2017-10-27 01:08:41 +03:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
2017-04-20 03:46:08 +03:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#ifndef mozilla_dom_WebAuthnManager_h
|
|
|
|
#define mozilla_dom_WebAuthnManager_h
|
|
|
|
|
|
|
|
#include "mozilla/MozPromise.h"
|
2017-08-04 22:34:18 +03:00
|
|
|
#include "mozilla/dom/Event.h"
|
2017-04-20 03:46:08 +03:00
|
|
|
#include "mozilla/dom/PWebAuthnTransaction.h"
|
2017-08-04 22:34:18 +03:00
|
|
|
#include "nsIDOMEventListener.h"
|
2017-04-20 03:46:08 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Content process manager for the WebAuthn protocol. Created on calls to the
|
|
|
|
* WebAuthentication DOM object, this manager handles establishing IPC channels
|
|
|
|
* for WebAuthn transactions, as well as keeping track of JS Promise objects
|
|
|
|
* representing transactions in flight.
|
|
|
|
*
|
|
|
|
* The WebAuthn spec (https://www.w3.org/TR/webauthn/) allows for two different
|
|
|
|
* types of transactions: registration and signing. When either of these is
|
|
|
|
* requested via the DOM API, the following steps are executed in the
|
|
|
|
* WebAuthnManager:
|
|
|
|
*
|
|
|
|
* - Validation of the request. Return a failed promise to js if request does
|
|
|
|
* not have correct parameters.
|
|
|
|
*
|
|
|
|
* - If request is valid, open a new IPC channel for running the transaction. If
|
|
|
|
* another transaction is already running in this content process, cancel it.
|
|
|
|
* Return a pending promise to js.
|
|
|
|
*
|
|
|
|
* - Send transaction information to parent process (by running the Start*
|
|
|
|
* functions of WebAuthnManager). Assuming another transaction is currently in
|
|
|
|
* flight in another content process, parent will handle canceling it.
|
|
|
|
*
|
|
|
|
* - On return of successful transaction information from parent process, turn
|
|
|
|
* information into DOM object format required by spec, and resolve promise
|
|
|
|
* (by running the Finish* functions of WebAuthnManager). On cancellation
|
|
|
|
* request from parent, reject promise with corresponding error code. Either
|
|
|
|
* outcome will also close the IPC channel.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2017-07-07 23:32:31 +03:00
|
|
|
// Forward decl because of nsHTMLDocument.h's complex dependency on /layout/style
|
|
|
|
class nsHTMLDocument {
|
|
|
|
public:
|
|
|
|
bool IsRegistrableDomainSuffixOfOrEqualTo(const nsAString& aHostSuffixString,
|
|
|
|
const nsACString& aOrigHost);
|
|
|
|
};
|
|
|
|
|
2017-04-20 03:46:08 +03:00
|
|
|
namespace mozilla {
|
|
|
|
namespace dom {
|
|
|
|
|
|
|
|
struct Account;
|
|
|
|
class ArrayBufferViewOrArrayBuffer;
|
|
|
|
struct AssertionOptions;
|
|
|
|
class OwningArrayBufferViewOrArrayBuffer;
|
2017-10-07 02:10:57 +03:00
|
|
|
struct MakePublicKeyCredentialOptions;
|
2017-04-20 03:46:08 +03:00
|
|
|
class Promise;
|
|
|
|
class WebAuthnTransactionChild;
|
2017-10-18 16:04:56 +03:00
|
|
|
|
|
|
|
class WebAuthnTransaction
|
|
|
|
{
|
|
|
|
public:
|
2017-12-05 21:24:22 +03:00
|
|
|
WebAuthnTransaction(nsPIDOMWindowInner* aParent,
|
|
|
|
const RefPtr<Promise>& aPromise,
|
2017-11-29 15:58:33 +03:00
|
|
|
const nsTArray<uint8_t>& aRpIdHash,
|
|
|
|
const nsCString& aClientData,
|
2017-11-17 11:44:50 +03:00
|
|
|
AbortSignal* aSignal)
|
2017-12-05 21:24:22 +03:00
|
|
|
: mParent(aParent)
|
|
|
|
, mPromise(aPromise)
|
2017-11-29 15:58:33 +03:00
|
|
|
, mRpIdHash(aRpIdHash)
|
2017-10-18 16:04:56 +03:00
|
|
|
, mClientData(aClientData)
|
2017-11-17 11:44:50 +03:00
|
|
|
, mSignal(aSignal)
|
2017-10-25 16:59:53 +03:00
|
|
|
, mId(NextId())
|
|
|
|
{
|
|
|
|
MOZ_ASSERT(mId > 0);
|
|
|
|
}
|
2017-10-18 16:04:56 +03:00
|
|
|
|
2017-12-05 21:24:22 +03:00
|
|
|
// Parent of the context we're running the transaction in.
|
|
|
|
nsCOMPtr<nsPIDOMWindowInner> mParent;
|
|
|
|
|
2017-10-18 16:04:56 +03:00
|
|
|
// JS Promise representing the transaction status.
|
|
|
|
RefPtr<Promise> mPromise;
|
|
|
|
|
2017-11-29 15:58:33 +03:00
|
|
|
// The RP ID hash.
|
|
|
|
nsTArray<uint8_t> mRpIdHash;
|
2017-10-18 16:04:56 +03:00
|
|
|
|
|
|
|
// Client data used to assemble reply objects.
|
|
|
|
nsCString mClientData;
|
2017-10-25 16:59:53 +03:00
|
|
|
|
2017-11-17 11:44:50 +03:00
|
|
|
// An optional AbortSignal instance.
|
|
|
|
RefPtr<AbortSignal> mSignal;
|
|
|
|
|
2017-10-25 16:59:53 +03:00
|
|
|
// Unique transaction id.
|
|
|
|
uint64_t mId;
|
|
|
|
|
|
|
|
private:
|
|
|
|
// Generates a unique id for new transactions. This doesn't have to be unique
|
|
|
|
// forever, it's sufficient to differentiate between temporally close
|
|
|
|
// transactions, where messages can intersect. Can overflow.
|
|
|
|
static uint64_t NextId() {
|
|
|
|
static uint64_t id = 0;
|
|
|
|
return ++id;
|
|
|
|
}
|
2017-10-18 16:04:56 +03:00
|
|
|
};
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-12-05 21:24:22 +03:00
|
|
|
class WebAuthnManager final : public nsIDOMEventListener
|
2017-11-17 11:44:50 +03:00
|
|
|
, public AbortFollower
|
2017-04-20 03:46:08 +03:00
|
|
|
{
|
|
|
|
public:
|
|
|
|
NS_DECL_ISUPPORTS
|
2017-08-04 22:34:18 +03:00
|
|
|
NS_DECL_NSIDOMEVENTLISTENER
|
2017-10-17 12:31:30 +03:00
|
|
|
|
2017-12-05 21:24:22 +03:00
|
|
|
static WebAuthnManager* GetOrCreate();
|
|
|
|
static WebAuthnManager* Get();
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-10-17 12:31:30 +03:00
|
|
|
already_AddRefed<Promise>
|
2017-12-05 21:24:22 +03:00
|
|
|
MakeCredential(nsPIDOMWindowInner* aParent,
|
|
|
|
const MakePublicKeyCredentialOptions& aOptions,
|
2017-11-17 11:44:50 +03:00
|
|
|
const Optional<OwningNonNull<AbortSignal>>& aSignal);
|
2017-10-17 12:31:30 +03:00
|
|
|
|
|
|
|
already_AddRefed<Promise>
|
2017-12-05 21:24:22 +03:00
|
|
|
GetAssertion(nsPIDOMWindowInner* aParent,
|
|
|
|
const PublicKeyCredentialRequestOptions& aOptions,
|
2017-11-17 11:44:50 +03:00
|
|
|
const Optional<OwningNonNull<AbortSignal>>& aSignal);
|
2017-10-17 12:31:30 +03:00
|
|
|
|
2017-10-17 13:50:13 +03:00
|
|
|
already_AddRefed<Promise>
|
2017-12-05 21:24:22 +03:00
|
|
|
Store(nsPIDOMWindowInner* aParent, const Credential& aCredential);
|
2017-10-17 13:50:13 +03:00
|
|
|
|
2017-04-20 03:46:08 +03:00
|
|
|
void
|
2017-10-25 16:59:53 +03:00
|
|
|
FinishMakeCredential(const uint64_t& aTransactionId,
|
2017-12-05 21:24:22 +03:00
|
|
|
nsTArray<uint8_t>& aRegBuffer);
|
2017-04-20 03:46:08 +03:00
|
|
|
|
|
|
|
void
|
2017-10-25 16:59:53 +03:00
|
|
|
FinishGetAssertion(const uint64_t& aTransactionId,
|
|
|
|
nsTArray<uint8_t>& aCredentialId,
|
2017-12-05 21:24:22 +03:00
|
|
|
nsTArray<uint8_t>& aSigBuffer);
|
2017-04-20 03:46:08 +03:00
|
|
|
|
|
|
|
void
|
2017-12-05 21:24:22 +03:00
|
|
|
RequestAborted(const uint64_t& aTransactionId, const nsresult& aError);
|
2017-12-05 21:05:06 +03:00
|
|
|
|
|
|
|
void Abort() override;
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-12-05 21:24:22 +03:00
|
|
|
void ActorDestroyed();
|
|
|
|
|
2017-10-17 12:31:30 +03:00
|
|
|
private:
|
2017-12-05 21:24:22 +03:00
|
|
|
WebAuthnManager();
|
2017-10-17 12:31:30 +03:00
|
|
|
virtual ~WebAuthnManager();
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-10-18 16:04:56 +03:00
|
|
|
// Clears all information we have about the current transaction.
|
|
|
|
void ClearTransaction();
|
|
|
|
// Rejects the current transaction and calls ClearTransaction().
|
|
|
|
void RejectTransaction(const nsresult& aError);
|
|
|
|
// Cancels the current transaction (by sending a Cancel message to the
|
|
|
|
// parent) and rejects it by calling RejectTransaction().
|
|
|
|
void CancelTransaction(const nsresult& aError);
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-10-25 09:45:53 +03:00
|
|
|
bool MaybeCreateBackgroundActor();
|
2017-04-20 03:46:08 +03:00
|
|
|
|
2017-10-25 16:59:53 +03:00
|
|
|
// IPC Channel to the parent process.
|
2017-04-20 03:46:08 +03:00
|
|
|
RefPtr<WebAuthnTransactionChild> mChild;
|
|
|
|
|
2017-10-18 16:04:56 +03:00
|
|
|
// The current transaction, if any.
|
|
|
|
Maybe<WebAuthnTransaction> mTransaction;
|
2017-04-20 03:46:08 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace dom
|
|
|
|
} // namespace mozilla
|
|
|
|
|
|
|
|
#endif // mozilla_dom_WebAuthnManager_h
|