Commit 3089cdfc authored by Chris Hines's avatar Chris Hines
Browse files

pivot the electron IPC so that I can use nodeIntegration:false and a preload...

pivot the electron IPC so that I can use nodeIntegration:false and a preload script. This is a security thing
parent 35689ccb
......@@ -20,6 +20,7 @@ try {
}
//let config = YAML.parse(fs.readFileSync(path.join(__dirname,'localConfig.yml')).toString())
//var aafds: string = "https://ds.aaf.edu.au/discovery/aaf/9DrjGhkyXjXsPm45rqpCXA?entityID=https%3A%2F%2Fcentral.aaf.edu.au%2Fshibboleth&return=https%3A%2F%2Fcentral.aaf.edu.au%2FShibboleth.sso%2FLogin%3FSAMLDS%3D1%26identity%3D1%26target%3Dhttps%253A%252F%252Fcentral.aaf.edu.au%252Fresolvers%252Fsaml_federation%252Freceive%253Fibr%253D19a58192-de47-4580-a272-cc61c60e4f47%2526pib%253D0a206a4e-e6eb-4d18-b46d-e475ec8d09b5"
function createWindow(): BrowserWindow {
const electronScreen = screen;
......@@ -32,10 +33,11 @@ function createWindow(): BrowserWindow {
width: size.width,
height: size.height,
webPreferences: {
nodeIntegration: true,
nodeIntegration: false,
allowRunningInsecureContent: (serve) ? true : false,
contextIsolation: false, // false if you want to run 2e2 test with Spectron
enableRemoteModule : true // true if you want to run 2e2 test with Spectron or use remote module in renderer context (ie. Angular)
contextIsolation: true, // false if you want to run 2e2 test with Spectron
enableRemoteModule : false, // true if you want to run 2e2 test with Spectron or use remote module in renderer context (ie. Angular)
preload: path.join(__dirname, "preload.js")
},
});
......@@ -136,4 +138,4 @@ async function addCert(event: IpcMainEvent, data: any) {
fs.unlinkSync(`${path}`);
fs.unlinkSync(`${path}-cert.pub`);
}
\ No newline at end of file
}
......@@ -53,12 +53,14 @@ export class AppComponent {
isdefined
).subscribe((v) => { this.loggedout = (<[]>v).length } );
console.log('call ipcService once for oauth2-redirect');
this.ipcService.once('oauth2-redirect',(event, ...args: any[]) => this.route_to_keygen(event, args));
this.ipcService.register_oauth2_redirect((url) => { this.route_to_keygen(url)} );
//this.ipcService.once('oauth2-redirect',(event, ...args: any[]) => this.route_to_keygen(event, args));
}
route_to_keygen(event, ... args: any[]) {
console.log('calling back from oauth', args);
var url: string = args[0][0];
route_to_keygen(url: string) {
//console.log('calling back from oauth', args);
//var url: string = args[0][0][0];
console.log('url is', url);
let fragment = "#" + url.split('#')[1];
console.log('app.component is updating fragment',fragment);
this.authService.updateFragment(fragment);
......
......@@ -405,16 +405,10 @@ public getKeys(id?: Identity) {
let headers = new HttpHeaders();
let options = { headers: headers, withCredentials: true};
let data = {'key': keyCert.key, 'cert': keyCert.cert};
console.log('in authService.sshAdd, adding to',apiserver);
let localAddCert = new Observable<any>(observer => {
this.ipcService.once('addCertResponse', (event, arg) => {
console.log('received addCertReply, sending to observers');
observer.next(arg);
})
}).pipe(tap((v) => console.log('localAddCert returned',v)))
this.ipcService.send('addCert', (data));
let remoteAddCert = this.http.post<any>(apiserver.tes+'/sshagent',data,options);
if (this.ipcService.useIpc) {
var localAddCert: Observable<any> = this.ipcService.addCert(data);
console.log('sshAdd using IPC and API server');
return combineLatest([localAddCert,remoteAddCert]).pipe(map(([_,remote]) => { return remote }));
} else {
......
import { Injectable } from '@angular/core';
import { IpcRenderer } from 'electron';
import { Observable, Observer } from 'rxjs';
//import {Window} from './global';
declare global {
interface Window {
"electronApi": {
addCert: (data: any, callback: any) => void;
register_oauth2_redirect: (fn: any) => void;
}
}
}
@Injectable({
providedIn: 'root'
......@@ -10,7 +21,21 @@ export class IpcService {
private _ipc: IpcRenderer | undefined;
public useIpc: boolean = false;
constructor() {
constructor() {
if (window.electronApi) {
this.useIpc = true;
} else {
console.log('window electronAPI is not defined');
}
}
public addCert(data): Observable<any> {
return new Observable<any>( (observer: Observer<any>) => { window.electronApi.addCert(data, () => { observer.next(true) } ) } )
}
public register_oauth2_redirect(fn: (arg0: string) => void) {
window.electronApi.register_oauth2_redirect(fn);
}
}
/* constructor() {
if (window.require) {
try {
this._ipc = window.require('electron').ipcRenderer;
......@@ -42,3 +67,4 @@ export class IpcService {
this._ipc.send(channel, ...args);
}
}
*/
\ No newline at end of file
......@@ -20,7 +20,7 @@ export class KeygenComponent implements OnInit, OnDestroy {
console.log('entered keygen component');
console.log(this.route);
//this.initPipelines();
this.route.fragment.pipe(filter((v) => v !== null)).subscribe((v) => { console.log('keygen is updating fragment',v) ; this.authService.updateFragment(v)});
this.route.fragment.pipe(filter((v) => ( v !== null && v !== undefined ))).subscribe((v) => { console.log('keygen is updating fragment',v) ; this.authService.updateFragment(v)});
}
ngOnDestroy() {
......
......@@ -58,13 +58,7 @@ export class LoginComponent implements OnInit {
this.subscriptions = []
this.subscriptions.push(this.authService.sshAuthzServers.subscribe(o => {this.updateSshAuthZServers(o)}));
console.log('using the ipservice to ping');
this.ipcService.send('ping','hello');
console.log('ping sent');
this.subscriptions.push(this.authService.sshAuthzServers.subscribe(o => {this.updateSshAuthZServers(o)}));
}
updateSshAuthZServers(o) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment