horok/firefox
1
0
Fork 0
Code Activity
firefox/dom/credentialmanagement/identity/IdentityCredential.cpp
Daniel Baumann 5e9a113729
Adding upstream version 140.0. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-25 09:37:52 +02:00

2067 lines
83 KiB
C++
Raw Permalink Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "mozilla/dom/ContentChild.h"
#include "mozilla/dom/Document.h"
#include "mozilla/dom/Fetch.h"
#include "mozilla/dom/IdentityCredential.h"
#include "mozilla/dom/IdentityNetworkHelpers.h"
#include "mozilla/dom/Promise.h"
#include "mozilla/dom/Promise-inl.h"
#include "mozilla/dom/Request.h"
#include "mozilla/dom/WindowGlobalChild.h"
#include "mozilla/Components.h"
#include "mozilla/CredentialChosenCallback.h"
#include "mozilla/ExpandedPrincipal.h"
#include "mozilla/IdentityCredentialRequestManager.h"
#include "mozilla/NullPrincipal.h"
#include "mozilla/Preferences.h"
#include "nsICredentialChooserService.h"
#include "nsIEffectiveTLDService.h"
#include "nsIGlobalObject.h"
#include "nsIIdentityCredentialPromptService.h"
#include "nsIIdentityCredentialStorageService.h"
#include "nsIPermissionManager.h"
#include "nsITimer.h"
#include "nsIXPConnect.h"
#include "nsNetUtil.h"
#include "nsString.h"
#include "nsStringStream.h"
#include "nsTArray.h"
#include "nsURLHelper.h"
#include <utility>
namespace mozilla::dom {
IdentityCredential::~IdentityCredential() = default;
JSObject* IdentityCredential::WrapObject(JSContext* aCx,
JS::Handle<JSObject*> aGivenProto) {
return IdentityCredential_Binding::Wrap(aCx, this, aGivenProto);
}
IdentityCredential::IdentityCredential(nsPIDOMWindowInner* aParent)
: Credential(aParent) {
if (aParent && aParent->GetBrowsingContext() &&
aParent->GetBrowsingContext()->Top() &&
aParent->GetBrowsingContext()->Top()->GetDocument()) {
this->mIdentityProvider =
aParent->GetBrowsingContext()->Top()->GetDocument()->GetPrincipal();
}
}
IdentityCredential::IdentityCredential(nsPIDOMWindowInner* aParent,
const IPCIdentityCredential& aOther)
: Credential(aParent) {
CopyValuesFrom(aOther);
}
void IdentityCredential::CopyValuesFrom(const IPCIdentityCredential& aOther) {
this->SetId(aOther.id());
this->SetType(u"identity"_ns);
IdentityCredentialInit creationOptions;
if (aOther.token().isSome()) {
this->mToken = aOther.token().value();
creationOptions.mToken.Construct(
NS_ConvertUTF16toUTF8(aOther.token().value()));
}
if (aOther.effectiveQueryURL().isSome()) {
creationOptions.mEffectiveQueryURL.Construct(
aOther.effectiveQueryURL().value());
}
if (aOther.effectiveOrigins().Length() > 0) {
creationOptions.mEffectiveOrigins.Construct(
Sequence(aOther.effectiveOrigins().Clone()));
}
if (aOther.effectiveType().isSome()) {
creationOptions.mEffectiveType.Construct(aOther.effectiveType().value());
}
creationOptions.mId = aOther.id();
IdentityCredentialUserData userData;
if (aOther.name().isSome()) {
userData.mName = aOther.name()->Data();
}
if (aOther.iconURL().isSome()) {
userData.mIconURL = aOther.iconURL()->Data();
}
if (aOther.infoExpiresAt().isSome()) {
int64_t now = PR_Now() / PR_USEC_PER_MSEC;
uint64_t difference = 0;
if (static_cast<uint64_t>(now) < aOther.infoExpiresAt().value()) {
difference = aOther.infoExpiresAt().value() - static_cast<uint64_t>(now);
}
userData.mExpiresAfter.Construct(difference);
}
if (aOther.name().isSome() || aOther.iconURL().isSome() ||
aOther.infoExpiresAt().isSome()) {
creationOptions.mUiHint.Construct(userData);
}
this->mCreationOptions = Some(creationOptions);
this->mIdentityProvider = aOther.identityProvider();
}
IPCIdentityCredential IdentityCredential::MakeIPCIdentityCredential() const {
IPCIdentityCredential result;
result.identityProvider() = mIdentityProvider;
this->GetId(result.id());
if (this->mCreationOptions.isSome()) {
if (this->mCreationOptions->mEffectiveQueryURL.WasPassed()) {
result.effectiveQueryURL() =
Some(this->mCreationOptions->mEffectiveQueryURL.Value());
}
if (this->mCreationOptions->mEffectiveOrigins.WasPassed()) {
result.effectiveOrigins() =
this->mCreationOptions->mEffectiveOrigins.Value();
}
if (this->mCreationOptions->mEffectiveType.WasPassed()) {
result.effectiveType() =
Some(this->mCreationOptions->mEffectiveType.Value());
}
if (this->mCreationOptions->mUiHint.WasPassed() &&
!this->mCreationOptions->mUiHint.Value().mIconURL.IsEmpty()) {
result.iconURL() = Some(this->mCreationOptions->mUiHint.Value().mIconURL);
}
if (this->mCreationOptions->mUiHint.WasPassed() &&
!this->mCreationOptions->mUiHint.Value().mName.IsEmpty()) {
result.name() = Some(this->mCreationOptions->mUiHint.Value().mName);
}
if (this->mCreationOptions->mUiHint.WasPassed() &&
this->mCreationOptions->mUiHint.Value().mExpiresAfter.WasPassed()) {
result.infoExpiresAt() =
Some(PR_Now() / PR_USEC_PER_MSEC +
this->mCreationOptions->mUiHint.Value().mExpiresAfter.Value());
}
if (this->mCreationOptions->mToken.WasPassed()) {
result.token() =
Some(NS_ConvertUTF8toUTF16(this->mCreationOptions->mToken.Value()));
}
}
if (!this->mToken.IsEmpty()) {
result.token() = Some(this->mToken);
}
return result;
}
// static
already_AddRefed<IdentityCredential> IdentityCredential::Constructor(
const GlobalObject& aGlobal, const IdentityCredentialInit& aInit,
ErrorResult& aRv) {
nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aGlobal.GetAsSupports());
if (!global || !global->GetAsInnerWindow() || !global->PrincipalOrNull()) {
aRv.Throw(NS_ERROR_FAILURE);
return nullptr;
}
RefPtr<IdentityCredential> result =
new IdentityCredential(global->GetAsInnerWindow());
result->SetId(aInit.mId);
result->SetType(u"identity"_ns);
result->mCreationOptions.emplace(aInit);
result->mIdentityProvider = global->PrincipalOrNull();
if (aInit.mToken.WasPassed()) {
result->mToken = NS_ConvertUTF8toUTF16(aInit.mToken.Value());
}
return result.forget();
}
void IdentityCredential::GetToken(nsAString& aToken) const {
aToken.Assign(mToken);
}
void IdentityCredential::SetToken(const nsAString& aToken) {
mToken.Assign(aToken);
if (mCreationOptions.isSome()) {
mCreationOptions->mToken.Construct(NS_ConvertUTF16toUTF8(aToken));
}
}
void IdentityCredential::GetOrigin(nsACString& aOrigin,
ErrorResult& aError) const {
nsresult rv = mIdentityProvider->GetWebExposedOriginSerialization(aOrigin);
if (NS_FAILED(rv)) {
aOrigin.SetLength(0);
aError.Throw(rv);
}
}
// static
void IdentityCredential::GetCredential(nsPIDOMWindowInner* aParent,
const CredentialRequestOptions& aOptions,
bool aSameOriginWithAncestors,
const RefPtr<Promise>& aPromise) {
MOZ_ASSERT(XRE_IsContentProcess());
MOZ_ASSERT(aParent);
MOZ_ASSERT(aPromise);
MOZ_ASSERT(aOptions.mIdentity.WasPassed());
// Prevent origin confusion by requiring no cross domain iframes
// in this one's ancestry
if (!aSameOriginWithAncestors) {
aPromise->MaybeRejectWithNotAllowedError("Same origin ancestors only.");
return;
}
RefPtr<WindowGlobalChild> wgc = aParent->GetWindowGlobalChild();
MOZ_ASSERT(wgc);
WindowContext* wc = wgc->WindowContext();
if (!wc) {
aPromise->MaybeRejectWithNotAllowedError("Active documents only.");
return;
}
RefPtr<nsPIDOMWindowInner> parent(aParent);
wgc->SendGetIdentityCredential(aOptions.mIdentity.Value(),
aOptions.mMediation,
wc->HasValidTransientUserGestureActivation())
->Then(
GetCurrentSerialEventTarget(), __func__,
[aPromise,
parent](const WindowGlobalChild::GetIdentityCredentialPromise::
ResolveValueType& aResult) {
Maybe<IPCIdentityCredential> maybeResult;
nsresult rv;
std::tie(maybeResult, rv) = aResult;
if (NS_WARN_IF(NS_FAILED(rv))) {
aPromise->MaybeRejectWithAbortError(
"Credential get aborted with internal error");
return;
}
if (maybeResult.isNothing()) {
aPromise->MaybeResolve(JS::NullHandleValue);
return;
}
aPromise->MaybeResolve(
new IdentityCredential(parent, maybeResult.value()));
},
[aPromise](const WindowGlobalChild::GetIdentityCredentialPromise::
RejectValueType& aResult) {
aPromise->MaybeRejectWithAbortError(
"Credential get aborted with internal error");
});
}
nsresult IdentityCredential::CanSilentlyCollect(nsIPrincipal* aPrincipal,
nsIPrincipal* aIDPPrincipal,
bool* aResult) {
NS_ENSURE_ARG_POINTER(aPrincipal);
NS_ENSURE_ARG_POINTER(aIDPPrincipal);
nsCString origin;
nsresult rv = aIDPPrincipal->GetOrigin(origin);
NS_ENSURE_SUCCESS(rv, rv);
uint32_t permit = nsIPermissionManager::UNKNOWN_ACTION;
nsCOMPtr<nsIPermissionManager> permissionManager =
components::PermissionManager::Service();
if (!permissionManager) {
return NS_ERROR_SERVICE_NOT_AVAILABLE;
}
rv = permissionManager->TestPermissionFromPrincipal(
aPrincipal, "credential-allow-silent-access^"_ns + origin, &permit);
NS_ENSURE_SUCCESS(rv, rv);
*aResult = (permit == nsIPermissionManager::ALLOW_ACTION);
if (!*aResult) {
return NS_OK;
}
rv = permissionManager->TestPermissionFromPrincipal(
aPrincipal, "credential-allow-silent-access"_ns, &permit);
NS_ENSURE_SUCCESS(rv, rv);
*aResult = permit == nsIPermissionManager::ALLOW_ACTION;
return NS_OK;
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::GetCredentialInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
IdentityCredentialRequestOptions&& aOptions,
const CredentialMediationRequirement& aMediationRequirement,
bool aHasUserActivation) {
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
WindowContext* wc = aBrowsingContext->GetCurrentWindowContext();
if (!wc) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_NOT_AVAILABLE, __func__);
}
if (aOptions.mMode == IdentityCredentialRequestOptionsMode::Active) {
// If the site is operating in "Active Mode" we need user activation to
// proceed.
if (!aHasUserActivation) {
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(NS_ERROR_DOM_NETWORK_ERR, __func__);
}
} else {
// Otherwise we are in "Passive Mode" and since this doesn't require user
// activation we constrain the credentials that are allowed to be be shown
// to the user so they don't get annoyed.
// Specifically, they need to have this credential registered for use on
// this website.
nsresult rv;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&rv);
if (NS_WARN_IF(!icStorageService)) {
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(rv, __func__);
}
aOptions.mProviders.RemoveElementsBy(
[icStorageService,
aPrincipal](const IdentityProviderRequestOptions& provider) {
if (!provider.mConfigURL.WasPassed()) {
return true;
}
nsCString configLocation = provider.mConfigURL.Value();
nsCOMPtr<nsIURI> configURI;
nsresult rv = NS_NewURI(getter_AddRefs(configURI), configLocation);
if (NS_FAILED(rv)) {
return true;
}
bool thirdParty = true;
rv = aPrincipal->IsThirdPartyURI(configURI, &thirdParty);
if (!thirdParty) {
return false;
}
nsCOMPtr<nsIPrincipal> idpPrincipal =
BasePrincipal::CreateContentPrincipal(
configURI, aPrincipal->OriginAttributesRef());
bool connected = false;
rv =
icStorageService->Connected(aPrincipal, idpPrincipal, &connected);
if (NS_FAILED(rv)) {
return true;
}
return !connected;
});
}
if (aOptions.mProviders.IsEmpty()) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_NOT_AVAILABLE, __func__);
}
RefPtr<nsIPrincipal> principal = aPrincipal;
RefPtr<CanonicalBrowsingContext> cbc = aBrowsingContext;
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise::Private> result =
new IdentityCredential::GetIPCIdentityCredentialPromise::Private(
__func__);
if (StaticPrefs::
dom_security_credentialmanagement_identity_lightweight_enabled()) {
// First try to collect credentials from local storage
CollectFromCredentialStoreInMainProcess(aPrincipal, aBrowsingContext,
aOptions)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aOptions, aMediationRequirement, cbc, principal,
result](const nsTArray<IPCIdentityCredential>& aResult) {
// If collected one credential and the request permit it,
// see if we can silently resolve
if (aResult.Length() == 1 &&
(aMediationRequirement !=
CredentialMediationRequirement::Required &&
aMediationRequirement !=
CredentialMediationRequirement::Conditional)) {
const IPCIdentityCredential& silentCandidate =
aResult.ElementAt(0);
bool permitted;
nsresult rv = CanSilentlyCollect(
principal, silentCandidate.identityProvider(), &permitted);
if (NS_SUCCEEDED(rv) && permitted) {
result->Resolve(silentCandidate, __func__);
return;
}
}
// The only way to get a credential from here is not silent,
// so we must bail out here.
if (aMediationRequirement ==
CredentialMediationRequirement::Silent) {
result->Reject(NS_OK, __func__);
return;
}
// If we have no collectable credentials, discover a remote
// credential
if (aResult.Length() == 0) {
DiscoverFromExternalSourceInMainProcess(
principal, cbc, aOptions, aMediationRequirement)
->Then(
GetCurrentSerialEventTarget(), __func__,
[result](const IPCIdentityCredential& credential) {
result->Resolve(credential, __func__);
},
[result](nsresult rv) {
// This can be an NS_OK if discovery didn't fail,
// but we didn't get a result.
result->Reject(rv, __func__);
});
return;
}
// Show the credential chooser, and when the callback fires,
// forward the result onto the `result` local variable that
// we are returning from this function.
RefPtr<CredentialChosenCallback> callback =
new CredentialChosenCallback(aResult, result);
nsresult rv = ShowCredentialChooser(cbc, aResult, callback);
// If showing the chooser failed, we reject here since the
// callback won't fire.
if (NS_FAILED(rv)) {
result->Reject(rv, __func__);
}
},
[result](nsresult aErr) { result->Reject(aErr, __func__); });
} else {
// If we don't have lightweight credentials enabled, just fire discovery
// off.
DiscoverFromExternalSourceInMainProcess(principal, cbc, aOptions,
aMediationRequirement)
->Then(
GetCurrentSerialEventTarget(), __func__,
[result](const IPCIdentityCredential& credential) {
result->Resolve(credential, __func__);
},
[result](nsresult rv) { result->Reject(rv, __func__); });
}
return result.forget();
}
// static
RefPtr<GenericPromise> IdentityCredential::AllowedToCollectCredential(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
const IdentityCredentialRequestOptions& aOptions,
IPCIdentityCredential aCredential) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
for (const nsCString& origin : aCredential.effectiveOrigins()) {
nsCOMPtr<nsIURI> allowURI;
nsresult rv = NS_NewURI(getter_AddRefs(allowURI), origin);
if (NS_SUCCEEDED(rv)) {
if (aPrincipal->IsSameOrigin(allowURI)) {
return GenericPromise::CreateAndResolve(true, __func__);
}
}
}
if (aCredential.effectiveType().isSome()) {
for (const auto& provider : aOptions.mProviders) {
if (provider.mEffectiveType.WasPassed() &&
provider.mEffectiveType.Value() ==
aCredential.effectiveType().value()) {
return GenericPromise::CreateAndResolve(true, __func__);
}
}
}
if (aCredential.effectiveQueryURL().isSome()) {
// Make the url to test, returning the default resolved to false promise if
// it fails
nsCOMPtr<nsIURI> dynamicURI;
nsresult rv = NS_NewURI(getter_AddRefs(dynamicURI),
aCredential.effectiveQueryURL().value());
if (NS_SUCCEEDED(rv)) {
// at this point we need to run through the providers passed as an
// argument to "navigator.credentials.get" and see if any meet the
// conditions to effectively query for aCredential based on an HTTP+CORS
// endpoint. This gives the IDP control over what origins can use each
// credential they store.
for (const auto& provider : aOptions.mProviders) {
// We only issue requests if the provider provided by the RP has the
// same URL as the credential that was stored by the IDP.
if (!provider.mEffectiveQueryURL.WasPassed() ||
!provider.mEffectiveQueryURL.Value().Equals(
aCredential.effectiveQueryURL().value())) {
continue;
}
// We are going to do some work here, so build the promise to return
RefPtr<GenericPromise::Private> resultPromise =
new GenericPromise::Private(__func__);
// Create the JS global for use by the fetch, tied to the RP principal
nsIXPConnect* xpc = nsContentUtils::XPConnect();
MOZ_ASSERT(xpc, "This should never be null!");
nsCOMPtr<nsIGlobalObject> global;
AutoJSAPI jsapi;
jsapi.Init();
JSContext* cx = jsapi.cx();
JS::Rooted<JSObject*> sandbox(cx);
rv = xpc->CreateSandbox(cx, aPrincipal, sandbox.address());
if (NS_WARN_IF(NS_FAILED(rv))) {
resultPromise->Reject(rv, __func__);
return resultPromise;
}
MOZ_ASSERT(JS_IsGlobalObject(sandbox));
global = xpc::NativeGlobal(sandbox);
if (NS_WARN_IF(!global)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
// Construct the HTTP+CORS request to be made.
constexpr auto fragment = ""_ns;
auto internalRequest = MakeSafeRefPtr<InternalRequest>(
provider.mEffectiveQueryURL.Value(), fragment);
internalRequest->SetCredentialsMode(RequestCredentials::Omit);
internalRequest->SetMode(RequestMode::Cors);
internalRequest->OverrideContentPolicyType(
nsContentPolicyType::TYPE_WEB_IDENTITY);
internalRequest->SetHeaders(
new InternalHeaders(HeadersGuardEnum::Request));
RefPtr<Request> request =
new Request(global, std::move(internalRequest), nullptr);
RequestOrUTF8String fetchInput;
fetchInput.SetAsRequest() = request;
RootedDictionary<RequestInit> requestInit(RootingCx());
ErrorResult error;
// Issue the fetch and define the callbacks
RefPtr<Promise> fetchPromise =
FetchRequest(request->GetParentObject(), fetchInput, requestInit,
CallerType::System, error);
if (NS_WARN_IF(error.Failed())) {
resultPromise->Reject(error.StealNSResult(), __func__);
return resultPromise;
}
fetchPromise->AddCallbacksWithCycleCollectedArgs(
[resultPromise](JSContext* aCx, JS::Handle<JS::Value> aValue,
ErrorResult&) {
// Get the Response object from the argument to the callback
if (NS_WARN_IF(!aValue.isObject())) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
JS::Rooted<JSObject*> obj(aCx, &aValue.toObject());
MOZ_ASSERT(obj);
Response* response = nullptr;
if (NS_WARN_IF(
NS_FAILED(UNWRAP_OBJECT(Response, &obj, response)))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
// Resolve whether or not the request was a success
resultPromise->Resolve(response->Ok(), __func__);
},
[resultPromise](JSContext*, JS::Handle<JS::Value> aValue,
ErrorResult&) {
resultPromise->Reject(
Promise::TryExtractNSResultFromRejectionValue(aValue),
__func__);
});
return resultPromise;
}
}
}
return GenericPromise::CreateAndResolve(false, __func__);
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialsPromise>
IdentityCredential::CollectFromCredentialStoreInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
const IdentityCredentialRequestOptions& aOptions) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
nsresult rv;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&rv);
if (NS_WARN_IF(!icStorageService)) {
return IdentityCredential::GetIPCIdentityCredentialsPromise::
CreateAndReject(rv, __func__);
}
nsTArray<RefPtr<nsIPrincipal>> idpPrincipals;
for (const auto& idpConfig : aOptions.mProviders) {
if (idpConfig.mOrigin.WasPassed()) {
RefPtr<nsIURI> idpURI;
rv = NS_NewURI(getter_AddRefs(idpURI), idpConfig.mOrigin.Value());
if (NS_FAILED(rv)) {
continue;
}
RefPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
idpURI, aPrincipal->OriginAttributesRef());
idpPrincipals.AppendElement(idpPrincipal);
} else if (idpConfig.mLoginURL.WasPassed()) {
RefPtr<nsIURI> idpURI;
rv = NS_NewURI(getter_AddRefs(idpURI), idpConfig.mLoginURL.Value());
if (NS_FAILED(rv)) {
continue;
}
RefPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
idpURI, aPrincipal->OriginAttributesRef());
idpPrincipals.AppendElement(idpPrincipal);
}
}
CopyableTArray<mozilla::dom::IPCIdentityCredential> fromStore;
rv = icStorageService->GetIdentityCredentials(idpPrincipals, fromStore);
if (NS_FAILED(rv)) {
return GetIPCIdentityCredentialsPromise::CreateAndReject(rv, __func__);
}
for (const auto& idpConfig : aOptions.mProviders) {
if (idpConfig.mEffectiveType.WasPassed() &&
idpConfig.mEffectiveType.Value() != "") {
nsTArray<mozilla::dom::IPCIdentityCredential> typeMatches;
rv = icStorageService->GetIdentityCredentialsOfType(
idpConfig.mEffectiveType.Value(), typeMatches);
if (NS_FAILED(rv)) {
return GetIPCIdentityCredentialsPromise::CreateAndReject(rv, __func__);
}
fromStore.AppendElements(std::move(typeMatches));
}
}
RefPtr<GetIPCIdentityCredentialsPromise::Private> resultPromise =
new GetIPCIdentityCredentialsPromise::Private(__func__);
nsTArray<RefPtr<GenericPromise>> promises;
for (const IPCIdentityCredential& cred : fromStore) {
promises.AppendElement(AllowedToCollectCredential(
aPrincipal, aBrowsingContext, aOptions, cred));
}
GenericPromise::AllSettled(GetCurrentSerialEventTarget(), promises)
->Then(
GetCurrentSerialEventTarget(), __func__,
[resultPromise, fromStore](
const GenericPromise::AllSettledPromiseType::ResolveValueType&
aResults) {
if (aResults.Length() != fromStore.Length()) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
CopyableTArray<mozilla::dom::IPCIdentityCredential> result;
for (size_t i = 0; i < aResults.Length(); i++) {
if (aResults.ElementAt(i).IsResolve() &&
aResults.ElementAt(i).ResolveValue()) {
result.AppendElement(fromStore.ElementAt(i));
}
}
resultPromise->Resolve(result, __func__);
},
[resultPromise](
const GenericPromise::AllSettledPromiseType::RejectValueType&
aResult) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
});
return resultPromise;
}
// Helper function to call the CredentialChooserService,
// fetching icons into a data URL. We could do this natively,
// but it is much easier to do in Javascript and this isn't
// performance critical.
RefPtr<MozPromise<nsCString, nsresult, true>> fetchIconURLHelper(
nsPIDOMWindowInner* aParent, const nsCString& aSpec) {
RefPtr<MozPromise<nsCString, nsresult, true>::Private> result =
new MozPromise<nsCString, nsresult, true>::Private(__func__);
nsresult rv;
nsCOMPtr<nsICredentialChooserService> ccService =
mozilla::components::CredentialChooserService::Service(&rv);
if (NS_FAILED(rv) || !ccService) {
result->Reject(rv, __func__);
return result;
}
nsCOMPtr<nsIURI> iconURI;
rv = NS_NewURI(getter_AddRefs(iconURI), aSpec);
if (NS_FAILED(rv)) {
result->Reject(rv, __func__);
return result;
}
RefPtr<Promise> serviceResult;
rv = ccService->FetchImageToDataURI(aParent, iconURI,
getter_AddRefs(serviceResult));
if (NS_FAILED(rv)) {
result->Reject(rv, __func__);
return result;
}
serviceResult->AddCallbacksWithCycleCollectedArgs(
[result](JSContext* aCx, JS::Handle<JS::Value> aValue, ErrorResult&) {
if (!aValue.get().isString()) {
result->Reject(NS_ERROR_FAILURE, __func__);
return;
}
nsAutoCString value;
if (!AssignJSString(aCx, value, aValue.get().toString())) {
result->Reject(NS_ERROR_FAILURE, __func__);
return;
}
result->Resolve(value, __func__);
},
[result](JSContext* aCx, JS::Handle<JS::Value> aValue, ErrorResult&) {
result->Reject(Promise::TryExtractNSResultFromRejectionValue(aValue),
__func__);
});
return result;
}
// static
RefPtr<GenericPromise> IdentityCredential::Store(
nsPIDOMWindowInner* aParent, const IdentityCredential* aCredential,
bool aSameOriginWithAncestors) {
MOZ_ASSERT(XRE_IsContentProcess());
MOZ_ASSERT(aParent);
MOZ_ASSERT(aCredential);
// Prevent origin confusion by requiring no cross domain iframes
// in this one's ancestry
if (!aSameOriginWithAncestors) {
return GenericPromise::CreateAndReject(NS_ERROR_DOM_NOT_ALLOWED_ERR,
__func__);
}
// Request the icon data while we are still in the content process so we can
// use our window's JS global
RefPtr<MozPromise<nsCString, nsresult, true>> iconFetch;
if (aCredential->mCreationOptions.isSome() &&
aCredential->mCreationOptions->mUiHint.WasPassed() &&
!aCredential->mCreationOptions->mUiHint.Value().mIconURL.IsEmpty()) {
iconFetch = fetchIconURLHelper(
aParent, aCredential->mCreationOptions->mUiHint.Value().mIconURL);
} else {
iconFetch = MozPromise<nsCString, nsresult, true>::CreateAndReject(
NS_ERROR_INVALID_ARG, __func__);
}
// First fetch the icon, then send the data we have to the main process
IPCIdentityCredential sendCredential =
aCredential->MakeIPCIdentityCredential();
RefPtr<WindowGlobalChild> wgc = aParent->GetWindowGlobalChild();
MOZ_ASSERT(wgc);
return iconFetch
->Then(GetCurrentSerialEventTarget(), __func__,
[sendCredential,
wgc](MozPromise<nsCString, nsresult, true>::ResolveOrRejectValue&&
aValue) mutable {
// If it was a resolution, then we can overwrite our icon data
if (aValue.IsResolve()) {
sendCredential.iconURL() = Some(aValue.ResolveValue());
}
// Kick the request off to the main process and translate the
// result to the expected type when we get a result.
return wgc->SendStoreIdentityCredential(sendCredential);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[](const WindowGlobalChild::StoreIdentityCredentialPromise::
ResolveValueType& aResult) {
return GenericPromise::CreateAndResolve(true, __func__);
},
[](const WindowGlobalChild::StoreIdentityCredentialPromise::
RejectValueType& aResult) {
return GenericPromise::CreateAndReject(NS_ERROR_DOM_UNKNOWN_ERR,
__func__);
});
}
// static
RefPtr<GenericPromise> IdentityCredential::StoreInMainProcess(
nsIPrincipal* aPrincipal, const IPCIdentityCredential& aCredential) {
if (!aCredential.identityProvider() ||
!aCredential.identityProvider()->Equals(aPrincipal)) {
return GenericPromise::CreateAndReject(nsresult::NS_ERROR_FAILURE,
__func__);
}
nsresult error;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&error);
if (NS_WARN_IF(!icStorageService)) {
return GenericPromise::CreateAndReject(error, __func__);
}
error = icStorageService->StoreIdentityCredential(aCredential);
if (NS_FAILED(error)) {
return GenericPromise::CreateAndReject(error, __func__);
}
IdentityCredentialRequestManager* icrm =
IdentityCredentialRequestManager::GetInstance();
if (!icrm) {
return GenericPromise::CreateAndReject(NS_ERROR_NOT_AVAILABLE, __func__);
}
icrm->NotifyOfStoredCredential(aCredential.identityProvider(), aCredential);
return GenericPromise::CreateAndReject(nsresult::NS_ERROR_FAILURE, __func__);
}
// static
RefPtr<IdentityCredential::GetIdentityCredentialPromise>
IdentityCredential::Create(nsPIDOMWindowInner* aParent,
const CredentialCreationOptions& aOptions,
bool aSameOriginWithAncestors) {
MOZ_ASSERT(aOptions.mIdentity.WasPassed());
MOZ_ASSERT(aParent);
const IdentityCredentialInit& init = aOptions.mIdentity.Value();
RefPtr<IdentityCredential> result = new IdentityCredential(aParent);
result->SetId(init.mId);
result->SetType(u"identity"_ns);
result->mCreationOptions.emplace(init);
if (init.mToken.WasPassed()) {
result->mToken = NS_ConvertUTF8toUTF16(init.mToken.Value());
}
return GetIdentityCredentialPromise::CreateAndResolve(result.forget(),
__func__);
}
// Helper function to navigate to the identity provider's login page, based
// on the contents of the config for the identity provider provided in
// navigator.credentials.get. Returns the result of a outer window Open.
nsresult OpenIdentityProviderDialog(
const RefPtr<WindowGlobalChild>& aWgc,
const IdentityProviderRequestOptions& aProviderConfig) {
MOZ_ASSERT(aProviderConfig.mLoginURL.WasPassed());
AutoJSAPI jsapi;
MOZ_ASSERT(aWgc);
if (!jsapi.Init(aWgc->GetWindowGlobal())) {
return NS_ERROR_FAILURE;
}
MOZ_ASSERT(aWgc->WindowContext()->TopWindowContext());
nsGlobalWindowOuter* outer = nsGlobalWindowOuter::GetOuterWindowWithId(
aWgc->WindowContext()->TopWindowContext()->OuterWindowId());
bool popup =
aProviderConfig.mLoginTarget.WasPassed() &&
aProviderConfig.mLoginTarget.Value() == IdentityLoginTargetType::Popup;
RefPtr<BrowsingContext> newBC;
if (popup) {
return outer->OpenJS(aProviderConfig.mLoginURL.Value(), u"_blank"_ns,
u"popup"_ns, getter_AddRefs(newBC));
}
return outer->OpenJS(aProviderConfig.mLoginURL.Value(), u"_top"_ns, u""_ns,
getter_AddRefs(newBC));
}
// static
nsresult IdentityCredential::ShowCredentialChooser(
const RefPtr<CanonicalBrowsingContext>& aContext,
const nsTArray<IPCIdentityCredential>& aCredentials,
const RefPtr<nsICredentialChosenCallback>& aCallback) {
nsresult rv;
nsCOMPtr<nsICredentialChooserService> ccService =
mozilla::components::CredentialChooserService::Service(&rv);
if (NS_WARN_IF(!ccService)) {
return rv;
}
// Build an AutoJSAPI out of the service so we can pass arguments in.
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(ccService);
AutoJSAPI jsapi;
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
return NS_ERROR_FAILURE;
}
// Build the options for the credential chooser service
nsTArray<JS::Value> options;
for (uint32_t index = 0; index < aCredentials.Length(); index++) {
const IPCIdentityCredential& credential = aCredentials.ElementAt(index);
JS::Rooted<JSObject*> option(jsapi.cx(), JS_NewPlainObject(jsapi.cx()));
if (NS_WARN_IF(!option)) {
return NS_ERROR_OUT_OF_MEMORY;
}
JS::Rooted<JS::Value> idValue(jsapi.cx());
if (!xpc::NonVoidStringToJsval(jsapi.cx(), credential.id(), &idValue) ||
!JS_DefineProperty(jsapi.cx(), option, "id", idValue, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
JS::Rooted<JS::Value> typeValue(jsapi.cx());
if (!xpc::NonVoidStringToJsval(jsapi.cx(), u"identity"_ns, &typeValue) ||
!JS_DefineProperty(jsapi.cx(), option, "type", typeValue, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
JS::Rooted<JS::Value> originValue(jsapi.cx());
nsAutoCString origin;
credential.identityProvider()->GetWebExposedOriginSerialization(origin);
if (!xpc::NonVoidStringToJsval(jsapi.cx(), NS_ConvertUTF8toUTF16(origin),
&originValue) ||
!JS_DefineProperty(jsapi.cx(), option, "origin", originValue, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
// We only put UI Hints on if we have a name and icon.
if (credential.name().isSome() && credential.iconURL().isSome()) {
JS::Rooted<JSObject*> uiHint(jsapi.cx(), JS_NewPlainObject(jsapi.cx()));
if (credential.name().isSome()) {
JS::Rooted<JS::Value> nameValue(jsapi.cx());
if (!xpc::NonVoidStringToJsval(
jsapi.cx(), NS_ConvertUTF8toUTF16(credential.name().value()),
&nameValue) ||
!JS_DefineProperty(jsapi.cx(), uiHint, "name", nameValue, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
}
if (credential.iconURL().isSome()) {
JS::Rooted<JS::Value> iconValue(jsapi.cx());
if (!xpc::NonVoidStringToJsval(
jsapi.cx(), NS_ConvertUTF8toUTF16(credential.iconURL().value()),
&iconValue) ||
!JS_DefineProperty(jsapi.cx(), uiHint, "iconURL", iconValue, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
}
if (credential.infoExpiresAt().isSome()) {
int64_t now = PR_Now() / PR_USEC_PER_MSEC;
// Guarantee "now" isn't before 1970 so we can static cast it.
if (now < 0) {
return NS_ERROR_FAILURE;
}
// difference of 0 stands for any negative values as well.
// The UI treats them the same, so no worries.
uint64_t difference = 0;
if (static_cast<uint64_t>(now) < credential.infoExpiresAt().value()) {
difference =
credential.infoExpiresAt().value() - static_cast<uint64_t>(now);
}
JS::Rooted<JS::Value> expireValue(jsapi.cx());
if (!ToJSValue(jsapi.cx(), difference, &expireValue) ||
!JS_DefineProperty(jsapi.cx(), uiHint, "expiresAfter", expireValue,
0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
}
if (!JS_DefineProperty(jsapi.cx(), option, "uiHints", uiHint, 0)) {
return NS_ERROR_OUT_OF_MEMORY;
}
}
JS::Rooted<JS::Value> optionValue(jsapi.cx());
optionValue.setObject(*option);
options.AppendElement(optionValue);
}
return ccService->ShowCredentialChooser(aContext, options, aCallback);
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::DiscoverLightweightFromExternalSourceInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
const IdentityCredentialRequestOptions& aOptions) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise::Private>
icrmResult =
new IdentityCredential::GetIPCIdentityCredentialPromise::Private(
__func__);
nsCOMPtr<nsIPrincipal> principal(aPrincipal);
RefPtr<CanonicalBrowsingContext> browsingContext(aBrowsingContext);
// Add request to manager with result,
IdentityCredentialRequestManager* icrm =
IdentityCredentialRequestManager::GetInstance();
if (!icrm) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_NOT_AVAILABLE, __func__);
}
nsresult rv = icrm->StorePendingRequest(aPrincipal, aOptions, icrmResult,
aBrowsingContext);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
rv, __func__);
}
// If possible, tell the content process to perform the navigation that is
// appropriate. We may be able to do this from the main process, but it is
// safer to do it from the client process so that we know all appropriate
// protections are in place.
if (aBrowsingContext->GetCurrentWindowGlobal()) {
IdentityProviderRequestOptions provider(aOptions.mProviders.ElementAt(0));
IdentityLoginTargetType type = IdentityLoginTargetType::Redirect;
if (provider.mLoginTarget.WasPassed()) {
type = provider.mLoginTarget.Value();
}
if (provider.mLoginURL.WasPassed()) {
Unused << aBrowsingContext->GetCurrentWindowGlobal()
->SendNavigateForIdentityCredentialDiscovery(
provider.mLoginURL.Value(), type);
}
}
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise::Private>
finalResult =
new IdentityCredential::GetIPCIdentityCredentialPromise::Private(
__func__);
// Once an effective credential is stored, this promise resolves.
icrmResult->Then(
GetCurrentSerialEventTarget(), __func__,
[browsingContext, finalResult](const IPCIdentityCredential& credential) {
// Now we show a credential chooser in the relying party window
// to get the user consent to use this account.
// This will resolve the promise that we return from this function.
nsTArray<IPCIdentityCredential> array;
array.AppendElement(credential);
RefPtr<CredentialChosenCallback> callback =
new CredentialChosenCallback(array, finalResult);
nsresult rv = ShowCredentialChooser(browsingContext, array, callback);
if (NS_FAILED(rv)) {
finalResult->Reject(rv, __func__);
}
},
[finalResult](nsresult rv) { finalResult->Reject(rv, __func__); });
return finalResult.forget();
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::DiscoverFromExternalSourceInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
const IdentityCredentialRequestOptions& aOptions,
const CredentialMediationRequirement& aMediationRequirement) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
// Figure out what type of discovery we must do.
RequestType requestType = DetermineRequestDiscoveryType(aOptions);
// If it is lightweight and we have it enabled, perform that discovery.
if (StaticPrefs::
dom_security_credentialmanagement_identity_lightweight_enabled() &&
requestType == LIGHTWEIGHT) {
return DiscoverLightweightFromExternalSourceInMainProcess(
aPrincipal, aBrowsingContext, aOptions);
}
// If we are not meant to discover anything, bail out with NS_OK.
if (requestType == NONE) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_OK, __func__);
}
// Make sure we have providers.
if (aOptions.mProviders.Length() < 1) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_DOM_NOT_ALLOWED_ERR, __func__);
}
// The only other type of discovery is heavyweight. Make sure we can do that
// before proceeding.
if (!(StaticPrefs::
dom_security_credentialmanagement_identity_heavyweight_enabled() &&
requestType == HEAVYWEIGHT)) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_NOT_AVAILABLE, __func__);
}
// Now doing heavyweight fedcm discovery
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise::Private> result =
new IdentityCredential::GetIPCIdentityCredentialPromise::Private(
__func__);
nsCOMPtr<nsIPrincipal> principal(aPrincipal);
RefPtr<CanonicalBrowsingContext> browsingContext(aBrowsingContext);
RefPtr<nsITimer> timeout;
if (StaticPrefs::
dom_security_credentialmanagement_identity_reject_delay_enabled()) {
nsresult rv = NS_NewTimerWithCallback(
getter_AddRefs(timeout),
[=](auto) {
result->Reject(NS_ERROR_DOM_NETWORK_ERR, __func__);
IdentityCredential::CloseUserInterface(browsingContext);
},
StaticPrefs::
dom_security_credentialmanagement_identity_reject_delay_duration_ms(),
nsITimer::TYPE_ONE_SHOT, "IdentityCredentialTimeoutCallback");
if (NS_WARN_IF(NS_FAILED(rv))) {
result->Reject(NS_ERROR_FAILURE, __func__);
return result.forget();
}
}
// Construct an array of requests to fetch manifests for every provider.
// We need this to show their branding information
nsTArray<RefPtr<GetManifestPromise>> manifestPromises;
for (const IdentityProviderRequestOptions& provider : aOptions.mProviders) {
RefPtr<GetManifestPromise> manifest =
IdentityCredential::FetchManifest(principal, provider);
manifestPromises.AppendElement(manifest);
}
// We use AllSettled here so that failures will be included- we use default
// values there.
GetManifestPromise::AllSettled(GetCurrentSerialEventTarget(),
manifestPromises)
->Then(
GetCurrentSerialEventTarget(), __func__,
[browsingContext, aOptions](
const GetManifestPromise::AllSettledPromiseType::ResolveValueType&
aResults) {
// Convert the
// GetManifestPromise::AllSettledPromiseType::ResolveValueType to a
// Sequence<MozPromise>
CopyableTArray<MozPromise<IdentityProviderAPIConfig, nsresult,
true>::ResolveOrRejectValue>
results = aResults;
const Sequence<MozPromise<IdentityProviderAPIConfig, nsresult,
true>::ResolveOrRejectValue>
resultsSequence(std::move(results));
// If we can skip the provider check, because there is only one
// option and it is already linked, do so!
Maybe<IdentityProviderRequestOptionsWithManifest>
autoSelectedIdentityProvider =
SkipAccountChooser(aOptions.mProviders, resultsSequence);
if (autoSelectedIdentityProvider.isSome()) {
return GetIdentityProviderRequestOptionsWithManifestPromise::
CreateAndResolve(autoSelectedIdentityProvider.extract(),
__func__);
}
// The user picks from the providers
return PromptUserToSelectProvider(
browsingContext, aOptions.mProviders, resultsSequence);
},
[](bool error) {
return IdentityCredential::
GetIdentityProviderRequestOptionsWithManifestPromise::
CreateAndReject(NS_ERROR_FAILURE, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[aMediationRequirement, principal,
browsingContext](const IdentityProviderRequestOptionsWithManifest&
providerAndManifest) {
IdentityProviderAPIConfig manifest;
IdentityProviderRequestOptions provider;
std::tie(provider, manifest) = providerAndManifest;
return IdentityCredential::
CreateHeavyweightCredentialDuringDiscovery(
principal, browsingContext, provider, manifest,
aMediationRequirement);
},
[](nsresult error) {
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[result, timeout = std::move(timeout)](
const IdentityCredential::GetIPCIdentityCredentialPromise::
ResolveOrRejectValue&& value) {
// Resolve the result
result->ResolveOrReject(value, __func__);
// Cancel the timer (if it is still pending) and
// release the hold on the variables leaked into the timer.
if (timeout &&
StaticPrefs::
dom_security_credentialmanagement_identity_reject_delay_enabled()) {
timeout->Cancel();
}
});
return result;
}
// static
Maybe<IdentityCredential::IdentityProviderRequestOptionsWithManifest>
IdentityCredential::SkipAccountChooser(
const Sequence<IdentityProviderRequestOptions>& aProviders,
const Sequence<GetManifestPromise::ResolveOrRejectValue>& aManifests) {
if (aProviders.Length() != 1) {
return Nothing();
}
if (aManifests.Length() != 1) {
return Nothing();
}
if (!aManifests.ElementAt(0).IsResolve()) {
return Nothing();
}
const IdentityProviderRequestOptions& resolvedProvider =
aProviders.ElementAt(0);
const IdentityProviderAPIConfig& resolvedManifest =
aManifests.ElementAt(0).ResolveValue();
return Some(std::make_tuple(resolvedProvider, resolvedManifest));
}
// static
Maybe<IdentityProviderAccount> IdentityCredential::FindAccountToReauthenticate(
const IdentityProviderRequestOptions& aProvider, nsIPrincipal* aRPPrincipal,
const IdentityProviderAccountList& aAccountList) {
if (!aAccountList.mAccounts.WasPassed()) {
return Nothing();
}
nsresult rv;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&rv);
if (NS_WARN_IF(!icStorageService)) {
return Nothing();
}
Maybe<IdentityProviderAccount> result = Nothing();
for (const IdentityProviderAccount& account :
aAccountList.mAccounts.Value()) {
// Don't reauthenticate accounts that have an approved clients list but no
// matching clientID from navigator.credentials.get's argument
if (account.mApproved_clients.WasPassed()) {
if (!aProvider.mClientId.WasPassed() ||
!account.mApproved_clients.Value().Contains(
NS_ConvertUTF8toUTF16(aProvider.mClientId.Value()))) {
continue;
}
}
RefPtr<nsIURI> configURI;
nsresult rv =
NS_NewURI(getter_AddRefs(configURI), aProvider.mConfigURL.Value());
if (NS_FAILED(rv)) {
continue;
}
nsCOMPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
configURI, aRPPrincipal->OriginAttributesRef());
// Don't reauthenticate unconnected accounts
bool connected = false;
rv = icStorageService->Connected(aRPPrincipal, idpPrincipal, &connected);
if (NS_WARN_IF(NS_FAILED(rv)) || !connected) {
continue;
}
// Don't reauthenticate if silent access is disabled
bool silentAllowed = false;
rv = CanSilentlyCollect(aRPPrincipal, idpPrincipal, &silentAllowed);
if (!NS_WARN_IF(NS_FAILED(rv)) && !silentAllowed) {
continue;
}
// We only auto-reauthenticate if we have one candidate.
if (result.isSome()) {
return Nothing();
}
// Remember our first candidate so we can return it after
// this loop, or return nothing if we find another!
result = Some(account);
}
return result;
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::CreateHeavyweightCredentialDuringDiscovery(
nsIPrincipal* aPrincipal, BrowsingContext* aBrowsingContext,
const IdentityProviderRequestOptions& aProvider,
const IdentityProviderAPIConfig& aManifest,
const CredentialMediationRequirement& aMediationRequirement) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
nsCOMPtr<nsIPrincipal> argumentPrincipal = aPrincipal;
RefPtr<BrowsingContext> browsingContext(aBrowsingContext);
return IdentityCredential::FetchAccountList(argumentPrincipal, aProvider,
aManifest)
->Then(
GetCurrentSerialEventTarget(), __func__,
[argumentPrincipal, browsingContext, aManifest, aMediationRequirement,
aProvider](
const std::tuple<IdentityProviderAPIConfig,
IdentityProviderAccountList>& promiseResult) {
IdentityProviderAPIConfig currentManifest;
IdentityProviderAccountList accountList;
std::tie(currentManifest, accountList) = promiseResult;
if (!accountList.mAccounts.WasPassed() ||
accountList.mAccounts.Value().Length() == 0) {
return IdentityCredential::GetAccountPromise::CreateAndReject(
NS_ERROR_FAILURE, __func__);
}
// Remove accounts without a matching login hint if one was provided
// in the JS call
if (aProvider.mLoginHint.WasPassed()) {
const nsCString& loginHint = aProvider.mLoginHint.Value();
accountList.mAccounts.Value().RemoveElementsBy(
[loginHint](const IdentityProviderAccount& account) {
if (!account.mLogin_hints.WasPassed() ||
account.mLogin_hints.Value().Length() == 0) {
return true;
}
if (account.mLogin_hints.Value().Contains(loginHint)) {
return false;
}
return true;
});
}
// Remove accounts without a matching domain hint if one was
// provided in the JS call
if (aProvider.mDomainHint.WasPassed()) {
const nsCString& domainHint = aProvider.mDomainHint.Value();
accountList.mAccounts.Value().RemoveElementsBy(
[domainHint](const IdentityProviderAccount& account) {
if (!account.mDomain_hints.WasPassed() ||
account.mDomain_hints.Value().Length() == 0) {
return true;
}
// The domain hint "any" matches any hint.
if (domainHint.Equals("any")) {
return false;
}
if (account.mDomain_hints.Value().Contains(domainHint)) {
return false;
}
return true;
});
}
// Remove accounts without a matching account hint if a label was
// provided in the IDP config
if (currentManifest.mAccount_label.WasPassed()) {
const nsCString& accountHint =
currentManifest.mAccount_label.Value();
accountList.mAccounts.Value().RemoveElementsBy(
[accountHint](const IdentityProviderAccount& account) {
if (!account.mLabel_hints.WasPassed() ||
account.mLabel_hints.Value().Length() == 0) {
return true;
}
if (account.mLabel_hints.Value().Contains(accountHint)) {
return false;
}
return true;
});
}
// If we can skip showing the user any UI by just doing a silent
// renewal, do so.
if (aMediationRequirement !=
CredentialMediationRequirement::Required) {
Maybe<IdentityProviderAccount> reauthenticatingAccount =
FindAccountToReauthenticate(aProvider, argumentPrincipal,
accountList);
if (reauthenticatingAccount.isSome()) {
return GetAccountPromise::CreateAndResolve(
std::make_tuple(aManifest,
reauthenticatingAccount.extract()),
__func__);
}
}
return PromptUserToSelectAccount(browsingContext, accountList,
aProvider, currentManifest);
},
[](nsresult error) {
return IdentityCredential::GetAccountPromise::CreateAndReject(
error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[argumentPrincipal, browsingContext, aProvider](
const std::tuple<IdentityProviderAPIConfig,
IdentityProviderAccount>& promiseResult) {
IdentityProviderAPIConfig currentManifest;
IdentityProviderAccount account;
std::tie(currentManifest, account) = promiseResult;
return IdentityCredential::PromptUserWithPolicy(
browsingContext, argumentPrincipal, account, currentManifest,
aProvider);
},
[](nsresult error) {
return IdentityCredential::GetAccountPromise::CreateAndReject(
error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[argumentPrincipal, aProvider](
const std::tuple<IdentityProviderAPIConfig,
IdentityProviderAccount>& promiseResult) {
IdentityProviderAPIConfig currentManifest;
IdentityProviderAccount account;
std::tie(currentManifest, account) = promiseResult;
return IdentityCredential::FetchToken(argumentPrincipal, aProvider,
currentManifest, account);
},
[](nsresult error) {
return IdentityCredential::GetTokenPromise::CreateAndReject(
error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[aProvider](
const std::tuple<IdentityProviderToken, IdentityProviderAccount>&
promiseResult) {
IdentityProviderToken token;
IdentityProviderAccount account;
std::tie(token, account) = promiseResult;
IPCIdentityCredential credential;
credential.token() = Some(token.mToken);
credential.id() = account.mId;
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndResolve(credential, __func__);
},
[browsingContext](nsresult error) {
CloseUserInterface(browsingContext);
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(error, __func__);
});
}
// static
RefPtr<IdentityCredential::GetRootManifestPromise>
IdentityCredential::FetchRootManifest(nsIPrincipal* aPrincipal,
const IdentityProviderConfig& aProvider) {
MOZ_ASSERT(XRE_IsParentProcess());
if (StaticPrefs::
dom_security_credentialmanagement_identity_test_ignore_well_known()) {
return IdentityCredential::GetRootManifestPromise::CreateAndResolve(
Nothing(), __func__);
}
// Build the URL
nsCString configLocation = aProvider.mConfigURL.Value();
nsCOMPtr<nsIURI> configURI;
nsresult rv = NS_NewURI(getter_AddRefs(configURI), configLocation);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
rv, __func__);
}
RefPtr<nsIEffectiveTLDService> etld =
mozilla::components::EffectiveTLD::Service();
if (!etld) {
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
NS_ERROR_SERVICE_NOT_AVAILABLE, __func__);
}
nsCString manifestURIString;
rv = etld->GetSite(configURI, manifestURIString);
if (NS_FAILED(rv)) {
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
NS_ERROR_INVALID_ARG, __func__);
}
nsAutoCString wellKnownPathForTesting;
rv = Preferences::GetCString(
"dom.security.credentialmanagement.identity.test_well_known_path",
wellKnownPathForTesting);
if (NS_SUCCEEDED(rv) && !wellKnownPathForTesting.IsVoid() &&
!wellKnownPathForTesting.IsEmpty()) {
manifestURIString.Append(wellKnownPathForTesting);
} else {
manifestURIString.AppendLiteral("/.well-known/web-identity");
}
nsCOMPtr<nsIURI> manifestURI;
rv = NS_NewURI(getter_AddRefs(manifestURI), manifestURIString, nullptr);
if (NS_FAILED(rv)) {
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
NS_ERROR_INVALID_ARG, __func__);
}
// We actually don't need to do any of this well-known stuff if the
// requesting principal is same-site to the manifest URI. There is no
// privacy risk in that case, because the requests could be sent with
// their unpartitioned cookies anyway.
if (!aPrincipal->GetIsNullPrincipal()) {
bool thirdParty = true;
rv = aPrincipal->IsThirdPartyURI(manifestURI, &thirdParty);
if (NS_SUCCEEDED(rv) && !thirdParty) {
return IdentityCredential::GetRootManifestPromise::CreateAndResolve(
Nothing(), __func__);
}
}
return IdentityNetworkHelpers::FetchWellKnownHelper(manifestURI, aPrincipal)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aProvider](const IdentityProviderWellKnown& manifest) {
// Resolve whether or not the argument URL is found in
// the well-known
if (manifest.mProvider_urls.Contains(
aProvider.mConfigURL.Value())) {
return IdentityCredential::GetRootManifestPromise::
CreateAndResolve(Some(manifest), __func__);
}
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
NS_ERROR_FAILURE, __func__);
},
[](nsresult error) {
return IdentityCredential::GetRootManifestPromise::CreateAndReject(
error, __func__);
});
}
// static
RefPtr<IdentityCredential::GetManifestPromise>
IdentityCredential::FetchManifest(nsIPrincipal* aPrincipal,
const IdentityProviderConfig& aProvider) {
MOZ_ASSERT(XRE_IsParentProcess());
nsCOMPtr<nsIPrincipal> requestingPrincipal(aPrincipal);
return IdentityCredential::FetchRootManifest(aPrincipal, aProvider)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aProvider,
requestingPrincipal](Maybe<IdentityProviderWellKnown> rootManifest) {
// Build the URL
nsCString configLocation = aProvider.mConfigURL.Value();
nsCOMPtr<nsIURI> manifestURI;
nsresult rv =
NS_NewURI(getter_AddRefs(manifestURI), configLocation, nullptr);
if (NS_FAILED(rv)) {
return MozPromise<std::tuple<Maybe<IdentityProviderWellKnown>,
IdentityProviderAPIConfig>,
nsresult,
true>::CreateAndReject(NS_ERROR_INVALID_ARG,
__func__);
}
return IdentityNetworkHelpers::FetchConfigHelper(
manifestURI, requestingPrincipal, rootManifest);
},
[](nsresult error) {
return MozPromise<std::tuple<Maybe<IdentityProviderWellKnown>,
IdentityProviderAPIConfig>,
nsresult, true>::CreateAndReject(error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[aProvider](std::tuple<Maybe<IdentityProviderWellKnown>,
IdentityProviderAPIConfig>
manifests) {
IdentityProviderAPIConfig currentManifest;
Maybe<IdentityProviderWellKnown> fetchedWellKnown;
std::tie(fetchedWellKnown, currentManifest) = manifests;
// If we have more than one provider URL, we need to make sure that
// the accounts endpoint matches
nsCString configLocation = aProvider.mConfigURL.Value();
if (fetchedWellKnown.isSome()) {
IdentityProviderWellKnown wellKnown(fetchedWellKnown.extract());
if (wellKnown.mProvider_urls.Length() == 1) {
if (!wellKnown.mProvider_urls.Contains(configLocation)) {
return IdentityCredential::GetManifestPromise::
CreateAndReject(NS_ERROR_FAILURE, __func__);
}
} else if (!wellKnown.mProvider_urls.Contains(configLocation) ||
!wellKnown.mAccounts_endpoint.WasPassed() ||
!wellKnown.mAccounts_endpoint.Value().Equals(
currentManifest.mAccounts_endpoint)) {
return IdentityCredential::GetManifestPromise::CreateAndReject(
NS_ERROR_FAILURE, __func__);
}
}
return IdentityCredential::GetManifestPromise::CreateAndResolve<
mozilla::dom::IdentityProviderAPIConfig>(
IdentityProviderAPIConfig(currentManifest), __func__);
},
[](nsresult error) {
return IdentityCredential::GetManifestPromise::CreateAndReject(
error, __func__);
});
}
// static
RefPtr<IdentityCredential::GetAccountListPromise>
IdentityCredential::FetchAccountList(
nsIPrincipal* aPrincipal, const IdentityProviderRequestOptions& aProvider,
const IdentityProviderAPIConfig& aManifest) {
MOZ_ASSERT(XRE_IsParentProcess());
// Build the URL
nsCOMPtr<nsIURI> baseURI;
nsresult rv =
NS_NewURI(getter_AddRefs(baseURI), aProvider.mConfigURL.Value());
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetAccountListPromise::CreateAndReject(rv,
__func__);
}
nsCOMPtr<nsIURI> idpURI;
rv = NS_NewURI(getter_AddRefs(idpURI), aManifest.mAccounts_endpoint, nullptr,
baseURI);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetAccountListPromise::CreateAndReject(rv,
__func__);
}
nsCOMPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
idpURI, aPrincipal->OriginAttributesRef());
return IdentityNetworkHelpers::FetchAccountsHelper(idpURI, idpPrincipal)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aManifest](const IdentityProviderAccountList& accountList) {
return IdentityCredential::GetAccountListPromise::CreateAndResolve(
std::make_tuple(aManifest, accountList), __func__);
},
[](nsresult error) {
return IdentityCredential::GetAccountListPromise::CreateAndReject(
error, __func__);
});
}
// static
RefPtr<IdentityCredential::GetTokenPromise> IdentityCredential::FetchToken(
nsIPrincipal* aPrincipal, const IdentityProviderRequestOptions& aProvider,
const IdentityProviderAPIConfig& aManifest,
const IdentityProviderAccount& aAccount) {
MOZ_ASSERT(XRE_IsParentProcess());
// Build the URL
nsCOMPtr<nsIURI> baseURI;
nsCString baseURIString = aProvider.mConfigURL.Value();
nsresult rv = NS_NewURI(getter_AddRefs(baseURI), baseURIString);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetTokenPromise::CreateAndReject(rv, __func__);
}
nsCOMPtr<nsIURI> idpURI;
nsCString tokenSpec = aManifest.mId_assertion_endpoint;
rv = NS_NewURI(getter_AddRefs(idpURI), tokenSpec.get(), baseURI);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetTokenPromise::CreateAndReject(rv, __func__);
}
nsCString tokenLocation;
rv = idpURI->GetSpec(tokenLocation);
if (NS_WARN_IF(NS_FAILED(rv))) {
return IdentityCredential::GetTokenPromise::CreateAndReject(rv, __func__);
}
// Create a new request
URLParams bodyValue;
bodyValue.Set("account_id"_ns, NS_ConvertUTF16toUTF8(aAccount.mId));
bodyValue.Set("client_id"_ns, aProvider.mClientId.Value());
if (aProvider.mNonce.WasPassed()) {
bodyValue.Set("nonce"_ns, aProvider.mNonce.Value());
}
bodyValue.Set("disclosure_text_shown"_ns, "false"_ns);
bodyValue.Set("is_auto_selected"_ns, "false"_ns);
nsAutoCString bodyCString;
bodyValue.Serialize(bodyCString, true);
return IdentityNetworkHelpers::FetchTokenHelper(idpURI, bodyCString,
aPrincipal)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aAccount](const IdentityProviderToken& token) {
return IdentityCredential::GetTokenPromise::CreateAndResolve(
std::make_tuple(token, aAccount), __func__);
},
[](nsresult error) {
return IdentityCredential::GetTokenPromise::CreateAndReject(
error, __func__);
});
}
// static
already_AddRefed<Promise> IdentityCredential::Disconnect(
const GlobalObject& aGlobal,
const IdentityCredentialDisconnectOptions& aOptions, ErrorResult& aRv) {
nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aGlobal.GetAsSupports());
if (!global) {
aRv.ThrowNotAllowedError("Must be called on an appropriate global object.");
return nullptr;
}
nsPIDOMWindowInner* window = global->GetAsInnerWindow();
if (!window) {
aRv.ThrowNotAllowedError("Must be called on a window.");
return nullptr;
}
RefPtr<Promise> promise = Promise::Create(global, aRv);
if (NS_WARN_IF(aRv.Failed() || !promise)) {
return nullptr;
}
RefPtr<WindowGlobalChild> wgc = window->GetWindowGlobalChild();
MOZ_ASSERT(wgc);
wgc->SendDisconnectIdentityCredential(aOptions)->Then(
GetCurrentSerialEventTarget(), __func__,
[promise](nsresult aResult) {
if (aResult == NS_ERROR_DOM_MALFORMED_URI) {
promise->MaybeRejectWithInvalidStateError(
"Error parsing the provided URI");
} else if (NS_FAILED(aResult)) {
promise->MaybeRejectWithNetworkError(
"Error sending disconnect request");
} else {
promise->MaybeResolveWithUndefined();
}
},
[promise](mozilla::ipc::ResponseRejectReason aError) {
promise->MaybeRejectWithUnknownError("Unknown failure");
});
return promise.forget();
}
// static
RefPtr<MozPromise<bool, nsresult, true>>
IdentityCredential::DisconnectInMainProcess(
nsIPrincipal* aDocumentPrincipal,
const IdentityCredentialDisconnectOptions& aOptions) {
MOZ_ASSERT(XRE_IsParentProcess());
nsresult rv;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&rv);
if (NS_WARN_IF(!icStorageService)) {
return MozPromise<bool, nsresult, true>::CreateAndReject(rv, __func__);
}
RefPtr<MozPromise<bool, nsresult, true>::Private> resultPromise =
new MozPromise<bool, nsresult, true>::Private(__func__);
RefPtr<nsIURI> configURI;
rv = NS_NewURI(getter_AddRefs(configURI), aOptions.mConfigURL.Value());
if (NS_FAILED(rv)) {
resultPromise->Reject(NS_ERROR_DOM_MALFORMED_URI, __func__);
return resultPromise;
}
nsCOMPtr<nsIPrincipal> principal(aDocumentPrincipal);
nsCOMPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
configURI, principal->OriginAttributesRef());
IdentityCredential::FetchManifest(principal, aOptions)
->Then(
GetCurrentSerialEventTarget(), __func__,
[resultPromise, aOptions, icStorageService, configURI, idpPrincipal,
principal](const IdentityProviderAPIConfig& aConfig) {
if (!aConfig.mDisconnect_endpoint.WasPassed()) {
resultPromise->Reject(NS_ERROR_DOM_NETWORK_ERR, __func__);
return MozPromise<DisconnectedAccount, nsresult,
true>::CreateAndReject(NS_OK, __func__);
}
RefPtr<nsIURI> disconnectURI;
nsCString disconnectArgument = aConfig.mDisconnect_endpoint.Value();
nsresult rv = NS_NewURI(getter_AddRefs(disconnectURI),
disconnectArgument, nullptr, configURI);
if (NS_FAILED(rv)) {
resultPromise->Reject(NS_ERROR_DOM_NETWORK_ERR, __func__);
return MozPromise<DisconnectedAccount, nsresult,
true>::CreateAndReject(NS_OK, __func__);
}
bool connected = false;
rv = icStorageService->Connected(principal, idpPrincipal,
&connected);
if (NS_WARN_IF(NS_FAILED(rv)) || !connected) {
resultPromise->Reject(NS_ERROR_DOM_NETWORK_ERR, __func__);
return MozPromise<DisconnectedAccount, nsresult,
true>::CreateAndReject(NS_OK, __func__);
}
// Create a new request
URLParams bodyValue;
bodyValue.Set("client_id"_ns, aOptions.mClientId.Value());
bodyValue.Set("account_hint"_ns, aOptions.mAccountHint);
nsAutoCString bodyCString;
bodyValue.Serialize(bodyCString, true);
return IdentityNetworkHelpers::FetchDisconnectHelper(
disconnectURI, bodyCString, principal);
},
[resultPromise](nsresult aError) {
resultPromise->Reject(aError, __func__);
// We reject with NS_OK, so that we don't disconnect accounts in the
// reject callback here.
return MozPromise<DisconnectedAccount, nsresult,
true>::CreateAndReject(NS_OK, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[icStorageService, principal, idpPrincipal,
resultPromise](const DisconnectedAccount& token) {
bool registered = false, notUsed = false;
nsresult rv = icStorageService->GetState(principal, idpPrincipal,
token.mAccount_id,
&registered, &notUsed);
if (NS_WARN_IF(NS_FAILED(rv))) {
resultPromise->Reject(NS_ERROR_UNEXPECTED, __func__);
return;
}
if (registered) {
nsresult rv = icStorageService->Delete(principal, idpPrincipal,
token.mAccount_id);
if (NS_WARN_IF(NS_FAILED(rv))) {
resultPromise->Reject(NS_ERROR_UNEXPECTED, __func__);
return;
}
resultPromise->Resolve(true, __func__);
} else {
nsresult rv =
icStorageService->Disconnect(principal, idpPrincipal);
if (NS_WARN_IF(NS_FAILED(rv))) {
resultPromise->Reject(NS_ERROR_UNEXPECTED, __func__);
return;
}
resultPromise->Resolve(true, __func__);
}
return;
},
[icStorageService, principal, idpPrincipal,
resultPromise](nsresult error) {
// Bail out if we already rejected the result above.
if (error == NS_OK) {
return;
}
// If we issued the request and it failed, fall back
// to clearing all.
nsresult rv = icStorageService->Disconnect(principal, idpPrincipal);
if (NS_WARN_IF(NS_FAILED(rv))) {
resultPromise->Reject(NS_ERROR_UNEXPECTED, __func__);
return;
}
resultPromise->Resolve(true, __func__);
return;
});
return resultPromise;
}
// static
RefPtr<IdentityCredential::GetIdentityProviderRequestOptionsWithManifestPromise>
IdentityCredential::PromptUserToSelectProvider(
BrowsingContext* aBrowsingContext,
const Sequence<IdentityProviderRequestOptions>& aProviders,
const Sequence<GetManifestPromise::ResolveOrRejectValue>& aManifests) {
MOZ_ASSERT(aBrowsingContext);
RefPtr<IdentityCredential::
GetIdentityProviderRequestOptionsWithManifestPromise::Private>
resultPromise = new IdentityCredential::
GetIdentityProviderRequestOptionsWithManifestPromise::Private(
__func__);
if (NS_WARN_IF(!aBrowsingContext)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
resultPromise->Reject(error, __func__);
return resultPromise;
}
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
AutoJSAPI jsapi;
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> providersJS(jsapi.cx());
bool success = ToJSValue(jsapi.cx(), aProviders, &providersJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
// Convert each settled MozPromise into a Nullable<ResolveValue>
Sequence<Nullable<IdentityProviderAPIConfig>> manifests;
for (GetManifestPromise::ResolveOrRejectValue manifest : aManifests) {
if (manifest.IsResolve()) {
if (NS_WARN_IF(
!manifests.AppendElement(manifest.ResolveValue(), fallible))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
} else {
if (NS_WARN_IF(!manifests.AppendElement(
Nullable<IdentityProviderAPIConfig>(), fallible))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
}
}
JS::Rooted<JS::Value> manifestsJS(jsapi.cx());
success = ToJSValue(jsapi.cx(), manifests, &manifestsJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
RefPtr<Promise> showPromptPromise;
icPromptService->ShowProviderPrompt(aBrowsingContext, providersJS,
manifestsJS,
getter_AddRefs(showPromptPromise));
showPromptPromise->AddCallbacksWithCycleCollectedArgs(
[aProviders, aManifests, resultPromise](
JSContext*, JS::Handle<JS::Value> aValue, ErrorResult&) {
int32_t result = aValue.toInt32();
if (result < 0 || (uint32_t)result > aProviders.Length() ||
(uint32_t)result > aManifests.Length()) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
const IdentityProviderRequestOptions& resolvedProvider =
aProviders.ElementAt(result);
if (!aManifests.ElementAt(result).IsResolve()) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
const IdentityProviderAPIConfig& resolvedManifest =
aManifests.ElementAt(result).ResolveValue();
resultPromise->Resolve(
std::make_tuple(resolvedProvider, resolvedManifest), __func__);
},
[resultPromise](JSContext*, JS::Handle<JS::Value> aValue, ErrorResult&) {
resultPromise->Reject(
Promise::TryExtractNSResultFromRejectionValue(aValue), __func__);
});
// Working around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85883
showPromptPromise->AppendNativeHandler(
new MozPromiseRejectOnDestruction{resultPromise, __func__});
return resultPromise;
}
// static
RefPtr<IdentityCredential::GetAccountPromise>
IdentityCredential::PromptUserToSelectAccount(
BrowsingContext* aBrowsingContext,
const IdentityProviderAccountList& aAccounts,
const IdentityProviderRequestOptions& aProvider,
const IdentityProviderAPIConfig& aManifest) {
MOZ_ASSERT(aBrowsingContext);
RefPtr<IdentityCredential::GetAccountPromise::Private> resultPromise =
new IdentityCredential::GetAccountPromise::Private(__func__);
if (NS_WARN_IF(!aBrowsingContext)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
resultPromise->Reject(error, __func__);
return resultPromise;
}
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
AutoJSAPI jsapi;
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> accountsJS(jsapi.cx());
bool success = ToJSValue(jsapi.cx(), aAccounts, &accountsJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> providerJS(jsapi.cx());
success = ToJSValue(jsapi.cx(), aProvider, &providerJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> manifestJS(jsapi.cx());
success = ToJSValue(jsapi.cx(), aManifest, &manifestJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
RefPtr<Promise> showPromptPromise;
icPromptService->ShowAccountListPrompt(aBrowsingContext, accountsJS,
providerJS, manifestJS,
getter_AddRefs(showPromptPromise));
showPromptPromise->AddCallbacksWithCycleCollectedArgs(
[aAccounts, resultPromise, aManifest](
JSContext*, JS::Handle<JS::Value> aValue, ErrorResult&) {
int32_t result = aValue.toInt32();
if (!aAccounts.mAccounts.WasPassed() || result < 0 ||
(uint32_t)result > aAccounts.mAccounts.Value().Length()) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
const IdentityProviderAccount& resolved =
aAccounts.mAccounts.Value().ElementAt(result);
resultPromise->Resolve(std::make_tuple(aManifest, resolved), __func__);
},
[resultPromise](JSContext*, JS::Handle<JS::Value> aValue, ErrorResult&) {
resultPromise->Reject(
Promise::TryExtractNSResultFromRejectionValue(aValue), __func__);
});
// Working around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85883
showPromptPromise->AppendNativeHandler(
new MozPromiseRejectOnDestruction{resultPromise, __func__});
return resultPromise;
}
// static
RefPtr<IdentityCredential::GetAccountPromise>
IdentityCredential::PromptUserWithPolicy(
BrowsingContext* aBrowsingContext, nsIPrincipal* aPrincipal,
const IdentityProviderAccount& aAccount,
const IdentityProviderAPIConfig& aManifest,
const IdentityProviderRequestOptions& aProvider) {
MOZ_ASSERT(aBrowsingContext);
MOZ_ASSERT(aPrincipal);
nsresult error;
nsCOMPtr<nsIIdentityCredentialStorageService> icStorageService =
mozilla::components::IdentityCredentialStorageService::Service(&error);
if (NS_WARN_IF(!icStorageService)) {
return IdentityCredential::GetAccountPromise::CreateAndReject(error,
__func__);
}
// Check the storage bit
nsCString configLocation = aProvider.mConfigURL.Value();
nsCOMPtr<nsIURI> idpURI;
error = NS_NewURI(getter_AddRefs(idpURI), configLocation);
if (NS_WARN_IF(NS_FAILED(error))) {
return IdentityCredential::GetAccountPromise::CreateAndReject(error,
__func__);
}
bool registered = false;
bool allowLogout = false;
nsCOMPtr<nsIPrincipal> idpPrincipal = BasePrincipal::CreateContentPrincipal(
idpURI, aPrincipal->OriginAttributesRef());
error = icStorageService->GetState(aPrincipal, idpPrincipal,
NS_ConvertUTF16toUTF8(aAccount.mId),
&registered, &allowLogout);
if (NS_WARN_IF(NS_FAILED(error))) {
return IdentityCredential::GetAccountPromise::CreateAndReject(error,
__func__);
}
// Mark as logged in and return
icStorageService->SetState(aPrincipal, idpPrincipal,
NS_ConvertUTF16toUTF8(aAccount.mId), true, true);
return IdentityCredential::GetAccountPromise::CreateAndResolve(
std::make_tuple(aManifest, aAccount), __func__);
}
// static
void IdentityCredential::CloseUserInterface(BrowsingContext* aBrowsingContext) {
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
return;
}
icPromptService->Close(aBrowsingContext);
}
// static
IdentityCredential::RequestType
IdentityCredential::DetermineRequestDiscoveryType(
const IdentityCredentialRequestOptions& aOptions) {
for (const auto& provider : aOptions.mProviders) {
if (provider.mConfigURL.WasPassed() && provider.mLoginURL.WasPassed()) {
return INVALID;
}
if (provider.mConfigURL.WasPassed()) {
return HEAVYWEIGHT;
}
if (provider.mLoginURL.WasPassed()) {
if (aOptions.mProviders.Length() > 1) {
return INVALID;
}
return LIGHTWEIGHT;
}
}
return NONE;
}
} // namespace mozilla::dom
View git blame Copy permalink