[PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed (#6003)
* [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed * [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed * [PM-2907] Shopify Passkey Broken on Firefox When Extension is Installed
This commit is contained in:
Cesar Gonzalez
GitHub
parent
abe16005f6
commit
93676824c2
|
|
@ -52,7 +52,11 @@ export default class RuntimeBackground {
|
|||
sender: chrome.runtime.MessageSender,
|
||||
sendResponse: any
|
||||
) => {
|
||||
const messagesWithResponse = ["fido2RegisterCredentialRequest", "fido2GetCredentialRequest"];
|
||||
const messagesWithResponse = [
|
||||
"checkFido2FeatureEnabled",
|
||||
"fido2RegisterCredentialRequest",
|
||||
"fido2GetCredentialRequest",
|
||||
];
|
||||
|
||||
if (messagesWithResponse.includes(msg.command)) {
|
||||
this.processMessage(msg, sender).then(
|
||||
|
|
@ -233,6 +237,8 @@ export default class RuntimeBackground {
|
|||
case "fido2AbortRequest":
|
||||
this.abortControllers.get(msg.abortedRequestId)?.abort();
|
||||
break;
|
||||
case "checkFido2FeatureEnabled":
|
||||
return await this.main.fido2ClientService.isFido2FeatureEnabled();
|
||||
case "fido2RegisterCredentialRequest":
|
||||
return await this.main.fido2ClientService
|
||||
.createCredential(msg.data, this.createAbortController(msg.requestId))
|
||||
|
|
|
|||
|
|
@ -1,65 +1,80 @@
|
|||
import { Message, MessageType } from "./messaging/message";
|
||||
import { Messenger } from "./messaging/messenger";
|
||||
|
||||
const s = document.createElement("script");
|
||||
s.src = chrome.runtime.getURL("content/fido2/page-script.js");
|
||||
(document.head || document.documentElement).appendChild(s);
|
||||
function checkFido2FeatureEnabled() {
|
||||
chrome.runtime.sendMessage(
|
||||
{ command: "checkFido2FeatureEnabled" },
|
||||
(response: { result?: boolean }) => initializeFido2ContentScript(response.result)
|
||||
);
|
||||
}
|
||||
|
||||
const messenger = Messenger.forDOMCommunication(window);
|
||||
|
||||
messenger.handler = async (message, abortController) => {
|
||||
const abortHandler = () =>
|
||||
chrome.runtime.sendMessage({
|
||||
command: "fido2AbortRequest",
|
||||
abortedRequestId: message.metadata.requestId,
|
||||
});
|
||||
abortController.signal.addEventListener("abort", abortHandler);
|
||||
|
||||
if (message.type === MessageType.CredentialCreationRequest) {
|
||||
return new Promise((resolve, reject) => {
|
||||
chrome.runtime.sendMessage(
|
||||
{
|
||||
command: "fido2RegisterCredentialRequest",
|
||||
data: message.data,
|
||||
requestId: message.metadata.requestId,
|
||||
},
|
||||
(response) => {
|
||||
if (response.error !== undefined) {
|
||||
return reject(response.error);
|
||||
}
|
||||
|
||||
resolve({
|
||||
type: MessageType.CredentialCreationResponse,
|
||||
result: response.result,
|
||||
});
|
||||
}
|
||||
);
|
||||
});
|
||||
function initializeFido2ContentScript(isFido2FeatureEnabled: boolean) {
|
||||
if (isFido2FeatureEnabled !== true) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (message.type === MessageType.CredentialGetRequest) {
|
||||
return new Promise((resolve, reject) => {
|
||||
chrome.runtime.sendMessage(
|
||||
{
|
||||
command: "fido2GetCredentialRequest",
|
||||
data: message.data,
|
||||
requestId: message.metadata.requestId,
|
||||
},
|
||||
(response) => {
|
||||
if (response.error !== undefined) {
|
||||
return reject(response.error);
|
||||
const s = document.createElement("script");
|
||||
s.src = chrome.runtime.getURL("content/fido2/page-script.js");
|
||||
(document.head || document.documentElement).appendChild(s);
|
||||
|
||||
const messenger = Messenger.forDOMCommunication(window);
|
||||
|
||||
