anastasis-webui: make TOTP work again

packages/anastasis-core/src/index.ts

@@ -14,7 +14,6 @@ import {
   getRandomBytes,
   hash,
   HttpStatusCode,
-  j2s,
   Logger,
   parsePayUri,
   stringToBytes,
@@ -27,8 +26,7 @@ import {
 import { anastasisData } from "./anastasis-data.js";
 import {
   EscrowConfigurationResponse,
-  IbanExternalAuthResponse,
+  RecoveryMetaResponse,
-  RecoveryMetaResponse as RecoveryMetaResponse,
   TruthUploadRequest,
 } from "./provider-types.js";
 import {

packages/anastasis-webui/package.json

@@ -15,6 +15,7 @@
     "pretty": "prettier --write src",
     "storybook": "start-storybook -p 6006"
   },
+  "type": "module",
   "eslintConfig": {
     "parser": "@typescript-eslint/parser",
     "extends": [

packages/anastasis-webui/preact.config.js

@@ -28,7 +28,7 @@ const commitHash = cp.execSync("git rev-parse --short HEAD").toString();
 
 export default {
   webpack(config, env, helpers) {
-    // add __VERSION__ to be use in the html
+    // add __VERSION__ to be used in the html
     config.plugins.push(
       new DefinePlugin({
         "process.env.__VERSION__": JSON.stringify(

packages/anastasis-webui/src/components/menu/LangSelector.tsx

@@ -23,7 +23,7 @@ import { h, VNode } from "preact";
 import { useState } from "preact/hooks";
 import langIcon from "../../assets/icons/languageicon.svg";
 import { useTranslationContext } from "../../context/translation";
-import { strings as messages } from "../../i18n/strings";
+import { strings as messages } from "../../i18n/strings.js";
 
 type LangsNames = {
   [P in keyof typeof messages]: string;

packages/anastasis-webui/src/components/menu/SideBar.tsx

@@ -78,8 +78,7 @@ export function Sidebar({ mobile }: Props): VNode {
               </div>
             </li>
           )}
-          {reducer.currentReducerState &&
+          {reducer.currentReducerState?.reducer_type === "backup" ? (
-          reducer.currentReducerState.backup_state ? (
             <Fragment>
               <li
                 class={
@@ -191,8 +190,7 @@ export function Sidebar({ mobile }: Props): VNode {
               </li>
             </Fragment>
           ) : (
-            reducer.currentReducerState &&
+            reducer.currentReducerState?.reducer_type === "recovery" && (
-            reducer.currentReducerState?.recovery_state && (
               <Fragment>
                 <li
                   class={

packages/anastasis-webui/src/hooks/use-anastasis-reducer.ts

@@ -199,7 +199,7 @@ export function useAnastasisReducer(): AnastasisReducerApi {
       s = await reduceAction(anastasisState.reducerState!, action, args);
     }
     console.log("got response from reducer", s);
-    if (s.code) {
+    if (s.reducer_type === "error") {
       console.log("response is an error");
       setAnastasisState({ ...anastasisState, currentError: s });
     } else {
@@ -223,7 +223,7 @@ export function useAnastasisReducer(): AnastasisReducerApi {
       } else {
         s = await getBackupStartState();
       }
-      if (s.code !== undefined) {
+      if (s.reducer_type === "error") {
         setAnastasisState({
           ...anastasisState,
           currentError: s,
@@ -274,7 +274,7 @@ export function useAnastasisReducer(): AnastasisReducerApi {
       } else {
         s = await getRecoveryStartState();
       }
-      if (s.code !== undefined) {
+      if (s.reducer_type === "error") {
         setAnastasisState({
           ...anastasisState,
           currentError: s,
@@ -296,8 +296,10 @@ export function useAnastasisReducer(): AnastasisReducerApi {
         return;
       }
       if (
-        reducerState.backup_state === BackupStates.ContinentSelecting ||
+        (reducerState.reducer_type === "backup" &&
-        reducerState.recovery_state === RecoveryStates.ContinentSelecting
+          reducerState.backup_state === BackupStates.ContinentSelecting) ||
+        (reducerState.reducer_type === "recovery" &&
+          reducerState.recovery_state === RecoveryStates.ContinentSelecting)
       ) {
         setAnastasisState({
           ...anastasisState,
@@ -327,7 +329,7 @@ export function useAnastasisReducer(): AnastasisReducerApi {
       }
       const s = txHandle.transactionState;
       console.log("transaction finished, new state", s);
-      if (s.code !== undefined) {
+      if (s.reducer_type === "error") {
         setAnastasisState({
           ...anastasisState,
           currentError: txHandle.transactionState,
@@ -355,7 +357,7 @@ class ReducerTxImpl implements ReducerTransactionHandle {
     console.log("making transition in transaction", action);
     this.transactionState = s;
     // Abort transaction as soon as we transition into an error state.
-    if (this.transactionState.code !== undefined) {
+    if (this.transactionState.reducer_type === "error") {
       throw Error("transition resulted in error");
     }
     return this.transactionState;

