mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 02:14:43 +00:00
Backed out 4 changesets (bug 1782088)for causing build bustages. CLOSED TREE
Backed out changeset a7423c6d52b7 (bug 1782088) Backed out changeset 50a3cc77e38b (bug 1782088) Backed out changeset 7dca17d480bb (bug 1782088) Backed out changeset f1e6e1226a8c (bug 1782088)
This commit is contained in:
parent
e7055d8d51
commit
1a4dfaa163
@ -73,7 +73,6 @@
|
||||
<link rel="localization" href="browser/protectionsPanel.ftl"/>
|
||||
<link rel="localization" href="browser/appmenu.ftl"/>
|
||||
<link rel="localization" href="browser/panelUI.ftl"/>
|
||||
<link rel="localization" href="preview/identityCredentialNotification.ftl"/>
|
||||
<link rel="localization" href="preview/interventions.ftl"/>
|
||||
<link rel="localization" href="browser/sidebarMenu.ftl"/>
|
||||
<link rel="localization" href="browser/allTabsMenu.ftl"/>
|
||||
|
@ -302,8 +302,6 @@
|
||||
data-l10n-id="urlbar-midi-notification-anchor"/>
|
||||
<image id="webauthn-notification-icon" class="notification-anchor-icon" role="button"
|
||||
data-l10n-id="urlbar-web-authn-anchor"/>
|
||||
<image id="identity-credential-notification-icon" class="notification-anchor-icon" role="button"
|
||||
data-l10n-id="urlbar-identity-credential-anchor"/>
|
||||
<image id="storage-access-notification-icon" class="notification-anchor-icon storage-access-icon" role="button"
|
||||
data-l10n-id="urlbar-storage-access-anchor"/>
|
||||
</box>
|
||||
|
@ -8,7 +8,7 @@
|
||||
noautofocus="true"
|
||||
role="alert"/>
|
||||
|
||||
<popupnotification id="webRTC-shareDevices-notification" hidden="true"
|
||||
<popupnotification id="webRTC-shareDevices-notification" hidden="true"
|
||||
descriptionid="webRTC-shareDevices-notification-description">
|
||||
<popupnotificationcontent id="webRTC-selectCamera" orient="vertical">
|
||||
<label id="webRTC-selectCamera-label"
|
||||
@ -167,26 +167,3 @@
|
||||
</vbox>
|
||||
</popupnotificationfooter>
|
||||
</popupnotification>
|
||||
|
||||
<popupnotification id="identity-credential-notification" hidden="true">
|
||||
<popupnotificationcontent id="identity-credential-provider" orient="vertical">
|
||||
<html:div id="identity-credential-provider-selector-container">
|
||||
</html:div>
|
||||
<description class="popup-notification-description" id="credential-provider-explanation" data-l10n-id="credential-description-provider-explanation"/>
|
||||
<html:template id="template-credential-provider-list-item">
|
||||
<toolbarbutton class="credential-provider-list-item subviewbutton-nav subviewbutton" align="center" wrap="true">
|
||||
<label flex="1" class="credential-provider-list-item-label"></label>
|
||||
</toolbarbutton>
|
||||
</html:template>
|
||||
</popupnotificationcontent>
|
||||
<popupnotificationcontent id="identity-credential-account" orient="vertical" hidden="true">
|
||||
<html:div id="identity-credential-account-selector-container">
|
||||
</html:div>
|
||||
<description class="popup-notification-description" id="credential-account-explanation"/>
|
||||
<html:template id="template-credential-account-list-item">
|
||||
<toolbarbutton class="credential-account-list-item subviewbutton-nav subviewbutton" align="center" wrap="true">
|
||||
<label flex="1" class="credential-account-list-item-label"></label>
|
||||
</toolbarbutton>
|
||||
</html:template>
|
||||
</popupnotificationcontent>
|
||||
</popupnotification>
|
||||
|
@ -1,266 +0,0 @@
|
||||
/**
|
||||
* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
*/
|
||||
|
||||
const { XPCOMUtils } = ChromeUtils.importESModule(
|
||||
"resource://gre/modules/XPCOMUtils.sys.mjs"
|
||||
);
|
||||
|
||||
const lazy = {};
|
||||
|
||||
XPCOMUtils.defineLazyServiceGetter(
|
||||
lazy,
|
||||
"IDNService",
|
||||
"@mozilla.org/network/idn-service;1",
|
||||
"nsIIDNService"
|
||||
);
|
||||
|
||||
XPCOMUtils.defineLazyPreferenceGetter(
|
||||
lazy,
|
||||
"SELECT_FIRST_IN_UI_LISTS",
|
||||
"dom.security.credentialmanagement.identity.select_first_in_ui_lists",
|
||||
false
|
||||
);
|
||||
|
||||
function fulfilledPromiseFromFirstListElement(list) {
|
||||
if (list.length) {
|
||||
return Promise.resolve(list[0]);
|
||||
}
|
||||
return Promise.reject();
|
||||
}
|
||||
|
||||
/**
|
||||
* Class implementing the nsIIdentityCredentialPromptService
|
||||
* */
|
||||
export class IdentityCredentialPromptService {
|
||||
classID = Components.ID("{936007db-a957-4f1d-a23d-f7d9403223e6}");
|
||||
QueryInterface = ChromeUtils.generateQI([
|
||||
"nsIIdentityCredentialPromptService",
|
||||
]);
|
||||
|
||||
/**
|
||||
* Ask the user, using a PopupNotification, to select an Identity Provider from a provided list.
|
||||
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
|
||||
* @param {IdentityProvider[]} identityProviders - The list of identity providers the user selects from
|
||||
* @returns {Promise<IdentityProvider>} The user-selected identity provider
|
||||
*/
|
||||
showProviderPrompt(browsingContext, identityProviders) {
|
||||
// For testing only.
|
||||
if (lazy.SELECT_FIRST_IN_UI_LISTS) {
|
||||
return fulfilledPromiseFromFirstListElement(identityProviders);
|
||||
}
|
||||
return new Promise(function(resolve, reject) {
|
||||
let browser = browsingContext.top.embedderElement;
|
||||
if (!browser) {
|
||||
reject();
|
||||
return;
|
||||
}
|
||||
|
||||
// Localize all strings to be used
|
||||
// Bug 1797154 - Convert localization calls to use the async formatValues.
|
||||
let localization = new Localization(
|
||||
["preview/identityCredentialNotification.ftl"],
|
||||
true
|
||||
);
|
||||
let headerMessage = localization.formatValueSync(
|
||||
"credential-header-providers",
|
||||
{
|
||||
host: "<>",
|
||||
}
|
||||
);
|
||||
let cancelLabel = localization.formatValueSync("credential-cancel-label");
|
||||
let cancelKey = localization.formatValueSync(
|
||||
"credential-cancel-accesskey"
|
||||
);
|
||||
|
||||
// Build the choices into the panel
|
||||
let listBox = browser.ownerDocument.getElementById(
|
||||
"identity-credential-provider-selector-container"
|
||||
);
|
||||
while (listBox.firstChild) {
|
||||
listBox.removeChild(listBox.lastChild);
|
||||
}
|
||||
let itemTemplate = browser.ownerDocument.getElementById(
|
||||
"template-credential-provider-list-item"
|
||||
);
|
||||
for (let providerIndex in identityProviders) {
|
||||
let provider = identityProviders[providerIndex];
|
||||
let providerURI = new URL(provider.configURL);
|
||||
let displayDomain = lazy.IDNService.convertToDisplayIDN(
|
||||
providerURI.host,
|
||||
{}
|
||||
);
|
||||
let newItem = itemTemplate.content.firstElementChild.cloneNode(true);
|
||||
newItem.firstElementChild.textContent = displayDomain;
|
||||
newItem.setAttribute("oncommand", `this.callback(event)`);
|
||||
newItem.callback = function(event) {
|
||||
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
|
||||
"identity-credential",
|
||||
browser
|
||||
);
|
||||
browser.ownerGlobal.PopupNotifications.remove(notification);
|
||||
resolve(provider);
|
||||
event.stopPropagation();
|
||||
};
|
||||
listBox.append(newItem);
|
||||
}
|
||||
|
||||
// Construct the necessary arguments for notification behavior
|
||||
let currentOrigin =
|
||||
browsingContext.currentWindowContext.documentPrincipal.originNoSuffix;
|
||||
let options = {
|
||||
name: currentOrigin,
|
||||
};
|
||||
let mainAction = {
|
||||
label: cancelLabel,
|
||||
accessKey: cancelKey,
|
||||
callback(event) {
|
||||
reject();
|
||||
},
|
||||
};
|
||||
|
||||
// Show the popup
|
||||
browser.ownerDocument.getElementById(
|
||||
"identity-credential-provider"
|
||||
).hidden = false;
|
||||
browser.ownerDocument.getElementById(
|
||||
"identity-credential-account"
|
||||
).hidden = true;
|
||||
browser.ownerGlobal.PopupNotifications.show(
|
||||
browser,
|
||||
"identity-credential",
|
||||
headerMessage,
|
||||
"identity-credential-notification-icon",
|
||||
mainAction,
|
||||
null,
|
||||
options
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Ask the user, using a PopupNotification, to select an account from a provided list.
|
||||
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
|
||||
* @param {IdentityAccountList} accountList - The list of accounts the user selects from
|
||||
* @returns {Promise<IdentityAccount>} The user-selected account
|
||||
*/
|
||||
showAccountListPrompt(browsingContext, accountList) {
|
||||
// For testing only.
|
||||
if (lazy.SELECT_FIRST_IN_UI_LISTS) {
|
||||
return fulfilledPromiseFromFirstListElement(accountList.accounts);
|
||||
}
|
||||
return new Promise(function(resolve, reject) {
|
||||
let browser = browsingContext.top.embedderElement;
|
||||
if (!browser) {
|
||||
reject();
|
||||
return;
|
||||
}
|
||||
let currentOrigin =
|
||||
browsingContext.currentWindowContext.documentPrincipal.originNoSuffix;
|
||||
|
||||
// Localize all strings to be used
|
||||
// Bug 1797154 - Convert localization calls to use the async formatValues.
|
||||
let localization = new Localization(
|
||||
["preview/identityCredentialNotification.ftl"],
|
||||
true
|
||||
);
|
||||
let headerMessage = localization.formatValueSync(
|
||||
"credential-header-accounts",
|
||||
{
|
||||
host: "<>",
|
||||
}
|
||||
);
|
||||
let descriptionMessage = localization.formatValueSync(
|
||||
"credential-description-account-explanation",
|
||||
{
|
||||
host: currentOrigin,
|
||||
}
|
||||
);
|
||||
let cancelLabel = localization.formatValueSync("credential-cancel-label");
|
||||
let cancelKey = localization.formatValueSync(
|
||||
"credential-cancel-accesskey"
|
||||
);
|
||||
|
||||
// Add the description text
|
||||
browser.ownerDocument.getElementById(
|
||||
"credential-account-explanation"
|
||||
).textContent = descriptionMessage;
|
||||
|
||||
// Build the choices into the panel
|
||||
let listBox = browser.ownerDocument.getElementById(
|
||||
"identity-credential-account-selector-container"
|
||||
);
|
||||
while (listBox.firstChild) {
|
||||
listBox.removeChild(listBox.lastChild);
|
||||
}
|
||||
let itemTemplate = browser.ownerDocument.getElementById(
|
||||
"template-credential-account-list-item"
|
||||
);
|
||||
for (let accountIndex in accountList.accounts) {
|
||||
let account = accountList.accounts[accountIndex];
|
||||
let newItem = itemTemplate.content.firstElementChild.cloneNode(true);
|
||||
newItem.firstElementChild.textContent = account.email;
|
||||
newItem.setAttribute("oncommand", "this.callback()");
|
||||
newItem.callback = function() {
|
||||
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
|
||||
"identity-credential",
|
||||
browser
|
||||
);
|
||||
browser.ownerGlobal.PopupNotifications.remove(notification);
|
||||
resolve(account);
|
||||
};
|
||||
listBox.append(newItem);
|
||||
}
|
||||
|
||||
// Construct the necessary arguments for notification behavior
|
||||
let options = {
|
||||
name: currentOrigin,
|
||||
};
|
||||
let mainAction = {
|
||||
label: cancelLabel,
|
||||
accessKey: cancelKey,
|
||||
callback(event) {
|
||||
reject();
|
||||
},
|
||||
};
|
||||
|
||||
// Show the popup
|
||||
browser.ownerDocument.getElementById(
|
||||
"identity-credential-provider"
|
||||
).hidden = true;
|
||||
browser.ownerDocument.getElementById(
|
||||
"identity-credential-account"
|
||||
).hidden = false;
|
||||
browser.ownerGlobal.PopupNotifications.show(
|
||||
browser,
|
||||
"identity-credential",
|
||||
headerMessage,
|
||||
"identity-credential-notification-icon",
|
||||
mainAction,
|
||||
null,
|
||||
options
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Close all UI from the other methods of this module for the provided window.
|
||||
* @param {BrowsingContext} browsingContext - The BrowsingContext of the document requesting an identity credential via navigator.credentials.get()
|
||||
* @returns
|
||||
*/
|
||||
close(browsingContext) {
|
||||
let browser = browsingContext.top.embedderElement;
|
||||
if (!browser) {
|
||||
return;
|
||||
}
|
||||
let notification = browser.ownerGlobal.PopupNotifications.getNotification(
|
||||
"identity-credential",
|
||||
browser
|
||||
);
|
||||
if (notification) {
|
||||
browser.ownerGlobal.PopupNotifications.remove(notification);
|
||||
}
|
||||
}
|
||||
}
|
@ -1,16 +0,0 @@
|
||||
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
|
||||
# vim: set filetype=python:
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
Classes = [
|
||||
{
|
||||
'cid': '{936007db-a957-4f1d-a23d-f7d9403223e6}',
|
||||
'contract_ids': ['@mozilla.org/browser/identitycredentialpromptservice;1'],
|
||||
'esModule': 'resource:///modules/IdentityCredentialPromptService.sys.mjs',
|
||||
'processes': ProcessSelector.MAIN_PROCESS_ONLY,
|
||||
'constructor': 'IdentityCredentialPromptService',
|
||||
'name': 'IdentityCredentialPromptService',
|
||||
},
|
||||
]
|
@ -1,16 +0,0 @@
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
## Credential panel
|
||||
## $host (String): the hostname of the site that is being displayed.
|
||||
|
||||
credential-header-providers = Sign in to { $host }.
|
||||
credential-header-accounts = Pick a { $host } account.
|
||||
# Identity providers are websites you use to log into another website, for example: Google when you Log in with Google.
|
||||
credential-description-provider-explanation = These are the identity providers that would like to help you log in.
|
||||
credential-description-account-explanation = Picking an account here shares that identity with { $host }.
|
||||
urlbar-identity-credential-anchor =
|
||||
.tooltiptext = Open federated login panel
|
||||
credential-cancel-label = Cancel
|
||||
credential-cancel-accesskey = C
|
@ -1,22 +0,0 @@
|
||||
# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
|
||||
# vim: set filetype=python:
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
|
||||
with Files("**"):
|
||||
BUG_COMPONENT = ("Core", "DOM: Credential Management")
|
||||
|
||||
XPIDL_SOURCES += [
|
||||
"nsIIdentityCredentialPromptService.idl",
|
||||
]
|
||||
|
||||
XPIDL_MODULE = "identity-credential-prompt"
|
||||
|
||||
EXTRA_JS_MODULES += [
|
||||
"IdentityCredentialPromptService.sys.mjs",
|
||||
]
|
||||
|
||||
XPCOM_MANIFESTS += [
|
||||
"components.conf",
|
||||
]
|
@ -1,19 +0,0 @@
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "nsISupports.idl"
|
||||
|
||||
webidl BrowsingContext;
|
||||
|
||||
[scriptable, uuid(936007db-a957-4f1d-a23d-f7d9403223e6)]
|
||||
interface nsIIdentityCredentialPromptService : nsISupports {
|
||||
// Display to the user an interface to choose from among the identity providers listed
|
||||
// Resolves with one of the elements of the list.
|
||||
Promise showProviderPrompt(in BrowsingContext browsingContext, in jsval identityProviders);
|
||||
// Display to the user an interface to choose from among the accounts listed.
|
||||
// Resolves with one of the elements of the list.
|
||||
Promise showAccountListPrompt(in BrowsingContext browsingContext, in jsval accountList);
|
||||
// Close all UI from the other methods of this module
|
||||
void close(in BrowsingContext browsingContext);
|
||||
};
|
@ -32,7 +32,6 @@ DIRS += [
|
||||
"attribution",
|
||||
"colorways",
|
||||
"contextualidentity",
|
||||
"credentialmanager",
|
||||
"customizableui",
|
||||
"doh",
|
||||
"downloads",
|
||||
|
@ -14,7 +14,6 @@
|
||||
preview/firefoxSuggest.ftl (../components/urlbar/content/firefoxSuggest.ftl)
|
||||
preview/originControls.ftl (../components/extensions/originControls.ftl)
|
||||
preview/unifiedExtensions.ftl (../components/extensions/unifiedExtensions.ftl)
|
||||
preview/identityCredentialNotification.ftl (../components/credentialmanager/identityCredentialNotification.ftl)
|
||||
browser (%browser/**/*.ftl)
|
||||
|
||||
@AB_CD@.jar:
|
||||
|
@ -12,7 +12,6 @@
|
||||
@import url("chrome://browser/skin/identity-block/identity-block.css");
|
||||
@import url("chrome://browser/skin/notification-icons.css");
|
||||
@import url("chrome://browser/skin/addon-notification.css");
|
||||
@import url("chrome://browser/skin/identity-credential-notification.css");
|
||||
@import url("chrome://browser/skin/urlbarView.css");
|
||||
@import url("chrome://browser/skin/translation/infobar.css");
|
||||
@import url("chrome://browser/skin/autocomplete.css");
|
||||
|
@ -1078,7 +1078,6 @@ panelview .toolbarbutton-1,
|
||||
|
||||
#protections-popup-mainView .subviewbutton-nav:not(.notFound)::after,
|
||||
#identity-popup-mainView .subviewbutton-nav::after,
|
||||
#identity-credential-notification .subviewbutton-nav::after,
|
||||
.widget-overflow-list .subviewbutton-nav::after,
|
||||
.PanelUI-subView .subviewbutton-nav::after {
|
||||
-moz-context-properties: fill, fill-opacity;
|
||||
@ -1090,7 +1089,6 @@ panelview .toolbarbutton-1,
|
||||
|
||||
#protections-popup-mainView .subviewbutton-nav:not(.notFound):-moz-locale-dir(rtl)::after,
|
||||
#identity-popup-mainView .subviewbutton-nav:-moz-locale-dir(rtl)::after,
|
||||
#identity-credential-notification .subviewbutton-nav:-moz-locale-dir(rtl)::after,
|
||||
.widget-overflow-list .subviewbutton-nav:-moz-locale-dir(rtl)::after,
|
||||
.PanelUI-subView .subviewbutton-nav:-moz-locale-dir(rtl)::after {
|
||||
content: url(chrome://global/skin/icons/arrow-left.svg);
|
||||
|
@ -1,13 +0,0 @@
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#identity-credential-notification .subviewbutton {
|
||||
width: 100%;
|
||||
margin-inline: 0;
|
||||
}
|
||||
|
||||
#credential-provider-explanation,
|
||||
#credential-account-explanation {
|
||||
margin-top: 1em;
|
||||
}
|
@ -17,7 +17,6 @@
|
||||
skin/classic/browser/blockedSite.css (../shared/blockedSite.css)
|
||||
skin/classic/browser/browser-shared.css (../shared/browser-shared.css)
|
||||
skin/classic/browser/ctrlTab.css (../shared/ctrlTab.css)
|
||||
skin/classic/browser/identity-credential-notification.css (../shared/identity-credential-notification.css)
|
||||
skin/classic/browser/light-dark-overrides.css (../shared/light-dark-overrides.css)
|
||||
skin/classic/browser/menupanel.css (../shared/menupanel.css)
|
||||
skin/classic/browser/notification-icons.css (../shared/notification-icons.css)
|
||||
|
@ -198,10 +198,6 @@
|
||||
list-style-image: url(chrome://browser/skin/fingerprint.svg);
|
||||
}
|
||||
|
||||
#identity-credential-notification-icon {
|
||||
list-style-image: url(chrome://browser/skin/fingerprint.svg);
|
||||
}
|
||||
|
||||
#permission-popup-menulist {
|
||||
margin-inline-end: 0;
|
||||
}
|
||||
|
@ -11,11 +11,9 @@
|
||||
#include "mozilla/dom/IdentityNetworkHelpers.h"
|
||||
#include "mozilla/dom/Request.h"
|
||||
#include "mozilla/dom/WindowGlobalChild.h"
|
||||
#include "mozilla/Components.h"
|
||||
#include "mozilla/ExpandedPrincipal.h"
|
||||
#include "mozilla/NullPrincipal.h"
|
||||
#include "nsEffectiveTLDService.h"
|
||||
#include "nsIIdentityCredentialPromptService.h"
|
||||
#include "nsITimer.h"
|
||||
#include "nsIXPConnect.h"
|
||||
#include "nsNetUtil.h"
|
||||
@ -138,48 +136,31 @@ IdentityCredential::DiscoverFromExternalSource(
|
||||
// static
|
||||
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
|
||||
IdentityCredential::DiscoverFromExternalSourceInMainProcess(
|
||||
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
|
||||
nsIPrincipal* aPrincipal,
|
||||
const IdentityCredentialRequestOptions& aOptions) {
|
||||
MOZ_ASSERT(XRE_IsParentProcess());
|
||||
MOZ_ASSERT(aPrincipal);
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
|
||||
// Make sure we have providers.
|
||||
// Make sure we have exactly one provider.
|
||||
if (!aOptions.mProviders.WasPassed() ||
|
||||
aOptions.mProviders.Value().Length() < 1) {
|
||||
aOptions.mProviders.Value().Length() != 1) {
|
||||
return IdentityCredential::GetIPCIdentityCredentialPromise::CreateAndReject(
|
||||
NS_ERROR_DOM_NOT_ALLOWED_ERR, __func__);
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal(aPrincipal);
|
||||
RefPtr<CanonicalBrowsingContext> browsingContext(aBrowsingContext);
|
||||
// Get that provider
|
||||
IdentityProvider provider(aOptions.mProviders.Value()[0]);
|
||||
|
||||
// Have the user choose a provider.
|
||||
return PromptUserToSelectProvider(aBrowsingContext,
|
||||
aOptions.mProviders.Value())
|
||||
->Then(
|
||||
GetCurrentSerialEventTarget(), __func__,
|
||||
[principal, browsingContext](const IdentityProvider& provider) {
|
||||
return IdentityCredential::CreateCredential(
|
||||
principal, browsingContext, provider);
|
||||
},
|
||||
[](nsresult error) {
|
||||
return IdentityCredential::GetIPCIdentityCredentialPromise::
|
||||
CreateAndReject(error, __func__);
|
||||
});
|
||||
return IdentityCredential::CreateCredential(aPrincipal, provider);
|
||||
}
|
||||
|
||||
// static
|
||||
RefPtr<IdentityCredential::GetIPCIdentityCredentialPromise>
|
||||
IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
|
||||
BrowsingContext* aBrowsingContext,
|
||||
const IdentityProvider& aProvider) {
|
||||
MOZ_ASSERT(XRE_IsParentProcess());
|
||||
MOZ_ASSERT(aPrincipal);
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> argumentPrincipal = aPrincipal;
|
||||
RefPtr<BrowsingContext> browsingContext(aBrowsingContext);
|
||||
|
||||
return IdentityCredential::CheckRootManifest(aPrincipal, aProvider)
|
||||
->Then(
|
||||
@ -209,34 +190,21 @@ IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
|
||||
})
|
||||
->Then(
|
||||
GetCurrentSerialEventTarget(), __func__,
|
||||
[argumentPrincipal, browsingContext, aProvider](
|
||||
[argumentPrincipal, aProvider](
|
||||
const Tuple<IdentityInternalManifest, IdentityAccountList>&
|
||||
promiseResult) {
|
||||
IdentityInternalManifest currentManifest;
|
||||
IdentityAccountList accountList;
|
||||
Tie(currentManifest, accountList) = promiseResult;
|
||||
// Bug 1782088: We currently just use the first account
|
||||
if (!accountList.mAccounts.WasPassed() ||
|
||||
accountList.mAccounts.Value().Length() == 0) {
|
||||
return IdentityCredential::GetAccountPromise::CreateAndReject(
|
||||
return IdentityCredential::GetTokenPromise::CreateAndReject(
|
||||
NS_ERROR_FAILURE, __func__);
|
||||
}
|
||||
return PromptUserToSelectAccount(browsingContext, accountList,
|
||||
currentManifest);
|
||||
},
|
||||
[](nsresult error) {
|
||||
return IdentityCredential::GetAccountPromise::CreateAndReject(
|
||||
error, __func__);
|
||||
})
|
||||
->Then(
|
||||
GetCurrentSerialEventTarget(), __func__,
|
||||
[argumentPrincipal,
|
||||
aProvider](const Tuple<IdentityInternalManifest, IdentityAccount>&
|
||||
promiseResult) {
|
||||
IdentityInternalManifest currentManifest;
|
||||
IdentityAccount account;
|
||||
Tie(currentManifest, account) = promiseResult;
|
||||
return IdentityCredential::FetchToken(argumentPrincipal, aProvider,
|
||||
currentManifest, account);
|
||||
return IdentityCredential::FetchToken(
|
||||
argumentPrincipal, aProvider, currentManifest,
|
||||
accountList.mAccounts.Value()[0]);
|
||||
},
|
||||
[](nsresult error) {
|
||||
return IdentityCredential::GetTokenPromise::CreateAndReject(
|
||||
@ -256,8 +224,7 @@ IdentityCredential::CreateCredential(nsIPrincipal* aPrincipal,
|
||||
return IdentityCredential::GetIPCIdentityCredentialPromise::
|
||||
CreateAndResolve(credential, __func__);
|
||||
},
|
||||
[browsingContext](nsresult error) {
|
||||
CloseUserInterface(browsingContext);
|
||||
[](nsresult error) {
|
||||
return IdentityCredential::GetIPCIdentityCredentialPromise::
|
||||
CreateAndReject(error, __func__);
|
||||
});
|
||||
@ -404,8 +371,8 @@ IdentityCredential::FetchAccountList(
|
||||
// Build the principal to use for this connection
|
||||
// This is an expanded principal! It has the cookies of the IDP because it
|
||||
// subsumes the constituent principals. It also has no serializable origin,
|
||||
// so it won't send an Origin header even though this is a CORS mode
|
||||
// request. It accomplishes this without being a SystemPrincipal too.
