juice-shop

1
/*
2
 * Copyright (c) 2014-2024 Bjoern Kimminich & the OWASP Juice Shop contributors.
3
 * SPDX-License-Identifier: MIT
4
 */
5

6
import { Component } from '@angular/core'
7
import { UntypedFormControl, UntypedFormGroup, Validators } from '@angular/forms'
8

9
import { TwoFactorAuthService } from '../Services/two-factor-auth-service'
10
import { ConfigurationService } from '../Services/configuration.service'
11

12
import { library } from '@fortawesome/fontawesome-svg-core'
13
import { faSave, faUnlockAlt } from '@fortawesome/free-solid-svg-icons'
14

15
import { forkJoin } from 'rxjs'
16
import { TranslateService } from '@ngx-translate/core'
17
import { MatSnackBar } from '@angular/material/snack-bar'
18
import { SnackBarHelperService } from '../Services/snack-bar-helper.service'
19

20
library.add(faUnlockAlt, faSave)
21

22
@Component({
23
  selector: 'app-two-factor-auth',
24
  templateUrl: './two-factor-auth.component.html',
25
  styleUrls: ['./two-factor-auth.component.scss']
26
})
27
export class TwoFactorAuthComponent {
28
  public data?: string
29

30
  public twoFactorSetupForm: UntypedFormGroup = new UntypedFormGroup({
31
    passwordControl: new UntypedFormControl('', [Validators.required]),
32
    initalTokenControl: new UntypedFormControl('', [Validators.required, Validators.pattern('^[\\d]{6}$')])
33
  })
34

35
  public twoFactorDisableForm: UntypedFormGroup = new UntypedFormGroup({
36
    passwordControl: new UntypedFormControl('', [Validators.required])
37
  })
38

39
  public setupStatus: boolean | null = null
40
  public errored: boolean | null = null
41

42
  public totpUrl?: string
43
  public totpSecret?: string
44
  private setupToken?: string
45

46
  private appName = 'OWASP Juice Shop'
47

48
  constructor (private readonly twoFactorAuthService: TwoFactorAuthService, private readonly configurationService: ConfigurationService, private readonly snackBar: MatSnackBar, private readonly translateService: TranslateService, private readonly snackBarHelperService: SnackBarHelperService) {}
49

50
  ngOnInit () {
51
    this.updateStatus()
52
  }
53

54
  updateStatus () {
55
    const status = this.twoFactorAuthService.status()
56
    const config = this.configurationService.getApplicationConfiguration()
57

58
    forkJoin([status, config]).subscribe(([{ setup, email, secret, setupToken }, config]) => {
59
      this.setupStatus = setup
60
      this.appName = config.application.name
61
      if (!setup) {
62
        const encodedAppName = encodeURIComponent(this.appName)
63
        this.totpUrl = `otpauth://totp/${encodedAppName}:${email}?secret=${secret}&issuer=${encodedAppName}`
64
        this.totpSecret = secret
65
        this.setupToken = setupToken
66
      }
67
    }, () => {
68
      console.log('Failed to fetch 2fa status')
69
    })
70
    return status
71
  }
72

73
  setup () {
74
    this.twoFactorAuthService.setup(
75
      this.twoFactorSetupForm.get('passwordControl')?.value,
76
      this.twoFactorSetupForm.get('initalTokenControl')?.value,
77
      this.setupToken
78
    ).subscribe(() => {
79
      this.setupStatus = true
80
      this.snackBarHelperService.open('CONFIRM_2FA_SETUP')
81
    }, () => {
82
      this.twoFactorSetupForm.get('passwordControl')?.markAsPristine()
83
      this.twoFactorSetupForm.get('initalTokenControl')?.markAsPristine()
84
      this.errored = true
85
    })
86
  }
87

88
  disable () {
89
    this.twoFactorAuthService.disable(
90
      this.twoFactorDisableForm.get('passwordControl')?.value
91
    ).subscribe(() => {
92
      this.updateStatus().subscribe(
93
        () => {
94
          this.setupStatus = false
95
        }
96
      )
97
      this.snackBarHelperService.open('CONFIRM_2FA_DISABLE')
98
    }, () => {
99
      this.twoFactorDisableForm.get('passwordControl')?.markAsPristine()
100
      this.errored = true
101
    })
102
  }
103
}
104