diff -r 000000000000 -r 6474c204b198 browser/base/content/aboutaccounts/aboutaccounts.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/browser/base/content/aboutaccounts/aboutaccounts.js Wed Dec 31 06:09:35 2014 +0100 @@ -0,0 +1,371 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +const {classes: Cc, interfaces: Ci, utils: Cu} = Components; + +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/FxAccounts.jsm"); + +let fxAccountsCommon = {}; +Cu.import("resource://gre/modules/FxAccountsCommon.js", fxAccountsCommon); + +const PREF_LAST_FXA_USER = "identity.fxaccounts.lastSignedInUserHash"; +const PREF_SYNC_SHOW_CUSTOMIZATION = "services.sync.ui.showCustomizationDialog"; + +const OBSERVER_TOPICS = [ + fxAccountsCommon.ONVERIFIED_NOTIFICATION, + fxAccountsCommon.ONLOGOUT_NOTIFICATION, +]; + +function log(msg) { + //dump("FXA: " + msg + "\n"); +}; + +function error(msg) { + console.log("Firefox Account Error: " + msg + "\n"); +}; + +function getPreviousAccountNameHash() { + try { + return Services.prefs.getComplexValue(PREF_LAST_FXA_USER, Ci.nsISupportsString).data; + } catch (_) { + return ""; + } +} + +function setPreviousAccountNameHash(acctName) { + let string = Cc["@mozilla.org/supports-string;1"] + .createInstance(Ci.nsISupportsString); + string.data = sha256(acctName); + Services.prefs.setComplexValue(PREF_LAST_FXA_USER, Ci.nsISupportsString, string); +} + +function needRelinkWarning(acctName) { + let prevAcctHash = getPreviousAccountNameHash(); + return prevAcctHash && prevAcctHash != sha256(acctName); +} + +// Given a string, returns the SHA265 hash in base64 +function sha256(str) { + let converter = Cc["@mozilla.org/intl/scriptableunicodeconverter"] + .createInstance(Ci.nsIScriptableUnicodeConverter); + converter.charset = "UTF-8"; + // Data is an array of bytes. + let data = converter.convertToByteArray(str, {}); + let hasher = Cc["@mozilla.org/security/hash;1"] + .createInstance(Ci.nsICryptoHash); + hasher.init(hasher.SHA256); + hasher.update(data, data.length); + + return hasher.finish(true); +} + +function promptForRelink(acctName) { + let sb = Services.strings.createBundle("chrome://browser/locale/syncSetup.properties"); + let continueLabel = sb.GetStringFromName("continue.label"); + let title = sb.GetStringFromName("relinkVerify.title"); + let description = sb.formatStringFromName("relinkVerify.description", + [acctName], 1); + let body = sb.GetStringFromName("relinkVerify.heading") + + "\n\n" + description; + let ps = Services.prompt; + let buttonFlags = (ps.BUTTON_POS_0 * ps.BUTTON_TITLE_IS_STRING) + + (ps.BUTTON_POS_1 * ps.BUTTON_TITLE_CANCEL) + + ps.BUTTON_POS_1_DEFAULT; + let pressed = Services.prompt.confirmEx(window, title, body, buttonFlags, + continueLabel, null, null, null, + {}); + return pressed == 0; // 0 is the "continue" button +} + +// If the last fxa account used for sync isn't this account, we display +// a modal dialog checking they really really want to do this... +// (This is sync-specific, so ideally would be in sync's identity module, +// but it's a little more seamless to do here, and sync is currently the +// only fxa consumer, so... +function shouldAllowRelink(acctName) { + return !needRelinkWarning(acctName) || promptForRelink(acctName); +} + +let wrapper = { + iframe: null, + + init: function (url=null) { + let weave = Cc["@mozilla.org/weave/service;1"] + .getService(Ci.nsISupports) + .wrappedJSObject; + + // Don't show about:accounts with FxA disabled. + if (!weave.fxAccountsEnabled) { + document.body.remove(); + return; + } + + let iframe = document.getElementById("remote"); + this.iframe = iframe; + iframe.addEventListener("load", this); + + try { + iframe.src = url || fxAccounts.getAccountsSignUpURI(); + } catch (e) { + error("Couldn't init Firefox Account wrapper: " + e.message); + } + }, + + handleEvent: function (evt) { + switch (evt.type) { + case "load": + this.iframe.contentWindow.addEventListener("FirefoxAccountsCommand", this); + this.iframe.removeEventListener("load", this); + break; + case "FirefoxAccountsCommand": + this.handleRemoteCommand(evt); + break; + } + }, + + /** + * onLogin handler receives user credentials from the jelly after a + * sucessful login and stores it in the fxaccounts service + * + * @param accountData the user's account data and credentials + */ + onLogin: function (accountData) { + log("Received: 'login'. Data:" + JSON.stringify(accountData)); + + if (accountData.customizeSync) { + Services.prefs.setBoolPref(PREF_SYNC_SHOW_CUSTOMIZATION, true); + delete accountData.customizeSync; + } + + // We need to confirm a relink - see shouldAllowRelink for more + let newAccountEmail = accountData.email; + // The hosted code may have already checked for the relink situation + // by sending the can_link_account command. If it did, then + // it will indicate we don't need to ask twice. + if (!accountData.verifiedCanLinkAccount && !shouldAllowRelink(newAccountEmail)) { + // we need to tell the page we successfully received the message, but + // then bail without telling fxAccounts + this.injectData("message", { status: "login" }); + // and re-init the page by navigating to about:accounts + window.location = "about:accounts"; + return; + } + delete accountData.verifiedCanLinkAccount; + + // Remember who it was so we can log out next time. + setPreviousAccountNameHash(newAccountEmail); + + // A sync-specific hack - we want to ensure sync has been initialized + // before we set the signed-in user. + let xps = Cc["@mozilla.org/weave/service;1"] + .getService(Ci.nsISupports) + .wrappedJSObject; + xps.whenLoaded().then(() => { + return fxAccounts.setSignedInUser(accountData); + }).then(() => { + // If the user data is verified, we want it to immediately look like + // they are signed in without waiting for messages to bounce around. + if (accountData.verified) { + showManage(); + } + this.injectData("message", { status: "login" }); + // until we sort out a better UX, just leave the jelly page in place. + // If the account email is not yet verified, it will tell the user to + // go check their email, but then it will *not* change state after + // the verification completes (the browser will begin syncing, but + // won't notify the user). If the email has already been verified, + // the jelly will say "Welcome! You are successfully signed in as + // EMAIL", but it won't then say "syncing started". + }, (err) => this.injectData("message", { status: "error", error: err }) + ); + }, + + onCanLinkAccount: function(accountData) { + // We need to confirm a relink - see shouldAllowRelink for more + let ok = shouldAllowRelink(accountData.email); + this.injectData("message", { status: "can_link_account", data: { ok: ok } }); + }, + + /** + * onSessionStatus sends the currently signed in user's credentials + * to the jelly. + */ + onSessionStatus: function () { + log("Received: 'session_status'."); + + fxAccounts.getSignedInUser().then( + (accountData) => this.injectData("message", { status: "session_status", data: accountData }), + (err) => this.injectData("message", { status: "error", error: err }) + ); + }, + + /** + * onSignOut handler erases the current user's session from the fxaccounts service + */ + onSignOut: function () { + log("Received: 'sign_out'."); + + fxAccounts.signOut().then( + () => this.injectData("message", { status: "sign_out" }), + (err) => this.injectData("message", { status: "error", error: err }) + ); + }, + + handleRemoteCommand: function (evt) { + log('command: ' + evt.detail.command); + let data = evt.detail.data; + + switch (evt.detail.command) { + case "login": + this.onLogin(data); + break; + case "can_link_account": + this.onCanLinkAccount(data); + break; + case "session_status": + this.onSessionStatus(data); + break; + case "sign_out": + this.onSignOut(data); + break; + default: + log("Unexpected remote command received: " + evt.detail.command + ". Ignoring command."); + break; + } + }, + + injectData: function (type, content) { + let authUrl; + try { + authUrl = fxAccounts.getAccountsSignUpURI(); + } catch (e) { + error("Couldn't inject data: " + e.message); + return; + } + let data = { + type: type, + content: content + }; + this.iframe.contentWindow.postMessage(data, authUrl); + }, +}; + + +// Button onclick handlers +function handleOldSync() { + let chromeWin = window + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShellTreeItem) + .rootTreeItem + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIDOMWindow) + .QueryInterface(Ci.nsIDOMChromeWindow); + let url = Services.urlFormatter.formatURLPref("app.support.baseURL") + "old-sync"; + chromeWin.switchToTabHavingURI(url, true); +} + +function getStarted() { + hide("intro"); + hide("stage"); + show("remote"); +} + +function openPrefs() { + window.openPreferences("paneSync"); +} + +function init() { + fxAccounts.getSignedInUser().then(user => { + // tests in particular might cause the window to start closing before + // getSignedInUser has returned. + if (window.closed) { + return; + } + if (window.location.href.contains("action=signin")) { + if (user) { + // asking to sign-in when already signed in just shows manage. + showManage(); + } else { + show("remote"); + wrapper.init(fxAccounts.getAccountsSignInURI()); + } + } else if (window.location.href.contains("action=signup")) { + if (user) { + // asking to sign-up when already signed in just shows manage. + showManage(); + } else { + show("remote"); + wrapper.init(); + } + } else if (window.location.href.contains("action=reauth")) { + // ideally we would only show this when we know the user is in a + // "must reauthenticate" state - but we don't. + // As the email address will be included in the URL returned from + // promiseAccountsForceSigninURI, just always show it. + fxAccounts.promiseAccountsForceSigninURI().then(url => { + show("remote"); + wrapper.init(url); + }); + } else { + // No action specified + if (user) { + showManage(); + let sb = Services.strings.createBundle("chrome://browser/locale/syncSetup.properties"); + document.title = sb.GetStringFromName("manage.pageTitle"); + } else { + show("stage"); + show("intro"); + // load the remote frame in the background + wrapper.init(); + } + } + }); +} + +function show(id) { + document.getElementById(id).style.display = 'block'; +} +function hide(id) { + document.getElementById(id).style.display = 'none'; +} + +function showManage() { + show("stage"); + show("manage"); + hide("remote"); + hide("intro"); +} + +document.addEventListener("DOMContentLoaded", function onload() { + document.removeEventListener("DOMContentLoaded", onload, true); + init(); +}, true); + +function initObservers() { + function observe(subject, topic, data) { + log("about:accounts observed " + topic); + if (topic == fxAccountsCommon.ONLOGOUT_NOTIFICATION) { + // All about:account windows get changed to action=signin on logout. + window.location = "about:accounts?action=signin"; + return; + } + // must be onverified - just about:accounts is loaded. + window.location = "about:accounts"; + } + + for (let topic of OBSERVER_TOPICS) { + Services.obs.addObserver(observe, topic, false); + } + window.addEventListener("unload", function(event) { + log("about:accounts unloading") + for (let topic of OBSERVER_TOPICS) { + Services.obs.removeObserver(observe, topic); + } + }); +} +initObservers();