ckaczor/azuredatastudio
1
0
Fork 0
mirror of https://github.com/ckaczor/azuredatastudio.git synced 2026-02-16 18:46:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use UTF8 for Azure token cache (#3391)

Browse Source 
* Switch token cache encryption encoding to UTF8

* Try to parse as binary in fallback

* Code review feedback
This commit is contained in:
Karl Burtram
2018-12-03 14:09:42 -08:00
committed by GitHub
parent c7e33a90fe
commit 38ae14cc4d
1 changed files with 26 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
extensions/azurecore/src/account-provider/tokenCache.ts
View File

@@ -223,11 +223,30 @@ export default class TokenCache implements adal.TokenCache {
return this.getOrCreateEncryptionParams() return this.getOrCreateEncryptionParams()
.then(encryptionParams => { .then(encryptionParams => {
try { try {
let cacheCipher = fs.readFileSync(self._cacheSerializationPath, TokenCache.FsOptions); return self.decryptCache('utf8', encryptionParams);
} catch (e) {
try {
// try to parse using 'binary' encoding and rewrite cache as UTF8
let response = self.decryptCache('binary', encryptionParams);
self.writeCache(response);
return response;
} catch (e) {
throw e;
}
}
})
.then(null, err => {
// If reading the token cache fails, we'll just assume the tokens are garbage
console.warn(`Failed to read token cache: ${err}`);
return [];
});
}
private decryptCache(encoding: crypto.Utf8AsciiBinaryEncoding, encryptionParams: EncryptionParams): adal.TokenResponse[] {
let cacheCipher = fs.readFileSync(this._cacheSerializationPath, TokenCache.FsOptions);
let decipher = crypto.createDecipheriv(TokenCache.CipherAlgorithm, encryptionParams.key, encryptionParams.initializationVector); let decipher = crypto.createDecipheriv(TokenCache.CipherAlgorithm, encryptionParams.key, encryptionParams.initializationVector);
let cacheJson = decipher.update(cacheCipher, 'hex', 'binary'); let cacheJson = decipher.update(cacheCipher, 'hex', encoding);
cacheJson += decipher.final('binary'); cacheJson += decipher.final(encoding);
// Deserialize the JSON into the array of tokens // Deserialize the JSON into the array of tokens
let cacheObj = <adal.TokenResponse[]>JSON.parse(cacheJson); let cacheObj = <adal.TokenResponse[]>JSON.parse(cacheJson);
@@ -237,15 +256,6 @@ export default class TokenCache implements adal.TokenCache {
} }
return cacheObj; return cacheObj;
} catch (e) {
throw e;
}
})
.then(null, err => {
// If reading the token cache fails, we'll just assume the tokens are garbage
console.warn(`Failed to read token cache: ${err}`);
return [];
});
} }
private removeFromCache(cache: adal.TokenResponse[], entries: adal.TokenResponse[]): adal.TokenResponse[] { private removeFromCache(cache: adal.TokenResponse[], entries: adal.TokenResponse[]): adal.TokenResponse[] {
@@ -274,7 +284,7 @@ export default class TokenCache implements adal.TokenCache {
let cacheJson = JSON.stringify(cache); let cacheJson = JSON.stringify(cache);
let cipher = crypto.createCipheriv(TokenCache.CipherAlgorithm, encryptionParams.key, encryptionParams.initializationVector); let cipher = crypto.createCipheriv(TokenCache.CipherAlgorithm, encryptionParams.key, encryptionParams.initializationVector);
let cacheCipher = cipher.update(cacheJson, 'binary', 'hex'); let cacheCipher = cipher.update(cacheJson, 'utf8', 'hex');
cacheCipher += cipher.final('hex'); cacheCipher += cipher.final('hex');
fs.writeFileSync(self._cacheSerializationPath, cacheCipher, TokenCache.FsOptions); fs.writeFileSync(self._cacheSerializationPath, cacheCipher, TokenCache.FsOptions);