Bug 982591 - Update TPS to retrieve keys from server instead of hard-coding them. r=warner

--HG--
extra : rebase_source : 2a9449aeca2f28a2bce648971619635b19a4d670
This commit is contained in:
Henrik Skupin 2014-03-21 10:23:15 +01:00
parent 9099b263ed
commit 3f627fb88e
4 changed files with 28 additions and 21 deletions

View File

@ -360,13 +360,15 @@ FxAccountsInternal.prototype = {
* The credentials object obtained by logging in or creating
* an account on the FxA server:
* {
* email: The users email address
* uid: The user's unique id
* sessionToken: Session for the FxA server
* keyFetchToken: an unused keyFetchToken
* verified: true/false
* authAt: The time (seconds since epoch) that this record was
* authenticated
* email: The users email address
* keyFetchToken: a keyFetchToken which has not yet been used
* sessionToken: Session for the FxA server
* uid: The user's unique id
* unwrapBKey: used to unwrap kB, derived locally from the
* password (not revealed to the FxA server)
* verified: true/false
* }
* @return Promise
* The promise resolves to null when the data is saved

View File

@ -94,19 +94,21 @@ this.FxAccountsClient.prototype = {
* @return Promise
* Returns a promise that resolves to an object:
* {
* uid: the user's unique ID (hex)
* sessionToken: a session token (hex)
* keyFetchToken: a key fetch token (hex)
* verified: flag indicating verification status of the email
* authAt: authentication time for the session (seconds since epoch)
* email: the primary email for this account
* keyFetchToken: a key fetch token (hex)
* sessionToken: a session token (hex)
* uid: the user's unique ID (hex)
* unwrapBKey: used to unwrap kB, derived locally from the
* password (not revealed to the FxA server)
* verified: flag indicating verification status of the email
* }
*/
signIn: function signIn(email, password, getKeys=false, retryOK=true) {
return Credentials.setup(email, password).then((creds) => {
let data = {
email: creds.emailUTF8,
authPW: CommonUtils.bytesAsHex(creds.authPW),
email: creds.emailUTF8,
};
let keys = getKeys ? "?keys=true" : "";
@ -115,6 +117,8 @@ this.FxAccountsClient.prototype = {
// the caller can set its signed-in user state accordingly.
result => {
result.email = data.email;
result.unwrapBKey = CommonUtils.bytesAsHex(creds.unwrapBKey);
return result;
},
error => {

View File

@ -283,16 +283,22 @@ add_task(function test_signIn() {
let client = new FxAccountsClient(server.baseURI);
let result = yield client.signIn('mé@example.com', 'bigsecret');
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
do_check_eq(result.unwrapBKey,
"c076ec3f4af123a615157154c6e1d0d6293e514fd7b0221e32d50517ecf002b8");
do_check_eq(undefined, result.keyFetchToken);
// Login with retrieving optional keys
let result = yield client.signIn('you@example.com', 'bigsecret', true);
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
do_check_eq(result.unwrapBKey,
"65970516211062112e955d6420bebe020269d6b6a91ebd288319fc8d0cb49624");
do_check_eq("keyFetchToken", result.keyFetchToken);
// Retry due to wrong email capitalization
let result = yield client.signIn('You@example.com', 'bigsecret', true);
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
do_check_eq(result.unwrapBKey,
"65970516211062112e955d6420bebe020269d6b6a91ebd288319fc8d0cb49624");
do_check_eq("keyFetchToken", result.keyFetchToken);
// Don't retry due to wrong email capitalization

View File

@ -10,6 +10,7 @@ this.EXPORTED_SYMBOLS = [
const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
Cu.import("resource://gre/modules/FxAccounts.jsm");
Cu.import("resource://gre/modules/FxAccountsClient.jsm");
Cu.import("resource://services-common/async.js");
Cu.import("resource://services-sync/main.js");
@ -33,17 +34,11 @@ var FxAccountsHelper = {
let cb = Async.makeSpinningCallback();
var client = new FxAccountsClient();
client.signIn(email, password).then(credentials => {
// Add keys because without those setSignedInUser() will fail
credentials.kA = 'foo';
credentials.kB = 'bar';
Weave.Service.identity._fxaService.setSignedInUser(credentials).then(() => {
cb(null);
}, err => {
cb(err);
});
}, (err) => {
client.signIn(email, password, true).then(credentials => {
return fxAccounts.setSignedInUser(credentials);
}).then(() => {
cb(null);
}, err => {
cb(err);
});