515 lines
18 KiB
JavaScript
515 lines
18 KiB
JavaScript
(function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){
|
|
/*
|
|
* Federated Wiki : Social Security Plugin
|
|
*
|
|
* Licensed under the MIT license.
|
|
* https://github.com/fedwiki/wiki-security-social/blob/master/LICENSE.txt
|
|
*/
|
|
/*
|
|
1. Display login button - if there is no authenticated user
|
|
2. Display logout button - if the user is authenticated
|
|
|
|
3. When user authenticated, claim site if unclaimed - and repaint footer.
|
|
|
|
*/
|
|
var WinChan, claim_wiki, settings, setup, update_footer;
|
|
|
|
WinChan = require('./winchan.js');
|
|
|
|
settings = {};
|
|
|
|
claim_wiki = function() {
|
|
var myInit;
|
|
if (!isClaimed) {
|
|
// only try and claim if we think site is unclaimed
|
|
myInit = {
|
|
method: 'GET',
|
|
cache: 'no-cache',
|
|
mode: 'same-origin',
|
|
credentials: 'include'
|
|
};
|
|
return fetch('/auth/claim-wiki', myInit).then(function(response) {
|
|
if (response.ok) {
|
|
return response.json().then(function(json) {
|
|
var ownerName;
|
|
if (wiki.lineup.bestTitle() === 'Login Required') {
|
|
return location.reload();
|
|
} else {
|
|
ownerName = json.ownerName;
|
|
window.isClaimed = true;
|
|
window.isOwner = true;
|
|
return update_footer(ownerName, true);
|
|
}
|
|
});
|
|
} else {
|
|
return console.log('Attempt to claim site failed', response);
|
|
}
|
|
});
|
|
}
|
|
};
|
|
|
|
update_footer = function(ownerName, isAuthenticated) {
|
|
var logoutIconClass, logoutTitle, signonTitle;
|
|
// we update the owner and the login state in the footer, and
|
|
// populate the security dialog
|
|
if (ownerName) {
|
|
$('footer > #site-owner').html(`Site Owned by: <span id='site-owner' style='text-transform:capitalize;'>${ownerName}</span>`);
|
|
}
|
|
$('footer > #security').empty();
|
|
if (isAuthenticated) {
|
|
if (isOwner) {
|
|
logoutTitle = "Sign-out";
|
|
logoutIconClass = 'fa fa-unlock fa-lg fa-fw';
|
|
} else {
|
|
logoutTitle = "Not Owner : Sign-out";
|
|
logoutIconClass = 'fa fa-lock fa-lg fa-fw notOwner';
|
|
}
|
|
$('footer > #security').append(`<a href='#' id='logout' class='footer-item' title='${logoutTitle}'><i class='${logoutIconClass}'></i></a>`);
|
|
$('footer > #security > #logout').on('click', function(e) {
|
|
var myInit;
|
|
e.preventDefault();
|
|
myInit = {
|
|
method: 'GET',
|
|
cache: 'no-cache',
|
|
mode: 'same-origin',
|
|
credentials: 'include'
|
|
};
|
|
return fetch('/logout', myInit).then(function(response) {
|
|
var user;
|
|
if (response.ok) {
|
|
window.isAuthenticated = false;
|
|
user = '';
|
|
document.cookie = "state=loggedOut" + ";domain=." + settings.cookieDomain + "; path=/; max-age=60; sameSite=Strict;";
|
|
return update_footer(ownerName, isAuthenticated);
|
|
} else {
|
|
return console.log('logout failed: ', response);
|
|
}
|
|
});
|
|
});
|
|
if (!isClaimed) {
|
|
$('footer > #security').append("<a href='#' id='claim' class='foot-item' title='Claim this Wiki'><i class='fa fa-key fa-lg fa-fw'></i></a>");
|
|
return $('footer > #security > #claim').on('click', function(e) {
|
|
e.preventDefault();
|
|
return claim_wiki();
|
|
});
|
|
}
|
|
} else {
|
|
if (!isClaimed) {
|
|
signonTitle = 'Claim this Wiki';
|
|
} else {
|
|
signonTitle = 'Wiki Owner Sign-on';
|
|
}
|
|
$('footer > #security').append(`<a href='#' id='show-security-dialog' class='footer-item' title='${signonTitle}'><i class='fa fa-lock fa-lg fa-fw'></i></a>`);
|
|
return $('footer > #security > #show-security-dialog').on('click', function(e) {
|
|
var w;
|
|
e.preventDefault();
|
|
document.cookie = `wikiName=${window.location.host}` + `;domain=.${settings.cookieDomain}; path=/; max-age=300; sameSite=Strict;`;
|
|
return w = WinChan.open({
|
|
url: settings.dialogURL,
|
|
relay_url: settings.relayURL,
|
|
window_features: "menubar=0, location=0, resizable=0, scrollbars=1, status=0, dialog=1, width=700, height=375",
|
|
params: {}
|
|
}, function(err, r) {
|
|
if (err) {
|
|
return console.log(err);
|
|
} else {
|
|
window.isAuthenticated = true;
|
|
if (!isClaimed) {
|
|
return claim_wiki();
|
|
} else {
|
|
if (wiki.lineup.bestTitle() === 'Login Required') {
|
|
return location.reload();
|
|
} else {
|
|
return update_footer(ownerName, true);
|
|
}
|
|
}
|
|
}
|
|
});
|
|
});
|
|
}
|
|
};
|
|
|
|
setup = function(user) {
|
|
var lastCookie, myInit;
|
|
if (!$("link[href='https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css']").length) {
|
|
$('<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">').appendTo("head");
|
|
}
|
|
// signon could happen in a different window, so listen for cookie changes
|
|
lastCookie = document.cookie;
|
|
window.setInterval(function() {
|
|
var currentCookie, myInit;
|
|
currentCookie = document.cookie;
|
|
if (currentCookie !== lastCookie) {
|
|
console.log("Cookie changed");
|
|
if (document.cookie.match('(?:^|;)\\s?state=(.*?)(?:;|$)') !== null) {
|
|
try {
|
|
switch (document.cookie.match('(?:^|;)\\s?state=(.*?)(?:;|$)')[1]) {
|
|
case 'loggedIn':
|
|
window.isAuthenticated = true;
|
|
break;
|
|
case 'loggedOut':
|
|
window.isAuthenticated = false;
|
|
}
|
|
myInit = {
|
|
method: 'GET',
|
|
cache: 'no-cache',
|
|
mode: 'same-origin'
|
|
};
|
|
fetch('/auth/client-settings.json', myInit).then(function(response) {
|
|
return response.json().then(function(json) {
|
|
window.isOwner = json.isOwner;
|
|
return update_footer(ownerName, isAuthenticated);
|
|
});
|
|
});
|
|
} catch (error) {}
|
|
}
|
|
return lastCookie = currentCookie;
|
|
}
|
|
}, 100);
|
|
if (!$("link[href='/security/style.css']").length) {
|
|
$('<link rel="stylesheet" href="/security/style.css">').appendTo("head");
|
|
}
|
|
myInit = {
|
|
method: 'GET',
|
|
cache: 'no-cache',
|
|
mode: 'same-origin'
|
|
};
|
|
return fetch('/auth/client-settings.json', myInit).then(function(response) {
|
|
if (response.ok) {
|
|
return response.json().then(function(json) {
|
|
var dialogHost, dialogProtocol;
|
|
window.isOwner = json.isOwner;
|
|
settings = json;
|
|
if (settings.wikiHost) {
|
|
dialogHost = settings.wikiHost;
|
|
} else {
|
|
dialogHost = window.location.hostname;
|
|
}
|
|
settings.cookieDomain = dialogHost;
|
|
if (settings.useHttps) {
|
|
dialogProtocol = 'https:';
|
|
} else {
|
|
dialogProtocol = window.location.protocol;
|
|
if (window.location.port) {
|
|
dialogHost = dialogHost + ':' + window.location.port;
|
|
}
|
|
}
|
|
settings.dialogURL = dialogProtocol + '//' + dialogHost + '/auth/loginDialog';
