The Tor Browser: toolkit/components/passwordmgr/nsLoginManagerPrompter.js@b8a032363ba2 (annotated)

toolkit/components/passwordmgr/nsLoginManagerPrompter.js@b8a032363ba2 (annotated)

toolkit/components/passwordmgr/nsLoginManagerPrompter.js

Thu, 22 Jan 2015 13:21:57 +0100

author: Michael Schloh von Bennewitz <michael@schloh.com>
date: Thu, 22 Jan 2015 13:21:57 +0100
branch: TOR_BUG_9701
changeset 15: b8a032363ba2
permissions: -rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 const Cc = Components.classes;
 const Ci = Components.interfaces;
 const Cr = Components.results;
 Components.utils.import("resource://gre/modules/XPCOMUtils.jsm");
 Components.utils.import("resource://gre/modules/Services.jsm");
 Components.utils.import("resource://gre/modules/PrivateBrowsingUtils.jsm");
 /*
  * LoginManagerPromptFactory
  *
  * Implements nsIPromptFactory
  *
  * Invoked by [toolkit/components/prompts/src/nsPrompter.js]
  */
 function LoginManagerPromptFactory() {
     Services.obs.addObserver(this, "quit-application-granted", true);
     Services.obs.addObserver(this, "passwordmgr-crypto-login", true);
     Services.obs.addObserver(this, "passwordmgr-crypto-loginCanceled", true);
 }
 LoginManagerPromptFactory.prototype = {
     classID : Components.ID("{749e62f4-60ae-4569-a8a2-de78b649660e}"),
     QueryInterface : XPCOMUtils.generateQI([Ci.nsIPromptFactory, Ci.nsIObserver, Ci.nsISupportsWeakReference]),
     _debug : false,
     _asyncPrompts : {},
     _asyncPromptInProgress : false,
     observe : function (subject, topic, data) {
         this.log("Observed: " + topic);
         if (topic == "quit-application-granted") {
             this._cancelPendingPrompts();
         } else if (topic == "passwordmgr-crypto-login") {
             // Start processing the deferred prompters.
             this._doAsyncPrompt();
         } else if (topic == "passwordmgr-crypto-loginCanceled") {
             // User canceled a Master Password prompt, so go ahead and cancel
             // all pending auth prompts to avoid nagging over and over.
             this._cancelPendingPrompts();
         }
     },
     getPrompt : function (aWindow, aIID) {
         var prefBranch = Services.prefs.getBranch("signon.");
         this._debug = prefBranch.getBoolPref("debug");
         var prompt = new LoginManagerPrompter().QueryInterface(aIID);
         prompt.init(aWindow, this);
         return prompt;
     },
     _doAsyncPrompt : function() {
         if (this._asyncPromptInProgress) {
             this.log("_doAsyncPrompt bypassed, already in progress");
             return;
         }
         // Find the first prompt key we have in the queue
         var hashKey = null;
         for (hashKey in this._asyncPrompts)
             break;
         if (!hashKey) {
             this.log("_doAsyncPrompt:run bypassed, no prompts in the queue");
             return;
         }
         // If login manger has logins for this host, defer prompting if we're
         // already waiting on a master password entry.
         var prompt = this._asyncPrompts[hashKey];
         var prompter = prompt.prompter;
         var [hostname, httpRealm] = prompter._getAuthTarget(prompt.channel, prompt.authInfo);
         var hasLogins = (prompter._pwmgr.countLogins(hostname, null, httpRealm) > 0);
         if (hasLogins && prompter._pwmgr.uiBusy) {
             this.log("_doAsyncPrompt:run bypassed, master password UI busy");
             return;
         }
         this._asyncPromptInProgress = true;
         prompt.inProgress = true;
         var self = this;
         var runnable = {
             run : function() {
                 var ok = false;
                 try {
                     self.log("_doAsyncPrompt:run - performing the prompt for '" + hashKey + "'");
                     ok = prompter.promptAuth(prompt.channel,
                                              prompt.level,
                                              prompt.authInfo);
                 } catch (e if (e instanceof Components.Exception) &&
                                e.result == Cr.NS_ERROR_NOT_AVAILABLE) {
                     self.log("_doAsyncPrompt:run bypassed, UI is not available in this context");
                 } catch (e) {
                     Components.utils.reportError("LoginManagerPrompter: " +
                         "_doAsyncPrompt:run: " + e + "\n");
                 }
                 delete self._asyncPrompts[hashKey];
                 prompt.inProgress = false;
                 self._asyncPromptInProgress = false;
                 for each (var consumer in prompt.consumers) {
                     if (!consumer.callback)
                         // Not having a callback means that consumer didn't provide it
                         // or canceled the notification
                         continue;
                     self.log("Calling back to " + consumer.callback + " ok=" + ok);
                     try {
                         if (ok)
                             consumer.callback.onAuthAvailable(consumer.context, prompt.authInfo);
                         else
                             consumer.callback.onAuthCancelled(consumer.context, true);
                     } catch (e) { /* Throw away exceptions caused by callback */ }
                 }
                 self._doAsyncPrompt();
             }
         }
         Services.tm.mainThread.dispatch(runnable, Ci.nsIThread.DISPATCH_NORMAL);
         this.log("_doAsyncPrompt:run dispatched");
     },
     _cancelPendingPrompts : function() {
         this.log("Canceling all pending prompts...");
         var asyncPrompts = this._asyncPrompts;
         this.__proto__._asyncPrompts = {};
         for each (var prompt in asyncPrompts) {
             // Watch out! If this prompt is currently prompting, let it handle
             // notifying the callbacks of success/failure, since it's already
             // asking the user for input. Reusing a callback can be crashy.
             if (prompt.inProgress) {
                 this.log("skipping a prompt in progress");
                 continue;
             }
             for each (var consumer in prompt.consumers) {
                 if (!consumer.callback)
                     continue;
                 this.log("Canceling async auth prompt callback " + consumer.callback);
                 try {
                     consumer.callback.onAuthCancelled(consumer.context, true);
                 } catch (e) { /* Just ignore exceptions from the callback */ }
             }
         }
     },
     log : function (message) {
         if (!this._debug)
             return;
         dump("Pwmgr PromptFactory: " + message + "\n");
         Services.console.logStringMessage("Pwmgr PrompFactory: " + message);
     }
 }; // end of LoginManagerPromptFactory implementation
 /* ==================== LoginManagerPrompter ==================== */
 /*
  * LoginManagerPrompter
  *
  * Implements interfaces for prompting the user to enter/save/change auth info.
