.js +++ b/src/jqueryRest.js @@ -1,51 +1,39 @@ -jqueryRest = function() { - - // we do not fetch the salt from the server - function register(session) - { - return sendVerifier(session); - } +srp.remote = (function(){ + var jqueryRest = (function() { - function sendVerifier(session) { - var salt = session.getSalt(); - return $.post("users.json", { user: - { login: session.getI(), - password_salt: salt, - password_verifier: session.getV(salt).toString(16) - } - }); - } + // we do not fetch the salt from the server + function register(session) { + return $.post("users.json", { user: session.signup() }); + } - function handshake(session) { - return $.post("sessions.json", { login: session.getI(), A: session.getAstr()}); - } + function handshake(session) { + return $.post("sessions.json", session.handshake()); + } - function authenticate(session) { - return $.ajax({ - url: "sessions/" + session.getI() + ".json", - type: 'PUT', - data: {client_auth: session.getM()}, - }); - } + function authenticate(session) { + return $.ajax({ + url: "sessions/" + session.getI() + ".json", + type: 'PUT', + data: {client_auth: session.getM()} + }); + } - return { - register: register, - register_send_verifier: sendVerifier, - handshake: handshake, - authenticate: authenticate - }; -}; + return { + register: register, + handshake: handshake, + authenticate: authenticate + }; + }()); -srp.remote = (function(){ function signup(){ - jqueryRest().register(srp.session) + jqueryRest.register(srp.session) .success(srp.signedUp) .error(srp.error) }; function login(){ - jqueryRest().handshake(srp.session) + jqueryRest.handshake(srp.session) .success(receiveSalts) .error(srp.error) }; @@ -62,7 +50,7 @@ srp.remote = (function(){ else { srp.session.calculations(response.salt, response.B); - jqueryRest().authenticate(srp.session) + jqueryRest.authenticate(srp.session) .success(confirmAuthentication) .error(srp.error); } diff --git a/src/srp_session.js b/src/srp_session.js index 7f1232f..b278993 100644 --- a/src/srp_session.js +++ b/src/srp_session.js @@ -35,6 +35,22 @@ srp.Session = function(login, password) { return Astr; }; + this.signup = function() { + var salt = this.getSalt(); + return { + login: this.getI(), + password_salt: salt, + password_verifier: this.getV(salt).toString(16) + }; + }; + + this.handshake = function() { + return { + login: this.getI(), + A: this.getAstr() + }; + }; + this.getAstr = function() { return Astr; } -- cgit v1.2.3