Checkup: test sandbox domain and login block

2021-03-02 16:05:18 +01:00 · 2021-03-02 16:05:18 +01:00 · d43cb509dc
parent a13f4c6dfc
commit d43cb509dc
6 changed files with 141 additions and 7 deletions
--- a/customize.dist/login.js
+++ b/customize.dist/login.js
@ -22,6 +22,7 @@ define([
            Feedback, LocalStore, Messages, nThen, Block, Hash) {
    var Exports = {
        Cred: Cred,
+        Block: Block,
        // this is depended on by non-customizable files
        // be careful when modifying login.js
        requiredBytes: 192,
@ -92,7 +93,7 @@ define([
    };


-    var loginOptionsFromBlock = function (blockInfo) {
+    var loginOptionsFromBlock = Exports.loginOptionsFromBlock = function (blockInfo) {
        var opt = {};
        var parsed = Hash.getSecrets('pad', blockInfo.User_hash);
        opt.channelHex = parsed.channel;
@ -102,7 +103,7 @@ define([
        return opt;
    };

-    var loadUserObject = function (opt, cb) {
+    var loadUserObject = Exports.loadUserObject = function (opt, cb) {
        var config = {
            websocketURL: NetConfig.getWebsocketURL(),
            channel: opt.channelHex,
--- a/customize.dist/src/less2/pages/page-checkup.less
+++ b/customize.dist/src/less2/pages/page-checkup.less
@ -53,5 +53,9 @@ html, body {
        background-color: @cp_alerts-danger-bg;
        color: @cp_alerts-danger-text;
    }
+
+    iframe {
+        display: none;
+    }
 }

--- a/www/checkup/index.html
+++ b/www/checkup/index.html
@ -6,4 +6,5 @@
    <script data-bootload="main.js" data-main="/common/boot.js" src="/bower_components/requirejs/require.js"></script>
 </head>
 <body>
+<iframe-placeholder>

--- a/www/checkup/inner.html
+++ b/www/checkup/inner.html
@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html class="cp-app-noscroll cp-app-print">
+<head>
+    <meta content="text/html; charset=utf-8" http-equiv="content-type"/>
+    <script async data-bootload="/checkup/inner.js" data-main="/common/sframe-boot.js?ver=1.7" src="/bower_components/requirejs/require.js?ver=2.3.5"></script>
+</head>
+<body class="cp-app-checkup">
+</body>
+</html>
+
+
--- a/www/checkup/inner.js
+++ b/www/checkup/inner.js
@ -0,0 +1,5 @@
+define([
+    'jquery',
+], function ($) {
+    console.log('inner loaded');
+});
--- a/www/checkup/main.js
+++ b/www/checkup/main.js
@ -4,12 +4,19 @@ define([
    '/assert/assertions.js',
    '/common/hyperscript.js',
    '/customize/messages.js',
+    '/common/dom-ready.js',
+    '/bower_components/nthen/index.js',
    '/common/sframe-common-outer.js',
+    '/customize/login.js',
+    '/common/common-hash.js',
+    '/common/common-util.js',
+    '/common/pinpad.js',


    '/bower_components/tweetnacl/nacl-fast.min.js',
    'less!/customize/src/less2/pages/page-checkup.less',
-], function ($, ApiConfig, Assertions, h, Messages /*, SFCommonO*/) {
+], function ($, ApiConfig, Assertions, h, Messages, DomReady,
+            nThen, SFCommonO, Login, Hash, Util, Pinpad) {
    var assert = Assertions();

    var trimSlashes = function (s) {
@ -41,7 +48,7 @@ define([
    var checkAvailability = function (url, cb) {
        $.ajax({
            url: url,
-            date: {},
+            data: {},
            complete: function (xhr) {
                cb(xhr.status === 200);
            },
@ -52,10 +59,115 @@ define([
        checkAvailability(trimmedUnsafe, cb);
    }, _alert("Main domain is not available"));

