mirror of
https://github.com/moparisthebest/mail
synced 2024-11-26 10:52:17 -05:00
[WO-120] pin google certificate
This commit is contained in:
parent
4c4eb89160
commit
ed369d441f
@ -116,7 +116,7 @@ module.exports = function(grunt) {
|
||||
},
|
||||
app: {
|
||||
files: ['src/*.js', 'src/**/*.html', 'src/**/*.json', 'src/img/**/*', 'src/font/**/*'],
|
||||
tasks: ['copy:app', 'copy:tpl', 'copy:img', 'copy:font', 'manifest-dev']
|
||||
tasks: ['copy:app', 'copy:ca', 'copy:tpl', 'copy:img', 'copy:font', 'manifest-dev']
|
||||
}
|
||||
},
|
||||
copy: {
|
||||
@ -190,6 +190,12 @@ module.exports = function(grunt) {
|
||||
src: ['*'],
|
||||
dest: 'dist/tpl/'
|
||||
},
|
||||
ca: {
|
||||
expand: true,
|
||||
cwd: 'src/ca/',
|
||||
src: ['*'],
|
||||
dest: 'dist/ca/'
|
||||
},
|
||||
app: {
|
||||
expand: true,
|
||||
cwd: 'src/',
|
||||
|
24
src/ca/Google_Internet_Authority_G2.pem
Normal file
24
src/ca/Google_Internet_Authority_G2.pem
Normal file
@ -0,0 +1,24 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
|
||||
MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
|
||||
YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
|
||||
EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
|
||||
bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
|
||||
AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
|
||||
VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
|
||||
h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
|
||||
ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
|
||||
EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
|
||||
DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
|
||||
qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
|
||||
VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
|
||||
K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
|
||||
KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
|
||||
ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
|
||||
BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
|
||||
/iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
|
||||
zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
|
||||
HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
|
||||
WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
|
||||
yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
|
||||
-----END CERTIFICATE-----
|
@ -152,48 +152,72 @@ define(function(require) {
|
||||
* Instanciate the mail email data access object and its dependencies. Login to imap on init.
|
||||
*/
|
||||
self.init = function(userId, token, callback) {
|
||||
var auth, imapOptions, smtpOptions,
|
||||
var auth, imapOptions, smtpOptions, certificate,
|
||||
lawnchairDao, restDao, pubkeyDao,
|
||||
keychain, imapClient, smtpClient, pgp, userStorage;
|
||||
keychain, imapClient, smtpClient, pgp, userStorage, xhr;
|
||||
|
||||
// create mail credentials objects for imap/smtp
|
||||
auth = {
|
||||
XOAuth2: {
|
||||
user: userId,
|
||||
clientId: config.gmail.clientId,
|
||||
accessToken: token
|
||||
// fetch pinned local ssl certificate
|
||||
xhr = new XMLHttpRequest();
|
||||
xhr.open('GET', '/ca/Google_Internet_Authority_G2.pem');
|
||||
xhr.onload = function() {
|
||||
if (xhr.readyState === 4 && xhr.status === 200 && xhr.responseText) {
|
||||
certificate = xhr.responseText;
|
||||
setupDaos();
|
||||
} else {
|
||||
callback({
|
||||
errMsg: 'Could not fetch pinned certificate!'
|
||||
});
|
||||
}
|
||||
};
|
||||
imapOptions = {
|
||||
secure: config.gmail.imap.secure,
|
||||
port: config.gmail.imap.port,
|
||||
host: config.gmail.imap.host,
|
||||
auth: auth
|
||||
};
|
||||
smtpOptions = {
|
||||
secure: config.gmail.smtp.secure,
|
||||
port: config.gmail.smtp.port,
|
||||
host: config.gmail.smtp.host,
|
||||
auth: auth
|
||||
xhr.onerror = function() {
|
||||
callback({
|
||||
errMsg: 'Could not fetch pinned certificate!'
|
||||
});
|
||||
};
|
||||
xhr.send();
|
||||
|
||||
// init objects and inject dependencies
|
||||
restDao = new RestDAO();
|
||||
pubkeyDao = new PublicKeyDAO(restDao);
|
||||
lawnchairDao = new LawnchairDAO();
|
||||
keychain = new KeychainDAO(lawnchairDao, pubkeyDao);
|
||||
imapClient = new ImapClient(imapOptions);
|
||||
smtpClient = new SmtpClient(smtpOptions);
|
||||
pgp = new PGP();
|
||||
userStorage = new DeviceStorageDAO(lawnchairDao);
|
||||
self._emailDao = new EmailDAO(keychain, imapClient, smtpClient, pgp, userStorage);
|
||||
function setupDaos() {
|
||||
// create mail credentials objects for imap/smtp
|
||||
auth = {
|
||||
XOAuth2: {
|
||||
user: userId,
|
||||
clientId: config.gmail.clientId,
|
||||
accessToken: token
|
||||
}
|
||||
};
|
||||
imapOptions = {
|
||||
secure: config.gmail.imap.secure,
|
||||
port: config.gmail.imap.port,
|
||||
host: config.gmail.imap.host,
|
||||
auth: auth,
|
||||
ca: [certificate]
|
||||
};
|
||||
smtpOptions = {
|
||||
secure: config.gmail.smtp.secure,
|
||||
port: config.gmail.smtp.port,
|
||||
host: config.gmail.smtp.host,
|
||||
auth: auth
|
||||
};
|
||||
|
||||
// init email dao
|
||||
var account = {
|
||||
emailAddress: userId,
|
||||
asymKeySize: config.asymKeySize
|
||||
};
|
||||
self._emailDao.init(account, callback);
|
||||
// init objects and inject dependencies
|
||||
restDao = new RestDAO();
|
||||
pubkeyDao = new PublicKeyDAO(restDao);
|
||||
lawnchairDao = new LawnchairDAO();
|
||||
keychain = new KeychainDAO(lawnchairDao, pubkeyDao);
|
||||
imapClient = new ImapClient(imapOptions);
|
||||
smtpClient = new SmtpClient(smtpOptions);
|
||||
pgp = new PGP();
|
||||
userStorage = new DeviceStorageDAO(lawnchairDao);
|
||||
self._emailDao = new EmailDAO(keychain, imapClient, smtpClient, pgp, userStorage);
|
||||
|
||||
// init email dao
|
||||
var account = {
|
||||
emailAddress: userId,
|
||||
asymKeySize: config.asymKeySize
|
||||
};
|
||||
|
||||
self._emailDao.init(account, callback);
|
||||
}
|
||||
};
|
||||
|
||||
return self;
|
||||
|
Loading…
Reference in New Issue
Block a user