The Tor Browser: comparison services/fxaccounts/FxAccounts.jsm

--1:000000000000
+:87df17c36a63
+/* This Source Code Form is subject to the terms of the Mozilla Public
+* License, v. 2.0. If a copy of the MPL was not distributed with this
+* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+this.EXPORTED_SYMBOLS = ["fxAccounts", "FxAccounts"];
+const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
+Cu.import("resource://gre/modules/Log.jsm");
+Cu.import("resource://gre/modules/Promise.jsm");
+Cu.import("resource://gre/modules/osfile.jsm");
+Cu.import("resource://services-common/utils.js");
+Cu.import("resource://services-crypto/utils.js");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+Cu.import("resource://gre/modules/Timer.jsm");
+Cu.import("resource://gre/modules/Task.jsm");
+Cu.import("resource://gre/modules/FxAccountsCommon.js");
+XPCOMUtils.defineLazyModuleGetter(this, "FxAccountsClient",
+"resource://gre/modules/FxAccountsClient.jsm");
+XPCOMUtils.defineLazyModuleGetter(this, "jwcrypto",
+"resource://gre/modules/identity/jwcrypto.jsm");
+// All properties exposed by the public FxAccounts API.
+let publicProperties = [
+"getAccountsClient",
+"getAccountsSignInURI",
+"getAccountsSignUpURI",
+"getAssertion",
+"getKeys",
+"getSignedInUser",
+"loadAndPoll",
+"localtimeOffsetMsec",
+"now",
+"promiseAccountsForceSigninURI",
+"resendVerificationEmail",
+"setSignedInUser",
+"signOut",
+"version",
+"whenVerified"
+];
+// An AccountState object holds all state related to one specific account.
+// Only one AccountState is ever "current" in the FxAccountsInternal object -
+// whenever a user logs out or logs in, the current AccountState is discarded,
+// making it impossible for the wrong state or state data to be accidentally
+// used.
+// In addition, it has some promise-related helpers to ensure that if an
+// attempt is made to resolve a promise on a "stale" state (eg, if an
+// operation starts, but a different user logs in before the operation
+// completes), the promise will be rejected.
+// It is intended to be used thusly:
+// somePromiseBasedFunction: function() {
+//   let currentState = this.currentAccountState;
+//   return someOtherPromiseFunction().then(
+//     data => currentState.resolve(data)
+//   );
+// }
+// If the state has changed between the function being called and the promise
+// being resolved, the .resolve() call will actually be rejected.
+AccountState = function(fxaInternal) {
+this.fxaInternal = fxaInternal;
+};
+AccountState.prototype = {
+cert: null,
+keyPair: null,
+signedInUser: null,
+whenVerifiedDeferred: null,
+whenKeysReadyDeferred: null,
+get isCurrent() this.fxaInternal && this.fxaInternal.currentAccountState === this,
+abort: function() {
+if (this.whenVerifiedDeferred) {
+this.whenVerifiedDeferred.reject(
+new Error("Verification aborted; Another user signing in"));
+this.whenVerifiedDeferred = null;
+}
+if (this.whenKeysReadyDeferred) {
+this.whenKeysReadyDeferred.reject(
+new Error("Verification aborted; Another user signing in"));
+this.whenKeysReadyDeferred = null;
+}
+this.cert = null;
+this.keyPair = null;
+this.signedInUser = null;
+this.fxaInternal = null;
+},
+getUserAccountData: function() {
+// Skip disk if user is cached.