  *
  * nsIAuthPrompt: Used by SeaMonkey, Thunderbird, but not Firefox.
  *
  * nsIAuthPrompt2: Is invoked by a channel for protocol-based authentication
  * (eg HTTP Authenticate, FTP login).
  *
  * nsILoginManagerPrompter: Used by Login Manager for saving/changing logins
  * found in HTML forms.
  */
 function LoginManagerPrompter() {}
 LoginManagerPrompter.prototype = {
     classID : Components.ID("{8aa66d77-1bbb-45a6-991e-b8f47751c291}"),
     QueryInterface : XPCOMUtils.generateQI([Ci.nsIAuthPrompt,
                                             Ci.nsIAuthPrompt2,
                                             Ci.nsILoginManagerPrompter]),
     _factory       : null,
     _window        : null,
     _debug         : false, // mirrors signon.debug
     __pwmgr : null, // Password Manager service
     get _pwmgr() {
         if (!this.__pwmgr)
             this.__pwmgr = Cc["@mozilla.org/login-manager;1"].
                            getService(Ci.nsILoginManager);
         return this.__pwmgr;
     },
     __promptService : null, // Prompt service for user interaction
     get _promptService() {
         if (!this.__promptService)
             this.__promptService =
                 Cc["@mozilla.org/embedcomp/prompt-service;1"].
                 getService(Ci.nsIPromptService2);
         return this.__promptService;
     },
     __strBundle : null, // String bundle for L10N
     get _strBundle() {
         if (!this.__strBundle) {
             var bunService = Cc["@mozilla.org/intl/stringbundle;1"].
                              getService(Ci.nsIStringBundleService);
             this.__strBundle = bunService.createBundle(
                         "chrome://passwordmgr/locale/passwordmgr.properties");
             if (!this.__strBundle)
                 throw "String bundle for Login Manager not present!";
         }
         return this.__strBundle;
     },
     __ellipsis : null,
     get _ellipsis() {
         if (!this.__ellipsis) {
             this.__ellipsis = "\u2026";
             try {
                 this.__ellipsis = Services.prefs.getComplexValue(
                                     "intl.ellipsis", Ci.nsIPrefLocalizedString).data;
             } catch (e) { }
         }
         return this.__ellipsis;
     },
     // Whether we are in private browsing mode
     get _inPrivateBrowsing() {
       if (this._window) {
         return PrivateBrowsingUtils.isWindowPrivate(this._window);
       } else {
         // If we don't that we're in private browsing mode if the caller did
         // not provide a window.  The callers which really care about this
         // will indeed pass down a window to us, and for those who don't,
         // we can just assume that we don't want to save the entered login
         // information.
         return true;
       }
     },
     /*
      * log
      *
      * Internal function for logging debug messages to the Error Console window.
      */
     log : function (message) {
         if (!this._debug)
             return;
         dump("Pwmgr Prompter: " + message + "\n");
         Services.console.logStringMessage("Pwmgr Prompter: " + message);
     },
     /* ---------- nsIAuthPrompt prompts ---------- */
     /*
      * prompt
      *
      * Wrapper around the prompt service prompt. Saving random fields here
      * doesn't really make sense and therefore isn't implemented.
      */
     prompt : function (aDialogTitle, aText, aPasswordRealm,
                        aSavePassword, aDefaultText, aResult) {
         if (aSavePassword != Ci.nsIAuthPrompt.SAVE_PASSWORD_NEVER)
             throw Components.results.NS_ERROR_NOT_IMPLEMENTED;
         this.log("===== prompt() called =====");
         if (aDefaultText) {
             aResult.value = aDefaultText;
         }
         return this._promptService.prompt(this._window,
                aDialogTitle, aText, aResult, null, {});
     },
     /*
      * promptUsernameAndPassword
      *
      * Looks up a username and password in the database. Will prompt the user
      * with a dialog, even if a username and password are found.
      */
     promptUsernameAndPassword : function (aDialogTitle, aText, aPasswordRealm,
                                          aSavePassword, aUsername, aPassword) {
         this.log("===== promptUsernameAndPassword() called =====");
         if (aSavePassword == Ci.nsIAuthPrompt.SAVE_PASSWORD_FOR_SESSION)
             throw Components.results.NS_ERROR_NOT_IMPLEMENTED;
         var selectedLogin = null;
         var checkBox = { value : false };
         var checkBoxLabel = null;
         var [hostname, realm, unused] = this._getRealmInfo(aPasswordRealm);
         // If hostname is null, we can't save this login.
         if (hostname) {
             var canRememberLogin;
             if (this._inPrivateBrowsing)
                 canRememberLogin = false;
             else
                 canRememberLogin = (aSavePassword ==
                                     Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY) &&
                                    this._pwmgr.getLoginSavingEnabled(hostname);
             // if checkBoxLabel is null, the checkbox won't be shown at all.
             if (canRememberLogin)
                 checkBoxLabel = this._getLocalizedString("rememberPassword");
             // Look for existing logins.
             var foundLogins = this._pwmgr.findLogins({}, hostname, null,
                                                      realm);
             // XXX Like the original code, we can't deal with multiple
             // account selection. (bug 227632)
             if (foundLogins.length > 0) {
                 selectedLogin = foundLogins[0];
                 // If the caller provided a username, try to use it. If they
                 // provided only a password, this will try to find a password-only
                 // login (or return null if none exists).
                 if (aUsername.value)
                     selectedLogin = this._repickSelectedLogin(foundLogins,
                                                               aUsername.value);
                 if (selectedLogin) {
                     checkBox.value = true;
                     aUsername.value = selectedLogin.username;
                     // If the caller provided a password, prefer it.
                     if (!aPassword.value)
                         aPassword.value = selectedLogin.password;
                 }
             }
         }
         var ok = this._promptService.promptUsernameAndPassword(this._window,
                     aDialogTitle, aText, aUsername, aPassword,
                     checkBoxLabel, checkBox);
         if (!ok || !checkBox.value || !hostname)
             return ok;
         if (!aPassword.value) {
             this.log("No password entered, so won't offer to save.");
             return ok;
         }
         // XXX We can't prompt with multiple logins yet (bug 227632), so
         // the entered login might correspond to an existing login
         // other than the one we originally selected.
         selectedLogin = this._repickSelectedLogin(foundLogins, aUsername.value);
         // If we didn't find an existing login, or if the username
         // changed, save as a new login.
         if (!selectedLogin) {
             // add as new
             this.log("New login seen for " + realm);
             var newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
                            createInstance(Ci.nsILoginInfo);
             newLogin.init(hostname, null, realm,
                           aUsername.value, aPassword.value, "", "");
             this._pwmgr.addLogin(newLogin);
         } else if (aPassword.value != selectedLogin.password) {
             // update password
             this.log("Updating password for  " + realm);
             this._updateLogin(selectedLogin, aPassword.value);
         } else {
             this.log("Login unchanged, no further action needed.");
             this._updateLogin(selectedLogin);
         }
         return ok;
     },
     /*
      * promptPassword
      *
      * If a password is found in the database for the password realm, it is
      * returned straight away without displaying a dialog.
      *
      * If a password is not found in the database, the user will be prompted
      * with a dialog with a text field and ok/cancel buttons. If the user
      * allows it, then the password will be saved in the database.
      */
     promptPassword : function (aDialogTitle, aText, aPasswordRealm,
                                aSavePassword, aPassword) {
         this.log("===== promptPassword called() =====");
         if (aSavePassword == Ci.nsIAuthPrompt.SAVE_PASSWORD_FOR_SESSION)
             throw Components.results.NS_ERROR_NOT_IMPLEMENTED;
         var checkBox = { value : false };
         var checkBoxLabel = null;
         var [hostname, realm, username] = this._getRealmInfo(aPasswordRealm);
         username = decodeURIComponent(username);
         // If hostname is null, we can't save this login.
         if (hostname && !this._inPrivateBrowsing) {
           var canRememberLogin = (aSavePassword ==
                                   Ci.nsIAuthPrompt.SAVE_PASSWORD_PERMANENTLY) &&
                                  this._pwmgr.getLoginSavingEnabled(hostname);
           // if checkBoxLabel is null, the checkbox won't be shown at all.
           if (canRememberLogin)
               checkBoxLabel = this._getLocalizedString("rememberPassword");
           if (!aPassword.value) {
               // Look for existing logins.
               var foundLogins = this._pwmgr.findLogins({}, hostname, null,
                                                        realm);
               // XXX Like the original code, we can't deal with multiple
               // account selection (bug 227632). We can deal with finding the
               // account based on the supplied username - but in this case we'll
               // just return the first match.
               for (var i = 0; i < foundLogins.length; ++i) {
                   if (foundLogins[i].username == username) {
                       aPassword.value = foundLogins[i].password;
                       // wallet returned straight away, so this mimics that code
                       return true;
                   }
               }
           }
         }
         var ok = this._promptService.promptPassword(this._window, aDialogTitle,
                                                     aText, aPassword,
                                                     checkBoxLabel, checkBox);
         if (ok && checkBox.value && hostname && aPassword.value) {
             var newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
                            createInstance(Ci.nsILoginInfo);
             newLogin.init(hostname, null, realm, username,
                           aPassword.value, "", "");
             this.log("New login seen for " + realm);
             this._pwmgr.addLogin(newLogin);
         }
         return ok;
     },
     /* ---------- nsIAuthPrompt helpers ---------- */
     /**
      * Given aRealmString, such as "http://user@example.com/foo", returns an
      * array of:
      *   - the formatted hostname
      *   - the realm (hostname + path)
      *   - the username, if present
      *
      * If aRealmString is in the format produced by NS_GetAuthKey for HTTP[S]
      * channels, e.g. "example.com:80 (httprealm)", null is returned for all
      * arguments to let callers know the login can't be saved because we don't
      * know whether it's http or https.
      */
     _getRealmInfo : function (aRealmString) {
         var httpRealm = /^.+ \(.+\)$/;
         if (httpRealm.test(aRealmString))
             return [null, null, null];
         var uri = Services.io.newURI(aRealmString, null, null);
         var pathname = "";
         if (uri.path != "/")
             pathname = uri.path;
         var formattedHostname = this._getFormattedHostname(uri);
         return [formattedHostname, formattedHostname + pathname, uri.username];
     },
     /* ---------- nsIAuthPrompt2 prompts ---------- */
     /*
      * promptAuth
      *
      * Implementation of nsIAuthPrompt2.
