kanidm/server/core/static/modules/cred_update.mjs

console.debug("credupdate: loaded");

// Makes the password form interactive (e.g. shows when passwords don't match)
function setupInteractivePwdFormListeners() {
    const new_pwd = document.getElementById("new-password");
    const new_pwd_check = document.getElementById("new-password-check");
    const pwd_submit = document.getElementById("password-submit");

    function markPwdCheckValid() {
        new_pwd_check.classList.remove("is-invalid");
        new_pwd_check.classList.add("is-valid");
        pwd_submit.disabled = false;
    }

    function markPwdCheckInvalid() {
        new_pwd_check.classList.add("is-invalid");
        new_pwd_check.classList.remove("is-valid");
        pwd_submit.disabled = true;
    }

    new_pwd.addEventListener("input", () => {
        // Don't mark invalid if user didn't fill in the confirmation box yet
        // Also KeepassXC with autocomplete likes to fire off input events when
        // both inputs are empty.
        if (new_pwd_check.value !== "") {
            if (new_pwd.value === new_pwd_check.value) {
                markPwdCheckValid();
            } else {
                markPwdCheckInvalid();
            }
        }
        new_pwd.classList.remove("is-invalid");
    });

    new_pwd_check.addEventListener("input", () => {
        // No point in updating the status if confirmation box is empty
        if (new_pwd_check.value === "") return;
        if (new_pwd_check.value === new_pwd.value) {
            markPwdCheckValid();
        } else {
            markPwdCheckInvalid();
        }
    });
}

window.stillSwapFailureResponse = function (event) {
    if (event.detail.xhr.status === 422 || event.detail.xhr.status === 500) {
        console.debug(`Got HTTP/${event.detail.xhr.status}, still swapping failure response`);
        event.detail.shouldSwap = true;
        event.detail.isError = false;
    }
};

function onPasskeyCreated(assertion) {
    try {
        console.log(assertion);
        let creationData = {};

        creationData.id = assertion.id;
        creationData.rawId = Base64.fromUint8Array(new Uint8Array(assertion.rawId));
        creationData.response = {};
        creationData.response.attestationObject = Base64.fromUint8Array(
            new Uint8Array(assertion.response.attestationObject),
        );
        creationData.response.clientDataJSON = Base64.fromUint8Array(new Uint8Array(assertion.response.clientDataJSON));
        creationData.type = assertion.type;
        creationData.extensions = assertion.getClientExtensionResults();
        creationData.extensions.uvm = undefined;

        // Put the passkey creation data into the form for submission
        document.getElementById("passkey-create-data").value = JSON.stringify(creationData);

        // Make the name input visible and hide the "Begin Passkey Enrollment" button
        document.getElementById("passkeyNamingSafariPre").classList.add("d-none");
        document.getElementById("passkeyNamingForm").classList.remove("d-none");
        document.getElementById("passkeyNamingSubmitBtn").classList.remove("d-none");
    } catch (e) {
        console.log(e);
        if (
            confirm(
                "Failed to encode your new passkey's data for transmission, confirm to reload this page.\nReport this issue if it keeps occurring.",
            )
        ) {
            window.location.reload();
        }
    }
}

function startPasskeyEnrollment() {
    try {
        const data_elem = document.getElementById("data");
        const credentialRequestOptions = JSON.parse(data_elem.textContent);
        credentialRequestOptions.publicKey.challenge = Base64.toUint8Array(
            credentialRequestOptions.publicKey.challenge,
        );
        credentialRequestOptions.publicKey.user.id = Base64.toUint8Array(credentialRequestOptions.publicKey.user.id);

        console.log(credentialRequestOptions);
        navigator.credentials.create({ publicKey: credentialRequestOptions.publicKey }).then(
            (assertion) => {
                onPasskeyCreated(assertion);
            },
            (reason) => {
                alert(`Passkey creation failed ${reason.toString()}`);
                console.log(`Passkey creation failed: ${reason.toString()}`);
            },
        );
    } catch (e) {
        console.log(`Failed to initialize passkey creation: ${e}`);
        if (
            confirm(
                "Failed to initialize passkey creation, confirm to reload this page.\nReport this issue if it keeps occurring.",
            )
        ) {
            window.location.reload();
        }
    }
}

function setupPasskeyNamingSafariButton() {
    document.getElementById("passkeyNamingSafariBtn").addEventListener("click", startPasskeyEnrollment);
}

function setupSubmitBtnVisibility() {
    document.getElementById("passkey-label")?.addEventListener("input", updateSubmitButtonVisibility);
}

function updateSubmitButtonVisibility(event) {
    const submitButton = document.getElementById("passkeyNamingSubmitBtn");
    submitButton.disabled = event.value === "";
}

(function () {
    console.debug("credupdate: init");
    document.body.addEventListener("addPasswordSwapped", () => {
        setupInteractivePwdFormListeners();
    });
    document.body.addEventListener("addPasskeySwapped", () => {
        setupPasskeyNamingSafariButton();
        startPasskeyEnrollment();
        setupSubmitBtnVisibility();
    });
})();
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`console.debug("credupdate: loaded");`
Credentials page/Self cred update flow UI improvements (#3012) 2024-09-07 06:56:58 +02:00
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`// Makes the password form interactive (e.g. shows when passwords don't match)`
			`function setupInteractivePwdFormListeners() {`
			`const new_pwd = document.getElementById("new-password");`
			`const new_pwd_check = document.getElementById("new-password-check");`
			`const pwd_submit = document.getElementById("password-submit");`

