1 files changed, 69 insertions, 127 deletions
diff --git a/templates/register.tpl b/templates/register.tpl
index 794ddaa..37252a0 100644
--- a/templates/register.tpl
+++ b/templates/register.tpl
@@ -4,143 +4,85 @@
        <meta charset="utf-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <meta name="render-time" content="{{ .RenderTime }}">
+        <meta name="csrf-token" content="{{ .CSRFToken }}" />
        {{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}
-    </head>
-    <body>
-        <script type="text/javascript">
-            /*
-             * Base64URL-ArrayBuffer
-             * https://github.com/herrjemand/Base64URL-ArrayBuffer
-             *
-             * Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
-             * Copyright (c) 2012 Niklas von Hertzen
-             * Licensed under the MIT license.
-             * 
-             */
-            (function(){
-                'use strict';
-                let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
-                // Use a lookup table to find the index.
-                let lookup = new Uint8Array(256);
-                for (let i = 0; i < chars.length; i++) {
-                    lookup[chars.charCodeAt(i)] = i;
-                }
-                let encode = function(arraybuffer) {
+        <script type="text/javascript" src="/js/base64.js"></script>
-                    let bytes = new Uint8Array(arraybuffer),
-                    i, len = bytes.length, base64url = '';
-                    for (i = 0; i < len; i+=3) {
+        <script type="text/javascript">
-                        base64url += chars[bytes[i] >> 2];
+            function doRegister(evt) {
-                        base64url += chars[((bytes[i] & 3) << 4) | (bytes[i + 1] >> 4)];
+                evt.preventDefault();
-                        base64url += chars[((bytes[i + 1] & 15) << 2) | (bytes[i + 2] >> 6)];
-                        base64url += chars[bytes[i + 2] & 63];
-                    }
-                    if ((len % 3) === 2) {
-                        base64url = base64url.substring(0, base64url.length - 1);
-                    } else if (len % 3 === 1) {
-                        base64url = base64url.substring(0, base64url.length - 2);
-                    }
-                    return base64url;
-                };
-                let decode = function(base64string) {
-                    let bufferLength = base64string.length * 0.75,
-                    len = base64string.length, i, p = 0,
-                    encoded1, encoded2, encoded3, encoded4;
-                    let bytes = new Uint8Array(bufferLength);
-                    for (i = 0; i < len; i+=4) {
-                        encoded1 = lookup[base64string.charCodeAt(i)];
-                        encoded2 = lookup[base64string.charCodeAt(i+1)];
-                        encoded3 = lookup[base64string.charCodeAt(i+2)];
-                        encoded4 = lookup[base64string.charCodeAt(i+3)];
-                        bytes[p++] = (encoded1 << 2) | (encoded2 >> 4);
+                const code = document.getElementById("code").value;
-                        bytes[p++] = ((encoded2 & 15) << 4) | (encoded3 >> 2);
-                        bytes[p++] = ((encoded3 & 3) << 6) | (encoded4 & 63);
-                    }
-                    return bytes.buffer
+                const username = document.getElementById("username").value;
-                };
+                document.cookie = `username=${username}; expires=Fri, 31 Dec 9999 23:59:59 GMT; Secure`;
-                window.base64url = {
+                fetch(`/auth/register/${username}?code=${code}`)
-                    'decode': decode,
+                    .then((response) => {
-                    'encode': encode
+                        if (!response.ok) {
-                };
+                            document.body.innerHTML = "<h1>Error Fetching Registration Request</h1>";
-            })();
+                            throw new Error("Error fetching registration request");
+                        }
+                        return response.json();
+                    })
+                    .then((data) => {
+                        data.publicKey.challenge = base64url.decode(data.publicKey.challenge);
+                        data.publicKey.user.id = base64url.decode(data.publicKey.user.id);
+                        navigator.credentials.create(data)
+                            .then((credential) => {
+                                fetch(`/auth/register/${username}`, {
+                                    method: "POST",
+                                    mode: "same-origin",
+                                    headers: {
+                                        "Content-Type": "application/json",
+                                        "X-CSRF-Token": document.querySelector("meta[name=csrf-token]").content,
+                                    },
+                                    body: JSON.stringify({
+                                        code: code,
+                                        type: credential.type,
+                                        id: credential.id,
+                                        rawId: base64url.encode(credential.rawId),
+                                        response: {
+                                            clientDataJSON: base64url.encode(credential.response.clientDataJSON),
+                                            attestationObject: base64url.encode(credential.response.attestationObject)
+                                        }
+                                    })
+                                })
+                                .then((response) => {
+                                    if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
+                                    else {  document.body.innerHTML = "<h1>Failure</h1>"; }
+                                });
+                            });
+                    });
+            }
-            var request = {{ .Model.WebautnRequest }};
+            window.addEventListener("load", _ => {
-            request.publicKey.challenge = base64url.decode(request.publicKey.challenge);
+                const urlParams = new URLSearchParams(window.location.search);
-            {{ if .Model.LoginMode }}
+                const code = urlParams.get("code");
-            request.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id));
+                if (code !== "") {
-            {{ else }}
+                    document.getElementById("code").value = code;
-            request.publicKey.user.id = base64url.decode(request.publicKey.user.id);
+                }
-            {{ end }}
-            {{ if .Model.LoginMode }}
+                const usernameCookie = document.cookie.split("; ")
-            navigator.credentials.get(request)
+                    .find((row) => row.startsWith("username="))
-                .then((credential) => {
+                    .split("=")[1];
-                    console.log(credential);
-                    fetch(document.URL, {
+                if (usernameCookie != undefined && usernameCookie !== "") {
-                        method: "POST",
+                    document.getElementById("username").value = usernameCookie;
-                        mode: "same-origin",
+                }
-                        headers: {
-                            "Content-Type": "application/json",
-                            "X-CSRF-Token": "{{ .CSRFToken }}"
-                        },
-                        body: JSON.stringify({
-                            type: credential.type,
-                            id: credential.id,
-                            rawId: base64url.encode(credential.rawId),
-                            response: {
-                                authenticatorData: base64url.encode(credential.response.authenticatorData),
-                                clientDataJSON: base64url.encode(credential.response.clientDataJSON),
-                                signature: base64url.encode(credential.response.signature),
-                                userHandle: base64url.encode(credential.response.userHandle)
-                            }
-                        })
-                    })
-                    .then((response) => {
-                        if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
-                        else {  document.body.innerHTML = "<h1>Failure</h1>"; }
-                    });
-                });
-            {{ else }}
-            navigator.credentials.create(request)
-                .then((credential) => {
-                    console.log(credential);
-                    fetch(document.URL, {
+                document.getElementById("login").addEventListener("click", doRegister);
-                        method: "POST",
+            });
-                        mode: "same-origin",
-                        headers: {
-                            "Content-Type": "application/json",
-                            "X-CSRF-Token": "{{ .CSRFToken }}"
-                        },
-                        body: JSON.stringify({
-                            type: credential.type,
-                            id: credential.id,
-                            rawId: base64url.encode(credential.rawId),
-                            response: {
-                                clientDataJSON: base64url.encode(credential.response.clientDataJSON),
-                                attestationObject: base64url.encode(credential.response.attestationObject)
-                            }
-                        })
-                    })
-                    .then((response) => {
-                        if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
-                        else {  document.body.innerHTML = "<h1>Failure</h1>"; }
-                    });
-                });
-            {{ end }}
        </script>
+    </head>
+    <body>
+        <form>
+            <label for="code">Code: <input type="text" name="code" id="code" /></label><br/>
+            <label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/>
+            <input type="submit" id="login" value="Login" />
+        </form>
    </body>
 </html>

diff --git a/templates/register.tpl b/templates/register.tpl index 794ddaa..37252a0 100644 --- a/templates/register.tpl +++ b/templates/register.tpl
@@ -4,143 +4,85 @@
4	<meta charset="utf-8" />	4	<meta charset="utf-8" />
5	<meta name="viewport" content="width=device-width, initial-scale=1">	5	<meta name="viewport" content="width=device-width, initial-scale=1">
6	<meta name="render-time" content="{{ .RenderTime }}">	6	<meta name="render-time" content="{{ .RenderTime }}">
		7	<meta name="csrf-token" content="{{ .CSRFToken }}" />
7	{{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}	8	{{ if .Context.HasKey "title" }}<title>{{ .Context.Get "title" }}</title>{{ else }}<title>SSH Proxy</title>{{ end }}
8	</head>
9
10	<body>
11	<script type="text/javascript">
12	/*
13	* Base64URL-ArrayBuffer
14	* https://github.com/herrjemand/Base64URL-ArrayBuffer
15	*
16	* Copyright (c) 2017 Yuriy Ackermann <ackermann.yuriy@gmail.com>
17	* Copyright (c) 2012 Niklas von Hertzen
18	* Licensed under the MIT license.
