mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
gecko-dev/dom/webauthn/WebAuthnManager.h

138 строки
4.4 KiB
C
Исходник Обычный вид История

Bug 1412125, part 2 - Fix dom/ mode lines. r=qdot This was automatically generated by the script modeline.py. MozReview-Commit-ID: BgulzkGteAL --HG-- extra : rebase_source : a4b9d16a4c06c4e85d7d85f485221b1e4ebdfede
2017-10-27 01:08:41 +03:00
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_dom_WebAuthnManager_h
#define mozilla_dom_WebAuthnManager_h
#include "mozilla/MozPromise.h"
#include "mozilla/dom/PWebAuthnTransaction.h"
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
#include "mozilla/dom/WebAuthnManagerBase.h"
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
/*
* Content process manager for the WebAuthn protocol. Created on calls to the
* WebAuthentication DOM object, this manager handles establishing IPC channels
* for WebAuthn transactions, as well as keeping track of JS Promise objects
* representing transactions in flight.
*
* The WebAuthn spec (https://www.w3.org/TR/webauthn/) allows for two different
* types of transactions: registration and signing. When either of these is
* requested via the DOM API, the following steps are executed in the
* WebAuthnManager:
*
* - Validation of the request. Return a failed promise to js if request does
* not have correct parameters.
*
* - If request is valid, open a new IPC channel for running the transaction. If
* another transaction is already running in this content process, cancel it.
* Return a pending promise to js.
*
* - Send transaction information to parent process (by running the Start*
* functions of WebAuthnManager). Assuming another transaction is currently in
* flight in another content process, parent will handle canceling it.
*
* - On return of successful transaction information from parent process, turn
* information into DOM object format required by spec, and resolve promise
* (by running the Finish* functions of WebAuthnManager). On cancellation
* request from parent, reject promise with corresponding error code. Either
* outcome will also close the IPC channel.
*
*/
namespace mozilla {
namespace dom {
Bug 1409434 - Rework WebAuthnManager state machine r=jcj Summary: This patch aims to clean up the WebAuthnManager's state machine, especially to make cancellation of transactions clearer. To fix bug 1403818, we'll have to later introduce a unique id that is forwarded to the U2FTokenManager. There are multiple stages of cancellation/cleanup after a transaction was started. All of the places where we previously called Cancel() or MaybeClearTransaction() are listed below: [stage 1] ClearTransaction This is the most basic stage, we only clean up what information we have about the current transaction. This means that the request was completed successfully. It is used at the end of FinishMakeCredential() and FinishGetAssertion(). [stage 2] RejectTransaction The second stage will reject the transaction promise we returned to the caller. Then it will call ClearTransaction, i.e. stage 1. It is used when one of the two Finish*() functions aborts before completion, or when the parent process sends a RequestAborted message. [stage 2b] MaybeRejectTransaction This is the same as stage 2, but will only run if there's an active transaction. It is used by ~WebAuthnManager() to reject and clean up when we the manager goes away. [stage 3] CancelTransaction The third stage sends a "Cancel" message to the parent process before rejecting the transaction promise (stage 2) and cleaning up (stage 1). It's used by HandleEvent(), i.e. the document becomes inactive. [stage 3b] MaybeCancelTransaction This is the same as stage 3, but will only run if there's an active transaction. it is used at the top of MakeCredential() and GetAssertion() so that any active transaction is cancelled before we handle a new request. Reviewers: jcj Reviewed By: jcj Bug #: 1409434 Differential Revision: https://phabricator.services.mozilla.com/D132
2017-10-18 16:04:56 +03:00
class WebAuthnTransaction
{
public:
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
WebAuthnTransaction(const RefPtr<Promise>& aPromise,
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
AbortSignal* aSignal)
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
: mPromise(aPromise)
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
, mSignal(aSignal)
Bug 1403818 - Fix WebAuthn IPC crashes by keeping the child actor alive until process shutdown r=jcj Summary: We currently call ChildActor.send__delete() when clearing an active transaction and thereby destroy the child actor. If that happens, e.g. due to a tab switch, while a message is in the IPC buffer waiting to be delivered, we crash. This patch creates the child actor lazily as before, but keeps it around until the WebAuthnManager goes away, which will be at process shutdown. Each transaction now has a unique id, that the parent process will include in any of the ConfirmRegister, ConfirmSign, or Abort messages. That way we can easily ignore stale messages that were in the buffer while we started a new transaction or cancelled the current one. Reviewers: jcj Reviewed By: jcj Bug #: 1403818 Differential Revision: https://phabricator.services.mozilla.com/D149
2017-10-25 16:59:53 +03:00
, mId(NextId())
{
MOZ_ASSERT(mId > 0);
}
Bug 1409434 - Rework WebAuthnManager state machine r=jcj Summary: This patch aims to clean up the WebAuthnManager's state machine, especially to make cancellation of transactions clearer. To fix bug 1403818, we'll have to later introduce a unique id that is forwarded to the U2FTokenManager. There are multiple stages of cancellation/cleanup after a transaction was started. All of the places where we previously called Cancel() or MaybeClearTransaction() are listed below: [stage 1] ClearTransaction This is the most basic stage, we only clean up what information we have about the current transaction. This means that the request was completed successfully. It is used at the end of FinishMakeCredential() and FinishGetAssertion(). [stage 2] RejectTransaction The second stage will reject the transaction promise we returned to the caller. Then it will call ClearTransaction, i.e. stage 1. It is used when one of the two Finish*() functions aborts before completion, or when the parent process sends a RequestAborted message. [stage 2b] MaybeRejectTransaction This is the same as stage 2, but will only run if there's an active transaction. It is used by ~WebAuthnManager() to reject and clean up when we the manager goes away. [stage 3] CancelTransaction The third stage sends a "Cancel" message to the parent process before rejecting the transaction promise (stage 2) and cleaning up (stage 1). It's used by HandleEvent(), i.e. the document becomes inactive. [stage 3b] MaybeCancelTransaction This is the same as stage 3, but will only run if there's an active transaction. it is used at the top of MakeCredential() and GetAssertion() so that any active transaction is cancelled before we handle a new request. Reviewers: jcj Reviewed By: jcj Bug #: 1409434 Differential Revision: https://phabricator.services.mozilla.com/D132
2017-10-18 16:04:56 +03:00
// JS Promise representing the transaction status.
RefPtr<Promise> mPromise;
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
// An optional AbortSignal instance.
RefPtr<AbortSignal> mSignal;
Bug 1403818 - Fix WebAuthn IPC crashes by keeping the child actor alive until process shutdown r=jcj Summary: We currently call ChildActor.send__delete() when clearing an active transaction and thereby destroy the child actor. If that happens, e.g. due to a tab switch, while a message is in the IPC buffer waiting to be delivered, we crash. This patch creates the child actor lazily as before, but keeps it around until the WebAuthnManager goes away, which will be at process shutdown. Each transaction now has a unique id, that the parent process will include in any of the ConfirmRegister, ConfirmSign, or Abort messages. That way we can easily ignore stale messages that were in the buffer while we started a new transaction or cancelled the current one. Reviewers: jcj Reviewed By: jcj Bug #: 1403818 Differential Revision: https://phabricator.services.mozilla.com/D149
2017-10-25 16:59:53 +03:00
// Unique transaction id.
uint64_t mId;
private:
// Generates a unique id for new transactions. This doesn't have to be unique
// forever, it's sufficient to differentiate between temporally close
// transactions, where messages can intersect. Can overflow.
static uint64_t NextId() {
static uint64_t id = 0;
return ++id;
}
Bug 1409434 - Rework WebAuthnManager state machine r=jcj Summary: This patch aims to clean up the WebAuthnManager's state machine, especially to make cancellation of transactions clearer. To fix bug 1403818, we'll have to later introduce a unique id that is forwarded to the U2FTokenManager. There are multiple stages of cancellation/cleanup after a transaction was started. All of the places where we previously called Cancel() or MaybeClearTransaction() are listed below: [stage 1] ClearTransaction This is the most basic stage, we only clean up what information we have about the current transaction. This means that the request was completed successfully. It is used at the end of FinishMakeCredential() and FinishGetAssertion(). [stage 2] RejectTransaction The second stage will reject the transaction promise we returned to the caller. Then it will call ClearTransaction, i.e. stage 1. It is used when one of the two Finish*() functions aborts before completion, or when the parent process sends a RequestAborted message. [stage 2b] MaybeRejectTransaction This is the same as stage 2, but will only run if there's an active transaction. It is used by ~WebAuthnManager() to reject and clean up when we the manager goes away. [stage 3] CancelTransaction The third stage sends a "Cancel" message to the parent process before rejecting the transaction promise (stage 2) and cleaning up (stage 1). It's used by HandleEvent(), i.e. the document becomes inactive. [stage 3b] MaybeCancelTransaction This is the same as stage 3, but will only run if there's an active transaction. it is used at the top of MakeCredential() and GetAssertion() so that any active transaction is cancelled before we handle a new request. Reviewers: jcj Reviewed By: jcj Bug #: 1409434 Differential Revision: https://phabricator.services.mozilla.com/D132
2017-10-18 16:04:56 +03:00
};
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
class WebAuthnManager final : public WebAuthnManagerBase
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
, public AbortFollower
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
{
public:
NS_DECL_ISUPPORTS
Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj Summary: Both files declare a few methods as public that we can make private. Let's seize the chance to rearrange declarations such that they reflect the message model better. Reviewers: jcj Reviewed By: jcj Bug #: 1409135 Differential Revision: https://phabricator.services.mozilla.com/D128 --HG-- extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 12:31:30 +03:00
Bug 1396907 - Abstract a BaseAuthManager for dom/u2f and dom/webauthn r=jcj Summary: We can probably abstract more stuff in the future, but this seems like a good start. Reviewers: jcj Reviewed By: jcj Bug #: 1396907 Differential Revision: https://phabricator.services.mozilla.com/D323
2017-12-06 20:41:58 +03:00
explicit WebAuthnManager(nsPIDOMWindowInner* aParent)
: WebAuthnManagerBase(aParent)
{ }
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj Summary: Both files declare a few methods as public that we can make private. Let's seize the chance to rearrange declarations such that they reflect the message model better. Reviewers: jcj Reviewed By: jcj Bug #: 1409135 Differential Revision: https://phabricator.services.mozilla.com/D128 --HG-- extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 12:31:30 +03:00
already_AddRefed<Promise>
Bug 1436473 - Rename WebAuthn dict to PublicKeyCredentialCreationOptions r=baku Late-breaking rename pre-CR in Web Authentication [1] renamed a dictionary. It's not an interop issue, really, which must be why it was let through. This is a WebIDL and Web Platform Tests-only issue. (The WPT updates are happening at Github [2]) [1] https://github.com/w3c/webauthn/pull/779/files [2] https://github.com/w3c/web-platform-tests/pull/9237 MozReview-Commit-ID: KEIlqIYbzKp --HG-- extra : rebase_source : 4204ea62a41f374a6731a9367552af122d354145
2018-02-07 22:01:51 +03:00
MakeCredential(const PublicKeyCredentialCreationOptions& aOptions,
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
const Optional<OwningNonNull<AbortSignal>>& aSignal);
Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj Summary: Both files declare a few methods as public that we can make private. Let's seize the chance to rearrange declarations such that they reflect the message model better. Reviewers: jcj Reviewed By: jcj Bug #: 1409135 Differential Revision: https://phabricator.services.mozilla.com/D128 --HG-- extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 12:31:30 +03:00
already_AddRefed<Promise>
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
GetAssertion(const PublicKeyCredentialRequestOptions& aOptions,
Bug 1415675 - Web Authentication - Support AbortSignal types r=jcj,smaug Summary: This patch adds support for aborting WebAuthn requests via AbortSignals. https://w3c.github.io/webauthn/#abortoperation https://w3c.github.io/webauthn/#sample-aborting https://dom.spec.whatwg.org/#abortcontroller-api-integration It also adds a variety of request abortion/cancellation tests. To test request cancellation we can use USB tokens as those requests will never complete without a token and/or user interaction. A bonus here is that we'll have a little coverage for u2f-hid-rs. Reviewers: jcj, smaug Reviewed By: jcj, smaug Bug #: 1415675 Differential Revision: https://phabricator.services.mozilla.com/D245 --HG-- extra : amend_source : bd779d5c4c6a11dd8ce34c0cc86675825b799031
2017-11-17 11:44:50 +03:00
const Optional<OwningNonNull<AbortSignal>>& aSignal);
Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj Summary: Both files declare a few methods as public that we can make private. Let's seize the chance to rearrange declarations such that they reflect the message model better. Reviewers: jcj Reviewed By: jcj Bug #: 1409135 Differential Revision: https://phabricator.services.mozilla.com/D128 --HG-- extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 12:31:30 +03:00
Bug 1407829 - Fix merge bustage in WebAuthnManager.h on a CLOSED TREE r=me
2017-10-17 13:50:13 +03:00
already_AddRefed<Promise>
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
Store(const Credential& aCredential);
// WebAuthnManagerBase
Bug 1407829 - Fix merge bustage in WebAuthnManager.h on a CLOSED TREE r=me
2017-10-17 13:50:13 +03:00
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
void
Bug 1403818 - Fix WebAuthn IPC crashes by keeping the child actor alive until process shutdown r=jcj Summary: We currently call ChildActor.send__delete() when clearing an active transaction and thereby destroy the child actor. If that happens, e.g. due to a tab switch, while a message is in the IPC buffer waiting to be delivered, we crash. This patch creates the child actor lazily as before, but keeps it around until the WebAuthnManager goes away, which will be at process shutdown. Each transaction now has a unique id, that the parent process will include in any of the ConfirmRegister, ConfirmSign, or Abort messages. That way we can easily ignore stale messages that were in the buffer while we started a new transaction or cancelled the current one. Reviewers: jcj Reviewed By: jcj Bug #: 1403818 Differential Revision: https://phabricator.services.mozilla.com/D149
2017-10-25 16:59:53 +03:00
FinishMakeCredential(const uint64_t& aTransactionId,
Bug 1437616 - Use proper WebAuthn result types defined in the .pidl r=jcj Reviewers: jcj Reviewed By: jcj Bug #: 1437616 Differential Revision: https://phabricator.services.mozilla.com/D582
2018-02-12 23:08:54 +03:00
const WebAuthnMakeCredentialResult& aResult) override;
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
void
Bug 1403818 - Fix WebAuthn IPC crashes by keeping the child actor alive until process shutdown r=jcj Summary: We currently call ChildActor.send__delete() when clearing an active transaction and thereby destroy the child actor. If that happens, e.g. due to a tab switch, while a message is in the IPC buffer waiting to be delivered, we crash. This patch creates the child actor lazily as before, but keeps it around until the WebAuthnManager goes away, which will be at process shutdown. Each transaction now has a unique id, that the parent process will include in any of the ConfirmRegister, ConfirmSign, or Abort messages. That way we can easily ignore stale messages that were in the buffer while we started a new transaction or cancelled the current one. Reviewers: jcj Reviewed By: jcj Bug #: 1403818 Differential Revision: https://phabricator.services.mozilla.com/D149
2017-10-25 16:59:53 +03:00
FinishGetAssertion(const uint64_t& aTransactionId,
Bug 1437616 - Use proper WebAuthn result types defined in the .pidl r=jcj Reviewers: jcj Reviewed By: jcj Bug #: 1437616 Differential Revision: https://phabricator.services.mozilla.com/D582
2018-02-12 23:08:54 +03:00
const WebAuthnGetAssertionResult& aResult) override;
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
void
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
RequestAborted(const uint64_t& aTransactionId,
const nsresult& aError) override;
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
Bug 1421616 - Have one WebAuthnManager instance per CredentialsContainer r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
2017-12-05 21:05:06 +03:00
// AbortFollower
void Abort() override;
Backed out changeset bb739695f566 (bug 1421616)
2017-12-05 21:24:22 +03:00
Bug 1396907 - Abstract a BaseAuthManager for dom/u2f and dom/webauthn r=jcj Summary: We can probably abstract more stuff in the future, but this seems like a good start. Reviewers: jcj Reviewed By: jcj Bug #: 1396907 Differential Revision: https://phabricator.services.mozilla.com/D323
2017-12-06 20:41:58 +03:00
protected:
// Cancels the current transaction (by sending a Cancel message to the
// parent) and rejects it by calling RejectTransaction().
