Add obsoletes function to node example app.

hillbrad · Sep 15, 2017 · a2ae7e6 · a2ae7e6
1 parent 36dcfeb
commit a2ae7e6
Show file tree

Hide file tree

Showing 4 changed files with 96 additions and 24 deletions.
diff --git a/examples/nodejs/index.js b/examples/nodejs/index.js
@@ -52,6 +52,29 @@ const recordStatus = {
     invalid: 'invalid',
 };
 
+function createNewToken(username, config) {
+    const id = crypto.randomBytes(16);
+    const token = new RecoveryToken(
+        recoveryPrivKey,
+        id,
+        RecoveryToken.STATUS_REQUESTED_FLAG,
+        issuerOrigin,
+        config.issuer,
+        new Date().toISOString(),
+        Buffer.alloc(0),
+        Buffer.alloc(0));
+
+    tokenRecords.push({
+        status: recordStatus.provisional,
+        username: username,
+        id: id.toString('hex'),
+        issuer: config.issuer,
+        hash: delegatedRecoverySDK.sha256(new Buffer(token.encoded, 'base64')),
+    });
+
+    return token;
+}
+
 const app = express();
 app.set('port', (process.env.PORT || 5000));
 app.use(express.static(__dirname + '/static'));
@@ -128,29 +151,11 @@ app.get(path.web.saveToken, (req, res) => {
 
         if (tokenRecord === undefined) {
             recoveryProviderConfig().then((config) => {
-                const id = crypto.randomBytes(16);
-                const token = new RecoveryToken(
-                    recoveryPrivKey,
-                    id,
-                    RecoveryToken.STATUS_REQUESTED_FLAG,
-                    issuerOrigin,
-                    config.issuer,
-                    new Date().toISOString(),
-                    Buffer.alloc(0),
-                    Buffer.alloc(0));
-
-                tokenRecords.push({
-                    status: recordStatus.provisional,
-                    username: username,
-                    id: id.toString('hex'),
-                    issuer: config.issuer,
-                    hash: delegatedRecoverySDK.sha256(new Buffer(token.encoded, 'base64')),
-                });
-
+                const token = createNewToken(username, config);
                 res.render(path.template.saveToken, {
                     "encoded-token": token.encoded,
                     "username": username,
-                    "state": id.toString('hex'),
+                    "state": token.id.toString('hex'),
                     "save-token": config['save-token'],
                 });
             }, (e) => {
@@ -159,6 +164,7 @@ app.get(path.web.saveToken, (req, res) => {
         } else {
             res.render(path.template.invalidateToken, {
                 "action": path.web.invalidateToken,
+                "renew-action": path.web.renewToken,
                 "id": tokenRecord.id,
                 "username": username,
             });
@@ -167,19 +173,32 @@ app.get(path.web.saveToken, (req, res) => {
 });
 
 app.get(path.web.saveTokenReturn, (req, res) => {
-    const id = req.query.state;
-    const tokenRecord = tokenRecords.find((record) => record.id === id);
+    const state = req.query.state;
+    const ids = state.split(',', 2);
+    const tokenRecord = tokenRecords.find((record) => record.id === ids[0]);
+
+    let obsoletedRecord = null;
+
+    if (ids.length > 1) {
+        obsoletedRecord = tokenRecords.find((record) => {
+            return (record.id === ids[1] && record.status === recordStatus.confirmed);
+        });
+    }
+
     if (tokenRecord === undefined) {
         res.render(path.template.unknownToken, {
             "action": path.web.default,
         });
     } else if (req.query.status === 'save-success') {
         tokenRecord.status = recordStatus.confirmed;
+        if (obsoletedRecord !== null) {
+            obsoletedRecord.status = recordStatus.invalid;
+        }
         res.render(path.template.saveTokenSuccess, {
             "username": tokenRecord.username,
         });
     } else {
-        tokenRecords.splice(tokenRecords.findIndex((record) => record.id === id), 1);
+        tokenRecords.splice(tokenRecords.findIndex((record) => record.id === ids[0]), 1);
         res.render(path.template.saveTokenFailure, {
             "username": tokenRecord.username,
             "homeAction": path.web.saveToken,
@@ -228,6 +247,24 @@ app.get(path.web.recoverIdentifyAccount, (req, res) => {
     });
 });
 
+app.get(path.web.renewToken, (req, res) => {
+    const obsoleteId = req.query.id;
+    const username = req.query.username;
+
+    recoveryProviderConfig().then((config) => {
+        const token = createNewToken(username, config);
+        res.render(path.template.renewToken, {
+            "encoded-token": token.encoded,
+            "username": username,
+            "renew-action": config['save-token'],
+            "state": token.id.toString('hex') + "," + obsoleteId,
+            "obsoletes": obsoleteId,
+        });
+    }, (e) => {
+        res.send(500, e.message);
+    });
+});
+
 const replayCache = [];
 
 app.post(path.web.recoverAccountReturn, (req, res) => {

diff --git a/examples/nodejs/path.js b/examples/nodejs/path.js
@@ -14,6 +14,7 @@ const web = {
     privacyPolicy: '/privacy.html',
     recoverIdentifyAccount: '/identify-account/',
     invalidateToken: '/invalidate/',
+    renewToken: '/renew/',
 };
 
 const template = {
@@ -28,6 +29,7 @@ const template = {
     recoverAccount: 'recover_account.mustache',
     noSavedToken: 'no_token.mustache',
     unknownToken: 'save_token_unknown.mustache',
+    renewToken: 'renew.mustache',
 };
 
 module.exports = {

diff --git a/examples/nodejs/static/templates/invalidate.mustache b/examples/nodejs/static/templates/invalidate.mustache
@@ -22,5 +22,10 @@
       <input type="hidden" name="id" value="{{id}}">
       <input class="button" type="submit" value="Forget This Token">
     </form>
+    <form method="GET" action="{{renew-action}}">
+      <input type="hidden" name="id" value="{{id}}">
+      <input type="hidden" name="username" value="{{username}}">
+      <input class="button" type="submit" value="Renew Token">
+    </form>
   </body>
-</html>
+</html>
diff --git a/examples/nodejs/static/templates/renew.mustache b/examples/nodejs/static/templates/renew.mustache
@@ -0,0 +1,28 @@
+<!--
+   Copyright 2016-present, Facebook, Inc.
+   All rights reserved.
+
+   This source code is licensed under the license found in the
+   LICENSE-examples file in the root directory of this source tree.
+-->
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="stylesheet" href="/style.css" type="text/css">
+    <title>Welcome, {{username}}</title>
+  </head>
+  <body>
+    <div id="title">Welcome, {{username}}</div>
+    <div id="emoji">&#x1F516;</div>
+    <div id="message">
+       Click the button below to confirm renewing your token:
+     </div>
+    <form method="POST" action="{{renew-action}}">
+      <input type="hidden" name="token" value="{{encoded-token}}">
+      <input type="hidden" name="state" value="{{state}}">
+      <input type="hidden" name="obsoletes" value="{{obsoletes}}">
+      <input type="hidden" name="nickname_hint" value="{{username}}">
+      <input class="button" type="submit" value="Confirm">
+    </form>
+  </body>
+</html>