|
|
settings.relayURL = dialogProtocol + '//' + dialogHost + '/auth/relay.html';
|
|
settings.dialogAddAltURL = dialogProtocol + '//' + dialogHost + '/auth/addAuthDialog';
|
|
return update_footer(ownerName, isAuthenticated);
|
|
});
|
|
} else {
|
|
return console.log('Unable to fetch client settings: ', response);
|
|
}
|
|
});
|
|
};
|
|
|
|
window.plugins.security = {setup, claim_wiki, update_footer};
|
|
|
|
|
|
},{"./winchan.js":2}],2:[function(require,module,exports){
|
|
var WinChan = (function() {
|
|
var RELAY_FRAME_NAME = "__winchan_relay_frame";
|
|
var CLOSE_CMD = "die";
|
|
|
|
// a portable addListener implementation
|
|
function addListener(w, event, cb) {
|
|
if(w.attachEvent) w.attachEvent('on' + event, cb);
|
|
else if (w.addEventListener) w.addEventListener(event, cb, false);
|
|
}
|
|
|
|
// a portable removeListener implementation
|
|
function removeListener(w, event, cb) {
|
|
if(w.detachEvent) w.detachEvent('on' + event, cb);
|
|
else if (w.removeEventListener) w.removeEventListener(event, cb, false);
|
|
}
|
|
|
|
|
|
// checking for IE8 or above
|
|
function isInternetExplorer() {
|
|
var rv = -1; // Return value assumes failure.
|
|
var ua = navigator.userAgent;
|
|
if (navigator.appName === 'Microsoft Internet Explorer') {
|
|
var re = new RegExp("MSIE ([0-9]{1,}[\.0-9]{0,})");
|
|
if (re.exec(ua) != null)
|
|
rv = parseFloat(RegExp.$1);
|
|
}
|
|
// IE > 11
|
|
else if (ua.indexOf("Trident") > -1) {
|
|
var re = new RegExp("rv:([0-9]{2,2}[\.0-9]{0,})");
|
|
if (re.exec(ua) !== null) {
|
|
rv = parseFloat(RegExp.$1);
|
|
}
|
|
}
|
|
|
|
return rv >= 8;
|
|
}
|
|
|
|
// checking Mobile Firefox (Fennec)
|
|
function isFennec() {
|
|
try {
|
|
// We must check for both XUL and Java versions of Fennec. Both have
|
|
// distinct UA strings.
|
|
var userAgent = navigator.userAgent;
|
|
return (userAgent.indexOf('Fennec/') != -1) || // XUL
|
|
(userAgent.indexOf('Firefox/') != -1 && userAgent.indexOf('Android') != -1); // Java
|
|
} catch(e) {}
|
|
return false;
|
|
}
|
|
|
|
// feature checking to see if this platform is supported at all
|
|
function isSupported() {
|
|
return (window.JSON && window.JSON.stringify &&
|
|
window.JSON.parse && window.postMessage);
|
|
}
|
|
|
|
// given a URL, extract the origin. Taken from: https://github.com/firebase/firebase-simple-login/blob/d2cb95b9f812d8488bdbfba51c3a7c153ba1a074/js/src/simple-login/transports/WinChan.js#L25-L30
|
|
function extractOrigin(url) {
|
|
if (!/^https?:\/\//.test(url)) url = window.location.href;
|
|
var m = /^(https?:\/\/[\-_a-zA-Z\.0-9:]+)/.exec(url);
|
|
if (m) return m[1];
|
|
return url;
|
|
}
|
|
|
|
// find the relay iframe in the opener
|
|
function findRelay() {
|
|
var loc = window.location;
|
|
var frames = window.opener.frames;
|
|
for (var i = frames.length - 1; i >= 0; i--) {
|
|
try {
|
|
if (frames[i].location.protocol === window.location.protocol &&
|
|
frames[i].location.host === window.location.host &&
|
|
frames[i].name === RELAY_FRAME_NAME)
|
|
{
|
|
return frames[i];
|
|
}
|
|
} catch(e) { }
|
|
}
|
|
return;
|
|
}
|
|
|
|
var isIE = isInternetExplorer();
|
|
|
|
if (isSupported()) {
|
|
/* General flow:
|
|
* 0. user clicks
|
|
* (IE SPECIFIC) 1. caller adds relay iframe (served from trusted domain) to DOM
|
|
* 2. caller opens window (with content from trusted domain)
|
|
* 3. window on opening adds a listener to 'message'
|
|
* (IE SPECIFIC) 4. window on opening finds iframe
|
|
* 5. window checks if iframe is "loaded" - has a 'doPost' function yet
|
|
* (IE SPECIFIC5) 5a. if iframe.doPost exists, window uses it to send ready event to caller
|
|
* (IE SPECIFIC5) 5b. if iframe.doPost doesn't exist, window waits for frame ready
|
|
* (IE SPECIFIC5) 5bi. once ready, window calls iframe.doPost to send ready event
|
|
* 6. caller upon reciept of 'ready', sends args
|
|
*/
|
|
return {
|
|
open: function(opts, cb) {
|
|
if (!cb) throw "missing required callback argument";
|
|
|
|
// test required options
|
|
var err;
|
|
if (!opts.url) err = "missing required 'url' parameter";
|
|
if (!opts.relay_url) err = "missing required 'relay_url' parameter";
|
|
if (err) setTimeout(function() { cb(err); }, 0);
|
|
|
|
// supply default options
|
|
if (!opts.window_name) opts.window_name = null;
|
|
if (!opts.window_features || isFennec()) opts.window_features = undefined;
|
|
|
|
// opts.params may be undefined
|
|
|
|
var iframe;
|
|
|
|
// sanity check, are url and relay_url the same origin?
|
|
var origin = extractOrigin(opts.url);
|
|
if (origin !== extractOrigin(opts.relay_url)) {
|
|
return setTimeout(function() {
|
|
cb('invalid arguments: origin of url and relay_url must match');
|
|
}, 0);
|
|
}
|
|
|
|
var messageTarget;
|
|
|
|
if (isIE) {
|
|
// first we need to add a "relay" iframe to the document that's served
|
|
// from the target domain. We can postmessage into a iframe, but not a
|
|
// window
|
|
iframe = document.createElement("iframe");
|
|
// iframe.setAttribute('name', framename);
|
|
iframe.setAttribute('src', opts.relay_url);
|
|
iframe.style.display = "none";
|
|
iframe.setAttribute('name', RELAY_FRAME_NAME);
|
|
document.body.appendChild(iframe);
|
|
messageTarget = iframe.contentWindow;
|
|
}
|
|
|
|
var w = opts.popup || window.open(opts.url, opts.window_name, opts.window_features);
|
|
if (opts.popup) {
|
|
w.location.href = opts.url;
|
|
}
|
|
|
|
if (!messageTarget) messageTarget = w;
|
|
|
|
// lets listen in case the window blows up before telling us
|
|
var closeInterval = setInterval(function() {
|
|
if (w && w.closed) {
|
|
cleanup();
|
|
if (cb) {
|
|
cb('User closed the popup window');
|
|
cb = null;
|
|
}
|
|
}
|
|
}, 500);
|
|
|
|
var req = JSON.stringify({a: 'request', d: opts.params});
|
|
|
|
// cleanup on unload
|
|
function cleanup() {
|
|
if (iframe) document.body.removeChild(iframe);
|
|
iframe = undefined;
|
|
if (closeInterval) closeInterval = clearInterval(closeInterval);
|
|
removeListener(window, 'message', onMessage);
|
|
removeListener(window, 'unload', cleanup);
|
|
if (w) {
|
|
try {
|
|
w.close();
|
|
} catch (securityViolation) {
|
|
// This happens in Opera 12 sometimes
|
|
// see https://github.com/mozilla/browserid/issues/1844
|
|
messageTarget.postMessage(CLOSE_CMD, origin);
|
|
}
|
|
}
|
|
w = messageTarget = undefined;
|
|
}
|
|
|
|
addListener(window, 'unload', cleanup);
|
|
|
|
function onMessage(e) {
|
|
if (e.origin !== origin) { return; }
|
|
try {
|
|
var d = JSON.parse(e.data);
|
|
if (d.a === 'ready') messageTarget.postMessage(req, origin);
|
|
else if (d.a === 'error') {
|
|
cleanup();
|
|
if (cb) {
|
|
cb(d.d);
|
|
cb = null;
|
|
}
|
|
} else if (d.a === 'response') {
|
|
cleanup();
|
|
if (cb) {
|
|
cb(null, d.d);
|
|
cb = null;
|
|
}
|
|
}
|
|
} catch(err) { }
|
|
}
|
|
|
|
addListener(window, 'message', onMessage);
|
|
|
|
return {
|
|
close: cleanup,
|
|
focus: function() {
|
|
if (w) {
|
|
try {
|
|
w.focus();
|
|
} catch (e) {
|
|
// IE7 blows up here, do nothing
|
|
}
|
|
}
|
|
}
|
|
};
|
|
},
|
|
onOpen: function(cb) {
|
|
var o = "*";
|
|
var msgTarget = isIE ? findRelay() : window.opener;
|
|
if (!msgTarget) throw "can't find relay frame";
|
|
function doPost(msg) {
|
|
msg = JSON.stringify(msg);
|
|
if (isIE) msgTarget.doPost(msg, o);
|
|
else msgTarget.postMessage(msg, o);
|
|
}
|
|
|
|
function onMessage(e) {
|
|
// only one message gets through, but let's make sure it's actually
|
|
// the message we're looking for (other code may be using
|
|
// postmessage) - we do this by ensuring the payload can
|
|
// be parsed, and it's got an 'a' (action) value of 'request'.
|
|
var d;
|
|
try {
|
|
d = JSON.parse(e.data);
|
|
} catch(err) { }
|
|
if (!d || d.a !== 'request') return;
|
|
removeListener(window, 'message', onMessage);
|
|
o = e.origin;
|
|
if (cb) {
|
|
// this setTimeout is critically important for IE8 -
|
|
// in ie8 sometimes addListener for 'message' can synchronously
|
|
// cause your callback to be invoked. awesome.
|
|
setTimeout(function() {
|
|
cb(o, d.d, function(r) {
|
|
cb = undefined;
|
|
doPost({a: 'response', d: r});
|
|
});
|
|
}, 0);
|
|
}
|
|
}
|
|
|
|
function onDie(e) {
|
|
if (e.data === CLOSE_CMD) {
|
|
try { window.close(); } catch (o_O) {}
|
|
}
|
|
}
|
|
addListener(isIE ? msgTarget : window, 'message', onMessage);
|
|
addListener(isIE ? msgTarget : window, 'message', onDie);
|
|
|
|
// we cannot post to our parent that we're ready before the iframe
|
|
// is loaded. (IE specific possible failure)
|
|
try {
|
|
doPost({a: "ready"});
|
|
} catch(e) {
|
|
// this code should never be exectued outside IE
|
|
addListener(msgTarget, 'load', function(e) {
|
|
doPost({a: "ready"});
|
|
});
|
|
}
|
|
|
|
// if window is unloaded and the client hasn't called cb, it's an error
|
|
var onUnload = function() {
|
|
try {
|
|
// IE8 doesn't like this...
|
|
removeListener(isIE ? msgTarget : window, 'message', onDie);
|
|
} catch (ohWell) { }
|
|
if (cb) doPost({ a: 'error', d: 'client closed window' });
|
|
cb = undefined;
|
|
// explicitly close the window, in case the client is trying to reload or nav
|
|
try { window.close(); } catch (e) { }
|
|
};
|
|
addListener(window, 'unload', onUnload);
|
|
return {
|
|
detach: function() {
|
|
removeListener(window, 'unload', onUnload);
|
|
}
|
|
};
|
|
}
|
|
};
|
|
} else {
|
|
return {
|
|
open: function(url, winopts, arg, cb) {
|
|
setTimeout(function() { cb("unsupported browser"); }, 0);
|
|
},
|
|
onOpen: function(cb) {
|
|
setTimeout(function() { cb("unsupported browser"); }, 0);
|
|
}
|
|
};
|
|
}
|
|
})();
|
|
|
|
if (typeof module !== 'undefined' && module.exports) {
|
|
module.exports = WinChan;
|
|
}
|
|
|
|
},{}]},{},[1]);
|