2015-08-28 22:37:45 +00:00
|
|
|
var TextSecureServer = (function() {
|
2018-05-02 01:54:43 +00:00
|
|
|
'use strict';
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function validateResponse(response, schema) {
|
|
|
|
|
try {
|
|
|
|
|
for (var i in schema) {
|
|
|
|
|
switch (schema[i]) {
|
|
|
|
|
case 'object':
|
|
|
|
|
case 'string':
|
|
|
|
|
case 'number':
|
|
|
|
|
if (typeof response[i] !== schema[i]) {
|
|
|
|
|
return false;
|
2015-11-25 20:07:23 +00:00
|
|
|
}
|
2018-05-02 01:54:43 +00:00
|
|
|
break;
|
2015-11-25 20:07:23 +00:00
|
|
|
}
|
2017-12-04 23:35:50 +00:00
|
|
|
}
|
2018-05-02 01:54:43 +00:00
|
|
|
} catch (ex) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2017-12-04 23:35:50 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function createSocket(url) {
|
|
|
|
|
var proxyUrl = window.config.proxyUrl;
|
|
|
|
|
var requestOptions;
|
|
|
|
|
if (proxyUrl) {
|
|
|
|
|
requestOptions = {
|
|
|
|
|
ca: window.config.certificateAuthorities,
|
|
|
|
|
agent: new ProxyAgent(proxyUrl),
|
|
|
|
|
};
|
|
|
|
|
} else {
|
|
|
|
|
requestOptions = {
|
|
|
|
|
ca: window.config.certificateAuthorities,
|
|
|
|
|
};
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
2017-09-01 15:58:58 +00:00
|
|
|
}
|
|
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
return new nodeWebSocket(url, null, null, null, requestOptions);
|
|
|
|
|
}
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
2017-09-01 15:58:58 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
window.setImmediate = nodeSetImmediate;
|
2017-10-21 00:02:44 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function promise_ajax(url, options) {
|
|
|
|
|
return new Promise(function(resolve, reject) {
|
|
|
|
|
if (!url) {
|
|
|
|
|
url = options.host + '/' + options.path;
|
|
|
|
|
}
|
|
|
|
|
console.log(options.type, url);
|
|
|
|
|
var timeout =
|
|
|
|
|
typeof options.timeout !== 'undefined' ? options.timeout : 10000;
|
2017-12-04 23:35:50 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
var proxyUrl = window.config.proxyUrl;
|
|
|
|
|
var agent;
|
|
|
|
|
if (proxyUrl) {
|
|
|
|
|
agent = new ProxyAgent(proxyUrl);
|
|
|
|
|
}
|
2015-03-25 00:04:41 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
var fetchOptions = {
|
|
|
|
|
method: options.type,
|
|
|
|
|
body: options.data || null,
|
|
|
|
|
headers: { 'X-Signal-Agent': 'OWD' },
|
|
|
|
|
agent: agent,
|
|
|
|
|
ca: options.certificateAuthorities,
|
|
|
|
|
timeout: timeout,
|
|
|
|
|
};
|
2015-12-04 18:45:53 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
if (fetchOptions.body instanceof ArrayBuffer) {
|
|
|
|
|
// node-fetch doesn't support ArrayBuffer, only node Buffer
|
|
|
|
|
var contentLength = fetchOptions.body.byteLength;
|
|
|
|
|
fetchOptions.body = nodeBuffer.from(fetchOptions.body);
|
2015-07-13 18:52:49 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
// node-fetch doesn't set content-length like S3 requires
|
|
|
|
|
fetchOptions.headers['Content-Length'] = contentLength;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (options.user && options.password) {
|
|
|
|
|
fetchOptions.headers['Authorization'] =
|
|
|
|
|
'Basic ' +
|
|
|
|
|
btoa(getString(options.user) + ':' + getString(options.password));
|
|
|
|
|
}
|
|
|
|
|
if (options.contentType) {
|
|
|
|
|
fetchOptions.headers['Content-Type'] = options.contentType;
|
|
|
|
|
}
|
|
|
|
|
window
|
|
|
|
|
.nodeFetch(url, fetchOptions)
|
|
|
|
|
.then(function(response) {
|
2017-10-20 22:52:02 +00:00
|
|
|
var resultPromise;
|
2018-05-02 01:54:43 +00:00
|
|
|
if (
|
|
|
|
|
options.responseType === 'json' &&
|
|
|
|
|
response.headers.get('Content-Type') === 'application/json'
|
|
|
|
|
) {
|
2017-10-20 22:52:02 +00:00
|
|
|
resultPromise = response.json();
|
|
|
|
|
} else if (options.responseType === 'arraybuffer') {
|
|
|
|
|
resultPromise = response.buffer();
|
2017-10-24 22:54:46 +00:00
|
|
|
} else {
|
|
|
|
|
resultPromise = response.text();
|
2017-10-20 22:52:02 +00:00
|
|
|
}
|
|
|
|
|
return resultPromise.then(function(result) {
|
|
|
|
|
if (options.responseType === 'arraybuffer') {
|
2018-01-13 00:19:26 +00:00
|
|
|
result = result.buffer.slice(
|
|
|
|
|
result.byteOffset,
|
|
|
|
|
result.byteOffset + result.byteLength
|
|
|
|
|
);
|
2017-10-20 22:52:02 +00:00
|
|
|
}
|
|
|
|
|
if (options.responseType === 'json') {
|
|
|
|
|
if (options.validateResponse) {
|
|
|
|
|
if (!validateResponse(result, options.validateResponse)) {
|
|
|
|
|
console.log(options.type, url, response.status, 'Error');
|
2018-05-02 01:54:43 +00:00
|
|
|
reject(
|
|
|
|
|
HTTPError(
|
|
|
|
|
'promise_ajax: invalid response',
|
|
|
|
|
response.status,
|
|
|
|
|
result,
|
|
|
|
|
options.stack
|
|
|
|
|
)
|
|
|
|
|
);
|
2015-07-13 18:52:49 +00:00
|
|
|
}
|
2017-10-20 22:52:02 +00:00
|
|
|
}
|
|
|
|
|
}
|
2017-10-21 00:02:44 +00:00
|
|
|
if (0 <= response.status && response.status < 400) {
|
2017-10-20 22:52:02 +00:00
|
|
|
console.log(options.type, url, response.status, 'Success');
|
|
|
|
|
resolve(result, response.status);
|
|
|
|
|
} else {
|
|
|
|
|
console.log(options.type, url, response.status, 'Error');
|
2018-05-02 01:54:43 +00:00
|
|
|
reject(
|
|
|
|
|
HTTPError(
|
|
|
|
|
'promise_ajax: error response',
|
|
|
|
|
response.status,
|
|
|
|
|
result,
|
|
|
|
|
options.stack
|
|
|
|
|
)
|
|
|
|
|
);
|
2017-10-20 22:52:02 +00:00
|
|
|
}
|
|
|
|
|
});
|
2018-05-02 01:54:43 +00:00
|
|
|
})
|
|
|
|
|
.catch(function(e) {
|
2017-10-20 22:52:02 +00:00
|
|
|
console.log(options.type, url, 0, 'Error');
|
2018-01-13 00:19:26 +00:00
|
|
|
var stack = e.stack + '\nInitial stack:\n' + options.stack;
|
|
|
|
|
reject(HTTPError('promise_ajax catch', 0, e.toString(), stack));
|
2015-07-13 18:52:49 +00:00
|
|
|
});
|
2018-05-02 01:54:43 +00:00
|
|
|
});
|
|
|
|
|
}
|
2015-04-30 19:13:04 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function retry_ajax(url, options, limit, count) {
|
|
|
|
|
count = count || 0;
|
|
|
|
|
limit = limit || 3;
|
|
|
|
|
count++;
|
|
|
|
|
return promise_ajax(url, options).catch(function(e) {
|
|
|
|
|
if (e.name === 'HTTPError' && e.code === -1 && count < limit) {
|
|
|
|
|
return new Promise(function(resolve) {
|
|
|
|
|
setTimeout(function() {
|
|
|
|
|
resolve(retry_ajax(url, options, limit, count));
|
|
|
|
|
}, 1000);
|
2016-09-08 04:53:56 +00:00
|
|
|
});
|
2018-05-02 01:54:43 +00:00
|
|
|
} else {
|
|
|
|
|
throw e;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
2015-10-11 02:07:00 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function ajax(url, options) {
|
|
|
|
|
options.stack = new Error().stack; // just in case, save stack here.
|
|
|
|
|
return retry_ajax(url, options);
|
|
|
|
|
}
|
2015-10-11 02:07:00 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function HTTPError(message, code, response, stack) {
|
|
|
|
|
if (code > 999 || code < 100) {
|
|
|
|
|
code = -1;
|
|
|
|
|
}
|
|
|
|
|
var e = new Error(message + '; code: ' + code);
|
|
|
|
|
e.name = 'HTTPError';
|
|
|
|
|
e.code = code;
|
|
|
|
|
e.stack += '\nOriginal stack:\n' + stack;
|
|
|
|
|
if (response) {
|
|
|
|
|
e.response = response;
|
2015-04-30 19:13:04 +00:00
|
|
|
}
|
2018-05-02 01:54:43 +00:00
|
|
|
return e;
|
|
|
|
|
}
|
2015-03-25 00:04:41 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
var URL_CALLS = {
|
|
|
|
|
accounts: 'v1/accounts',
|
|
|
|
|
devices: 'v1/devices',
|
|
|
|
|
keys: 'v2/keys',
|
|
|
|
|
signed: 'v2/keys/signed',
|
|
|
|
|
messages: 'v1/messages',
|
|
|
|
|
attachment: 'v1/attachments',
|
|
|
|
|
profile: 'v1/profile',
|
|
|
|
|
};
|
2014-03-22 22:45:01 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
function TextSecureServer(url, username, password, cdn_url) {
|
|
|
|
|
if (typeof url !== 'string') {
|
|
|
|
|
throw new Error('Invalid server url');
|
2015-08-28 22:37:45 +00:00
|
|
|
}
|
2018-05-02 01:54:43 +00:00
|
|
|
this.url = url;
|
|
|
|
|
this.cdn_url = cdn_url;
|
|
|
|
|
this.username = username;
|
|
|
|
|
this.password = password;
|
|
|
|
|
}
|
2015-06-19 22:32:25 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
TextSecureServer.prototype = {
|
|
|
|
|
constructor: TextSecureServer,
|
|
|
|
|
ajax: function(param) {
|
|
|
|
|
if (!param.urlParameters) {
|
|
|
|
|
param.urlParameters = '';
|
|
|
|
|
}
|
|
|
|
|
return ajax(null, {
|
|
|
|
|
host: this.url,
|
|
|
|
|
path: URL_CALLS[param.call] + param.urlParameters,
|
|
|
|
|
type: param.httpType,
|
|
|
|
|
data: param.jsonData && textsecure.utils.jsonThing(param.jsonData),
|
|
|
|
|
contentType: 'application/json; charset=utf-8',
|
|
|
|
|
responseType: param.responseType,
|
|
|
|
|
user: this.username,
|
|
|
|
|
password: this.password,
|
|
|
|
|
validateResponse: param.validateResponse,
|
|
|
|
|
certificateAuthorities: window.config.certificateAuthorities,
|
|
|
|
|
timeout: param.timeout,
|
|
|
|
|
}).catch(function(e) {
|
|
|
|
|
var code = e.code;
|
|
|
|
|
if (code === 200) {
|
|
|
|
|
// happens sometimes when we get no response
|
|
|
|
|
// (TODO: Fix server to return 204? instead)
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
var message;
|
|
|
|
|
switch (code) {
|
|
|
|
|
case -1:
|
|
|
|
|
message =
|
|
|
|
|
'Failed to connect to the server, please check your network connection.';
|
|
|
|
|
break;
|
|
|
|
|
case 413:
|
|
|
|
|
message = 'Rate limit exceeded, please try again later.';
|
|
|
|
|
break;
|
|
|
|
|
case 403:
|
|
|
|
|
message = 'Invalid code, please try again.';
|
|
|
|
|
break;
|
|
|
|
|
case 417:
|
|
|
|
|
// TODO: This shouldn't be a thing?, but its in the API doc?
|
|
|
|
|
message = 'Number already registered.';
|
|
|
|
|
break;
|
|
|
|
|
case 401:
|
|
|
|
|
message =
|
|
|
|
|
'Invalid authentication, most likely someone re-registered and invalidated our registration.';
|
|
|
|
|
break;
|
|
|
|
|
case 404:
|
|
|
|
|
message = 'Number is not registered.';
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
message =
|
|
|
|
|
'The server rejected our query, please file a bug report.';
|
|
|
|
|
}
|
|
|
|
|
e.message = message;
|
|
|
|
|
throw e;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getProfile: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'profile',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
urlParameters: '/' + number,
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getAvatar: function(path) {
|
|
|
|
|
return ajax(this.cdn_url + '/' + path, {
|
|
|
|
|
type: 'GET',
|
|
|
|
|
responseType: 'arraybuffer',
|
|
|
|
|
contentType: 'application/octet-stream',
|
|
|
|
|
certificateAuthorities: window.config.certificateAuthorities,
|
|
|
|
|
timeout: 0,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
requestVerificationSMS: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'accounts',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
urlParameters: '/sms/code/' + number,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
requestVerificationVoice: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'accounts',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
urlParameters: '/voice/code/' + number,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
confirmCode: function(
|
|
|
|
|
number,
|
|
|
|
|
code,
|
|
|
|
|
password,
|
|
|
|
|
signaling_key,
|
|
|
|
|
registrationId,
|
|
|
|
|
deviceName
|
|
|
|
|
) {
|
|
|
|
|
var jsonData = {
|
|
|
|
|
signalingKey: btoa(getString(signaling_key)),
|
|
|
|
|
supportsSms: false,
|
|
|
|
|
fetchesMessages: true,
|
|
|
|
|
registrationId: registrationId,
|
|
|
|
|
};
|
2015-11-25 20:07:23 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
var call, urlPrefix, schema, responseType;
|
|
|
|
|
if (deviceName) {
|
|
|
|
|
jsonData.name = deviceName;
|
|
|
|
|
call = 'devices';
|
|
|
|
|
urlPrefix = '/';
|
|
|
|
|
schema = { deviceId: 'number' };
|
|
|
|
|
responseType = 'json';
|
|
|
|
|
} else {
|
|
|
|
|
call = 'accounts';
|
|
|
|
|
urlPrefix = '/code/';
|
|
|
|
|
}
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
this.username = number;
|
|
|
|
|
this.password = password;
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: call,
|
|
|
|
|
httpType: 'PUT',
|
|
|
|
|
urlParameters: urlPrefix + code,
|
|
|
|
|
jsonData: jsonData,
|
|
|
|
|
responseType: responseType,
|
|
|
|
|
validateResponse: schema,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getDevices: function(number) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'devices',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
registerKeys: function(genKeys) {
|
|
|
|
|
var keys = {};
|
|
|
|
|
keys.identityKey = btoa(getString(genKeys.identityKey));
|
|
|
|
|
keys.signedPreKey = {
|
|
|
|
|
keyId: genKeys.signedPreKey.keyId,
|
|
|
|
|
publicKey: btoa(getString(genKeys.signedPreKey.publicKey)),
|
|
|
|
|
signature: btoa(getString(genKeys.signedPreKey.signature)),
|
|
|
|
|
};
|
2015-04-28 23:26:41 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
keys.preKeys = [];
|
|
|
|
|
var j = 0;
|
|
|
|
|
for (var i in genKeys.preKeys) {
|
|
|
|
|
keys.preKeys[j++] = {
|
|
|
|
|
keyId: genKeys.preKeys[i].keyId,
|
|
|
|
|
publicKey: btoa(getString(genKeys.preKeys[i].publicKey)),
|
|
|
|
|
};
|
|
|
|
|
}
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
// This is just to make the server happy
|
|
|
|
|
// (v2 clients should choke on publicKey)
|
|
|
|
|
keys.lastResortKey = { keyId: 0x7fffffff, publicKey: btoa('42') };
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
return this.ajax({
|
|
|
|
|
call: 'keys',
|
|
|
|
|
httpType: 'PUT',
|
|
|
|
|
jsonData: keys,
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
setSignedPreKey: function(signedPreKey) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'signed',
|
|
|
|
|
httpType: 'PUT',
|
|
|
|
|
jsonData: {
|
|
|
|
|
keyId: signedPreKey.keyId,
|
|
|
|
|
publicKey: btoa(getString(signedPreKey.publicKey)),
|
|
|
|
|
signature: btoa(getString(signedPreKey.signature)),
|
2015-08-28 22:37:45 +00:00
|
|
|
},
|
2018-05-02 01:54:43 +00:00
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getMyKeys: function(number, deviceId) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'keys',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
validateResponse: { count: 'number' },
|
|
|
|
|
}).then(function(res) {
|
|
|
|
|
return res.count;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getKeysForNumber: function(number, deviceId) {
|
|
|
|
|
if (deviceId === undefined) deviceId = '*';
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
return this.ajax({
|
|
|
|
|
call: 'keys',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
urlParameters: '/' + number + '/' + deviceId,
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
validateResponse: { identityKey: 'string', devices: 'object' },
|
|
|
|
|
}).then(function(res) {
|
|
|
|
|
if (res.devices.constructor !== Array) {
|
|
|
|
|
throw new Error('Invalid response');
|
|
|
|
|
}
|
|
|
|
|
res.identityKey = StringView.base64ToBytes(res.identityKey);
|
|
|
|
|
res.devices.forEach(function(device) {
|
|
|
|
|
if (
|
|
|
|
|
!validateResponse(device, { signedPreKey: 'object' }) ||
|
|
|
|
|
!validateResponse(device.signedPreKey, {
|
|
|
|
|
publicKey: 'string',
|
|
|
|
|
signature: 'string',
|
|
|
|
|
})
|
|
|
|
|
) {
|
|
|
|
|
throw new Error('Invalid signedPreKey');
|
|
|
|
|
}
|
|
|
|
|
if (device.preKey) {
|
|
|
|
|
if (
|
|
|
|
|
!validateResponse(device, { preKey: 'object' }) ||
|
|
|
|
|
!validateResponse(device.preKey, { publicKey: 'string' })
|
|
|
|
|
) {
|
|
|
|
|
throw new Error('Invalid preKey');
|
Feature: Blue check marks for read messages if opted in (#1489)
* Refactor delivery receipt event handler
* Rename the delivery receipt event
For less ambiguity with read receipts.
* Rename synced read event
For less ambiguity with read receipts from other Signal users.
* Add support for incoming receipt messages
Handle ReceiptMessages, which may include encrypted delivery receipts or read
receipts from recipients of our sent messages.
// FREEBIE
* Rename ReadReceipts to ReadSyncs
* Render read messages with blue double checks
* Send read receipts to senders of incoming messages
// FREEBIE
* Move ReadSyncs to their own file
// FREEBIE
* Fixup old comments on read receipts (now read syncs)
And some variable renaming for extra clarity.
