mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-28 23:31:56 +00:00
Bug 745424 - Add TokenAuthenticatedRESTRequest; r=gps
This commit is contained in:
parent
acbe837e59
commit
3baf012f42
@ -4,10 +4,15 @@
|
||||
|
||||
const {classes: Cc, interfaces: Ci, utils: Cu, results: Cr} = Components;
|
||||
|
||||
const EXPORTED_SYMBOLS = ["RESTRequest", "RESTResponse"];
|
||||
const EXPORTED_SYMBOLS = [
|
||||
"RESTRequest",
|
||||
"RESTResponse",
|
||||
"TokenAuthenticatedRESTRequest"
|
||||
];
|
||||
|
||||
Cu.import("resource://gre/modules/Services.jsm");
|
||||
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
|
||||
Cu.import("resource://services-crypto/utils.js");
|
||||
Cu.import("resource://services-common/log4moz.js");
|
||||
Cu.import("resource://services-common/preferences.js");
|
||||
Cu.import("resource://services-common/utils.js");
|
||||
@ -576,3 +581,39 @@ RESTResponse.prototype = {
|
||||
body: null
|
||||
|
||||
};
|
||||
|
||||
/**
|
||||
* Single use MAC authenticated HTTP requests to RESTish resources.
|
||||
*
|
||||
* @param uri
|
||||
* URI going to the RESTRequest constructor.
|
||||
* @param authToken
|
||||
* (Object) An auth token of the form {id: (string), key: (string)}
|
||||
* from which the MAC Authentication header for this request will be
|
||||
* derived. A token as obtained from
|
||||
* TokenServerClient.getTokenFromBrowserIDAssertion is accepted.
|
||||
* @param extra
|
||||
* (Object) Optional extra parameters. Valid keys are: nonce_bytes, ts,
|
||||
* nonce, and ext. See CrytoUtils.computeHTTPMACSHA1 for information on
|
||||
* the purpose of these values.
|
||||
*/
|
||||
function TokenAuthenticatedRESTRequest(uri, authToken, extra) {
|
||||
RESTRequest.call(this, uri);
|
||||
this.authToken = authToken;
|
||||
this.extra = extra || {};
|
||||
}
|
||||
TokenAuthenticatedRESTRequest.prototype = {
|
||||
__proto__: RESTRequest.prototype,
|
||||
|
||||
dispatch: function dispatch(method, data, onComplete, onProgress) {
|
||||
let sig = CryptoUtils.computeHTTPMACSHA1(
|
||||
this.authToken.id, this.authToken.key, method, this.uri, this.extra
|
||||
);
|
||||
|
||||
this.setHeader("Authorization", sig.getHeader());
|
||||
|
||||
return RESTRequest.prototype.dispatch.call(
|
||||
this, method, data, onComplete, onProgress
|
||||
);
|
||||
},
|
||||
};
|
@ -47,8 +47,11 @@ function addResourceAlias() {
|
||||
const handler = Services.io.getProtocolHandler("resource")
|
||||
.QueryInterface(Ci.nsIResProtocolHandler);
|
||||
|
||||
let uri = Services.io.newURI("resource:///modules/services-common/", null,
|
||||
null);
|
||||
handler.setSubstitution("services-common", uri);
|
||||
let modules = ["common", "crypto"];
|
||||
for each (let module in modules) {
|
||||
let uri = Services.io.newURI("resource:///modules/services-" + module + "/",
|
||||
null, null);
|
||||
handler.setSubstitution("services-" + module, uri);
|
||||
}
|
||||
}
|
||||
addResourceAlias();
|
||||
addResourceAlias();
|
51
services/common/tests/unit/test_tokenauthenticatedrequest.js
Normal file
51
services/common/tests/unit/test_tokenauthenticatedrequest.js
Normal file
@ -0,0 +1,51 @@
|
||||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/ */
|
||||
|
||||
Cu.import("resource://services-crypto/utils.js");
|
||||
Cu.import("resource://services-common/async.js");
|
||||
Cu.import("resource://services-common/rest.js");
|
||||
Cu.import("resource://services-common/utils.js");
|
||||
|
||||
function run_test() {
|
||||
initTestLogging("Trace");
|
||||
run_next_test();
|
||||
}
|
||||
|
||||
add_test(function test_authenticated_request() {
|
||||
_("Ensure that sending a MAC authenticated GET request works as expected.");
|
||||
|
||||
let message = "Great Success!";
|
||||
|
||||
// TODO: We use a preset key here, but use getTokenFromBrowserIDAssertion()
|
||||
// from TokenServerClient to get a real one when possible. (Bug 745800)
|
||||
let id = "eyJleHBpcmVzIjogMTM2NTAxMDg5OC4x";
|
||||
let key = "qTZf4ZFpAMpMoeSsX3zVRjiqmNs=";
|
||||
let method = "GET";
|
||||
let uri = CommonUtils.makeURI(TEST_SERVER_URL + "foo");
|
||||
|
||||
let nonce = btoa(CryptoUtils.generateRandomBytes(16));
|
||||
let ts = Math.floor(Date.now() / 1000);
|
||||
let extra = {ts: ts, nonce: nonce};
|
||||
|
||||
let sig = CryptoUtils.computeHTTPMACSHA1(id, key, method, uri, extra);
|
||||
let auth = sig.getHeader();
|
||||
|
||||
let server = httpd_setup({"/foo": function(request, response) {
|
||||
do_check_true(request.hasHeader("Authorization"));
|
||||
do_check_eq(auth, request.getHeader("Authorization"));
|
||||
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.bodyOutputStream.write(message, message.length);
|
||||
}
|
||||
});
|
||||
|
||||
let req = new TokenAuthenticatedRESTRequest(uri, {id: id, key: key}, extra);
|
||||
let cb = Async.makeSpinningCallback();
|
||||
req.get(cb);
|
||||
let result = cb.wait();
|
||||
|
||||
do_check_eq(null, result);
|
||||
do_check_eq(message, req.response.body);
|
||||
|
||||
server.stop(run_next_test);
|
||||
});
|
@ -18,4 +18,5 @@ tail =
|
||||
[test_observers.js]
|
||||
[test_preferences.js]
|
||||
[test_restrequest.js]
|
||||
[test_tokenauthenticatedrequest.js]
|
||||
[test_tokenserverclient.js]
|
||||
|
Loading…
Reference in New Issue
Block a user