1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
import {
LoginHelper,
ParentAutocompleteOption,
} from "resource://gre/modules/LoginHelper.sys.mjs";
import { XPCOMUtils } from "resource://gre/modules/XPCOMUtils.sys.mjs";
const lazy = {};
XPCOMUtils.defineLazyServiceGetter(
lazy,
"webauthnService",
"@mozilla.org/webauthn/service;1",
"nsIWebAuthnService"
);
ChromeUtils.defineLazyGetter(
lazy,
"strings",
() => new Localization(["browser/webauthnDialog.ftl"])
);
ChromeUtils.defineLazyGetter(lazy, "log", () =>
LoginHelper.createLogger("WebAuthnFeature")
);
if (Services.appinfo.processType !== Services.appinfo.PROCESS_TYPE_DEFAULT) {
throw new Error(
"PasskeySupport.sys.mjs should only run in the parent process"
);
}
class WebAuthnSupport {
async *#getAutocompleteItemsAsync(browsingContextId, formOrigin) {
let transactionId = lazy.webauthnService.hasPendingConditionalGet(
browsingContextId,
formOrigin
);
if (transactionId == 0) {
// No pending transaction
return;
}
let credentials = lazy.webauthnService.getAutoFillEntries(transactionId);
let labels = credentials.map(x => ({
id: "webauthn-specific-passkey-label",
args: { domain: x.rpId },
}));
if (!credentials.length) {
labels.push({ id: "webauthn-a-passkey-label" });
} else {
labels.push({ id: "webauthn-another-passkey-label" });
}
const formattedLabels = await lazy.strings.formatValues(labels);
for (let i = 0; i < credentials.length; i++) {
yield new ParentAutocompleteOption(
"chrome://browser/content/logos/passkey.svg",
credentials[i].userName,
formattedLabels[i],
"PasswordManager:promptForAuthenticator",
{
selection: {
transactionId,
credentialId: credentials[i].credentialId,
},
}
);
}
// `getAutoFillEntries` may not return all of the credentials on the device
// (in particular it will not include credentials with a protection policy
// that forbids silent discovery), so we include a catch-all entry in the
// list. If the user selects this entry, the WebAuthn transaction will
// proceed using the modal UI.
yield new ParentAutocompleteOption(
"chrome://browser/content/logos/passkey.svg",
formattedLabels[formattedLabels.length - 1],
"",
"PasswordManager:promptForAuthenticator",
{
selection: {
transactionId,
},
}
);
}
/**
*
* @param {int} browsingContextId the browsing context ID associated with this request
* @param {string} formOrigin
* @param {string} scenarioName can be "SignUpFormScenario" or undefined
* @param {string} isWebAuthn indicates whether "webauthn" was included in the input's autocomplete value
* @returns {ParentAutocompleteOption} the optional WebAuthn autocomplete item
*/
async autocompleteItemsAsync(
browsingContextId,
formOrigin,
scenarioName,
isWebAuthn
) {
const result = [];
if (scenarioName !== "SignUpFormScenario" || isWebAuthn) {
for await (const item of this.#getAutocompleteItemsAsync(
browsingContextId,
formOrigin
)) {
result.push(item);
}
}
return result;
}
async promptForAuthenticator(browser, selection) {
lazy.log.info("Prompting to authenticate with relying party.");
if (selection.credentialId) {
lazy.webauthnService.selectAutoFillEntry(
selection.transactionId,
selection.credentialId
);
} else {
lazy.webauthnService.resumeConditionalGet(selection.transactionId);
}
}
}
export const WebAuthnFeature = new WebAuthnSupport();
|