// FREEBIE
* Add global setting for read receipts
Don't send read receipt messages unless the setting is enabled.
Don't process read receipts if the setting is disabled.
// FREEBIE
* Sync read receipt setting from mobile
Toggling this setting on your mobile device should sync it to Desktop. When
linking, use the setting in the provisioning message.
// FREEBIE
* Send receipt messages silently
Avoid generating phantom messages on ios
// FREEBIE
* Save recipients on the outgoing message models
For accurate tracking and display of sent/delivered/read state, even if group
membership changes later.
// FREEBIE
* Fix conversation type in profile key update handling
// FREEBIE
* Set recipients on synced sent messages
* Render saved recipients in message detail if available
For older messages, where we did not save the intended set of recipients at the
time of sending, fall back to the current group membership.
// FREEBIE
* Record who has been successfully sent to
// FREEBIE
* Record who a message has been delivered to
* Invert the not-clickable class
* Fix readReceipt setting sync when linking
* Render per recipient sent/delivered/read status
In the message detail view for outgoing messages, render each recipient's
individual sent/delivered/read status with respect to this message, as long as
there are no errors associated with the recipient (ie, safety number changes,
user not registered, etc...) since the error icon is displayed in that case.
*Messages sent before this change may not have per-recipient status lists
and will simply show no status icon.
// FREEBIE
* Add configuration sync request
Send these requests in a one-off fashion when:
1. We have just setup from a chrome app import
2. We have just upgraded to read-receipt support
// FREEBIE
* Expose sendRequestConfigurationSyncMessage
// FREEBIE
* Fix handling of incoming delivery receipts - union with array
FREEBIE
2017-10-04 22:28:43 +00:00
|
|
|
}
|
2018-05-02 01:54:43 +00:00
|
|
|
device.preKey.publicKey = StringView.base64ToBytes(
|
|
|
|
|
device.preKey.publicKey
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
device.signedPreKey.publicKey = StringView.base64ToBytes(
|
|
|
|
|
device.signedPreKey.publicKey
|
|
|
|
|
);
|
|
|
|
|
device.signedPreKey.signature = StringView.base64ToBytes(
|
|
|
|
|
device.signedPreKey.signature
|
|
|
|
|
);
|
|
|
|
|
});
|
|
|
|
|
return res;
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
sendMessages: function(destination, messageArray, timestamp, silent) {
|
|
|
|
|
var jsonData = { messages: messageArray, timestamp: timestamp };
|
Feature: Blue check marks for read messages if opted in (#1489)
* Refactor delivery receipt event handler
* Rename the delivery receipt event
For less ambiguity with read receipts.
* Rename synced read event
For less ambiguity with read receipts from other Signal users.
* Add support for incoming receipt messages
Handle ReceiptMessages, which may include encrypted delivery receipts or read
receipts from recipients of our sent messages.
// FREEBIE
* Rename ReadReceipts to ReadSyncs
* Render read messages with blue double checks
* Send read receipts to senders of incoming messages
// FREEBIE
* Move ReadSyncs to their own file
// FREEBIE
* Fixup old comments on read receipts (now read syncs)
And some variable renaming for extra clarity.
// FREEBIE
* Add global setting for read receipts
Don't send read receipt messages unless the setting is enabled.
Don't process read receipts if the setting is disabled.
// FREEBIE
* Sync read receipt setting from mobile
Toggling this setting on your mobile device should sync it to Desktop. When
linking, use the setting in the provisioning message.
// FREEBIE
* Send receipt messages silently
Avoid generating phantom messages on ios
// FREEBIE
* Save recipients on the outgoing message models
For accurate tracking and display of sent/delivered/read state, even if group
membership changes later.
