Commit d7f48e4a authored by chickahoona's avatar chickahoona

added Chrome headless and replaced phantomjs, Added replay protection

parent 822b0e1c
......@@ -13,7 +13,10 @@ unittests:
image: ubuntu:16.04
script:
- sh ./var/build-ubuntu.sh
- karma start ./unittests/karma-phantom.conf.js
- curl -O https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
- dpkg -i --force-depends google-chrome-stable_current_amd64.deb
- apt-get install -f
- karma start ./unittests/karma-chrome-headless.conf.js
linter:
stage: test
......
......@@ -182,6 +182,8 @@
$scope.errors = data.error_data.non_field_errors;
} else if (data.error_data.hasOwnProperty('username')) {
$scope.errors = data.error_data.username;
} else if (data.error_data.hasOwnProperty('detail')) {
$scope.errors = [data.error_data.detail];
} else {
$scope.errors = ['Server offline.']
}
......
......@@ -42,6 +42,7 @@
var backend = server['value']['url'];
if (session_secret_key && data !== null) {
data['request_time'] = new Date().toISOString();
data = cryptoLibrary.encrypt_data(JSON.stringify(data), session_secret_key);
}
......
......@@ -452,6 +452,7 @@
var login_info = JSON.stringify({
'username': username,
'authkey': authkey,
'device_time': new Date().toISOString(),
'device_fingerprint': device.get_device_fingerprint(),
'device_description': device.get_device_description()
});
......
......@@ -127,8 +127,18 @@
browserNoActivityTimeout: 100000,
logLevel: config.LOG_INFO,
autoWatch: true,
browsers: ['PhantomJS'],
browsers: ['Chrome_headless'],
singleRun: true,
customLaunchers: {
Chrome_headless: {
base: 'Chrome',
flags: [
'--headless',
'--disable-gpu',
'--remote-debugging-port=9222'
]
}
},
concurrency: Infinity
});
};
......
......@@ -120,7 +120,7 @@
// Validate request parameters:
data = JSON.parse(data);
expect(data).toEqual({});
expect(data).toEqual({'request_time': data.request_time });
expect(headers.Authorization).toEqual('Token ' + token);
......@@ -145,7 +145,8 @@
data = JSON.parse(data);
expect(data).toEqual({
'session_id': session_id
'session_id': session_id,
'request_time': data.request_time
});
expect(headers.Authorization).toEqual('Token ' + token);
......
......@@ -239,30 +239,28 @@
return expect(encrypted_data.nonce).not.toBe(encrypted_data2.nonce);
}));
// work in chrome but fail in phantomjs, waiting for chrome 59 and headless support
// it('nacl\'s signing.verify works', inject(function (cryptoLibrary, converter) {
// var nacl = require('ecma-nacl');
// // signing key pair can be generated from some seed array, which can
// // either be random itself, or be generated from a password
// var pair = nacl.signing.generate_keypair(cryptoLibrary.randomBytes(32));
//
// // make signature bytes, for msg
// var msgSig = nacl.signing.signature(converter.encode_utf8("test message that is some nice text or whatever that needs to be encrypted"), pair.skey);
//
// // verify signature
// var sigIsOK = nacl.signing.verify(msgSig, converter.encode_utf8("test message that is some nice text or whatever that needs to be encrypted"), pair.pkey);
// expect(sigIsOK).toBe(true);
//
// }));
//
// it('validate_signature', inject(function (cryptoLibrary, converter) {
// expect(cryptoLibrary.validate_signature(
// 'test message that is some nice text or whatever that needs to be encrypted',
// '6e3302a696092fe3893d971391f94f2cb850d19fbbae9978122f0f465593bc06e65440e0ec929805b58e63fe719983201754a2a578c906c18b8ffa71e3234502',
// '967fd5c3c8386609c1ac57209a6f68a147a56518a7ed5df3285beea58d671f62'
// )).toBe(true);
// }));
it('nacl\'s signing.verify works', inject(function (cryptoLibrary, converter) {
var nacl = require('ecma-nacl');
// signing key pair can be generated from some seed array, which can
// either be random itself, or be generated from a password
var pair = nacl.signing.generate_keypair(cryptoLibrary.randomBytes(32));
// make signature bytes, for msg
var msgSig = nacl.signing.signature(converter.encode_utf8("test message that is some nice text or whatever that needs to be encrypted"), pair.skey);
// verify signature
var sigIsOK = nacl.signing.verify(msgSig, converter.encode_utf8("test message that is some nice text or whatever that needs to be encrypted"), pair.pkey);
expect(sigIsOK).toBe(true);
}));
it('validate_signature', inject(function (cryptoLibrary, converter) {
expect(cryptoLibrary.validate_signature(
'test message that is some nice text or whatever that needs to be encrypted',
'6e3302a696092fe3893d971391f94f2cb850d19fbbae9978122f0f465593bc06e65440e0ec929805b58e63fe719983201754a2a578c906c18b8ffa71e3234502',
'967fd5c3c8386609c1ac57209a6f68a147a56518a7ed5df3285beea58d671f62'
)).toBe(true);
}));
});
}).call();
......@@ -107,7 +107,8 @@
data = JSON.parse(data);
expect(data).toEqual({
'session_id': session_id
'session_id': session_id,
'request_time': data.request_time
});
expect(headers.Authorization).toEqual('Token ' + token);
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment