Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 02:14:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 4 changesets (bug 1782088)for causing build bustages. CLOSED TREE

Browse Source 
Backed out changeset a7423c6d52b7 (bug 1782088)
Backed out changeset 50a3cc77e38b (bug 1782088)
Backed out changeset 7dca17d480bb (bug 1782088)
Backed out changeset f1e6e1226a8c (bug 1782088)
This commit is contained in:
Butkovits Atila 2022-10-25 06:03:22 +03:00
parent e7055d8d51
commit 1a4dfaa163
24 changed files with 27 additions and 712 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
browser/base/content/browser.xhtml
View File

@ -73,7 +73,6 @@
<link rel="localization" href="browser/protectionsPanel.ftl"/>
<link rel="localization" href="browser/appmenu.ftl"/>
<link rel="localization" href="browser/panelUI.ftl"/>
<link rel="localization" href="preview/identityCredentialNotification.ftl"/>
<link rel="localization" href="preview/interventions.ftl"/>
<link rel="localization" href="browser/sidebarMenu.ftl"/>
<link rel="localization" href="browser/allTabsMenu.ftl"/>

2
browser/base/content/navigator-toolbox.inc.xhtml
View File

@ -302,8 +302,6 @@
data-l10n-id="urlbar-midi-notification-anchor"/>
<image id="webauthn-notification-icon" class="notification-anchor-icon" role="button"
data-l10n-id="urlbar-web-authn-anchor"/>
<image id="identity-credential-notification-icon" class="notification-anchor-icon" role="button"
data-l10n-id="urlbar-identity-credential-anchor"/>
<image id="storage-access-notification-icon" class="notification-anchor-icon storage-access-icon" role="button"
data-l10n-id="urlbar-storage-access-anchor"/>
</box>

25
browser/base/content/popup-notifications.inc
View File

@ -8,7 +8,7 @@
noautofocus="true"
role="alert"/>
<popupnotification id="webRTC-shareDevices-notification" hidden="true"
<popupnotification id="webRTC-shareDevices-notification" hidden="true"
descriptionid="webRTC-shareDevices-notification-description">
<popupnotificationcontent id="webRTC-selectCamera" orient="vertical">
<label id="webRTC-selectCamera-label"
@ -167,26 +167,3 @@
</vbox>
</popupnotificationfooter>
</popupnotification>
<popupnotification id="identity-credential-notification" hidden="true">
<popupnotificationcontent id="identity-credential-provider" orient="vertical">
<html:div id="identity-credential-provider-selector-container">
</html:div>
<description class="popup-notification-description" id="credential-provider-explanation" data-l10n-id="credential-description-provider-explanation"/>
<html:template id="template-credential-provider-list-item">
<toolbarbutton class="credential-provider-list-item subviewbutton-nav subviewbutton" align="center" wrap="true">
<label flex="1" class="credential-provider-list-item-label"></label>
</toolbarbutton>
</html:template>
</popupnotificationcontent>
<popupnotificationcontent id="identity-credential-account" orient="vertical" hidden="true">
<html:div id="identity-credential-account-selector-container">
</html:div>
<description class="popup-notification-description" id="credential-account-explanation"/>
<html:template id="template-credential-account-list-item">
<toolbarbutton class="credential-account-list-item subviewbutton-nav subviewbutton" align="center" wrap="true">
<label flex="1" class="credential-account-list-item-label"></label>
</toolbarbutton>
</html:template>
</popupnotificationcontent>
</popupnotification>

266
browser/components/credentialmanager/IdentityCredentialPromptService.sys.mjs
View File

