home *** CD-ROM | disk | FTP | other *** search
/ PC World Komputer 2010 April / PCWorld0410.iso / pluginy Firefox / 8542 / 8542.xpi / chrome / lastpass.jar / content / loginlogicc.js < prev    next >
Text File  |  2010-02-14  |  28KB  |  84 lines
  1. this.lplogincheck=function(B){LP.mostRecent().setTimeout((function(){lp_logincheckhelper(B)}),100)};var lplastlogincheck=0;function lp_logincheckhelper(I,J,H,K){var M=(new Date()).getTime();if((M-lplastlogincheck)<1000){return}lplastlogincheck=M;lpSetupXHRIntercepts();yubikey_cleardata();sesame_cleardata();
  2. grid_cleardata();multifactor_cleardata();loginoffline(true,I);if(!lploggedin&&!lploggedinoffline){LP.lp_handle_buttons_all("loggingin")}var N="version="+LP.en(lpversion)+"&method=ff&hp="+(LP.IsHomePage()?"1":"0");N+=J?("&sessionid="+LP.en(J)):"";N+=H?("&wxusername="+LP.en(H)):"";N+=K?("&wxhash="+LP.en(K)):"";
  3. N+="&uuid="+LP.en(LP.getuuid());sesame_setdata("logincheckpostdata",N);var L=0;if(L){lpusername="";lpusername_hash="";lphash="";CHANGEKEY("");LP.mostRecent().setTimeout(function(){lpnp_notify("logincheck")},2000);return}LP.lpMakeRequest(LP.lp_base+"login_check.php",N,lpLoginCheckResponse,function(){lpLoginCheckErrorHandler(I,"makerequest")
  4. },I)}var lplogincheckerrorhandlercalled=0;function lpLoginCheckErrorHandler(E,F){var D=(new Date()).getTime();if((D-lplogincheckerrorhandlercalled)<1000){return}lplogincheckerrorhandlercalled=D;if(!lploggedin&&!lploggedinoffline){LP.lp_handle_buttons_all("off")}if(!lp_login_from_saved(E)){if(!lploggedinoffline){if(E=="httptest"&&lpopenloginstart){LP.lpOpenLogin()
  5. }else{if(F=="noexistingsession"||F=="nokeyfileA"||F=="nokeyfileB"){}else{if(F=="invalidresponse"||F=="exception"){lpshowError("LoginError",false,true)}else{if(F=="makerequest"){lpshowError("ErrorLoginMsg")}else{lpshowError("LoginError",false,true)}}}}}}}this.lplogin=function(F,H,G,E){LP.mostRecent().setTimeout((function(){lp_loginhelper(F,H,G,E);
  6. H="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}),100)};function lp_loginhelper(H,K,I,G){if(lpsendpipelogin){lpnp_notify("login",{data0:H,data1:K})}if(typeof(lpDeleteFile)=="function"){lpDeleteFile(H+"_lp.act.xml");
  7. lpDeleteFile(H+"_lps.act.xml")}lpSetupXHRIntercepts();yubikey_cleardata();sesame_cleardata();grid_cleardata();if(!G){multifactor_cleardata()}lpusername=H.toLowerCase().replace(/\s*/g,"");lpusername_hash=lp_sha256(lpusername);lphash=lp_sha256(lp_sha256(lpusername+K)+K);fix_toolbar_mode();CHANGEKEY(lp_hex2bin(lp_sha256(lpusername+K)));
  8. K="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";K="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
  9. lpRenameFile(lpusername_hash+"_lp.key",lpusername_hash+"_lp.act.key");lpRenameFile(lpusername_hash+"_lp.act.key",lpusername_hash+"_lp.act.lps");lpRenameFile(lpusername_hash+"_lp.act.lps",lpusername_hash+"_lpall.lps");if(!lploggedinoffline){loginoffline(true,I)}if(!lploggedin&&!lploggedinoffline){LP.lp_handle_buttons_all("loggingin")
  10. }var L="xml=2&username="+LP.en(lpusername)+"&method=ff&hash="+lphash+"&version="+LP.en(lpversion);L+="&hp="+(LP.IsHomePage()?"1":"0");L+="&encrypted_username="+LP.en(lpenc(lpusername));L+="&uuid="+LP.en(LP.getuuid());if(LP.lpdolostpwotp&&(!LP.lpprefsHasUserValue("StoreLostPWOTP")||LP.lpprefsGetBoolPref("StoreLostPWOTP"))){L+="&lostpwotphash="+LP.en(LP.GetOTPHash())
  11. }else{LP.DeleteOTP()}sesame_cleardata();sesame_setdata("postdata",L);sesame_setdata("from",I);yubikey_cleardata();yubikey_setdata("postdata",L);yubikey_setdata("from",I);grid_cleardata();grid_setdata("postdata",L);grid_setdata("from",I);if(!G){multifactor_cleardata()}multifactor_setdata("postdata",L);
  12. multifactor_setdata("from",I);L+="&otp=";L+="&sesameotp=";L+="&gridresponse=";L+="&multifactorresponse=";var J=0;if(J){if(I=="namedpipes"){lpuid="";lploggedin=true;lploggedinoffline=false;lpisadmin=false;lploglogins=false;lpemail="";lp_local_accts_version=-1;lp_server_accts_version=-1;lpLastPwPrompt=0;
  13. LP.lp_handle_buttons_all("in");return}lpusername="";lpusername_hash="";lphash="";CHANGEKEY("");LP.mostRecent().setTimeout(function(){lpnp_notify("logincheck")},2000);return}LP.lpMakeRequest(LP.lp_base+"login.php",L,lpLoginResponse,function(){lpLoginErrorHandler(I)},I)}var lploginerrorhandlercalled=0;
  14. function lpLoginErrorHandler(D){var C=(new Date()).getTime();if((C-lploginerrorhandlercalled)<1000){return}lploginerrorhandlercalled=C;if(!lploggedin&&!lploggedinoffline){LP.lp_handle_buttons_all("off")}loginoffline(false,D)}function loginoffline(b,a){var W=0;if(W){return}if(lp_local_key==""||lpusername==""||lpusername_hash==""){if(a=="frompipes"){return
  15. }var c=lp_getlastusercredentials();if(!c){return}var n=c.username;var p=c.password;lpusername=n.toLowerCase().replace(/\s*/g,"");lpusername_hash=lp_sha256(lpusername);lphash=lp_sha256(lp_sha256(lpusername+p)+p);fix_toolbar_mode();CHANGEKEY(lp_hex2bin(lp_sha256(lpusername+p)));p="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
  16. p="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";c.password="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
  17. c.password="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}if(b){if(lploggedinoffline){return}var V=readkeyfile(lpusername);if(!V){return}V=load_accounts_file(lpusername_hash,true,false);if(!V){return
  18. }V=V.substring(0,200);if(V.indexOf("type=sesameoffline\ndata=")>=0||V.indexOf("type=trueapioffline\ndata=")>=0||V.indexOf("type=yubikeyoffline\ndata=")>=0||V.indexOf("type=yubikeyofflinemulti\nkeys=")>=0){return}offlineloginsuccessful(a,true);return}if(lploggedinoffline){return}LP.lp_handle_buttons_all("off");
  19. var V=readkeyfile(lpusername);if(!V){lpshowError("LoginError",false,true);return}V=load_accounts_file(lpusername_hash,true,false);if(!V){lpshowError("LoginError",false,true);return}V=V.substring(0,1200);if(V.indexOf("type=sesameoffline\ndata=")>=0){var f="";while(true){f=sesame_getotp(null);if(f==""||f.length!=64){if(f.length>64){LP.alert(LP.lpgs("SesameWrongButton"));
  20. continue}lplogoff();lpshowError("LoginError",false,true);return}break}sesame_setdata("password_offline",f)}else{if(V.indexOf("type=trueapioffline\ndata=")>=0){var f="";if(multifactor_getdata("type")=="trueapi"){f=multifactor_getdata("password_offline")}if(!f||f.length!=64){f=lp_sha256(lp_sha256(fix_username(lpusername)+"trueapi"))
  21. }if(!f||f.length!=64){while(true){if(lpusexpcom()&&typeof(lpxpcomobj.trueapi_get_hash)=="function"){f=lpxpcomobj.trueapi_get_hash(lpusername)}if(f==""||f.length!=64){var Y=get_multifactor_disable_url(lpusername,"trueapi");lplogoff();lpshowError("LoginError",false,true,false,Y);return}break}}multifactor_setdata("password_offline",f);
  22. multifactor_setdata("type","trueapi")}else{if(V.indexOf("type=yubikeyoffline\ndata=")>=0){var f=yubikey_getotp(null);if(f==""||f.length!=44){lplogoff();lpshowError("LoginError",false,true);return}var k=f.substring(0,12);f=lp_sha256(lp_sha256(lp_sha256(fix_username("LastPassIsGreat")+k)+k));yubikey_setdata("password_offline",f)
  23. }else{if(V.indexOf("type=yubikeyofflinemulti\nkeys=")>=0){var f=yubikey_getotp(null);if(f==""||f.length!=44){lplogoff();lpshowError("LoginError",false,true);return}var k=f.substring(0,12);f=lp_sha256(lp_sha256(lp_sha256(fix_username("LastPassIsGreat")+k)+k));var m=V.indexOf("type=yubikeyofflinemulti\nkeys=");
  24. V=V.substring(m);var l=false;var o=V.indexOf("\n",30);if(o>0){var X=lp_sha256(f);var g=V.substring(30,o);V=V.substring(o+6);var d=g.split("&");var Z,e;for(Z=0;Z<d.length;++Z){e=d[Z].split("#");if(e.length==2){var h=e[0];var i=e[1];if(X==h){var j=lpdec(i,lp_hex2bin(f));if(j!=""){l=true;yubikey_setdata("password_offline",f);
  25. yubikey_setdata("password_keysline",g);yubikey_setdata("password_server",j)}}}}}if(!l){lplogoff();lpshowError("LoginError",false,true);return}}}}}offlineloginsuccessful(a,false)}function offlineloginsuccessful(F,G){OnAllLogins();lpuid="";lploggedin=true;lploggedinoffline=true;lpisadmin=false;lploglogins=false;
  26. lpemail="";lp_local_accts_version=-1;lp_server_accts_version=-1;lpLastPwPrompt=0;fix_toolbar_mode();LP.lp_handle_buttons_all("in");lpGetAccountsLocal(true);if(lpnotifytimerid){LP.mostRecent().clearTimeout(lpnotifytimerid);lpnotifytimerid=null}var H=G?30000:0;lpnotifytimerid=LP.mostRecent().setTimeout('LP.notifyoffline("'+F+'");',H);
  27. if(lpretryonlinetimerid){LP.mostRecent().clearTimeout(lpretryonlinetimerid);lpretryonlinetimerid=null}var E=30000;lpretryonlinetimerid=LP.mostRecent().setTimeout("LP.retryonlinelogin("+E+");",E)}function OnAllLogins(){LP.lpprefsSetBoolPref("ffhasloggedin",true,false);LP.SetupUserPreferences();LP.lpSetupIdleTimer();
  28. if(!LP.lpprefsHasUserValue("ffhasloggedinsuccessfully",false)){LP.lpprefsSetBoolPref("ffhasloggedinsuccessfully",true,false);LP.flush_prefs()}}this.notifyoffline=function(B){if(!lploggedin||!lploggedinoffline){return}lp_showNotification("LoggedInOffline",null,0,"offline");if((B=="pluginlogin"||B=="createaccount")&&(!LP.lpprefsHasUserValue("showHomepageAfterLogin",false)||LP.lpprefsGetBoolPref("showHomepageAfterLogin",false))){launchHomeIf()
  29. }};this.retryonlinelogin=function(F){if(!lploggedin||!lploggedinoffline){return}var E=(F/(60*1000));LP.lplogincheck("retryonline");var D=2*F;if(D>20*60000){D=20*60000}LP.mostRecent().setTimeout("LP.retryonlinelogin("+D+");",D)};function readenckeyfromkeyfile(E){var F=readkeyfile(E,null,false);if(!F){return null
  30. }var D=F.split("\n");return D[0]}function readkeyfile(K,N,R){var O=(typeof(N)=="undefined"||N==null)?lp_local_key:N;var Q=(typeof(R)=="undefined"||R)?true:false;var S=lp_sha256(K);var T=lpReadFile(S+"_lpall.slps");if(!T){T=lpReadFile(S+"_lpall.lps");if(T){var M=lp_protect_data(T,true);lpWriteFile(S+"_lpall.slps",M);
  31. lpDeleteFile(S+"_lpall.lps")}else{T=lpReadFile(K+"_lp.act.lps");if(!T){return null}lpRenameFile(K+"_lp.act.lps",S+"_lpall.lps")}}else{T=lp_unprotect_data(T,true)}var P=T.split("\n");if(P.length!=2){return null}if(Q){if(O==""){return null}var L=lpdec(P[1],O,true);if(L!="lastpass rocks"){return null}}return T
  32. }function lpLoginCheckResponse(y,n,k){try{if(!y||y.readyState!=4){return}if(y.status!=200||y.responseXML==null||y.responseXML.documentElement==null){if(typeof(n)=="function"){n()}return}var o=y.responseXML.documentElement;var p=o.getElementsByTagName("ok");if(!p||p.length==0){var j=o.getElementsByTagName("error");
  33. if(j&&j.length>0&&j[0].hasAttribute("invalidsession")){lplogoff();LP.lpClearCache(true,false,false);lpopen(LP.lp_base+"invalidsession.php",true);lpshowError("LoginError",false,true);return}if((j&&j.length>0&&j[0].hasAttribute("silent")&&parseInt(j[0].getAttribute("silent"))==1)){if(!LP.lpprefsHasUserValue("ffhasloggedin",false)){LP.lpprefsSetBoolPref("ffhasloggedin",true,false);
  34. LP.flush_prefs();if(!lphidewelcome){LP.OpenCreateAccount()}}lpLoginCheckErrorHandler(k,"noexistingsession");return}lpReportError("login_check.php returned invalid response text="+y.responseText);lpLoginCheckErrorHandler(k,"invalidresponse");return}lppwdeckey=lp_hex2bin(lp_sha256(p[0].getAttribute("pwdeckey")));
  35. lpusername=p[0].getAttribute("lpusername");lpusername_hash=lp_sha256(lpusername);lpuid=p[0].getAttribute("uid");var g=(k=="websitelogin"||k=="webrootwebsitelogin"||k=="websiterefresh"||k=="websiterefreshrsa"||k=="frompipes")?true:false;if(!g&&k!="preferences"&&LP.lpprefsHasUserValue("logOffWhenCloseBrowser")&&LP.lpprefsGetBoolPref("logOffWhenCloseBrowser")){var i=LP.lpprefsHasUserValue("lastpollcheck")?LP.lpprefsGetIntPref("lastpollcheck"):0;
  36. var a=LP.lpprefsHasUserValue("logOffWhenCloseBrowserVal")?LP.lpprefsGetIntPref("logOffWhenCloseBrowserVal"):0;var r=lp_get_gmt_timestamp()-i;if(r>=a*60){lplogoff();return}}var b;if(lp_local_key==""){var l=readenckeyfromkeyfile(lpusername);if(!l){lpLoginCheckErrorHandler(k,"nokeyfileA");return}b=lp_hex2bin(lpdec(l,lppwdeckey,true));
  37. var c=readkeyfile(lpusername,b);if(!c){lpLoginCheckErrorHandler(k,"nokeyfileB");return}}if(k=="httptest"){var s=(p[0].getAttribute("sesamepassword")!=null&&p[0].getAttribute("sesamepassword")!="")?true:false;var t=(p[0].getAttribute("yubikeyenabled")!=null&&p[0].getAttribute("yubikeyenabled")=="1")?true:false;
  38. var h=(p[0].getAttribute("multifactorenabled")!=null&&p[0].getAttribute("multifactorenabled")!="")?true:false;var m=(p[0].getAttribute("sesameotpok")!=null&&p[0].getAttribute("sesameotpok")!="")?true:false;var u=(p[0].getAttribute("yubikeyotpok")!=null&&p[0].getAttribute("yubikeyotpok")!="")?true:false;
  39. var z=(p[0].getAttribute("multifactorresponseok")!=null&&p[0].getAttribute("multifactorresponseok")!="")?true:false;if(s){if(m){}else{var q=sesame_getotp(lpusername);if(q==""){lplogoff();lpshowError("LoginError",false,true);return}var d=sesame_getdata("logincheckpostdata")+"&sesameotp="+encodeURIComponent(q);
  40. if(sesame_getdata("label")){d+="&trustlabel="+LP.en(sesame_getdata("label"))}LP.lpMakeRequest(LP.lp_base+"login_check.php",d,lpLoginCheckResponse,function(){lpLoginCheckErrorHandler(k,"makerequest")},k);return}}if(t){if(u){}else{var q=yubikey_getotp(lpusername);if(q==""){lplogoff();lpshowError("LoginError",false,true);
  41. return}var d=sesame_getdata("logincheckpostdata")+"&otp="+encodeURIComponent(q);if(yubikey_getdata("label")){d+="&trustlabel="+LP.en(yubikey_getdata("label"))}LP.lpMakeRequest(LP.lp_base+"login_check.php",d,lpLoginCheckResponse,function(){lpLoginCheckErrorHandler(k,"makerequest")},k);return}}if(!checkGridEnabled(p,k)){return
  42. }if(h){if(z){}else{var v=p[0].getAttribute("type");var w="";if(v=="trueapi"){var x=lp_sha256(lp_sha256(fix_username(lpusername)+v));if(x.length!=64){if(lpusexpcom()&&typeof(lpxpcomobj.trueapi_get_hash)=="function"){x=lpxpcomobj.trueapi_get_hash(lpusername)}}multifactor_setdata("password_offline",x);multifactor_setdata("type",v);
  43. w=x!=""?lp_sha256(x+p[0].getAttribute("challenge")):""}if(w==""){var e=get_multifactor_disable_url(lpusername,v);lplogoff();lpshowError("LoginError",false,true,false,e);return}var d=sesame_getdata("logincheckpostdata")+"&multifactorresponse="+encodeURIComponent(w);if(multifactor_getdata("label")){d+="&trustlabel="+LP.en(multifactor_getdata("label"))
  44. }if(p[0].getAttribute("wxsessid")){d+="&wxsessid="+LP.en(p[0].getAttribute("wxsessid"))}LP.lpMakeRequest(LP.lp_base+"login_check.php",d,lpLoginCheckResponse,function(){lpLoginCheckErrorHandler(k,"makerequest")},k);return}}}if(lp_local_key==""){CHANGEKEY(b)}else{}lpLoginCommon(p,k,true)}catch(f){lpReportError("Failure in lpLoginCheckResponse: "+f+" ln: "+f.lineNumber);
  45. lpLoginCheckErrorHandler(k,"exception")}}function checkGridEnabled(J,H){if(H!="httptest"){return true}var I=(J[0].getAttribute("gridenabled")!=null&&J[0].getAttribute("gridenabled")!="")?true:false;var L=(J[0].getAttribute("gridresponseok")!=null&&J[0].getAttribute("gridresponseok")!="")?true:false;if(I){if(L){}else{var G=grid_getvalues(lpusername,J[0].getAttribute("challenge"));
  46. if(G==""){lplogoff();lpshowError("LoginError",false,true);return}var K=sesame_getdata("logincheckpostdata")+"&gridresponse="+encodeURIComponent(G);if(grid_getdata("label")){K+="&trustlabel="+LP.en(grid_getdata("label"))}if(J[0].getAttribute("wxsessid")){K+="&wxsessid="+LP.en(J[0].getAttribute("wxsessid"))
  47. }LP.lpMakeRequest(LP.lp_base+"login_check.php",K,lpLoginCheckResponse,function(){lpLoginCheckErrorHandler(H,"makerequest")},H);return false}}return true}function lpLoginResponse(a,T,W){try{if(!a||a.readyState!=4){return}if(a.status!=200||a.responseXML==null||a.responseXML.documentElement==null){lpReportError("Problem with login response. status="+a.status+" text="+a.responseText,null);
  48. if(typeof(T)=="function"){T()}return}var f=a.responseXML.documentElement;var Z=f.getElementsByTagName("ok");if(!Z||Z.length==0){var b=f.getElementsByTagName("error");var Q=b.length==0?"":a.responseText;if(b&&b.length>0&&b[0].hasAttribute("invalidsession")){lplogoff();LP.lpClearCache(true,false,false);
  49. lpopen(LP.lp_base+"invalidsession.php",true);lpshowError("LoginError",false,true);return}if(Q&&Q.indexOf("blacklist")>0){lplogoff();LP.lpClearCache(true,false,false);lpshowError("Blacklist",false,true);return}if(Q&&Q.indexOf("sesameotprequired")>0){LP.lpClearCache(true,false,false);var U=sesame_getotp(lpusername);
  50. if(U==""){lplogoff();lpshowError("LoginError",false,true);return}var Y=sesame_getdata("postdata")+"&sesameotp="+encodeURIComponent(U);var R=sesame_getdata("from");if(sesame_getdata("label")){Y+="&trustlabel="+LP.en(sesame_getdata("label"))}LP.lpMakeRequest(LP.lp_base+"login.php",Y,lpLoginResponse,function(){lpLoginErrorHandler(R)
  51. },R);return}if(Q&&Q.indexOf("sesameotpfailed")>0){LP.lpClearCache(true,false,false);lplogoff();lpshowError("LoginError",false,true);return}if(Q&&Q.indexOf("otprequired")>0){LP.lpClearCache(true,false,false);var U=yubikey_getotp(lpusername);if(U==""){lplogoff();lpshowError("LoginError",false,true);return
  52. }var Y=yubikey_getdata("postdata")+"&otp="+encodeURIComponent(U);var R=yubikey_getdata("from");if(yubikey_getdata("label")){Y+="&trustlabel="+LP.en(yubikey_getdata("label"))}LP.lpMakeRequest(LP.lp_base+"login.php",Y,lpLoginResponse,function(){lpLoginErrorHandler(R)},R);return}if(Q&&Q.indexOf("otpfailed")>0){LP.lpClearCache(true,false,false);
  53. lplogoff();lpshowError("LoginError",false,true);return}if(Q&&Q.indexOf("gridresponserequired")>0){LP.lpClearCache(true,false,false);var V=grid_getvalues(lpusername,b[0].getAttribute("challenge"));if(V==""){lplogoff();lpshowError("LoginError",false,true);return}var Y=grid_getdata("postdata")+"&gridresponse="+encodeURIComponent(V);
  54. var R=grid_getdata("from");if(grid_getdata("label")){Y+="&trustlabel="+LP.en(grid_getdata("label"))}if(b[0].getAttribute("wxsessid")){Y+="&wxsessid="+LP.en(b[0].getAttribute("wxsessid"))}LP.lpMakeRequest(LP.lp_base+"login.php",Y,lpLoginResponse,function(){lpLoginErrorHandler(R)},R);return}if(Q&&Q.indexOf("gridresponsefailed")>0){LP.lpClearCache(true,false,false);
  55. lplogoff();lpshowError("LoginError",false,true);return}if(Q&&Q.indexOf("multifactorresponserequired")>0){LP.lpClearCache(true,false,false);var c=b[0].getAttribute("type");var V="";if(c=="trueapi"){var e="";if(multifactor_getdata("type")=="trueapi"){e=multifactor_getdata("password_offline")}if(!e||e.length!=64){e=lp_sha256(lp_sha256(fix_username(lpusername)+c))
  56. }if(!e||e.length!=64){if(lpusexpcom()&&typeof(lpxpcomobj.trueapi_get_hash)=="function"){e=lpxpcomobj.trueapi_get_hash(lpusername)}}multifactor_setdata("password_offline",e);multifactor_setdata("type",c);V=e!=""?lp_sha256(e+b[0].getAttribute("challenge")):""}if(V==""){var X=get_multifactor_disable_url(lpusername,c);
  57. lplogoff();lpshowError("LoginError",false,true,false,X);return}var Y=multifactor_getdata("postdata")+"&multifactorresponse="+encodeURIComponent(V);var R=multifactor_getdata("from");if(multifactor_getdata("label")){Y+="&trustlabel="+LP.en(multifactor_getdata("label"))}if(b[0].getAttribute("wxsessid")){Y+="&wxsessid="+LP.en(b[0].getAttribute("wxsessid"))
  58. }LP.lpMakeRequest(LP.lp_base+"login.php",Y,lpLoginResponse,function(){lpLoginErrorHandler(R)},R);return}if(Q&&Q.indexOf("multifactorresponsefailed")>0){var X=get_multifactor_disable_url(lpusername,b[0].getAttribute("type"));LP.lpClearCache(true,false,false);lplogoff();lpshowError("LoginError",false,true,false,X);
  59. return}if(Q&&Q.indexOf("unknownemail")>0){lplogoff();lpshowError(b[0].getAttribute("message")?b[0].getAttribute("message"):"LoginError",false,true,true);return}if(Q&&Q.indexOf("unknownpassword")>0){lplogoff();lpshowError(b[0].getAttribute("message")?b[0].getAttribute("message"):"LoginError",false,true);
  60. return}if(Q&&Q.indexOf("iprestriction")>0){LP.lpClearCache(true,false,false);lplogoff();lpshowError(b[0].getAttribute("message")?b[0].getAttribute("message"):"LoginError",false,true);return}if(b&&b.length>0&&b[0].hasAttribute("cause")){var S=b[0].getAttribute("cause");lplogoff();lpshowError((b.length>0&&b[0].getAttribute("message"))?b[0].getAttribute("message"):"LoginError",false,true);
  61. return}lpReportError("login.php returned invalid response text="+a.responseText);lpLoginErrorHandler(W);return}lppwdeckey=lp_hex2bin(lp_sha256(Z[0].getAttribute("pwdeckey")));lpusername=Z[0].getAttribute("lpusername");lpusername_hash=lp_sha256(lpusername);lpuid=Z[0].getAttribute("uid");lpWriteKeyFile();
  62. lpLoginCommon(Z,W,false)}catch(d){lpReportError("Failure in lpLoginResponse: "+d+" ln: "+d.lineNumber);lpLoginErrorHandler(W)}}function lpLoginCommon(U,T,N){lploggedinoffline=false;if(N==null||typeof(N)=="undefined"){N=true}if(lpnotifytimerid){LP.mostRecent().clearTimeout(lpnotifytimerid);lpnotifytimerid=null
  63. }if(lpretryonlinetimerid){LP.mostRecent().clearTimeout(lpretryonlinetimerid);lpretryonlinetimerid=null}lpRenameFile(lpusername_hash+"_lp.key",lpusername_hash+"_lp.act.key");lpRenameFile(lpusername_hash+"_lp.act.key",lpusername_hash+"_lp.act.lps");sesame_setdata("password_offline",U[0].getAttribute("sesamepassword"));
  64. yubikey_setdata("password_offline",U[0].getAttribute("yubikeyhash"));yubikey_setdata("password_keysline",U[0].getAttribute("yubikeykeysline"));yubikey_setdata("password_server",U[0].getAttribute("yubikeyserverpassword"));grid_setdata("password_offline",U[0].getAttribute("gridpassword"));lpdisableoffline=U[0].getAttribute("disableoffline")==1?1:0;
  65. if(lpdisableoffline){LP.lpClearCache(true,false,false)}fix_toolbar_mode();lprsa_setprivatekeyenchash(U);LP.lphelpstats=new lpobjhelpstats();LP.lphelpstats.currentlyopen=false;LP.lphelpstats.wino=null;LP.lphelpstats.highlighthelp=(U[0].getAttribute("hih")=="1"?true:false);LP.lphelpstats.genpwhelp=(U[0].getAttribute("genh")=="1"?true:false);
  66. LP.lphelpstats.addsitehelp=(U[0].getAttribute("addh")=="1"?true:false);countryfromip=U[0].getAttribute("country");lpbUpdateAvailable=(U[0].getAttribute("upgrade")=="1"?true:false);logoff_other_ses=(U[0].getAttribute("logoff_other_ses")=="1"?true:false);set_secprompts(U[0],"login");var M=(LP.lpprefsHasUserValue("singlefactortype",false)?LP.lpprefsGetCharPref("singlefactortype",false):"");
  67. if(U[0].getAttribute("multifactor_singlefactor")=="1"){if(M==""){if(multifactor_getdata("type")=="trueapi"){if(lpusexpcom()&&typeof(lpxpcomobj.trueapi_default_login_exists)=="function"){if(lpxpcomobj.trueapi_default_login_exists(lpusername)){LP.lpprefsSetCharPref("singlefactortype",multifactor_getdata("type"),false);
  68. LP.lpprefsSetBoolPref("openloginstart",true,false);LP.flush_prefs()}}}}}else{if(M!=""){LP.disable_single_factor()}}var X=T=="websiterefreshrsa"?true:false;lprsa_login(X,U);if(LP.lpdolostpwotp&&U[0].hasAttribute("lostpwotpresult")){var Q=lpFileExists(lpusername_hash+"_lps.act.sxml")||lpFileExists(lpusername_hash+"_lps.act.xml");
  69. if(Q&&!LP.lpprefsHasUserValue("StoreLostPWOTP")){LP.lpprefsSetBoolPref("StoreLostPWOTP",true)}else{if(!LP.lpprefsHasUserValue("StoreLostPWOTP")){LP.lpprefsSetBoolPref("StoreLostPWOTP",true)}}}if(LP.lpdolostpwotp&&(!LP.lpprefsHasUserValue("StoreLostPWOTP")||LP.lpprefsGetBoolPref("StoreLostPWOTP"))){if(U[0].hasAttribute("lostpwotpresult")&&U[0].getAttribute("lostpwotpresult")!="ok"){LP.DeleteOTP();
  70. LP.MakeOTP()}}LP.lpCloseNotifications();lploggedin=true;lpisadmin=parseInt(U[0].getAttribute("isadmin"))==1;lploglogins=parseInt(U[0].getAttribute("loglogins"))==1;lpemail=U[0].getAttribute("email");lp_local_accts_version=-1;lp_server_accts_version=parseInt(U[0].getAttribute("accts_version"));LP.lp_handle_buttons_all("in");
  71. lp_phpsessid=lp_get_phpsessid();var W=U[0].getAttribute("sessionid");if(lp_phpsessid!=W&&W!=""){lp_phpsessid=W}if(!N&&!lpsendpipelogin){lpnp_notify("internal_logincheck_ack",{data0:lp_phpsessid,data1:lpusername,data2:LP.GetIdentity()})}try{var V=(U[0].getAttribute("ignoreminor")=="0"?false:true);var O=U[0].getAttribute("reqdversion");
  72. if(lpversion!=""&&O!=""&&CompareLastPassVersions(lpversion,O,V)<0){LP.alert(LP.lpgs("A required update is available for LastPass. Please press OK to begin download and installation."));LP.lpUpdate()}}catch(S){}OnAllLogins();lppopulateaccountsfromlogin=true;lpGetAccountsLocal();if(T=="pluginlogin"||T=="createaccount"){lprefreshwindows()
  73. }var P=lp_get_gmt_timestamp();LP.lpprefsSetIntPref("lastpollcheck",P);LP.flush_prefs();lastpoll=P;if(LP.lpdopoll){LP.setupPollTimer()}if(login_from_welcome){login_from_welcome=false;loginOkAfterCreate()}else{if((T=="pluginlogin"||T=="createaccount")&&(!LP.lpprefsHasUserValue("showHomepageAfterLogin",false)||LP.lpprefsGetBoolPref("showHomepageAfterLogin",false)==true)){launchHomeIf()