|
||||
// so it won't send an Origin header even though this is a CORS mode request.
|
||||
// It accomplishes this without being a SystemPrincipal too.
|
||||
nsCOMPtr<nsIURI> idpURI;
|
||||
nsresult rv = NS_NewURI(getter_AddRefs(idpURI), configLocation);
|
||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||
@ -550,128 +517,4 @@ RefPtr<IdentityCredential::GetTokenPromise> IdentityCredential::FetchToken(
|
||||
});
|
||||
}
|
||||
|
||||
// static
|
||||
RefPtr<IdentityCredential::GetIdentityProviderPromise>
|
||||
IdentityCredential::PromptUserToSelectProvider(
|
||||
BrowsingContext* aBrowsingContext,
|
||||
const Sequence<IdentityProvider>& aProviders) {
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
RefPtr<IdentityCredential::GetIdentityProviderPromise::Private>
|
||||
resultPromise =
|
||||
new IdentityCredential::GetIdentityProviderPromise::Private(__func__);
|
||||
|
||||
if (NS_WARN_IF(!aBrowsingContext)) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
nsresult error;
|
||||
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
|
||||
mozilla::components::IdentityCredentialPromptService::Service(&error);
|
||||
if (NS_WARN_IF(!icPromptService)) {
|
||||
resultPromise->Reject(error, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
|
||||
AutoJSAPI jsapi;
|
||||
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
JS::Rooted<JS::Value> providersJS(jsapi.cx());
|
||||
bool success = ToJSValue(jsapi.cx(), aProviders, &providersJS);
|
||||
if (NS_WARN_IF(!success)) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
RefPtr<Promise> showPromptPromise;
|
||||
icPromptService->ShowProviderPrompt(aBrowsingContext, providersJS,
|
||||
getter_AddRefs(showPromptPromise));
|
||||
|
||||
RefPtr<DomPromiseListener> listener = new DomPromiseListener(
|
||||
[resultPromise](JSContext* aCx, JS::Handle<JS::Value> aValue) {
|
||||
IdentityProvider result;
|
||||
bool success = result.Init(aCx, aValue);
|
||||
if (!success) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return;
|
||||
}
|
||||
resultPromise->Resolve(result, __func__);
|
||||
},
|
||||
[resultPromise](nsresult aRv) { resultPromise->Reject(aRv, __func__); });
|
||||
showPromptPromise->AppendNativeHandler(listener);
|
||||
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
// static
|
||||
RefPtr<IdentityCredential::GetAccountPromise>
|
||||
IdentityCredential::PromptUserToSelectAccount(
|
||||
BrowsingContext* aBrowsingContext, const IdentityAccountList& aAccounts,
|
||||
const IdentityInternalManifest& aManifest) {
|
||||
MOZ_ASSERT(aBrowsingContext);
|
||||
RefPtr<IdentityCredential::GetAccountPromise::Private> resultPromise =
|
||||
new IdentityCredential::GetAccountPromise::Private(__func__);
|
||||
|
||||
if (NS_WARN_IF(!aBrowsingContext)) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
nsresult error;
|
||||
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
|
||||
mozilla::components::IdentityCredentialPromptService::Service(&error);
|
||||
if (NS_WARN_IF(!icPromptService)) {
|
||||
resultPromise->Reject(error, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIXPConnectWrappedJS> wrapped = do_QueryInterface(icPromptService);
|
||||
AutoJSAPI jsapi;
|
||||
if (NS_WARN_IF(!jsapi.Init(wrapped->GetJSObjectGlobal()))) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
JS::Rooted<JS::Value> accountsJS(jsapi.cx());
|
||||
bool success = ToJSValue(jsapi.cx(), aAccounts, &accountsJS);
|
||||
if (NS_WARN_IF(!success)) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
RefPtr<Promise> showPromptPromise;
|
||||
icPromptService->ShowAccountListPrompt(aBrowsingContext, accountsJS,
|
||||
getter_AddRefs(showPromptPromise));
|
||||
|
||||
RefPtr<DomPromiseListener> listener = new DomPromiseListener(
|
||||
[resultPromise, aManifest](JSContext* aCx, JS::Handle<JS::Value> aValue) {
|
||||
IdentityAccount result;
|
||||
bool success = result.Init(aCx, aValue);
|
||||
if (!success) {
|
||||
resultPromise->Reject(NS_ERROR_FAILURE, __func__);
|
||||
return;
|
||||
}
|
||||
resultPromise->Resolve(MakeTuple(aManifest, result), __func__);
|
||||
},
|
||||
[resultPromise](nsresult aRv) { resultPromise->Reject(aRv, __func__); });
|
||||
showPromptPromise->AppendNativeHandler(listener);
|
||||
|
||||
return resultPromise;
|
||||
}
|
||||
|
||||
// static
|
||||
void IdentityCredential::CloseUserInterface(BrowsingContext* aBrowsingContext) {
|
||||
nsresult error;
|
||||
nsCOMPtr<nsIIdentityCredentialPromptService> icPromptService =
|
||||
mozilla::components::IdentityCredentialPromptService::Service(&error);
|
||||
if (NS_WARN_IF(!icPromptService)) {
|
||||
return;
|
||||
}
|
||||
icPromptService->Close(aBrowsingContext);
|
||||
}
|
||||
|
||||
} // namespace mozilla::dom
|
||||
|
@ -7,7 +7,6 @@
|
||||
#ifndef mozilla_dom_IdentityCredential_h