			`function markPwdCheckValid() {`
			`new_pwd_check.classList.remove("is-invalid");`
			`new_pwd_check.classList.add("is-valid");`
			`pwd_submit.disabled = false;`
			`}`

			`function markPwdCheckInvalid() {`
			`new_pwd_check.classList.add("is-invalid");`
			`new_pwd_check.classList.remove("is-valid");`
			`pwd_submit.disabled = true;`
			`}`

Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`new_pwd.addEventListener("input", () => {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`// Don't mark invalid if user didn't fill in the confirmation box yet`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`// Also KeepassXC with autocomplete likes to fire off input events when`
			`// both inputs are empty.`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`if (new_pwd_check.value !== "") {`
			`if (new_pwd.value === new_pwd_check.value) {`
			`markPwdCheckValid();`
			`} else {`
			`markPwdCheckInvalid();`
			`}`
			`}`
			`new_pwd.classList.remove("is-invalid");`
			`});`

Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`new_pwd_check.addEventListener("input", () => {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`// No point in updating the status if confirmation box is empty`
			`if (new_pwd_check.value === "") return;`
			`if (new_pwd_check.value === new_pwd.value) {`
			`markPwdCheckValid();`
			`} else {`
			`markPwdCheckInvalid();`
			`}`
			`});`
			`}`

Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`window.stillSwapFailureResponse = function (event) {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`if (event.detail.xhr.status === 422 \|\| event.detail.xhr.status === 500) {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			console.debug(`Got HTTP/${event.detail.xhr.status}, still swapping failure response`);
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`event.detail.shouldSwap = true;`
			`event.detail.isError = false;`
			`}`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`};`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00
			`function onPasskeyCreated(assertion) {`
			`try {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`console.log(assertion);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`let creationData = {};`

			`creationData.id = assertion.id;`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`creationData.rawId = Base64.fromUint8Array(new Uint8Array(assertion.rawId));`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`creationData.response = {};`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`creationData.response.attestationObject = Base64.fromUint8Array(`
			`new Uint8Array(assertion.response.attestationObject),`
			`);`
			`creationData.response.clientDataJSON = Base64.fromUint8Array(new Uint8Array(assertion.response.clientDataJSON));`
			`creationData.type = assertion.type;`
			`creationData.extensions = assertion.getClientExtensionResults();`
			`creationData.extensions.uvm = undefined;`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00
			`// Put the passkey creation data into the form for submission`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`document.getElementById("passkey-create-data").value = JSON.stringify(creationData);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00
			`// Make the name input visible and hide the "Begin Passkey Enrollment" button`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`document.getElementById("passkeyNamingSafariPre").classList.add("d-none");`
			`document.getElementById("passkeyNamingForm").classList.remove("d-none");`
			`document.getElementById("passkeyNamingSubmitBtn").classList.remove("d-none");`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`} catch (e) {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`console.log(e);`
			`if (`
			`confirm(`
			`"Failed to encode your new passkey's data for transmission, confirm to reload this page.\nReport this issue if it keeps occurring.",`
			`)`
			`) {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`window.location.reload();`
			`}`
			`}`
			`}`

			`function startPasskeyEnrollment() {`
			`try {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`const data_elem = document.getElementById("data");`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`const credentialRequestOptions = JSON.parse(data_elem.textContent);`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`credentialRequestOptions.publicKey.challenge = Base64.toUint8Array(`
			`credentialRequestOptions.publicKey.challenge,`
			`);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`credentialRequestOptions.publicKey.user.id = Base64.toUint8Array(credentialRequestOptions.publicKey.user.id);`

Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`console.log(credentialRequestOptions);`
			`navigator.credentials.create({ publicKey: credentialRequestOptions.publicKey }).then(`
			`(assertion) => {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`onPasskeyCreated(assertion);`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`},`
			`(reason) => {`
			alert(`Passkey creation failed ${reason.toString()}`);
			console.log(`Passkey creation failed: ${reason.toString()}`);
			`},`
			`);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`} catch (e) {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			console.log(`Failed to initialize passkey creation: ${e}`);
			`if (`
			`confirm(`
			`"Failed to initialize passkey creation, confirm to reload this page.\nReport this issue if it keeps occurring.",`
			`)`
			`) {`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`window.location.reload();`
			`}`
			`}`
			`}`

			`function setupPasskeyNamingSafariButton() {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`document.getElementById("passkeyNamingSafariBtn").addEventListener("click", startPasskeyEnrollment);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`}`

			`function setupSubmitBtnVisibility() {`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`document.getElementById("passkey-label")?.addEventListener("input", updateSubmitButtonVisibility);`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`}`

			`function updateSubmitButtonVisibility(event) {`
			`const submitButton = document.getElementById("passkeyNamingSubmitBtn");`
			`submitButton.disabled = event.value === "";`
			`}`

Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`(function () {`
			`console.debug("credupdate: init");`
			`document.body.addEventListener("addPasswordSwapped", () => {`
			`setupInteractivePwdFormListeners();`
			`});`
[htmx] Credential Update page (#2897) Implement credential update page in HTMX --------- Co-authored-by: James Hodgkinson <james@terminaloutcomes.com> Co-authored-by: Firstyear <william@blackhats.net.au> 2024-08-01 03:17:14 +02:00			`document.body.addEventListener("addPasskeySwapped", () => {`
			`setupPasskeyNamingSafariButton();`
			`startPasskeyEnrollment();`
			`setupSubmitBtnVisibility();`
			`});`
Javascript linting (#3329) * feat(ci/dev): adding npm/eslint config for javascript linting * feat(ci/dev): adding js-prettier config for consistency in formatting * fix(css): linting * fix(js): linting the js things 2025-01-04 06:25:46 +01:00			`})();`