@ -1,266 +0,0 @@
/**
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
const { XPCOMUtils } = ChromeUtils.importESModule(
"resource://gre/modules/XPCOMUtils.sys.mjs"
);
const lazy = {};
XPCOMUtils.defineLazyServiceGetter(
lazy,
"IDNService",
"@mozilla.org/network/idn-service;1",
"nsIIDNService"
);
XPCOMUtils.defineLazyPreferenceGetter(
lazy,
"SELECT_FIRST_IN_UI_LISTS",
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
false
);
function fulfilledPromiseFromFirstListElement(list) {
if (list.length) {
return Promise.resolve(list[0]);
}
return Promise.reject();
}
/**
* Class implementing the nsIIdentityCredentialPromptService
* */
export class IdentityCredentialPromptService {
classID = Components.ID("{936007db-a957-4f1d-a23d-f7d9403223e6}");
QueryInterface = ChromeUtils.generateQI([
"nsIIdentityCredentialPromptService",
]);
/**
* Ask the user, using a PopupNotification, to select an Identity Provider from a provided list.
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
* @param {IdentityProvider[]} identityProviders - The list of identity providers the user selects from
* @returns {Promise<IdentityProvider>} The user-selected identity provider
*/
showProviderPrompt(browsingContext, identityProviders) {
// For testing only.
if (lazy.SELECT_FIRST_IN_UI_LISTS) {
return fulfilledPromiseFromFirstListElement(identityProviders);
}
return new Promise(function(resolve, reject) {
let browser = browsingContext.top.embedderElement;
if (!browser) {
reject();
return;
}
// Localize all strings to be used
// Bug 1797154 - Convert localization calls to use the async formatValues.
let localization = new Localization(
["preview/identityCredentialNotification.ftl"],
true
);
let headerMessage = localization.formatValueSync(
"credential-header-providers",
{
host: "<>",
}
);
let cancelLabel = localization.formatValueSync("credential-cancel-label");
let cancelKey = localization.formatValueSync(
"credential-cancel-accesskey"
);
// Build the choices into the panel
let listBox = browser.ownerDocument.getElementById(
"identity-credential-provider-selector-container"
);
while (listBox.firstChild) {
listBox.removeChild(listBox.lastChild);
}
let itemTemplate = browser.ownerDocument.getElementById(
"template-credential-provider-list-item"
);
for (let providerIndex in identityProviders) {
let provider = identityProviders[providerIndex];
let providerURI = new URL(provider.configURL);
let displayDomain = lazy.IDNService.convertToDisplayIDN(
providerURI.host,
{}
);
let newItem = itemTemplate.content.firstElementChild.cloneNode(true);
newItem.firstElementChild.textContent = displayDomain;
newItem.setAttribute("oncommand", `this.callback(event)`);
newItem.callback = function(event) {
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
"identity-credential",
browser
);
browser.ownerGlobal.PopupNotifications.remove(notification);
resolve(provider);
event.stopPropagation();
};
listBox.append(newItem);
}
// Construct the necessary arguments for notification behavior
let currentOrigin =
browsingContext.currentWindowContext.documentPrincipal.originNoSuffix;
let options = {
name: currentOrigin,
};
let mainAction = {
label: cancelLabel,
accessKey: cancelKey,
callback(event) {
reject();
},
};
// Show the popup
browser.ownerDocument.getElementById(
"identity-credential-provider"
).hidden = false;
browser.ownerDocument.getElementById(
"identity-credential-account"
).hidden = true;
browser.ownerGlobal.PopupNotifications.show(
browser,
"identity-credential",
headerMessage,
"identity-credential-notification-icon",
mainAction,
null,
options
);
});
}
/**
* Ask the user, using a PopupNotification, to select an account from a provided list.
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
* @param {IdentityAccountList} accountList - The list of accounts the user selects from
* @returns {Promise<IdentityAccount>} The user-selected account
*/
showAccountListPrompt(browsingContext, accountList) {
// For testing only.
if (lazy.SELECT_FIRST_IN_UI_LISTS) {
return fulfilledPromiseFromFirstListElement(accountList.accounts);
}
return new Promise(function(resolve, reject) {
let browser = browsingContext.top.embedderElement;
if (!browser) {
reject();
return;
}
let currentOrigin =
browsingContext.currentWindowContext.documentPrincipal.originNoSuffix;
// Localize all strings to be used
// Bug 1797154 - Convert localization calls to use the async formatValues.
let localization = new Localization(
["preview/identityCredentialNotification.ftl"],
true
);
let headerMessage = localization.formatValueSync(
"credential-header-accounts",
{
host: "<>",
}
);
let descriptionMessage = localization.formatValueSync(
"credential-description-account-explanation",
{
host: currentOrigin,
}
);
let cancelLabel = localization.formatValueSync("credential-cancel-label");
let cancelKey = localization.formatValueSync(
"credential-cancel-accesskey"
);
// Add the description text
browser.ownerDocument.getElementById(
"credential-account-explanation"
).textContent = descriptionMessage;
// Build the choices into the panel
let listBox = browser.ownerDocument.getElementById(
"identity-credential-account-selector-container"
);
while (listBox.firstChild) {
listBox.removeChild(listBox.lastChild);
}
let itemTemplate = browser.ownerDocument.getElementById(
"template-credential-account-list-item"
);
for (let accountIndex in accountList.accounts) {
let account = accountList.accounts[accountIndex];
let newItem = itemTemplate.content.firstElementChild.cloneNode(true);
newItem.firstElementChild.textContent = account.email;
newItem.setAttribute("oncommand", "this.callback()");
newItem.callback = function() {
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
"identity-credential",
browser
);
browser.ownerGlobal.PopupNotifications.remove(notification);
resolve(account);
};
listBox.append(newItem);
}
// Construct the necessary arguments for notification behavior
let options = {
name: currentOrigin,
};
let mainAction = {
label: cancelLabel,
accessKey: cancelKey,
callback(event) {
reject();
},
};
// Show the popup
browser.ownerDocument.getElementById(
"identity-credential-provider"
).hidden = true;
browser.ownerDocument.getElementById(
"identity-credential-account"
).hidden = false;
browser.ownerGlobal.PopupNotifications.show(
browser,
"identity-credential",
headerMessage,
"identity-credential-notification-icon",
mainAction,
null,
options
);
});
}
/**
* Close all UI from the other methods of this module for the provided window.
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
* @returns
*/
close(browsingContext) {
let browser = browsingContext.top.embedderElement;
if (!browser) {
return;
}
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
"identity-credential",
browser
);
if (notification) {
browser.ownerGlobal.PopupNotifications.remove(notification);
}
}
}

16
browser/components/credentialmanager/components.conf
View File

@ -1,16 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Classes = [
{
'cid': '{936007db-a957-4f1d-a23d-f7d9403223e6}',
'contract_ids': ['@mozilla.org/browser/identitycredentialpromptservice;1'],
'esModule': 'resource:///modules/IdentityCredentialPromptService.sys.mjs',
'processes': ProcessSelector.MAIN_PROCESS_ONLY,
'constructor': 'IdentityCredentialPromptService',
'name': 'IdentityCredentialPromptService',
},
]

16
browser/components/credentialmanager/identityCredentialNotification.ftl
View File

@ -1,16 +0,0 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
## Credential panel
## $host (String): the hostname of the site that is being displayed.
credential-header-providers = Sign in to { $host }.
credential-header-accounts = Pick a { $host } account.
# Identity providers are websites you use to log into another website, for example: Google when you Log in with Google.
credential-description-provider-explanation = These are the identity providers that would like to help you log in.
credential-description-account-explanation = Picking an account here shares that identity with { $host }.
urlbar-identity-credential-anchor =
.tooltiptext = Open federated login panel
credential-cancel-label = Cancel
credential-cancel-accesskey = C

22
browser/components/credentialmanager/moz.build
View File

@ -1,22 +0,0 @@
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
# vim: set filetype=python:
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
with Files("**"):
BUG_COMPONENT = ("Core", "DOM: Credential Management")
XPIDL_SOURCES += [
"nsIIdentityCredentialPromptService.idl",
]
XPIDL_MODULE = "identity-credential-prompt"
EXTRA_JS_MODULES += [
"IdentityCredentialPromptService.sys.mjs",
]
XPCOM_MANIFESTS += [
"components.conf",
]

19
browser/components/credentialmanager/nsIIdentityCredentialPromptService.idl
View File

@ -1,19 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
webidl BrowsingContext;
[scriptable, uuid(936007db-a957-4f1d-a23d-f7d9403223e6)]
interface nsIIdentityCredentialPromptService : nsISupports {
// Display to the user an interface to choose from among the identity providers listed
// Resolves with one of the elements of the list.
Promise showProviderPrompt(in BrowsingContext browsingContext, in jsval identityProviders);
// Display to the user an interface to choose from among the accounts listed.
// Resolves with one of the elements of the list.
Promise showAccountListPrompt(in BrowsingContext browsingContext, in jsval accountList);
// Close all UI from the other methods of this module
void close(in BrowsingContext browsingContext);
};

1
browser/components/moz.build
View File

@ -32,7 +32,6 @@ DIRS += [
"attribution",
"colorways",
"contextualidentity",
"credentialmanager",
"customizableui",
"doh",
"downloads",

1
browser/locales/jar.mn
View File

@ -14,7 +14,6 @@
preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl)
preview/originControls.ftl (../components/extensions/originControls.ftl)
preview/unifiedExtensions.ftl (../components/extensions/unifiedExtensions.ftl)
preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl)
browser (%browser/**/*.ftl)
@AB_CD@.jar:

1
browser/themes/shared/browser-shared.css
View File

@ -12,7 +12,6 @@
@import url("chrome://browser/skin/identity-block/identity-block.css");
@import url("chrome://browser/skin/notification-icons.css");
@import url("chrome://browser/skin/addon-notification.css");
@import url("chrome://browser/skin/identity-credential-notification.css");
@import url("chrome://browser/skin/urlbarView.css");
@import url("chrome://browser/skin/translation/infobar.css");
@import url("chrome://browser/skin/autocomplete.css");

2
browser/themes/shared/customizableui/panelUI-shared.css
View File

@ -1078,7 +1078,6 @@ panelview .toolbarbutton-1,
#protections-popup-mainView .subviewbutton-nav:not(.notFound)::after,
#identity-popup-mainView .subviewbutton-nav::after,
#identity-credential-notification .subviewbutton-nav::after,
.widget-overflow-list .subviewbutton-nav::after,
.PanelUI-subView .subviewbutton-nav::after {
-moz-context-properties: fill, fill-opacity;
@ -1090,7 +1089,6 @@ panelview .toolbarbutton-1,
#protections-popup-mainView .subviewbutton-nav:not(.notFound):-moz-locale-dir(rtl)::after,
#identity-popup-mainView .subviewbutton-nav:-moz-locale-dir(rtl)::after,
#identity-credential-notification .subviewbutton-nav:-moz-locale-dir(rtl)::after,
.widget-overflow-list .subviewbutton-nav:-moz-locale-dir(rtl)::after,
.PanelUI-subView .subviewbutton-nav:-moz-locale-dir(rtl)::after {
content: url(chrome://global/skin/icons/arrow-left.svg);

13
browser/themes/shared/identity-credential-notification.css
View File

@ -1,13 +0,0 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#identity-credential-notification .subviewbutton {
width: 100%;
margin-inline: 0;
}
#credential-provider-explanation,
#credential-account-explanation {
margin-top: 1em;
}

1
browser/themes/shared/jar.inc.mn
View File

@ -17,7 +17,6 @@
skin/classic/browser/blockedSite.css (../shared/blockedSite.css)
skin/classic/browser/browser-shared.css (../shared/browser-shared.css)
skin/classic/browser/ctrlTab.css (../shared/ctrlTab.css)
skin/classic/browser/identity-credential-notification.css (../shared/identity-credential-notification.css)
skin/classic/browser/light-dark-overrides.css (../shared/light-dark-overrides.css)
skin/classic/browser/menupanel.css (../shared/menupanel.css)
skin/classic/browser/notification-icons.css (../shared/notification-icons.css)

4
browser/themes/shared/notification-icons.css
View File

@ -198,10 +198,6 @@
list-style-image: url(chrome://browser/skin/fingerprint.svg);
}
#identity-credential-notification-icon {
list-style-image: url(chrome://browser/skin/fingerprint.svg);
}
#permission-popup-menulist {
margin-inline-end: 0;
}

187
dom/credentialmanagement/identity/IdentityCredential.cpp
View File

@ -11,11 +11,9 @@
#include "mozilla/dom/IdentityNetworkHelpers.h"
#include "mozilla/dom/Request.h"
#include "mozilla/dom/WindowGlobalChild.h"
#include "mozilla/Components.h"
#include "mozilla/ExpandedPrincipal.h"
#include "mozilla/NullPrincipal.h"
#include "nsEffectiveTLDService.h"
#include "nsIIdentityCredentialPromptService.h"
#include "nsITimer.h"
#include "nsIXPConnect.h"
#include "nsNetUtil.h"
@ -138,48 +136,31 @@ IdentityCredential::DiscoverFromExternalSource(
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::DiscoverFromExternalSourceInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
nsIPrincipal* aPrincipal,
const IdentityCredentialRequestOptions& aOptions) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
// Make sure we have providers.
// Make sure we have exactly one provider.
if (!aOptions.mProviders.WasPassed() ||
aOptions.mProviders.Value().Length() < 1) {
aOptions.mProviders.Value().Length() != 1) {
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
NS_ERROR_DOM_NOT_ALLOWED_ERR, __func__);
}
nsCOMPtr<nsIPrincipal> principal(aPrincipal);
RefPtr<CanonicalBrowsingContext> browsingContext(aBrowsingContext);
// Get that provider
IdentityProvider provider(aOptions.mProviders.Value()[0]);
// Have the user choose a provider.
return PromptUserToSelectProvider(aBrowsingContext,
aOptions.mProviders.Value())
->Then(
GetCurrentSerialEventTarget(), __func__,
[principal, browsingContext](const IdentityProvider& provider) {
return IdentityCredential::CreateCredential(
principal, browsingContext, provider);
},
[](nsresult error) {
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(error, __func__);
});
return IdentityCredential::CreateCredential(aPrincipal, provider);
}
// static
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
BrowsingContext* aBrowsingContext,
const IdentityProvider& aProvider) {
MOZ_ASSERT(XRE_IsParentProcess());
MOZ_ASSERT(aPrincipal);
MOZ_ASSERT(aBrowsingContext);
nsCOMPtr<nsIPrincipal> argumentPrincipal = aPrincipal;
RefPtr<BrowsingContext> browsingContext(aBrowsingContext);
return IdentityCredential::CheckRootManifest(aPrincipal, aProvider)
->Then(
@ -209,34 +190,21 @@ IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[argumentPrincipal, browsingContext, aProvider](
[argumentPrincipal, aProvider](
const Tuple<IdentityInternalManifest, IdentityAccountList>&
promiseResult) {
IdentityInternalManifest currentManifest;
IdentityAccountList accountList;
Tie(currentManifest, accountList) = promiseResult;
// Bug 1782088: We currently just use the first account
if (!accountList.mAccounts.WasPassed() ||
accountList.mAccounts.Value().Length() == 0) {
return IdentityCredential::GetAccountPromise::CreateAndReject(
return IdentityCredential::GetTokenPromise::CreateAndReject(
NS_ERROR_FAILURE, __func__);
}
return PromptUserToSelectAccount(browsingContext, accountList,
currentManifest);
},
[](nsresult error) {
return IdentityCredential::GetAccountPromise::CreateAndReject(
error, __func__);
})
->Then(
GetCurrentSerialEventTarget(), __func__,
[argumentPrincipal,
aProvider](const Tuple<IdentityInternalManifest, IdentityAccount>&
promiseResult) {
IdentityInternalManifest currentManifest;
IdentityAccount account;
Tie(currentManifest, account) = promiseResult;
return IdentityCredential::FetchToken(argumentPrincipal, aProvider,
currentManifest, account);
return IdentityCredential::FetchToken(
argumentPrincipal, aProvider, currentManifest,
accountList.mAccounts.Value()[0]);
},
[](nsresult error) {
return IdentityCredential::GetTokenPromise::CreateAndReject(
@ -256,8 +224,7 @@ IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndResolve(credential, __func__);
},
[browsingContext](nsresult error) {
CloseUserInterface(browsingContext);
[](nsresult error) {
return IdentityCredential::GetIPCIdentityCredentialPromise::
CreateAndReject(error, __func__);
});
@ -404,8 +371,8 @@ IdentityCredential::FetchAccountList(
// Build the principal to use for this connection
// This is an expanded principal! It has the cookies of the IDP because it
// subsumes the constituent principals. It also has no serializable origin,
// so it won't send an Origin header even though this is a CORS mode
// request. It accomplishes this without being a SystemPrincipal too.
// so it won't send an Origin header even though this is a CORS mode request.
// It accomplishes this without being a SystemPrincipal too.
nsCOMPtr<nsIURI> idpURI;
nsresult rv = NS_NewURI(getter_AddRefs(idpURI), configLocation);
if (NS_WARN_IF(NS_FAILED(rv))) {
@ -550,128 +517,4 @@ RefPtr<IdentityCredential::GetTokenPromise> IdentityCredential::FetchToken(
});
}
// static
RefPtr<IdentityCredential::GetIdentityProviderPromise>
IdentityCredential::PromptUserToSelectProvider(
BrowsingContext* aBrowsingContext,
const Sequence<IdentityProvider>& aProviders) {
MOZ_ASSERT(aBrowsingContext);
RefPtr<IdentityCredential::GetIdentityProviderPromise::Private>
resultPromise =
new IdentityCredential::GetIdentityProviderPromise::Private(__func__);
if (NS_WARN_IF(!aBrowsingContext)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
resultPromise->Reject(error, __func__);
return resultPromise;
}
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
AutoJSAPI jsapi;
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> providersJS(jsapi.cx());
bool success = ToJSValue(jsapi.cx(), aProviders, &providersJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
RefPtr<Promise> showPromptPromise;
icPromptService->ShowProviderPrompt(aBrowsingContext, providersJS,
getter_AddRefs(showPromptPromise));
RefPtr<DomPromiseListener> listener = new DomPromiseListener(
[resultPromise](JSContext* aCx, JS::Handle<JS::Value> aValue) {
IdentityProvider result;
bool success = result.Init(aCx, aValue);
if (!success) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
resultPromise->Resolve(result, __func__);
},
[resultPromise](nsresult aRv) { resultPromise->Reject(aRv, __func__); });
showPromptPromise->AppendNativeHandler(listener);
return resultPromise;
}
// static
RefPtr<IdentityCredential::GetAccountPromise>
IdentityCredential::PromptUserToSelectAccount(
BrowsingContext* aBrowsingContext, const IdentityAccountList& aAccounts,
const IdentityInternalManifest& aManifest) {
MOZ_ASSERT(aBrowsingContext);
RefPtr<IdentityCredential::GetAccountPromise::Private> resultPromise =
new IdentityCredential::GetAccountPromise::Private(__func__);
if (NS_WARN_IF(!aBrowsingContext)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
resultPromise->Reject(error, __func__);
return resultPromise;
}
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
AutoJSAPI jsapi;
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
JS::Rooted<JS::Value> accountsJS(jsapi.cx());
bool success = ToJSValue(jsapi.cx(), aAccounts, &accountsJS);
if (NS_WARN_IF(!success)) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return resultPromise;
}
RefPtr<Promise> showPromptPromise;
icPromptService->ShowAccountListPrompt(aBrowsingContext, accountsJS,
getter_AddRefs(showPromptPromise));
RefPtr<DomPromiseListener> listener = new DomPromiseListener(
[resultPromise, aManifest](JSContext* aCx, JS::Handle<JS::Value> aValue) {
IdentityAccount result;
bool success = result.Init(aCx, aValue);
if (!success) {
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
return;
}
resultPromise->Resolve(MakeTuple(aManifest, result), __func__);
},
[resultPromise](nsresult aRv) { resultPromise->Reject(aRv, __func__); });
showPromptPromise->AppendNativeHandler(listener);
return resultPromise;
}
// static
void IdentityCredential::CloseUserInterface(BrowsingContext* aBrowsingContext) {
nsresult error;
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
mozilla::components::IdentityCredentialPromptService::Service(&error);
if (NS_WARN_IF(!icPromptService)) {
return;
}
icPromptService->Close(aBrowsingContext);
}
} // namespace mozilla::dom

