mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-02 10:00:54 +00:00
Bug 982591 - Update TPS to retrieve keys from server instead of hard-coding them. r=warner
--HG-- extra : rebase_source : 2a9449aeca2f28a2bce648971619635b19a4d670
This commit is contained in:
parent
9099b263ed
commit
3f627fb88e
@ -360,13 +360,15 @@ FxAccountsInternal.prototype = {
|
||||
* The credentials object obtained by logging in or creating
|
||||
* an account on the FxA server:
|
||||
* {
|
||||
* email: The users email address
|
||||
* uid: The user's unique id
|
||||
* sessionToken: Session for the FxA server
|
||||
* keyFetchToken: an unused keyFetchToken
|
||||
* verified: true/false
|
||||
* authAt: The time (seconds since epoch) that this record was
|
||||
* authenticated
|
||||
* email: The users email address
|
||||
* keyFetchToken: a keyFetchToken which has not yet been used
|
||||
* sessionToken: Session for the FxA server
|
||||
* uid: The user's unique id
|
||||
* unwrapBKey: used to unwrap kB, derived locally from the
|
||||
* password (not revealed to the FxA server)
|
||||
* verified: true/false
|
||||
* }
|
||||
* @return Promise
|
||||
* The promise resolves to null when the data is saved
|
||||
|
@ -94,19 +94,21 @@ this.FxAccountsClient.prototype = {
|
||||
* @return Promise
|
||||
* Returns a promise that resolves to an object:
|
||||
* {
|
||||
* uid: the user's unique ID (hex)
|
||||
* sessionToken: a session token (hex)
|
||||
* keyFetchToken: a key fetch token (hex)
|
||||
* verified: flag indicating verification status of the email
|
||||
* authAt: authentication time for the session (seconds since epoch)
|
||||
* email: the primary email for this account
|
||||
* keyFetchToken: a key fetch token (hex)
|
||||
* sessionToken: a session token (hex)
|
||||
* uid: the user's unique ID (hex)
|
||||
* unwrapBKey: used to unwrap kB, derived locally from the
|
||||
* password (not revealed to the FxA server)
|
||||
* verified: flag indicating verification status of the email
|
||||
* }
|
||||
*/
|
||||
signIn: function signIn(email, password, getKeys=false, retryOK=true) {
|
||||
return Credentials.setup(email, password).then((creds) => {
|
||||
let data = {
|
||||
email: creds.emailUTF8,
|
||||
authPW: CommonUtils.bytesAsHex(creds.authPW),
|
||||
email: creds.emailUTF8,
|
||||
};
|
||||
let keys = getKeys ? "?keys=true" : "";
|
||||
|
||||
@ -115,6 +117,8 @@ this.FxAccountsClient.prototype = {
|
||||
// the caller can set its signed-in user state accordingly.
|
||||
result => {
|
||||
result.email = data.email;
|
||||
result.unwrapBKey = CommonUtils.bytesAsHex(creds.unwrapBKey);
|
||||
|
||||
return result;
|
||||
},
|
||||
error => {
|
||||
|
@ -283,16 +283,22 @@ add_task(function test_signIn() {
|
||||
let client = new FxAccountsClient(server.baseURI);
|
||||
let result = yield client.signIn('mé@example.com', 'bigsecret');
|
||||
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
|
||||
do_check_eq(result.unwrapBKey,
|
||||
"c076ec3f4af123a615157154c6e1d0d6293e514fd7b0221e32d50517ecf002b8");
|
||||
do_check_eq(undefined, result.keyFetchToken);
|
||||
|
||||
// Login with retrieving optional keys
|
||||
let result = yield client.signIn('you@example.com', 'bigsecret', true);
|
||||
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
|
||||
do_check_eq(result.unwrapBKey,
|
||||
"65970516211062112e955d6420bebe020269d6b6a91ebd288319fc8d0cb49624");
|
||||
do_check_eq("keyFetchToken", result.keyFetchToken);
|
||||
|
||||
// Retry due to wrong email capitalization
|
||||
let result = yield client.signIn('You@example.com', 'bigsecret', true);
|
||||
do_check_eq(FAKE_SESSION_TOKEN, result.sessionToken);
|
||||
do_check_eq(result.unwrapBKey,
|
||||
"65970516211062112e955d6420bebe020269d6b6a91ebd288319fc8d0cb49624");
|
||||
do_check_eq("keyFetchToken", result.keyFetchToken);
|
||||
|
||||
// Don't retry due to wrong email capitalization
|
||||
|
@ -10,6 +10,7 @@ this.EXPORTED_SYMBOLS = [
|
||||
|
||||
const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
|
||||
|
||||
Cu.import("resource://gre/modules/FxAccounts.jsm");
|
||||
Cu.import("resource://gre/modules/FxAccountsClient.jsm");
|
||||
Cu.import("resource://services-common/async.js");
|
||||
Cu.import("resource://services-sync/main.js");
|
||||
@ -33,17 +34,11 @@ var FxAccountsHelper = {
|
||||
let cb = Async.makeSpinningCallback();
|
||||
|
||||
var client = new FxAccountsClient();
|
||||
client.signIn(email, password).then(credentials => {
|
||||
// Add keys because without those setSignedInUser() will fail
|
||||
credentials.kA = 'foo';
|
||||
credentials.kB = 'bar';
|
||||
|
||||
Weave.Service.identity._fxaService.setSignedInUser(credentials).then(() => {
|
||||
cb(null);
|
||||
}, err => {
|
||||
cb(err);
|
||||
});
|
||||
}, (err) => {
|
||||
client.signIn(email, password, true).then(credentials => {
|
||||
return fxAccounts.setSignedInUser(credentials);
|
||||
}).then(() => {
|
||||
cb(null);
|
||||
}, err => {
|
||||
cb(err);
|
||||
});
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user