mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 984 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
52946 Commits
379 Branches
Tree: 53db05a1f6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '53db05a1f6'
${ noResults }
nextcloud/core/src/components/login/PasswordLessLoginForm.vue

PasswordLessLoginForm.vue 5.2KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208 
  1. <template>

  2. 	<form v-if="isHttps && hasPublicKeyCredential"

  3. 		ref="loginForm"

  4. 		method="post"

  5. 		name="login"

  6. 		@submit.prevent="submit">

  7. 		<fieldset>

  8. 			<p class="grouptop groupbottom">

  9. 				<input id="user"

  10. 					ref="user"

  11. 					v-model="user"

  12. 					type="text"

  13. 					name="user"

  14. 					:autocomplete="autoCompleteAllowed ? 'on' : 'off'"

  15. 					:placeholder="t('core', 'Username or email')"

  16. 					:aria-label="t('core', 'Username or email')"

  17. 					required

  18. 					@change="$emit('update:username', user)">

  19. 				<label for="user" class="infield">{{ t('core', 'Username or	email') }}</label>

  20. 			</p>

  21. 

  22. 			<div v-if="!validCredentials">

  23. 				{{ t('core', 'Your account is not setup for passwordless login.') }}

  24. 			</div>

  25. 

  26. 			<LoginButton v-if="validCredentials"

  27. 				:loading="loading"

  28. 				:inverted-colors="invertedColors"

  29. 				@click="authenticate" />

  30. 		</fieldset>

  31. 	</form>

  32. 	<div v-else-if="!hasPublicKeyCredential">

  33. 		{{ t('core', 'Passwordless authentication is not supported in your browser.')}}

  34. 	</div>

  35. 	<div v-else-if="!isHttps">

  36. 		{{ t('core', 'Passwordless authentication is only available over a secure connection.')}}

  37. 	</div>

  38. </template>

  39. 

  40. <script>

  41. import {

  42. 	startAuthentication,

  43. 	finishAuthentication,

  44. } from '../../service/WebAuthnAuthenticationService'

  45. import LoginButton from './LoginButton'

  46. 

  47. class NoValidCredentials extends Error {

  48. 

  49. }

  50. 

  51. export default {

  52. 	name: 'PasswordLessLoginForm',

  53. 	components: {

  54. 		LoginButton,

  55. 	},

  56. 	props: {

  57. 		username: {

  58. 			type: String,

  59. 			default: '',

  60. 		},

  61. 		redirectUrl: {

  62. 			type: String,

  63. 		},

  64. 		invertedColors: {

  65. 			type: Boolean,

  66. 			default: false,

  67. 		},

  68. 		autoCompleteAllowed: {

  69. 			type: Boolean,

  70. 			default: true,

  71. 		},

  72. 		isHttps: {

  73. 			type: Boolean,

  74. 			default: false,

  75. 		},

  76. 		hasPublicKeyCredential: {

  77. 			type: Boolean,

  78. 			default: false,

  79. 		}

  80. 	},

  81. 	data() {

  82. 		return {

  83. 			user: this.username,

  84. 			loading: false,

  85. 			validCredentials: true,

  86. 		}

  87. 	},

  88. 	methods: {

  89. 		authenticate() {

  90. 			console.debug('passwordless login initiated')

  91. 

  92. 			this.getAuthenticationData(this.user)

  93. 				.then(publicKey => {

  94. 					console.debug(publicKey)

  95. 					return publicKey

  96. 				})

  97. 				.then(this.sign)

  98. 				.then(this.completeAuthentication)

  99. 				.catch(error => {

  100. 					if (error instanceof NoValidCredentials) {

  101. 						this.validCredentials = false

  102. 						return

  103. 					}

  104. 					console.debug(error)

  105. 				})

  106. 		},

  107. 		getAuthenticationData(uid) {

  108. 			const base64urlDecode = function(input) {

  109. 				// Replace non-url compatible chars with base64 standard chars

  110. 				input = input

  111. 					.replace(/-/g, '+')

  112. 					.replace(/_/g, '/')

  113. 

