Source code

Revision control

Other Tools

1
/* This Source Code Form is subject to the terms of the Mozilla Public
2
* License, v. 2.0. If a copy of the MPL was not distributed with this
3
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
"use strict";
5
var EXPORTED_SYMBOLS = ["FxAccountsConfig"];
6
7
const { RESTRequest } = ChromeUtils.import(
9
);
10
const { log } = ChromeUtils.import(
12
);
13
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
14
const { XPCOMUtils } = ChromeUtils.import(
16
);
17
18
ChromeUtils.defineModuleGetter(
19
this,
20
"fxAccounts",
22
);
23
24
ChromeUtils.defineModuleGetter(
25
this,
26
"EnsureFxAccountsWebChannel",
28
);
29
30
XPCOMUtils.defineLazyPreferenceGetter(
31
this,
32
"ROOT_URL",
33
"identity.fxaccounts.remote.root"
34
);
35
XPCOMUtils.defineLazyPreferenceGetter(
36
this,
37
"TERMS_URL",
38
"services.sync.fxa.termsURL"
39
);
40
XPCOMUtils.defineLazyPreferenceGetter(
41
this,
42
"PRIVACY_URL",
43
"services.sync.fxa.privacyURL"
44
);
45
XPCOMUtils.defineLazyPreferenceGetter(
46
this,
47
"CONTEXT_PARAM",
48
"identity.fxaccounts.contextParam"
49
);
50
XPCOMUtils.defineLazyPreferenceGetter(
51
this,
52
"REQUIRES_HTTPS",
53
// Also used in FxAccountsOAuthGrantClient.jsm.
54
"identity.fxaccounts.allowHttp",
55
false,
56
null,
57
val => !val
58
);
59
60
const CONFIG_PREFS = [
61
"identity.fxaccounts.remote.root",
62
"identity.fxaccounts.auth.uri",
63
"identity.fxaccounts.remote.oauth.uri",
64
"identity.fxaccounts.remote.profile.uri",
65
"identity.fxaccounts.remote.pairing.uri",
66
"identity.sync.tokenserver.uri",
67
];
68
69
var FxAccountsConfig = {
70
async promiseSignUpURI(entrypoint, extraParams = {}) {
71
return this._buildURL("signup", {
72
extraParams: { entrypoint, ...extraParams },
73
});
74
},
75
76
async promiseSignInURI(entrypoint, extraParams = {}) {
77
return this._buildURL("signin", {
78
extraParams: { entrypoint, ...extraParams },
79
});
80
},
81
82
async promiseEmailURI(email, entrypoint, extraParams = {}) {
83
return this._buildURL("", {
84
extraParams: { entrypoint, email, ...extraParams },
85
});
86
},
87
88
async promiseEmailFirstURI(entrypoint, extraParams = {}) {
89
return this._buildURL("", {
90
extraParams: { entrypoint, action: "email", ...extraParams },
91
});
92
},
93
94
async promiseForceSigninURI(entrypoint, extraParams = {}) {
95
return this._buildURL("force_auth", {
96
extraParams: { entrypoint, ...extraParams },
97
addAccountIdentifiers: true,
98
});
99
},
100
101
async promiseManageURI(entrypoint, extraParams = {}) {
102
return this._buildURL("settings", {
103
extraParams: { entrypoint, ...extraParams },
104
addAccountIdentifiers: true,
105
});
106
},
107
108
async promiseChangeAvatarURI(entrypoint, extraParams = {}) {
109
return this._buildURL("settings/avatar/change", {
110
extraParams: { entrypoint, ...extraParams },
111
addAccountIdentifiers: true,
112
});
113
},
114
115
async promiseManageDevicesURI(entrypoint, extraParams = {}) {
116
return this._buildURL("settings/clients", {
117
extraParams: { entrypoint, ...extraParams },
118
addAccountIdentifiers: true,
119
});
120
},
121
122
async promiseConnectDeviceURI(entrypoint, extraParams = {}) {
123
return this._buildURL("connect_another_device", {
124
extraParams: { entrypoint, ...extraParams },
125
addAccountIdentifiers: true,
126
});
127
},
128
129
async promisePairingURI(extraParams = {}) {
130
return this._buildURL("pair", {
131
extraParams,
132
includeDefaultParams: false,
133
});
134
},
135
136
async promiseOAuthURI(extraParams = {}) {
137
return this._buildURL("oauth", {
138
extraParams,
139
includeDefaultParams: false,
140
});
141
},
142
143
async promiseMetricsFlowURI(entrypoint, extraParams = {}) {
144
return this._buildURL("metrics-flow", {
145
extraParams: { entrypoint, ...extraParams },
146
includeDefaultParams: false,
147
});
148
},
149
150
// Terms and Privacy URLs are special:
151
// For Reasons, we want them to always point
152
// to our servers even if a custom server is used.
153
async promiseLegalTermsURI(extraParams = {}) {
154
return this._buildURLFromString(TERMS_URL, extraParams);
155
},
156
157
async promiseLegalPrivacyURI(extraParams = {}) {
158
return this._buildURLFromString(PRIVACY_URL, extraParams);
159
},
160
161
get defaultParams() {
162
return { service: "sync", context: CONTEXT_PARAM };
163
},
164
165
/**
166
* @param path should be parsable by the URL constructor first parameter.
167
* @param {bool} [options.includeDefaultParams] If true include the default search params.
168
* @param {Object.<string, string>} [options.extraParams] Additionnal search params.
169
* @param {bool} [options.addAccountIdentifiers] if true we add the current logged-in user uid and email to the search params.
170