      *
      * nsIChannel aChannel
      * int        aLevel
      * nsIAuthInformation aAuthInfo
      */
     promptAuth : function (aChannel, aLevel, aAuthInfo) {
         var selectedLogin = null;
         var checkbox = { value : false };
         var checkboxLabel = null;
         var epicfail = false;
         var canAutologin = false;
         try {
             this.log("===== promptAuth called =====");
             // If the user submits a login but it fails, we need to remove the
             // notification bar that was displayed. Conveniently, the user will
             // be prompted for authentication again, which brings us here.
             this._removeLoginNotifications();
             var [hostname, httpRealm] = this._getAuthTarget(aChannel, aAuthInfo);
             // Looks for existing logins to prefill the prompt with.
             var foundLogins = this._pwmgr.findLogins({},
                                         hostname, null, httpRealm);
             this.log("found " + foundLogins.length + " matching logins.");
             // XXX Can't select from multiple accounts yet. (bug 227632)
             if (foundLogins.length > 0) {
                 selectedLogin = foundLogins[0];
                 this._SetAuthInfo(aAuthInfo, selectedLogin.username,
                                              selectedLogin.password);
                 // Allow automatic proxy login
                 if (aAuthInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY &&
                     !(aAuthInfo.flags & Ci.nsIAuthInformation.PREVIOUS_FAILED) &&
                     Services.prefs.getBoolPref("signon.autologin.proxy") &&
                     !this._inPrivateBrowsing) {
                     this.log("Autologin enabled, skipping auth prompt.");
                     canAutologin = true;
                 }
                 checkbox.value = true;
             }
             var canRememberLogin = this._pwmgr.getLoginSavingEnabled(hostname);
             if (this._inPrivateBrowsing)
               canRememberLogin = false;
             // if checkboxLabel is null, the checkbox won't be shown at all.
             var notifyBox = this._getNotifyBox();
             if (canRememberLogin && !notifyBox)
                 checkboxLabel = this._getLocalizedString("rememberPassword");
         } catch (e) {
             // Ignore any errors and display the prompt anyway.
             epicfail = true;
             Components.utils.reportError("LoginManagerPrompter: " +
                 "Epic fail in promptAuth: " + e + "\n");
         }
         var ok = canAutologin ||
                  this._promptService.promptAuth(this._window,
                                                 aChannel, aLevel, aAuthInfo,
                                                 checkboxLabel, checkbox);
         // If there's a notification box, use it to allow the user to
         // determine if the login should be saved. If there isn't a
         // notification box, only save the login if the user set the
         // checkbox to do so.
         var rememberLogin = notifyBox ? canRememberLogin : checkbox.value;
         if (!ok || !rememberLogin || epicfail)
             return ok;
         try {
             var [username, password] = this._GetAuthInfo(aAuthInfo);
             if (!password) {
                 this.log("No password entered, so won't offer to save.");
                 return ok;
             }
             // XXX We can't prompt with multiple logins yet (bug 227632), so
             // the entered login might correspond to an existing login
             // other than the one we originally selected.
             selectedLogin = this._repickSelectedLogin(foundLogins, username);
             // If we didn't find an existing login, or if the username
             // changed, save as a new login.
             if (!selectedLogin) {
                 this.log("New login seen for " + username +
                          " @ " + hostname + " (" + httpRealm + ")");
                 var newLogin = Cc["@mozilla.org/login-manager/loginInfo;1"].
                                createInstance(Ci.nsILoginInfo);
                 newLogin.init(hostname, null, httpRealm,
                               username, password, "", "");
                 var notifyObj = this._getPopupNote() || notifyBox;
                 if (notifyObj)
                     this._showSaveLoginNotification(notifyObj, newLogin);
                 else
                     this._pwmgr.addLogin(newLogin);
             } else if (password != selectedLogin.password) {
                 this.log("Updating password for " + username +
                          " @ " + hostname + " (" + httpRealm + ")");
                 var notifyObj = this._getPopupNote() || notifyBox;
                 if (notifyObj)
                     this._showChangeLoginNotification(notifyObj,
                                                       selectedLogin, password);
                 else
                     this._updateLogin(selectedLogin, password);
             } else {
                 this.log("Login unchanged, no further action needed.");
                 this._updateLogin(selectedLogin);
             }
         } catch (e) {
             Components.utils.reportError("LoginManagerPrompter: " +
                 "Fail2 in promptAuth: " + e + "\n");
         }
         return ok;
     },
     asyncPromptAuth : function (aChannel, aCallback, aContext, aLevel, aAuthInfo) {
         var cancelable = null;
         try {
             this.log("===== asyncPromptAuth called =====");
             // If the user submits a login but it fails, we need to remove the
             // notification bar that was displayed. Conveniently, the user will
             // be prompted for authentication again, which brings us here.
             this._removeLoginNotifications();
             cancelable = this._newAsyncPromptConsumer(aCallback, aContext);
             var [hostname, httpRealm] = this._getAuthTarget(aChannel, aAuthInfo);
             var hashKey = aLevel + "|" + hostname + "|" + httpRealm;
             this.log("Async prompt key = " + hashKey);
             var asyncPrompt = this._factory._asyncPrompts[hashKey];
             if (asyncPrompt) {
                 this.log("Prompt bound to an existing one in the queue, callback = " + aCallback);
                 asyncPrompt.consumers.push(cancelable);
                 return cancelable;
             }
             this.log("Adding new prompt to the queue, callback = " + aCallback);
             asyncPrompt = {
                 consumers: [cancelable],
                 channel: aChannel,
                 authInfo: aAuthInfo,
                 level: aLevel,
                 inProgress : false,
                 prompter: this
             }
             this._factory._asyncPrompts[hashKey] = asyncPrompt;
             this._factory._doAsyncPrompt();
         }
         catch (e) {
             Components.utils.reportError("LoginManagerPrompter: " +
                 "asyncPromptAuth: " + e + "\nFalling back to promptAuth\n");
             // Fail the prompt operation to let the consumer fall back
             // to synchronous promptAuth method
             throw e;
         }
         return cancelable;
     },
     /* ---------- nsILoginManagerPrompter prompts ---------- */
     /*
      * init
      *
      */
     init : function (aWindow, aFactory) {
         this._window = aWindow;
         this._factory = aFactory || null;
         var prefBranch = Services.prefs.getBranch("signon.");
         this._debug = prefBranch.getBoolPref("debug");
         this.log("===== initialized =====");
     },
     /*
      * promptToSavePassword
      *
      */
     promptToSavePassword : function (aLogin) {
         var notifyObj = this._getPopupNote() || this._getNotifyBox();
         if (notifyObj)
             this._showSaveLoginNotification(notifyObj, aLogin);
         else
             this._showSaveLoginDialog(aLogin);
     },
     /*
      * _showLoginNotification
      *
      * Displays a notification bar.
