Merge pull request #12 from hauketoenjes/main

Transition to C# backend
covidpass-org · Jun 28, 2021 · 709bd65 · 709bd65
2 parents 15d9dc3 + 6f1a40e
commit 709bd65
Show file tree

Hide file tree

Showing 7 changed files with 104 additions and 105 deletions.
diff --git a/components/Alert.js b/components/Alert.js
@@ -9,9 +9,9 @@ export function Alert() {
   }
 
   return(
-    <div id="alert" style={{"display": "none"}} className="bg-red-100 border border-red-400 text-red-700 px-4 mx-4 py-3 rounded relative" role="alert">
-      <strong className="font-bold pr-2" id="heading"></strong>
-      <span className="block sm:inline" id="message"></span>
+    <div id="alert" style={{"display": "none"}} className="bg-red-100 border border-red-400 text-red-700 px-4 py-3 mt-5 rounded relative" role="alert">
+      <strong className="font-bold pr-2" id="heading"/>
+      <span className="block sm:inline" id="message"/>
       <span className="absolute top-0 bottom-0 right-0 px-4 py-3" onClick={close}>
         <svg className="fill-current h-6 w-6 text-red-500" role="button" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 20 20"><title>Close</title><path d="M14.348 14.849a1.2 1.2 0 0 1-1.697 0L10 11.819l-2.651 3.029a1.2 1.2 0 1 1-1.697-1.697l2.758-3.15-2.759-3.152a1.2 1.2 0 1 1 1.697-1.697L10 8.183l2.651-3.031a1.2 1.2 0 1 1 1.697 1.697l-2.758 3.152 2.758 3.15a1.2 1.2 0 0 1 0 1.698z"/></svg>
       </span>

diff --git a/components/Form.js b/components/Form.js
@@ -2,10 +2,10 @@ const PDFJS = require('pdfjs-dist')
 PDFJS.GlobalWorkerOptions.workerSrc = `https://cdnjs.cloudflare.com/ajax/libs/pdf.js/${PDFJS.version}/pdf.worker.js`
 
 import jsQR from "jsqr"
-import { saveAs } from 'file-saver'
+import {saveAs} from 'file-saver'
 
-import { decodeData } from "../src/decode"
-import { createPass } from "../src/pass"
+import {decodeData} from "../src/decode"
+import {createPass} from "../src/pass"
 import Card from "../components/Card"
 import Alert from "../components/Alert"
 
@@ -43,12 +43,12 @@ function Form() {
     const file = document.getElementById('pdf').files[0]
 
     const result = await readFileAsync(file)
-    var typedarray = new Uint8Array(result)
+    let typedArray = new Uint8Array(result)
 
     const canvas = document.getElementById('canvas')
     const ctx = canvas.getContext('2d')
 
-    var loadingTask = PDFJS.getDocument(typedarray)
+    let loadingTask = PDFJS.getDocument(typedArray)
     await loadingTask.promise.then(async function (pdfDocument) {
       const pdfPage = await pdfDocument.getPage(1)
       const viewport = pdfPage.getViewport({ scale: 1 })
@@ -63,8 +63,8 @@ function Form() {
       return await renderTask.promise
     })
 
-    var imageData = ctx.getImageData(0, 0, canvas.width, canvas.height)
-    var code = jsQR(imageData.data, imageData.width, imageData.height, {
+    let imageData = ctx.getImageData(0, 0, canvas.width, canvas.height)
+    let code = jsQR(imageData.data, imageData.width, imageData.height, {
       inversionAttempts: 'dontInvert',
     })
 
@@ -78,9 +78,7 @@ function Form() {
         error('Invalid QR code found', 'Make sure that you picked the correct PDF')
       }
 
-      const result = { decoded: decoded, raw: rawData }
-
-      return result
+      return {decoded: decoded, raw: rawData}
     } else {
       error('No QR code found', 'Try scanning the PDF again')
     }
@@ -119,7 +117,7 @@ function Form() {
         saveAs(passBlob, 'covid.pkpass')  
       }
     } catch (e) {
-      error('Error:', error.message)
+      error('Error:', e.message)
     } finally {
       document.getElementById('spin').style.display = 'none'
     }
@@ -155,7 +153,7 @@ function Form() {
               <option value="teal">teal</option>
             </select>
             <div className="absolute inset-y-0 right-0 flex items-center px-2 pointer-events-none">
-              <svg className="w-5 h-5 fill-current" viewBox="0 0 20 20"><path d="M5.293 7.293a1 1 0 011.414 0L10 10.586l3.293-3.293a1 1 0 111.414 1.414l-4 4a1 1 0 01-1.414 0l-4-4a1 1 0 010-1.414z" clipRule="evenodd" fillRule="evenodd"></path></svg>
+              <svg className="w-5 h-5 fill-current" viewBox="0 0 20 20"><path d="M5.293 7.293a1 1 0 011.414 0L10 10.586l3.293-3.293a1 1 0 111.414 1.414l-4 4a1 1 0 01-1.414 0l-4-4a1 1 0 010-1.414z" clipRule="evenodd" fillRule="evenodd"/></svg>
             </div>
           </div>
         } />
@@ -177,8 +175,8 @@ function Form() {
               </button>
               <div id="spin" style={{ "display": "none" }}>
                 <svg className="animate-spin h-5 w-5 ml-2" viewBox="0 0 24 24">
-                  <circle className="opacity-0" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4"></circle>
-                  <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"></path>
+                  <circle className="opacity-0" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4"/>
+                  <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"/>
                 </svg>
               </div>
             </div>

diff --git a/pages/api/config.js b/pages/api/config.js
@@ -0,0 +1,4 @@
+export default function handler(req, res) {
+    // Return the API_BASE_URL. This Endpoint allows us to access the env Variable in client javascript
+    res.status(200).json({ apiBaseUrl: process.env.API_BASE_URL })
+}
diff --git a/pages/index.js b/pages/index.js
@@ -1,7 +1,6 @@
 import { NextSeo } from 'next-seo';
 
 import Form from '../components/Form'
-import Logo from '../components/Logo'
 import Card from '../components/Card'
 import Page from '../components/Page'
 

diff --git a/src/constants.js b/src/constants.js
@@ -1,18 +1,19 @@
-exports.BASE_URL = 'https://raw.githubusercontent.com/ehn-dcc-development/ehn-dcc-valuesets/main/'
-exports.API_BASE_URL = 'https://api.covidpass.marvinsextro.de/'
+exports.VALUE_SET_BASE_URL = 'https://raw.githubusercontent.com/ehn-dcc-development/ehn-dcc-valuesets/main/'
 exports.VALUE_TYPES = {
-  medicalProducts: 'vaccine-medicinal-product.json',
-  countryCodes: 'country-2-codes.json',
-  manufacturers: 'vaccine-mah-manf.json',
+    medicalProducts: 'vaccine-medicinal-product.json',
+    countryCodes: 'country-2-codes.json',
+    manufacturers: 'vaccine-mah-manf.json',
 }
 exports.COLORS = {
-  white: 'rgb(255, 255, 255)',
-  black: 'rgb(0, 0, 0)',
-  grey: 'rgb(33, 33, 33)',
-  green: 'rgb(27, 94, 32)',
-  indigo: 'rgb(26, 35, 126)',
-  blue: 'rgb(1, 87, 155)',
-  purple: 'rgb(74, 20, 140)',
-  teal: 'rgb(0, 77, 64)',
+    white: 'rgb(255, 255, 255)',
+    black: 'rgb(0, 0, 0)',
+    grey: 'rgb(33, 33, 33)',
+    green: 'rgb(27, 94, 32)',
+    indigo: 'rgb(26, 35, 126)',
+    blue: 'rgb(1, 87, 155)',
+    purple: 'rgb(74, 20, 140)',
+    teal: 'rgb(0, 77, 64)',
 }
 exports.NAME = 'CovidPass'
+exports.PASS_IDENTIFIER = 'pass.de.marvinsextro.covidpass' // WELL KNOWN
+exports.TEAM_IDENTIFIER = 'X8Q7Q2RLTD' // WELL KNOWN
diff --git a/src/pass.js b/src/pass.js
@@ -1,41 +1,37 @@
 'use strict';
 
