| -rw-r--r-- | backend/php/src/index.php | 7 | ||||
| -rwxr-xr-x | frontend/beta/js/Clipperz/PM/Proxy/Proxy.PHP.js | 6 |
2 files changed, 11 insertions, 2 deletions
diff --git a/backend/php/src/index.php b/backend/php/src/index.php index eb3d75a..58c10a9 100644 --- a/backend/php/src/index.php +++ b/backend/php/src/index.php @@ -596,149 +596,152 @@ error_log("message"); // "message":"addNewOneTimePassword", // "srpSharedSecret":"96fee4af06c09ce954fe7a9f87970e943449186bebf70bac0af1d6ebb818dabb", // "parameters":{ // "user":{ // "header":"{\"records\":{\"index\":{\"419ea6....rsion\":\"0.1\"}", // "statistics":"rrlwNbDt83rpWT4S72upiVsC", // "version":"0.3", // "lock":"----" // }, // "oneTimePassword":{ // "reference":"29e26f3a2aae61fe5cf58c45296c6df4f3dceafe067ea550b455be345f44123c", // "key":"afb848208758361a96a298b9db08995cf036011747809357a90645bc93fdfa03", // "keyChecksum":"d1599ae443b5a566bfd93c0aeec4c81b42c0506ee09874dae050449580bb3486", // "data":"hsyY8DHksgR52x6c4j7XAtIUeY.....dxsr3XWt7CbGg==", // "version":"0.3" // } // } //} fixOTPStatusTable(); $user = new user(); $user = $user->Get($_SESSION["userId"]); $otp = new onetimepassword(); updateOTP($parameters["parameters"]["oneTimePassword"], $otp, "ACTIVE"); $user->AddOnetimepassword($otp); updateUserData($parameters["parameters"]["user"], $user); $user->Save(); $result["lock"] = $user->lock; $result["result"] = "done"; //============================================================= } else if ($message == "updateOneTimePasswords") { //{ // "message":"updateOneTimePasswords", // "srpSharedSecret":"c78f8ed099ea421f4dd0a4e02dbaf1f7da925f0088188d99399874ff064a3d27", // "parameters":{ // "user":{ // "header":"{\"reco...sion\":\"0.1\"}", // "statistics":"UeRq75RZHzDC7elzrh/+OB5d", // "version":"0.3", // "lock":"----" // }, // "oneTimePasswords":["f5f44c232f239efe48ab81a6236deea1a840d52946f7d4d782dad52b4c5359ce"] // } //} $user = new user(); $user = $user->Get($_SESSION["userId"]); $validOtpReferences = $parameters["parameters"]["oneTimePasswords"]; $otpList = $user->GetOnetimepasswordList(); $c = count($otpList); for ($i=0; $i<$c; $i++) { $currentOtp = $otpList[$i]; if (arrayContainsValue($validOtpReferences, $currentOtp->reference) == false) { $currentOtp->Delete(); } } updateUserData($parameters["parameters"]["user"], $user); $user->Save(); $result["result"] = $user->lock; //============================================================= } else if ($message == "getOneTimePasswordsDetails") { //============================================================= } else if ($message == "getLoginHistory") { $result["result"] = array(); //============================================================= } else if ($message == "upgradeUserCredentials") { //{ // "message":"upgradeUserCredentials", // "srpSharedSecret":"f1c25322e1478c8fb26063e9eef2f6fc25e0460065a31cb718f80bcff8f8a735", // "parameters":{ // "user":{ // "header":"{\"reco...sion\":\"0.1\"}", // "statistics":"s72Xva+w7CLgH+ihwqwXUbyu", // "version":"0.3", // "lock":"----" // }, // "credentials":{ // "C":"57d15a8afbc1ae08103bd991d387ddfd8d26824276476fe709d754f098b6c26d", // "s":"d6735fc0486f391c4f3c947928f9e61a2418e7bed2bc9b25bb43f93acc52f636", // "v":"540c2ebbf941a481b6b2c9026c07fb46e8202e4408ed96864a696deb622baece", // "version":"0.2" // }, // "oneTimePasswords":{ // "923cdc61c4b877b263236124c44d69b459d240453a461cce8ddf7518b423ca94": "1HD6Ta0xsifEDhDwE....9WDK6tvrS6w==", // "fb1573cb9497652a81688a099a524fb116e604c6fbc191cf33406eb8438efa5f": "CocN0cSxLmMRdgNF9....o3xhGUEY68Q==" // } // } //} $user = new user(); $user->Get($_SESSION["userId"]); $otp = new onetimepassword(); updateUserCredentials($parameters["parameters"]["credentials"], $user); updateUserData($parameters["parameters"]["user"], $user); $otpList = $parameters["parameters"]["oneTimePasswords"]; foreach($otpList as $otpReference=>$otpData) { $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); $currentOtp = $otpList[0]; $currentOtp->data = $otpData; $currentOtp->Save(); } $user->Save(); $result["lock"] = $user->lock; $result["result"] = "done"; //============================================================= } else if ($message == "echo") { $result["result"] = $parameters; } //============================================================= - } else { + } else if (isset($_SESSION['K'])) { $result["error"] = "Wrong shared secret!"; + } else { + $result["result"] = "EXCEPTION"; + $result["message"] = "Trying to communicate without an active connection"; } break; case "logout": error_log("logout"); session_destroy(); break; default: error_log("default"); $result["result"] = $parameters; break; } session_write_close(); echo(json_encode($result)); error_log("result: ".json_encode($result)); -?>
\ No newline at end of file +?> diff --git a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.PHP.js b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.PHP.js index e7c2bc1..6185fd6 100755 --- a/frontend/beta/js/Clipperz/PM/Proxy/Proxy.PHP.js +++ b/frontend/beta/js/Clipperz/PM/Proxy/Proxy.PHP.js @@ -113,147 +113,153 @@ YAHOO.extendX(Clipperz.PM.Proxy.PHP, Clipperz.PM.Proxy, { 'registration': function(someParameters) { return this.sendMessage('registration', someParameters, 'REGISTER'); }, //------------------------------------------------------------------------- 'handshake': function(someParameters) { /* _s = "e8a2162f29aeaabb729f5625e9740edbf0cd80ac77c6b19ab951ed6c88443b8c"; _v = new Clipperz.Crypto.BigInt("955e2db0f7844aca372f5799e5f7e51b5866718493096908bd66abcf1d068108", 16); _b = new Clipperz.Crypto.BigInt("5761e6c84d22ea3c5649de01702d60f674ccfe79238540eb34c61cd020230c53", 16); _B = _v.add(Clipperz.Crypto.SRP.g().powerModule(_b, Clipperz.Crypto.SRP.n())); _u = new Clipperz.Crypto.BigInt(Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(_B.asString(10))).toHexString(), 16); _A = new Clipperz.Crypto.BigInt("3b3567ec33d73673552e960872eb154d091a2488915941038aef759236a27e64", 16); _S = (_A.multiply(_v.powerModule(_u, Clipperz.Crypto.SRP.n()))).powerModule(_b, Clipperz.Crypto.SRP.n()); _K = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(_S.asString(10))).toHexString().slice(2); _M1 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(_A.asString(10) + _B.asString(10) + _K)).toHexString().slice(2); _M2 = Clipperz.PM.Crypto.encryptingFunctions.versions[someParameters.version].hash(new Clipperz.ByteArray(_A.asString(10) + _M1 + _K)).toHexString().slice(2); // MochiKit.Logging.logDebug("b = " + _b.asString(16)); // MochiKit.Logging.logDebug("v = " + _v.asString(16)); MochiKit.Logging.logDebug("B = " + _B.asString(16)); MochiKit.Logging.logDebug("u = " + _u.asString(16)); MochiKit.Logging.logDebug("S = " + _S.asString(16)); MochiKit.Logging.logDebug("K = " + _K); MochiKit.Logging.logDebug("M1 = " + _M1); MochiKit.Logging.logDebug("M2 = " + _M2); // MochiKit.Logging.logDebug("someParameters.version: " + someParameters.version); */ return this.sendMessage('handshake', someParameters, 'CONNECT'); }, //------------------------------------------------------------------------- 'message': function(someParameters) { return this.sendMessage('message', someParameters, 'MESSAGE'); }, //------------------------------------------------------------------------- 'logout': function(someParameters) { //MochiKit.Logging.logDebug("=== Proxy.DWR.logout"); return this.sendMessage('logout', someParameters, 'MESSAGE'); }, //========================================================================= 'sendMessage': function(aFunctionName, someParameters, aRequestType) { /* var deferredResult; var proxy; //MochiKit.Logging.logDebug(">>> Proxy.DWR.sendMessage - " + aFunctionName + " - " + aRequestType); proxy = this; deferredResult = new MochiKit.Async.Deferred(); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.1 Proxy.DWR.sendMessage - 1: " + res); return res;}); deferredResult.addCallback(MochiKit.Base.method(proxy, 