Source code

Revision control

Other Tools

1
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3
/* This Source Code Form is subject to the terms of the Mozilla Public
4
* License, v. 2.0. If a copy of the MPL was not distributed with this
5
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7
#ifndef mozilla_dom_WebAuthnManager_h
8
#define mozilla_dom_WebAuthnManager_h
9
10
#include "mozilla/Maybe.h"
11
#include "mozilla/MozPromise.h"
12
#include "mozilla/dom/PWebAuthnTransaction.h"
13
#include "mozilla/dom/WebAuthnManagerBase.h"
14
15
/*
16
* Content process manager for the WebAuthn protocol. Created on calls to the
17
* WebAuthentication DOM object, this manager handles establishing IPC channels
18
* for WebAuthn transactions, as well as keeping track of JS Promise objects
19
* representing transactions in flight.
20
*
21
* The WebAuthn spec (https://www.w3.org/TR/webauthn/) allows for two different
22
* types of transactions: registration and signing. When either of these is
23
* requested via the DOM API, the following steps are executed in the
24
* WebAuthnManager:
25
*
26
* - Validation of the request. Return a failed promise to js if request does
27
* not have correct parameters.
28
*
29
* - If request is valid, open a new IPC channel for running the transaction. If
30
* another transaction is already running in this content process, cancel it.
31
* Return a pending promise to js.
32
*
33
* - Send transaction information to parent process (by running the Start*
34
* functions of WebAuthnManager). Assuming another transaction is currently in
35
* flight in another content process, parent will handle canceling it.
36
*
37
* - On return of successful transaction information from parent process, turn
38
* information into DOM object format required by spec, and resolve promise
39
* (by running the Finish* functions of WebAuthnManager). On cancellation
40
* request from parent, reject promise with corresponding error code. Either
41
* outcome will also close the IPC channel.
42
*
43
*/
44
45
namespace mozilla {
46
namespace dom {
47
48
class WebAuthnTransaction {
49
public:
50
explicit WebAuthnTransaction(const RefPtr<Promise>& aPromise)
51
: mPromise(aPromise), mId(NextId()), mVisibilityChanged(false) {
52
MOZ_ASSERT(mId > 0);
53
}
54
55
// JS Promise representing the transaction status.
56
RefPtr<Promise> mPromise;
57
58
// Unique transaction id.
59
uint64_t mId;
60
61
// Whether or not visibility has changed for the window during this
62
// transaction
63
bool mVisibilityChanged;
64
65
private:
66
// Generates a unique id for new transactions. This doesn't have to be unique
67
// forever, it's sufficient to differentiate between temporally close
68
// transactions, where messages can intersect. Can overflow.
69
static uint64_t NextId() {
70
static uint64_t id = 0;
71
return ++id;
72
}
73
};
74
75
class WebAuthnManager final : public WebAuthnManagerBase, public AbortFollower {
76
public:
77
NS_DECL_ISUPPORTS_INHERITED
78
NS_DECL_CYCLE_COLLECTION_CLASS_INHERITED(WebAuthnManager, WebAuthnManagerBase)
79
80
explicit WebAuthnManager(nsPIDOMWindowInner* aParent)
81
: WebAuthnManagerBase(aParent) {}
82
83
already_AddRefed<Promise> MakeCredential(
84
const PublicKeyCredentialCreationOptions& aOptions,
85
const Optional<OwningNonNull<AbortSignal>>& aSignal);
86
87
already_AddRefed<Promise> GetAssertion(
88
const PublicKeyCredentialRequestOptions& aOptions,
89
const Optional<OwningNonNull<AbortSignal>>& aSignal);
90
91
already_AddRefed<Promise> Store(const Credential& aCredential);
92
93
// WebAuthnManagerBase
94
95
void FinishMakeCredential(
96
const uint64_t& aTransactionId,
97
const WebAuthnMakeCredentialResult& aResult) override;
98
99
void FinishGetAssertion(const uint64_t& aTransactionId,
100
const WebAuthnGetAssertionResult& aResult) override;
101
102
void RequestAborted(const uint64_t& aTransactionId,
103
const nsresult& aError) override;
104
105
// AbortFollower
106
107
void Abort() override;
108
109
protected:
110
// Cancels the current transaction (by sending a Cancel message to the
111
// parent) and rejects it by calling RejectTransaction().
112
void CancelTransaction(const nsresult& aError);
113
// Upon a visibility change, makes note of it in the current transaction.
114
void HandleVisibilityChange() override;
115
116
private:
117
virtual ~WebAuthnManager();
118
119
// Rejects the current transaction and calls ClearTransaction().
120
void RejectTransaction(const nsresult& aError);
121
122
// Clears all information we have about the current transaction.
123
void ClearTransaction();
124
125
// The current transaction, if any.
126
Maybe<WebAuthnTransaction> mTransaction;
127
};
128
129
inline void ImplCycleCollectionTraverse(
130
nsCycleCollectionTraversalCallback& aCallback,
131
WebAuthnTransaction& aTransaction, const char* aName, uint32_t aFlags = 0) {
132
ImplCycleCollectionTraverse(aCallback, aTransaction.mPromise, aName, aFlags);
133
}
134
135
inline void ImplCycleCollectionUnlink(WebAuthnTransaction& aTransaction) {
136
ImplCycleCollectionUnlink(aTransaction.mPromise);
137
}
138
139
} // namespace dom
140
} // namespace mozilla
141
142
#endif // mozilla_dom_WebAuthnManager_h