Merge pull request #434 from Authenticator-Extension/onedrive

OneDrive Support

Author: mymindstorm

manifest-chrome.json

@@ -56,8 +56,10 @@
         "https://www.google.com/",
         "https://*.dropboxapi.com/*",
         "https://www.googleapis.com/*",
-        "https://accounts.google.com/o/oauth2/revoke"
+        "https://accounts.google.com/o/oauth2/revoke",
+        "https://graph.microsoft.com/me/*",
+        "https://login.microsoftonline.com/common/oauth2/v2.0/token"
     ],
     "offline_enabled": true,
-    "content_security_policy": "script-src 'self'; font-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; connect-src https://www.google.com/ https://*.dropboxapi.com https://www.googleapis.com/ https://accounts.google.com/o/oauth2/revoke ; default-src 'none'"
+    "content_security_policy": "script-src 'self'; font-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; connect-src https://www.google.com/ https://*.dropboxapi.com https://www.googleapis.com/ https://accounts.google.com/o/oauth2/revoke https://login.microsoftonline.com/common/oauth2/v2.0/token https://graph.microsoft.com/; default-src 'none'"
 }

manifest-firefox.json

@@ -48,7 +48,9 @@
         "https://www.google.com/",
         "https://*.dropboxapi.com/*",
         "https://www.googleapis.com/*",
-        "https://accounts.google.com/o/oauth2/revoke"
+        "https://accounts.google.com/o/oauth2/revoke",
+        "https://graph.microsoft.com/me/*",
+        "https://login.microsoftonline.com/common/oauth2/v2.0/token"
     ],
-    "content_security_policy": "script-src 'self'; font-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; connect-src https://www.google.com/ https://*.dropboxapi.com https://www.googleapis.com/ https://accounts.google.com/o/oauth2/revoke ; default-src 'none'"
+    "content_security_policy": "script-src 'self'; font-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; connect-src https://www.google.com/ https://*.dropboxapi.com https://www.googleapis.com/ https://accounts.google.com/o/oauth2/revoke https://login.microsoftonline.com/common/oauth2/v2.0/token https://graph.microsoft.com/; default-src 'none'"
 }

package-lock.json

@@ -9,7 +9,7 @@
 PLATFORM=$1
 REMOTE=$(git config --get remote.origin.url)
 CREDS=$(cat ./src/models/credentials.ts | tr -d '\n')
-CREDREGEX='^.*".+".*".+".*".+".*$'
+CREDREGEX='^.*".+".*".+".*".+".*".+".*".+".*$'
 STYLEFILES="./src/* ./src/**/* ./src/**/**/* ./sass/*.scss"
 set -e
 

scripts/build.sh

@@ -4,7 +4,7 @@ import QRCode from "qrcode-reader";
 import { getCredentials } from "./models/credentials";
 import { Encryption } from "./models/encryption";
 import { EntryStorage, ManagedStorage } from "./models/storage";
-import { Dropbox, Drive } from "./models/backup";
+import { Dropbox, Drive, OneDrive } from "./models/backup";
 import * as uuid from "uuid/v4";
 