21
dom/credentialmanagement/identity/IdentityCredential.h
View File

@ -7,7 +7,6 @@
#ifndef mozilla_dom_IdentityCredential_h
#define mozilla_dom_IdentityCredential_h
#include "mozilla/dom/CanonicalBrowsingContext.h"
#include "mozilla/dom/Credential.h"
#include "mozilla/dom/IPCIdentityCredential.h"
#include "mozilla/MozPromise.h"
@ -21,8 +20,6 @@ class IdentityCredential final : public Credential {
GetIdentityCredentialPromise;
typedef MozPromise<IPCIdentityCredential, nsresult, true>
GetIPCIdentityCredentialPromise;
typedef MozPromise<IdentityProvider, nsresult, true>
GetIdentityProviderPromise;
typedef MozPromise<bool, nsresult, true> ValidationPromise;
typedef MozPromise<IdentityInternalManifest, nsresult, true>
GetManifestPromise;
@ -31,9 +28,6 @@ class IdentityCredential final : public Credential {
GetAccountListPromise;
typedef MozPromise<Tuple<IdentityToken, IdentityAccount>, nsresult, true>
GetTokenPromise;
typedef MozPromise<Tuple<IdentityInternalManifest, IdentityAccount>, nsresult,
true>
GetAccountPromise;
explicit IdentityCredential(nsPIDOMWindowInner* aParent);
@ -57,7 +51,7 @@ class IdentityCredential final : public Credential {
static RefPtr<GetIPCIdentityCredentialPromise>
DiscoverFromExternalSourceInMainProcess(
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
nsIPrincipal* aPrincipal,
const IdentityCredentialRequestOptions& aOptions);
// Create an IPC credential that can be passed back to the content process.
@ -75,8 +69,7 @@ class IdentityCredential final : public Credential {
// Will send network requests to the IDP. The details of which are in the
// other static methods here.
static RefPtr<GetIPCIdentityCredentialPromise> CreateCredential(
nsIPrincipal* aPrincipal, BrowsingContext* aBrowsingContext,
const IdentityProvider& aProvider);
nsIPrincipal* aPrincipal, const IdentityProvider& aProvider);
// Performs a Fetch for the root manifest of the provided identity provider
// and validates it as correct. The returned promise resolves with a bool
@ -154,16 +147,6 @@ class IdentityCredential final : public Credential {
const IdentityInternalManifest& aManifest,
const IdentityAccount& aAccount);
static RefPtr<GetIdentityProviderPromise> PromptUserToSelectProvider(
BrowsingContext* aBrowsingContext,
const Sequence<IdentityProvider>& aProviders);
static RefPtr<GetAccountPromise> PromptUserToSelectAccount(
BrowsingContext* aBrowsingContext, const IdentityAccountList& aAccounts,
const IdentityInternalManifest& aManifest);
static void CloseUserInterface(BrowsingContext* aBrowsingContext);
private:
nsAutoString mToken;
};

3
dom/credentialmanagement/identity/tests/mochitest/mochitest.ini
View File

@ -2,7 +2,6 @@
prefs =
dom.security.credentialmanagement.identity.enabled=true
dom.security.credentialmanagement.identity.wait_for_timeout=false
dom.security.credentialmanagement.identity.select_first_in_ui_lists=true
privacy.antitracking.enableWebcompat=false # disables opener heuristic
scheme = https
skip-if = xorigin
@ -21,8 +20,6 @@ support-files =
server_no_accounts_idtoken.sjs
server_two_accounts_accounts.sjs
server_two_accounts_idtoken.sjs
server_two_providers_accounts.sjs
server_two_providers_idtoken.sjs
server_accounts_error_accounts.sjs
server_accounts_error_idtoken.sjs
server_idtoken_error_accounts.sjs

48
dom/credentialmanagement/identity/tests/mochitest/server_two_providers_accounts.sjs
View File

@ -1,48 +0,0 @@
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/
*/
function handleRequest(request, response) {
if (
!request.hasHeader("Cookie") ||
request.getHeader("Cookie") != "credential=authcookieval"
) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
if (request.hasHeader("Origin") && request.getHeader("Origin") != "null") {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
if (request.hasHeader("Referer")) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Content-Type", "application/json");
let content = {
accounts: [
{
id: "1234",
given_name: "John",
name: "John Doe",
email: "john_doe@idp.example",
picture: "https://idp.example/profile/123",
approved_clients: ["123", "456", "789"],
},
{
id: "5678",
given_name: "Johnny",
name: "Johnny",
email: "johnny@idp.example",
picture: "https://idp.example/profile/456",
approved_clients: ["abc", "def", "ghi"],
},
],
};
let body = JSON.stringify(content);
response.setStatusLine(request.httpVersion, 200, "OK");
response.write(body);
}

