summaryrefslogtreecommitdiffstats
path: root/toolkit/components/passwordmgr/nsILoginManagerStorage.idl
blob: 8792b144ec50709127073d4aa407e8c17c34336c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */


#include "nsISupports.idl"

interface nsIFile;
interface nsILoginInfo;
interface nsIPropertyBag;

/**
 * NOTE: This interface is intended to be implemented by modules
 *       providing storage mechanisms for the login manager.
 *       Other code should use the login manager's interfaces
 *       (nsILoginManager), and should not call storage modules
 *       directly.
 */
[scriptable, uuid(5df81a93-25e6-4b45-a696-089479e15c7d)]
interface nsILoginManagerStorage : nsISupports {
  /**
   * Initialize the component.
   *
   * At present, other methods of this interface may be called before the
   * returned promise is resolved or rejected.
   *
   * @return {Promise}
   * @resolves When initialization is complete.
   * @rejects JavaScript exception.
   */
  Promise initialize();

  /**
   * Ensures that all data has been written to disk and all files are closed.
   *
   * At present, this method is called by regression tests only.  Finalization
   * on shutdown is done by observers within the component.
   *
   * @return {Promise}
   * @resolves When finalization is complete.
   * @rejects JavaScript exception.
   */
  Promise terminate();

  /**
   * Store a new login in the storage module.
   *
   * @param aLogin
   *        The login to be added.
   * @param aPreEncrypted
   *        Whether the login was already encrypted or not.
   * @param aPlaintextUsername
   *        The plaintext username, if the login was already encrypted.
   * @param aPlaintextPassword
   *        The plaintext password, if the login was already encrypted.
   * @return a clone of the login info with the guid set (even if it was not provided).
   *
   * Default values for the login's nsILoginMetaInfo properties will be
   * created. However, if the caller specifies non-default values, they will
   * be used instead.
   */
  nsILoginInfo addLogin(in nsILoginInfo aLogin, [optional] in boolean aPreEncrypted, [optional] in jsval aPlaintextUsername, [optional] in jsval aPlaintextPassword);

  /**
   * Remove a login from the storage module.
   *
   * @param aLogin
   *        The login to be removed.
   *
   * The specified login must exactly match a stored login. However, the
   * values of any nsILoginMetaInfo properties are ignored.
   */
  void removeLogin(in nsILoginInfo aLogin);

  /**
   * Modify an existing login in the storage module.
   *
   * @param oldLogin
   *        The login to be modified.
   * @param newLoginData
   *        The new login values (either a nsILoginInfo or nsIProperyBag)
   *
   * If newLoginData is a nsILoginInfo, all of the old login's nsILoginInfo
   * properties are changed to the values from newLoginData (but the old
   * login's nsILoginMetaInfo properties are unmodified).
   *
   * If newLoginData is a nsIPropertyBag, only the specified properties
   * will be changed. The nsILoginMetaInfo properties of oldLogin can be
   * changed in this manner.
   *
   * If the propertybag contains an item named "timesUsedIncrement", the
   * login's timesUsed property will be incremented by the item's value.
   */
  void modifyLogin(in nsILoginInfo oldLogin, in nsISupports newLoginData);

  /**
   * Record that the password of a saved login was used (e.g. submitted or copied).
   *
   * @param nsILoginInfo aLogin
   *        The login record of the password that was used.
   *
   * If only the username was used, this method shouldn't be called as we don't
   * want to double-count the use if both the username and password are copied.
   * Copying of the username normally precedes the copying of the password anyways.
   */
  void recordPasswordUse(in nsILoginInfo aLogin);

  /**
   * Remove all stored user facing logins.
   *
   * This will remove all the logins that a user can access through about:logins.
   * This will not remove the FxA Sync key which is stored with the rest of a user's logins
   * but is not accessible through about:logins
   *
   * The browser sanitization feature allows the user to clear any stored
   * passwords. This interface allows that to be done without getting each
   * login first.
   *
   */
  void removeAllUserFacingLogins();

  /**
   * Completely remove all logins, including the user's FxA key.
   *
   */
  void removeAllLogins();

  /**
   * Fetch all logins in the login manager. An array is always returned;
   * if there are no logins the array is empty.
   *
   * @deprecated Use `getAllLoginsAsync` instead.
   *
   * @return An array of nsILoginInfo objects.
   */
  Array<nsILoginInfo> getAllLogins();

  /**
   * Fetch all logins in the login manager. An array is always returned;
   * if there are no logins the array is empty.
   *
   * @return An array of nsILoginInfo objects.
   */
  Promise getAllLoginsAsync();

  /**
   * Asynchonously search for logins in the login manager. The Promise always
   * resolves to an array; if there are no logins the array is empty.
   *
   * @param {object} matchData
   *        The data used to search as a JS object. This does not follow the same
   *        requirements as findLogins for those fields. Wildcard matches are
   *        simply not specified.
   * @return A promise resolving to an array of nsILoginInfo objects.
   */
  Promise searchLoginsAsync(in jsval matchData);

  /**
   * Search for logins in the login manager. An array is always returned;
   * if there are no logins the array is empty.
   *
   * @deprecated New code should use `searchLoginsAsync`.
   *             Only autocomplete, prompt, and test code still use this.
   *
   * @param matchData
   *        The data used to search. This does not follow the same
   *        requirements as findLogins for those fields. Wildcard matches are
   *        simply not specified.
   * @return An array of nsILoginInfo objects.
   */
  Array<nsILoginInfo> searchLogins(in nsIPropertyBag matchData);

  /**
   * Search for logins matching the specified criteria. Called when looking
   * for logins that might be applicable to a form or authentication request.
   *
   * @deprecated Use `searchLoginsAsync` instead.
   *
   * @param aOrigin
   *        The origin to restrict searches to. For example: "http://www.site.com".
   * @param aActionURL
   *        For form logins, this argument should be the origin to which the
   *        form will be submitted. For HTTP auth. logins, specify null.
   * @param aHttpRealm
   *        For protocol logins, this argument should be the HTTP Realm
   *        for which the login applies. This is obtained from the
   *        WWW-Authenticate header. See RFC2617. For form logins,
   *        specify null.
   * @return An array of nsILoginInfo objects.
   */
  Array<nsILoginInfo> findLogins(in AString aOrigin, in AString aActionOrigin,
                                 in AString aHttpRealm);

  /**
   * Search for logins matching the specified criteria, as with
   * findLogins(). This interface only returns the number of matching
   * logins (and not the logins themselves), which allows a caller to
   * check for logins without causing the user to be prompted for a primary
   * password to decrypt the logins.
   *
   * @param aOrigin
   *        The origin to restrict searches to. Specify an empty string
   *        to match all origins. A null value will not match any logins, and
   *        will thus always return a count of 0.
   * @param aActionOrigin
   *        The origin to which a form login will be submitted. To match any
   *        form login, specify an empty string. To not match any form
   *        login, specify null.
   * @param aHttpRealm
   *        The HTTP Realm for which the login applies. To match logins for
   *        any realm, specify an empty string. To not match logins for any
   *        realm, specify null.
   */
  unsigned long countLogins(in AString aOrigin, in AString aActionOrigin,
                            in AString aHttpRealm);

  /**
   * Returns the "sync id" used by Sync to know whether the store is current with
   * respect to the sync servers.
   *
   * Returns null if the data doesn't exist or if the data can't be
   * decrypted (including if the primary-password prompt is cancelled). This is
   * OK for Sync as it can't even begin syncing if the primary-password is
   * locked as the sync encrytion keys are stored in this login manager.
   */
  Promise getSyncID();

  /**
   * Sets the "sync id" used by Sync to know whether the store is current with
   * respect to the sync servers. May be set to null.
   *
   * Throws if the data can't be encrypted (including if the primary-password
   * prompt is cancelled)
   */
  Promise setSyncID(in AString syncID);

  /**
   * Returns the timestamp of the last sync as a double (in seconds since Epoch
   * rounded to two decimal places), or 0.0 if the data doesn't exist.
   */
  Promise getLastSync();

  /**
   * Sets the timestamp of the last sync.
   */
  Promise setLastSync(in double timestamp);

  /**
   * True when a primary password prompt is being shown.
   */
  readonly attribute boolean uiBusy;

  /**
   * True when the primary password has already been entered, and so a caller
   * can ask for decrypted logins without triggering a prompt.
   */
  readonly attribute boolean isLoggedIn;
};