+if (this.signedInUser) {
+return this.resolve(this.signedInUser.accountData);
+}
+return this.fxaInternal.signedInUserStorage.get().then(
+user => {
+if (logPII) {
+// don't stringify unless it will be written. We should replace this
+// check with param substitutions added in bug 966674
+log.debug("getUserAccountData -> " + JSON.stringify(user));
+}
+if (user && user.version == this.version) {
+log.debug("setting signed in user");
+this.signedInUser = user;
+}
+return this.resolve(user ? user.accountData : null);
+},
+err => {
+if (err instanceof OS.File.Error && err.becauseNoSuchFile) {
+// File hasn't been created yet.  That will be done
+// on the first call to getSignedInUser
+return this.resolve(null);
+}
+return this.reject(err);
+}
+);
+},
+setUserAccountData: function(accountData) {
+return this.fxaInternal.signedInUserStorage.get().then(record => {
+if (!this.isCurrent) {
+return this.reject(new Error("Another user has signed in"));
+}
+record.accountData = accountData;
+this.signedInUser = record;
+return this.fxaInternal.signedInUserStorage.set(record)
+.then(() => this.resolve(accountData));
+});
+},
+getCertificate: function(data, keyPair, mustBeValidUntil) {
+if (logPII) {
+// don't stringify unless it will be written. We should replace this
+// check with param substitutions added in bug 966674
+log.debug("getCertificate" + JSON.stringify(this.signedInUser));
+}
+// TODO: get the lifetime from the cert's .exp field
+if (this.cert && this.cert.validUntil > mustBeValidUntil) {
+log.debug(" getCertificate already had one");
+return this.resolve(this.cert.cert);
+}
+// else get our cert signed
+let willBeValidUntil = this.fxaInternal.now() + CERT_LIFETIME;
+return this.fxaInternal.getCertificateSigned(data.sessionToken,
+keyPair.serializedPublicKey,
+CERT_LIFETIME).then(
+cert => {
+log.debug("getCertificate got a new one: " + !!cert);
+this.cert = {
+cert: cert,
+validUntil: willBeValidUntil
+};
+return cert;
+}
+).then(result => this.resolve(result));
+},
+getKeyPair: function(mustBeValidUntil) {
+if (this.keyPair && (this.keyPair.validUntil > mustBeValidUntil)) {
+log.debug("getKeyPair: already have a keyPair");
+return this.resolve(this.keyPair.keyPair);
+}
+// Otherwse, create a keypair and set validity limit.
+let willBeValidUntil = this.fxaInternal.now() + KEY_LIFETIME;
+let d = Promise.defer();
+jwcrypto.generateKeyPair("DS160", (err, kp) => {
+if (err) {
+return this.reject(err);
+}
+this.keyPair = {
+keyPair: kp,
+validUntil: willBeValidUntil
+};
+log.debug("got keyPair");
+delete this.cert;
+d.resolve(this.keyPair.keyPair);
+});
+return d.promise.then(result => this.resolve(result));
+},
+resolve: function(result) {
+if (!this.isCurrent) {
+log.info("An accountState promise was resolved, but was actually rejected" +
+" due to a different user being signed in. Originally resolved" +
+" with: " + result);
+return Promise.reject(new Error("A different user signed in"));
+}
+return Promise.resolve(result);
+},
+reject: function(error) {
+// It could be argued that we should just let it reject with the original
+// error - but this runs the risk of the error being (eg) a 401, which
+// might cause the consumer to attempt some remediation and cause other
+// problems.
+if (!this.isCurrent) {
+log.info("An accountState promise was rejected, but we are ignoring that" +
+"reason and rejecting it due to a different user being signed in." +
+"Originally rejected with: " + reason);
+return Promise.reject(new Error("A different user signed in"));
+}
+return Promise.reject(error);
+},
+}
+/**
+* Copies properties from a given object to another object.
+*
+* @param from (object)
+*        The object we read property descriptors from.
+* @param to (object)
+*        The object that we set property descriptors on.
+* @param options (object) (optional)
+*        {keys: [...]}
+*          Lets the caller pass the names of all properties they want to be
+*          copied. Will copy all properties of the given source object by
+*          default.
+*        {bind: object}
+*          Lets the caller specify the object that will be used to .bind()
+*          all function properties we find to. Will bind to the given target
+*          object by default.
+*/
+function copyObjectProperties(from, to, opts = {}) {
+let keys = (opts && opts.keys) || Object.keys(from);
+let thisArg = (opts && opts.bind) || to;
+for (let prop of keys) {
+let desc = Object.getOwnPropertyDescriptor(from, prop);
+if (typeof(desc.value) == "function") {
+desc.value = desc.value.bind(thisArg);
+}
+if (desc.get) {
+desc.get = desc.get.bind(thisArg);
+}
+if (desc.set) {
+desc.set = desc.set.bind(thisArg);
+}
+Object.defineProperty(to, prop, desc);
+}
+}
+/**
+* The public API's constructor.
+*/
+this.FxAccounts = function (mockInternal) {
+let internal = new FxAccountsInternal();
+let external = {};
+// Copy all public properties to the 'external' object.
+let prototype = FxAccountsInternal.prototype;
+let options = {keys: publicProperties, bind: internal};
+copyObjectProperties(prototype, external, options);
+// Copy all of the mock's properties to the internal object.
+if (mockInternal && !mockInternal.onlySetInternal) {
+copyObjectProperties(mockInternal, internal);
+}
+if (mockInternal) {
+// Exposes the internal object for testing only.
+external.internal = internal;
+}
+return Object.freeze(external);
+}
+/**
+* The internal API's constructor.
+*/
+function FxAccountsInternal() {
+this.version = DATA_FORMAT_VERSION;
+// Make a local copy of these constants so we can mock it in testing
+this.POLL_STEP = POLL_STEP;
+this.POLL_SESSION = POLL_SESSION;
+// We will create this.pollTimeRemaining below; it will initially be
+// set to the value of POLL_SESSION.
+// We interact with the Firefox Accounts auth server in order to confirm that
+// a user's email has been verified and also to fetch the user's keys from
+// the server.  We manage these processes in possibly long-lived promises
+// that are internal to this object (never exposed to callers).  Because
+// Firefox Accounts allows for only one logged-in user, and because it's
+// conceivable that while we are waiting to verify one identity, a caller
+// could start verification on a second, different identity, we need to be
+// able to abort all work on the first sign-in process.  The currentTimer and
+// currentAccountState are used for this purpose.
+// (XXX - should the timer be directly on the currentAccountState?)
+this.currentTimer = null;
+this.currentAccountState = new AccountState(this);
+// We don't reference |profileDir| in the top-level module scope
+// as we may be imported before we know where it is.
+this.signedInUserStorage = new JSONStorage({
+filename: DEFAULT_STORAGE_FILENAME,
+baseDir: OS.Constants.Path.profileDir,
+});
+}
+/**
+* The internal API's prototype.
+*/
+FxAccountsInternal.prototype = {
+/**
+* The current data format's version number.
+*/
+version: DATA_FORMAT_VERSION,
+_fxAccountsClient: null,
+get fxAccountsClient() {
+if (!this._fxAccountsClient) {
+this._fxAccountsClient = new FxAccountsClient();
+}
+return this._fxAccountsClient;
+},
+/**
+* Return the current time in milliseconds as an integer.  Allows tests to
+* manipulate the date to simulate certificate expiration.
+*/
+now: function() {
+return this.fxAccountsClient.now();
+},
+getAccountsClient: function() {
+return this.fxAccountsClient;
+},
+/**
+* Return clock offset in milliseconds, as reported by the fxAccountsClient.
+* This can be overridden for testing.
+*
+* The offset is the number of milliseconds that must be added to the client
+* clock to make it equal to the server clock.  For example, if the client is
+* five minutes ahead of the server, the localtimeOffsetMsec will be -300000.
+*/
+get localtimeOffsetMsec() {
+return this.fxAccountsClient.localtimeOffsetMsec;
+},
+/**
+* Ask the server whether the user's email has been verified
+*/
+checkEmailStatus: function checkEmailStatus(sessionToken) {
+return this.fxAccountsClient.recoveryEmailStatus(sessionToken);
+},
+/**
+* Once the user's email is verified, we can request the keys
+*/
+fetchKeys: function fetchKeys(keyFetchToken) {
+log.debug("fetchKeys: " + !!keyFetchToken);
+if (logPII) {
+log.debug("fetchKeys - the token is " + keyFetchToken);
+}
+return this.fxAccountsClient.accountKeys(keyFetchToken);
+},
+// set() makes sure that polling is happening, if necessary.
+// get() does not wait for verification, and returns an object even if
+// unverified. The caller of get() must check .verified .
+// The "fxaccounts:onverified" event will fire only when the verified
+// state goes from false to true, so callers must register their observer
+// and then call get(). In particular, it will not fire when the account
+// was found to be verified in a previous boot: if our stored state says
+// the account is verified, the event will never fire. So callers must do:
+//   register notification observer (go)
+//   userdata = get()
+//   if (userdata.verified()) {go()}
+/**
+* Get the user currently signed in to Firefox Accounts.