      *
      */
     _showLoginNotification : function (aNotifyBox, aName, aText, aButtons) {
         var oldBar = aNotifyBox.getNotificationWithValue(aName);
         const priority = aNotifyBox.PRIORITY_INFO_MEDIUM;
         this.log("Adding new " + aName + " notification bar");
         var newBar = aNotifyBox.appendNotification(
                                 aText, aName,
                                 "chrome://mozapps/skin/passwordmgr/key.png",
                                 priority, aButtons);
         // The page we're going to hasn't loaded yet, so we want to persist
         // across the first location change.
         newBar.persistence++;
         // Sites like Gmail perform a funky redirect dance before you end up
         // at the post-authentication page. I don't see a good way to
         // heuristically determine when to ignore such location changes, so
         // we'll try ignoring location changes based on a time interval.
         newBar.timeout = Date.now() + 20000; // 20 seconds
         if (oldBar) {
             this.log("(...and removing old " + aName + " notification bar)");
             aNotifyBox.removeNotification(oldBar);
         }
     },
     /*
      * _showSaveLoginNotification
      *
      * Displays a notification bar or a popup notification, to allow the user
      * to save the specified login. This allows the user to see the results of
      * their login, and only save a login which they know worked.
      *
      * @param aNotifyObj
      *        A notification box or a popup notification.
      */
     _showSaveLoginNotification : function (aNotifyObj, aLogin) {
         // Ugh. We can't use the strings from the popup window, because they
         // have the access key marked in the string (eg "Mo&zilla"), along
         // with some weird rules for handling access keys that do not occur
         // in the string, for L10N. See commonDialog.js's setLabelForNode().
         var neverButtonText =
               this._getLocalizedString("notifyBarNeverRememberButtonText");
         var neverButtonAccessKey =
               this._getLocalizedString("notifyBarNeverRememberButtonAccessKey");
         var rememberButtonText =
               this._getLocalizedString("notifyBarRememberPasswordButtonText");
         var rememberButtonAccessKey =
               this._getLocalizedString("notifyBarRememberPasswordButtonAccessKey");
         var displayHost = this._getShortDisplayHost(aLogin.hostname);
         var notificationText;
         if (aLogin.username) {
             var displayUser = this._sanitizeUsername(aLogin.username);
             notificationText  = this._getLocalizedString(
                                         "rememberPasswordMsg",
                                         [displayUser, displayHost]);
         } else {
             notificationText  = this._getLocalizedString(
                                         "rememberPasswordMsgNoUsername",
                                         [displayHost]);
         }
         // The callbacks in |buttons| have a closure to access the variables
         // in scope here; set one to |this._pwmgr| so we can get back to pwmgr
         // without a getService() call.
         var pwmgr = this._pwmgr;
         // Notification is a PopupNotification
         if (aNotifyObj == this._getPopupNote()) {
             // "Remember" button
             var mainAction = {
                 label:     rememberButtonText,
                 accessKey: rememberButtonAccessKey,
                 callback: function(aNotifyObj, aButton) {
                     pwmgr.addLogin(aLogin);
                     browser.focus();
                 }
             };
             var secondaryActions = [
                 // "Never for this site" button
                 {
                     label:     neverButtonText,
                     accessKey: neverButtonAccessKey,
                     callback: function(aNotifyObj, aButton) {
                         pwmgr.setLoginSavingEnabled(aLogin.hostname, false);
                         browser.focus();
                     }
                 }
             ];
             var notifyWin = this._getNotifyWindow();
             var chromeWin = this._getChromeWindow(notifyWin).wrappedJSObject;
             var browser = chromeWin.gBrowser.
                                     getBrowserForDocument(notifyWin.top.document);
             aNotifyObj.show(browser, "password-save", notificationText,
                             "password-notification-icon", mainAction,
                             secondaryActions, { timeout: Date.now() + 10000,
                                                 persistWhileVisible: true });
         } else {
             var notNowButtonText =
                   this._getLocalizedString("notifyBarNotNowButtonText");
             var notNowButtonAccessKey =
                   this._getLocalizedString("notifyBarNotNowButtonAccessKey");
             var buttons = [
                 // "Remember" button
                 {
                     label:     rememberButtonText,
                     accessKey: rememberButtonAccessKey,
                     popup:     null,
                     callback: function(aNotifyObj, aButton) {
                         pwmgr.addLogin(aLogin);
                     }
                 },
                 // "Never for this site" button
                 {
                     label:     neverButtonText,
                     accessKey: neverButtonAccessKey,
                     popup:     null,
                     callback: function(aNotifyObj, aButton) {
                         pwmgr.setLoginSavingEnabled(aLogin.hostname, false);
                     }
                 },
                 // "Not now" button
                 {
                     label:     notNowButtonText,
                     accessKey: notNowButtonAccessKey,
                     popup:     null,
                     callback:  function() { /* NOP */ }
                 }
             ];
             this._showLoginNotification(aNotifyObj, "password-save",
                                         notificationText, buttons);
         }
     },
     /*
      * _removeLoginNotifications
      *
      */
     _removeLoginNotifications : function () {
         var popupNote = this._getPopupNote();
         if (popupNote)
             popupNote = popupNote.getNotification("password-save");
         if (popupNote)
             popupNote.remove();
         var notifyBox = this._getNotifyBox();
         if (notifyBox) {
             var oldBar = notifyBox.getNotificationWithValue("password-save");
             if (oldBar) {
                 this.log("Removing save-password notification bar.");
                 notifyBox.removeNotification(oldBar);
             }
             oldBar = notifyBox.getNotificationWithValue("password-change");
             if (oldBar) {
                 this.log("Removing change-password notification bar.");
                 notifyBox.removeNotification(oldBar);
             }
         }
     },
     /*
      * _showSaveLoginDialog
      *
      * Called when we detect a new login in a form submission,
      * asks the user what to do.
