Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

source: Dev/trunk/src/client/dojox/xmpp/sasl.js @ 532

Last change on this file since 532 was 483, checked in by hendrikvanantwerpen, 11 years ago
Added Dojo 1.9.3 release.
File size: 4.8 KB

Line
1	dojo.provide("dojox.xmpp.sasl");
2	dojo.require("dojox.xmpp.util");
3
4	dojo.require("dojo.AdapterRegistry");
5	dojo.require("dojox.encoding.digests.MD5");
6
7	dojox.xmpp.sasl.saslNS = "urn:ietf:params:xml:ns:xmpp-sasl";
8
9	dojo.declare("dojox.xmpp.sasl._Base", null, {
10	mechanism: null,
11	closeAuthTag: true,
12
13	constructor: function(session){
14	this.session = session;
15
16	this.startAuth();
17	},
18	startAuth: function(){
19	var auth = new dojox.string.Builder(dojox.xmpp.util.createElement("auth", {
20	xmlns: dojox.xmpp.sasl.saslNS,
21	mechanism: this.mechanism
22	}, this.closeAuthTag));
23	this.appendToAuth(auth);
24	this.session.dispatchPacket(auth.toString());
25	},
26	appendToAuth: function(auth){},
27	onChallenge: function(msg){
28	if(!this.first_challenge){
29	this.first_challenge = true;
30	this.onFirstChallenge(msg);
31	}else{
32	this.onSecondChallenge(msg);
33	}
34	},
35	onFirstChallenge: function(){},
36	onSecondChallenge: function(){},
37	onSuccess: function(){
38	this.session.sendRestart();
39	}
40	});
41
42	dojo.declare("dojox.xmpp.sasl.SunWebClientAuth", dojox.xmpp.sasl._Base, {
43	mechanism: "SUN-COMMS-CLIENT-PROXY-AUTH"
44	});
45
46	dojo.declare("dojox.xmpp.sasl.Plain", dojox.xmpp.sasl._Base, {
47	mechanism: "PLAIN",
48	closeAuthTag: false,
49
50	appendToAuth: function(auth){
51	var id = this.session.jid;
52	var index = this.session.jid.indexOf('@');
53	if (index != -1){
54	id = this.session.jid.substring(0, index);
55	}
56	var token = this.session.jid + '\u0000' + id + '\u0000' + this.session.password;
57	token = dojox.xmpp.util.Base64.encode(token);
58
59	auth.append(token);
60	auth.append("</auth>");
61
62	delete this.session.password;
63	}
64	});
65
66	dojo.declare("dojox.xmpp.sasl.DigestMD5", dojox.xmpp.sasl._Base, {
67	mechanism: "DIGEST-MD5",
68
69	onFirstChallenge: function(msg){
70	var dxed = dojox.encoding.digests;
71	var dxedo = dojox.encoding.digests.outputTypes;
72	var HEX = function(n){
73	return dxed.MD5(n, dxedo.Hex);
74	};
75	var H = function(s){
76	return dxed.MD5(s, dxedo.String);
77	};
78
79	var ch_str = dojox.xmpp.util.Base64.decode(msg.firstChild.nodeValue);
80	var ch = {
81	realm: "",
82	nonce: "",
83	qop: "auth",
84	maxbuf: 65536
85	};
86	ch_str.replace(/([a-z]+)=([^,]+)/g, function(t,k,v){
87	v = v.replace(/^"(.+)"$/, "$1");
88	ch[k] = v;
89	});
90
91	var A2_append = '';
92	switch(ch.qop){
93	case 'auth-int':
94	case 'auth-conf':
95	A2_append = ':00000000000000000000000000000000';
96	case 'auth':
97	break;
98	default:
99	return false;
100	}
101	var cnonce = dxed.MD5(Math.random() * 1234567890, dxedo.Hex);
102	var digest_uri = 'xmpp/' + this.session.domain;
103
104	var username = this.session.jid;
105	var index = this.session.jid.indexOf('@');
106	if (index != -1){
107	username = this.session.jid.substring(0, index);
108	}
109	username = dojox.xmpp.util.encodeJid(username);
110
111	var A1 = new dojox.string.Builder();
112	A1.append(H(username + ':' + ch.realm + ':' + this.session.password),
113	':', ch.nonce + ':' + cnonce);
114	delete this.session.password;
115	var A2_rspauth = ':' + digest_uri + A2_append;
116	var A2 = 'AUTHENTICATE' + A2_rspauth;
117
118	var response_value = new dojox.string.Builder();
119	response_value.append(HEX(A1.toString()), ':', ch.nonce, ':00000001:', cnonce, ':',
120	ch.qop, ':')
121
122	var ret = new dojox.string.Builder();
123	ret.append('username="', username, '",',
124	'realm="', ch.realm, '",',
125	'nonce=', ch.nonce, ',',
126	'cnonce="', cnonce, '",',
127	'nc="00000001",qop="', ch.qop, '",digest-uri="', digest_uri, '",',
128	'response="', HEX(response_value.toString() + HEX(A2)), '",charset="utf-8"');
129
130	var response = new dojox.string.Builder(dojox.xmpp.util.createElement("response", {
131	xmlns: dojox.xmpp.xmpp.SASL_NS
132	}, false));
133	response.append(dojox.xmpp.util.Base64.encode(ret.toString()));
134	response.append('</response>');
135
136	this.rspauth = HEX(response_value.toString() + HEX(A2_rspauth));
137
138	this.session.dispatchPacket(response.toString());
139	},
140
141	onSecondChallenge: function(msg){
142	var ch_str = dojox.xmpp.util.Base64.decode(msg.firstChild.nodeValue);
143
144	if(this.rspauth == ch_str.substring(8)){
145	var response = new dojox.string.Builder(dojox.xmpp.util.createElement("response", {
146	xmlns: dojox.xmpp.xmpp.SASL_NS
147	}, true));
148	this.session.dispatchPacket(response.toString());
149	}else{
150	//FIXME
151	}
152	}
153	});
154
155	dojox.xmpp.sasl.registry = new dojo.AdapterRegistry();
156	dojox.xmpp.sasl.registry.register(
157	'SUN-COMMS-CLIENT-PROXY-AUTH',
158	function(mechanism){
159	return mechanism == 'SUN-COMMS-CLIENT-PROXY-AUTH';
160	},
161	function(mechanism, session){
162	return new dojox.xmpp.sasl.SunWebClientAuth(session);
163	}
164	);
165	dojox.xmpp.sasl.registry.register(
166	'DIGEST-MD5',
167	function(mechanism){
168	return mechanism == 'DIGEST-MD5';
169	},
170	function(mechanism, session){
171	return new dojox.xmpp.sasl.DigestMD5(session);
172	}
173	);
174	dojox.xmpp.sasl.registry.register(
175	'PLAIN',
176	function(mechanism){
177	return mechanism == 'PLAIN';
178	},
179	function(mechanism, session){
180	return new dojox.xmpp.sasl.Plain(session);
181	}
182	);

Note: See TracBrowser for help on using the repository browser.

Download in other formats: