From b81ff7550b9f82b481fb216cd23857e59f1cbe58 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Sat, 11 May 2019 02:17:12 -0600 Subject: [PATCH] prep for ACME-style account for Telebit --- lib/admin/js/app.js | 112 ++++++++++++++++++++++++++++---------------- 1 file changed, 71 insertions(+), 41 deletions(-) diff --git a/lib/admin/js/app.js b/lib/admin/js/app.js index 9b3b772..9d71672 100644 --- a/lib/admin/js/app.js +++ b/lib/admin/js/app.js @@ -3,6 +3,7 @@ var Vue = window.Vue; var Telebit = window.TELEBIT; +var Keypairs = window.Keypairs; var api = {}; /* @@ -462,52 +463,81 @@ new Vue({ , methods: appMethods }); +function run(key) { + // 1. Get ACME directory + // 2. Fetch ACME account + // 3. Test if account has access + // 4. Show command line auth instructions to auth + // 5. Sign requests / use JWT + // 6. Enforce token required for config, status, etc + // 7. Move admin interface to standard ports (admin.foo-bar-123.telebit.xyz) + api.config().then(function (config) { + telebitState.config = config; + if (config.greenlock) { + appData.init.acmeServer = config.greenlock.server; + } + if (config.relay) { + appData.init.relay = config.relay; + } + if (config.email) { + appData.init.email = config.email; + } + if (config.agreeTos) { + appData.init.letos = config.agreeTos; + appData.init.teletos = config.agreeTos; + } + if (config._otp) { + appData.init.otp = config._otp; + } -api.config().then(function (config) { - telebitState.config = config; - if (config.greenlock) { - appData.init.acmeServer = config.greenlock.server; - } - if (config.relay) { - appData.init.relay = config.relay; - } - if (config.email) { - appData.init.email = config.email; - } - if (config.agreeTos) { - appData.init.letos = config.agreeTos; - appData.init.teletos = config.agreeTos; - } - if (config._otp) { - appData.init.otp = config._otp; - } + telebitState.pollUrl = config._pollUrl || localStorage.getItem('poll_url'); - telebitState.pollUrl = config._pollUrl || localStorage.getItem('poll_url'); + if ((!config.token && !config._otp) || !config.relay || !config.email || !config.agreeTos) { + changeState('setup'); + setState(); + return; + } + if (!config.token && config._otp) { + changeState('otp'); + setState(); + // this will skip ahead as necessary + return Telebit.authorize(telebitState, showOtp).then(function () { + return changeState('status'); + }); + } - if ((!config.token && !config._otp) || !config.relay || !config.email || !config.agreeTos) { - changeState('setup'); - setState(); - return; - } - if (!config.token && config._otp) { - changeState('otp'); - setState(); - // this will skip ahead as necessary - return Telebit.authorize(telebitState, showOtp).then(function () { - return changeState('status'); - }); - } + // TODO handle default state + changeState('status'); + }).catch(function (err) { + appData.views.flash.error = err.message || JSON.stringify(err, null, 2); + }); +} - // TODO handle default state - changeState('status'); -}).catch(function (err) { - appData.views.flash.error = err.message || JSON.stringify(err, null, 2); -}); + +// TODO protect key with passphrase (or QR code?) +function getKey() { + var key; + try { + key = JSON.parse(localStorage.getItem('key')); + } catch(e) { + // ignore + } + if (key && key.kid && key.d) { + return Promise.resolve(key); + } + return Keypairs.generate().then(function (pair) { + key = pair.private; + localStorage.setItem('key', JSON.stringify(key)); + return key; + }); +} window.api = api; - -setTimeout(function () { - document.body.hidden = false; -}, 50); +getKey().then(function (key) { + run(key); + setTimeout(function () { + document.body.hidden = false; + }, 50); +}); }());