fix(frontend): fix early access authentication

Cargo.lock

@@ -1423,7 +1423,7 @@ dependencies = [
  "walkdir",
  "webbrowser",
  "which",
- "widestring 0.5.0",
+ "widestring",
  "winapi 0.3.9",
  "winres",
  "wry",
@@ -3364,7 +3364,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ecad156490d6b620308ed411cfee90d280b3cbd13e189ea0d3fada8acc89158a"
 dependencies = [
  "web-sys",
- "widestring 0.4.3",
+ "widestring",
  "winapi 0.3.9",
 ]
 
@@ -3423,7 +3423,7 @@ dependencies = [
  "com",
  "once_cell",
  "webview2-sys",
- "widestring 0.4.3",
+ "widestring",
  "winapi 0.3.9",
 ]
 
@@ -3454,12 +3454,6 @@ version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c168940144dd21fd8046987c16a46a33d5fc84eec29ef9dcddc2ac9e31526b7c"
 
-[[package]]
-name = "widestring"
-version = "0.5.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15be6395051be4e41efeee975b7561b8c602ba30204bfa35fefa0f85582075b6"
-
 [[package]]
 name = "winapi"
 version = "0.2.8"

Cargo.toml

@@ -57,7 +57,7 @@ which = "4.0"
 
 [target.'cfg(windows)'.dependencies]
 winapi = { version = "0.3", features = ["psapi", "winbase", "winioctl", "winnt"] }
-widestring = "0.5"
+widestring = "0.4"
 
 [target.'cfg(not(windows))'.dependencies]
 sysinfo = "0.20"

src/frontend/rest/services/authentication.rs

@@ -128,14 +128,10 @@ pub fn validate_token(
 ) -> Result<JWTClaims, String> {
     // Get the public key for this authentication url
     let pub_key = if pub_key_base64.is_empty() {
-        DecodingKey::from_secret(&[])
+        vec![]
     } else {
-        DecodingKey::from_base64_secret(&pub_key_base64).map_err(|e| {
-            format!(
-                "Configured public key was not empty and did not decode as base64 {:?}",
-                e
-            )
-        })?
+        base64::decode(&pub_key_base64)
+            .map_err(|e| format!("Configured public key was not empty and did not decode as base64 {:?}", e))?
     };
 
     // Configure validation for audience and issuer if the configuration provides it
@@ -153,7 +149,7 @@ pub fn validate_token(
     validation.validate_exp = false;
     validation.validate_nbf = false;
     // Verify the JWT token
-    decode::<JWTClaims>(&body, &pub_key, &validation)
+    decode::<JWTClaims>(&body, &DecodingKey::from_rsa_der(&pub_key), &validation)
         .map(|tok| tok.claims)
         .map_err(|err| {
             format!(

src/native/mod.rs

@@ -20,7 +20,6 @@ mod natives {
     use std::env;
     use std::os::windows::ffi::OsStrExt;
     use std::path::Path;
-    use std::process::Command;
 
     use winapi::shared::minwindef::{DWORD, FALSE, MAX_PATH};
 

ui/.browserslistrc

@@ -1,3 +1 @@
 > 1%
-last 2 versions
-not ie <= 11

ui/src/main.js

@@ -10,6 +10,9 @@ import messages from './locales/messages.json'
 import 'buefy/dist/buefy.css'
 import '@mdi/font/css/materialdesignicons.min.css'
 
+// HACK: disables context menu
+document.addEventListener('contextmenu', event => event.preventDefault())
+
 Vue.config.productionTip = false
 Vue.use(Buefy)
 Vue.use(VueI18n)

ui/src/views/AuthenticationView.vue

@@ -19,9 +19,9 @@
     <section>
       <p>{{ $t('auth.token') }}</p>
       <b-field>
-        <b-input type="text" v-model="combined_token" placeholder="Token" id="token" style='width: 50em;'></b-input>
+        <b-input type="text" v-model="combined_token" placeholder="Token" id="token" style='width: 80%;'></b-input>
         <p class="control">
-          <button class="button is-info" v-on:click="paste">{{ $t('auth.paste') }}</button>
+          <b-button type="is-info" v-on:click="paste">{{ $t('auth.paste') }}</b-button>
         </p>
       </b-field>
     </section>
@@ -130,7 +130,10 @@ export default {
     },
     paste: function () {
       document.getElementById('token').focus()
-      document.execCommand('paste')
+      const that = this
+      navigator.clipboard.readText().then(function (v) {
+        that.combined_token = v
+      }).catch(function () {})
     },
     launch_browser: function (url) {
       const that = this