packages/anastasis-webui/src/pages/home/AttributeEntryScreen.tsx

@@ -1,6 +1,6 @@
 import { UserAttributeSpec, validators } from "@gnu-taler/anastasis-core";
 import { isAfter, parse } from "date-fns";
-import { Fragment, h, VNode } from "preact";
+import { h, VNode } from "preact";
 import { useState } from "preact/hooks";
 import { DateInput } from "../../components/fields/DateInput";
 import { PhoneNumberInput } from "../../components/fields/NumberInput";
@@ -72,7 +72,10 @@ export function AttributeEntryScreen(): VNode {
 
   const doConfirm = async () => {
     await reducer.transition("enter_user_attributes", {
-      identity_attributes: attrs,
+      identity_attributes: {
+        application_id: "anastasis-standalone",
+        ...attrs,
+      },
     });
   };
 

packages/anastasis-webui/src/pages/home/authMethod/AuthMethodTotpSetup.tsx

@@ -7,6 +7,11 @@ import { TextInput } from "../../../components/fields/TextInput";
 import { QR } from "../../../components/QR";
 import { base32enc, computeTOTPandCheck } from "./totp";
 
+/**
+ * This is hard-coded in the protocol for TOTP auth.
+ */
+const ANASTASIS_TOTP_DIGITS = 8;
+
 export function AuthMethodTotpSetup({
   addAuthMethod,
   cancel,
@@ -14,20 +19,20 @@ export function AuthMethodTotpSetup({
 }: AuthMethodSetupProps): VNode {
   const [name, setName] = useState("anastasis");
   const [test, setTest] = useState("");
-  const digits = 8;
   const secretKey = useMemo(() => {
     const array = new Uint8Array(32);
     return window.crypto.getRandomValues(array);
   }, []);
+
   const secret32 = base32enc(secretKey);
-  const totpURL = `otpauth://totp/${name}?digits=${digits}&secret=${secret32}`;
+  const totpURL = `otpauth://totp/${name}?digits=${ANASTASIS_TOTP_DIGITS}&secret=${secret32}`;
 
   const addTotpAuth = (): void =>
     addAuthMethod({
       authentication_method: {
         type: "totp",
-        instructions: `Enter ${digits} digits code for "${name}"`,
+        instructions: `Enter ${ANASTASIS_TOTP_DIGITS} digits code for "${name}"`,
-        challenge: encodeCrock(stringToBytes(totpURL)),
+        challenge: encodeCrock(secretKey),
       },
     });
 

packages/anastasis-webui/src/pages/home/authMethod/AuthMethodTotpSolve.tsx

@@ -11,7 +11,7 @@ import { AnastasisClientFrame } from "../index";
 import { SolveOverviewFeedbackDisplay } from "../SolveScreen";
 import { AuthMethodSolveProps } from "./index";
 
-export function AuthMethodTotpSolve({ id }: AuthMethodSolveProps): VNode {
+export function AuthMethodTotpSolve(props: AuthMethodSolveProps): VNode {
   const [answerCode, setAnswerCode] = useState("");
 
   const reducer = useAnastasisContext();
@@ -74,7 +74,7 @@ export function AuthMethodTotpSolve({ id }: AuthMethodSolveProps): VNode {
   async function onNext(): Promise<void> {
     console.log(`sending TOTP code '${answerCode}'`);
     return reducer?.transition("solve_challenge", {
-      pin: Number.parseInt(answerCode),
+      answer: answerCode,
     });
   }
   function onCancel(): void {

packages/anastasis-webui/src/pages/home/index.tsx

@@ -34,7 +34,7 @@ import { StartScreen } from "./StartScreen";
 import { TruthsPayingScreen } from "./TruthsPayingScreen";
 