|
||||
#define mozilla_dom_IdentityCredential_h
|
||||
|
||||
#include "mozilla/dom/CanonicalBrowsingContext.h"
|
||||
#include "mozilla/dom/Credential.h"
|
||||
#include "mozilla/dom/IPCIdentityCredential.h"
|
||||
#include "mozilla/MozPromise.h"
|
||||
@ -21,8 +20,6 @@ class IdentityCredential final : public Credential {
|
||||
GetIdentityCredentialPromise;
|
||||
typedef MozPromise<IPCIdentityCredential, nsresult, true>
|
||||
GetIPCIdentityCredentialPromise;
|
||||
typedef MozPromise<IdentityProvider, nsresult, true>
|
||||
GetIdentityProviderPromise;
|
||||
typedef MozPromise<bool, nsresult, true> ValidationPromise;
|
||||
typedef MozPromise<IdentityInternalManifest, nsresult, true>
|
||||
GetManifestPromise;
|
||||
@ -31,9 +28,6 @@ class IdentityCredential final : public Credential {
|
||||
GetAccountListPromise;
|
||||
typedef MozPromise<Tuple<IdentityToken, IdentityAccount>, nsresult, true>
|
||||
GetTokenPromise;
|
||||
typedef MozPromise<Tuple<IdentityInternalManifest, IdentityAccount>, nsresult,
|
||||
true>
|
||||
GetAccountPromise;
|
||||
|
||||
explicit IdentityCredential(nsPIDOMWindowInner* aParent);
|
||||
|
||||
@ -57,7 +51,7 @@ class IdentityCredential final : public Credential {
|
||||
|
||||
static RefPtr<GetIPCIdentityCredentialPromise>
|
||||
DiscoverFromExternalSourceInMainProcess(
|
||||
nsIPrincipal* aPrincipal, CanonicalBrowsingContext* aBrowsingContext,
|
||||
nsIPrincipal* aPrincipal,
|
||||
const IdentityCredentialRequestOptions& aOptions);
|
||||
|
||||
// Create an IPC credential that can be passed back to the content process.
|
||||
@ -75,8 +69,7 @@ class IdentityCredential final : public Credential {
|
||||
// Will send network requests to the IDP. The details of which are in the
|
||||
// other static methods here.
|
||||
static RefPtr<GetIPCIdentityCredentialPromise> CreateCredential(
|
||||
nsIPrincipal* aPrincipal, BrowsingContext* aBrowsingContext,
|
||||
const IdentityProvider& aProvider);
|
||||
nsIPrincipal* aPrincipal, const IdentityProvider& aProvider);
|
||||
|
||||
// Performs a Fetch for the root manifest of the provided identity provider
|
||||
// and validates it as correct. The returned promise resolves with a bool
|
||||
@ -154,16 +147,6 @@ class IdentityCredential final : public Credential {
|
||||
const IdentityInternalManifest& aManifest,
|
||||
const IdentityAccount& aAccount);
|
||||
|
||||
static RefPtr<GetIdentityProviderPromise> PromptUserToSelectProvider(
|
||||
BrowsingContext* aBrowsingContext,
|
||||
const Sequence<IdentityProvider>& aProviders);
|
||||
|
||||
static RefPtr<GetAccountPromise> PromptUserToSelectAccount(
|
||||
BrowsingContext* aBrowsingContext, const IdentityAccountList& aAccounts,
|
||||
const IdentityInternalManifest& aManifest);
|
||||
|
||||
static void CloseUserInterface(BrowsingContext* aBrowsingContext);
|
||||
|
||||
private:
|
||||
nsAutoString mToken;
|
||||
};
|
||||
|
@ -2,7 +2,6 @@
|
||||
prefs =
|
||||
dom.security.credentialmanagement.identity.enabled=true
|
||||
dom.security.credentialmanagement.identity.wait_for_timeout=false
|
||||
dom.security.credentialmanagement.identity.select_first_in_ui_lists=true
|
||||
privacy.antitracking.enableWebcompat=false # disables opener heuristic
|
||||
scheme = https
|
||||
skip-if = xorigin
|
||||
@ -21,8 +20,6 @@ support-files =
|
||||
server_no_accounts_idtoken.sjs
|
||||
server_two_accounts_accounts.sjs
|
||||
server_two_accounts_idtoken.sjs
|
||||
server_two_providers_accounts.sjs
|
||||
server_two_providers_idtoken.sjs
|
||||
server_accounts_error_accounts.sjs
|
||||
server_accounts_error_idtoken.sjs
|
||||
server_idtoken_error_accounts.sjs
|
||||
|
@ -1,48 +0,0 @@
|
||||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
function handleRequest(request, response) {
|
||||
if (
|
||||
!request.hasHeader("Cookie") ||
|
||||
request.getHeader("Cookie") != "credential=authcookieval"
|
||||
) {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
if (request.hasHeader("Origin") && request.getHeader("Origin") != "null") {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
if (request.hasHeader("Referer")) {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
|
||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
response.setHeader("Content-Type", "application/json");
|
||||
let content = {
|
||||
accounts: [
|
||||
{
|
||||
id: "1234",
|
||||
given_name: "John",
|
||||
name: "John Doe",
|
||||
email: "john_doe@idp.example",
|
||||
picture: "https://idp.example/profile/123",
|
||||
approved_clients: ["123", "456", "789"],
|
||||
},
|
||||
{
|
||||
id: "5678",
|
||||
given_name: "Johnny",
|
||||
name: "Johnny",
|
||||
email: "johnny@idp.example",
|
||||
picture: "https://idp.example/profile/456",
|
||||
approved_clients: ["abc", "def", "ghi"],
|
||||