 let cachedPassphrase = "";
@@ -30,7 +30,7 @@ chrome.runtime.onMessage.addListener((message, sender, sendResponse) => {
     setAutolock();
   } else if (message.action === "passphrase") {
     sendResponse(cachedPassphrase);
-  } else if (["dropbox", "drive"].indexOf(message.action) > -1) {
+  } else if (["dropbox", "drive", "onedrive"].indexOf(message.action) > -1) {
     getBackupToken(message.action);
   } else if (message.action === "lock") {
     cachedPassphrase = "";
@@ -270,6 +270,11 @@ function getBackupToken(service: string) {
         getCredentials().drive.client_id +
         "&scope=https%3A//www.googleapis.com/auth/drive.file&prompt=consent&redirect_uri=" +
         redirUrl;
+    } else if (service === "onedrive") {
+      redirUrl = encodeURIComponent(chrome.identity.getRedirectURL());
+      authUrl = `https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=${
+        getCredentials().onedrive.client_id
+      }&response_type=code&redirect_uri=${redirUrl}&scope=https%3A%2F%2Fgraph.microsoft.com%2FFiles.ReadWrite.AppFolder%20https%3A%2F%2Fgraph.microsoft.com%2FUser.Read%20offline_access&response_mode=query&prompt=consent`;
     }
     chrome.identity.launchWebAuthFlow(
       { url: authUrl, interactive: true },
@@ -280,7 +285,10 @@ function getBackupToken(service: string) {
         let hashMatches = url.split("#");
         if (service === "drive") {
           hashMatches = url.slice(0, -1).split("?");
+        } else if (service === "onedrive") {
+          hashMatches = url.split("?");
         }
+
         if (hashMatches.length < 2) {
           return;
         }
@@ -353,6 +361,54 @@ function getBackupToken(service: string) {
                   }
                 );
                 uploadBackup("drive");
+              } else if (service === "onedrive") {
+                const xhr = new XMLHttpRequest();
+                // Need to trade code we got from launchWebAuthFlow for a
+                // token & refresh token
+                await new Promise(
+                  (
+                    resolve: (value: boolean) => void,
+                    reject: (reason: Error) => void
+                  ) => {
+                    xhr.open(
+                      "POST",
+                      "https://login.microsoftonline.com/common/oauth2/v2.0/token"
+                    );
+                    xhr.setRequestHeader("Accept", "application/json");
+                    xhr.setRequestHeader(
+                      "Content-Type",
+                      "application/x-www-form-urlencoded"
+                    );
+                    xhr.onreadystatechange = () => {
+                      if (xhr.readyState === 4) {
+                        try {
+                          const res = JSON.parse(xhr.responseText);
+                          if (res.error) {
+                            console.error(res.error_description);
+                            resolve(false);
+                          } else {
+                            localStorage.oneDriveToken = res.access_token;
+                            localStorage.oneDriveRefreshToken =
+                              res.refresh_token;
+                            resolve(true);
+                          }
+                        } catch (error) {
+                          console.error(error);
+                          reject(error);
+                        }
+                      }
+                      return;
+                    };
+                    xhr.send(
+                      `client_id=${
+                        getCredentials().onedrive.client_id
+                      }&grant_type=authorization_code&scope=https%3A%2F%2Fgraph.microsoft.com%2FFiles.ReadWrite.AppFolder%20https%3A%2F%2Fgraph.microsoft.com%2FUser.Read%20offline_access&code=${value}&redirect_uri=${redirUrl}&client_secret=${encodeURIComponent(
+                        getCredentials().onedrive.client_secret
+                      )}`
+                    );
+                  }
+                );
+                uploadBackup("onedrive");
               }
             }
           }
@@ -377,6 +433,11 @@ async function uploadBackup(service: string) {
       await drive.upload(encryption);
       break;
 
+    case "onedrive":
+      const onedrive = new OneDrive();
+      await onedrive.upload(encryption);
+      break;
+
     default:
       break;
   }

scripts/credentials.ts.enc

@@ -26,7 +26,9 @@
         v-bind:style="{
           left: encryption.getEncryptionStatus() ? '70px' : '45px'
         }"
-        v-show="(dropboxToken || driveToken) && !style.isEditing"
+        v-show="
+          (dropboxToken || driveToken || oneDriveToken) && !style.isEditing
+        "
       >
         <IconSync />
       </div>
@@ -76,7 +78,7 @@ import IconCheck from "../../../svg/check.svg";
 const computedPrototype = [
   mapState("style", ["style"]),
   mapState("accounts", ["encryption"]),
-  mapState("backup", ["driveToken", "dropboxToken"])
+  mapState("backup", ["driveToken", "dropboxToken", "oneDriveToken"])
 ];
 
 let computed = {};