viamapi-iframe.js

import "../lib/textencoder.polyfill";
import { parseSMIME, prepareVCardParts } from "../utilities/emailUtilities";
import {
  stringToUtf8ByteArray,
  utf8ByteArrayToString,
  stringToUtf8Base64,
  utf8Base64ToString,
  base64ToByteArray,
  byteArrayToBase64
} from "../utilities/stringUtilities";
import { extractMessageID } from "../helpers/mailparser";

const Penpal = require("penpal").default;

import {
  createDeviceHash,
  destroyIdentityFromLocalStorage,
  encodeResponse,
  listIdentitiesFromLocalStorage,
  makeid
} from "../utilities/appUtility";
import { LOGIN_MODES } from "../constants/authentication";
import {
  CertificateData,
  ImageData,
  createOneTimePassportCertificate,
  createPassportCertificate,
  decryptMessage,
  encryptMessage,
  parseCertificate,
  signEmail,
  verifySMIME
} from "../utilities/signingUtilities";
import { signPdf } from "../utilities/pdfUtilities";
import CryptoData from "../CryptoData";
import Identity from "../Identity";
import {
  STATUS_DEVICE_REVOKED,
  STATUS_USER_NOT_ACTIVATED,
  STATUS_USER_BLOCKED
} from "../constants/statuses";
import generateQrCode from "../utilities/generateQrCode";
import {
  generateRecoveryKey,
  divideSecretToShares,
  combineSecret,
  encryptShare
} from "../utilities/secrets";

const penpalMethods = require("../../temp/penpal-methods").default;
const WopiAPI = require("./wopiapi-iframe");
const CollaboraAPI = require("./collaboraapi-iframe");
const ViamAPI = require("../../temp/viamapi");

const identityColors = ["#994392", "#cb0767", "#e51d31", "#ec671b", "#fab610"];

function getNextColor() {
  let colorIndex = localStorage.getItem("colorIndex");
  if (colorIndex == null || colorIndex === "") {
    colorIndex = 0;
  }

  const color = identityColors[colorIndex];

  colorIndex++;

  colorIndex = colorIndex % identityColors.length;

  localStorage.setItem("colorIndex", colorIndex);

  return color;
}

function setKeyForUUID(uuid, key) {
  const storedIdentityForUuid = localStorage.getItem("keyperuuid/" + uuid);
  if (
    storedIdentityForUuid !== key &&
    storedIdentityForUuid != null &&
    storedIdentityForUuid !== ""
  ) {
    destroyIdentityFromLocalStorage(storedIdentityForUuid);
  }

  localStorage.setItem("keyperuuid/" + uuid, key);
}

function getColorForIdentity(key) {
  let storedColor = localStorage.getItem("colors/" + key);

  if (storedColor == null || storedColor === "") {
    storedColor = getNextColor();
    localStorage.setItem("colors/" + key, storedColor);
  }

  return storedColor;
}

function setIdentityInLocalStorage(identityToStore, extendKey = true) {
  let pinCode = identityToStore.pinCode;
  const serializedIdentity = JSON.stringify(identityToStore);
  const key = identityToStore.authentication.publicKey;

  if (pinCode == null || pinCode === "") {
    pinCode = getPincode(key);
  }

  if (pinCode == null || pinCode === "") {
    return null;
  }

  return encryptMessage(serializedIdentity, pinCode, "identity").then(
    encryptedIdentity => {
      let success = true;
      if (extendKey === true) {
        success = extendPinCodeTtl(key, pinCode);
      }
      if (success === true) {
        localStorage.setItem(key, encryptedIdentity);
        const serializedIdentitiesList = localStorage.getItem("identities");
        const identities = JSON.parse(serializedIdentitiesList);
        identities[key] = true;

        localStorage.setItem("identities", JSON.stringify(identities));
      } else {
        console.log("Can not extend pincode ttl");
      }
    }
  );
}

function getProfileData(identity) {
  return new Penpal.Promise(executeResultUpper => {
    executeRestfulFunction(
      "private",
      viamApi,
      viamApi.identityGetIdentityProfileData,
      null
    ).then(executeResult => {
      if (executeResult.code === "200") {
        const listItem = {};

        listItem.identityColor = getColorForIdentity(
          identity.authentication.publicKey
        );
        listItem.initials = executeResult.data.initials;

        if (listItem.initials === null || listItem.initials === "") {
          listItem.initials = "JD";
        }
        localStorage.setItem(
          "profiles/" + identity.authentication.publicKey,
          JSON.stringify(listItem)
        );
        executeResultUpper(listItem);
      } else {
        executeResultUpper({});
      }
    });
  });
}

async function getIdentityFromLocalStorage(key, pinCode, extendTtl = true) {
  const encryptedIdentity = localStorage.getItem(key);

  if (!encryptedIdentity) {
    console.log("No such identity for public key");
    return null;
  }

  const serializedIdentity = await decryptMessage(encryptedIdentity, pinCode);

  const identity = new Identity(serializedIdentity);

  if (extendTtl) {
    const success = extendPinCodeTtl(key, pinCode);
    if (!success) {
      console.log("Can not extend pincode ttl");
      return null;
    }
  }

  return identity;
}

function extendPinCodeTtl(key, pinCode) {
  if (pinCode == null || pinCode === "") {
    const now = new Date();
    const nowMillis = now.getTime();
    const ttl = window.sessionStorage.getItem("pincodettls/" + key);
    if (ttl == null || ttl === "" || nowMillis >= parseInt(ttl)) {
      clearPinCodeTtl(key);
      return false;
    } else {
      const ttl = now.getTime() + 4 * 60 * 60 * 1000;
      window.sessionStorage.setItem("pincodettls/" + key, ttl);
    }
  } else {
    const now = new Date();
    const ttl = now.getTime() + 4 * 60 * 60 * 1000;
    window.sessionStorage.setItem("pincodettls/" + key, ttl);
    window.sessionStorage.setItem("pincodes/" + key, pinCode);
  }

  return true;
}

window.extendPinCodeTtl = extendPinCodeTtl;

function clearPinCodeTtl(key) {
  window.sessionStorage.removeItem("pincodettls/" + key);
  window.sessionStorage.removeItem("pincodes/" + key);
}

function getPincode(key) {
  const now = new Date();
  const nowMillis = now.getTime();
  const ttl = window.sessionStorage.getItem("pincodettls/" + key);
  if (ttl == null || ttl === "") {
    return null;
  } else {
    if (nowMillis >= parseInt(ttl)) {
      clearPinCodeTtl(key);
      return null;
    } else {
      return window.sessionStorage.getItem("pincodes/" + key);
    }
  }
}

function createEvent(actionId, type, payloads) {
  return {
    actionID: actionId,
    type,
    stamp: new Date().getTime(),
    payloads
  };
}

const destroyAuthentication = () => {
  const authenticationPublicKey = localStorage.getItem("authenticatedIdentity");

  window.viamApi.setIdentity("");
  window.viamApi.setSessionData("", "");

  clearPinCodeTtl(authenticationPublicKey);

  localStorage.removeItem("uuid");
  localStorage.removeItem("token");
  localStorage.removeItem("authenticatedIdentity");

  window.currentlyAuthenticatedIdentity = null;
  window.lastTimeGetProfile = 0;
};

const destroyIdentity = () => {
  destroyAuthentication();

  if (window.currentlyLoadedIdentity) {
    const { publicKey } = window.currentlyLoadedIdentity.authentication;

    delete window.loadedIdentities[publicKey];
    window.currentlyLoadedIdentity = null;
    destroyIdentityFromLocalStorage(publicKey);
  }
};

window.loadedIdentities = {};
window.wopiAPI = new WopiAPI();
window.collaboraApi = new CollaboraAPI();
window.viamApi = new ViamAPI();
window.viamAnonymousApi = new ViamAPI();
window.currentlyAuthenticatedIdentity = null;
window.currentlyLoadedIdentity = null;
window.lastTimeGetProfile = 0;

let iframeParent = null;

const handleIdentityLogin = (identity, uuid, token) => {
  const { loadedIdentities, viamApi } = window;
  const { publicKey } = identity.authentication;

  viamApi.setSessionData(uuid, token);
  localStorage.setItem("uuid", uuid);
  localStorage.setItem("token", token);
  localStorage.setItem("authenticatedIdentity", publicKey);
  window.currentlyAuthenticatedIdentity = loadedIdentities[publicKey];
  window.lastTimeGetProfile = 0;
  setKeyForUUID(uuid, publicKey);
};

const getTrusteeContactsPublicKeys = async () => {
  const { viamApi } = window;
  const response = await viamApi.contactsGetTrusteeContactsPublicKeys();
  console.log({ response });
  if (response.data.code !== "200") return response.data;

  const responseData = response.data.data;
  console.log({ responseData });
  const contactsPublicKeys = Object.values(responseData).flat();
  console.log({ contactsPublicKeys });
  const sharesNumber = contactsPublicKeys.length;
  const getThreshold = () =>
    sharesNumber === 3 ? 2 : parseInt(sharesNumber / 2);
  const threshold = getThreshold();
  console.log({ threshold });
  const recoveryKey = generateRecoveryKey(512);
  const recoveryKeyShares = divideSecretToShares(
    recoveryKey,
    sharesNumber,
    threshold
  );
  // Sanity check
  const checkKey = combineSecret(recoveryKeyShares.slice(0, 1));
  console.log("first sanity check", checkKey === recoveryKey);
};

