103 lines
2.9 KiB
HTML
103 lines
2.9 KiB
HTML
<!doctype html>
|
|
<html lang='en'>
|
|
<body>
|
|
<script>
|
|
function atobarray(sBase64) {
|
|
const sBinaryString = atob(sBase64.replace(/-/g, '+').replace(/_/g, '/'));
|
|
const aBinaryView = new Uint8Array(sBinaryString.length);
|
|
Array.prototype.forEach.call(aBinaryView, function (el, idx, arr) {
|
|
arr[idx] = sBinaryString.charCodeAt(idx);
|
|
});
|
|
return aBinaryView;
|
|
}
|
|
|
|
function barraytoa(arrayBuffer) {
|
|
return btoa(String.fromCharCode(...new Uint8Array(arrayBuffer)));
|
|
}
|
|
|
|
async function configure() {
|
|
try {
|
|
const data = await fetch('/auth/new-key', {
|
|
method: 'POST'
|
|
});
|
|
const json = await data.json();
|
|
json.challenge = atobarray(json.challenge);
|
|
json.user.id = atobarray(json.user.id);
|
|
const cred = await navigator.credentials.create({ publicKey: json });
|
|
var password = prompt('Administrative Password');
|
|
const addResp = await fetch('/auth/add-key', {
|
|
method: 'POST',
|
|
headers: {
|
|
"Content-Type": "application/json",
|
|
},
|
|
body: JSON.stringify({
|
|
password,
|
|
response : {
|
|
id: cred.id,
|
|
rawId: barraytoa(cred.rawId),
|
|
type: cred.type,
|
|
response: {
|
|
clientDataJSON: barraytoa(cred.response.clientDataJSON),
|
|
attestationObject: barraytoa(cred.response.attestationObject),
|
|
},
|
|
},
|
|
}),
|
|
});
|
|
} catch (e) {
|
|
console.log(e)
|
|
}
|
|
}
|
|
|
|
(async function init() {
|
|
try {
|
|
const data = await fetch('/auth/key', {
|
|
method: 'POST'
|
|
});
|
|
const json = await data.json();
|
|
let result;
|
|
if (json.allowCredentials !== undefined && json.allowCredentials.length > 0) {
|
|
json.challenge = atobarray(json.challenge);
|
|
for (let i = 0; i < json.allowCredentials.length; i++) {
|
|
json.allowCredentials[i].id =
|
|
atobarray(json.allowCredentials[i].id);
|
|
}
|
|
try {
|
|
result = await navigator.credentials.get({ publicKey: json });
|
|
} catch(e) {
|
|
console.log(e);
|
|
await configure();
|
|
return;
|
|
}
|
|
await fetch('/auth/complete', {
|
|
method: 'POST',
|
|
body: JSON.stringify({
|
|
id: result.id,
|
|
rawId: barraytoa(result.rawId),
|
|
type: result.type,
|
|
response: {
|
|
authenticatorData: barraytoa(result.response.authenticatorData),
|
|
clientDataJSON: barraytoa(result.response.clientDataJSON),
|
|
signature: barraytoa(result.response.signature),
|
|
},
|
|
}),
|
|
headers: { 'Content-Type': 'application/json' }
|
|
});
|
|
const params = await new URLSearchParams(window.location.search);
|
|
if (params.has('target')) {
|
|
window.location.href = params.get('target');
|
|
} else {
|
|
window.location.href = '/';
|
|
}
|
|
} else {
|
|
await configure();
|
|
window.location.href='/auth/login';
|
|
}
|
|
} catch(e) {
|
|
console.log(e);
|
|
}
|
|
})()
|
|
</script>
|
|
<div id="command"></div>
|
|
</body>
|
|
</html>
|