+    // Try loading an iframe on the safe domain
    assert(function (cb) {
-        console.log(trimmedSafe);
-        checkAvailability(trimmedSafe, cb);
-    }, _alert("Sandbox domain is not available")); // FIXME Blocked by CSP. try loading it via sframe ?
+        var to;
+        nThen(function (waitFor) {
+            DomReady.onReady(waitFor());
+        }).nThen(function (waitFor) {
+            to = setTimeout(function () {
+                console.error('TIMEOUT loading iframe on the safe domain')
+                cb(false);
+            }, 5000);
+            SFCommonO.initIframe(waitFor);
+        }).nThen(function () {
+            // Iframe is loaded
+            clearTimeout(to);
+            cb(true);
+        });
+    }, _alert("Sandbox domain is not available"));
+
+    // Write/ready access to /block/
+    assert(function (cb) {
+        var bytes = new Uint8Array(Login.requiredBytes);
+
+        var opt = Login.allocateBytes(bytes);
+
+        var blockUrl = Login.Block.getBlockUrl(opt.blockKeys);
+        var blockRequest = Login.Block.serialize("{}", opt.blockKeys);
+        var removeRequest = Login.Block.remove(opt.blockKeys);
+        console.log('Test block URL:', blockUrl);
+
+        var userHash = '/2/drive/edit/000000000000000000000000';
+        var secret = Hash.getSecrets('drive', userHash);
+        opt.keys = secret.keys;
+        opt.channelHex = secret.channel;
+
+        var RT, rpc, exists;
+
+        nThen(function (waitFor) {
+            Util.fetch(blockUrl, waitFor(function (err, block) {
+                if (err) { return; } // No block found
+                exists = true;
+            }));
+        }).nThen(function (waitFor) {
+            // Create proxy
+            Login.loadUserObject(opt, waitFor(function (err, rt) {
+                if (err) {
+                    waitFor.abort();
+                    console.error("Can't create new channel. This may also be a websocket issue.");
+                    return void cb(false);
+                }
+                RT = rt;
+                var proxy = rt.proxy;
+                proxy.edPublic = opt.edPublic;
+                proxy.edPrivate = opt.edPrivate;
+                proxy.curvePublic = opt.curvePublic;
+                proxy.curvePrivate = opt.curvePrivate;
+                rt.realtime.onSettle(waitFor());
+            }));
+        }).nThen(function (waitFor) {
+            // Init RPC
+            Pinpad.create(RT.network, RT.proxy, waitFor(function (e, _rpc) {
+                if (e) {
+                    waitFor.abort();
+                    console.error("Can't initialize RPC", e); // INVALID_KEYS
+                    return void cb(false);
+                }
+                rpc = _rpc;
+            }));
+        }).nThen(function (waitFor) {
+            // Write block
+            if (exists) { return; }
+            rpc.writeLoginBlock(blockRequest, waitFor(function (e) {
+                if (e) {
+                    waitFor.abort();
+                    console.error("Can't write login block", e);
+                    return void cb(false);
+                }
+            }));
+        }).nThen(function (waitFor) {
+            // Read block
+            Util.fetch(blockUrl, waitFor(function (e, block) {
+                if (e) {
+                    waitFor.abort();
+                    console.error("Can't read login block", e);
+                    return void cb(false);
+                }
+            }));
+        }).nThen(function (waitFor) {
+            // Remove block
+            rpc.removeLoginBlock(removeRequest, waitFor(function (e) {
+                if (e) {
+                    waitFor.abort();
+                    console.error("Can't remove login block", e);
+                    console.error(blockRequest);
+                    return void cb(false);
+                }
+            }));
+        }).nThen(function (waitFor) {
+            rpc.removeOwnedChannel(secret.channel, waitFor(function (e) {
+                if (e) {
+                    waitFor.abort();
+                    console.error("Can't remove channel", e);
+                    return void cb(false);
+                }
+            }));
+        }).nThen(function () {
+            cb(true);
+        });
+
+    }, _alert("Login Block is not working (write/read/remove)"));

    var row = function (cells) {
        return h('tr', cells.map(function (cell) {