web-eid-authtoken-validation-java/example/src/main/resources/templates/welcome.html at 465dc0462784f3bee6daa67379e0b4c89fb3e910 · web-eid/web-eid-authtoken-validation-java · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8"/>
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"/>

    <meta id="csrftoken" name="csrftoken" th:content="${_csrf.token}"/>
    <meta id="csrfheadername" name="csrfheadername" th:content="${_csrf.headerName}"/>

    <title>Welcome!</title>
    <link
            href="/css/bootstrap.min.css"
            rel="stylesheet"
    />
    <link
            href="/css/main.css"
            rel="stylesheet"
    />
</head>
<body class="m-4">
<div class="container">
    <div class="row justify-content-md-center">
        <div class="col-xs-12 col-md-8" style="padding-top: 3rem;">
            <div style="text-align: center;">
                <h2 class="adding-signature">Digital signing</h2>
                <p th:text="'Welcome, ' + ${principalName} + '!'" class="welcome-line"></p>
            </div>

            <div id="file-name"></div>

            <div id="example-document">
                <p class="p-4">To test digital signing, you can sign the following document by clicking
                    <i>Sign document </i> below:</p>
                <iframe src="/files/example-for-signing.txt" width="100%" height="200"></iframe>
            </div>

            <div id="error-message" class="alert alert-danger" style="display: none;" role="alert">
                <div class="message"></div>
                <pre class="details"></pre>
            </div>
            <p class="text-center p-4">
                <button id="webeid-sign-button" class="btn btn-info">Sign document</button>
                <button id="webeid-download-button" class="btn btn-success" style="display: none;">Download container
                </button>
            </p>
        </div>
        <button id="webeid-logout-button" class="btn btn-info">Logout</button>
    </div>
</div>

<script type="module">
    "use strict";
    import * as webeid from "/js/web-eid.js";
    import {hideErrorMessage, showErrorMessage, checkHttpError} from "/js/errors.js";
    import {getValidatedLangFromUrl} from "/js/index.js";

    const signButton = document.querySelector("#webeid-sign-button");
    const downloadButton = document.querySelector("#webeid-download-button");

    const fileNameText = document.querySelector("#file-name");
    const exampleDocument = document.querySelector("#example-document");

    const csrfToken = document.querySelector('#csrftoken').content;
    const csrfHeaderName = document.querySelector('#csrfheadername').content;

    document.querySelector("#webeid-logout-button").addEventListener("click", async () => {
        await fetch("/logout", {
            method: "POST",
            headers: {
                "Content-Type": "application/json",
                [csrfHeaderName]: csrfToken
            }
        });
        const lang = getValidatedLangFromUrl();
        const indexPageUrl = new URL("/", window.location.origin);
        if (lang) {
            indexPageUrl.searchParams.set("lang", lang);
        }
        window.location.href = indexPageUrl.toString();
    });

    downloadButton.addEventListener("click", async () => {
        window.location.href = "/sign/download";
    });

    const lang = new URLSearchParams(window.location.search).get("lang") || "en";

    signButton.addEventListener("click", async () => {
        hideErrorMessage();
        signButton.disabled = true;

        try {
            const {
                certificate,
                supportedSignatureAlgorithms,
            } = await webeid.getSigningCertificate({lang});

            const prepareSigningResponse = await fetch("/sign/prepare", {
                method: "POST",
                headers: {
                    "Content-Type": "application/json",
                    [csrfHeaderName]: csrfToken
                },
                body: JSON.stringify({certificate, supportedSignatureAlgorithms}),
            });
            await checkHttpError(prepareSigningResponse);
            const {
                hash,
                hashFunction
            } = await prepareSigningResponse.json();

            const {
                signatureAlgorithm,
                signature,
            } = await webeid.sign(certificate, hash, hashFunction, {lang});

            const finalizeSigningResponse = await fetch("/sign/sign", {
                method: "POST",
                headers: {
                    "Content-Type": "application/json",
                    [csrfHeaderName]: csrfToken
                },
                body: JSON.stringify({signature, signatureAlgorithm}),
            });
            await checkHttpError(finalizeSigningResponse);
            const signResult = await finalizeSigningResponse.json();

            signButton.setAttribute("style", "display: none;");
            exampleDocument.setAttribute("style", "display: none;");
            downloadButton.removeAttribute("style");
            fileNameText.textContent = "Signature added: " + signResult.name;
        } catch (error) {
            showErrorMessage(error);
            throw error;
        } finally {
            signButton.disabled = false;
        }
    });
</script>
</body>
</html>