      *
      */
     _showSaveLoginDialog : function (aLogin) {
         const buttonFlags = Ci.nsIPrompt.BUTTON_POS_1_DEFAULT +
             (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_0) +
             (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_1) +
             (Ci.nsIPrompt.BUTTON_TITLE_IS_STRING * Ci.nsIPrompt.BUTTON_POS_2);
         var displayHost = this._getShortDisplayHost(aLogin.hostname);
         var dialogText;
         if (aLogin.username) {
             var displayUser = this._sanitizeUsername(aLogin.username);
             dialogText = this._getLocalizedString(
                                  "rememberPasswordMsg",
                                  [displayUser, displayHost]);
         } else {
             dialogText = this._getLocalizedString(
                                  "rememberPasswordMsgNoUsername",
                                  [displayHost]);
         }
         var dialogTitle        = this._getLocalizedString(
                                         "savePasswordTitle");
         var neverButtonText    = this._getLocalizedString(
                                         "neverForSiteButtonText");
         var rememberButtonText = this._getLocalizedString(
                                         "rememberButtonText");
         var notNowButtonText   = this._getLocalizedString(
                                         "notNowButtonText");
         this.log("Prompting user to save/ignore login");
         var userChoice = this._promptService.confirmEx(this._window,
                                             dialogTitle, dialogText,
                                             buttonFlags, rememberButtonText,
                                             notNowButtonText, neverButtonText,
                                             null, {});
         //  Returns:
         //   0 - Save the login
         //   1 - Ignore the login this time
         //   2 - Never save logins for this site
         if (userChoice == 2) {
             this.log("Disabling " + aLogin.hostname + " logins by request.");
             this._pwmgr.setLoginSavingEnabled(aLogin.hostname, false);
         } else if (userChoice == 0) {
             this.log("Saving login for " + aLogin.hostname);
             this._pwmgr.addLogin(aLogin);
         } else {
             // userChoice == 1 --> just ignore the login.
             this.log("Ignoring login.");
         }
     },
     /*
      * promptToChangePassword
      *
      * Called when we think we detect a password change for an existing
      * login, when the form being submitted contains multiple password
      * fields.
      *
      */
     promptToChangePassword : function (aOldLogin, aNewLogin) {
         var notifyObj = this._getPopupNote() || this._getNotifyBox();
         if (notifyObj)
             this._showChangeLoginNotification(notifyObj, aOldLogin,
                                               aNewLogin.password);
         else
             this._showChangeLoginDialog(aOldLogin, aNewLogin.password);
     },
     /*
      * _showChangeLoginNotification
      *
      * Shows the Change Password notification bar or popup notification.
      *
      * @param aNotifyObj
      *        A notification box or a popup notification.
      */
     _showChangeLoginNotification : function (aNotifyObj, aOldLogin, aNewPassword) {
         var notificationText;
         if (aOldLogin.username) {
             var displayUser = this._sanitizeUsername(aOldLogin.username);
             notificationText  = this._getLocalizedString(
                                           "updatePasswordMsg",
                                           [displayUser]);
         } else {
             notificationText  = this._getLocalizedString(
                                           "updatePasswordMsgNoUser");
         }
         var changeButtonText =
               this._getLocalizedString("notifyBarUpdateButtonText");
         var changeButtonAccessKey =
               this._getLocalizedString("notifyBarUpdateButtonAccessKey");
         // The callbacks in |buttons| have a closure to access the variables
         // in scope here; set one to |this._pwmgr| so we can get back to pwmgr
         // without a getService() call.
         var self = this;
         // Notification is a PopupNotification
         if (aNotifyObj == this._getPopupNote()) {
             // "Yes" button
             var mainAction = {
                 label:     changeButtonText,
                 accessKey: changeButtonAccessKey,
                 popup:     null,
                 callback:  function(aNotifyObj, aButton) {
                     self._updateLogin(aOldLogin, aNewPassword);
                 }
             };
             var notifyWin = this._getNotifyWindow();
             var chromeWin = this._getChromeWindow(notifyWin).wrappedJSObject;
             var browser = chromeWin.gBrowser.
                                     getBrowserForDocument(notifyWin.top.document);
             aNotifyObj.show(browser, "password-change", notificationText,
                             "password-notification-icon", mainAction,
                             null, { timeout: Date.now() + 10000,
                                     persistWhileVisible: true });
         } else {
             var dontChangeButtonText =
                   this._getLocalizedString("notifyBarDontChangeButtonText");
             var dontChangeButtonAccessKey =
                   this._getLocalizedString("notifyBarDontChangeButtonAccessKey");
             var buttons = [
                 // "Yes" button
                 {
                     label:     changeButtonText,
                     accessKey: changeButtonAccessKey,
                     popup:     null,
                     callback:  function(aNotifyObj, aButton) {
                         self._updateLogin(aOldLogin, aNewPassword);
                     }
                 },
                 // "No" button
                 {
                     label:     dontChangeButtonText,
                     accessKey: dontChangeButtonAccessKey,
                     popup:     null,
                     callback:  function(aNotifyObj, aButton) {
                         // do nothing
                     }
                 }
             ];
             this._showLoginNotification(aNotifyObj, "password-change",
                                         notificationText, buttons);
         }
     },
     /*
      * _showChangeLoginDialog
      *
      * Shows the Change Password dialog.
      *
      */
     _showChangeLoginDialog : function (aOldLogin, aNewPassword) {
         const buttonFlags = Ci.nsIPrompt.STD_YES_NO_BUTTONS;
         var dialogText;
         if (aOldLogin.username)
             dialogText  = this._getLocalizedString(
                                     "updatePasswordMsg",
                                     [aOldLogin.username]);
         else
             dialogText  = this._getLocalizedString(
                                     "updatePasswordMsgNoUser");
         var dialogTitle = this._getLocalizedString(
                                     "passwordChangeTitle");
         // returns 0 for yes, 1 for no.
         var ok = !this._promptService.confirmEx(this._window,
                                 dialogTitle, dialogText, buttonFlags,
                                 null, null, null,
                                 null, {});
         if (ok) {
             this.log("Updating password for user " + aOldLogin.username);
             this._updateLogin(aOldLogin, aNewPassword);
         }
     },
     /*
      * promptToChangePasswordWithUsernames
      *
      * Called when we detect a password change in a form submission, but we
      * don't know which existing login (username) it's for. Asks the user
      * to select a username and confirm the password change.