19	*
20	*/
21	(function(){
22	'use strict';
23
24	let chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
25
26	// Use a lookup table to find the index.
27	let lookup = new Uint8Array(256);
28	for (let i = 0; i < chars.length; i++) {
29	lookup[chars.charCodeAt(i)] = i;
30	}
31		9
32	let encode = function(arraybuffer) {	10	<script type="text/javascript" src="/js/base64.js"></script>
33	let bytes = new Uint8Array(arraybuffer),
34	i, len = bytes.length, base64url = '';
35		11
36	for (i = 0; i < len; i+=3) {	12	<script type="text/javascript">
37	base64url += chars[bytes[i] >> 2];	13	function doRegister(evt) {
38	base64url += chars[((bytes[i] & 3) << 4) \| (bytes[i + 1] >> 4)];	14	evt.preventDefault();
39	base64url += chars[((bytes[i + 1] & 15) << 2) \| (bytes[i + 2] >> 6)];
40	base64url += chars[bytes[i + 2] & 63];
41	}
42
43	if ((len % 3) === 2) {
44	base64url = base64url.substring(0, base64url.length - 1);
45	} else if (len % 3 === 1) {
46	base64url = base64url.substring(0, base64url.length - 2);
47	}
48
49	return base64url;
50	};
51
52	let decode = function(base64string) {
53	let bufferLength = base64string.length * 0.75,
54	len = base64string.length, i, p = 0,
55	encoded1, encoded2, encoded3, encoded4;
56
57	let bytes = new Uint8Array(bufferLength);
58
59	for (i = 0; i < len; i+=4) {
60	encoded1 = lookup[base64string.charCodeAt(i)];
61	encoded2 = lookup[base64string.charCodeAt(i+1)];
62	encoded3 = lookup[base64string.charCodeAt(i+2)];
63	encoded4 = lookup[base64string.charCodeAt(i+3)];
64		15
65	bytes[p++] = (encoded1 << 2) \| (encoded2 >> 4);	16	const code = document.getElementById("code").value;
66	bytes[p++] = ((encoded2 & 15) << 4) \| (encoded3 >> 2);
67	bytes[p++] = ((encoded3 & 3) << 6) \| (encoded4 & 63);
68	}
69		17
70	return bytes.buffer	18	const username = document.getElementById("username").value;
71	};	19	document.cookie = `username=${username}; expires=Fri, 31 Dec 9999 23:59:59 GMT; Secure`;
72		20
73	window.base64url = {	21	fetch(`/auth/register/${username}?code=${code}`)
74	'decode': decode,	22	.then((response) => {
75	'encode': encode	23	if (!response.ok) {
76	};	24	document.body.innerHTML = "<h1>Error Fetching Registration Request</h1>";
77	})();	25	throw new Error("Error fetching registration request");
		26	}
		27	return response.json();
		28	})
		29	.then((data) => {
		30	data.publicKey.challenge = base64url.decode(data.publicKey.challenge);
		31	data.publicKey.user.id = base64url.decode(data.publicKey.user.id);
		32
		33	navigator.credentials.create(data)
		34	.then((credential) => {
		35	fetch(`/auth/register/${username}`, {
		36	method: "POST",
		37	mode: "same-origin",
		38	headers: {
		39	"Content-Type": "application/json",
		40	"X-CSRF-Token": document.querySelector("meta[name=csrf-token]").content,
		41	},
		42	body: JSON.stringify({
		43	code: code,
		44	type: credential.type,
		45	id: credential.id,
		46	rawId: base64url.encode(credential.rawId),
		47	response: {
		48	clientDataJSON: base64url.encode(credential.response.clientDataJSON),
		49	attestationObject: base64url.encode(credential.response.attestationObject)
		50	}
		51	})
		52	})
		53	.then((response) => {
		54	if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
		55	else { document.body.innerHTML = "<h1>Failure</h1>"; }
		56	});
		57	});
		58	});
		59	}
78		60
79	var request = {{ .Model.WebautnRequest }};	61	window.addEventListener("load", _ => {
80	request.publicKey.challenge = base64url.decode(request.publicKey.challenge);	62	const urlParams = new URLSearchParams(window.location.search);
81	{{ if .Model.LoginMode }}	63	const code = urlParams.get("code");
82	request.publicKey.allowCredentials.forEach(e => e.id = base64url.decode(e.id));	64	if (code !== "") {
83	{{ else }}	65	document.getElementById("code").value = code;
84	request.publicKey.user.id = base64url.decode(request.publicKey.user.id);	66	}
85	{{ end }}
86		67
87	{{ if .Model.LoginMode }}	68	const usernameCookie = document.cookie.split("; ")
88	navigator.credentials.get(request)	69	.find((row) => row.startsWith("username="))
89	.then((credential) => {	70	.split("=")[1];
90	console.log(credential);
91		71
92	fetch(document.URL, {	72	if (usernameCookie != undefined && usernameCookie !== "") {
93	method: "POST",	73	document.getElementById("username").value = usernameCookie;
94	mode: "same-origin",	74	}
95	headers: {
96	"Content-Type": "application/json",
97	"X-CSRF-Token": "{{ .CSRFToken }}"
98	},
99	body: JSON.stringify({
100	type: credential.type,
101	id: credential.id,
102	rawId: base64url.encode(credential.rawId),
103	response: {
104	authenticatorData: base64url.encode(credential.response.authenticatorData),
105	clientDataJSON: base64url.encode(credential.response.clientDataJSON),
106	signature: base64url.encode(credential.response.signature),
107	userHandle: base64url.encode(credential.response.userHandle)
108	}
109	})
110	})
111	.then((response) => {
112	if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
113	else { document.body.innerHTML = "<h1>Failure</h1>"; }
114	});
115	});
116	{{ else }}
117	navigator.credentials.create(request)
118	.then((credential) => {
119	console.log(credential);
120		75
121	fetch(document.URL, {	76	document.getElementById("login").addEventListener("click", doRegister);
122	method: "POST",	77	});
123	mode: "same-origin",
124	headers: {
125	"Content-Type": "application/json",
126	"X-CSRF-Token": "{{ .CSRFToken }}"
127	},
128	body: JSON.stringify({
129	type: credential.type,
130	id: credential.id,
131	rawId: base64url.encode(credential.rawId),
132	response: {
133	clientDataJSON: base64url.encode(credential.response.clientDataJSON),
134	attestationObject: base64url.encode(credential.response.attestationObject)
135	}
136	})
137	})
138	.then((response) => {
139	if (response.ok) { document.body.innerHTML = "<h1>Success</h1>"; }
140	else { document.body.innerHTML = "<h1>Failure</h1>"; }
141	});
142	});
143	{{ end }}
144	</script>	78	</script>
		79	</head>
		80
		81	<body>
		82	<form>
		83	<label for="code">Code: <input type="text" name="code" id="code" /></label><br/>
		84	<label for="username">Username: <input type="text" name="username" id="username" autocorrect="off" autocapitalize="none" autocomplete="username" /></label><br/>
		85	<input type="submit" id="login" value="Login" />
		86	</form>
145	</body>	87	</body>
146	</html>	88	</html>