'payToll'), aRequestType); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.2 Proxy.DWR.sendMessage - 2: " + Clipperz.Base.serializeJSON(res)); return res;}); deferredResult.addCallback(MochiKit.Base.method(proxy, 'sendRemoteMessage'), aFunctionName); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.3 Proxy.DWR.sendMessage - 3: " + res); return res;}); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.3 Proxy.DWR.sendMessage - 3: " + Clipperz.Base.serializeJSON(res)); return res;}); deferredResult.callback(someParameters); //MochiKit.Logging.logDebug("<<< Proxy.DWR.sendMessage"); return deferredResult; */ // return this.sendRemoteMessage(aFunctionName, someParameters); var deferredResult; var proxy; proxy = this; deferredResult = new MochiKit.Async.Deferred(); deferredResult.addCallback(MochiKit.Base.method(proxy, 'sendRemoteMessage'), aFunctionName); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.3 Proxy.PHP.sendMessage - 3: " + res); return res;}); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("x.3 Proxy.PHP.sendMessage - 3.1: " + Clipperz.Base.serializeJSON(res)); return res;}); deferredResult.callback(someParameters); return deferredResult; }, //========================================================================= 'sendRemoteMessage': function(aFunctionName, someParameters) { /* var deferredResult; //MochiKit.Logging.logDebug(">>> Proxy.DWR.sendRemoteMessage('" + aFunctionName + "', " + Clipperz.Base.serializeJSON(someParameters) + ") - " + this); deferredResult = new MochiKit.Async.Deferred(); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("Proxy.DWR.sendRemoteMessage - 1: " + res); return res;}); // deferredResult.addCallback(MochiKit.Base.method(this, 'setTollCallback')); //deferredResult.addBoth(function(res) {MochiKit.Logging.logDebug("Proxy.DWR.sendRemoteMessage - 2: " + res); return res;}); com_clipperz_pm_Proxy[aFunctionName](Clipperz.Base.serializeJSON(someParameters), { callback:MochiKit.Base.method(deferredResult, 'callback'), errorHandler:MochiKit.Base.method(deferredResult, 'errback') }); //MochiKit.Logging.logDebug("<<< Proxy.PHP.sendRemoteMessage - result: " + deferredResult); return deferredResult; */ var deferredResult; var parameters; //MochiKit.Logging.logDebug(">>> Proxy.PHP.sendRemoteMessage('" + aFunctionName + "', " + Clipperz.Base.serializeJSON(someParameters) + ") - " + this); parameters = {}; parameters['method'] = aFunctionName; // parameters['version'] = someParameters['version']; // parameters['message'] = someParameters['message']; parameters['parameters'] = Clipperz.Base.serializeJSON(someParameters); //MochiKit.Logging.logDebug("--- Proxy.PHP.sendRemoteMessage('" + Clipperz.Base.serializeJSON(parameters) + ") - " + this); deferredResult = new MochiKit.Async.Deferred(); deferredResult.addCallback(MochiKit.Async.doXHR, "./php/index.php", { method:'POST', sendContent:MochiKit.Base.queryString(parameters), headers:{"Content-Type":"application/x-www-form-urlencoded"} }); //deferredResult.addCallback(function(res) {MochiKit.Logging.logDebug("Proxy.PHP.response - 2: " + res.responseText); return res;}); //deferredResult.addErrback(function(res) {MochiKit.Logging.logDebug("Proxy.PHP.response - ERROR: " + res); return res;}); deferredResult.addCallback(MochiKit.Async.evalJSONRequest); + deferredResult.addCallback(function (someValues) { + if (someValues['result'] == 'EXCEPTION') { + throw someValues['message']; + } + return someValues; + }) deferredResult.callback(); return deferredResult; }, //========================================================================= 'isReadOnly': function() { return false; }, //========================================================================= __syntaxFix__: "syntax fix" }); //============================================================================= //Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.PHP("Proxy.PHP - async test"); |