async function executeRestfulFunction(type, that, fn, config, ...args) {
  const {
    currentlyAuthenticatedIdentity,
    viamApi,
    currentlyLoadedIdentity
  } = window;
  let response;
  try {
    response = await fn.apply(that, [config, ...args]);
  } catch (error) {
    if (error.response) {
      //Resposnse with status code != 2xx still has valid response
      response = error.response;
    } else {
      //Connection error or similar
      const data = {
        data: "",
        code: "999",
        status: error.message
      };
      return data;
    }
  }

  const identity = currentlyAuthenticatedIdentity || currentlyLoadedIdentity;
  const { code, status } = response.data;

  const deviceRevoked =
    type === "private" && code === "401" && status === STATUS_DEVICE_REVOKED;
  if (deviceRevoked) {
    destroyIdentity();

    const event = createEvent("", "DeviceRevoked");
    iframeParent.onEvent(event);

    return response.data;
  }

  const userNotActivated =
    type === "private" &&
    code === "400" &&
    (status === STATUS_USER_NOT_ACTIVATED || status === STATUS_USER_BLOCKED);

  if (userNotActivated) {
    destroyIdentity();

    const event = createEvent("", "UserBlocked");
    iframeParent.onEvent(event);

    return response.data;
  }

  const badSession =
    type === "private" &&
    identity &&
    code === "400" &&
    status === "Bad session";
  if (!badSession) {
    return response.data;
  }

  const loginResponse = await viamApi.identityLogin(
    null,
    "previousaddeddevice"
  );
  if (loginResponse.data.code !== "200") {
    return loginResponse.data;
  }

  const uuid = loginResponse.data.data["Uuid"];
  const token = loginResponse.data.data["Session"];
  handleIdentityLogin(identity, uuid, token);
  try {
    response = await fn.apply(that, [config, ...args]);
  } catch (error) {
    response = error.response;
  }
  return response.data;
}

window.executeRestfulFunction = executeRestfulFunction;

function loadIdentityInternal(identityKey, pinCode) {
  return new Penpal.Promise(result => {
    getIdentityFromLocalStorage(identityKey, pinCode)
      .then(async loadedIdentity => {
        if (loadedIdentity == null) {
          result({
            data: "",
            code: "400",
            status:
              "Please restore or authorize your account via another device."
          });
        }
        localStorage.removeItem("attempt");

        window.loadedIdentities[identityKey] = loadedIdentity;
        window.currentlyLoadedIdentity = loadedIdentity;

        if (identityKey === localStorage.getItem("authenticatedIdentity")) {
          window.currentlyAuthenticatedIdentity = loadedIdentity;
          const uuid = localStorage.getItem("uuid");
          const token = localStorage.getItem("token");
          const deviceHash = await createDeviceHash(identityKey);
          window.viamApi.setIdentity(identityKey);
          window.viamApi.setDeviceHash(deviceHash);
          window.viamApi.setSessionData(uuid, token);
        }

        window.viamAnonymousApi.setIdentity(
          window.currentlyLoadedIdentity.authentication.publicKey
        );
        getTrusteeContactsPublicKeys();
        const { publicKey, x509Certificate } = loadedIdentity.authentication;

        result({
          data: {
            authentication: {
              publicKey,
              x509Certificate
            }
          },
          code: "200",
          status: "Identity loaded"
        });
      })
      .catch(e => {
        result({
          data: "",
          code: "400",
          status: "" + e
        });
      });
  });
}

function getCertificateForPassport(passportUUID, internal) {
  return new Penpal.Promise(certificateResult => {
    if (window.currentlyAuthenticatedIdentity === null) {
      return { data: "", code: "400", status: "Identity not authenticated" };
    }

    const passportIdentity = window.currentlyAuthenticatedIdentity;
    const passport = passportIdentity.getPassport(passportUUID);
    if (passport === undefined || passport === null) {
      createPassportCertificate(passportUUID).then(function(keys) {
        const cryptoData = new CryptoData();
        cryptoData.setPublicKey(keys["publicKeyPEM"]);
        cryptoData.setPrivateKey(keys["privateKeyPEM"]);
        const certificate = keys["certificatePEM"];
        //download("passportCertificateBeforeSigning.crt", "text/plain", certificate)
        //cryptoData.setx509Certificate(keys["certificate"])
        executeRestfulFunction(
          "private",
          viamApi,
          viamApi.signSignCertificate,
          null,
          btoa(certificate),
          passportUUID
        ).then(executeResult => {
          if (executeResult.code === "200") {
            const signedCertificate = atob(
              executeResult.data["SignedCertificate"]
            );
            //download("passportCertificateAfterSigning.crt", "text/plain", signedCertificate)
            const keyUUID = executeResult.data["CertificateUUID"];
            const encodedChain = executeResult.data["Chain"];
            //download("rootCertificate.crt", "text/plain", atob(encodedChain[0]))

            const chain = [];

            for (let i = 0; i <