void CancelTransaction(const nsresult& aError) override;
Bug 1409135 - Cleanup and rearrange {WebAuthn,U2F}Manager.h r=jcj Summary: Both files declare a few methods as public that we can make private. Let's seize the chance to rearrange declarations such that they reflect the message model better. Reviewers: jcj Reviewed By: jcj Bug #: 1409135 Differential Revision: https://phabricator.services.mozilla.com/D128 --HG-- extra : amend_source : 8f7a9d92ec81253847c44d92c71ea00cc8753bd1
2017-10-17 12:31:30 +03:00
private:
virtual ~WebAuthnManager();
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
Bug 1409434 - Rework WebAuthnManager state machine r=jcj Summary: This patch aims to clean up the WebAuthnManager's state machine, especially to make cancellation of transactions clearer. To fix bug 1403818, we'll have to later introduce a unique id that is forwarded to the U2FTokenManager. There are multiple stages of cancellation/cleanup after a transaction was started. All of the places where we previously called Cancel() or MaybeClearTransaction() are listed below: [stage 1] ClearTransaction This is the most basic stage, we only clean up what information we have about the current transaction. This means that the request was completed successfully. It is used at the end of FinishMakeCredential() and FinishGetAssertion(). [stage 2] RejectTransaction The second stage will reject the transaction promise we returned to the caller. Then it will call ClearTransaction, i.e. stage 1. It is used when one of the two Finish*() functions aborts before completion, or when the parent process sends a RequestAborted message. [stage 2b] MaybeRejectTransaction This is the same as stage 2, but will only run if there's an active transaction. It is used by ~WebAuthnManager() to reject and clean up when we the manager goes away. [stage 3] CancelTransaction The third stage sends a "Cancel" message to the parent process before rejecting the transaction promise (stage 2) and cleaning up (stage 1). It's used by HandleEvent(), i.e. the document becomes inactive. [stage 3b] MaybeCancelTransaction This is the same as stage 3, but will only run if there's an active transaction. it is used at the top of MakeCredential() and GetAssertion() so that any active transaction is cancelled before we handle a new request. Reviewers: jcj Reviewed By: jcj Bug #: 1409434 Differential Revision: https://phabricator.services.mozilla.com/D132
2017-10-18 16:04:56 +03:00
// Clears all information we have about the current transaction.
void ClearTransaction();
// Rejects the current transaction and calls ClearTransaction().
void RejectTransaction(const nsresult& aError);
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
Bug 1409434 - Rework WebAuthnManager state machine r=jcj Summary: This patch aims to clean up the WebAuthnManager's state machine, especially to make cancellation of transactions clearer. To fix bug 1403818, we'll have to later introduce a unique id that is forwarded to the U2FTokenManager. There are multiple stages of cancellation/cleanup after a transaction was started. All of the places where we previously called Cancel() or MaybeClearTransaction() are listed below: [stage 1] ClearTransaction This is the most basic stage, we only clean up what information we have about the current transaction. This means that the request was completed successfully. It is used at the end of FinishMakeCredential() and FinishGetAssertion(). [stage 2] RejectTransaction The second stage will reject the transaction promise we returned to the caller. Then it will call ClearTransaction, i.e. stage 1. It is used when one of the two Finish*() functions aborts before completion, or when the parent process sends a RequestAborted message. [stage 2b] MaybeRejectTransaction This is the same as stage 2, but will only run if there's an active transaction. It is used by ~WebAuthnManager() to reject and clean up when we the manager goes away. [stage 3] CancelTransaction The third stage sends a "Cancel" message to the parent process before rejecting the transaction promise (stage 2) and cleaning up (stage 1). It's used by HandleEvent(), i.e. the document becomes inactive. [stage 3b] MaybeCancelTransaction This is the same as stage 3, but will only run if there's an active transaction. it is used at the top of MakeCredential() and GetAssertion() so that any active transaction is cancelled before we handle a new request. Reviewers: jcj Reviewed By: jcj Bug #: 1409434 Differential Revision: https://phabricator.services.mozilla.com/D132
2017-10-18 16:04:56 +03:00
// The current transaction, if any.
Maybe<WebAuthnTransaction> mTransaction;
Bug 1323339 - Add WebAuthnManager and support IPC Child classes; r=jcj r=baku Takes functionality once in the WebAuthentication DOM class that needs to be handled by the content process, and moves it to a singleton (per-content-process) manager class. This allows the WebAuthn API to centralize management of transactions and IPC channels. Patch also creates the child (content-process) classes for WebAuthn IPC channels. MozReview-Commit-ID: 6ju2LK8lvNR
2017-04-20 03:46:08 +03:00
};
} // namespace dom
} // namespace mozilla
#endif // mozilla_dom_WebAuthnManager_h