+*
+* @return Promise
+*        The promise resolves to the credentials object of the signed-in user:
+*        {
+*          email: The user's email address
+*          uid: The user's unique id
+*          sessionToken: Session for the FxA server
+*          kA: An encryption key from the FxA server
+*          kB: An encryption key derived from the user's FxA password
+*          verified: email verification status
+*          authAt: The time (seconds since epoch) that this record was
+*                  authenticated
+*        }
+*        or null if no user is signed in.
+*/
+getSignedInUser: function getSignedInUser() {
+let currentState = this.currentAccountState;
+return currentState.getUserAccountData().then(data => {
+if (!data) {
+return null;
+}
+if (!this.isUserEmailVerified(data)) {
+// If the email is not verified, start polling for verification,
+// but return null right away.  We don't want to return a promise
+// that might not be fulfilled for a long time.
+this.startVerifiedCheck(data);
+}
+return data;
+}).then(result => currentState.resolve(result));
+},
+/**
+* Set the current user signed in to Firefox Accounts.
+*
+* @param credentials
+*        The credentials object obtained by logging in or creating
+*        an account on the FxA server:
+*        {
+*          authAt: The time (seconds since epoch) that this record was
+*                  authenticated
+*          email: The users email address
+*          keyFetchToken: a keyFetchToken which has not yet been used
+*          sessionToken: Session for the FxA server
+*          uid: The user's unique id
+*          unwrapBKey: used to unwrap kB, derived locally from the
+*                      password (not revealed to the FxA server)
+*          verified: true/false
+*        }
+* @return Promise
+*         The promise resolves to null when the data is saved
+*         successfully and is rejected on error.
+*/
+setSignedInUser: function setSignedInUser(credentials) {
+log.debug("setSignedInUser - aborting any existing flows");
+this.abortExistingFlow();
+let record = {version: this.version, accountData: credentials};
+let currentState = this.currentAccountState;
+// Cache a clone of the credentials object.
+currentState.signedInUser = JSON.parse(JSON.stringify(record));
+// This promise waits for storage, but not for verification.
+// We're telling the caller that this is durable now.
+return this.signedInUserStorage.set(record).then(() => {
+this.notifyObservers(ONLOGIN_NOTIFICATION);
+if (!this.isUserEmailVerified(credentials)) {
+this.startVerifiedCheck(credentials);
+}
+}).then(result => currentState.resolve(result));
+},
+/**
+* returns a promise that fires with the assertion.  If there is no verified
+* signed-in user, fires with null.
+*/
+getAssertion: function getAssertion(audience) {
+log.debug("enter getAssertion()");
+let currentState = this.currentAccountState;
+let mustBeValidUntil = this.now() + ASSERTION_USE_PERIOD;
+return currentState.getUserAccountData().then(data => {
+if (!data) {
+// No signed-in user
+return null;
+}
+if (!this.isUserEmailVerified(data)) {
+// Signed-in user has not verified email
+return null;
+}
+return currentState.getKeyPair(mustBeValidUntil).then(keyPair => {
+return currentState.getCertificate(data, keyPair, mustBeValidUntil)
+.then(cert => {
+return this.getAssertionFromCert(data, keyPair, cert, audience);
+});
+});
+}).then(result => currentState.resolve(result));
+},
+/**
+* Resend the verification email fot the currently signed-in user.
+*
+*/
+resendVerificationEmail: function resendVerificationEmail() {
+let currentState = this.currentAccountState;
+return this.getSignedInUser().then(data => {
+// If the caller is asking for verification to be re-sent, and there is
+// no signed-in user to begin with, this is probably best regarded as an
+// error.
+if (data) {
+this.pollEmailStatus(currentState, data.sessionToken, "start");
+return this.fxAccountsClient.resendVerificationEmail(data.sessionToken);
+}
+throw new Error("Cannot resend verification email; no signed-in user");
+});
+},
+/*
+* Reset state such that any previous flow is canceled.
+*/
+abortExistingFlow: function abortExistingFlow() {
+if (this.currentTimer) {
+log.debug("Polling aborted; Another user signing in");
+clearTimeout(this.currentTimer);
+this.currentTimer = 0;
+}
+this.currentAccountState.abort();
+this.currentAccountState = new AccountState(this);
+},
+signOut: function signOut(localOnly) {
+let currentState = this.currentAccountState;
+let sessionToken;
+return currentState.getUserAccountData().then(data => {
+// Save the session token for use in the call to signOut below.
