Bug 1421616 - Have one WebAuthnManager instance per CredentialsContai…

…ner r=jcj Summary: We currently have a single WebAuthnManager instance per process that's shared between all CredentialContainers. That way the nsPIDOMWindowInner parent has to be tracked by the transaction, as multiple containers could kick off requests simultaneously. This patch lets us we have one WebAuthnManager instance per each CredentialsContainer and thus each nsPIDOMWindowInner. This matches the current U2F implementation where there is one instance per parent window too. This somewhat simplifies the communication diagram (at least in my head), as each U2F/WebAuthnManager instance also has their own TransactionChild/Parent pair for IPC protocol communication. The manager and child/parent pair are destroyed when the window is. Reviewers: jcj Reviewed By: jcj Bug #: 1421616 Differential Revision: https://phabricator.services.mozilla.com/D305
dothq · Dec 5, 2017 · a0935f0 · a0935f0
1 parent f1c4d1f
commit a0935f0
Show file tree

Hide file tree

Showing 21 changed files with 247 additions and 397 deletions.
diff --git a/dom/credentialmanagement/CredentialsContainer.cpp b/dom/credentialmanagement/CredentialsContainer.cpp
@@ -6,12 +6,11 @@
 
 #include "mozilla/dom/CredentialsContainer.h"
 #include "mozilla/dom/Promise.h"
-#include "mozilla/dom/WebAuthnManager.h"
 
 namespace mozilla {
 namespace dom {
 
-NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(CredentialsContainer, mParent)
+NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(CredentialsContainer, mParent, mManager)
 NS_IMPL_CYCLE_COLLECTING_ADDREF(CredentialsContainer)
 NS_IMPL_CYCLE_COLLECTING_RELEASE(CredentialsContainer)
 NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(CredentialsContainer)
@@ -28,6 +27,16 @@ CredentialsContainer::CredentialsContainer(nsPIDOMWindowInner* aParent) :
 CredentialsContainer::~CredentialsContainer()
 {}
 
+void
+CredentialsContainer::EnsureWebAuthnManager()
+{
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!mManager) {
+    mManager = new WebAuthnManager(mParent);
+  }
+}
+
 JSObject*
 CredentialsContainer::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
 {
@@ -37,22 +46,22 @@ CredentialsContainer::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenPro
 already_AddRefed<Promise>
 CredentialsContainer::Get(const CredentialRequestOptions& aOptions)
 {
-  RefPtr<WebAuthnManager> mgr = WebAuthnManager::GetOrCreate();
-  return mgr->GetAssertion(mParent, aOptions.mPublicKey, aOptions.mSignal);
+  EnsureWebAuthnManager();
+  return mManager->GetAssertion(aOptions.mPublicKey, aOptions.mSignal);
 }
 
 already_AddRefed<Promise>
 CredentialsContainer::Create(const CredentialCreationOptions& aOptions)
 {
-  RefPtr<WebAuthnManager> mgr = WebAuthnManager::GetOrCreate();
-  return mgr->MakeCredential(mParent, aOptions.mPublicKey, aOptions.mSignal);
+  EnsureWebAuthnManager();
+  return mManager->MakeCredential(aOptions.mPublicKey, aOptions.mSignal);
 }
 
 already_AddRefed<Promise>
 CredentialsContainer::Store(const Credential& aCredential)
 {
-  RefPtr<WebAuthnManager> mgr = WebAuthnManager::GetOrCreate();
-  return mgr->Store(mParent, aCredential);
+  EnsureWebAuthnManager();
+  return mManager->Store(aCredential);
 }
 
 } // namespace dom

diff --git a/dom/credentialmanagement/CredentialsContainer.h b/dom/credentialmanagement/CredentialsContainer.h
@@ -8,6 +8,7 @@
 #define mozilla_dom_CredentialsContainer_h
 
 #include "mozilla/dom/CredentialManagementBinding.h"
+#include "mozilla/dom/WebAuthnManager.h"
 
 namespace mozilla {
 namespace dom {
@@ -32,15 +33,20 @@ class CredentialsContainer final : public nsISupports
 
   already_AddRefed<Promise>
   Get(const CredentialRequestOptions& aOptions);
+
   already_AddRefed<Promise>
   Create(const CredentialCreationOptions& aOptions);
+
   already_AddRefed<Promise>
   Store(const Credential& aCredential);
 
 private:
   ~CredentialsContainer();
 
+  void EnsureWebAuthnManager();
+
   nsCOMPtr<nsPIDOMWindowInner> mParent;
+  RefPtr<WebAuthnManager> mManager;
 };
 
 } // namespace dom

diff --git a/dom/u2f/U2F.cpp b/dom/u2f/U2F.cpp
@@ -9,13 +9,13 @@
 #include "mozilla/dom/WebCryptoCommon.h"
 #include "mozilla/ipc/PBackgroundChild.h"
 #include "mozilla/ipc/BackgroundChild.h"
+#include "mozilla/dom/WebAuthnTransactionChild.h"
 #include "nsContentUtils.h"
 #include "nsICryptoHash.h"
 #include "nsIEffectiveTLDService.h"
 #include "nsNetCID.h"
 #include "nsNetUtil.h"
 #include "nsURLParsers.h"
-#include "U2FTransactionChild.h"
 #include "U2FUtil.h"
 #include "hasht.h"
 
@@ -293,9 +293,9 @@ U2F::~U2F()
   }
 
   if (mChild) {
-    RefPtr<U2FTransactionChild> c;
+    RefPtr<WebAuthnTransactionChild> c;
     mChild.swap(c);
-    c->Send__delete__(c);
+    c->Disconnect();
   }
 
   mRegisterCallback.reset();
@@ -437,8 +437,8 @@ U2F::Register(const nsAString& aAppId,
 }
 
 void
-U2F::FinishRegister(const uint64_t& aTransactionId,
-                    nsTArray<uint8_t>& aRegBuffer)
+U2F::FinishMakeCredential(const uint64_t& aTransactionId,
+                          nsTArray<uint8_t>& aRegBuffer)
 {
   MOZ_ASSERT(NS_IsMainThread());
 
@@ -566,9 +566,9 @@ U2F::Sign(const nsAString& aAppId,
 }
 
 void
-U2F::FinishSign(const uint64_t& aTransactionId,
-                nsTArray<uint8_t>& aCredentialId,
-                nsTArray<uint8_t>& aSigBuffer)
+U2F::FinishGetAssertion(const uint64_t& aTransactionId,
+                        nsTArray<uint8_t>& aCredentialId,
+                        nsTArray<uint8_t>& aSigBuffer)
 {
   MOZ_ASSERT(NS_IsMainThread());
 
@@ -749,7 +749,7 @@ U2F::MaybeCreateBackgroundActor()
     return false;
   }
 
-  RefPtr<U2FTransactionChild> mgr(new U2FTransactionChild(this));
+  RefPtr<WebAuthnTransactionChild> mgr(new WebAuthnTransactionChild(this));
   PWebAuthnTransactionChild* constructedMgr =
     actorChild->SendPWebAuthnTransactionConstructor(mgr);
 

diff --git a/dom/u2f/U2F.h b/dom/u2f/U2F.h
@@ -12,6 +12,7 @@
 #include "mozilla/dom/BindingDeclarations.h"
 #include "mozilla/dom/Nullable.h"
 #include "mozilla/dom/U2FBinding.h"
+#include "mozilla/dom/WebAuthnManagerBase.h"
 #include "mozilla/ErrorResult.h"
 #include "mozilla/MozPromise.h"
 #include "nsProxyRelease.h"
@@ -24,7 +25,7 @@ class nsISerialEventTarget;
 namespace mozilla {
 namespace dom {
 
-class U2FTransactionChild;
+class WebAuthnTransactionChild;
 class U2FRegisterCallback;
 class U2FSignCallback;
 
@@ -59,6 +60,7 @@ class U2FTransaction
 };
 
 class U2F final : public nsIDOMEventListener
+                , public WebAuthnManagerBase
                 , public nsWrapperCache
 {
 public:
@@ -97,18 +99,22 @@ class U2F final : public nsIDOMEventListener
        const Optional<Nullable<int32_t>>& opt_aTimeoutSeconds,
        ErrorResult& aRv);
 
+  // WebAuthnManagerBase
+
   void
-  FinishRegister(const uint64_t& aTransactionId, nsTArray<uint8_t>& aRegBuffer);
+  FinishMakeCredential(const uint64_t& aTransactionId,
+                       nsTArray<uint8_t>& aRegBuffer) override;
 
   void
-  FinishSign(const uint64_t& aTransactionId,
-             nsTArray<uint8_t>& aCredentialId,
-             nsTArray<uint8_t>& aSigBuffer);
+  FinishGetAssertion(const uint64_t& aTransactionId,
+                     nsTArray<uint8_t>& aCredentialId,
+                     nsTArray<uint8_t>& aSigBuffer) override;
 
   void
-  RequestAborted(const uint64_t& aTransactionId, const nsresult& aError);
+  RequestAborted(const uint64_t& aTransactionId,
+                 const nsresult& aError) override;
 
-  void ActorDestroyed();
+  void ActorDestroyed() override;
 
 private:
   ~U2F();
@@ -135,7 +141,7 @@ class U2F final : public nsIDOMEventListener
   Maybe<nsMainThreadPtrHandle<U2FSignCallback>> mSignCallback;
 
   // IPC Channel to the parent process.
-  RefPtr<U2FTransactionChild> mChild;
+  RefPtr<WebAuthnTransactionChild> mChild;
 
   // The current transaction, if any.
   Maybe<U2FTransaction> mTransaction;

diff --git a/dom/u2f/U2FTransactionChild.cpp b/dom/u2f/U2FTransactionChild.cpp
diff --git a/dom/u2f/U2FTransactionChild.h b/dom/u2f/U2FTransactionChild.h
diff --git a/dom/u2f/U2FTransactionParent.cpp b/dom/u2f/U2FTransactionParent.cpp