Skip to content
This repository has been archived by the owner on Jul 12, 2023. It is now read-only.

Standardize response codes and add tests to SMS keys #1672

Merged
merged 1 commit into from
Jan 25, 2021
Merged

Standardize response codes and add tests to SMS keys #1672

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions cmd/server/assets/header.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,9 +140,9 @@
<a class="dropdown-item {{if .currentPath.IsDir "/realm/keys"}}active{{end}}" href="/realm/keys">
{{t $.locale "nav.signing-keys"}}
</a>
{{if .enableAuthenticatedSMS}}
{{if .features.EnableAuthenticatedSMS}}
<a class="dropdown-item {{if .currentPath.IsDir "/realm/sms-keys"}}active{{end}}" href="/realm/sms-keys">
{{t $.locale "nav.sms-signing-keys"}}
{{t $.locale "nav.authenticated-sms"}}
</a>
{{end}}
{{end}}
Expand Down
309 changes: 162 additions & 147 deletions cmd/server/assets/realmadmin/smskeys.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,167 +19,183 @@
<main role="main" class="container">
{{template "flash" .}}

<h1>Authenticated SMS key settings</h1>
<h1>Authenticated SMS</h1>
<p>
View or edit the Authenticated SMS signing keys for <strong>{{$realm.Name}}</strong> below.
View or edit the Authenticated SMS settings and signing keys for
<strong>{{$realm.Name}}</strong> below.
</p>

{{template "beta-notice" .}}

{{template "errorSummary" $realm}}

<div class="card mb-3 shadow-sm">
<div class="card-header">
<span class="oi oi-key mr-2 ml-n1"></span>
Realm Authenticated SMS signing key configuration
</div>
<div class="card-body">
{{template "beta-notice" .}}
{{if .activeRealmKey}}
{{if $realm.UseAuthenticatedSMS}}
<div class="alert alert-success">
<p>This realm is signing outgoing SMS containing verification codes.
<a href="/realm/sms-keys/disable" data-method="POST"
data-confirm="Are you sure you want disable Authenticated SMS?">Disable Authenticated SMS.</a>
</p>
</div>
{{else}}
<div class="alert alert-warning">
<p><strong>⚠️ Attention! ⚠️</strong>
Authenticated SMS is an experimental feature. This is only utilized by the iOS
Exposure Notifications Express client. You should not enable this until you
have confirmed with Apple that this feature is enabled in your jurisdiction.
If you enable this, your verification messages will be broken into multiple SMS segments,
which could incur additional cost. <br/>
This feature is not currently available on Android Exposure Notifications Express.
<a href="/realm/sms-keys/enable" data-method="POST"
data-confirm="Are you sure you want enable Authenticated SMS?">Enable Authenticated SMS.</a>
</p>
</div>
{{end}}


<div class="form-label-group">
<div class="input-group">
<input type="text" id="certKeyID" class="form-control"
placeholder="Key ID (kid)" value="{{.activeRealmKey}}" readonly />
<label for="certKeyID" class="col-sm-3">Key ID (kid)</label>
{{template "clippy" "certKeyID"}}
</div>
<small class="form-text text-muted">
This is the Key ID (kid) of the currently active key.
</small>
<div class="card mb-3 shadow-sm">
<div class="card-header">
{{if $realm.UseAuthenticatedSMS}}
<span class="oi oi-lock-locked mr-2 ml-n1"></span>
{{else}}
<span class="oi oi-lock-unlocked mr-2 ml-n1"></span>
{{end}}
Status
</div>
{{if .activeRealmKey}}
{{if not $realm.UseAuthenticatedSMS}}
<div class="card-body">
<p>
<strong>Warning!</strong> Authenticated SMS is an experimental
feature for iOS. Do not enable this unless Apple has instructed
you to do so. This feature is not currently available for
Android devices.
</p>

<p>
Enabling this feature will increase the length of your SMS
messages such that they are split across multiple messages,
<strong>which will increase costs</strong>.
</p>

<a href="/realm/sms-keys/enable"
data-method="PUT" data-confirm="Are you sure you want enable Authenticated SMS?"
class="btn btn-block btn-success">
Enable Authenticated SMS
</a>
</div>
{{else}}
<div class="card-body">
<div class="form-label-group">
<div class="input-group">
<input type="text" id="certKeyID" class="form-control"
placeholder="Key ID (kid)" value="{{.activeRealmKey}}" readonly />
<label for="certKeyID" class="col-sm-3">Key ID (kid)</label>
{{template "clippy" "certKeyID"}}
</div>
<small class="form-text text-muted">
This is the Key ID (kid) of the currently active key.
</small>
</div>

<div class="form-label-group">
<div class="input-group">
<textarea class="form-control form-control-sm" rows="4" id="activePublicKey" placeholder="Public key" readonly>{{if .activePublicKey}}{{.activePublicKey | trimSpace}}{{else}}Temporarily unable to show public key{{end}}</textarea>
<label for="activePublicKey">Public key</label>
{{template "clippy" "activePublicKey"}}
</div>
<small class="form-text text-muted">
This is the currently active public key.
</small>
</div>
{{else}}
<div class="alert alert-warning" role="alert">
There are no SMS signing keys active for this realm.
<div class="form-label-group mb-0">
<div class="input-group">
<textarea class="form-control form-control-sm" rows="4" id="activePublicKey" placeholder="Public key" readonly>{{if .activePublicKey}}{{.activePublicKey | trimSpace}}{{else}}Temporarily unable to show public key{{end}}</textarea>
<label for="activePublicKey">Public key</label>
{{template "clippy" "activePublicKey"}}
</div>
{{end}}
</div>
<small class="form-text text-muted">
This is the currently active public key.
</small>
</div>
</div>

<small class="card-footer d-flex justify-content-end text-muted">
<a href="/realm/sms-keys/disable"
data-method="PUT" data-confirm="Are you sure you want disable Authenticated SMS?"
class="text-muted">
Disable Authenticated SMS
</a>
</small>
{{end}}
{{else}}
<div class="card-body">
<div class="alert alert-warning" role="alert">
There are no SMS signing keys active for this realm.
</div>
</div>
{{end}}
</div>

<div class="card mb-3 shadow-sm">
<div class="card-header">
<span class="oi oi-key mr-2 ml-n1"></span>
Signing keys
</div>
<div class="card-body">
<p>To manual rotate your Authenticated SMS signing key:</p>
<ol class="mb-3">
<li class="mb-1">Create a new key by clicking the button below</li>
<li class="mb-1">Communicate that key version and public key to Google and Apple</li>
<li class="mb-1">Wait for confirmation from Google AND Apple that the new key is live</li>
<li class="mb-1">Activate the new key in this system</li>
<li class="mb-1">Wait at least 48 hours post activation to delete old keys</li>
</ol>

{{if ge (len .realmKeys) .maximumKeyVersions }}
<div class="alert alert-warning">
There is a limit of {{.maximumKeyVersions}} key versions. Destroy an existing key version to create another.
</div>
{{else}}
<a href="/realm/sms-keys" data-method="POST" class="btn btn-primary btn-block">
Create new signing key version
</a>
{{end}}

<div class="card mb-3 shadow-sm">
<div class="card-header">
<span class="oi oi-globe mr-2 ml-n1"></span>
Authenticated SMS public keys
</div>
<div class="card-body">
<p>To manual rotate your Authenticated SMS signing key:</p>
<ol class="mb-3">
<li class="mb-1">Create a new key by clicking the button below.</li>
<li class="mb-1">Communicate that key version and public key to Google and Apple</li>
<li class="mb-1">Wait for confirmation from Google AND Apple that the new key is live</li>
<li class="mb-1">Activate the new key in this system.</li>
<li class="mb-1">Wait at least 48 hours post activation to delete old keys.</li>
</ol>

{{if ge (len .realmKeys) .maximumKeyVersions }}
<div class="alert alert-warning">
There is a limit of {{.maximumKeyVersions}} key versions. Destroy an existing key version to create another.
</div>
{{else}}
<a href="/realm/sms-keys/create" data-method="POST" class="btn btn-primary btn-block">
Create new signing key version
</a>
{{end}}

{{if .realmKeys}}
<hr />

<div class="table-responsive">
<table class="table table-bordered table-striped table-fixed mb-0">
<thead>
<tr>
<th scope="col" width="75">Key ID</th>
<th scope="col">Public key</th>
</tr>
</thead>
<tbody>
{{$csrfField := .csrfField}}
{{$publicKeys := .publicKeys}}
{{range $rk := .realmKeys}}
<tr>
<td>
{{$rk.GetKID}}
{{if $rk.Active}}<span class="badge badge-success">Active</span>{{end}}
</td>
<td>
<div class="input-group">
<textarea class="form-control form-control-sm text-monospace" rows="4" id="{{$rk.GetKID}}" readonly>{{index $publicKeys $rk.GetKID | trimSpace}}</textarea>
{{template "clippy" $rk.GetKID}}
{{if .realmKeys}}
<hr />

<div class="table-responsive">
<table class="table table-bordered table-striped table-fixed mb-0">
<thead>
<tr>
<th scope="col" width="75">Key ID</th>
<th scope="col">Public key</th>
</tr>
</thead>
<tbody>
{{$csrfField := .csrfField}}
{{$publicKeys := .publicKeys}}
{{range $rk := .realmKeys}}
<tr>
<td>
{{$rk.GetKID}}
{{if $rk.Active}}<span class="badge badge-success">Active</span>{{end}}
</td>
<td>
<div class="input-group">
<textarea class="form-control form-control-sm text-monospace" rows="4" id="{{$rk.GetKID}}" readonly>{{index $publicKeys $rk.GetKID | trimSpace}}</textarea>
{{template "clippy" $rk.GetKID}}
</div>