// FREEBIE
* Fix conversation type in profile key update handling
// FREEBIE
* Set recipients on synced sent messages
* Render saved recipients in message detail if available
For older messages, where we did not save the intended set of recipients at the
time of sending, fall back to the current group membership.
// FREEBIE
* Record who has been successfully sent to
// FREEBIE
* Record who a message has been delivered to
* Invert the not-clickable class
* Fix readReceipt setting sync when linking
* Render per recipient sent/delivered/read status
In the message detail view for outgoing messages, render each recipient's
individual sent/delivered/read status with respect to this message, as long as
there are no errors associated with the recipient (ie, safety number changes,
user not registered, etc...) since the error icon is displayed in that case.
*Messages sent before this change may not have per-recipient status lists
and will simply show no status icon.
// FREEBIE
* Add configuration sync request
Send these requests in a one-off fashion when:
1. We have just setup from a chrome app import
2. We have just upgraded to read-receipt support
// FREEBIE
* Expose sendRequestConfigurationSyncMessage
// FREEBIE
* Fix handling of incoming delivery receipts - union with array
FREEBIE
2017-10-04 22:28:43 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
if (silent) {
|
|
|
|
|
jsonData.silent = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'messages',
|
|
|
|
|
httpType: 'PUT',
|
|
|
|
|
urlParameters: '/' + destination,
|
|
|
|
|
jsonData: jsonData,
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
getAttachment: function(id) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'attachment',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
urlParameters: '/' + id,
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
validateResponse: { location: 'string' },
|
|
|
|
|
}).then(
|
|
|
|
|
function(response) {
|
|
|
|
|
return ajax(response.location, {
|
|
|
|
|
timeout: 0,
|
|
|
|
|
type: 'GET',
|
|
|
|
|
responseType: 'arraybuffer',
|
|
|
|
|
contentType: 'application/octet-stream',
|
|
|
|
|
});
|
|
|
|
|
}.bind(this)
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
putAttachment: function(encryptedBin) {
|
|
|
|
|
return this.ajax({
|
|
|
|
|
call: 'attachment',
|
|
|
|
|
httpType: 'GET',
|
|
|
|
|
responseType: 'json',
|
|
|
|
|
}).then(
|
|
|
|
|
function(response) {
|
|
|
|
|
return ajax(response.location, {
|
|
|
|
|
timeout: 0,
|
|
|
|
|
type: 'PUT',
|
|
|
|
|
contentType: 'application/octet-stream',
|
|
|
|
|
data: encryptedBin,
|
|
|
|
|
processData: false,
|
|
|
|
|
}).then(
|
|
|
|
|
function() {
|
|
|
|
|
return response.idString;
|
|
|
|
|
}.bind(this)
|
|
|
|
|
);
|
|
|
|
|
}.bind(this)
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
getMessageSocket: function() {
|
|
|
|
|
console.log('opening message socket', this.url);
|
|
|
|
|
return createSocket(
|
|
|
|
|
this.url.replace('https://', 'wss://').replace('http://', 'ws://') +
|
|
|
|
|
'/v1/websocket/?login=' +
|
|
|
|
|
encodeURIComponent(this.username) +
|
|
|
|
|
'&password=' +
|
|
|
|
|
encodeURIComponent(this.password) +
|
|
|
|
|
'&agent=OWD'
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
getProvisioningSocket: function() {
|
|
|
|
|
console.log('opening provisioning socket', this.url);
|
|
|
|
|
return createSocket(
|
|
|
|
|
this.url.replace('https://', 'wss://').replace('http://', 'ws://') +
|
|
|
|
|
'/v1/websocket/provisioning/?agent=OWD'
|
|
|
|
|
);
|
|
|
|
|
},
|
|
|
|
|
};
|
2014-10-20 00:53:17 +00:00
|
|
|
|
2018-05-02 01:54:43 +00:00
|
|
|
return TextSecureServer;
|
2015-08-28 22:37:45 +00:00
|
|
|
})();
|