  114. 				// Pad out with standard base64 required padding characters

  115. 				const pad = input.length % 4

  116. 				if (pad) {

  117. 					if (pad === 1) {

  118. 						throw new Error('InvalidLengthError: Input base64url string is the wrong length to determine padding')

  119. 					}

  120. 					input += new Array(5 - pad).join('=')

  121. 				}

  122. 

  123. 				return window.atob(input)

  124. 			}

  125. 

  126. 			return startAuthentication(uid)

  127. 				.then(publicKey => {

  128. 					console.debug('Obtained PublicKeyCredentialRequestOptions')

  129. 					console.debug(publicKey)

  130. 

  131. 					if (!Object.prototype.hasOwnProperty.call(publicKey, 'allowCredentials')) {

  132. 						console.debug('No credentials found.')

  133. 						throw new NoValidCredentials()

  134. 					}

  135. 

  136. 					publicKey.challenge = Uint8Array.from(base64urlDecode(publicKey.challenge), c => c.charCodeAt(0))

  137. 					publicKey.allowCredentials = publicKey.allowCredentials.map(function(data) {

  138. 						return {

  139. 							...data,

  140. 							'id': Uint8Array.from(base64urlDecode(data.id), c => c.charCodeAt(0)),

  141. 						}

  142. 					})

  143. 

  144. 					console.debug('Converted PublicKeyCredentialRequestOptions')

  145. 					console.debug(publicKey)

  146. 					return publicKey

  147. 				})

  148. 				.catch(error => {

  149. 					console.debug('Error while obtaining data')

  150. 					throw error

  151. 				})

  152. 		},

  153. 		sign(publicKey) {

  154. 			const arrayToBase64String = function(a) {

  155. 				return window.btoa(String.fromCharCode(...a))

  156. 			}

  157. 

  158. 			return navigator.credentials.get({ publicKey })

  159. 				.then(data => {

  160. 					console.debug(data)

  161. 					console.debug(new Uint8Array(data.rawId))

  162. 					console.debug(arrayToBase64String(new Uint8Array(data.rawId)))

  163. 					return {

  164. 						id: data.id,

  165. 						type: data.type,

  166. 						rawId: arrayToBase64String(new Uint8Array(data.rawId)),

  167. 						response: {

  168. 							authenticatorData: arrayToBase64String(new Uint8Array(data.response.authenticatorData)),

  169. 							clientDataJSON: arrayToBase64String(new Uint8Array(data.response.clientDataJSON)),

  170. 							signature: arrayToBase64String(new Uint8Array(data.response.signature)),

  171. 							userHandle: data.response.userHandle ? arrayToBase64String(new Uint8Array(data.response.userHandle)) : null,

  172. 						},

  173. 					}

  174. 				})

  175. 				.then(challenge => {

  176. 					console.debug(challenge)

  177. 					return challenge

  178. 				})

  179. 				.catch(error => {

  180. 					console.debug('GOT AN ERROR!')

  181. 					console.debug(error) // Example: timeout, interaction refused...

  182. 				})

  183. 		},

  184. 		completeAuthentication(challenge) {

  185. 			console.debug('TIME TO COMPLETE')

  186. 

  187. 			const location = this.redirectUrl

  188. 

  189. 			return finishAuthentication(JSON.stringify(challenge))

  190. 				.then(data => {

  191. 					console.debug('Logged in redirecting')

  192. 					window.location.href = location

  193. 				})

  194. 				.catch(error => {

  195. 					console.debug('GOT AN ERROR WHILE SUBMITTING CHALLENGE!')

  196. 					console.debug(error) // Example: timeout, interaction refused...

  197. 				})

  198. 		},

  199. 		submit() {

  200. 			// noop

  201. 		},

  202. 	},

  203. }

  204. </script>

  205. 

  206. <style scoped>

  207. 

  208. </style>