 function isBackup(reducer: AnastasisReducerApi): boolean {
-  return !!reducer.currentReducerState?.backup_state;
+  return reducer.currentReducerState?.reducer_type === "backup";
 }
 
 export function withProcessLabel(
@@ -171,57 +171,96 @@ function AnastasisClientImpl(): VNode {
   console.log("state", reducer.currentReducerState);
 
   if (
-    state.backup_state === BackupStates.ContinentSelecting ||
+    (state.reducer_type === "backup" &&
-    state.recovery_state === RecoveryStates.ContinentSelecting ||
+      state.backup_state === BackupStates.ContinentSelecting) ||
-    state.backup_state === BackupStates.CountrySelecting ||
+    (state.reducer_type === "recovery" &&
-    state.recovery_state === RecoveryStates.CountrySelecting
+      state.recovery_state === RecoveryStates.ContinentSelecting) ||
+    (state.reducer_type === "backup" &&
+      state.backup_state === BackupStates.CountrySelecting) ||
+    (state.reducer_type === "recovery" &&
+      state.recovery_state === RecoveryStates.CountrySelecting)
   ) {
     return <ContinentSelectionScreen />;
   }
   if (
-    state.backup_state === BackupStates.UserAttributesCollecting ||
+    (state.reducer_type === "backup" &&
-    state.recovery_state === RecoveryStates.UserAttributesCollecting
+      state.backup_state === BackupStates.UserAttributesCollecting) ||
+    (state.reducer_type === "recovery" &&
+      state.recovery_state === RecoveryStates.UserAttributesCollecting)
   ) {
     return <AttributeEntryScreen />;
   }
-  if (state.backup_state === BackupStates.AuthenticationsEditing) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.AuthenticationsEditing
+  ) {
     return <AuthenticationEditorScreen />;
   }
-  if (state.backup_state === BackupStates.PoliciesReviewing) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.PoliciesReviewing
+  ) {
     return <ReviewPoliciesScreen />;
   }
-  if (state.backup_state === BackupStates.SecretEditing) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.SecretEditing
+  ) {
     return <SecretEditorScreen />;
   }
 
-  if (state.backup_state === BackupStates.BackupFinished) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.BackupFinished
+  ) {
     return <BackupFinishedScreen />;
   }
 
-  if (state.backup_state === BackupStates.TruthsPaying) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.TruthsPaying
+  ) {
     return <TruthsPayingScreen />;
   }
 
-  if (state.backup_state === BackupStates.PoliciesPaying) {
+  if (
+    state.reducer_type === "backup" &&
+    state.backup_state === BackupStates.PoliciesPaying
+  ) {
     return <PoliciesPayingScreen />;
   }
 
-  if (state.recovery_state === RecoveryStates.SecretSelecting) {
+  if (
+    state.reducer_type === "recovery" &&
+    state.recovery_state === RecoveryStates.SecretSelecting
+  ) {
     return <SecretSelectionScreen />;
   }
 
-  if (state.recovery_state === RecoveryStates.ChallengeSelecting) {
+  if (
+    state.reducer_type === "recovery" &&
+    state.recovery_state === RecoveryStates.ChallengeSelecting
+  ) {
     return <ChallengeOverviewScreen />;
   }
 
-  if (state.recovery_state === RecoveryStates.ChallengeSolving) {
+  if (
+    state.reducer_type === "recovery" &&
+    state.recovery_state === RecoveryStates.ChallengeSolving
+  ) {
     return <SolveScreen />;
   }
 
-  if (state.recovery_state === RecoveryStates.RecoveryFinished) {
+  if (
+    state.reducer_type === "recovery" &&
+    state.recovery_state === RecoveryStates.RecoveryFinished
+  ) {
     return <RecoveryFinishedScreen />;
   }
-  if (state.recovery_state === RecoveryStates.ChallengePaying) {
+  if (
+    state.reducer_type === "recovery" &&
+    state.recovery_state === RecoveryStates.ChallengePaying
+  ) {
     return <ChallengePayingScreen />;
   }
   console.log("unknown state", reducer.currentReducerState);

packages/anastasis-webui/src/utils/index.tsx

@@ -17,6 +17,11 @@ export function createExample<Props>(
       <AnastasisProvider
         value={{
           currentReducerState,
+          discoverMore: async () => {},
+          discoverStart: async () => {},
+          discoveryState: {
+            state: "none",
+          },
           currentError: undefined,
           back: async () => {
             null;