<p class="mt-3">Backed by:</p>
<div class="input-group">
<input type="text" id="key-{{$rk.ID}}" class="form-control text-monospace" value="{{$rk.KeyID}}" readonly/>
{{template "clippy" (printf "key-%d" $rk.ID)}}
</div>
<small class="form-text text-muted">
Your server operator may ask for this.
</small>

{{if not $rk.Active}}
<div class="row mt-3 align-items-end h-100">
<div class="col">
<a href="/realm/sms-keys/{{$rk.ID}}"
class="text-danger"
data-method="DELETE"
data-confirm="Are you sure you want to destroy this key? This action is irreversible!"
data-toggle="tooltip"
title="Destroy this key version">
<span class="oi oi-trash" aria-hidden="true"></span>
</a>
</div>

<p class="mt-3">Backed by:</p>
<div class="input-group">
<input type="text" id="key-{{$rk.ID}}" class="form-control text-monospace" value="{{$rk.KeyID}}" readonly/>
{{template "clippy" (printf "key-%d" $rk.ID)}}
</div>
<small class="form-text text-muted">
Your server operator may ask for this.
</small>

{{if not $rk.Active}}
<div class="row mt-3 align-items-end h-100">
<div class="col">
<a href="/realm/sms-keys/{{$rk.ID}}"
class="text-danger"
data-method="DELETE"
data-confirm="Are you sure you want to destroy this key? This action is irreversible!"
data-toggle="tooltip"
title="Destroy this key version">
<span class="oi oi-trash" aria-hidden="true"></span>
<div class="col">
<form method="POST" action="/realm/sms-keys/activate">
{{ $csrfField }}
<input type="hidden" name="id" value="{{$rk.ID}}" />
<a href="#" class="btn btn-primary float-right" data-confirm="Have you already shared this new version and public key with Apple and Google?" data-submit-form>
Activate
</a>
</div>

<div class="col">
<form method="POST" action="/realm/sms-keys/activate">
{{ $csrfField }}
<input type="hidden" name="id" value="{{$rk.ID}}" />
<a href="#" class="btn btn-primary float-right" data-confirm="Have you already shared this new version and public key with Apple and Google?" data-submit-form>
Activate
</a>
</form>
</div>
</form>
</div>
{{end}}
</td>
</tr>
{{end}}
</tbody>
</table>
</div>
{{end}}
</div>
</div>
{{end}}
</td>
</tr>
{{end}}
</tbody>
</table>
</div>
{{end}}
</div>
</div>
</main>

<script type="text/javascript">
Expand All @@ -201,4 +217,3 @@ <h1>Authenticated SMS key settings</h1>
</body>
</html>
{{end}}

4 changes: 2 additions & 2 deletions internal/i18n/locales/de/default.po
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ msgstr "Event Protokoll"
msgid "nav.signing-keys"
msgstr "Signaturschlüssel"

msgid "nav.sms-signing-keys"
msgstr "SMS Signaturschlüssel"
msgid "nav.authenticated-sms"
msgstr "SMS autenticados"

msgid "nav.statistics"
msgstr "Statistiken"
Expand Down
4 changes: 2 additions & 2 deletions internal/i18n/locales/en/default.po
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ msgstr "Event log"
msgid "nav.signing-keys"
msgstr "Signing keys"

msgid "nav.sms-signing-keys"
msgstr "SMS Signing keys"
msgid "nav.authenticated-sms"
msgstr "Authenticated SMS"

msgid "nav.statistics"
msgstr "Statistics"
Expand Down
4 changes: 2 additions & 2 deletions internal/i18n/locales/es/default.po
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ msgstr "Bitácora de eventos"
msgid "nav.signing-keys"
msgstr "Llaves firmantes"

msgid "nav.sms-signing-keys"
msgstr "Llaves firmantes de SMS"
msgid "nav.authenticated-sms"
msgstr "SMS autenticados"

msgid "nav.statistics"
msgstr "Estadísticas"
Expand Down
4 changes: 2 additions & 2 deletions internal/i18n/locales/fr/default.po
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ msgstr "Journal d'événements"
msgid "nav.signing-keys"
msgstr "Clés de signature"

msgid "nav.sms-signing-keys"
msgstr "Clés de signature SMS"
msgid "nav.authenticated-sms"
msgstr "SMS authentifié"

msgid "nav.statistics"
msgstr "Statistiques"
Expand Down
Loading