*/
171
async _buildURL(
172
path,
173
{
174
includeDefaultParams = true,
175
extraParams = {},
176
addAccountIdentifiers = false,
177
}
178
) {
179
await this.ensureConfigured();
180
const url = new URL(path, ROOT_URL);
181
if (REQUIRES_HTTPS && url.protocol != "https:") {
182
throw new Error("Firefox Accounts server must use HTTPS");
183
}
184
const params = {
185
...(includeDefaultParams ? this.defaultParams : null),
186
...extraParams,
187
};
188
for (let [k, v] of Object.entries(params)) {
189
url.searchParams.append(k, v);
190
}
191
if (addAccountIdentifiers) {
192
const accountData = await this.getSignedInUser();
193
if (!accountData) {
194
return null;
195
}
196
url.searchParams.append("uid", accountData.uid);
197
url.searchParams.append("email", accountData.email);
198
}
199
return url.href;
200
},
201
202
async _buildURLFromString(href, extraParams = {}) {
203
const url = new URL(href);
204
for (let [k, v] of Object.entries(extraParams)) {
205
url.searchParams.append(k, v);
206
}
207
return url.href;
208
},
209
210
resetConfigURLs() {
211
let autoconfigURL = this.getAutoConfigURL();
212
if (!autoconfigURL) {
213
return;
214
}
215
// They have the autoconfig uri pref set, so we clear all the prefs that we
216
// will have initialized, which will leave them pointing at production.
217
for (let pref of CONFIG_PREFS) {
218
Services.prefs.clearUserPref(pref);
219
}
220
// Reset the webchannel.
221
EnsureFxAccountsWebChannel();
222
},
223
224
getAutoConfigURL() {
225
let pref = Services.prefs.getCharPref(
226
"identity.fxaccounts.autoconfig.uri",
227
""
228
);
229
if (!pref) {
230
// no pref / empty pref means we don't bother here.
231
return "";
232
}
233
let rootURL = Services.urlFormatter.formatURL(pref);
234
if (rootURL.endsWith("/")) {
235
rootURL = rootURL.slice(0, -1);
236
}
237
return rootURL;
238
},
239
240
async ensureConfigured() {
241
let isSignedIn = !!(await this.getSignedInUser());
242
if (!isSignedIn) {
243
await this.fetchConfigURLs();
244
}
245
},
246
247
// Read expected client configuration from the fxa auth server
248
// (from `identity.fxaccounts.autoconfig.uri`/.well-known/fxa-client-configuration)
249
// and replace all the relevant our prefs with the information found there.
250
// This is only done before sign-in and sign-up, and even then only if the
251
// `identity.fxaccounts.autoconfig.uri` preference is set.
252
async fetchConfigURLs() {
253
let rootURL = this.getAutoConfigURL();
254
if (!rootURL) {
255
return;
256
}
257
let configURL = rootURL + "/.well-known/fxa-client-configuration";
258
let request = new RESTRequest(configURL);
259
request.setHeader("Accept", "application/json");
260
261
// Catch and rethrow the error inline.
262
let resp = await request.get().catch(e => {
263
log.error(`Failed to get configuration object from "${configURL}"`, e);
264
throw e;
265
});
266
if (!resp.success) {
267
log.error(
268
`Received HTTP response code ${
269
resp.status
270
} from configuration object request`
271
);
272
if (resp.body) {
273
log.debug("Got error response", resp.body);
274
}
275
throw new Error(
276
`HTTP status ${resp.status} from configuration object request`
277
);
278
}
279
280
log.debug("Got successful configuration response", resp.body);
281
try {
282
// Update the prefs directly specified by the config.
283
let config = JSON.parse(resp.body);
284
let authServerBase = config.auth_server_base_url;
285
if (!authServerBase.endsWith("/v1")) {
286
authServerBase += "/v1";
287
}
288
Services.prefs.setCharPref(
289
"identity.fxaccounts.auth.uri",
290
authServerBase
291
);
292
Services.prefs.setCharPref(
293
"identity.fxaccounts.remote.oauth.uri",
294
config.oauth_server_base_url + "/v1"
295
);
296
// At the time of landing this, our servers didn't yet answer with pairing_server_base_uri.
297
// Remove this condition check once Firefox 68 is stable.
298
if (config.pairing_server_base_uri) {
299
Services.prefs.setCharPref(
300
"identity.fxaccounts.remote.pairing.uri",
301
config.pairing_server_base_uri
302
);
303
}
304
Services.prefs.setCharPref(
305
"identity.fxaccounts.remote.profile.uri",
306
config.profile_server_base_url + "/v1"
307
);
308
Services.prefs.setCharPref(
309
"identity.sync.tokenserver.uri",
310
config.sync_tokenserver_base_url + "/1.0/sync/1.5"
311
);
312
Services.prefs.setCharPref("identity.fxaccounts.remote.root", rootURL);
313
314
// Ensure the webchannel is pointed at the correct uri
315
EnsureFxAccountsWebChannel();
316
} catch (e) {
317
log.error(
318
"Failed to initialize configuration preferences from autoconfig object",
319
e
320
);
321
throw e;
322
}
323
},
324
325
// For test purposes, returns a Promise.
326
getSignedInUser() {
327
return fxAccounts.getSignedInUser();
328
},
329
};