Commit Graph

4551 Commits

Author SHA1 Message Date
Pascal Precht b654fdecd8
fix(modules/authenticator): ensure request hash doesn't include query params
The authenticators request hash algorithm produced different hashes than
on the client, because client-side hash-request don't include the query
parameters of a URL.

This causes authentication issues when sending any requests with query
parameters. This commit ensures we ignore them on the server as well.
2018-10-23 11:12:49 +02:00
Jonathan Rainville 479b79eeaf
add better message at the end 2018-10-23 11:12:49 +02:00
Jonathan Rainville 551d1e209b
fix array display and setting 2018-10-23 11:12:49 +02:00
Anthony Laibe a1c33a23a2
Remove tabler-react 2018-10-23 11:12:49 +02:00
Anthony Laibe 627fec5b49
Use cards in contract deployment 2018-10-23 11:12:48 +02:00
Pascal Precht 8740c8c0c9
fix(cockpit/Layout): ensure Layout render doesn't throw
In https://github.com/status-im/embark-area-51/commit/62964c8ce we've introduced a
regression where are two errors are thrown when `Layout` component is rendered:

- one for NavItem not having a key property
- one for margin-top not being a supported style property on Container

This commits fixes both.
2018-10-23 11:12:48 +02:00
Anthony Laibe ba5e479ae8
PR feedback 2018-10-23 11:12:48 +02:00
Anthony Laibe 2c74c2aa30
Add identicon 2018-10-23 11:12:48 +02:00
Pascal Precht 98fc1ab51e
fix(cockpit/AppContainer): allow bootstrap with query params
Cockpit allows for authentication via a `token` query parameter a la

```
http://localhost:8000/embark?token=xxxx-xxxx-xxxx-xxxx
```

So far, this was the only query parameter cockpit knew about, which is
why the algorithm during bootstrap always assumed that, if we have
query parameters, there has to be a `token` query parameter.

However, since 20831179fc, this turns out to be a problem. The hashing algorithm
for the request headers will throw, when `token` is not defined, which
can be possible with future features that add new query parameters.

This can be easily reproduced by bootstrapping/refreshing Cockpit using
any arbitrary query string parameter that is not `token`.

With this commit we ensure that we only perform query string authentication
when a `token` parameter is available.
2018-10-23 11:12:48 +02:00
Pascal Precht 8562a3f6c8
feat(cockpit): enable query param authentication in development mode
Prior to this commit it wasn't possible to authenticate using the
`token` query param as the `host` used for authentication doesn't
match the one of the Embark host.
2018-10-23 11:12:47 +02:00
Anthony Laibe ff0d7d20df
Better format element of explorer 2018-10-23 11:12:47 +02:00
Anthony Laibe 4e23acb558
PR feedback 2018-10-23 11:12:47 +02:00
Anthony Laibe 3844d864e7
Apply PR feedback 2018-10-23 11:12:47 +02:00
Anthony Laibe a4d4278dc9
Adding option to switch deployment pipeline 2018-10-23 11:12:47 +02:00
Anthony Laibe 83a9fd4ed0
Add debugger line highlight 2018-10-23 11:12:00 +02:00
Iuri Matias d5cd0b0ff7
address code review 2018-10-23 11:12:00 +02:00
Pascal Precht 923bacf22f
feat(cockpit): introduce transaction decoder component
This commit adds a new component to decode and analyze transactions.
It's similar to the transaction component that's already available,
with the difference that it takes advantage of the ReactJson tree
view for better analysis experience.
2018-10-23 11:12:00 +02:00
Anthony Laibe fb29e5a7c8
Add/remove breakpoints 2018-10-23 11:12:00 +02:00
Iuri Matias 60a5f52e16
remove files that should not be in source control 2018-10-23 11:11:59 +02:00
Iuri Matias d1cb157da1
remove unsued variables 2018-10-23 11:11:59 +02:00
Iuri Matias 315413a87e
transform card view into a card; remove duplicated names per tab 2018-10-23 11:11:59 +02:00
Iuri Matias b86761e83d
restrict logs; switch order in dashboard; don't limit height in contracts box 2018-10-23 11:11:58 +02:00
Iuri Matias b06d224883
fix services & processes; improve UI 2018-10-23 11:11:58 +02:00
Jonathan Rainville 88c610208c
start to fix for arrays 2018-10-23 11:11:57 +02:00
Michael Bradley, Jr c33818bd32
pkg lock -> shrinkwrap 2018-10-23 11:11:57 +02:00
Michael Bradley, Jr 9d267b7224
bump pkg lock 2018-10-23 11:11:57 +02:00
Michael Bradley, Jr 3ba49c8e6b
rm unused node-http-proxy dep 2018-10-23 11:11:57 +02:00
Iuri Matias 167cf50db5
move console to embark tab; add search box to top bar 2018-10-23 11:11:57 +02:00
Michael Bradley, Jr 695f0b37f6
exact versions per `npm ls --depth=0` 2018-10-23 11:11:57 +02:00
Jonathan Rainville 529edaa058
rename templates in .hbs 2018-10-23 11:11:15 +02:00
Iuri Matias c2eaa80923
add icons to top bar navigation 2018-10-23 11:11:15 +02:00
Iuri Matias 6fd6988b0f
ui fixes 2018-10-23 11:11:14 +02:00
Jonathan Rainville cc88b846aa
use embark config to get contracts dir 2018-10-23 11:11:14 +02:00
Andre Medeiros a65bbabd15
Fix FS to include Embark 2018-10-23 11:11:14 +02:00
Andre Medeiros edb8c99af3
Send params in data 2018-10-23 11:11:14 +02:00
Pascal Precht eb412c026b
feat(cockpit/utils): introduce components to sign and verify messages 2018-10-23 11:11:14 +02:00
Pascal Precht a20bf63835
feat(modules/blockchain_connector): introduce APIs for signing/verifying messages 2018-10-23 11:11:14 +02:00
Jonathan Rainville bae21133bc
add error if framework is not supported 2018-10-23 11:11:13 +02:00
Jonathan Rainville 9ac2dde3eb
return contract filepath after build so that we add it to the manager 2018-10-23 11:11:13 +02:00
Iuri Matias 02ad9b314a
fix for undefined cmds 2018-10-23 11:11:13 +02:00
Jonathan Rainville a394504e23
quality improvements for the cmd 2018-10-23 11:11:13 +02:00
Jonathan Rainville 2205a26236
fix indentation 2018-10-23 11:11:13 +02:00
Andre Medeiros 9a41e58679
Update package-lock.json 2018-10-23 11:11:13 +02:00
Andre Medeiros 4678359ce0
Remove another attack vector 2018-10-23 11:11:12 +02:00
Andre Medeiros 5db8185e5a
Update fs-extra; Unfuck package-lock.json 2018-10-23 11:11:12 +02:00
Andre Medeiros 1ffbda8eb4
Avoid unnecessary allocations 2018-10-23 11:11:12 +02:00
Andre Medeiros 26ff48bb15
Blacklist anything outside dapp or tmp root. 2018-10-23 11:11:12 +02:00
Andre Medeiros e229688508
Don't send empty body on authentication 2018-10-23 11:08:23 +02:00
Andre Medeiros 53bc4d945a
Change back how auth works for websockets.
As it turns out, a websocket request doesn't contain some of the
hashable properties in order to be validated. Because of that, we'll
still use tokens here until we find a better way to do it.
2018-10-23 11:08:22 +02:00
Jonathan Rainville 1c85d898b7
fix search box css in dark theme 2018-10-23 11:04:02 +02:00