-const consts = require('./constants')
+const constants = require('./constants')
 const utils = require('./utils')
-const img = require('./img')
 
 const { Payload } = require('./payload')
 const { toBuffer } = require('do-not-zip')
 const crypto = require('crypto')
 
 exports.createPass = async function(data) {
-  async function getJSONfromURL(url) {
-    return await (await fetch(url)).json()
-  }
-
   function getBufferHash(buffer) {
     // creating hash
     const sha = crypto.createHash('sha1');
     sha.update(buffer);
     return sha.digest('hex');
   }
-  
+
   async function signPassWithRemote(pass, payload) {
     // From pass-js
     // https://github.com/walletpass/pass-js/blob/2b6475749582ca3ea742a91466303cb0eb01a13a/src/pass.ts
-    
+
     // Creating new Zip file
     const zip = []
-  
+
     // Adding required files
     // Create pass.json
     zip.push({ path: 'pass.json', data: Buffer.from(JSON.stringify(pass)) })
-
+    const passHash = getBufferHash(Buffer.from(JSON.stringify(pass)))
+
     zip.push({ path: 'icon.png', data: payload.img1x })
     zip.push({ path: '[email protected]', data: payload.img2x })
     zip.push({ path: 'logo.png', data: payload.img1x })
     zip.push({ path: '[email protected]', data: payload.img2x })
-  
+
     // adding manifest
     // Construct manifest here
     const manifestJson = JSON.stringify(
@@ -48,30 +44,34 @@ exports.createPass = async function(data) {
       ),
     );
     zip.push({ path: 'manifest.json', data: manifestJson });
-
-    const response = await fetch(consts.API_BASE_URL + 'sign_manifest', {
+
+    // Load API_BASE_URL form nextjs backend
+    const configResponse = await fetch('/api/config')
+    const apiBaseUrl = (await configResponse.json()).apiBaseUrl
+
+    const response = await fetch(`${apiBaseUrl}/sign`, {
         method: 'POST',
         headers: {
           'Accept': 'application/octet-stream',
           'Content-Type': 'application/json'
         },
         body: JSON.stringify({
-          manifest: manifestJson
+          PassJsonHash: passHash,
         })
     })
-    
-    if (response.status != 200) {
+
+    if (response.status !== 200) {
       return undefined
     }
-    
+
     const manifestSignature = await response.arrayBuffer()
-    
+
     zip.push({ path: 'signature', data: Buffer.from(manifestSignature) });
-  
+
     // finished!
     return toBuffer(zip);
   }
-  
+
   let valueSets
 
   try {
@@ -87,8 +87,6 @@ exports.createPass = async function(data) {
   } catch (e) {
     return undefined
   }
-
-  let signingIdentity = await getJSONfromURL(consts.API_BASE_URL + 'signing_identity')
 
   const qrCode = {
     message: payload.raw,
@@ -97,14 +95,14 @@ exports.createPass = async function(data) {
   }
 
