keeweb
/
keeweb
mirror of https://github.com/keeweb/keeweb.git
1
0
Fork 0
Code Issues Releases Wiki Activity
keeweb/app/scripts/comp/extension/protocol-impl.js

535 lines
15 KiB
JavaScript
Raw Normal View History

browser extension backend 101
2021-04-06 20:10:42 +02:00
import kdbxweb from 'kdbxweb';
browser extension file notifications
2021-04-06 21:27:58 +02:00
import { Events } from 'framework/events';
browser extension backend 101
2021-04-06 20:10:42 +02:00
import { Launcher } from 'comp/launcher';
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
import { box as tweetnaclBox } from 'tweetnacl';
browser extension: generate-password method
2021-04-08 17:59:39 +02:00
import { PasswordGenerator } from 'util/generators/password-generator';
import { GeneratorPresets } from 'comp/app/generator-presets';
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
import { Alerts } from 'comp/ui/alerts';
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
import { Locale } from 'util/locale';
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
import { RuntimeInfo } from 'const/runtime-info';
import { KnownAppVersions } from 'const/known-app-versions';
extension connection dialog
2021-04-25 13:46:59 +02:00
import { ExtensionConnectView } from 'views/extension/extension-connect-view';
import { RuntimeDataModel } from 'models/runtime-data-model';
eslint fix
2021-04-26 12:08:30 +02:00
import { AppSettingsModel } from 'models/app-settings-model';
extension connection timeout
2021-04-25 14:09:54 +02:00
import { Timeouts } from 'const/timeouts';
more extension logging
2021-04-11 10:17:02 +02:00
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
const KeeWebAssociationId = 'KeeWeb';
const KeeWebHash = '398d9c782ec76ae9e9877c2321cbda2b31fc6d18ccf0fed5ca4bd746bab4d64a'; // sha256('KeeWeb')
browser extension backend 101
2021-04-06 20:10:42 +02:00
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
const Errors = {
noOpenFiles: {
message: Locale.extensionErrorNoOpenFiles,
code: '1'
},
userRejected: {
message: Locale.extensionErrorUserRejected,
code: '6'
}
};
moved browser socket connection management to the main process
2021-04-18 14:26:45 +02:00
const connectedClients = new Map();
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
let logger;
let appModel;
let sendEvent;
moved more code to protocol-impl
2021-04-12 23:42:42 +02:00
function setupListeners() {
Events.on('file-opened', () => {
sendEvent({ action: 'database-unlocked' });
});
Events.on('one-file-closed', () => {
if (!appModel.files.hasOpenFiles()) {
sendEvent({ action: 'database-locked' });
}
});
Events.on('all-files-closed', () => {
sendEvent({ action: 'database-locked' });
});
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
}
browser extension backend 101
2021-04-06 20:10:42 +02:00
function incrementNonce(nonce) {
// from libsodium/utils.c, like it is in KeePassXC
let i = 0;
let c = 1;
for (; i < nonce.length; ++i) {
c += nonce[i];
nonce[i] = c;
c >>= 8;
}
}
function getClient(request) {
if (!request.clientID) {
throw new Error('Empty clientID');
}
closing browser extension connections
2021-04-11 12:48:58 +02:00
const client = connectedClients.get(request.clientID);
browser extension backend 101
2021-04-06 20:10:42 +02:00
if (!client) {
throw new Error(`Client not connected: ${request.clientID}`);
}
return client;
}
function decryptRequest(request) {
const client = getClient(request);
if (!request.nonce) {
throw new Error('Empty nonce');
}
if (!request.message) {
throw new Error('Empty message');
}
const nonce = kdbxweb.ByteUtils.base64ToBytes(request.nonce);
const message = kdbxweb.ByteUtils.base64ToBytes(request.message);
const data = tweetnaclBox.open(message, nonce, client.publicKey, client.keys.secretKey);
const json = new TextDecoder().decode(data);
const payload = JSON.parse(json);
option to debug browser extension transport
2021-04-11 17:59:05 +02:00
logger.debug('Extension -> KeeWeb -> (decrypted)', payload);
setting nonce in response payload
2021-04-08 17:36:42 +02:00
if (!payload) {
throw new Error('Empty request payload');
}
if (payload.action !== request.action) {
browser extension backend 101
2021-04-06 20:10:42 +02:00
throw new Error(`Bad action in decrypted payload`);
}
return payload;
}
function encryptResponse(request, payload) {
option to debug browser extension transport
2021-04-11 17:59:05 +02:00
logger.debug('KeeWeb -> Extension (decrypted)', payload);
setting nonce in response payload
2021-04-08 17:36:42 +02:00
const nonceBytes = kdbxweb.ByteUtils.base64ToBytes(request.nonce);
incrementNonce(nonceBytes);
const nonce = kdbxweb.ByteUtils.bytesToBase64(nonceBytes);
browser extension backend 101
2021-04-06 20:10:42 +02:00
const client = getClient(request);
setting nonce in response payload
2021-04-08 17:36:42 +02:00
payload.nonce = nonce;
browser extension backend 101
2021-04-06 20:10:42 +02:00
const json = JSON.stringify(payload);
const data = new TextEncoder().encode(json);
setting nonce in response payload
2021-04-08 17:36:42 +02:00
const encrypted = tweetnaclBox(data, nonceBytes, client.publicKey, client.keys.secretKey);
browser extension backend 101
2021-04-06 20:10:42 +02:00
const message = kdbxweb.ByteUtils.bytesToBase64(encrypted);
return {
action: request.action,
message,
nonce
};
}
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
function makeError(def) {
const e = new Error(def.message);
e.code = def.code;
return e;
}
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
function ensureAtLeastOneFileIsOpen() {
if (!appModel.files.hasOpenFiles()) {
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
throw makeError(Errors.noOpenFiles);
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
}
}
unlocking on request from browser extension
2021-04-26 12:06:03 +02:00
async function checkContentRequestPermissions(request) {
if (!appModel.files.hasOpenFiles()) {
if (AppSettingsModel.extensionFocusIfLocked) {
try {
focusKeeWeb();
await appModel.unlockAnyFile(
'extensionUnlockMessage',
Timeouts.KeeWebConnectRequest
);
} catch {
don't hide keeweb after successful result
2021-04-26 12:16:22 +02:00
Launcher?.hideApp();
unlocking on request from browser extension
2021-04-26 12:06:03 +02:00
throw makeError(Errors.noOpenFiles);
}
} else {
throw makeError(Errors.noOpenFiles);
}
}
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
const client = getClient(request);
extension connection dialog
2021-04-25 13:46:59 +02:00
if (client.permissions) {
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
return;
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
}
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
return new Promise((resolve, reject) => {
if (Alerts.alertDisplayed) {
return reject(new Error(Locale.extensionErrorAlertDisplayed));
}
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
focusKeeWeb();
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
extension connection dialog
2021-04-25 13:46:59 +02:00
const config = RuntimeDataModel.extensionConnectConfig;
const files = appModel.files.map((f) => ({
id: f.id,
name: f.name,
checked: !config || config.allFiles || config.files.includes(f.id)
}));
if (!files.some((f) => f.checked)) {
for (const f of files) {
f.checked = true;
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
}
}
extension connection dialog
2021-04-25 13:46:59 +02:00
fixed extension connection on web
2021-04-25 20:38:49 +02:00
const extensionName = client.connection.appName
? `${client.connection.extensionName} (${client.connection.appName})`
: client.connection.extensionName;
extension connection dialog
2021-04-25 13:46:59 +02:00
const extensionConnectView = new ExtensionConnectView({
fixed extension connection on web
2021-04-25 20:38:49 +02:00
extensionName,
extension connection dialog
2021-04-25 13:46:59 +02:00
identityVerified: !Launcher,
files,
allFiles: config?.allFiles ?? true,
askGet: config?.askGet || 'multiple'
});
extension connection timeout
2021-04-25 14:09:54 +02:00
let inactivityTimer = 0;
const alert = Alerts.alert({
extension connection dialog
2021-04-25 13:46:59 +02:00
header: Locale.extensionConnectHeader,
icon: 'exchange-alt',
view: extensionConnectView,
wide: true,
opaque: true,
buttons: [Alerts.buttons.allow, Alerts.buttons.deny],
success: () => {
extension connection timeout
2021-04-25 14:09:54 +02:00
clearTimeout(inactivityTimer);
extension connection dialog
2021-04-25 13:46:59 +02:00
RuntimeDataModel.extensionConnectConfig = extensionConnectView.config;
client.permissions = extensionConnectView.config;
session management in settings
2021-04-25 18:08:16 +02:00
Events.emit('browser-extension-sessions-changed');
extension connection dialog
2021-04-25 13:46:59 +02:00
resolve();
},
extension connection timeout
2021-04-25 14:09:54 +02:00
cancel: () => {
session management in settings
2021-04-25 18:08:16 +02:00
client.permissionsDenied = true;
extension connection timeout
2021-04-25 14:09:54 +02:00
clearTimeout(inactivityTimer);
session management in settings
2021-04-25 18:08:16 +02:00
Events.emit('browser-extension-sessions-changed');
extension connection timeout
2021-04-25 14:09:54 +02:00
reject(makeError(Errors.userRejected));
}
extension connection dialog
2021-04-25 13:46:59 +02:00
});
extension connection timeout
2021-04-25 14:09:54 +02:00
inactivityTimer = setTimeout(() => {
alert.closeWithResult('');
}, Timeouts.KeeWebConnectRequest);
don't hide keeweb after successful result
2021-04-26 12:16:22 +02:00
}).catch((e) => {
Launcher?.hideApp();
throw e;
});
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
}
checking available files per connection
2021-04-26 15:36:21 +02:00
function getAvailableFiles(request) {
const client = getClient(request);
if (!client.permissions) {
return;
}
const files = appModel.files.filter(
(file) =>
file.active &&
(client.permissions.allFiles || client.permissions.files.includes(file.id))
);
if (!files.length) {
throw makeError(Errors.noOpenFiles);
}
return files;
}
checking own extension
2021-04-10 23:35:42 +02:00
function getVersion(request) {
moved browser socket connection management to the main process
2021-04-18 14:26:45 +02:00
const extensionName = getClient(request).connection.extensionName;
checking own extension
2021-04-10 23:35:42 +02:00
return extensionName ? RuntimeInfo.version : KnownAppVersions.KeePassXC;
}
function isKeeWebConnect(request) {
extension connection dialog
2021-04-25 13:46:59 +02:00
return getClient(request).connection.extensionName === 'KeeWeb Connect';
checking own extension
2021-04-10 23:35:42 +02:00
}
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
function focusKeeWeb() {
logger.debug('Focus KeeWeb');
if (Launcher) {
Launcher.showMainWindow();
} else {
sendEvent({ action: 'attention-required' });
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
}
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
}
fixed some contract types
2021-04-11 14:53:56 +02:00
browser extension backend 101
2021-04-06 20:10:42 +02:00
const ProtocolHandlers = {
'ping'({ data }) {
return { data };
},
moved browser socket connection management to the main process
2021-04-18 14:26:45 +02:00
'change-public-keys'(request, connection) {
let { publicKey, version, clientID: clientId } = request;
checking own extension
2021-04-10 23:35:42 +02:00
closing browser extension connections
2021-04-11 12:48:58 +02:00
if (connectedClients.has(clientId)) {
more extension logging
2021-04-11 10:17:02 +02:00
throw new Error('Changing keys is not allowed');
}
closing browser extension connections
2021-04-11 12:48:58 +02:00
if (!Launcher) {
// on web there can be only one connected client
connectedClients.clear();
}
browser extension backend 101
2021-04-06 20:10:42 +02:00
const keys = tweetnaclBox.keyPair();
publicKey = kdbxweb.ByteUtils.base64ToBytes(publicKey);
session management in settings
2021-04-25 18:08:16 +02:00
const stats = {
fixed read passwords display
2021-04-26 12:22:35 +02:00
connectedDate: new Date(),
passwordsRead: 0,
passwordsWritten: 0
session management in settings
2021-04-25 18:08:16 +02:00
};
connectedClients.set(clientId, { connection, publicKey, version, keys, stats });
Events.emit('browser-extension-sessions-changed');
browser extension backend 101
2021-04-06 20:10:42 +02:00
moved browser socket connection management to the main process
2021-04-18 14:26:45 +02:00
logger.info('New client key created', clientId, version);
more extension logging
2021-04-11 10:17:02 +02:00
fixed some contract types
2021-04-11 14:53:56 +02:00
const nonceBytes = kdbxweb.ByteUtils.base64ToBytes(request.nonce);
incrementNonce(nonceBytes);
const nonce = kdbxweb.ByteUtils.bytesToBase64(nonceBytes);
browser extension backend 101
2021-04-06 20:10:42 +02:00
return {
action: 'change-public-keys',
checking own extension
2021-04-10 23:35:42 +02:00
version: getVersion(request),
browser extension backend 101
2021-04-06 20:10:42 +02:00
publicKey: kdbxweb.ByteUtils.bytesToBase64(keys.publicKey),
fixed some contract types
2021-04-11 14:53:56 +02:00
nonce,
returning appName only for own extension
2021-04-10 23:37:24 +02:00
success: 'true',
...(isKeeWebConnect(request) ? { appName: 'KeeWeb' } : undefined)
browser extension backend 101
2021-04-06 20:10:42 +02:00
};
},
'get-databasehash'(request) {
decryptRequest(request);
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
ensureAtLeastOneFileIsOpen();
browser extension connector: implemented get-databasehash
2021-04-07 21:08:22 +02:00
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
return encryptResponse(request, {
hash: KeeWebHash,
success: 'true',
version: getVersion(request)
});
implemented lock-database
2021-04-07 22:49:23 +02:00
},
browser extension: generate-password method
2021-04-08 17:59:39 +02:00
'generate-password'(request) {
browser extension: generate-password method
2021-04-08 18:10:08 +02:00
const password = PasswordGenerator.generate(GeneratorPresets.browserExtensionPreset);
browser extension: generate-password method
2021-04-08 17:59:39 +02:00
return encryptResponse(request, {
checking own extension
2021-04-10 23:35:42 +02:00
version: getVersion(request),
browser extension: generate-password method
2021-04-08 17:59:39 +02:00
success: 'true',
fixed some contract types
2021-04-11 14:53:56 +02:00
entries: [{ password }]
browser extension: generate-password method
2021-04-08 17:59:39 +02:00
});
},
implemented lock-database
2021-04-07 22:49:23 +02:00
'lock-database'(request) {
decryptRequest(request);
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
ensureAtLeastOneFileIsOpen();
implemented lock-database
2021-04-07 22:49:23 +02:00
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
Events.emit('lock-workspace');
browser extension: asking for user attention
2021-04-08 17:28:41 +02:00
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
if (Alerts.alertDisplayed) {
refactored browser extension connector module
2021-04-12 23:37:08 +02:00
focusKeeWeb();
fixed some contract types
2021-04-11 14:53:56 +02:00
}
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
return encryptResponse(request, {
success: 'true',
version: getVersion(request)
});
},
'associate'(request) {
decryptRequest(request);
ensureAtLeastOneFileIsOpen();
return encryptResponse(request, {
success: 'true',
version: getVersion(request),
hash: KeeWebHash,
id: KeeWebAssociationId
});
},
'test-associate'(request) {
const payload = decryptRequest(request);
unlocking on request from browser extension
2021-04-26 12:06:03 +02:00
// ensureAtLeastOneFileIsOpen();
implemented get-database-groups
2021-04-12 23:05:57 +02:00
if (payload.id !== KeeWebAssociationId) {
throw makeError(Errors.noOpenFiles);
}
always returning KeeWeb hash
2021-04-11 17:22:58 +02:00
return encryptResponse(request, {
success: 'true',
version: getVersion(request),
hash: KeeWebHash,
id: payload.id
});
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
},
async 'get-logins'(request) {
decryptRequest(request);
await checkContentRequestPermissions(request);
throw new Error('Not implemented');
},
async 'get-totp'(request) {
decryptRequest(request);
await checkContentRequestPermissions(request);
throw new Error('Not implemented');
},
async 'set-login'(request) {
decryptRequest(request);
await checkContentRequestPermissions(request);
throw new Error('Not implemented');
},
async 'get-database-groups'(request) {
decryptRequest(request);
await checkContentRequestPermissions(request);
implemented get-database-groups
2021-04-12 23:05:57 +02:00
const makeGroups = (group) => {
const res = {
name: group.title,
uuid: kdbxweb.ByteUtils.bytesToHex(group.group.uuid.bytes),
children: []
};
for (const subGroup of group.items) {
if (subGroup.matches()) {
res.children.push(makeGroups(subGroup));
}
}
return res;
};
const groups = [];
checking available files per connection
2021-04-26 15:36:21 +02:00
for (const file of getAvailableFiles(request)) {
implemented get-database-groups
2021-04-12 23:05:57 +02:00
for (const group of file.groups) {
groups.push(makeGroups(group));
}
}
return encryptResponse(request, {
success: 'true',
version: getVersion(request),
groups: { groups }
});
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
},
async 'create-new-group'(request) {
create-group
2021-04-12 23:23:22 +02:00
const payload = decryptRequest(request);
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
await checkContentRequestPermissions(request);
create-group
2021-04-12 23:23:22 +02:00
if (!payload.groupName) {
throw new Error('No groupName');
}
// TODO: show file selector
// throw makeError(Errors.userRejected);
const groupNames = payload.groupName
.split('/')
.map((g) => g.trim())
.filter((g) => g);
if (!groupNames.length) {
throw new Error('Empty group path');
}
// TODO: create a new group
asking questions about accessing data in the extension
2021-04-11 18:59:33 +02:00
throw new Error('Not implemented');
create-group
2021-04-12 23:23:22 +02:00
// return encryptResponse(request, {
// success: 'true',
// version: getVersion(request),
// name: groupNames[groupNames.length - 1],
// uuid: kdbxweb.ByteUtils.bytesToHex(appModel.files[0].groups[0].group.uuid.bytes)
// });
browser extension backend 101
2021-04-06 20:10:42 +02:00
}
};
extracted protocolimpl
2021-04-19 23:40:57 +02:00
const ProtocolImpl = {
init(vars) {
appModel = vars.appModel;
logger = vars.logger;
sendEvent = vars.sendEvent;
setupListeners();
},
cleanup() {
session management in settings
2021-04-25 18:08:16 +02:00
const wasNotEmpty = connectedClients.size;
extracted protocolimpl
2021-04-19 23:40:57 +02:00
connectedClients.clear();
session management in settings
2021-04-25 18:08:16 +02:00
if (wasNotEmpty) {
Events.emit('browser-extension-sessions-changed');
}
extracted protocolimpl
2021-04-19 23:40:57 +02:00
},
deleteConnection(connectionId) {
session management in settings
2021-04-25 18:08:16 +02:00
for (const [clientId, client] of connectedClients.entries()) {
extracted protocolimpl
2021-04-19 23:40:57 +02:00
if (client.connection.connectionId === connectionId) {
session management in settings
2021-04-25 18:08:16 +02:00
connectedClients.delete(clientId);
extracted protocolimpl
2021-04-19 23:40:57 +02:00
}
}
session management in settings
2021-04-25 18:08:16 +02:00
Events.emit('browser-extension-sessions-changed');
extracted protocolimpl
2021-04-19 23:40:57 +02:00
},
editing file permissions in settings
2021-04-25 19:59:52 +02:00
getClientPermissions(clientId) {
return connectedClients.get(clientId)?.permissions;
},
setClientPermissions(clientId, permissions) {
const client = connectedClients.get(clientId);
if (client?.permissions) {
client.permissions = { ...client.permissions, ...permissions };
}
},
extracted protocolimpl
2021-04-19 23:40:57 +02:00
errorToResponse(e, request) {
return {
action: request?.action,
error: e.message || 'Unknown error',
errorCode: e.code || 0
};
},
async handleRequest(request, connectionInfo) {
try {
const handler = ProtocolHandlers[request.action];
if (!handler) {
throw new Error(`Handler not found: ${request.action}`);
}
return await handler(request, connectionInfo);
} catch (e) {
return this.errorToResponse(e, request);
}
session management in settings
2021-04-25 18:08:16 +02:00
},
get sessions() {
return [...connectedClients.entries()]
.map(([clientId, client]) => ({
clientId,
connectionId: client.connection.connectionId,
appName: client.connection.appName,
extensionName: client.connection.extensionName,
connectedDate: client.stats.connectedDate,
passwordsRead: client.stats.passwordsRead,
passwordsWritten: client.stats.passwordsWritten,
permissions: client.permissions,
permissionsDenied: client.permissionsDenied
}))
.sort((x, y) => y.connectedDate - x.connectedDate);
extracted protocolimpl
2021-04-19 23:40:57 +02:00
}
};
export { ProtocolImpl };