},
|
||||
],
|
||||
};
|
||||
let body = JSON.stringify(content);
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.write(body);
|
||||
}
|
@ -1,59 +0,0 @@
|
||||
/* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
|
||||
const BinaryInputStream = Components.Constructor(
|
||||
"@mozilla.org/binaryinputstream;1",
|
||||
"nsIBinaryInputStream",
|
||||
"setInputStream"
|
||||
);
|
||||
|
||||
function readStream(inputStream) {
|
||||
let available = 0;
|
||||
let result = [];
|
||||
while ((available = inputStream.available()) > 0) {
|
||||
result.push(inputStream.readBytes(available));
|
||||
}
|
||||
return result.join("");
|
||||
}
|
||||
|
||||
function handleRequest(request, response) {
|
||||
if (request.method != "POST") {
|
||||
response.setStatusLine(request.httpVersion, 405, "Method Not Allowed");
|
||||
return;
|
||||
}
|
||||
if (
|
||||
!request.hasHeader("Cookie") ||
|
||||
request.getHeader("Cookie") != "credential=authcookieval"
|
||||
) {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
if (
|
||||
!request.hasHeader("Referer") ||
|
||||
request.getHeader("Referer") != "https://example.com/"
|
||||
) {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
if (
|
||||
!request.hasHeader("Origin") ||
|
||||
request.getHeader("Origin") != "https://example.com"
|
||||
) {
|
||||
response.setStatusLine(request.httpVersion, 400, "Bad Request");
|
||||
return;
|
||||
}
|
||||
|
||||
response.setHeader("Access-Control-Allow-Origin", "https://example.com");
|
||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
response.setHeader("Content-Type", "application/json");
|
||||
let requestContent = readStream(
|
||||
new BinaryInputStream(request.bodyInputStream)
|
||||
);
|
||||
let responseContent = {
|
||||
token: requestContent,
|
||||
};
|
||||
let body = JSON.stringify(responseContent);
|
||||
response.setStatusLine(request.httpVersion, 200, "OK");
|
||||
response.write(body);
|
||||
}
|
@ -27,18 +27,13 @@
|
||||
});
|
||||
}
|
||||
).then((cred) => {
|
||||
ok(true, "successfully got a credential");
|
||||
is(cred.token,
|
||||
"account_id=1234&client_id=mochitest&nonce=nonce&disclosure_text_shown=false",
|
||||
"Correct token on the credential.");
|
||||
is(cred.id,
|
||||
"1234",
|
||||
"Correct id on the credential");
|
||||
is(cred.type,
|
||||
"identity",
|
||||
"Correct type on the credential");
|
||||
// This is not the long-term planned behavior, but is the current
|
||||
// state of the spec.
|
||||
// See https://fedidcg.github.io/FedCM/#dom-identitycredential-discoverfromexternalsource-slot
|
||||
// as of Sept 2022.
|
||||
ok(false, "incorrectly got a credential");
|
||||
}).catch((err) => {
|
||||
ok(false, "must not have an error");
|
||||
ok(true, "correctly got an error");
|
||||
}).finally(() => {
|
||||
SimpleTest.finish();
|
||||
})
|
||||
|
@ -1353,7 +1353,7 @@ IPCResult WindowGlobalParent::RecvDiscoverIdentityCredentialFromExternalSource(
|
||||
const IdentityCredentialRequestOptions& aOptions,
|
||||
const DiscoverIdentityCredentialFromExternalSourceResolver& aResolver) {
|
||||
IdentityCredential::DiscoverFromExternalSourceInMainProcess(
|
||||
DocumentPrincipal(), this->BrowsingContext(), aOptions)
|
||||
DocumentPrincipal(), aOptions)
|
||||
->Then(
|
||||
GetCurrentSerialEventTarget(), __func__,
|
||||
[aResolver](const IPCIdentityCredential& aResult) {
|
||||
|
@ -18,7 +18,6 @@ dictionary IdentityCredentialRequestOptions {
|
||||
sequence<IdentityProvider> providers;
|
||||
};
|
||||
|
||||
[GenerateConversionToJS]
|
||||
dictionary IdentityProvider {
|
||||
required USVString configURL;
|
||||
required USVString clientId;
|
||||
@ -64,7 +63,7 @@ dictionary IdentityAccount {
|
||||
};
|
||||
|
||||
// https://fedidcg.github.io/FedCM/#idp-api-accounts-endpoint
|
||||
[GenerateInit, GenerateConversionToJS]
|
||||
[GenerateInit]
|
||||
dictionary IdentityAccountList {
|
||||
sequence<IdentityAccount> accounts;
|
||||
};
|
||||
|
@ -3664,19 +3664,12 @@
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
# pref controls `identity` credentials timeout for testing
|
||||
# pref controls `identity` credentials being exposed
|
||||
- name: dom.security.credentialmanagement.identity.wait_for_timeout
|
||||
type: bool
|
||||
value: true
|
||||
mirror: always
|
||||
|
||||
# pref controls `identity` credential UI for testing. When true, UI is not shown and
|
||||
# the first option in the account and provider lists are chosen
|
||||
- name: dom.security.credentialmanagement.identity.select_first_in_ui_lists
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
# Whether or not selection events on text controls are enabled.
|
||||
- name: dom.select_events.textcontrols.selectionchange.enabled
|
||||
type: bool
|
||||
|
Loading…
Reference in New Issue
Block a user