API tools faq
paste
skrinetzki

Untitled

skrinetzki
Jun 19th, 2023
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JavaScript 6.42 KB | None | 0 0
raw download clone embed print report
  1.     <script type="text/javascript">
  2.  
  3.         const translationString = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
  4.  
  5.         function webSafeBase64ToBase64(webSafeBase64) {
  6.             base64 = webSafeBase64.replaceAll('-', '+').replaceAll('_', '/');
  7.             while (base64.length % 4)
  8.                 base64 += '=';
  9.             return base64;
  10.         };
  11.  
  12.         function base64ToWebSafeBase64(base64) {
  13.             return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");;
  14.         };
  15.  
  16.         function unit8ArrayToUrlSafeBase64 (unit8Array) {
  17.             const extraBytes = unit8Array.length % 3
  18.             let output = ''
  19.             let buffer
  20.  
  21.             function encode (pos) {
  22.                 return translationString.charAt(pos)
  23.             }
  24.  
  25.             function threeBytesToBase64 (threeBytes) {
  26.                 return encode(threeBytes >> 18) + encode(threeBytes >> 12 & 0x3F) + encode(threeBytes >> 6 & 0x3F) + encode(threeBytes & 0x3F)
  27.             }
  28.  
  29.             for (let i = 0, length = unit8Array.length - extraBytes; i < length; i += 3) {
  30.                 buffer = (unit8Array[i] << 16) + (unit8Array[i + 1] << 8) + (unit8Array[i + 2])
  31.                 output += threeBytesToBase64(buffer)
  32.             }
  33.  
  34.             // pad the end with zeros, but make sure to not forget the extra bytes
  35.             switch (extraBytes) {
  36.                 case 1:
  37.                     buffer = unit8Array[unit8Array.length - 1]
  38.                     output = output + encode(buffer >> 2) + encode((buffer << 4) & 0x3F) + '=='
  39.                     break
  40.                 case 2:
  41.                     buffer = (unit8Array[unit8Array.length - 2] << 8) + (unit8Array[unit8Array.length - 1])
  42.                     output = output + encode(buffer >> 10) + encode((buffer >> 4) & 0x3F) + encode((buffer << 2) & 0x3F) + '='
  43.                     break
  44.                 default:
  45.                     break
  46.             }
  47.  
  48.             return base64ToWebSafeBase64(output);
  49.         }
  50.  
  51.         function webSafeBase64ToBase64(webSafeBase64) {
  52.             let base64 = webSafeBase64.replaceAll('-', '+').replaceAll('_', '/');
  53.             while (base64.length % 4)
  54.                 base64 += '=';
  55.             return base64;
  56.         };
  57.  
  58.         function submitWebAuthnAssertionAsJson(webAuthnAssertionAsJson) {
  59.             const fudiscrForm = document.getElementById("fudiscr-form");
  60.             fudiscrForm._submit_function_ = fudiscrForm.submit;
  61.             fudiscrForm.setAttribute("method", "POST");
  62.             fudiscrForm.setAttribute("action", "$flowExecutionUrl");
  63.  
  64.             const fudisWebAuthnAssertionAsJsonInputField = document.createElement("input");
  65.             fudisWebAuthnAssertionAsJsonInputField.setAttribute("type", "hidden");
  66.             fudisWebAuthnAssertionAsJsonInputField.setAttribute("name", "fudis_web_authn_assertion_input")
  67.             fudisWebAuthnAssertionAsJsonInputField.setAttribute("id", "fudis_web_authn_assertion_input");
  68.             fudisWebAuthnAssertionAsJsonInputField.setAttribute("value", base64ToWebSafeBase64(btoa(webAuthnAssertionAsJson)));
  69.             fudiscrForm.appendChild(fudisWebAuthnAssertionAsJsonInputField);
  70.  
  71.             const eventIdField = document.createElement("input");
  72.             eventIdField.setAttribute("name", "_eventId_proceed");
  73.             fudiscrForm.appendChild(eventIdField);
  74.             fudiscrForm._submit_function_();
  75.         }
  76.  
  77.         function getWebAuthnAssertion() {
  78.             const publicKeyCredentialRequestOptions = {
  79.                 allowCredentials: [
  80.                     #foreach ($webAuthnDescriptor in $webAuthnDescriptors)
  81.                         {
  82.                             id: Uint8Array.from(atob(webSafeBase64ToBase64("$webAuthnDescriptor.getId()")), c => c.charCodeAt(0)),
  83.                             type: "$webAuthnDescriptor.getCredentialType()",
  84.                             transports: [
  85.                                 #foreach ($transportTypes in $webAuthnDescriptor.getTransportTypes())
  86.                                     "$transportTypes"#if($foreach.hasNext()),#end
  87.                                 #end
  88.                             ]
  89.                         }#if($foreach.hasNext()),#end
  90.                     #end
  91.                 ],
  92.                 challenge: Uint8Array.from(atob(webSafeBase64ToBase64("$webAuthnChallenge")), c => c.charCodeAt(0)),
  93.                 rpId: "$webAuthnRpId",
  94.                 userVerification: "$webAuthnUserVerificationType",
  95.                 timeout: $webAuthnTimeout
  96.             }
  97.  
  98.             navigator
  99.                     .credentials
  100.                     .get({publicKey: publicKeyCredentialRequestOptions})
  101.                     .then(function (webAuthnAssertion) {
  102.                         let webAuthnAssertionForJson = new Object();
  103.                         webAuthnAssertionForJson.authenticatorData = unit8ArrayToUrlSafeBase64(new Uint8Array(webAuthnAssertion.response.authenticatorData));
  104.                         webAuthnAssertionForJson.clientDataJson = unit8ArrayToUrlSafeBase64(new Uint8Array(webAuthnAssertion.response.clientDataJSON));
  105.                         webAuthnAssertionForJson.rawId = unit8ArrayToUrlSafeBase64(new Uint8Array(webAuthnAssertion.rawId));
  106.                         webAuthnAssertionForJson.signature = unit8ArrayToUrlSafeBase64(new Uint8Array(webAuthnAssertion.response.signature));
  107.                         webAuthnAssertionForJson.userHandle = unit8ArrayToUrlSafeBase64(new Uint8Array(webAuthnAssertion.response.userHandle));
  108.                         submitWebAuthnAssertionAsJson(JSON.stringify(webAuthnAssertionForJson));
  109.                     })
  110.                     .catch(function (error) {
  111.  
  112.                         if (error.name == "AbortError") {
  113.                             document.getElementById("get_web_authn_assertion").childNodes[0].nodeValue = '#springMessageText(
  114.                                "fudiscr.view.insert-response.web_authn.next" ,"Validate WebAuthn-Token")';
  115.                         } else {
  116.                             document.getElementById("get_web_authn_assertion").childNodes[0].nodeValue = error.name + ' - #springMessageText(
  117.                                "fudiscr.view.insert-response.web_authn.error.please-try-again" ,"Error in validation of WebAuthn token, please try again.")';
  118.                             console.log(error.name + " - " + error.message);
  119.                         }
  120.                     });
  121.         }
  122.     </script>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!