ホーム エクスプローラ ヘルプ
登録 サインイン
GlobalCube
/
analytics
3
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ブランチ: master
ブランチ タグ
analytics
/
webcontent
/
camcrypto
/
authtoken.js

authtoken.js 3.8 KB
パーマリンク 履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129 
  1. /****************************************************************
    2. 

  2. ** Licensed Materials - Property of IBM
    3. 

  3. ** IBM Cognos Products: CAMCrypto
    4. 

  4. ** (C) Copyright IBM Corp. 2005, 2019
    5. 

  5. ** US Government Users Restricted Rights - Use, duplication or 
    6. 

  6. ** disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
    7. 

  7. ********************************************************************/
    8. 

  8. 

  9. // CAMAuthenticityTokenSession
    10. 

  10. // Operations supporting the generation of an Authenticity Token. See
    11. 

  11. // WO2385 - Client Token Phase One
    12. 

  12. 

  13. function CAMAuthenticityTokenSession() {
    14. 

  14. 	// Note: no return statement here
    15. 

  15. };
    16. 

  16. CAMAuthenticityTokenSession.prototype.generate = function()
    17. 

  17. {
    18. 

  18. 	var cookieString = this._getCookie();
    19. 

  19. 	if( !cookieString ){
    20. 

  20. 		return null;
    21. 

  21. 	}
    22. 

  22. 

  23. 	var authToken_version = "V1";
    24. 

  24. 	// base64 decode content revealing the UserSessionID token.
    25. 

  25. 	base64 = new Base64();
    26. 

  26. 	var token = base64.decode64( cookieString );
    27. 

  27. 

  28. 	// Get Token Version.
    29. 

  29. 	// var version = token.substring( 0, 1 ); 
    30. 

  30. 	var version = token.charCodeAt( 0 ) & 0xFF;
    31. 

  31. 

  32. 	// Extract timelen.
    33. 

  33. 	var szTimelen = token.substring( 1, 5 );	// timelength
    34. 

  34. 	var timelen = this._intFromBytes( szTimelen );
    35. 

  35. 	
    36. 

  36. 	// Find the length of the user session id.
    37. 

  37. 	var uidlenstart = 5 + timelen;
    38. 

  38. 	var uidlenstop = uidlenstart + 4;
    39. 

  39. 	var szuidlen = token.substring( uidlenstart, uidlenstop );
    40. 

  40. 	var uidlen = this._intFromBytes( szuidlen );
    41. 

  41. 	
    42. 

  42. 	// Extract the string for the usersessionid.
    43. 

  43. 	var uidstart = uidlenstop;
    44. 

  44. 	var uidstop = uidstart + uidlen;
    45. 

  45. 	var uid = token.substring( uidstart, uidstop );
    46. 

  46. 

  47. 	// In a version 1 USID token we only need the userSessionID. In version 2+
    48. 

  48. 	// extract the string for the algorithm. Position to the beginning of digest 
    49. 

  49. 	// algorithm length, ignore csk value.
    50. 

  50. 

  51. 	var cskIdLenStart = uidstop;			// cskidlen 
    52. 

  52. 	var cskIdLenStop = cskIdLenStart + 4; 
    53. 

  53. 	var szcskIdLen = token.substring( cskIdLenStart, cskIdLenStop );
    54. 

  54. 	var cskIdLen = this._intFromBytes( szcskIdLen );
    55. 

  55. 

  56. 	var cskidstart = cskIdLenStop;			// cskid
    57. 

  57. 	var cskidstop = cskidstart + cskIdLen;
    58. 

  58. 

  59. 	var digLenStart;
    60. 

  60. 

  61. 	if ( version >= 2 ) {
    62. 

  62. 

  63. 		var digAlgLenStart = cskidstop;			// digAlgLen
    64. 

  64. 		var digAlgLenStop = digAlgLenStart + 4;
    65. 

  65. 		var szdigAlgLen = token.substring( digAlgLenStart, digAlgLenStop );
    66. 

  66. 		var digAlgLen = this._intFromBytes( szdigAlgLen );
    67. 

  67. 

  68. 		var digAlgStart = digAlgLenStop;		// digAlg
    69. 

  69. 		var digAlgStop = digAlgStart + digAlgLen;
    70. 

  70. 		var szDigAlg = token.substring( digAlgStart, digAlgStop );
    71. 

  71. 

  72. 		// Now that we have a value for the algorithm, ensure that it is valid.
    73. 

  73. 		// alternatively we could let the issue be logged on the server.
    74. 

  74. 		if (! ( szDigAlg in { 'SHA':'', 'SHA-1':'', 'SHA1':'', 'SHA-256':'', 'SHA-384':'', 'SHA-512':'' } )) {
    75. 

  75. 			return "bad digest algorithm";
    76. 

  76. 		}
    77. 

  77. 		digLenStart = digAlgStop;			// diglen
    78. 

  78. 	} else { // version 1
    79. 

  79. 		digLenStart = cskidstop;			// diglen
    80. 

  80. 	}
    81. 

  81. 

  82. 	var digLenStop = digLenStart + 4;
    83. 

  83. 	var szdigLen = token.substring( digLenStart, digLenStop );
    84. 

  84. 	var digLen = this._intFromBytes( szdigLen, 0, 4 );
    85. 

  85. 

  86. 	var digStart = digLenStop;			// dig
    87. 

  87. 	var digStop = digStart + digLen;
    88. 

  88. 	var dig = token.substring( digStart, digStop );
    89. 

  89. 

  90. 	var authToken = authToken_version + dig;
    91. 

  91. 

  92. 	// Base64 encode.
    93. 

  93. 	b64 = new Base64();
    94. 

  94. 	var b64Token = b64.encode64( authToken );
    95. 

  95. 	
    96. 

  96. 	// return b64Token;
    97. 

  97. 	return b64Token;
    98. 

  98. };
    99. 

  99. 

  100. CAMAuthenticityTokenSession.prototype._getCookie = function()
    101. 

  101. {
    102. 

  102. 	var cookies = document.cookie.split(';');
    103. 

  103. 	if( !cookies || !cookies.length){
    104. 

  104. 		return null;
    105. 

  105. 	}
    106. 

  106. 

  107. 	var cookieName = 'usersessionid=';
    108. 

  108. 

  109. 	for(var i=0; i<cookies.length; i++){
    110. 

  110. 		var item = cookies[i].trim();
    111. 

  111. 		if( item.indexOf(cookieName) === 0){
    112. 

  112. 			var cookieVal = item.substring( cookieName.length);
    113. 

  113. 			return cookieVal;
    114. 

  114. 		};
    115. 

  115. 	};
    116. 

  116. 	return null;
    117. 

  117. }
    118. 

  118. 

  119. CAMAuthenticityTokenSession.prototype._intFromBytes = function( bytes ) {
    120. 

  120. 	var val = 0;
    121. 

  121. 	for(var i=3; i>=0; i-- ) {
    122. 

  122. 		val <<= 8;
    123. 

  123. 		val |= (bytes.charCodeAt(i) & 0x00FF);
    124. 

  124. 	}
    125. 

  125. 	return val;
    126. 

  126. }
    127. 

  127. 

  128. 

  129.