messenger.handler = async (message, abortController) => {
|
||||
const abortHandler = () =>
|
||||
chrome.runtime.sendMessage({
|
||||
command: "fido2AbortRequest",
|
||||
abortedRequestId: message.metadata.requestId,
|
||||
});
|
||||
abortController.signal.addEventListener("abort", abortHandler);
|
||||
|
||||
if (message.type === MessageType.CredentialCreationRequest) {
|
||||
return new Promise((resolve, reject) => {
|
||||
chrome.runtime.sendMessage(
|
||||
{
|
||||
command: "fido2RegisterCredentialRequest",
|
||||
data: message.data,
|
||||
requestId: message.metadata.requestId,
|
||||
},
|
||||
(response) => {
|
||||
if (response.error !== undefined) {
|
||||
return reject(response.error);
|
||||
}
|
||||
|
||||
resolve({
|
||||
type: MessageType.CredentialCreationResponse,
|
||||
result: response.result,
|
||||
});
|
||||
}
|
||||
);
|
||||
});
|
||||
}
|
||||
|
||||
resolve({
|
||||
type: MessageType.CredentialGetResponse,
|
||||
result: response.result,
|
||||
});
|
||||
}
|
||||
);
|
||||
}).finally(() =>
|
||||
abortController.signal.removeEventListener("abort", abortHandler)
|
||||
) as Promise<Message>;
|
||||
}
|
||||
if (message.type === MessageType.CredentialGetRequest) {
|
||||
return new Promise((resolve, reject) => {
|
||||
chrome.runtime.sendMessage(
|
||||
{
|
||||
command: "fido2GetCredentialRequest",
|
||||
data: message.data,
|
||||
requestId: message.metadata.requestId,
|
||||
},
|
||||
(response) => {
|
||||
if (response.error !== undefined) {
|
||||
return reject(response.error);
|
||||
}
|
||||
|
||||
return undefined;
|
||||
};
|
||||
resolve({
|
||||
type: MessageType.CredentialGetResponse,
|
||||
result: response.result,
|
||||
});
|
||||
}
|
||||
);
|
||||
}).finally(() =>
|
||||
abortController.signal.removeEventListener("abort", abortHandler)
|
||||
) as Promise<Message>;
|
||||
}
|
||||
|
||||
return undefined;
|
||||
};
|
||||
}
|
||||
|
||||
checkFido2FeatureEnabled();
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@ export abstract class Fido2ClientService {
|
|||
params: AssertCredentialParams,
|
||||
abortController?: AbortController
|
||||
) => Promise<AssertCredentialResult>;
|
||||
isFido2FeatureEnabled: () => Promise<boolean>;
|
||||
}
|
||||
|
||||
export interface CreateCredentialParams {
|
||||
|
|
|
|||
|
|
@ -34,13 +34,15 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
|
|||
private logService?: LogService
|
||||
) {}
|
||||
|
||||
async isFido2FeatureEnabled(): Promise<boolean> {
|
||||
return await this.configService.getFeatureFlagBool(FeatureFlag.Fido2VaultCredentials);
|
||||
}
|
||||
|
||||
async createCredential(
|
||||
params: CreateCredentialParams,
|
||||
abortController = new AbortController()
|
||||
): Promise<CreateCredentialResult> {
|
||||
const enableFido2VaultCredentials = await this.configService.getFeatureFlagBool(
|
||||
FeatureFlag.Fido2VaultCredentials
|
||||
);
|
||||
const enableFido2VaultCredentials = await this.isFido2FeatureEnabled();
|
||||
|
||||
if (!enableFido2VaultCredentials) {
|
||||
this.logService?.warning(`[Fido2Client] Fido2VaultCredential is not enabled`);
|
||||
|
|
@ -191,9 +193,7 @@ export class Fido2ClientService implements Fido2ClientServiceAbstraction {
|
|||
params: AssertCredentialParams,
|
||||
abortController = new AbortController()
|
||||
): Promise<AssertCredentialResult> {
|
||||
const enableFido2VaultCredentials = await this.configService.getFeatureFlagBool(
|
||||
FeatureFlag.Fido2VaultCredentials
|
||||
);
|
||||
const enableFido2VaultCredentials = await this.isFido2FeatureEnabled();
|
||||
|
||||
if (!enableFido2VaultCredentials) {
|
||||
this.logService?.warning(`[Fido2Client] Fido2VaultCredential is not enabled`);
|
||||
|
|
|
|||
Loading…
Reference in New Issue