-
Notifications
You must be signed in to change notification settings - Fork 7
Trust policy configuration example
Sergey Shpak edited this page Mar 26, 2018
·
2 revisions
In this example the user configures the trust policy for public keys received from DataPeps; the details are described on Configuring public keys validation page.
Here the user uses a second channel to verify the authenticity of the received public key of the version one (see this for details). To confirm the key validity and allow the SDK to use it the user enters yes when prompted; to refuse the key the user enters any other answer.
Show code
var DataPeps = require('datapeps-sdk');
var readline = require('readline');
var events = require('events');
global["TextEncoder"] = require('text-encoding').TextEncoder;
global["TextDecoder"] = require('text-encoding').TextDecoder;
global["XMLHttpRequest"] = require('xhr2');
global["WebSocket"] = require('ws');
global["btoa"] = require('btoa');
global["atob"] = require('atob');
process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0';
DataPeps.configure("https://" + process.env.PEPSCRYPTO_HOST);
var aliceLogin = "[email protected]",
bobLogin = "[email protected]";
var alicePassword = "aliceP@ssw0rd",
bobPassword = "bobP@ssw0rd";
class Base64 {
static decode(s) {
if (s == null) return null
var i, d = atob(s), b = new Uint8Array(d.length);
for (i = 0; i < d.length; i++)
b[i] = d.charCodeAt(i);
return b;
}
static encode(arr) {
var i, s = [], len = arr.length;
for (i = 0; i < len; i++)
s.push(String.fromCharCode(arr[i]));
return btoa(s.join(''));
}
}
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}
class TrustAskUser {
constructor(session) {
this.session = session;
}
async askUser(pk) {
// An event emitter, that fires an event when the user inputs something
var eventEmitter = new events.EventEmitter();
// A promise that is fullfiled on the user's input
var promiseInput = new Promise((resolve) => {
eventEmitter.on("input", resolve);
})
// Reading the user's input
let rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
let question = pk.login + " public keys:"
+ "\n\tBox: " + Base64.encode(pk.box)
+ "\n\tSign: " + Base64.encode(pk.sign)
+ "\nAccept? yes/no: ";
let isAccepted = null;
let accepted = function(_isAccepted) {
isAccepted = _isAccepted;
// An event fires, when user inputs something
eventEmitter.emit("input");
}
rl.question(question, (answer) => {
rl.close();
// The user's input is consumed
if (answer == "yes") {
console.log(this.session.login, " trusts ",
pk.login, " public key")
accepted(true);
return;
}
// If the user's answer is not "yes"
console.log(this.session.login, " does not trust ",
pk.login, " public key");
accepted(false);
});
// Waiting for user's input
await promiseInput;
// Returning user's input
return new Promise((resolve) => {
resolve(isAccepted);
});
}
async trust(pk) {
// The key is not in the cache, so it must be verified
await this.askUser(pk).then((isAccepted) => {
if (isAccepted) {
return Promise.resolve();
}
return Promise.reject();
});
}
}
async function main() {
// Alice creates a resource
let aliceSession = await DataPeps.login(aliceLogin, alicePassword);
let aliceResource = await aliceSession.Resource.create("", null, [bobLogin]);
// Alice closes her session
aliceSession.close();
// Bob configures trust policy
let bobSession = await DataPeps.login(bobLogin, bobPassword);
let trustPolicy = new TrustAskUser(bobSession);
bobSession.setTrustPolicy(trustPolicy);
// Bob tries to get Alice's resource with a new trust policy
let noError = true;
await bobSession.Resource.get(aliceResource.id).catch(_ => {
console.log("Cannot get Alice's resource, as Bob does not trust the received Alice's public key");
noError = false;
})
if (noError) {
console.log("Alice's resource received");
}
// Bob closes his session
bobSession.close();
}
main().catch(_ => console.log("An error occurred"));
Before running the example make sure you followed the steps described here.
To fetch the code run the following command in the examples directory:
git clone https://gist.github.com/fbac9262453ee406af01b6011c3823d7.git trust-policy-configuration
To run this example execute the following command in the examples directory:
node trust-policy-configuration/trust-policy-configuration.js
- Session
- Identity
- Resource
- Delegated access