Advertisement
Guest User

Untitled

a guest
Sep 15th, 2018
252
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.39 KB | None | 0 0
  1. function authxhr(a, h) {
  2. function q(f, e) {
  3. var d = new XMLHttpRequest;
  4. d.onreadystatechange = function() {
  5. if (d.readyState === XMLHttpRequest.DONE)
  6. if (200 === d.status) {
  7. if (a.context) {
  8. a.context.username = k;
  9. a.context.salt = r;
  10. a.context.iterations = t;
  11. a.context.b = n;
  12. a.context.storedKey = u;
  13. var b = d.getResponseHeader("Authentication-Info");
  14. if (b) {
  15. var c = new z;
  16. c.init(b);
  17. if (b = c.a("sid")) a.context.h = b
  18. }
  19. }
  20. h(null, d.response, {
  21. storedKey: u
  22. })
  23. } else if (2 == A) h({
  24. message: "Maximum authorization attempts reached"
  25. });
  26. else if (b = d.getResponseHeader("WWW-Authenticate"),
  27. c = b.split(" "), 2 > c.length) h({
  28. message: "Invalid authorization header"
  29. });
  30. else {
  31. c.slice(1).join(" ");
  32. c = new z;
  33. c.init(b);
  34. var e = c.a("realm"),
  35. l = c.a("sr"),
  36. m = c.a("ttl"),
  37. v = c.a("data");
  38. b = c.a("sid");
  39. a.context && b && (a.context.h = b);
  40. a.context && l && (a.context.g = l, m && (a.context.m = parseInt(m) + Math.round((new Date).getTime() / 1E3)));
  41. v ? (p = c.headerValue, w = CryptoJS.enc.Utf8.stringify(CryptoJS.enc.Base64.parse(v)), c.init(w), x = c.a("r"), r = c.a("s"), t = c.a("i"), a.context && a.context.username != k && (a.context.username = null, a.context.salt =
  42. null, a.context.iterations = null, a.context.b = null, a.context.l = null)) : p = 'SCRAM-SHA-1 realm="' + e + '"';
  43. B(function() {
  44. if (v) {
  45. var a = C();
  46. a = p + ", data=" + btoa(a)
  47. } else a = y(p);
  48. A++;
  49. q(f, a)
  50. })
  51. }
  52. };
  53. d.open(a.u || "GET", f);
  54. "undefined" != typeof e && d.setRequestHeader("Authorization", e);
  55. d.send()
  56. }
  57.  
  58. function B(f) {
  59. a.context && a.context.b && a.context.username ? (k = a.context.username, n = a.context.b, f()) : k && l && r && t ? (n = CryptoJS.PBKDF2(l, CryptoJS.enc.Base64.parse(r), {
  60. keySize: 5,
  61. iterations: t
  62. }), f()) : function(f) {
  63. D(a.credentials) ? a.credentials(function(a,
  64. b) {
  65. f(a, b)
  66. }) : f(a.credentials.user, a.credentials.password)
  67. }(function(a, d) {
  68. k = a;
  69. l = d;
  70. f()
  71. })
  72. }
  73.  
  74. function D(a) {
  75. return !!(a && a.constructor && a.call && a.apply)
  76. }
  77.  
  78. function C() {
  79. var a = "c=biws,r=" + x,
  80. e = CryptoJS.HmacSHA1("Client Key", n);
  81. u = CryptoJS.SHA1(e);
  82. var d = m + "," + w + "," + a,
  83. b = CryptoJS.HmacSHA1(d, u),
  84. c = [];
  85. if (e.words.length > b.words.length)
  86. for (var g = 0; g < b.words.length; g++) c.push(e.words[g] ^ b.words[g]);
  87. else
  88. for (g = 0; g < e.words.length; g++) c.push(e.words[g] ^ b.words[g]);
  89. e = new CryptoJS.lib.WordArray.init(c);
  90. b = CryptoJS.HmacSHA1("Server Key",
  91. n);
  92. CryptoJS.HmacSHA1(d, b);
  93. return a + ",p=" + e.toString(CryptoJS.enc.Base64)
  94. }
  95.  
  96. function y(a) {
  97. m = "n=" + k + ",r=fyko+d2lbbFgONRv9qkxdawL";
  98. return a + ", data=" + btoa("n,," + m)
  99. }
  100.  
  101. function z() {
  102. this.init = function(a) {
  103. this.headerValue = a;
  104. this.f = this.headerValue.split(",")
  105. };
  106. this.a = function(a) {
  107. for (var e = null, d, b = 0; b < this.f.length; b++)
  108. if (d = this.f[b].trim(), 0 == d.indexOf(a + "=")) {
  109. e = d.split(a + "=")[1];
  110. break
  111. } return e
  112. }
  113. }
  114. if (!this instanceof authxhr) return new authxhr(a, h);
  115. if (a) {
  116. var A = 0,
  117. m, r, t, l, u, p = "SCRAM-SHA-1";
  118. if (a.context && a.context.g &&
  119. a.context.username && a.context.b) {
  120. var x = a.context.g;
  121. var n = a.context.b;
  122. var k = a.context.username;
  123. var w = "r=" + x + ",s=" + a.context.salt + ",i=" + a.context.iterations.toString();
  124. y();
  125. var E = C();
  126. q(a.uri, p + ", data=" + btoa(E))
  127. } else a.j ? B(function() {
  128. q(a.uri, y("SCRAM-SHA-1"))
  129. }) : q(a.uri)
  130. }
  131. }
  132. authxhr.createServerPassword = function(a) {
  133. var h = CryptoJS.lib.WordArray.random(20);
  134. a = CryptoJS.PBKDF2(a, h, {
  135. keySize: 5,
  136. iterations: 4096
  137. });
  138. a = CryptoJS.HmacSHA1("Client Key", a);
  139. a = CryptoJS.SHA1(a);
  140. return "$00$4096$" + h.toString(CryptoJS.enc.Base64) + "$" + a.toString(CryptoJS.enc.i)
  141. };
  142. window.authxhr = authxhr;
  143. window.createserverpassword = authxhr.createServerPassword;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement