The Tor Browser: browser/base/content/aboutaccounts/aboutaccounts.js@6474c204b198 (annotated)

browser/base/content/aboutaccounts/aboutaccounts.js@6474c204b198 (annotated)

browser/base/content/aboutaccounts/aboutaccounts.js

Wed, 31 Dec 2014 06:09:35 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Wed, 31 Dec 2014 06:09:35 +0100
changeset 0: 6474c204b198
permissions: -rw-r--r--

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 "use strict";
 const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
 Cu.import("resource://gre/modules/Services.jsm");
 Cu.import("resource://gre/modules/FxAccounts.jsm");
 let fxAccountsCommon = {};
 Cu.import("resource://gre/modules/FxAccountsCommon.js", fxAccountsCommon);
 const PREF_LAST_FXA_USER = "identity.fxaccounts.lastSignedInUserHash";
 const PREF_SYNC_SHOW_CUSTOMIZATION = "services.sync.ui.showCustomizationDialog";
 const OBSERVER_TOPICS = [
   fxAccountsCommon.ONVERIFIED_NOTIFICATION,
   fxAccountsCommon.ONLOGOUT_NOTIFICATION,
 ];
 function log(msg) {
   //dump("FXA: " + msg + "\n");
 };
 function error(msg) {
   console.log("Firefox Account Error: " + msg + "\n");
 };
 function getPreviousAccountNameHash() {
   try {
     return Services.prefs.getComplexValue(PREF_LAST_FXA_USER, Ci.nsISupportsString).data;
   } catch (_) {
     return "";
   }
 }
 function setPreviousAccountNameHash(acctName) {
   let string = Cc["@mozilla.org/supports-string;1"]
                .createInstance(Ci.nsISupportsString);
   string.data = sha256(acctName);
   Services.prefs.setComplexValue(PREF_LAST_FXA_USER, Ci.nsISupportsString, string);
 }
 function needRelinkWarning(acctName) {
   let prevAcctHash = getPreviousAccountNameHash();
   return prevAcctHash && prevAcctHash != sha256(acctName);
 }
 // Given a string, returns the SHA265 hash in base64
 function sha256(str) {
   let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"]
                     .createInstance(Ci.nsIScriptableUnicodeConverter);
   converter.charset = "UTF-8";
   // Data is an array of bytes.
   let data = converter.convertToByteArray(str, {});
   let hasher = Cc["@mozilla.org/security/hash;1"]
                  .createInstance(Ci.nsICryptoHash);
   hasher.init(hasher.SHA256);
   hasher.update(data, data.length);
   return hasher.finish(true);
 }
 function promptForRelink(acctName) {
   let sb = Services.strings.createBundle("chrome://browser/locale/syncSetup.properties");
   let continueLabel = sb.GetStringFromName("continue.label");
   let title = sb.GetStringFromName("relinkVerify.title");
   let description = sb.formatStringFromName("relinkVerify.description",
                                             [acctName], 1);
   let body = sb.GetStringFromName("relinkVerify.heading") +
              "\n\n" + description;
   let ps = Services.prompt;
   let buttonFlags = (ps.BUTTON_POS_0 * ps.BUTTON_TITLE_IS_STRING) +
                     (ps.BUTTON_POS_1 * ps.BUTTON_TITLE_CANCEL) +
                     ps.BUTTON_POS_1_DEFAULT;
   let pressed = Services.prompt.confirmEx(window, title, body, buttonFlags,
                                      continueLabel, null, null, null,
                                      {});
   return pressed == 0; // 0 is the "continue" button
 }
 // If the last fxa account used for sync isn't this account, we display
 // a modal dialog checking they really really want to do this...
 // (This is sync-specific, so ideally would be in sync's identity module,
 // but it's a little more seamless to do here, and sync is currently the
 // only fxa consumer, so...
 function shouldAllowRelink(acctName) {
   return !needRelinkWarning(acctName) || promptForRelink(acctName);
 }
 let wrapper = {
   iframe: null,
   init: function (url=null) {
     let weave = Cc["@mozilla.org/weave/service;1"]
                   .getService(Ci.nsISupports)
                   .wrappedJSObject;
     // Don't show about:accounts with FxA disabled.
     if (!weave.fxAccountsEnabled) {
       document.body.remove();
       return;
     }
     let iframe = document.getElementById("remote");
     this.iframe = iframe;
     iframe.addEventListener("load", this);
     try {
       iframe.src = url || fxAccounts.getAccountsSignUpURI();
     } catch (e) {
       error("Couldn't init Firefox Account wrapper: " + e.message);
     }
   },
   handleEvent: function (evt) {
     switch (evt.type) {
       case "load":
         this.iframe.contentWindow.addEventListener("FirefoxAccountsCommand", this);
         this.iframe.removeEventListener("load", this);
         break;
       case "FirefoxAccountsCommand":
         this.handleRemoteCommand(evt);
         break;
     }
   },
   /**
    * onLogin handler receives user credentials from the jelly after a
    * sucessful login and stores it in the fxaccounts service
    *
    * @param accountData the user's account data and credentials
    */
   onLogin: function (accountData) {
     log("Received: 'login'. Data:" + JSON.stringify(accountData));
     if (accountData.customizeSync) {
       Services.prefs.setBoolPref(PREF_SYNC_SHOW_CUSTOMIZATION, true);
       delete accountData.customizeSync;
     }
     // We need to confirm a relink - see shouldAllowRelink for more
     let newAccountEmail = accountData.email;
     // The hosted code may have already checked for the relink situation
     // by sending the can_link_account command. If it did, then
     // it will indicate we don't need to ask twice.
     if (!accountData.verifiedCanLinkAccount && !shouldAllowRelink(newAccountEmail)) {
       // we need to tell the page we successfully received the message, but
       // then bail without telling fxAccounts
       this.injectData("message", { status: "login" });
       // and re-init the page by navigating to about:accounts
       window.location = "about:accounts";
       return;
     }
     delete accountData.verifiedCanLinkAccount;
     // Remember who it was so we can log out next time.
     setPreviousAccountNameHash(newAccountEmail);
     // A sync-specific hack - we want to ensure sync has been initialized
     // before we set the signed-in user.
     let xps = Cc["@mozilla.org/weave/service;1"]
               .getService(Ci.nsISupports)
               .wrappedJSObject;
     xps.whenLoaded().then(() => {
       return fxAccounts.setSignedInUser(accountData);
     }).then(() => {
       // If the user data is verified, we want it to immediately look like
       // they are signed in without waiting for messages to bounce around.
       if (accountData.verified) {
         showManage();
       }
       this.injectData("message", { status: "login" });
       // until we sort out a better UX, just leave the jelly page in place.
       // If the account email is not yet verified, it will tell the user to
       // go check their email, but then it will *not* change state after
       // the verification completes (the browser will begin syncing, but
       // won't notify the user). If the email has already been verified,
       // the jelly will say "Welcome! You are successfully signed in as
       // EMAIL", but it won't then say "syncing started".
     }, (err) => this.injectData("message", { status: "error", error: err })
     );
   },
   onCanLinkAccount: function(accountData) {
     // We need to confirm a relink - see shouldAllowRelink for more
     let ok = shouldAllowRelink(accountData.email);
     this.injectData("message", { status: "can_link_account", data: { ok: ok } });
   },
   /**
    * onSessionStatus sends the currently signed in user's credentials
    * to the jelly.
    */
   onSessionStatus: function () {
     log("Received: 'session_status'.");
     fxAccounts.getSignedInUser().then(
       (accountData) => this.injectData("message", { status: "session_status", data: accountData }),
       (err) => this.injectData("message", { status: "error", error: err })
     );
   },
   /**
    * onSignOut handler erases the current user's session from the fxaccounts service
    */
   onSignOut: function () {
     log("Received: 'sign_out'.");
     fxAccounts.signOut().then(
       () => this.injectData("message", { status: "sign_out" }),
       (err) => this.injectData("message", { status: "error", error: err })
     );
   },
   handleRemoteCommand: function (evt) {
     log('command: ' + evt.detail.command);
     let data = evt.detail.data;
     switch (evt.detail.command) {
       case "login":
         this.onLogin(data);
         break;
       case "can_link_account":
         this.onCanLinkAccount(data);
         break;
       case "session_status":
         this.onSessionStatus(data);
         break;
       case "sign_out":
         this.onSignOut(data);
         break;
       default:
         log("Unexpected remote command received: " + evt.detail.command + ". Ignoring command.");
         break;
     }
   },
   injectData: function (type, content) {
     let authUrl;
     try {
       authUrl = fxAccounts.getAccountsSignUpURI();
     } catch (e) {
       error("Couldn't inject data: " + e.message);
       return;
     }
     let data = {
       type: type,
       content: content
     };
     this.iframe.contentWindow.postMessage(data, authUrl);
   },
 };
 // Button onclick handlers
 function handleOldSync() {
   let chromeWin = window
     .QueryInterface(Ci.nsIInterfaceRequestor)
     .getInterface(Ci.nsIWebNavigation)
     .QueryInterface(Ci.nsIDocShellTreeItem)
     .rootTreeItem
     .QueryInterface(Ci.nsIInterfaceRequestor)
     .getInterface(Ci.nsIDOMWindow)
     .QueryInterface(Ci.nsIDOMChromeWindow);
   let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + "old-sync";
   chromeWin.switchToTabHavingURI(url, true);
 }
 function getStarted() {
   hide("intro");
   hide("stage");
   show("remote");
 }
 function openPrefs() {
   window.openPreferences("paneSync");
 }
 function init() {
   fxAccounts.getSignedInUser().then(user => {
     // tests in particular might cause the window to start closing before
     // getSignedInUser has returned.
     if (window.closed) {
       return;
     }
     if (window.location.href.contains("action=signin")) {
       if (user) {
         // asking to sign-in when already signed in just shows manage.
         showManage();
       } else {
         show("remote");
         wrapper.init(fxAccounts.getAccountsSignInURI());
       }
     } else if (window.location.href.contains("action=signup")) {
       if (user) {
         // asking to sign-up when already signed in just shows manage.
         showManage();
       } else {
         show("remote");
         wrapper.init();
       }
     } else if (window.location.href.contains("action=reauth")) {
       // ideally we would only show this when we know the user is in a
       // "must reauthenticate" state - but we don't.
       // As the email address will be included in the URL returned from
       // promiseAccountsForceSigninURI, just always show it.
       fxAccounts.promiseAccountsForceSigninURI().then(url => {
         show("remote");
         wrapper.init(url);
       });
     } else {
       // No action specified
       if (user) {
         showManage();
         let sb = Services.strings.createBundle("chrome://browser/locale/syncSetup.properties");
         document.title = sb.GetStringFromName("manage.pageTitle");
       } else {
         show("stage");
         show("intro");
         // load the remote frame in the background
         wrapper.init();
       }
     }
   });
 }
 function show(id) {
   document.getElementById(id).style.display = 'block';
 }
 function hide(id) {
   document.getElementById(id).style.display = 'none';
 }
 function showManage() {
   show("stage");
   show("manage");
   hide("remote");
   hide("intro");
 }
 document.addEventListener("DOMContentLoaded", function onload() {
   document.removeEventListener("DOMContentLoaded", onload, true);
   init();
 }, true);
 function initObservers() {
   function observe(subject, topic, data) {
     log("about:accounts observed " + topic);
     if (topic == fxAccountsCommon.ONLOGOUT_NOTIFICATION) {
       // All about:account windows get changed to action=signin on logout.
       window.location = "about:accounts?action=signin";
       return;
     }
     // must be onverified - just about:accounts is loaded.
     window.location = "about:accounts";
   }
   for (let topic of OBSERVER_TOPICS) {
     Services.obs.addObserver(observe, topic, false);
   }
   window.addEventListener("unload", function(event) {
     log("about:accounts unloading")
     for (let topic of OBSERVER_TOPICS) {
       Services.obs.removeObserver(observe, topic);
     }
   });
 }
 initObservers();