      *
      * Note: The caller doesn't know the username for aNewLogin, so this
      *       function fills in .username and .usernameField with the values
      *       from the login selected by the user.
      *
      * Note; XPCOM stupidity: |count| is just |logins.length|.
      */
     promptToChangePasswordWithUsernames : function (logins, count, aNewLogin) {
         const buttonFlags = Ci.nsIPrompt.STD_YES_NO_BUTTONS;
         var usernames = logins.map(function (l) l.username);
         var dialogText  = this._getLocalizedString("userSelectText");
         var dialogTitle = this._getLocalizedString("passwordChangeTitle");
         var selectedIndex = { value: null };
         // If user selects ok, outparam.value is set to the index
         // of the selected username.
         var ok = this._promptService.select(this._window,
                                 dialogTitle, dialogText,
                                 usernames.length, usernames,
                                 selectedIndex);
         if (ok) {
             // Now that we know which login to use, modify its password.
             var selectedLogin = logins[selectedIndex.value];
             this.log("Updating password for user " + selectedLogin.username);
             this._updateLogin(selectedLogin, aNewLogin.password);
         }
     },
     /* ---------- Internal Methods ---------- */
     /*
      * _updateLogin
      */
     _updateLogin : function (login, newPassword) {
         var now = Date.now();
         var propBag = Cc["@mozilla.org/hash-property-bag;1"].
                       createInstance(Ci.nsIWritablePropertyBag);
         if (newPassword) {
             propBag.setProperty("password", newPassword);
             // Explicitly set the password change time here (even though it would
             // be changed automatically), to ensure that it's exactly the same
             // value as timeLastUsed.
             propBag.setProperty("timePasswordChanged", now);
         }
         propBag.setProperty("timeLastUsed", now);
         propBag.setProperty("timesUsedIncrement", 1);
         this._pwmgr.modifyLogin(login, propBag);
     },
     /*
      * _getChromeWindow
      *
      * Given a content DOM window, returns the chrome window it's in.
      */
     _getChromeWindow: function (aWindow) {
         var chromeWin = aWindow.QueryInterface(Ci.nsIInterfaceRequestor)
                                .getInterface(Ci.nsIWebNavigation)
                                .QueryInterface(Ci.nsIDocShell)
                                .chromeEventHandler.ownerDocument.defaultView;
         return chromeWin;
     },
     /*
      * _getNotifyWindow
      */
     _getNotifyWindow: function () {
         try {
             // Get topmost window, in case we're in a frame.
             var notifyWin = this._window.top;
             // Some sites pop up a temporary login window, when disappears
             // upon submission of credentials. We want to put the notification
             // bar in the opener window if this seems to be happening.
             if (notifyWin.opener) {
                 var chromeDoc = this._getChromeWindow(notifyWin).
                                      document.documentElement;
                 var webnav = notifyWin.
                              QueryInterface(Ci.nsIInterfaceRequestor).
                              getInterface(Ci.nsIWebNavigation);
                 // Check to see if the current window was opened with chrome
                 // disabled, and if so use the opener window. But if the window
                 // has been used to visit other pages (ie, has a history),
                 // assume it'll stick around and *don't* use the opener.
                 if (chromeDoc.getAttribute("chromehidden") &&
                     webnav.sessionHistory.count == 1) {
                     this.log("Using opener window for notification bar.");
                     notifyWin = notifyWin.opener;
                 }
             }
             return notifyWin;
         } catch (e) {
             // If any errors happen, just assume no notification box.
             this.log("Unable to get notify window");
             return null;
         }
     },
     /*
      * _getPopupNote
      *
      * Returns the popup notification to this prompter,
      * or null if there isn't one available.
      */
     _getPopupNote : function () {
         let popupNote = null;
         try {
             let notifyWin = this._getNotifyWindow();
             // Get the chrome window for the content window we're using.
             // .wrappedJSObject needed here -- see bug 422974 comment 5.
             let chromeWin = this._getChromeWindow(notifyWin).wrappedJSObject;
             popupNote = chromeWin.PopupNotifications;
         } catch (e) {
             this.log("Popup notifications not available on window");
         }
         return popupNote;
     },
     /*
      * _getNotifyBox
      *
      * Returns the notification box to this prompter, or null if there isn't
      * a notification box available.
      */
     _getNotifyBox : function () {
         let notifyBox = null;
         try {
             let notifyWin = this._getNotifyWindow();
             // Get the chrome window for the content window we're using.
             // .wrappedJSObject needed here -- see bug 422974 comment 5.
             let chromeWin = this._getChromeWindow(notifyWin).wrappedJSObject;
             notifyBox = chromeWin.getNotificationBox(notifyWin);
         } catch (e) {
             this.log("Notification bars not available on window");
         }
         return notifyBox;
     },
     /*
      * _repickSelectedLogin
      *
      * The user might enter a login that isn't the one we prefilled, but
      * is the same as some other existing login. So, pick a login with a
      * matching username, or return null.
      */
     _repickSelectedLogin : function (foundLogins, username) {
         for (var i = 0; i < foundLogins.length; i++)
             if (foundLogins[i].username == username)
                 return foundLogins[i];
         return null;
     },
     /*
      * _getLocalizedString
      *
      * Can be called as:
      *   _getLocalizedString("key1");
      *   _getLocalizedString("key2", ["arg1"]);
      *   _getLocalizedString("key3", ["arg1", "arg2"]);
      *   (etc)
      *
      * Returns the localized string for the specified key,
      * formatted if required.