   const pass = {
-    passTypeIdentifier: signingIdentity['pass_identifier'],
-    teamIdentifier: signingIdentity['pass_team_id'],
+    passTypeIdentifier: constants.PASS_IDENTIFIER,
+    teamIdentifier: constants.TEAM_IDENTIFIER,
     sharingProhibited: true,
     voided: false,
     formatVersion: 1,
-    logoText: consts.NAME,
-    organizationName: consts.NAME,
-    description: consts.NAME,
+    logoText: constants.NAME,
+    organizationName: constants.NAME,
+    description: constants.NAME,
     labelColor: payload.labelColor,
     foregroundColor: payload.foregroundColor,
     backgroundColor: payload.backgroundColor,
@@ -113,75 +111,74 @@ exports.createPass = async function(data) {
     barcode: qrCode,
     generic: {
       headerFields: [
-        { 
-          key: "type", 
-          label: "Certificate Type", 
-          value: payload.certificateType 
+        {
+          key: "type",
+          label: "Certificate Type",
+          value: payload.certificateType
         }
       ],
       primaryFields: [
-        { 
-          key: "name", 
-          label: "Name", 
-          value: payload.name 
+        {
+          key: "name",
+          label: "Name",
+          value: payload.name
         }
       ],
       secondaryFields: [
-        { 
-          key: "dose", 
-          label: "Dose", 
-          value: payload.dose 
+        {
+          key: "dose",
+          label: "Dose",
+          value: payload.dose
         },
-        { 
-          key: "dov", 
-          label: "Date of Vaccination", 
-          value: payload.dateOfVaccination, 
+        {
+          key: "dov",
+          label: "Date of Vaccination",
+          value: payload.dateOfVaccination,
           textAlignment: "PKTextAlignmentRight"
         }
       ],
       auxiliaryFields: [
-        { 
-          key: "vaccine", 
-          label: "Vaccine", 
-          value: payload.vaccineName 
+        {
+          key: "vaccine",
+          label: "Vaccine",
+          value: payload.vaccineName
         },
-        { 
-          key: "dob", 
-          label: "Date of Birth", value: 
-          payload.dateOfBirth, 
+        {
+          key: "dob",
+          label: "Date of Birth", value:
+          payload.dateOfBirth,
           textAlignment: "PKTextAlignmentRight"
         }
       ],
       backFields: [
-        { 
-          key: "uvci", 
-          label: "Unique Certificate Identifier (UVCI)", 
+        {
+          key: "uvci",
+          label: "Unique Certificate Identifier (UVCI)",
           value: payload.uvci
         },
-        { 
-          key: "issuer", 
-          label: "Certificate Issuer", 
-          value: payload.certificateIssuer 
+        {
+          key: "issuer",
+          label: "Certificate Issuer",
+          value: payload.certificateIssuer
         },
-        { 
-          key: "country", 
-          label: "Country of Vaccination", 
+        {
+          key: "country",
+          label: "Country of Vaccination",
           value: payload.countryOfVaccination
         },
-        { 
-          key: "manufacturer", 
-          label: "Manufacturer", 
-          value: payload.manufacturer 
+        {
+          key: "manufacturer",
+          label: "Manufacturer",
+          value: payload.manufacturer
         },
-        { 
-          key: "disclaimer", 
-          label: "Disclaimer", 
+        {
+          key: "disclaimer",
+          label: "Disclaimer",
           value: "This certificate is only valid in combination with the ID card of the certificate holder and expires one year + 14 days after the last dose. The validity of this certificate was not checked by CovidPass."
         }
       ]
     }
   };
 
-  let buf = await signPassWithRemote(pass, payload)
-  return buf
+  return await signPassWithRemote(pass, payload)
 }
diff --git a/src/utils.js b/src/utils.js
@@ -1,15 +1,15 @@
-const { VALUE_TYPES, BASE_URL } = require("./constants")
+const { VALUE_TYPES, VALUE_SET_BASE_URL } = require("./constants")
 const fetch = require("node-fetch")
 
 exports.getValueSets = async function() {
-  async function getJSONfromURL(url) {
+  async function getJSONFromURL(url) {
     return await (await fetch(url)).json()
   }
 
-  var valueSets = {}
+  let valueSets = {}
 
   for (const [key, value] of Object.entries(VALUE_TYPES)) {
-    valueSets[key] = await getJSONfromURL(BASE_URL + value)
+    valueSets[key] = await getJSONFromURL(VALUE_SET_BASE_URL + value)
   }
 
   return valueSets