CredentialChooserService.sys.mjs

Enable keyboard shortcuts

/**

 * This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/.

*/

/**

 * Class implementing the nsICredentialChooserService.

 * This class shows UI to the user for the Credential Chooser for the

 * Credential Management API.

 * @class CredentialChooserService

*/

export class CredentialChooserService {

  classID = Components.ID("{673ddc19-03e2-4b30-a868-06297e8fed89}");

  QueryInterface = ChromeUtils.generateQI(["nsICredentialChooserService"]);

/**

   * A service function to help any UI. Fetches and serializes images to

   * data urls, which can be used in chrome UI.

   * @param {Window} window - Window which should perform the fetch

   * @param {nsIURI} uri - Icon location to be fetched from

   * @returns {Promise<string, Error>} The data URI encoded as a string representing the icon that was loaded

*/

  async fetchImageToDataURI(window, uri) {

    if (uri.protocol === "data:") {

      return uri.href;

    let request = new window.Request(uri.spec, { mode: "cors" });

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_IMAGE);

    let blob;

    let response = await window.fetch(request);

    if (!response.ok) {

      return Promise.reject(new Error("HTTP failure on Fetch"));

    blob = await response.blob();

    return new Promise((resolve, reject) => {

      let reader = new FileReader();

      reader.onloadend = () => resolve(reader.result);

      reader.onerror = reject;

      reader.readAsDataURL(blob);

});

/**

   * A helper function that performs precisely the right Fetch for the well-known resource for FedCM.

   * @param {nsIURI} uri - Well known resource location

   * @param {nsIPrincipal} triggeringPrincipal - Principal of the IDP triggering this request

   * @returns {Promise} A promise that will be the result of fetching the resource and parsing the body as JSON,

   *          or reject along the way.

*/

  async fetchWellKnown(uri, triggeringPrincipal) {

    let request = new Request(uri.spec, {

      mode: "no-cors",

      referrerPolicy: "no-referrer",

      // We use a Null Principal here because we don't want to send any

      // cookies or an Origin header here before we get user permission.

      triggeringPrincipal: Services.scriptSecurityManager.createNullPrincipal(

        triggeringPrincipal.originAttributes

),

      // and we want to be able to read the response, so we don't let CORS hide it

      // because we are no-cors

      neverTaint: true,

      credentials: "omit",

      headers: [["Accept", "application/json"]],

});

    // This overrides the Sec-Fetch-Dest to `webidentity` rather than `empty`

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_WEB_IDENTITY);

    try {

      let response = await fetch(request);

      return response.json();

    } catch (e) {

      return Promise.reject(e);

/**

   * A helper function that performs precisely the right Fetch for the IDP configuration resource for FedCM.

   * @param {nsIURI} uri - Well known resource location

   * @param {nsIPrincipal} triggeringPrincipal - Principal of the IDP triggering this request

   * @returns {Promise} A promise that will be the result of fetching the resource and parsing the body as JSON,

   *          or reject along the way.

*/

  async fetchConfig(uri, triggeringPrincipal) {

    let request = new Request(uri.spec, {

      mode: "no-cors",

      referrerPolicy: "no-referrer",

      redirect: "error",

      // We use a Null Principal here because we don't want to send any

      // cookies or an Origin header here before we get user permission.

      triggeringPrincipal: Services.scriptSecurityManager.createNullPrincipal(

        triggeringPrincipal.originAttributes

),

      // and we want to be able to read the response, so we don't let CORS hide it

      // because we are no-cors

      neverTaint: true,

      credentials: "omit",

      headers: [["Accept", "application/json"]],

});

    // This overrides the Sec-Fetch-Dest to `webidentity` rather than `empty`

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_WEB_IDENTITY);

    try {

      let response = await fetch(request);

      return response.json();

    } catch (e) {

      return Promise.reject(e);

/**

   * A helper function that performs precisely the right Fetch for the account list for FedCM.

   * @param {nsIURI} uri - Well known resource location

   * @param {nsIPrincipal} triggeringPrincipal - Principal of the IDP triggering this request

   * @returns {Promise} A promise that will be the result of fetching the resource and parsing the body as JSON,

   *          or reject along the way.

*/

  async fetchAccounts(uri, triggeringPrincipal) {

    let request = new Request(uri.spec, {

      mode: "no-cors",

      redirect: "error",

      referrerPolicy: "no-referrer",

      triggeringPrincipal,

      // and we want to be able to read the response, so we don't let CORS hide it

      // because we are no-cors

      neverTaint: true,

      credentials: "include",

      headers: [["Accept", "application/json"]],

});

    // This overrides the Sec-Fetch-Dest to `webidentity` rather than `empty`

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_WEB_IDENTITY);

    try {

      let response = await fetch(request);

      return response.json();

    } catch (e) {

      return Promise.reject(e);

/**

   * A helper function that performs precisely the right Fetch for the token request for FedCM.

   * @param {nsIURI} uri - Well known resource location

   * @param {string} body - Body to be sent with the fetch, pre-serialized.

   * @param {nsIPrincipal} triggeringPrincipal - Principal of the IDP triggering this request

   * @returns {Promise} A promise that will be the result of fetching the resource and parsing the body as JSON,

   *          or reject along the way.

*/

  async fetchToken(uri, body, triggeringPrincipal) {

    let request = new Request(uri.spec, {

      mode: "cors",

      method: "POST",

      redirect: "error",

      triggeringPrincipal,

      body,

      credentials: "include",

      headers: [["Content-type", "application/x-www-form-urlencoded"]],

});

    // This overrides the Sec-Fetch-Dest to `webidentity` rather than `empty`

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_WEB_IDENTITY);

    try {

      let response = await fetch(request);

      return response.json();

    } catch (e) {

      return Promise.reject(e);

/**

   * A helper function that performs precisely the right Fetch for the disconnect request for FedCM.

   * @param {nsIURI} uri - Well known resource location

   * @param {string} body - Body to be sent with the fetch, pre-serialized.

   * @param {nsIPrincipal} triggeringPrincipal - Principal of the IDP triggering this request

   * @returns {Promise} A promise that will be the result of fetching the resource and parsing the body as JSON,

   *          or reject along the way.

*/

  async fetchDisconnect(uri, body, triggeringPrincipal) {

    let request = new Request(uri.spec, {

      mode: "cors",

      method: "POST",

      redirect: "error",

      triggeringPrincipal,

      body,

      credentials: "include",

      headers: [["Content-type", "application/x-www-form-urlencoded"]],

});

    // This overrides the Sec-Fetch-Dest to `webidentity` rather than `empty`

    request.overrideContentPolicyType(Ci.nsIContentPolicy.TYPE_WEB_IDENTITY);

    try {

      let response = await fetch(request);

      return response.json();

    } catch (e) {

      return Promise.reject(e);