+sessionToken = data && data.sessionToken;
+return this._signOutLocal();
+}).then(() => {
+// FxAccountsManager calls here, then does its own call
+// to FxAccountsClient.signOut().
+if (!localOnly) {
+// Wrap this in a promise so *any* errors in signOut won't
+// block the local sign out. This is *not* returned.
+Promise.resolve().then(() => {
+// This can happen in the background and shouldn't block
+// the user from signing out. The server must tolerate
+// clients just disappearing, so this call should be best effort.
+return this._signOutServer(sessionToken);
+}).then(null, err => {
+log.error("Error during remote sign out of Firefox Accounts: " + err);
+});
+}
+}).then(() => {
+this.notifyObservers(ONLOGOUT_NOTIFICATION);
+});
+},
+/**
+* This function should be called in conjunction with a server-side
+* signOut via FxAccountsClient.
+*/
+_signOutLocal: function signOutLocal() {
+this.abortExistingFlow();
+this.currentAccountState.signedInUser = null; // clear in-memory cache
+return this.signedInUserStorage.set(null);
+},
+_signOutServer: function signOutServer(sessionToken) {
+return this.fxAccountsClient.signOut(sessionToken);
+},
+/**
+* Fetch encryption keys for the signed-in-user from the FxA API server.
+*
+* Not for user consumption.  Exists to cause the keys to be fetch.
+*
+* Returns user data so that it can be chained with other methods.
+*
+* @return Promise
+*        The promise resolves to the credentials object of the signed-in user:
+*        {
+*          email: The user's email address
+*          uid: The user's unique id
+*          sessionToken: Session for the FxA server
+*          kA: An encryption key from the FxA server
+*          kB: An encryption key derived from the user's FxA password
+*          verified: email verification status
+*        }
+*        or null if no user is signed in
+*/
+getKeys: function() {
+let currentState = this.currentAccountState;
+return currentState.getUserAccountData().then((userData) => {
+if (!userData) {
+throw new Error("Can't get keys; User is not signed in");
+}
+if (userData.kA && userData.kB) {
+return userData;
+}
+if (!currentState.whenKeysReadyDeferred) {
+currentState.whenKeysReadyDeferred = Promise.defer();
+if (userData.keyFetchToken) {
+this.fetchAndUnwrapKeys(userData.keyFetchToken).then(
+(dataWithKeys) => {
+if (!dataWithKeys.kA || !dataWithKeys.kB) {
+currentState.whenKeysReadyDeferred.reject(
+new Error("user data missing kA or kB")
+);
+return;
+}
+currentState.whenKeysReadyDeferred.resolve(dataWithKeys);
+},
+(err) => {
+currentState.whenKeysReadyDeferred.reject(err);
+}
+);
+} else {
+currentState.whenKeysReadyDeferred.reject('No keyFetchToken');
+}
+}
+return currentState.whenKeysReadyDeferred.promise;
+}).then(result => currentState.resolve(result));
+},
+fetchAndUnwrapKeys: function(keyFetchToken) {
+if (logPII) {
+log.debug("fetchAndUnwrapKeys: token: " + keyFetchToken);
+}
+let currentState = this.currentAccountState;
+return Task.spawn(function* task() {
+// Sign out if we don't have a key fetch token.
+if (!keyFetchToken) {
+log.warn("improper fetchAndUnwrapKeys() call: token missing");
+yield this.signOut();
+return null;
+}
+let {kA, wrapKB} = yield this.fetchKeys(keyFetchToken);
+let data = yield currentState.getUserAccountData();
+// Sanity check that the user hasn't changed out from under us
+if (data.keyFetchToken !== keyFetchToken) {
+throw new Error("Signed in user changed while fetching keys!");
+}
+// Next statements must be synchronous until we setUserAccountData
+// so that we don't risk getting into a weird state.
+let kB_hex = CryptoUtils.xor(CommonUtils.hexToBytes(data.unwrapBKey),
+wrapKB);
+if (logPII) {
+log.debug("kB_hex: " + kB_hex);
+}
+data.kA = CommonUtils.bytesAsHex(kA);
+data.kB = CommonUtils.bytesAsHex(kB_hex);
+delete data.keyFetchToken;
+log.debug("Keys Obtained: kA=" + !!data.kA + ", kB=" + !!data.kB);
+if (logPII) {
+log.debug("Keys Obtained: kA=" + data.kA + ", kB=" + data.kB);
+}
+yield currentState.setUserAccountData(data);
+// We are now ready for business. This should only be invoked once
+// per setSignedInUser(), regardless of whether we've rebooted since
+// setSignedInUser() was called.
+this.notifyObservers(ONVERIFIED_NOTIFICATION);
+return data;
+}.bind(this)).then(result => currentState.resolve(result));
+},
+getAssertionFromCert: function(data, keyPair, cert, audience) {
+log.debug("getAssertionFromCert");
+let payload = {};
+let d = Promise.defer();
+let options = {
+duration: ASSERTION_LIFETIME,
+localtimeOffsetMsec: this.localtimeOffsetMsec,
+now: this.now()
+};
+let currentState = this.currentAccountState;
+// "audience" should look like "http://123done.org".
+// The generated assertion will expire in two minutes.
+jwcrypto.generateAssertion(cert, keyPair, audience, options, (err, signed) => {
+if (err) {
+log.error("getAssertionFromCert: " + err);
+d.reject(err);
+} else {
+log.debug("getAssertionFromCert returning signed: " + !!signed);
+if (logPII) {
+log.debug("getAssertionFromCert returning signed: " + signed);
+}
+d.resolve(signed);
+}
+});
+return d.promise.then(result => currentState.resolve(result));
+},
+getCertificateSigned: function(sessionToken, serializedPublicKey, lifetime) {
+log.debug("getCertificateSigned: " + !!sessionToken + " " + !!serializedPublicKey);
+if (logPII) {
+log.debug("getCertificateSigned: " + sessionToken + " " + serializedPublicKey);
+}
+return this.fxAccountsClient.signCertificate(
+sessionToken,
+JSON.parse(serializedPublicKey),
+lifetime
+);
+},
+getUserAccountData: function() {
+return this.currentAccountState.getUserAccountData();
+},
+isUserEmailVerified: function isUserEmailVerified(data) {
+return !!(data && data.verified);
+},
+/**
+* Setup for and if necessary do email verification polling.
+*/
+loadAndPoll: function() {
+let currentState = this.currentAccountState;
+return currentState.getUserAccountData()
+.then(data => {
+if (data && !this.isUserEmailVerified(data)) {
+this.pollEmailStatus(currentState, data.sessionToken, "start");
+}
+return data;
+});
+},
+startVerifiedCheck: function(data) {
+log.debug("startVerifiedCheck " + JSON.stringify(data));
+// Get us to the verified state, then get the keys. This returns a promise
+// that will fire when we are completely ready.
+//
+// Login is truly complete once keys have been fetched, so once getKeys()
+// obtains and stores kA and kB, it will fire the onverified observer
+// notification.
+return this.whenVerified(data)
+.then(() => this.getKeys());
+},
+whenVerified: function(data) {
+let currentState = this.currentAccountState;
+if (data.verified) {
+log.debug("already verified");
+return currentState.resolve(data);
+}
+if (!currentState.whenVerifiedDeferred) {
+log.debug("whenVerified promise starts polling for verified email");
+this.pollEmailStatus(currentState, data.sessionToken, "start");
+}
+return currentState.whenVerifiedDeferred.promise.then(
+result => currentState.resolve(result)
+);
+},
+notifyObservers: function(topic) {
+log.debug("Notifying observers of " + topic);
+Services.obs.notifyObservers(null, topic, null);
+},
+// XXX - pollEmailStatus should maybe be on the AccountState object?
+pollEmailStatus: function pollEmailStatus(currentState, sessionToken, why) {
+log.debug("entering pollEmailStatus: " + why);
+if (why == "start") {
+// If we were already polling, stop and start again.  This could happen
+// if the user requested the verification email to be resent while we
+// were already polling for receipt of an earlier email.
+this.pollTimeRemaining = this.POLL_SESSION;
+if (!currentState.whenVerifiedDeferred) {
+currentState.whenVerifiedDeferred = Promise.defer();
+// This deferred might not end up with any handlers (eg, if sync
+// is yet to start up.)  This might cause "A promise chain failed to
+// handle a rejection" messages, so add an error handler directly
+// on the promise to log the error.
+currentState.whenVerifiedDeferred.promise.then(null, err => {
+log.info("the wait for user verification was stopped: " + err);
+});
+}
+}
+this.checkEmailStatus(sessionToken)
+.then((response) => {
+log.debug("checkEmailStatus -> " + JSON.stringify(response));
+if (response && response.verified) {
+// Bug 947056 - Server should be able to tell FxAccounts.jsm to back
+// off or stop polling altogether
+currentState.getUserAccountData()
+.then((data) => {
+data.verified = true;
+return currentState.setUserAccountData(data);
+})
+.then((data) => {
+// Now that the user is verified, we can proceed to fetch keys
+if (currentState.whenVerifiedDeferred) {
+currentState.whenVerifiedDeferred.resolve(data);
+delete currentState.whenVerifiedDeferred;
+}
+});
+} else {
+log.debug("polling with step = " + this.POLL_STEP);
+this.pollTimeRemaining -= this.POLL_STEP;
+log.debug("time remaining: " + this.pollTimeRemaining);
+if (this.pollTimeRemaining > 0) {
+this.currentTimer = setTimeout(() => {
+this.pollEmailStatus(currentState, sessionToken, "timer")}, this.POLL_STEP);
+log.debug("started timer " + this.currentTimer);
+} else {
+if (currentState.whenVerifiedDeferred) {
+currentState.whenVerifiedDeferred.reject(
+new Error("User email verification timed out.")
+);
+delete currentState.whenVerifiedDeferred;
+}
+}
+}
+});
+},
+// Return the URI of the remote UI flows.
+getAccountsSignUpURI: function() {
+let url = Services.urlFormatter.formatURLPref("identity.fxaccounts.remote.signup.uri");
+if (!/^https:/.test(url)) { // Comment to un-break emacs js-mode highlighting
+throw new Error("Firefox Accounts server must use HTTPS");
+}
+return url;
+},
+// Return the URI of the remote UI flows.
+getAccountsSignInURI: function() {
+let url = Services.urlFormatter.formatURLPref("identity.fxaccounts.remote.signin.uri");
+if (!/^https:/.test(url)) { // Comment to un-break emacs js-mode highlighting
+throw new Error("Firefox Accounts server must use HTTPS");
+}
+return url;
+},
+// Returns a promise that resolves with the URL to use to force a re-signin
+// of the current account.
+promiseAccountsForceSigninURI: function() {
+let url = Services.urlFormatter.formatURLPref("identity.fxaccounts.remote.force_auth.uri");
+if (!/^https:/.test(url)) { // Comment to un-break emacs js-mode highlighting
+throw new Error("Firefox Accounts server must use HTTPS");
+}
+let currentState = this.currentAccountState;
+// but we need to append the email address onto a query string.
+return this.getSignedInUser().then(accountData => {
+if (!accountData) {
+return null;
+}
+let newQueryPortion = url.indexOf("?") == -1 ? "?" : "&";
+newQueryPortion += "email=" + encodeURIComponent(accountData.email);
+return url + newQueryPortion;
+}).then(result => currentState.resolve(result));
+}
+};
+/**
+* JSONStorage constructor that creates instances that may set/get
+* to a specified file, in a directory that will be created if it
+* doesn't exist.
+*
+* @param options {
+*                  filename: of the file to write to
+*                  baseDir: directory where the file resides
+*                }
+* @return instance
+*/
+function JSONStorage(options) {
+this.baseDir = options.baseDir;
+this.path = OS.Path.join(options.baseDir, options.filename);
+};
+JSONStorage.prototype = {
+set: function(contents) {
+return OS.File.makeDir(this.baseDir, {ignoreExisting: true})
+.then(CommonUtils.writeJSON.bind(null, contents, this.path));
+},
+get: function() {
+return CommonUtils.readJSON(this.path);
+}
+};
+// A getter for the instance to export
+XPCOMUtils.defineLazyGetter(this, "fxAccounts", function() {
+let a = new FxAccounts();
+// XXX Bug 947061 - We need a strategy for resuming email verification after
+// browser restart
+a.loadAndPoll();
+return a;
+});

The Tor Browser / file comparison

comparison: services/fxaccounts/FxAccounts.jsm

services/fxaccounts/FxAccounts.jsm