59
dom/credentialmanagement/identity/tests/mochitest/server_two_providers_idtoken.sjs
View File

@ -1,59 +0,0 @@
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/
*/
const BinaryInputStream = Components.Constructor(
"@mozilla.org/binaryinputstream;1",
"nsIBinaryInputStream",
"setInputStream"
);
function readStream(inputStream) {
let available = 0;
let result = [];
while ((available = inputStream.available()) > 0) {
result.push(inputStream.readBytes(available));
}
return result.join("");
}
function handleRequest(request, response) {
if (request.method != "POST") {
response.setStatusLine(request.httpVersion, 405, "Method Not Allowed");
return;
}
if (
!request.hasHeader("Cookie") ||
request.getHeader("Cookie") != "credential=authcookieval"
) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
if (
!request.hasHeader("Referer") ||
request.getHeader("Referer") != "https://example.com/"
) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
if (
!request.hasHeader("Origin") ||
request.getHeader("Origin") != "https://example.com"
) {
response.setStatusLine(request.httpVersion, 400, "Bad Request");
return;
}
response.setHeader("Access-Control-Allow-Origin", "https://example.com");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Content-Type", "application/json");
let requestContent = readStream(
new BinaryInputStream(request.bodyInputStream)
);
let responseContent = {
token: requestContent,
};
let body = JSON.stringify(responseContent);
response.setStatusLine(request.httpVersion, 200, "OK");
response.write(body);
}

17
dom/credentialmanagement/identity/tests/mochitest/test_two_providers.html
View File

@ -27,18 +27,13 @@
});
}
).then((cred) => {
ok(true, "successfully got a credential");
is(cred.token,
"account_id=1234&client_id=mochitest&nonce=nonce&disclosure_text_shown=false",
"Correct token on the credential.");
is(cred.id,
"1234",
"Correct id on the credential");
is(cred.type,
"identity",
"Correct type on the credential");
// This is not the long-term planned behavior, but is the current
// state of the spec.
// See https://fedidcg.github.io/FedCM/#dom-identitycredential-discoverfromexternalsource-slot
// as of Sept 2022.
ok(false, "incorrectly got a credential");
}).catch((err) => {
ok(false, "must not have an error");
ok(true, "correctly got an error");
}).finally(() => {
SimpleTest.finish();
})

2
dom/ipc/WindowGlobalParent.cpp
View File

@ -1353,7 +1353,7 @@ IPCResult WindowGlobalParent::RecvDiscoverIdentityCredentialFromExternalSource(
const IdentityCredentialRequestOptions& aOptions,
const DiscoverIdentityCredentialFromExternalSourceResolver& aResolver) {
IdentityCredential::DiscoverFromExternalSourceInMainProcess(
DocumentPrincipal(), this->BrowsingContext(), aOptions)
DocumentPrincipal(), aOptions)
->Then(
GetCurrentSerialEventTarget(), __func__,
[aResolver](const IPCIdentityCredential& aResult) {

3
dom/webidl/IdentityCredential.webidl
View File

@ -18,7 +18,6 @@ dictionary IdentityCredentialRequestOptions {
sequence<IdentityProvider> providers;
};
[GenerateConversionToJS]
dictionary IdentityProvider {
required USVString configURL;
required USVString clientId;
@ -64,7 +63,7 @@ dictionary IdentityAccount {
};
// https://fedidcg.github.io/FedCM/#idp-api-accounts-endpoint
[GenerateInit, GenerateConversionToJS]
[GenerateInit]
dictionary IdentityAccountList {
sequence<IdentityAccount> accounts;
};

9
modules/libpref/init/StaticPrefList.yaml
View File

@ -3664,19 +3664,12 @@
value: false
mirror: always
# pref controls `identity` credentials timeout for testing
# pref controls `identity` credentials being exposed
- name: dom.security.credentialmanagement.identity.wait_for_timeout
type: bool
value: true
mirror: always
# pref controls `identity` credential UI for testing. When true, UI is not shown and
# the first option in the account and provider lists are chosen
- name: dom.security.credentialmanagement.identity.select_first_in_ui_lists
type: bool
value: false
mirror: always
# Whether or not selection events on text controls are enabled.
- name: dom.select_events.textcontrols.selectionchange.enabled
type: bool