      *
      */
     _getLocalizedString : function (key, formatArgs) {
         if (formatArgs)
             return this._strBundle.formatStringFromName(
                                         key, formatArgs, formatArgs.length);
         else
             return this._strBundle.GetStringFromName(key);
     },
     /*
      * _sanitizeUsername
      *
      * Sanitizes the specified username, by stripping quotes and truncating if
      * it's too long. This helps prevent an evil site from messing with the
      * "save password?" prompt too much.
      */
     _sanitizeUsername : function (username) {
         if (username.length > 30) {
             username = username.substring(0, 30);
             username += this._ellipsis;
         }
         return username.replace(/['"]/g, "");
     },
     /*
      * _getFormattedHostname
      *
      * The aURI parameter may either be a string uri, or an nsIURI instance.
      *
      * Returns the hostname to use in a nsILoginInfo object (for example,
      * "http://example.com").
      */
     _getFormattedHostname : function (aURI) {
         var uri;
         if (aURI instanceof Ci.nsIURI) {
             uri = aURI;
         } else {
             uri = Services.io.newURI(aURI, null, null);
         }
         var scheme = uri.scheme;
         var hostname = scheme + "://" + uri.host;
         // If the URI explicitly specified a port, only include it when
         // it's not the default. (We never want "http://foo.com:80")
         port = uri.port;
         if (port != -1) {
             var handler = Services.io.getProtocolHandler(scheme);
             if (port != handler.defaultPort)
                 hostname += ":" + port;
         }
         return hostname;
     },
     /*
      * _getShortDisplayHost
      *
      * Converts a login's hostname field (a URL) to a short string for
      * prompting purposes. Eg, "http://foo.com" --> "foo.com", or
      * "ftp://www.site.co.uk" --> "site.co.uk".
      */
     _getShortDisplayHost: function (aURIString) {
         var displayHost;
         var eTLDService = Cc["@mozilla.org/network/effective-tld-service;1"].
                           getService(Ci.nsIEffectiveTLDService);
         var idnService = Cc["@mozilla.org/network/idn-service;1"].
                          getService(Ci.nsIIDNService);
         try {
             var uri = Services.io.newURI(aURIString, null, null);
             var baseDomain = eTLDService.getBaseDomain(uri);
             displayHost = idnService.convertToDisplayIDN(baseDomain, {});
         } catch (e) {
             this.log("_getShortDisplayHost couldn't process " + aURIString);
         }
         if (!displayHost)
             displayHost = aURIString;
         return displayHost;
     },
     /*
      * _getAuthTarget
      *
      * Returns the hostname and realm for which authentication is being
      * requested, in the format expected to be used with nsILoginInfo.
      */
     _getAuthTarget : function (aChannel, aAuthInfo) {
         var hostname, realm;
         // If our proxy is demanding authentication, don't use the
         // channel's actual destination.
         if (aAuthInfo.flags & Ci.nsIAuthInformation.AUTH_PROXY) {
             this.log("getAuthTarget is for proxy auth");
             if (!(aChannel instanceof Ci.nsIProxiedChannel))
                 throw "proxy auth needs nsIProxiedChannel";
             var info = aChannel.proxyInfo;
             if (!info)
                 throw "proxy auth needs nsIProxyInfo";
             // Proxies don't have a scheme, but we'll use "moz-proxy://"
             // so that it's more obvious what the login is for.
             var idnService = Cc["@mozilla.org/network/idn-service;1"].
                              getService(Ci.nsIIDNService);
             hostname = "moz-proxy://" +
                         idnService.convertUTF8toACE(info.host) +
                         ":" + info.port;
             realm = aAuthInfo.realm;
             if (!realm)
                 realm = hostname;
             return [hostname, realm];
         }
         hostname = this._getFormattedHostname(aChannel.URI);
         // If a HTTP WWW-Authenticate header specified a realm, that value
         // will be available here. If it wasn't set or wasn't HTTP, we'll use
         // the formatted hostname instead.
         realm = aAuthInfo.realm;
         if (!realm)
             realm = hostname;
         return [hostname, realm];
     },
     /**
      * Returns [username, password] as extracted from aAuthInfo (which
      * holds this info after having prompted the user).
      *
      * If the authentication was for a Windows domain, we'll prepend the
      * return username with the domain. (eg, "domain\user")
      */
     _GetAuthInfo : function (aAuthInfo) {
         var username, password;
         var flags = aAuthInfo.flags;
         if (flags & Ci.nsIAuthInformation.NEED_DOMAIN && aAuthInfo.domain)
             username = aAuthInfo.domain + "\\" + aAuthInfo.username;
         else
             username = aAuthInfo.username;
         password = aAuthInfo.password;
         return [username, password];
     },
     /**
      * Given a username (possibly in DOMAIN\user form) and password, parses the
      * domain out of the username if necessary and sets domain, username and
      * password on the auth information object.
      */
     _SetAuthInfo : function (aAuthInfo, username, password) {
         var flags = aAuthInfo.flags;
         if (flags & Ci.nsIAuthInformation.NEED_DOMAIN) {
             // Domain is separated from username by a backslash
             var idx = username.indexOf("\\");
             if (idx == -1) {
                 aAuthInfo.username = username;
             } else {
                 aAuthInfo.domain   =  username.substring(0, idx);
                 aAuthInfo.username =  username.substring(idx+1);
             }
         } else {
             aAuthInfo.username = username;
         }
         aAuthInfo.password = password;
     },
     _newAsyncPromptConsumer : function(aCallback, aContext) {
         return {
             QueryInterface: XPCOMUtils.generateQI([Ci.nsICancelable]),
             callback: aCallback,
             context: aContext,
             cancel: function() {
                 this.callback.onAuthCancelled(this.context, false);
                 this.callback = null;
                 this.context = null;
             }
         }
     }
 }; // end of LoginManagerPrompter implementation
 var component = [LoginManagerPromptFactory, LoginManagerPrompter];
 this.NSGetFactory = XPCOMUtils.generateNSGetFactory(component);