  74. }}var R=lpgeticonsversion();if(R==""){R="0"}if(parseInt(R)<parseInt(U[0].getAttribute("iconsversion"))){LP.lpMakeRequest(LP.lp_base+"geticon.php","versionff="+LP.en(R),lpIconsResponse)}LP.lpretryrequests()}function lp_getlastusercredentials(){var F=lp_get_loginusers();if(F.length==0){return null}var H=F[0];
  75. var E=lp_get_loginpws();if(typeof(E[H])=="undefined"){return null}var G=E[H];return{username:H,password:G}}function lp_login_from_saved(F){var H=lp_getlastusercredentials();if(!H){return false}var G=H.username;var E=H.password;LP.lplogin(G,E,F);return true}function lp_get_loginusers(I){var H="";if(LP.lpprefsHasUserValue("loginusers",false)){H=LP.lpprefsGetCharPref("loginusers",false)
  76. }var G=new Array();var J=encodeURIComponent(I);if(typeof(I)!="undefined"&&I!=""&&H.indexOf(J)==-1){H=J+"|"+H}if(H!=""){G=H.split("|");for(var F=0;F<G.length;F++){G[F]=decodeURIComponent(G[F])}}return G}function lp_get_loginpws(){var P="";if(LP.lpprefsHasUserValue("loginpws",false)){P=lp_unprotect_data(LP.lpprefsGetCharPref("loginpws",false))
  77. }var L=new Array();var M=new Array();if(P!=""){L=P.split("|");for(var N=0;N<L.length;N++){var J=L[N].split("=");if(typeof(J[1])!="undefined"){var I=decodeURIComponent(J[0]);var K=decodeURIComponent(J[1]);var O=lp_hex2bin(lp_sha256(I));K=lpdec(K,O);M[I]=K}else{}}}return M}this.have_loginpw=function(D){var C=lp_get_loginpws();
  78. return typeof(C[D])!="undefined"&&C[D]};this.delete_loginpw=function(D){var C=lp_get_loginpws();if(typeof(C[D])!="undefined"){C[D]=null}save_loginpws(C)};function lp_lpOpenLoginHelper(D,C){if(!lploggedin){LP.lpGetCurrentWindow().setTimeout(function(){if(!lploggedin){LP.lpOpenLogin(D.extra)}},500)}}this.lpOpenLogin=function(M,I){var N={logincase:1};
  79. if(typeof(I)!="undefined"&&I!=null&&I!=""){N.sesameusername=I}if(lploggedin){lplogoff()}else{if(M&&typeof(M)=="function"){lpdelayedFunction=M}else{lpdelayedFunction=null}var O=(LP.lpprefsHasUserValue("singlefactortype",false)?LP.lpprefsGetCharPref("singlefactortype",false):"");if(O=="trueapi"&&lpusexpcom()&&typeof(lpxpcomobj.trueapi_default_login_exists)=="function"&&lpxpcomobj.trueapi_default_login_exists("")){var J={},P={},L={};
  80. if(lpxpcomobj.trueapi_get_default_login(J,P,L)){multifactor_setdata("password_offline",L.value);multifactor_setdata("type",O);LP.lplogin(J.value,P.value,"pluginlogin",L.value!="");return}}var K="content/login.xul";LP.lpGetCurrentWindow().openDialog(lpchrome_base+K,"_blank","chrome,titlebar,toolbar,centerscreen,modal",N)
  81. }};this.httptest=function(){if(!lploggedin){if(typeof(lpSetupXHRIntercepts)=="function"){lpSetupXHRIntercepts()}loginoffline(true,"httptest");var B=LP.lp_base+"httptest.php";B=B.replace(/^https:\/\//,"http://");LP.lpMakeRequest(B,"",httptestresponse,httptesterror)}};function httptestresponse(J){try{if(J&&J.readyState==4){if(J.status==200&&J.responseXML!=null&&J.responseXML.documentElement!=null){var G=J.responseXML.documentElement;
  82. var F=G.getElementsByTagName("ok");if(F.length>0){var H=F[0].getAttribute("lastpass");if(H=="1"){LP.lplogincheck("httptest");return}}}httptesterror()}}catch(I){httptesterror()}}function httptesterror(){LP.setTimeout(function(){LP.httptest()},300000)}function get_multifactor_disable_url(D,C){return"multifactordisable.php?cmd=sendemail&username="+encodeURIComponent(D)+"&type="+encodeURIComponent(C)
  83. };
  84.